Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

Simple IT Security Tactics for Small Businesses (Video)

Posted by Roblimo
from the worry-more-about-criminal-attacks-than-government-intrusions dept.
Adam Kujawa is the lead person on the Malwarebytes Malware Intelligence Team, but he's not here to sell software. In fact, he says that buying this or that software package is not a magic bullet that will stop all attacks on your systems. Instead, he stresses coworker education. Repeatedly. Adam says phishing and other social engineering schemes are now the main way attackers get access to your company's information goodies. Hacking your firewall? Far less likely than it used to be, not only because firewalls are more sophisticated than ever, but also because even the least computer-hip managers know they should have one.
Portables

Lenovo Saying Goodbye To Bloatware 40

Posted by Soulskill
from the time-to-start-demanding-other-vendors-follow-suit dept.
An anonymous reader writes: "Lenovo today announced that it has had enough of bloatware. The world's largest PC vendor says that by the time Windows 10 comes out, it will get rid of bloatware from its computer lineups. The announcement comes a week after the company was caught for shipping Superfish adware with its computers. The Chinese PC manufacturer has since released a public apology, Superfish removal tool, and instructions to help out users. At the sidelines, the company also announced that it is giving away 6-month free subscription to all Superfish-affected users.
Media

VLC Gets First Major Cross-Platform Release 39

Posted by Soulskill
from the now-available-on-palm-pilots-and-apple-newtons dept.
An anonymous reader writes VideoLAN today launched what is arguably the biggest release of VLC to date: an update for the desktop coordinated with new versions across all major mobile platforms. The world's most-used media player just got a massive cross-platform push. The organization says the releases are the result of more than a year of volunteer work on the VLC engine and the libVLC library. As a result, VLC has gained numerous new features, has seen more than 1,000 bugs fixed, and has significantly increased its scope of supported formats.
Patents

Patent Trolls On the Run But Not Vanquished Yet 52

Posted by samzenpus
from the don't-forget-the-fire dept.
snydeq writes Strong legislation that will weaken the ability of the trolls to shake down innovators is likely to pass Congress, but more should be done, writes InfoWorld's Bill Snyder. "The Innovation Act isn't an ideal fix for the program patent system. But provisions in the proposed law, like one that will make trolls pay legal costs if their claims are rejected, will remove a good deal of the risk that smaller companies face when they decide to resist a spurious lawsuit," Snyder writes. That said, "You'd have to be wildly optimistic to think that software patents will be abolished. Although the EFF's proposals call for the idea to be studied, [EFF attorney Daniel] Nazer doesn't expect it to happen; he instead advocates several reforms not contained in the Innovation Act."
Programming

The Programmers Who Want To Get Rid of Software Estimates 319

Posted by Soulskill
from the and-the-managers-who-want-them-dead dept.
An anonymous reader writes: This article has a look inside the #NoEstimates movement, which wants to rid the software world of time estimates for projects. Programmers argue that estimates are wrong too often and a waste of time. Other stakeholders believe they need those estimates to plan and to keep programmers accountable. Is there a middle ground? Quoting: "Software project estimates are too often wrong, and the more time we throw at making them, the more we steal from the real work of building software. Also: Managers have a habit of treating developers' back-of-the-envelope estimates as contractual deadlines, then freaking out when they're missed. And wait, there's more: Developers, terrified by that prospect, put more and more energy into obsessive trips down estimation rabbit-holes. Estimation becomes a form of "yak-shaving" — a ritual enacted to put off actual work."
Build

Developers Disclose Schematics For 50-1000 MHz Software-Defined Transceiver 131

Posted by samzenpus
from the fire-up-the-boat-anchor dept.
Bruce Perens writes Chris Testa KD2BMH and I have been working for years on a software-defined transceiver that would be FCC-legal and could communicate using essentially any mode and protocol up to 1 MHz wide on frequencies between 50 and 1000 MHz. It's been discussed here before, most recently when Chris taught gate-array programming in Python. We are about to submit the third generation of the design for PCB fabrication, and hope that this version will be salable as a "developer board" and later as a packaged walkie-talkie, mobile, and base station. This radio is unique in that it uses your smartphone for the GUI, uses apps to provide communication modes, contains an on-board FLASH-based gate-array and a ucLinux system. We intend to go for FSF "Respects Your Freedom" certification for the device. My slide show contains 20 pages of schematics and is full of ham jargon ("HT" means "handi-talkie", an old Motorola product name and the hams word for "walkie talkie") but many non-hams should be able to parse it with some help from search engines. Bruce Perens K6BP
Education

