Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Role Playing (Games)

Analysts Tout 'State of The Developer' Survey By Awarding RPG Characters (amazon.com) 11

An anonymous reader writes: Analysts at VisionMobile have begun conducting this year's "State of the Developer" Survey -- their perennial assessment of salaries, skills, and tools -- but this time with a twist. "Based on your responses, you'll find out what kind of character you'd be in a fantasy world: A mage? A fighter? A dragon slayer?" according to a blog post publicizing the event by Amazon's manager of developer marketing. "As in previous years, you'll also receive your personal Developer Scorecard showing how you compare to other developers in your country, a free copy of the final State of the Developer Nation report, and a chance to win some cool prizes."
The survey presents a map of seven "kingdoms" -- IoT, Mobile, Desktop, Backend, Web, Machine learning, and AR/VR -- and invites developers to complete their "quest," awarding virtual badges and real-world prizes, which include an Oculus Rift headset, a Surface Pro 3, an Apple Watch, and a Pixel Phone. Along your "journey," a developer owl even dispatches encouraging geeky jokes. (Like "Whenever I see a door that says 'push', I always pull first, to avoid conflicts.")
Crime

Inside the NYPD's Attempt To Build Community Trust Through Twitter (backchannel.com) 19

mirandakatz writes: When the NYPD rolled out its Twitter presence a couple years back, it didn't go so smoothly: the @NYPDNews account tweeted a request: 'Do you have a photo with a member of the NYPD? Tweet us & tag it #myNYPD,' and by midnight the same day, more than 70,000 people had responded decrying police brutality. At Backchannel, Susan Crawford looks at the department's attempt to use Twitter to rebuild community trust, noting that while the NYPD has a long ways to go, any opening up of communication is an improvement on the traditionally tight-lipped culture.
They're currently reaching about 10% of the city's population, tweeting pictures of "wanted" suspects and sharing information on recent criminal activity, as the police commissioner describes shifting their mindset from "warrior" to guardian.
Open Source

Fedora-based Linux Distro Korora (Version 25) Now Available For Download (betanews.com) 18

BrianFagioli writes: If you want to use Fedora but do not want to spend time manually installing packages and repos, there is a solid alternative -- Korora. Despite the funny-sounding name, it is a great way to experience Fedora in a more user-friendly way. Wednesday, version 25, code-named 'Gurgle', became available for release.
Government

FBI Relents, Confirms Previously-Denied UFO Investigation (muckrock.com) 47

Long-time Slashdot reader v3rgEz writes: A Freedom of Information Act request for FBI files on a figure at the center of dozens of 20th century conspiracy theories reveals a rare glimpse into the Bureau's real-life "X-Files" -- which the agency had long maintained don't exist. And while there's no evidence yet of Mulder or Scully, the files do include a story of flying saucers and secret assassins stranger than anything on the show.
Specifically the documents detail the FBI's 1947 investigation into "flying discs" reported by early conspiracy theorist Fred Lee Crisman, describing "the Maury Island Incident" (picked up by U.S newspapers) which helped popularize the legend of UFO witnesses being detained by "men in black". Ironically, Crisman was later linked to one of the CIA's anti-Castro groups, connecting him another popular topic for conspiracy theorists: the assassination of President Kennedy.
Botnet

A 'Turkish Hacker' Is Giving Out Prizes For DDoS Attacks (csoonline.com) 23

Security firm Forcepoint has discovered a DDoS competition which requires participants install a DDoS software which contains a backdoor. An anonymous reader quotes CSO: A hacker in Turkey has been trying to encourage distributed denial-of-attacks by making it into a game, featuring points and prizes for attempting to shut down political websites... Users that participate will be given a tool known as Balyoz, the Turkish word for Sledgehammer, that can be used to launch DDoS attacks against a select number of websites... The attack tool involved is designed to only harass 24 political sites related to the Kurds, the German Christian Democratic Party -- which is led by Angela Merkel -- and the Armenian Genocide, and others... Forcepoint noticed that the DDoS attack tool given to the participants also contains a backdoor that will secretly install a Trojan on the computer.
Transportation

