Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Earth

Study: Earth Is At Its Warmest In 120,000 Years (washingtonpost.com) 13

An anonymous reader quotes a report from Washington Post: As part of her doctoral dissertation at Stanford University, Carolyn Snyder, now a climate policy official at the U.S. Environmental Protection Agency, created a continuous 2 million year temperature record, much longer than a previous 22,000 year record. Snyder's temperature reconstruction, published Monday in the journal Nature, doesn't estimate temperature for a single year, but averages 5,000-year time periods going back a couple million years. Snyder based her reconstruction on 61 different sea surface temperature proxies from across the globe, such as ratios between magnesium and calcium, species makeup and acidity. But the further the study goes back in time, especially after half a million years, the fewer of those proxies are available, making the estimates less certain, she said. These are rough estimates with large margins of errors, she said. But she also found that the temperature changes correlated well to carbon dioxide levels. Temperatures averaged out over the most recent 5,000 years -- which includes the last 125 years or so of industrial emissions of heat-trapping gases -- are generally warmer than they have been since about 120,000 years ago or so, Snyder found. And two interglacial time periods, the one 120,000 years ago and another just about 2 million years ago, were the warmest Snyder tracked. They were about 3.6 degrees (2 degrees Celsius) warmer than the current 5,000-year average. Snyder said if climate factors are the same as in the past -- and that's a big if -- Earth is already committed to another 7 degrees or so (about 4 degrees Celsius) of warming over the next few thousand years. "This is based on what happened in the past, Snyder noted. "In the past it wasn't humans messing with the atmosphere."
Republicans

Trump Takes On 'Crooked Hillary' With Snapchat Geofilter (arstechnica.com) 21

In an effort to appeal to more young voters, U.S. Republican presidential nominee Donald Trump has unveiled a "geofilter" ad campaign for Snapchat that slaps on the banner phrase "Donald J. Trump vs. Crooked Hillary" to a user's photo and video Snaps. Ars Technica reports: "The ad rolled out to American Snapchat users today, just ahead of the 2016 presidential election's first major debate between Trump and Hillary Clinton (the debate starts tonight at 9pm EDT). The ad joins the usual geofilter available to Snapchat users, which usually list the name of a city or a nearby event as determined by GPS and time information. The campaign differs from the deluge of text, photo, and video ads that politicans have relied on in recent years, as it doesn't publish or display to the public without a personal photo or video attached. While other political campaigns have paid for geofilter ad campaigns on Snapchat in the past, including Clinton and Bernie Sanders, those have been timed and targeted for smaller-scale events like political conventions and primary voting periods. In a statement to CNN, the Clinton campaign said that Trump was "throwing his money into a fire pit," and it pointed out the ad's potential for backfiring, since "given Trump's deep unpopularity with young voters, [the ad's phrasing] will be used mainly at [his] own expense."
Security

Windows 10 Will Soon Run Edge In a Virtual Machine To Keep You Safe (arstechnica.com) 37

An anonymous reader quotes a report from Ars Technica: Microsoft has announced that the next major update to Windows 10 will run its Edge browser in a lightweight virtual machine. Running the update in a virtual machine will make exploiting the browser and attacking the operating system or compromising user data more challenging. Called Windows Defender Application Guard for Microsoft Edge, the new capability builds on the virtual machine-based security that was first introduced last summer in Windows 10. Windows 10's Virtualization Based Security (VBS) uses small virtual machines and the Hyper-V hypervisor to isolate certain critical data and processes from the rest of the system. The most important of these is Credential Guard, which stores network credentials and password hashes in an isolated virtual machine. This isolation prevents the popular MimiKatz tool from harvesting those password hashes. In turn, it also prevents a hacker from breaking into one machine and then using stolen credentials to spread to other machines on the same network. Credential Guard's virtual machine is very small and lightweight, running only a relatively simple process to manage credentials. Application Guard will go much further by running large parts of the Edge browser within a virtual machine. This virtual machine won't, however, need a full operating system running inside it -- just a minimal set of Windows features required to run the browser. Because Application Guard is running in a virtual machine it will have a much higher barrier between it and the host platform. It can't see other processes, it can't access local storage, it can't access any other installed applications, and, critically, it can't attack the kernel of the host system. In its first iteration, Application Guard will only be available for Edge. Microsoft won't provide an API or let other applications use it. As with other VBS features, Application Guard will also only be available to users of Windows 10 Enterprise, with administrative control through group policies. Administrators will be able to mark some sites as trusted, and those sites won't use the virtual machine. Admins also be able to control whether untrusted sites can use the clipboard or print.
Math