Interviews: Ask Senior Director Matt Keller About the Global Learning XPRIZE 28

Posted by samzenpus
from the go-ahead-and-ask dept.
The former Vice President of One Laptop per Child (OLPC) Matt Keller is currently the Senior Director of the $15 million Global Learning XPRIZE. The competition challenges teams from around the world to develop open source software solutions that will allow children in developing countries to teach themselves basic reading, writing and arithmetic within a 18 month competition period. After 18 months a panel of judges will evaluate the projects and announce semi-finalists. Semi-finalists will have a month to tweak their projects and/or reconfigure their teams before the judges elect the top five finalist to proceed. Each of the five teams selected will receive $1 million to field test their ideas with the eventual winners receiving the Grand Prize of $10 million. The Global Learning XPRIZE is recruiting teams now through April 30, 2015. Matt has agreed to answer any questions you might have about the competition and the future of education in general. As usual, ask as many as you'd like, but please, one per post.
Encryption

Moxie Marlinspike: GPG Has Run Its Course 292

Posted by Soulskill
from the end-to-end-before-the-ends-moved dept.
An anonymous reader writes: Security researcher Moxie Marlinspike has an interesting post about the state of GPG-encrypted communications. After using GPG for much of its lifetime, he says he now dreads getting a GPG-encrypted email in his inbox. "Instead of developing opinionated software with a simple interface, GPG was written to be as powerful and flexible as possible. It's up to the user whether the underlying cipher is SERPENT or IDEA or TwoFish. The GnuPG man page is over sixteen thousand words long; for comparison, the novel Fahrenheit 451 is only 40k words. Worse, it turns out that nobody else found all this stuff to be fascinating. Even though GPG has been around for almost 20 years, there are only ~50,000 keys in the "strong set," and less than 4 million keys have ever been published to the SKS keyserver pool ever. By today's standards, that's a shockingly small user base for a month of activity, much less 20 years." Marlinspike concludes, "I think of GPG as a glorious experiment that has run its course. ... GPG isn't the thing that's going to take us to ubiquitous end to end encryption, and if it were, it'd be kind of a shame to finally get there with 1990's cryptography."
Businesses

Can Tracking Employees Improve Business? 87

Posted by Soulskill
from the he-hasn't-gotten-out-of-his-chair-for-11-hours-i-think-he-might-be-dead dept.
An anonymous reader writes: The rise of wearable technologies and big-data analytics means companies can track their employees' behavior if they think it will improve the bottom line. Now an MIT Media Lab spinout called Humanyze has raised money to expand its technology pilots with big companies. The startup provides sensor badges and analytics software that tracks how and when employees communicate with customers and each other. Pilots with Bank of America and Deloitte have led to significant business improvements, but workplace privacy is a big concern going forward.
Programming

H-1B Visas Proving Lucrative For Engineers, Dev Leads 175

Posted by timothy
from the quick-get-the-pitchforks dept.
Nerval's Lobster (2598977) writes Ever wanted to know how much H-1B holders make per year? Developer Swizec Teller, who is about to apply for an H-1B visa, took data from the U.S. Department of Labor and visualized it in a series of graphs that break down H-1B salaries on a state-by-state basis. Teller found that the average engineer with an H-1B makes $87,000 a year, a good deal higher than developers ($74,000) and programmers ($61,000) with the same visa. ("Don't call yourself a programmer," he half-joked on Twitter.) Architects, consultants, managers, administrators, and leads with H-1Bs can likewise expect six-figure annual salaries, depending on the state and company. Teller's site is well worth checking out for the interactive graphs, which he built with React and D3.js. The debate over H-1Bs is an emotional one for many tech pros, and research into the visa's true impact on the U.S. labor market wasn't helped by the U.S. Department of Labor's recent decision to destroy H-1B records after five years. "These are the only publicly available records for researchers to analyze on the demand by employers for H-1B visas with detail information on work locations," Neil Ruiz, who researches visa issues for The Brookings Institution, told Computerworld after the new policy was announced in late 2014.
Displays

