An anonymous reader writes Every day my gmail account receives 30-50 spam emails. Some of it is UCE, partially due to a couple dingbats with similar names who apparently think my gmail account belongs to them. The remainder looks to be spambot or Nigerian 419 email. I also run my own MX for my own domain, where I also receive a lot of spam. But with a combination of a couple DNSBL in my sendmail config, SpamAssassin, and procmail, almost none of it gets through to my inbox. In both cases there are rare false positives where a legit email ends up in my spam folder, or in the case of my MX, a spam email gets through to my Inbox, but these are rare occurrences. I'd think with all the Oompa Loompas at the Chocolate Factory that they could do a better job rejecting the obvious spam emails. If they did it would make checking for the occasional false positives in my spam folder a teeny bit easier. For anyone who's responsible for shunting Web-scale spam toward the fate it deserves, what factors go into the decision tree that might lead to so much spam getting through?
Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.
Today at a press conference in San Francisco, Microsoft announced the new version of their flagship operating system, called Windows 10. (Yes, t-e-n. I don't know.) With the new version of the operating system, they'll be unifying the application platform for all devices: desktops, laptops, consoles, tablets, and phones. As early leaks showed, the Start Menu is back — it's a hybrid of old and new, combining a list of applications with a small group of resizable tiles that can include widgets. Metro-style apps can now each operate inside their own window (video). There's a new, multiple-desktop feature, which power users have been demanding for years, and also a feature that lets users easily grab objects from one desktop and transfer it to another. The command line is even getting some love. The Technical Preview builds for desktops and laptops will be available tomorrow through the Windows Insider Program. They're requesting feedback from customers. Windows 10 will launch in late 2015.
New submitter Wylde Stile writes with an interesting case that shows just how pervasive social networking connections have become, including in the eyes of the law. A Staten Island, NY family court support magistrate allowed a Noel Biscoch to serve his ex-wife legal papers via Facebook. Biscoch tried to serve his ex-wife Anna Maria Antigua the old-fashioned way — in person and via postal mail — but his ex-wife had moved with no forwarding address. Antigua maintains an active Facebook account, though, and had even liked some photos on the Biscoch's present wife's Facebook page days before the ruling. The magistrate concluded that the ex-wife could be served through Facebook. If this catches on, I bet a lot of people will end up with legally binding notices caught by spam filters or in their Facebook accounts' "Other" folders.
snydeq writes Desktop workloads and server workloads have different needs, and it's high time Linux consider a split to more adequately address them, writes Deep End's Paul Venezia. You can take a Linux installation of nearly any distribution and turn it into a server, then back into a workstation by installing and uninstalling various packages. The OS core remains the same, and the stability and performance will be roughly the same, assuming you tune they system along the way. Those two workloads are very different, however, and as computing power continues to increase, the workloads are diverging even more. Maybe it's time Linux is split in two. I suggested this possibility last week when discussing systemd (or that FreeBSD could see higher server adoption), but it's more than systemd coming into play here. It's from the bootloader all the way up. The more we see Linux distributions trying to offer chimera-like operating systems that can be a server or a desktop at a whim, the more we tend to see the dilution of both. You can run stock Debian Jessie on your laptop or on a 64-way server. Does it not make sense to concentrate all efforts on one or the other?"
itwbennett writes Five Nigerian criminal gangs are behind most scams targeting sellers on Craigslist, and they've taken new measures to make their swindles appear legitimate, according to a study by George Mason University researchers Damon McCoy and Jackie Jones. In a new innovation, they're using professional check-writing equipment plus U.S.-based accomplices to not raise suspicions among their victims. McCoy and Jones will present their paper on Sept. 24 at the IEEE eCrime Research Summit in Birmingham, Alabama.
An anonymous reader writes The secret of how the FBI pinpointed the servers allegedly used by the notorious Silk Road black market website has been revealed: repeated login attempts. In a legal rebuttal, the FBI claims that repeatedly attempting to login to the marketplace revealed its host location. From the article: "As they typed 'miscellaneous' strings of characters into the login page's entry fields, Tarbell writes that they noticed an IP address associated with some data returned by the site didn't match any known Tor 'nodes,' the computers that bounce information through Tor's anonymity network to obscure its true source. And when they entered that IP address directly into a browser, the Silk Road's CAPTCHA prompt appeared, the garbled-letter image designed to prevent spam bots from entering the site. 'This indicated that the Subject IP Address was the IP address of the SR Server,' writes Tarbell in his letter, 'and that it was "leaking" from the SR Server because the computer code underlying the login interface was not properly configured at the time to work on Tor.'"