Researcher Modifies Sieve of Eratosthenes To Work With Less Physical Memory Space (scientificamerican.com) 35

grcumb writes: Peruvian mathematician Harald Helfgott made his mark on the history of mathematics by solving Goldbach's weak conjecture, which states that every odd number greater than 7 can be expressed as the sum of three prime numbers. Now, according to Scientific American, he's found a better solution to the sieve of Eratosthenes: "In order to determine with this sieve all primes between 1 and 100, for example, one has to write down the list of numbers in numerical order and start crossing them out in a certain order: first, the multiples of 2 (except the 2); then, the multiples of 3, except the 3; and so on, starting by the next number that had not been crossed out. The numbers that survive this procedure will be the primes. The method can be formulated as an algorithm." But now, Helfgott has found a method to drastically reduce the amount of RAM required to run the algorithm: "Now, inspired by combined approaches to the analytical 100-year-old technique called the circle method, Helfgott was able to modify the sieve of Eratosthenes to work with less physical memory space. In mathematical terms: instead of needing a space N, now it is enough to have the cube root of N." So what will be the impact of this? Will we see cheaper, lower-power encryption devices? Or maybe quicker cracking times in brute force attacks? Mathematician Jean Carlos Cortissoz Iriarte of Cornell University and Los Andes University offers an analogy: "Let's pretend that you are a computer and that to store data in your memory you use sheets of paper. If to calculate the primes between 1 and 1,000,000, you need 200 reams of paper (10,000 sheets), and with the algorithm proposed by Helfgott you will only need one fifth of a ream (about 100 sheets)," he says.
Government

ISP To FCC: Using The Internet Is Like Eating Oreos (consumerist.com) 101

New submitter Rick Schumann shares with us a report highlighting an analogy presented by an ISP that relates Double Stuf Oreos to the internet. Specifically, that Double Stuf Oreos cost more than regular Oreos, and therefore you should pay more for internet: The Consumerist reports: "Ars Technica first spotted the crumbly filing, from small (and much-loathed) provider Mediacom. Mediacom's comment is in response to the same proceeding that Netflix commented on earlier this month. However, while Netflix actually addressed data and the ways in which their customers use it, Mediacom went for the more metaphor-driven approach. The letter literally starts out under the header, 'You Have to Pay Extra For Double-Stuffed,' and posits that you, the consumer, are out for a walk with $2 in your pocket when you suddenly develop a ferocious craving for Oreo cookies." Of course their analogy is highly questionable, since transmitting data over a network doesn't actually consume anything, now does it? You eat the cookie, the cookie is gone, but you transmit data over a network, the network is still there and can transmit data endlessly. Mediacom's assertion that the Internet is like a cookie you eat, is like saying copying a file on your computer somehow diminishes or degrades the original file, which of course is ridiculous.
Mozilla

Mozilla's Proposed Conclusion: Game Over For WoSign and Startcom? (google.com) 58

