Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Submission + - Researchers Bypass ASLR Protection on Intel Haswell CPUs (softpedia.com)

An anonymous reader writes: A team of scientists from two US universities has devised a method of bypassing ASLR (Address Space Layout Randomization) protection by taking advantage of the BTB (Branch Target Buffer), a component included in many modern CPU architectures.

The researchers discovered that by blasting the BTB with random data, they could run a successful collision attack that reveals the memory locations where apps execute code in the computer's memory, the very thing that ASLR protection was meant to hide.

While during their tests they used a Linux PC with a Intel Haswell CPU, researchers said the attack can be ported to other CPU architectures and operating systems where ASLR is deployed, such as Android, iOS, macOS, and Windows.

From start to finish, the collision attack only takes 60 milliseconds, meaning it can be embedded with malware or any other digital forensics tool and run without needing hours of intense CPU processing.

Submission + - Stanford professor releases VR software intended to change real-world behavior (ieee.org)

Tekla Perry writes: Stanford's Jeremy Bailenson and his Virtual Human Interaction Lab have for more than a decade been testing whether experiences virtual reality can change real world behavior. Now they are using their knowledge--and expertise at developing VR software--in what they hope will be a large-scale move towards making people behave better. The lab this week released, for free, a VR experience for the HTC Vive. It's aimed at giving people the sense of diving down to a coral reef--but the real goal is getting them to consider how carbon dioxide released into the atmosphere is killing the oceans. He hopes, with the dearth of good VR content available, this software will proliferate at least as fast as VR hardware does. Next up for the lab, a deep dive into homelessness.

Submission + - 16 teraflop Cray to replace IBM at UK Met Office (bbc.co.uk)

Memetic writes: The UK weather forecasting service the Met Office is replacing its IBM supercomputer with a 16 teraflop,17 petabyte of storage Cray XC40 — Cray's biggest deal outside the US.

It should be 13 times faster than the current system. The aim is to enable more accurate modeling of the unstable UK climate, with UK-wide forecasts at a resolution of 1.5km run hourly, rather than every three as now.

The official release http://www.metoffice.gov.uk/ne... has the bare bones, the BBC report, linked has more comparative details.

Submission + - EFF Rates Which Service Providers Side With Users (eff.org)

An anonymous reader writes: The Electronic Frontier Foundation has issued a report grading online service providers for how well they side with users over intellectual property disputes. They looked at sites like YouTube, Imgur, tumblr, and Twitter. "The services could receive a maximum of five stars, based on criteria including publicly documented procedures for responses to DMCA takedown notices and counter-notices, how the services handle trademark disputes, and if the company issued detailed transparency reports." Only two sites got a perfect rating: WordPress and Namecheap. tumblr got the worst score, and Imgur was not far behind. The rest of the sites were in between, though the EFF did give a bit of extra credit to Etsy for its educational guides and Twitter for its transparency reports.

Comment Re:Yes. (Score 1) 631

I learned to love that menu. At first I was really annoyed with how much work I had to do to set up the system the way I liked it but I had just come from Ubuntu where everything is done for you. It was a real eye opener to see how much customization is possible in Linux. I think that using CrunchBang really changed what I expected from a distro and more than anything, it helped me learn the system as a new user and gave me quite a bit more confidence.

Comment Not linear (Score 2) 631

It's not like their trajectory is set in stone. Canonical may respond to the criticisms from users and begin to move in a new direction. Plus, Ubuntu is a fantastic base to build on cf Linux Mint, and I still think Ubuntu is the best way to introduce new users to Linux. I think it is nearsighted to proclaim the beginning of the end.

Submission + - Ordnance Survey Creates Minecraft Model of Great Britain 1

jeremyp writes: Ordnance Survey intern Joseph Braybrook has created a Minecraft World based upon accurate terrain mapping data of Great Britain. The world accurately represents the whole of Great Britain and surrounding islands (but excludes Northern Ireland and the Channel Islands). It maps 224,000 square kilometres of Greast Britain and contains 22 billion blocks. Graham Dunlop (Ordnance Survey Innovation Lab Manager) says:

We think we may have created the largest Minecraft world ever built based on real-world data

The map can be downloaded from the Ordnance Survey here.