Valve To Reveal Virtual Reality Dev Kit Next Week At GDC 46

Posted by timothy
from the they-want-your-eyeballs dept.
An anonymous reader writes Gaming giant Valve has been researching augmented and virtual reality for some time. Early on, the company worked closely with Oculus, sharing research findings and even adding support for TF2 to Oculus' first VR headset, the DK1, back in 2013. After demonstrating their own prototype VR headset at Steam Dev Days in early 2014, and then a modified version later in the year, Valve is now ready to take the wraps off a 'previously unannounced ... SteamVR Dev Kit,' which will make its debut at GDC next week. SteamVR is the name of the software adaptation of Steam's 'Big Picture' mode that the company revealed early last year, allowing players to browse their Steam library and play supported games all in virtual reality.
Businesses

Attention, Rockstar Developers: Get a Talent Agent 145

Posted by timothy
from the there-will-be-no-green-m&ms dept.
ErichTheRed writes OK, we all know that there are a lot of developers and IT people in the field who shouldn't be, and finding really good people and hanging onto them is very difficult. However, I almost fell out of my chair reading this breathless article suggesting that developers hire agents. I grant the authors that recruiters are sometimes the only way to cut through the HR jungle in some companies, but outside of the hot San Francisco startup market, can you imagine a "10x rockstar developer" swaggering into a job interview with his negotiating team? I'm sure our readers can cite plenty of examples of these types who were only 10x in their own minds...
Programming

How One Developer Got the Internet To Watch People Code 65

Posted by Soulskill
from the next-year-we'll-all-be-crowdcoding dept.
blottsie writes: While Twitch TV is generally used for livestreaming gameplay, Alexander Putilin has other plans for the platform. Putilin and his girlfriend are using Twitch to build a community of software developers and students who broadcast complex floating point operations and algorithm design to the rest of the world. The community is responding and growing alongside its newfound popularity. WatchPeopleCode is now facilitating live hackathons (there was one this weekend), enabling programmers to meet and collaborate with people that they'd otherwise never be able to.
Security

Advertising Tool PrivDog Compromises HTTPS Security 94

Posted by Soulskill
from the time-to-wipe-grandma's-laptop dept.
itwbennett writes: New cases of insecure HTTPS traffic interception are coming to light as researchers probe software programs for implementations that could enable malicious attacks. The latest software to open a man-in-the-middle hole on users' PCs is a new version of PrivDog, an advertising product with ties to security vendor Comodo. PrivDog is marketed as a solution to protect users against malicious advertising without completely blocking ads. The program is designed to replace potentially bad ads with safer ones that are reviewed by a compliance team from a company called Adtrustmedia. However, according to people who recently looked at PrivDog's HTTPS interception functionality, consumers might actually lose when it comes to their system's security if they use the product.
Microsoft

Microsoft Translator Now Supports Yucatec Maya and Querétaro Otomi Language 60

Posted by samzenpus
from the because-we-can dept.
First time accepted submitter BrianFagioli writes So, just how rare are these two languages? The Yucatec Maya language is spoken by less than 800,000 people, while the Querétaro Otomi is spoken by about 33,000. These are extremely low numbers in the grand scheme of things, which increases the risk of the languages dying out altogether. With that said, Microsoft's support of the languages in its translator software will essentially preserve it for posterity. Even if the languages end up fading away from actual use, it should live digitally forever.
Earth

Bill Nye Disses "Regular" Software Writers' Science Knowledge 671

Posted by timothy
from the line-in-the-sand dept.
conoviator writes Bill Nye, one of the foremost science educators in the United States states that only the upper crust members of American science and technology (with degrees from top tier schools) understand science, particularly climate change. He opines that "regular software writers" dwell in the realm of the semi-science-literate. Nye rates science education in the U.S. an F. ("But if it makes you feel any better, you can say a B-minus.")
Security

