By Soulskill from Slashdot's shorter-weekend department
writes: Gordon Lyon (better known as Fyodor, author of nmap and maintainer of the internet security resource sites insecure.org, nmap.org, seclists.org, and sectools.org) warns on the nmap development mailing list that he does not control the SourceForge nmap project.
According to him the old Nmap project page (located at http://sourceforge.net/projects/nmap/, screenshot) was changed to a blank page and its contents were moved to a new page (http://sourceforge.net/projects/nmap.mirror/, screenshot) which is controlled by sf-editor1 and sf-editor3, in a pattern mirroring the much discussed takeover of the GIMP-Win page discussed last week on Ars Technica, IT World and eventually this week on Slashdot.
On Monday, Sourceforge promised to stop "presenting third party offers for unmaintained SourceForge projects," and to their credit Fyodor states, "So far they seem to be providing just the official Nmap files," but reiterates "that you should only download Nmap from our official SSL Nmap site: https://nmap.org/download.html."
< article continued at Slashdot
>Read Replies (0)
By Soulskill from Slashdot's not-unlike-every-other-corporate-report department
writes: Among the books recommended by Bill Gates for beach reading this summer is How to Lie With Statistics, the published-in-1954-but-timely-as-ever introduction to the (mis)use of statistics. So, how can one lie with statistics? "Sometimes it is percentages that are given and raw figures that are missing," explains the book, "and this can be deceptive too." So, does this explain Google's just-released Diversity Report and the accompanying chock-full-o-percentages narrative (find-all-%-image), which boasts "the Black community in grew [sic] by 38 percent", while the less-impressive raw figures — e.g., the number of Google employees increased by 5,928, but the ranks of Black females only increased by 35 (less than 0.6% of the net increase) — are relegated to a PDF of its EEO-1 Report that's linked to in the fine-print footnotes? To be fair to Google, Microsoft, Twitter, Apple and Amazon didn't want people to see their EEO-1 numbers, either.Read Replies (0)
By Soulskill from Slashdot's norton-antivirus-from-1991 department
An anonymous reader writes: For an ex-academic security company still in the seeding round, startup Abatis has a small but interesting roster of clients, including Lockheed Martin, the Swiss military, the United Nations and customers in the civil nuclear and air traffic control sectors. The company's product, a kernel driver compatible with Windows, Linux and Unix, occupies just 100kb with no dependencies, and reportedly achieves a 100% effectiveness rate against intruders by preventing unauthorized I/O activity. The CEO of Abatis claims, "We can stop zero day malware — the known unknowns and the unknown unknowns." The software requires no use of signature files, white-listing, heuristics or sandboxing, with a separate report from Lockheed Martin confirming very significant potential for energy savings — up to £125,000 per year in a data center with 10,000 servers.Read Replies (0)
By Soulskill from Slashdot's my-god,-it's-full-of-flaws department
Home and small-office routers have become a hotbed for security research lately, with vulnerabilities and poor security practices becoming the rule, rather than the exception. A new security audit by researchers from Universidad Europea de Madrid only adds to that list, finding 60 distinct flaws in 22 different device models
. They posted details of their research
on the Full Disclosure mailing list, and the affected brands include D-Link, Belkin, Linksys, Huawei, and others. Many of the models they examined had been distributed to internet customers across Spain by their ISPs. About half of the flaws involve Cross Site Scripting and Cross Site Request Forgery capabilities, though there is at least one backdoor with a hard-coded password. Several routers allow external attackers to delete files on USB storage devices, and others facilitate DDoS attacks.Read Replies (0)
By Soulskill from Slashdot's still-waiting-on-my-isolinear-chips department
writes: Nantero, the company that invented carbon nanotube-based non-volatile memory in 2001 and has been developing it since, has announced that seven chip fabrication plants are now manufacturing its Nano-RAM (NRAM) wafers and test chips. The company also announced aerospace giant Lockheed Martin and Schlumberger Ltd., the world's largest gas and oil exploration and drilling company, as customers seeking to use its chip technology. The memory, which can withstand 300 degrees Celsius temperatures for years without losing data, is natively thousands of times faster than NAND flash and has virtually infinite read/write resilience. Nantero plans on creating gum sticks SSDs using DDR4 interfaces. NRAM has the potential to create memory that is vastly more dense that NAND flash, as its transistors can shrink to below 5 nanometers in size, three times more dense than today's densest NAND flash. At the same time, NRAM is up against a robust field of new memory technologies that are expected to challenge NAND flash in speed, endurance and capacity, such as Phase-Change Memory and Ferroelectric RAM (FRAM).Read Replies (0)
By Roblimo from Slashdot's parting-with-a-cable-company-is-such-sweet-sorrow department
On May 29, Steven J. Vaughan Nichols
(known far and wide as SJVN) wrote an article for ZDNet headlined, Now more than ever, the Internet belongs to cord-cutters
. A few days before that, he wrote another one headlined, Mary Meeker's Internet report: User growth slowing, but disruption full speed ahead
. And last December he wrote one titled, Reports show it's becoming a cord cutter's world
. SJVN obviously sees a trend here. So do a lot of other people, including cable TV and local TV executives who are biting their nails and asking themselves, "Whatever shall
we do?" So far, says SJVN, the answers they've come up with are not encouraging.NOTE from Roblimo: We're trying something different with this video, namely keeping it down to about 4 minutes but running a text transcript that covers our 20+ minute conversation with SJVN. Is this is a good idea? Please let us know.Read Replies (0)