CmdrTaco - Slashdot User

Heartbleed Disclosure Timeline Revealed 62

Posted by samzenpus on Monday April 14, 2014 @06:10PM from the when-did-you-know dept.

bennyboy64 (1437419) writes "Ever since the Heartbleed flaw in OpenSSL was made public there have been various questions about who knew what and when. The Sydney Morning Herald has done some analysis of public mailing lists and talked to those involved with disclosing the bug to get the bottom of it. The newspaper finds that Google discovered Heartbleed on or before March 21 and notified OpenSSL on April 1. Other key dates include Finnish security testing firm Codenomicon discovering the flaw independently of Google at 23:30 PDT, April 3. SuSE, Debian, FreeBSD and AltLinux all got a heads up from Red Hat about the flaw in the early hours of April 7 — a few hours before it was made public. Ubuntu, Gentoo and Chromium attempted to get a heads up by responding to an email with few details about it but didn't, as the guy at Red Hat sending the disclosure messages out in India went to bed. By the time he woke up, Codenomicon had reported the bug to OpenSSL."

Climate Scientist: Climate Engineering Might Be the Answer To Warming 343

Posted by samzenpus on Monday April 14, 2014 @05:27PM from the warm-up-the-cloud-gun dept.

Lasrick (2629253) writes "Tom Wigley is one of the world's top climate scientists, and in this interview he explains his outspoken support for both nuclear energy and research into climate engineering. Wigley was one of the first scientists to break the taboo on public discussion of climate engineering as a possible response to global warming; in a 2006 paper in the journal Science, he proposed a combined geoengineering-mitigation strategy that would address the problem of increasing ocean acidity, as well as the problem of climate change. In this interview, he argues that renewable energy alone will not be sufficient to address the climate challenge, because it cannot be scaled up quickly and cheaply enough, and that opposition to nuclear power 'threatens humanity's ability to avoid dangerous climate change.'"

Submission + - 1Password (Agilebits) was affected by Heartbleed

Submitted by Anonymous Coward on Monday April 14, 2014 @05:13PM

An anonymous reader writes: They claim on their blog that they were not affected by Heartbleed unlike their competitor (LastPass) but in fact they were.

Going to https://agilebits.com/onepassw... and looking at the certificate issue date (4/10/2014) indicates they reissued it recently.

Additionally their own discussion forum admin admits they had to patch their OpenSSL on their website. http://discussions.agilebits.c...

So a malicious attacker could have stolen their main websites wild-card key and certificate to impersonate their website and trick people into downloading software with malware instead.

They were the same as LastPass in that user password data wasn't compromised, but LastPass was more transparent about it.

http://discussions.agilebits.c...

Hi @Quantumpanda,

Our website (agilebits.com) has been fixed with the patched version of OpenSSL, and is using a newly issued SSL certificate.

The forum (discussions.agilebits.com) does not use SSL (as you can see by looking at the URL, it's http), thus is not affected. With that said, we should be using SSL on the forum as well, and we're looking into it.

http://blog.agilebits.com/2014...

Carpenter Who Cut Off His Fingers Makes "Robohand" With 3-D Printer 91

Posted by samzenpus on Monday April 14, 2014 @04:43PM from the finger-jam dept.

mpicpp (3454017) writes with the ultimate DIY story about a carpenter in South Africa who lost his fingers in an accident, and now runs a company that makes mechanical prosthetics with 3D printing technology. "'I was in a position to see exactly what happens in the human hand. I got the basics of what it's all about and thought yeah, I'll make my own.' Richard van As is recalling the moment in May 2011 when he sat in a Johannesburg hospital waiting to hear if his fingers could be stitched back on. Just an hour earlier, he had been in his carpentry workshop sawing wood when the saw slipped and ripped diagonally through the four fingers on his right hand....After days of scouring the Internet he couldn't find anywhere to buy a functional prosthetic finger and he was astonished at the cost of prosthetic hands and limbs which began in the tens of thousands of dollars. But his online surfing paid off as it brought him to an amateur video posted by a mechanical effects artist in Washington State, by the name of Ivan Owen. Together, the pair developed a mechanical finger for van As, but their partnership has also gone on to benefit countless hand and arm amputees around the globe, through the birth of the company "Robohand." Officially launched in January 2012, Robohand creates affordable mechanical prosthetics through the use of 3D printers. Not only that, but it has made its designs open source, so that anyone with access to such printers can print out fingers, hands and now arms as well.'"