Reader Zocalo writes: Over the last several months Mozilla has been investigating a large number of breaches of what Mozilla deems to be acceptable CA protocols by the Chinese root CA WoSign and their perhaps better known subsidiary StartCom, whose acquisition by WoSign is one of the issues in question. Mozilla has now published their proposed solution (GoogleDocs link), and it's not looking good for WoSign and Startcom. Mozilla's position is that they have lost trust in WoSign and, by association StartCom, with a proposed action to give WoSign and StartCom a "timeout" by distrusting any certificates issued after a date to be determined in the near future for a period of one year, essentially preventing them issuing any certificates that will be trusted by Mozilla. Attempts to circumvent this by back-dating the valid-from date will result in an immediate and permanent revocation of trust, and there are some major actions required to re-establish that trust at the end of the time out as well.
This seems like a rather elegant, if somewhat draconian, solution to the issue of what to do when a CA steps out of line. Revoking trust for certificates issued after a given date does not invalidate existing certificates and thereby inconvenience their owners, but it does put a severe -- and potentially business-ending -- penalty on the CA in question. Basically, WoSign and StartCom will have a year where they cannot issue any new certificates that Mozilla will trust, and will also have to inform any existing customers that have certificate renewals due within that period they cannot do so and they will need to go else where -- hardly good PR!

What does Slashdot think? Is Mozilla going too far here, or is their proposal justified and reasonable given WoSign's actions, making a good template for potential future breaches of trust by root CAs, particularly in the wake of other CA trust breaches by the likes of CNNIC, DigiNotar, and Symantec?

Bitcoin

Japanese To Pay Utility Bills Using Bitcoin (thestack.com) 21

An anonymous reader quotes a report from The Stack: Japanese citizens will soon be able to pay their utility bills using bitcoin. The facility is being provided by Coincheck Denki, a new service offered by the Japanese bitcoin company, which will be available to users in November. Coincheck outlined the new plan on its website. Also called 'Coincheck Electricity,' it will allow users to pay their electricity bills directly from their Coincheck bitcoin wallet. It also offers a discount plan for heavy users of electricity, with 4-6% of the total bill discounted for heavy users of electricity who pay in bitcoin. Coincheck's parent company, Reju Press, initially partnered with Mitsuwa Inc., to create the bitcoin payment system. Coincheck now works with Mitsuwa subsidiary E-Net Inc., and has formed a partnership with Marubeni Power Retail Corporation, which operates power plants in 17 locations in central Japan. Marubeni has offices in 66 countries worldwide, although no plans have been announced to take the bitcoin payment option outside of Japan. While the initial bitcoin payment rollout is for electricity bills, Coincheck plans to expand its offerings to bitcoin payment for 'life infrastructure,' to include payment of gas, water and mobile phone bills. It may even partner with landlords to allow customers of Coincheck to pay rent using bitcoin. The bitcoin payment plan will be rolled out in Chubu, Kanto (including Tokyo) and Kansai regions to start, with additional areas to be added sequentially. The company hopes to offer bitcoin payment options to one million electric customers within the first year.
Space

China's Giant Radio Telescope Begins Searching For Signals From Space (ctvnews.ca) 37

Years of work and millions of dollars later, China finished its alien-hunting telescope in May this year. Now the country says its telescope has begun its operation. The company flipped the switch over the weekend, hoping to find signals from stars and galaxies -- and more importantly from extraterrestrial life. The telescope also illustrates China's growing ambition to stay among the frontrunners in space efforts. AP reports: Beijing has poured billions into such ambitious scientific projects as well as its military-backed space program, which saw the launch of China's second space station earlier this month. Measuring 500 metres in diameter, the radio telescope is nestled in a natural basin within a stunning landscape of lush green karst formations in southern Guizhou province. It took five years and $180 million to complete and surpasses that of the 300-meter Arecibo Observatory in Puerto Rico, a dish used in research on stars that led to a Nobel Prize. The official Xinhua News Agency said hundreds of astronomers and enthusiasts watched the launch of the Five-hundred-meter Aperture Spherical Telescope, or FAST, in the county of Pingtang. Researchers quoted by state media said FAST would search for gravitational waves, detect radio emissions from stars and galaxies and listen for signs of intelligent extraterrestrial life. "The ultimate goal of FAST is to discover the laws of the development of the universe," Qian Lei, an associate researcher with the National Astronomical Observatories of the Chinese Academy of Sciences, told state broadcaster CCTV. "In theory, if there is civilization in outer space, the radio signal it sends will be similar to the signal we can receive when a pulsar (spinning neutron star) is approaching us," Qian said.
Security