snydeq writes: Ultimately, the schism over systemd could lead to a separation of desktop and server distros, or Linux server admins moving to FreeBSD, writes Deep End's Paul Venezia. "Although there are those who think the systemd debate has been decided in favor of systemd, the exceedingly loud protests on message boards, forums, and the posts I wrote over the past two weeks would indicate otherwise. I've seen many declarations of victory for systemd, now that Red Hat has forced it into the enterprise with the release of RHEL 7. I don't think it's that easy. ... Go ahead, kids, spackle over all of that unsightly runlevel stuff. Paint over init and cron, pam and login. Put all of that into PID1 along with dbus. Make it all pretty and whisper sweet nothings about how it's all taken care of and you won't have to read a manual or learn any silly command-line stuff. Tune your distribution for desktop workloads. Go reinvent Windows."
An anonymous reader writes "At TechCentral, we get on average called at least once a week — sometimes far more often — by a friendly sounding Indian national warning us that our Windows computer is infected with a virus. The call, which originates from a call centre, follows exactly the same script every time. Usually we shrug them off and put the phone down, but this week we thought we'd humour them to find out how they operate. As this week's call came in, the first thing the "operator" at the other end of the line tried to establish was who was owner of the Windows computer in the household. I'd taken the call. It was time to have some fun. I told the scammer that I was the PC owner. He proceeded to introduce himself as "John Connor." I laughed quietly as I imagined Arnold Schwarzenegger's Terminator hunting down this scamster in the streets of Calcutta. Perhaps he should have come up with a more convincing name."
snydeq writes The battle over systemd exposes a fundamental gap between the old Unix guard and a new guard of Linux developers and admins, writes Deep End's Paul Venezia. "Last week I posted about the schism brewing over systemd and the curiously fast adoption of this massive change to many Linux distributions. If there's one thing that systemd does extremely well, it is to spark heated discussions that devolve into wild, teeth-gnashing rants from both sides. Clearly, systemd is a polarizing subject. If nothing else, that very fact should give one pause. Fundamental changes in the structure of most Linux distributions should not be met with such fervent opposition. It indicates that no matter how reasonable a change may seem, if enough established and learned folks disagree with the change, then perhaps it bears further inspection before going to production. Clearly, that hasn't happened with systemd."
Slashdot regular (and Couchsurfing.org volunteer) Bennett Haselton writes with a report that an anonymous prankster hacked the Couchsurfing.org website and sent spam to about 1 million members, snarkily advertising their commercial arch-rival Airbnb as "the new Couchsurfing." (Read on below for more on the breach.) As of now, the spam's been caught, but not the spammer.
McGruber writes: While reading a story in the Jeff Bezos-owned Washington Post, I saw that the paper had begun embedding Amazon Buy-It-Now links in the middle of story sentences. For example, in this article, a sentence about the sales figures for differing covers of The Great Gatsby read: At Politics and Prose, the traditional [BUY IT NOW] version — featuring the iconic eyes floating on a blue background — sold better than the DiCaprio [BUY IT NOW] cover. This change follows the July news of much larger than expected losses at Amazon and a 10-percent decline in the Amazon's stock value. In related news, the Post reports that the literary executor of George Orwell's estate has accused Amazon.com of doublespeak after they cited one of Orwell's essays in their ebook pricing debate with Hachette and other publishers.
MojoKid (1002251) writes Though solid state drives have a long way to go before they break price parity with hard drives (and may never make it, at least with the current technology), the gap continues to close. More recently, SSD manufacturers have been approaching 50 cents per GiB of storage. OCZ Storage Solutions, with the help of their parent company Toshiba's 19nm MLC NAND, just launched their ARC 100 family of drives that are priced at exactly .5 per GiB at launch and it's possible street prices will drift lower down the road. The ARC 100 features the very same OCZ Barefoot 3 M10 controller as the higher-end OCZ Vertex 460, but these new drives feature more affordable Toshiba A19nm (Advanced 19 nanometer) NAND flash memory. The ARC 100 also ships without any sort of accessory bundle, to keep costs down. Performance-wise, OCZ's new ARC 100 240GB solid state drive didn't lead the pack in any particular category, but the drive did offer consistently competitive performance throughout testing. Large sequential transfers, small file transfers at high queue depths, and low access times were the ARC 100's strong suits, as well as its low cost. These new drives are rated at 20GB/day write endurance and carry a 3-year warranty.
badger.foo (447981) writes Peter Hansteen reports that a new distributed and slow-moving password guessing effort is underway, much like the earlier reports, but this time with a twist: The users they are trying to access do not exist. Instead, they're taken from the bsdly.net spamtrap address list, where all listed email addresses are guaranteed to be invalid in their listed domains. There is a tiny chance that this is an elaborate prank or joke, but it's more likely that via excessive automation, the password gropers have finally hit Peak Stupid.