Google Buys Drone Maker Titan Aerospace 41

Posted by samzenpus on Monday April 14, 2014 @04:00PM from the welcome-to-the-google dept.

garymortimer (1882326) writes "Google has acquired drone maker Titan Aerospace. Titan is a New Mexico-based company that makes high-flying solar powered drones. There's no word on the price Google paid, but Facebook had been in talks to acquire the company earlier this year for a reported $60 million. Presumably, Google paid more than that to keep it away from Facebook. 'Google had just recently demonstrated how its Loon prototype balloons could traverse the globe in a remarkably short period of time, but the use of drones could conceivably make a network of Internet-providing automotons even better at globe-trotting, with a higher degree of control and ability to react to changing conditions. Some kind of hybrid system might also be in the pipeline that marries both technologies.'"

Will This Flying Car Get Crowdfunded? 157

Posted by samzenpus on Monday April 14, 2014 @03:18PM from the what-about-my-jetpack? dept.

cartechboy (2660665) writes "We all just have too much money on our hands, and we really want a flying car, right? Well that's what Skylys thinks, as it's trying to crowdfund a flying car. According to its website, 'In detail we aim to create an urban dual-mode, hybrid flight and electric drive motorized vehicle that fits into sustainable mobility.' How much money does it need? Oh about $3,111,075. Apparently the company has run out of money and needs more to 'start construction on our two prototypes to confirm our technical specifications; pay the chaps in the legal department; industrial engineers and take up occupancy of our future offices in Silicon Valley, where our backers can of course pay us a visit.'"

Reviving a Commodore 64 Computer Using a Raspberry Pi 165

Posted by samzenpus on Monday April 14, 2014 @02:35PM from the taking-a-step-back-forward dept.

concertina226 (2447056) writes "A group of Commodore fans are working on a new emulator with the ability to turn the Raspberry Pi £30 computer into a fully functioning Commodore 64 fresh from the 1980s. Scott Hutter, creator of the Commodore Pi project, together with a team of developers on Github, are seeking to build a native Commodore 64 operating system that can run on Raspberry Pi. 'The goal will be to include all of the expected emulation features such as SID sound, sprites, joystick connectivity, REU access, etc. In time, even the emulation speed could be changed, as well as additional modern graphics modes,' he writes on his website."

Inside the Stolen Smartphone Black Market In London 109

Posted by samzenpus on Monday April 14, 2014 @01:53PM from the pre-owned-like dept.

First time accepted submitter WebAgeCaveman (3615807) writes in with news about just how big the stolen smartphone black market is. "A black market of shops and traders willing to deal in stolen smartphones has been exposed by a BBC London undercover investigation. Intelligence was received that some shops across a swathe of east London were happy to buy phones from thieves. Two traders were filmed buying Samsung S3 and iPhone 4 devices from a researcher posing as a thief - despite him making it clear they were stolen. The shops involved have declined to comment."

Using Supercomputers To Predict Signs of Black Holes Swallowing Stars 31

Posted by samzenpus on Monday April 14, 2014 @01:10PM from the hungry-hungry-black-holes dept.

aarondubrow (1866212) writes "A 'tidal disruption' occurs when a star orbits too close to a black hole and gets sucked in. The phenomenon is accompanied by a bright flare with a unique signature that changes over time. Researchers at the Georgia Institute of Technology are using Stampede and other NSF-supported supercomputers to simulate tidal disruptions in order to better understand the dynamics of the process. Doing so helps astronomers find many more possible candidates of tidal disruptions in sky surveys and will reveal details of how stars and black holes interact."