As We Speak, Teen Social Site Is Leaking Millions Of Plaintext Passwords (arstechnica.com) 93

Dan Goodin, reporting for ArsTechnica: A social hangout website for teenage girls has sprung a leak that's exposing plaintext passwords protecting as many as 5.5 million user accounts. As this post went live, all attempts to get the leak plugged had failed. Operators of i-Dressup didn't respond to messages sent by Ars informing them that a hacker has already downloaded more than 2.2 million of the improperly stored account credentials. The hacker said it took him about three weeks to obtain the cache and that there's nothing stopping him or others from downloading the entire database of slightly more than 5.5 million entries. The hacker said he acquired the e-mail addresses and passwords by using a SQL injection attack that exploited vulnerabilities in the i-Dressup website. The hacker provided the 2.2 million account credentials both to Ars and breach notification service Have I Been Pwned?. By plugging randomly selected e-mail addresses into the forgotten password section of i-Dressup, both Ars and Have I Been Pwned? principal Troy Hunt found that they all were used to register accounts on the site. Ars then used the contact us page on i-Dressup to privately notify operators of the vulnerability, but more than five days later, no one has responded and the bug remains unfixed.
Transportation

Planes, Trains, and Automobiles Have Become Top Carbon Polluters (technologyreview.com) 160

Transportation is likely to surpass the electricity sector in 2016 as the largest source of carbon dioxide emissions in the United States, according to a new analysis of government data, MIT Technology reports. From the article: In 2008, the global financial crisis caused widespread declines in energy use. In the U.S., that coincided with the early stages of a large-scale shift away from coal toward cleaner-burning natural gas as a way to generate electricity. As a result, carbon dioxide emissions from the electricity sector have continued to decline from their 2007 peak, even as the economy has resumed growing. The trend line for the transportation sector is less encouraging. Transportation emissions have begun rising as the economy rebounds. John DeCicco at the University of Michigan Energy Institute, who wrote the study, attributes the rebound we've seen during the past four years to straightforward causes: economic recovery and more affordable fuel prices. Vehicle sales numbers have been rising for several years, in particular for trucks and SUVs, and people are traveling more miles.
Entertainment

Plex Cloud Means Saying Goodbye To the Always-On PC (theverge.com) 125

Finally, you don't need an always-on PC or any other network-attached storage device if you want to use Plex's media player. The company has announced that it now allows you to stream TV shows and movies from your own collection via a new online option called Plex Cloud. From a report on The Verge: Plex is giving the world another reason to subscribe to Plex Pass subscriptions today with the launch of Plex Cloud. As the name suggests, Plex Cloud eliminates the need to run the Plex Media Server on a computer or Networked Attached Storage (NAS) in your house. It does, however, require a subscription to Amazon Drive ($59.99 per year for unlimited storage) and the aforementioned Plex Pass ($4.99 per month or $39.99 per year). Plex Cloud functions just like a regular Plex Media Server giving you access to your media -- no matter how you acquire it -- from an incredibly broad range of devices. Most, but not all Plex features are available in today's beta.
United Kingdom

UK's Top Police Warn That Modding Games May Turn Kids into Hackers (vice.com) 132

Joseph Cox, writing for Motherboard: Last week at EGX, the UK's biggest games event, attendees got a chance to play upcoming blockbusters like Battlefield 1, FIFA 17, and Gears of War 4. But budding gamers may also have spotted a slightly more unusual sight: a booth run by the National Crime Agency (NCA), the UK's leading law enforcement agency. Over the last few years, the NCA has attempted to reach out to technologically savvy young people in different ways. EGX was the first time it's pitched up to a gaming convention; the NCA said it wanted to educate young people with an interest in computers and suggested that those who mod online games in order to cheat may eventually progress to using low level cybercrime services like DDoS-for-hire and could use steering in the right direction. "The games industry can help us reach young people and educate them on lawful use of cyber skills," Richard Jones, head of the NCA's National Cyber Crime Unit's 'Prevent' team, told Motherboard in an email. "Through attendance at EGX and various other activities, we are seeking to promote ethical hacking or penetration testing, as well as other lawful uses of an interest in computers to young people," Jones said.
Operating Systems