The DEA Has Been Secretly Paying Transport Employees To Search Travelers' Bags (economist.com) 101

There's a new reason you can be stopped by airport security: because the security officer who flagged you "was being secretly paid by the government...to uncover evidence of drug smuggling." schwit1 quotes The Economist: For years, officials from the Department of Justice testified, the DEA has paid millions of dollars to a variety of confidential sources to provide tips on travellers who may be transporting drugs or large sums of money. Those sources include staff at airlines, Amtrak, parcel services and even the Transportation Safety Administration...

According to [a DOJ] report, airline employees and other informers had an incentive to search more travellers' bags, since they received payment whenever their actions resulted in DEA seizures of cash or contraband. The best-compensated of these appears to have been a parcel company employee who received more than $1 million from the DEA over five years. One airline worker, meanwhile, received $617,676 from 2012 to 2015 for tips that led to confiscations. But the DEA itself profited much more from the program. That well-paid informant got only about 12% of the amount the agency seized as a result of the his tips.

The DEA had paid out $237 million to over 9,000 informants over five years towards the end of 2015, according to the report. The Economist writes that "travelers no doubt paid the price in increased searches," adding that the resulting searches were all probably illegal.
Bug

5-Year-Old Critical Linux Vulnerability Patched (threatpost.com) 48

msm1267 quotes Kaspersky Lab's ThreatPost: A critical, local code-execution vulnerability in the Linux kernel was patched more than a week ago, continuing a run of serious security issues in the operating system, most of which have been hiding in the code for years. Details on the vulnerability were published Tuesday by researcher Philip Pettersson, who said the vulnerable code was introd in August 2011.

A patch was pushed to the mainline Linux kernel December 2, four days after it was privately disclosed. Pettersson has developed a proof-of-concept exploit specifically for Ubuntu distributions, but told Threatpost his attack could be ported to other distros with some changes. The vulnerability is a race condition that was discovered in the af_packet implementation in the Linux kernel, and Pettersson said that a local attacker could exploit the bug to gain kernel code execution from unprivileged processes. He said the bug cannot be exploited remotely.

"Basically it's a bait-and-switch," the researcher told Threatpost. "The bug allows you to trick the kernel into thinking it is working with one kind of object, while you actually switched it to another kind of object before it could react."
Transportation

Uber Asks Everyone To Stop Making It The New Tinder (sfgate.com) 112

Ride-sharers have been using Uber and Lyft "carpool" apps to meet dates -- and now Uber's trying to stop it. An anonymous reader quotes SFGate: This week Uber updated their community guidelines to discourage passengers from using the ride-sharing app as a hook-up opportunity. Some Uber and Lyft riders have been using the car-pooling option as a way to meet or hook up with others. But Uber is not pleased and has advised users to not flirt or touch passengers. "It's OK to chat with other people in the car. But please don't comment on someone's appearance or ask whether they are single," Uber's guidelines state.
Their new policy now specifically states that "Uber has a no sex rule. That's no sexual conduct between drivers and riders, no matter what."
Windows

New Bug In Windows 10 Anniversary Update Brings Wi-Fi Disconnects (infoworld.com) 110

Some Windows 10 PCs are now experiencing sudden drops in their Wi-Fi connections, with the Network Diagnostics tool reporting "Wi-Fi doesn't have a valid IP configuration." An anonymous reader quotes InfoWorld's Woody Leonhard: I've heard from many people who blame the Wi-Fi disconnect on Friday's KB 3201845, the patch (which still isn't documented on the Win10 update history site) that brings version 1607 up to build 14393.479. It's unlikely that the new patch brought on the bug because the large influx of complaints started on December 7 -- two days before the patch...