Submission + - Visionary Nintendo President Yamauchi Dies (bbc.co.uk)

trickstyhobbit writes: Former Nintendeo president and majority stockholder Hiroshi Yamauchi has died. He was president of the comapany for over 50 years and saw the development of the NES, SNES, Nintendo 64, and GameCube among other devices

Submission + - Change.org petition, ARM SoC changes for Linux 3.12 invite Torvalds' fury (paritynews.com) 1

hypnosec writes: Linus Torvalds, in response to a petition on Change.org to remove RdRand from /dev/random, has lambasted the petitioner by called him ignorant for not understanding the code in Linux Kernel. Kyle Condon from UK raised a petition on Change.org to get Linus to remove RdRand from /dev/random in a bid “to improve the overall security of the linux kernel.” In his response, Torvalds asked the Condon and the supports of the petition to gain an understanding of Linux drivers, cryptography and then "come back here and admit to the world that you were wrong." Torvalds stressed that kernel maintainers knew what they were doing and the petitioner didn’t. Torvalds, in a similar outburst just yesterday, hoped that "ARM SoC hardware designers all die in some incredibly painful accident." This came in response to a message from Kevin Hilman when he noted that there were quite a few conflicts in the ARM SoC pull request for Linux 3.12, which were a result of the platform changes conflicting with driver changes going in to the V4L tree.

Submission + - Indian Government to ban use of US email services for official communications (paritynews.com)

hypnosec writes: The Government of India is planning to ban the use of US based email services like Gmail for official communications and is soon going to send out a formal notification to it half a million officials across the country asking them to use official email addresses and services provided by National Informatics Centre. The move is intended to increase the security of confidential government data and information and protect it from overseas surveillance.

Submission + - MIT Students Release Code To 3D-Print High Security Keys (forbes.com)

Sparrowvsrevolution writes: At the Def Con hacker conference Saturday, MIT students David Lawrence and Eric Van Albert released a piece of code that will allow anyone to create a 3D-printable software model of any Schlage Primus key, despite Schlage’s attempts to prevent the duplication of the restricted keys. With just a flatbed scanner and their software tool, they were able to produce precise models of Primus keys that they uploaded to the 3D-printing services Shapeways and i.Materialise, who mailed them working copies of the keys in materials ranging from nylon to titanium. Primus high-security locks are used in government facilities, healthcare settings, and detention centers, and their keys are coded with two distinct sets of teeth, one on top and one on the side. That, along with a message that reads "do not duplicate" printed on the top of every key, has made them difficult to copy by normal means. With Lawrence and Van Albert's software, anyone can now scan or take a long-distance photo of any Primus key and recreate it for as little as $5.

Submission + - 1,700 Websites In Russia Go Dark In SOPA-Style Protest

An anonymous reader writes: Russians are going nuts over a new anti-piracy law that enables Roskomnadzor (the Federal Supervision Agency for Information Technologies and Communications) to ‘blacklist’ Internet resources before the issue of a court order. Indeed, 1700 websites have issued a blackout, just like US firms did in protest at the Stop Online Piracy Act. The law, widely known as the Russian SOPA, has been slammed by some major tech firms from the country, including Yandex. Freedom of speech campaigners are worried it could be used for political censorship, while digital companies say it will slow down the development of Internet services in the country.

Submission + - Pwnie Awards 2013 winners: Barnaby Jack, Edward Snowden, NMap, Evad3rs (paritynews.com)

hypnosec writes: Winners of the Pwnie Awards 2013 were announced at a special event during Black Hat security conference in Las Vegas and the highlight of the awards were Edward Snowden, NMap and Barnaby Jack (ofcourse). Barnaby Jack was given posthumous Pwnie award for ‘lifetime achievement’ while Edward Snowden and NSA were jointly given the award of ‘Epic 0wnage’. Nmap on the other hand was awarded ‘Most Epic FAIL’. Best Privilege Escalation Bug award went to David Wang aka planetbeing and the Evad3rs team.

Submission + - KDE Releases Calligra 2.7 (calligra.org)

jrepin writes: The Calligra team is proud and pleased to announce the release of version 2.7 of the Calligra Suite, Calligra active and the Calligra Office Engine. Words, the word processing application, has a new look for the toolbox. In the same toolbox there are also new controls to manipulate shapes with much enhanced usability. Author, the writer’s application, has new support for EPUB3: mathematical formulas and multimedia contents are now exported to ebooks using the EPUB format. There is also new support for book covers using images. Plan, the project management application, has improvement in the scheduling of tasks. The formula shape now has new ways to enter formula: a matlab/octave mode and a LaTEX mode.

Slashdot Top Deals

You are always doing something marginal when the boss drops by your desk.

Working...