Windows 10 Now On 400 Million Active Devices, Says Microsoft (thurrott.com) 131

Microsoft announced today that Windows 10 is now running on over 400 million active devices. This is up from 300 million as of May, and 207 million as of end of the March. The company says that it deems devices that have been active in the past 28 days as "active." Microsoft added that this 400 million active devices figure include tablets and phones as well as Xbox One consoles, HoloLens, and Surface Hubs running Windows 10. Paul Thurrott adds:Microsoft last provided a Windows 10 usage milestone on June 29, when it said that there were 350 million active Windows 10 devices. At that time, I noted that the Windows 10 adoption had accelerated from the previous milestone, hitting an average of almost 29 million new devices per month. But 50 million additional devices over three months is a much slower pace of about 17 million per month. This is the slowest rate since Windows 10 was first announced. Again, no surprise there: Windows 10 was free for its first year, and over that time period it averaged roughly 31.25 million new devices per month (if you assume a figure of 375 million after one year, as I do). Does this mean that Windows 10 will see fewer than 20 million new devices each month, on average, going forward? No, of course not. There's no way to accurately gauge how things will go, given that most future devices will be new PCs purchased by businesses or consumers, or business PCs upgraded to Windows 10.
Cloud

Adobe To Run Some Of Its Creative Cloud Services On Azure (zdnet.com) 17

Adobe will offer its Adobe Creative Cloud, Marketing Cloud, and Document Cloud hosted on Microsoft's Azure, the company said today, as part of a deal with Microsoft. ZDNet adds: Some of Adobe's subscription services for creative professionals currently are hosted on Amazon's AWS. It's not clear from Microsoft's announcement of its new Adobe deal whether Adobe's Creative Cloud, Marketing Cloud, and Document Cloud will run on any other cloud backbones, with Azure as a secondary option or choice. I've asked Microsoft, and heard back from a spokesperson that today's deal is not exclusive, but that's all I know at this point. Work is underway to move these services to the Azure cloud, a spokesperson confirmed, with more information on this coming in the next few months.
Privacy

California Enacts Law Requiring IMDb To Remove Actor Ages On Request (hollywoodreporter.com) 247

California Gov. Jerry Brown on Saturday signed legislation that requires certain entertainment sites, such as IMDb, to remove -- or not post in the first place -- an actor's age or birthday upon request, reports Hollywood Reporter. From the report: The law, which becomes effective Jan. 1, 2017, applies to entertainment database sites that allow paid subscribers to post resumes, headshots or other information for prospective employers. Only a paying subscriber can make a removal or nonpublication request. Although the legislation may be most critical for actors, it applies to all entertainment job categories. "Even though it is against both federal and state law, age discrimination persists in the entertainment industry," Majority Leader Ian Calderon, D-Whittier, said in a statement. "AB 1687 provides the necessary tools to remove age information from online profiles on employment referral websites to help prevent this type of discrimination."Bloomberg columnist, Shira Ovide said, "Congratulations, IMDB. You have now become the subject of California law." Slate writer Will Oremus added, "Sometimes I start to think California is not such a bad place and then they go and do something like this."
Transportation

HERE, Automakers Team Up To Share Data On Traffic Conditions (reuters.com) 47

German digital map maker HERE will introduce a new set of traffic services this week that allows drivers to see for themselves what live road conditions are like miles ahead using data from competing automakers, an industry first, reports Reuters. From the report: The Berlin-based company, owned by Germany's three premium automakers, will provide four services in which drivers share detailed video views of traffic jams or accidents, potential road hazards like fog or slippery streets, traffic signs including temporary speed limits and on-street parking. BMW, Daimler and Volkswagen will all contribute data to the service, making their first big collaboration since they bought HERE for 2.8 billion euros ($3.1 billion) late last year from mobile equipment maker Nokia of Finland. Other automakers are expected to join the project later and contribute data from their vehicles, HERE said. The new live traffic services are set to hit the road in the first half of 2017, HERE said on Monday before the opening of this week's Paris Motor Show.
Android

