Qedward writes with an excerpt at TechWorld about a new project from Jon "Maddog" Hall, which is about to launch in Brazil: "The vision of Project Cauã is to promote more efficient computing following the thin client/server model, while creating up to two million privately-funded high-tech jobs in Brazil, and another three to four million in the rest of Latin America. Hall explained that Sao Paolo in Brazil is the second largest city in the Western Hemisphere and has about twelve times the population density of New York City. As a result, there are a lot of people living and working in very tall buildings. Project Cauã will aim to put a server system in the basement of all of these tall buildings and thin clients throughout the building, so that residents and businesses can run all of their data and applications remotely."
Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.
McGruber writes "In an Op-Ed published in The NY Times, Information Technology & Innovation Foundation (ITIF.org) Senior Fellow Richard Bennett claims that 'America's broadband networks lead the world by many measures, and they are improving at a more rapid rate than networks in most developed countries.' Mr. Bennett also says, 'the most critical issue facing American broadband has nothing to do with the quality of our networks; it is our relatively low rates of subscribership.'"
WebGangsta writes "The rumor mill continues to grow closer and closer to reality, as The Verge is reporting the upcoming SERIES 5 TiVo will have 6 tuners, support OTA recording (an old TiVo feature being brought back), storage beyond the 2TB limit, and more. While some would say that TiVo today is nothing more than a Patent Holder (albeit a successful one), there's still a market for a cable box that doubles as a streaming player. Is hardware the future of TiVo, or should they go and just license their software to all? And don't get us started on those 'TiVo Buying Hulu' or 'Apple/Google buying TiVo' rumors... that's a different story for a different day."
mask.of.sanity writes "Hundreds of organizations have been detected running dangerously vulnerable versions of SAP that were more than seven years old and thousands more have placed their critical data at risk by exposing SAP applications to the public Internet. The new research found the SAP services were inadvertently made accessible thanks to a common misconception that SAP systems were not publicly-facing and remotely-accessible. The SAP services contained dangerous vulnerabilities which were since patched by the vendor but had not been applied."
benrothke writes "It's said that truth is stranger than fiction, as fiction has to make sense. Had The Chinese Information War: Espionage, Cyberwar, Communications Control and Related Threats to United States Interests been written as a spy thriller, it would have been a fascinating novel of international intrigue. But the book is far from a novel. It's a dense, well-researched overview of China's cold-war like cyberwar tactics against the US to regain its past historical glory and world dominance." Read below for the rest of Ben's review.
Writing "Wow, this is going to really set the cat amongst the pigeons once this gets around," an anonymous reader links to a story at The Guardian about some good old fashioned friendly interception, and the slide-show version of what went on at recent G20 summits in London: "Foreign politicians' calls and emails intercepted by UK intelligence; Delegates tricked into using fake internet cafes; GCHQ analysts sent logs of phone calls round the clock; Documents are latest revelations from whistleblower Edward Snowden."
Lucas123 writes "Intel this year plans to sell a set-top box and Internet-based streaming media service that will bundle TV channels for subscribers, but cable, satellite and ISPs are likely to use every tool at their disposal to stop another IP-based competitor, according to experts. They may already be pressuring content providers to charge Intel more or not sell to it. Another scenario could be that cable and ISP providers simply favor their own streaming services with pricing models, or limit bandwidth based on where customers get their streamed content. For example, Comcast could charge more for a third-party streaming service than for its own, or it could throttle bandwidth or place caps on it to limit how much content customer receives from streaming media services as it did with BitTorrent. Meanwhile, Verizon is challenging in a D.C. circuit court the FCC's Open Internet rules that are supposed to ensure there's a level playing field."