Ars: SSL-Busting Code That Threatened Lenovo Users Found In a Dozen More Apps 113

Posted by timothy
from the keeps-on-giving dept.
Ars Technica reports on the continuing revelations about the same junkware that Lenovo has shipped on their computers, but which is known now to be present in at least 14 pieces of software. The list of software known to use the same HTTPS-breaking technology recently found preinstalled on Lenovo laptops has risen dramatically with the discovery of at least 12 new titles, including one that's categorized as a malicious trojan by a major antivirus provider. ... What all these applications have in common is that they make people less secure through their use of an easily obtained root CA [certificate authority], they provide little information about the risks of the technology, and in some cases they are difficult to remove," Matt Richard, a threats researcher on the Facebook security team, wrote in Friday's post. "Furthermore, it is likely that these intercepting SSL proxies won't keep up with the HTTPS features in browsers (e.g., certificate pinning and forward secrecy), meaning they could potentially expose private data to network attackers. Some of these deficiencies can be detected by antivirus products as malware or adware, though from our research, detection successes are sporadic."
Censorship

Iran Allows VPNs To Make Millions In Profit 57

Posted by timothy
from the have-cake-and-eat-it-too dept.
New submitter Patrick O'Neill writes with this excerpt from The Daily Dot: Anti-censorship technology is de jure illegal in Iran, but many VPNs are sold openly, allowing Iranians to bounce around censorship and seemingly render it ineffective. Nearly 7 in 10 young Iranians are using VPNs, according to the country's government, and a Google search for "buy VPN" in Persian returns 2 million results. Iran's Cyber Police (FATA) have waged a high-volume open war against the VPNs, but it's still very easy to find, buy, and use the software. It's so easy, in fact, that you can use Iran's government-sanctioned payment gateways (Pardakht Net, Sharj Iran, Jahan Pay & Baz Pardakht) to buy the tools that'll beat the censors. To use these gateways, however, customers have to submit their Iranian bank account and identity, all but foregoing hopes of privacy or protection from authorities."
Open Source

Ask Slashdot: Parental Content Control For Free OSs? 256

Posted by timothy
from the good-idea-or-not dept.
m.alessandrini writes Children grow up, and inevitably they will start using internet and social networks, both for educational and recreational purposes. And it won't take long to them to learn to be autonomous, especially with all the smartphones and tablets around and your limited time. Unlike the years of my youth, when internet started to enter our lives gradually, now I'm afraid of the amount of inappropriate contents a child can be exposed to unprepared: porn, scammers, cyberbullies or worse, are just a click away.

For Windows many solutions claim to exist, usually in form of massive antivirus suites. What about GNU/Linux? Or Android? Several solutions rely on setting up a proxy with a whitelist of sites, or similar, but I'm afraid this approach can make internet unusable, or otherwise be easy to bypass. Have you any experiences or suggestions? Do you think software solutions are only a part of the solution, provided children can learn hacking tricks better than us, and if so, what other 'human' techniques are most effective?
Security

Linux Foundation: Bugs Can Be Made Shallow With Proper Funding 95

Posted by timothy
from the cybernetic-eyeballs-are-people-too dept.
jones_supa writes The record amount of security challenges in 2014 undermined the confidence many had in high quality of open source software. Jim Zemlin, executive director of the Linux Foundation, addressed the issue head-on during last week's Linux Collaboration Summit. Zemlin quoted the oft-repeated Linus' law, which states that given enough eyes, all bugs are shallow. "In these cases the eyeballs weren't really looking", Zemlin said. "Modern software security is hard because modern software is very complex," he continued. Such complexity requires dedicated engineers, and thus the solution is to fund projects that need help. To date, the foundation's Core Infrastructure Initiative has helped out the NTP, OpenSSL and GnuPG projects, with more likely to come. The second key initiative is the Core Infrastructure Census, which aims to find the next Heartbleed before it occurs. The census is looking to find underfunded projects and those that may not have enough eyeballs looking at the code today."