Speculation at this point says the disconnect results when a machine performs a fast startup, setting the machine's IP address to 169.x.x.x. It's an old problem, but somehow it's come back in spades in the past two days. I have no idea what triggered the sudden outbreak, as there were no Win10 1607 patches issued on December 6, 7 or 8.

Microsoft acknowledged the problem Thursday, recommending customers try restarting their PCs (or performing a clean start). Woody writes that it looks like Microsoft's latest Windows 10 patch "didn't cause the bug. But the patch didn't fix it, either."
Botnet

US Think Tank Wants To Regulate The Design of IoT Devices For Security Purposes (theregister.co.uk) 74

New submitter mikehusky quotes a report from The Register: Washington D.C. think tank the Institute for Critical Infrastructure Technology is calling for regulation on "negligence" in the design of internet-of-things (IoT) devices. If the world wants a bonk-detecting Wi-Fi mattress, it must be a malware-free bonk-detecting Wi-Fi mattress. The report adds: "Researchers James Scott and Drew Spaniel point out in their report Rise of the Machines: The Dyn Attack Was Just a Practice Run [PDF] that IoT represents a threat that is only beginning to be understood. The pair say the risk that regulation could stifle market-making IoT innovation (like the Wi-Fi cheater-detection mattress) is outweighed by the need to stop feeding Shodan. 'Regulation on IoT devices by the United States will influence global trends and economies in the IoT space, because every stakeholder operates in the United States, works directly with United States manufacturers, or relies on the United States economy. Nonetheless, IoT regulation will have a limited impact on reducing IoT DDoS attacks as the United States government only has limited direct influence on IoT manufacturers and because the United States is not even in the top 10 countries from which malicious IoT traffic originates.' State level regulation would be 'disastrous' to markets and consumers alike. The pair offer their report in the wake of the massive Dyn and Mirai distributed denial of service attacks in which internet of poorly-designed devices were enslaved into botnets to hammer critical internet infrastructure, telcos including TalkTalk, routers and other targets."
Transportation

Autonomous Shuttle Brakes For Squirrels, Skateboarders, and Texting Students (ieee.org) 66

Tekla Perry writes: An autonomous shuttle from Auro Robotics is picking up and dropping off students, faculty, and visitors at the Santa Clara University Campus seven days a week. It doesn't go fast, but it has to watch out for pedestrians, skateboarders, bicyclists, and bold squirrels (engineers added a special squirrel lidar on the bumper). An Auro engineer rides along at this point to keep the university happy, but soon will be replaced by a big red emergency stop button (think Staples Easy button). If you want a test drive, just look for a "shuttle stop" sign (there's one in front of the parking garage) and climb on, it doesn't ask for university ID.
Power

'Star In a Jar' Fusion Reactor Works, Promises Infinite Energy (space.com) 317

An anonymous reader quotes a report from Space.com: For several decades now, scientists from around the world have been pursuing a ridiculously ambitious goal: They hope to develop a nuclear fusion reactor that would generate energy in the same manner as the sun and other stars, but down here on Earth. Incorporated into terrestrial power plants, this "star in a jar" technology would essentially provide Earth with limitless clean energy, forever. And according to new reports out of Europe this week, we just took another big step toward making it happen. In a study published in the latest edition of the journal Nature Communications, researchers confirmed that Germany's Wendelstein 7-X (W7-X) fusion energy device is on track and working as planned. The space-age system, known as a stellerator, generated its first batch of hydrogen plasma when it was first fired up earlier this year. The new tests basically give scientists the green light to proceed to the next stage of the process. It works like this: Unlike a traditional fission reactor, which splits atoms of heavy elements to generate energy, a fusion reactor works by fusing the nuclei of lighter atoms into heavier atoms. The process releases massive amounts of energy and produces no radioactive waste. The "fuel" used in a fusion reactor is simple hydrogen, which can be extracted from water. The W7-X device confines the plasma within magnetic fields generated by superconducting coils cooled down to near absolute zero. The plasma -- at temperatures upwards of 80 million degrees Celsius -- never comes into contact with the walls of the containment chamber. Neat trick, that. David Gates, principal research physicist for the advanced projects division of PPPL, leads the agency's collaborative efforts in regard to the W7-X project. In an email exchange from his offices at Princeton, Gates said the latest tests verify that the W7-X magnetic "cage" is working as planned. "This lays the groundwork for the exciting high-performance plasma operations expected in the near future," Gates said.
Communications