Google Is Planning a 'Pixel 3' Laptop Running 'Andromeda' OS For Release in Q3 2017 (androidpolice.com) 48

Google plans to launch a laptop next year with Pixel branding which will run 'Andromeda' operating system, reports AndroidPolice, citing sources. Andromeda is a hybrid of Android and Chrome OS, the report adds. Pixel, Chrome OS and Android teams have been working on this project, dubbed Bison, for years, apparently. From the report: Bison is planned as an ultra-thin laptop with a 12.3" display, but Google also wants it to support a "tablet" mode. It's unclear to us if this means Bison will be a Lenovo Yoga-style convertible device, or a detachable like Microsoft's Surface Book, but I'm personally leaning on the former given how thin it is. Powering it will be either an Intel m3 or i5 Core processor with 32 or 128GB of storage and 8 or 16GB of RAM. This seems to suggest there will be two models. It will also feature a fingerprint scanner, two USB-C ports, a 3.5mm jack (!), a host of sensors, stylus support (a Wacom pen will be sold separately), stereo speakers, quad microphones, and a battery that will last around 10 hours. The keyboard will be backlit, and the glass trackpad will use haptic and force detection similar to the MacBook. Google plans to fit all of this in a form factor under 10mm in thickness, notably thinner than the aforementioned Apple ultraportable.The report, however, adds that it is likely that Google might revise the specifications by the time of its launch, which is slated to happen sometime in Q3 2017.
Transportation

Uber Is Researching a New Vertical-Takeoff Ride Offering That Flies You Around (recode.net) 129

If Uber's recently launched self-driving cars surprised you, wait for the company's "flying" vehicles. Speaking with Recode, Uber's head of products said the company is research small planes that can vertically take off and land, so that they can be used for short-haul flights in cities. From the report:The technology is called VTOL -- which stands for vertical takeoff and landing. Simply put, VTOL is an aircraft that can hover, take off and land vertically, which would also describe a helicopter. But, unlike the typical helicopter, these planes have multiple rotors, could have fixed wings and perhaps eventually would use batteries and be more silent. In time, like cars, such aircraft would be autonomous. Jeff Holden said that he has been researching the area, "so we can someday offer our customers as many options as possible to move around." He added that "doing it in a three-dimensional way is an obvious thing to look at."
Virtualization

Boot Linux (or OpenBSD Or Oberon Or FreeDOS) In Your Browser (copy.sh) 87

Long-time Slashdot reader DeQueue writes: Back in 2011 Fabrice Bellard, the initiator of the QEMU emulator, wrote a PC emulator in JavaScript that let you boot Linux in your browser. But he didn't stop there.

On his website he now has images that let you boot Oberon, Arch Linux, FreeDOS, OpenBSD, Solar OS and more recent versions of Linux such as 2.6 or 3.18 (the 3.18 image includes internet access). You can also boot to a CD image, or a floppy image, or a hard drive disk image on your local machine. And, if you don't need yet another operating system on your computer, you can even boot to Bootchess and play chess

Botnet

Ask Slashdot: Is My IoT Device Part of a Botnet? 263

As our DVRs, cameras, and routers join the Internet of Things, long-time Slashdot reader galgon wonders if he's already been compromised: There has been a number of stories of IoT devices becoming part of botnets and being used in distributed denial of service attacks. If these devices are seemingly working correctly to the user, how would they ever know the device was compromised? Is there anything the average user can do to detect when they have a misbehaving device on their network?
I'm curious how many Slashdot readers are even using IoT devices -- so leave your best answers in the comments. How would you know if your IoT device is part of a botnet?

Slashdot Top Deals