Nerval's Lobster writes "In case you didn't catch it yesterday, AllThingsD ran a piece endorsing the idea of the software-defined data center. That's a venue where hordes of non-technical mid- and upper-level managers will see it and (because of the credibility of AllThingsD) will believe software-defined data centers are not only possible, but that they exist and that your company is somehow falling behind because you personally have not sketched up a topology on a napkin or brought a package of it to install. If mid-level managers in your datacenter or extended IT department have not been pinged at least once today by business-unit managers offering to tip them off to the benefits of software-defined data centers—or demand that they buy one—then someone should go check the internal phone system because not all the calls are coming through. Why was AllThingD's piece problematic? First, because it's a good enough publication to explain all the relevant technology terms in ways that even a non-technical audience can understand. Second, it's also a credible source, owned by Dow Jones & Co. and spun off by The Wall Street Journal. Third, software-defined data centers are genuinely happening—but it's in the very early stages. The true benefits of the platform won't arrive for quite some time—and there's too much to do in the meantime to talk about potential endpoints. Fortunately, there are a number of resources online to help tell hype from reality."
New submitter RoccamOccam writes "Shortly after the news broke that the Department of Justice had been secretly monitoring the phones and email accounts of Associated Press and Fox News reporters (and the parents of Fox News Correspondent James Rosen), CBS News' Sharyl Attkisson said her computer seemed like it had been compromised. Turns out, it was. 'A cyber security firm hired by CBS News has determined through forensic analysis that Sharyl Attkisson's computer was accessed by an unauthorized, external, unknown party on multiple occasions late in 2012. Evidence suggests this party performed all access remotely using Attkisson's accounts. While no malicious code was found, forensic analysis revealed an intruder had executed commands that appeared to involve search and exfiltration of data.'"
alphadogg writes "Medical device makers should take new steps to protect their products from malware and cyberattacks or face the possibility that U.S. Food and Drug Administration won't approve their devices for use, the FDA said. The FDA issued new cybersecurity recommendations for medical devices on Thursday, following reports that some devices have been compromised. Recent vulnerabilities involving Philips fetal monitors and in Oracle software used in body fluid analysis machines are among the incidents that prompted the FDA to issue the recommendations."
Debian warns on its blog: "The unofficial third party repository Debian Multimedia stopped using the domain debian-multimedia.org some months ago. The domain expired and it is now registered again by someone unknown to Debian. (If we're wrong on this point, please sent us an email so we can take over the domain! This means that the repository is no longer safe to use, and you should remove the related entries from your source.list file.)" Update: 06/14 02:58 GMT by U L : If you're wondering where it went, it moved to deb-multimedia.org, after the DPL (at the time) asked the maintainer to stop using the Debian name.
Nerval's Lobster writes "One year and seven months after beginning construction, Facebook has brought its first datacenter on foreign soil online. That soil is in Lulea, town of 75,000 people on northern Sweden's east coast, just miles south of the boundary separating the Arctic Circle from the somewhat-less-frigid land below it. Lulea (also nicknamed The Node Pole for the number of datacenters in the area) is in the coldest area of Sweden and shares the same latitude as Fairbanks, Alaska, according to a local booster site. The constant, biting wind may have stunted the growth of Lulea's tourism industry, but it has proven a big factor in luring big IT facilities into the area. Datacenters in Lulea are just as difficult to power and cool as any other concentrated mass of IT equipment, but their owners can slash the cost of cooling all those servers and storage units simply by opening a window: the temperature in Lulea hasn't stayed at or above 86 degrees Fahrenheit for 24 hours since 1961, and the average temperature is a bracing 29.6 Fahrenheit. Air cooling might prove a partial substitute for powered environmental control, but Facebook's datacenter still needed 120megawatts of steady power to keep the social servers humming. Sweden has among the lowest electricity costs in Europe, and the Lulea area reportedly has among the lowest power costs in Sweden. Low electricity prices are at least partly due to the area's proximity to the powerful Lulea River and the line of hydroelectric dams that draw power from it."
crookedvulture writes "With its Sandy Bridge and Ivy Bridge processors, Intel allowed standard Core i5 and i7 CPUs to be overclocked by up to 400MHz using Turbo multipliers. Reaching for higher speeds required pricier K-series chips, but everyone got access to a little "free" clock headroom. Haswell isn't quite so accommodating. Intel has disabled limited multiplier control for non-K CPUs, effectively limiting overclocking to the Core i7-4770K and i5-4670K. Those chips cost $20-30 more than their standard counterparts, and surprisingly, they're missing a few features. The K-series parts lack the support for transactional memory extensions and VT-d device virtualization included with standard Haswell CPUs. PC enthusiasts now have to choose between overclocking and support for certain features even when purchasing premium Intel processors. AMD also has overclocking-friendly K-series parts, but it offers more models at lower prices, and it doesn't remove features available on standard CPUs."