An anonymous reader writes: Google today announced it is implementing a new effort to thwart spammers and scammers: the open standard known as Unicode Consortium's "Highly Restricted" specification. In short, Gmail now rejects emails from domains that use what the Unicode community has identified as potentially misleading combinations of letters. The news today follows Google's announcement last week that Gmail has gained support for accented and non-Latin characters. The company is clearly okay with international domains, as long as they aren't abused to trick its users.
LuserOnFire (175383) writes with word that on Saturday SpamCop users received an email that says in part: "For over 12 years, Corporate Email Services has been partnering with SpamCop to provide webmail service with spam filtering via the SpamCop Email System for our users. Back then, spam filtering was rare. We heard story after story about how our service rescued people from unfiltered email. Nowadays, webmail service with spam filtering has become the norm in the general public. As such, the need for the webmail service with SpamCop filtered email has decreased. Due to these reasons, we have decided to retire the SpamCop Email System and its webmail service; while SpamCop will continue to focus on providing the World's best spam reporting platform and blacklist for the community. As of September 30, 2014 (Tuesday) 6pm ET, the current SpamCop Email service will be converted to email forwarding-only with spam filtered by SpamCop for all existing SpamCop Email users."
vinces99 (2792707) writes "Imagine a world in which your wristwatch or other wearable device communicates directly with your online profiles, storing information about your daily activities where you can best access it – all without requiring batteries. Or, battery-free sensors embedded around your home that could track minute-by-minute temperature changes and send that information to your thermostat to help conserve energy. This not-so-distant 'Internet of Things' reality would extend connectivity to perhaps billions of devices. Sensors could be embedded in everyday objects to help monitor and track everything from the structural safety of bridges to the health of your heart. But having a way to cheaply power and connect these devices to the Internet has kept this from taking off. Now, University of Washington engineers have designed a new communication system that uses radio frequency signals as a power source and reuses existing Wi-Fi infrastructure to provide Internet connectivity to these devices. Called Wi-Fi backscatter, this technology is the first that can connect battery-free devices to Wi-Fi infrastructure. The researchers will publish their results at the Association for Computing Machinery's Special Interest Group on Data Communication's annual conference this month in Chicago. The team also plans to start a company based on the technology. The Pre-print research paper.
An anonymous reader writes Bromium Labs analyzed public vulnerabilities and exploits from the first six months of 2014. The research determined that Internet Explorer vulnerabilities have increased more than 100 percent since 2013, surpassing Java and Flash vulnerabilities. Web browsers have always been a favorite avenue of attack, but we are now seeing that hackers are not only getting better at attacking Internet Explorer, they are doing it more frequently.
An anonymous reader writes Phishing emails are without a doubt one of the biggest security issues consumers and businesses face today. Cybercriminals understand that we are a generation of clickers and they use this to their advantage. They will take the time to create sophisticated phishing emails because they understand that today users can tell-apart spam annoyances from useful email, however they still find it difficult identifying phishing emails, particularly when they are tailored to suit each recipient individually. Fake emails are so convincing and compelling that they fool 10% of recipients into clicking on the malicious link. To put that into context a legitimate marketing department at a FTSE 100 company typically expects less than a 2% click rate on their advertising campaigns. So, how are the cybercriminals out-marketing the marketing experts?
Bennett Haselton writes My LG Optimus F3Q was the lowest-end phone in the T-Mobile store, but a cheap phone is supposed to suck in specific ways that make you want to upgrade to a better model. This one is plagued with software bugs that have nothing to do with the cheap hardware, and thus lower one's confidence in the whole product line. Similar to the suckiness of the Stratosphere and Stratosphere 2 that I was subjected to before this one, the phone's shortcomings actually raise more interesting questions — about why the free-market system rewards companies for pulling off miracles at the hardware level, but not for fixing software bugs that should be easy to catch. Read below to see what Bennett has to say.
An anonymous reader writes One of the developers behind special effects used in the film Avatar has inked a deal with airline check-in kiosk manufacturer BCS to implement avatars for personalized and interactive customer service. Dr Mark Sagar's Limbic IO is applying 'neurobehavioral animation' combining biologically based models of faces and neural systems to create live, naturally intelligent, and expressive interactive systems. "One of the comments levelled at self-service check in is that it has lost the human touch that people had when checking in at a traditional manned counter," Patrick Teo, BCS CEO says. "Travelling can be stressful and our aim is to make the interaction between human (passenger) and computer (check-in) as natural and helpful as possible."