Silly Putty Makes For Super-Sensitive Sensors (popsci.com) 33

Jonathan Coleman's research group at Trinity College Dublin discovered that Silly Putty "becomes an incredibly sensitive strain detector that can track blood pressure, heart rate, and even a spider's footsteps" when mixed with graphene. Popular Science reports: That graduate student, Connor Boland -- who has since earned his doctorate -- made a batch of graphene in water and added the Silly Putty polymer. As he mixed them, the graphene sheets stuck to the polymer, creating a black goo the researchers dubbed "g-putty." When they ran an electrical current through the g-putty -- graphene-infused polymers can conduct electricity -- they discovered an extraordinary sensitivity. "If you touch it even with the slightest pressure or deformation, the electrical resistance will change significantly," Coleman says. "Even if you stretch or compress the Silly Putty by one percent of its normal size, the electrical resistance will change by a factor of five. And that's a huge change." That change makes g-putty about 500 times more sensitive than other deformation-detecting materials, which would respond to a similar compression with a mere one-percent change in electrical resistance. The results were published in the journal Science.
Earth

Radiation From Fukushima Disaster Reaches Oregon Coast (nypost.com) 103

An anonymous reader quotes a report from New York Post: Radiation from Japan's 2011 Fukushima nuclear disaster has apparently traveled across the Pacific. Researchers reported that radioactive matter -- in the form of an isotope known as cesium-134 -- was collected in seawater samples from Tillamook Bay and Gold Beach in Oregon. The levels were extremely low, however, and don't pose a threat to humans or the environment. In 2011, a 9.0-magnitude earthquake triggered a wave of tsunamis that caused colossal damage to Japan's Fukushima Daiichi nuclear power plant. The disaster released several radioactive isotopes -- including the dangerous fission products of cesium-137 and iodine-131 -- that contaminated the air and water. The ocean was later contaminated by the radiation. But cesium-134 is the fingerprint of Fukushima due to its short half-life of two years, meaning the level is cut in half every two years. Cesium-137 has a 30-year half-life. Particles from Chernobyl, nuclear weapons tests, and discharge from other nuclear power plants are still detectable -- in small, harmless amounts. While this is the first time cesium-134 has been detected on US shores, Higley said "really tiny quantities" have previously been found in albacore tuna. The Oregon samples were collected by the Woods Hole Oceanographic Institution in January and February. Each sample measured 0.3 becquerels, a unit of radioactivity, per cubic meter of cesium-134 -- significantly lower than the 50 million becquerels per cubic meter measured in Japan after the disaster.
Chrome

Google Starts Using HTML5 By Default Instead of Flash For Some Chrome Users (venturebeat.com) 36

Google announced in a blog post today that it will be rolling out a feature over the next few months that starts disabling Flash and displaying HTML5 content instead on certain websites. Google notes, "This change disables Adobe Flash Player unless there's a user indication that they want Flash content on specific sites, and eventually all websites will require the user's permission to run Flash." VentureBeat reports: Google has deployed the change for half of the people who are using Chrome 56 beta, which rolled out yesterday, Google technical program manager Eric Deily wrote in a blog post. Then, "in the next few days," Deily wrote, the feature will be active for 1 percent of users of Chrome 55 stable. And by February 2016 it will be live for all users in Chrome 56 stable, Deily wrote. The idea is to lessen the dependence on a web component that can cause a drag on CPU and memory usage and shorten battery life as a result. Flash also has a track record of security issues.

Slashdot Top Deals