First time accepted submitter jarle.aase writes "It's doable today to use a mix of virtual machines, VPN, TOR, encryption (and staying away from certain places; like Google Plus, Facebook, and friends), in order to retain a reasonable degree of privacy. In recent days, even major mainstream on-line magazines have published such information. (Aftenposten, one of the largest newspapers in Norway, had an article yesterday about VPN, Tor and Freenet!) But what about the cell-phone? Technically it's not hard to design a phone that can switch off the GSM transmitter, and use VoIP for calls. VoIP could then go from the device through Wi-Fi and VPN. Some calls may be routed trough PSTN gateways — allowing the agencies to track the other party. But they will not track your location. And they will not track pure, encrypted VoIP calls that traverse trough VPN and use anonymous SIP or XMPP accounts. Android may not be the best software for such a device, as it very eagerly phones home. The same is true for iOS and Windows 8. Actually, I would prefer a non cloud-based mobile OS from a vendor that is not in the PRISM gallery. Does such a device exist yet? Something that runs a relatively safe OS, where GSM can be switched totally off? Something that will only make an outgoing network connection when I ask it to do so?" And in the absence of a perfect solution, what do you do instead? (It's still Android and using the cell network, but Red Phone — open sourced last year — seems like a good start.)
hypnosec writes "OWASP's Top 10, the Open Web Application Security Project's top 10 most critical web application security risks, has been updated and a new list for 2013 published. Last updated back in 2010, the organization has published the new list wherein the importance of cross-site scripting (XSS) and cross-site request forgery (CRSF) has been diluted a little, while risks related to broken session management and authentication have moved up a notch. Code injection, which was the topmost risk in 2010, has retained its position in the updated list. The 2013 Top Ten list (PDF) has been compiled based on half a million vulnerabilities discovered in thousands of applications from hundreds of vendors."
judgecorp writes "Security researchers say that iPhone and other Apple devices are vulnerable to an old attack, using a fake Wi-Fi access point. Attackers can use an SSID which matches one that is stored on the iPhone (say "BTWiF"), which the iPhone will connect to automatically. Other devices are protected thanks to the use of HTTPS, which enforces HTTPS, but iPhones are susceptible to this man in the middle attack, researchers say."
itwbennett writes "You can make a decent living as a software developer, and if you were lucky enough to get hired at a pre-IPO tech phenom, you can even get rich at it. But set your sights above the average and below Scrooge McDuck and you won't find many developers in that salary range. In fact, the number of developers earning $200,000 and above is under 10%, writes blogger Phil Johnson who looked at salary data from Glassdoor, Salary.com and the Bureau of Labor Statistics. How does your salary rate? What's your advice for earning the big bucks?"
An anonymous reader writes "After 25 years of doing IT (started as a PC technician and stayed on technical of IT work through out my career) I've been moved to a position of doing only on call work (but paid as if it is a normal 9-5 job). This leaves me with a lot of free time... As someone who's used to working 12+ hours a day + the odd night/weekend on call, I'm scared I'll lose my mind with all the new free time I'll have. Any suggestions (beyond develop hobbies, spend time with family) on how to deal with all the new free time?"
Trailrunner7 writes "A group of eight senators from both parties have introduced a new bill that would require the attorney general to declassify as many of the rulings of the secret Foreign Intelligence Surveillance Court as possible as a way of bringing into the sunlight much of the law and opinion that guides the government's surveillance efforts. Under the terms of the proposed law, the Justice Department would be required to declassify major FISC opinions as a way to give Americans a view into how the federal government is using the Foreign Intelligence Surveillance Act and Patriot Act. If the attorney general determines that a specific ruling can't be declassified without endangering national security, he can declassify a summary of it. If even that isn't possible, then the AG would need to explain specifically why the opinion needs to be kept secret."