The Best Way To Watch the "Blood Moon" Tonight 146

Posted by samzenpus on Monday April 14, 2014 @12:27PM from the good-omens dept.

An anonymous reader writes "People on the West Coast should be able to watch the beginning of the upcoming total lunar eclipse tonight at 10:20 pm. The entirety of the moon surface will be in Earth's shadow and start to glow red a couple hours later, a little after midnight. From the article: 'A lunar eclipse occurs when the sun, moon, and Earth align so that Earth's shadow falls across the moon's surface. Monday night's lunar eclipse is a total eclipse, which means Earth's shadow will cover the moon completely. The moon won't be blacked out by our planet's shadow. Instead, it will take on a reddish hue — anywhere from a bright copper to the brownish red of dried blood.'"

Submission + - The Best way to watch the "Blood Moon" tonight

Submitted by Anonymous Coward on Monday April 14, 2014 @11:46AM

An anonymous reader writes: People on the West Coast should be able to watch the beginning of the upcoming total lunar eclipse tonight at 10:20 pm. The entirety of the moon surface will be in Earth's shadow and start to glow red a couple hours later, a little after midnight. From the article: 'A lunar eclipse occurs when the sun, moon, and Earth align so that Earth's shadow falls across the moon's surface. Monday night's lunar eclipse is a total eclipse, which means Earth's shadow will cover the moon completely. The moon won't be blacked out by our planet's shadow. Instead, it will take on a reddish hue — anywhere from a bright copper to the brownish red of dried blood.'

The Best Parking Apps You've Never Heard Of and Why You Haven't 163

Posted by samzenpus on Monday April 14, 2014 @11:42AM from the park-that-anywhere dept.

Bennett Haselton writes "If you read no further, use either the BestParking or ParkMe app to search all nearby parking garages for the cheapest spot, based on the time you're arriving and leaving. I'm interested in the question of why so few people know about these apps, how is it that they've been partially crowded out by other 'parking apps' that are much less useful, and why our marketplace for ideas and intellectual properly is still so inefficient." Read below to see what Bennett has to say.

NASA To Send SpaceX Resupply Capsule To ISS Despite Technical Problems 71

Posted by samzenpus on Monday April 14, 2014 @10:58AM from the show-must-go-on dept.

An anonymous reader writes "Despite a critical backup computer failing on the ISS Friday, an unmanned SpaceX rocket will launch from Cape Canaveral at 4:58 p.m. Monday with more than 2 tons of supplies for the space station. From the article: 'The U.S. National Aeronautics and Space Administration decided to proceed with its resupply mission, despite technical problems with its computer in the International Space Station (ISS), as it needed to deliver necessary supplies.'"

Submission + - NASA to Send Resupply Mission despite Technical Problems

Submitted by Anonymous Coward on Monday April 14, 2014 @10:22AM

An anonymous reader writes: Despite a critical backup computer failing on the ISS Friday, an unmanned SpaceX rocket will launch from Cape Canaveral at 4:58 p.m. Monday with more than 2 tons of supplies for the space station. From the article: 'The U.S. National Aeronautics and Space Administration decided to proceed with its resupply mission, despite technical problems with its computer in the International Space Station (ISS), as it needed to deliver necessary supplies.'

Bachelor's Degree: An Unnecessary Path To a Tech Job 287

Posted by samzenpus on Monday April 14, 2014 @10:15AM from the just-a-piece-of-paper dept.

dcblogs (1096431) writes "A study of New York City's tech workforce found that 44% of jobs in the city's 'tech ecosystem,' or 128,000 jobs, 'are accessible' to people without a Bachelor's degree. This eco-system includes both tech specific jobs and those jobs supported by tech. For instance, a technology specific job that doesn't require a Bachelor's degree might be a computer user support specialist, earning $28.80 an hour, according to this study. Tech industry jobs that do not require a four-year degree and may only need on-the-job training include customer services representatives, at $18.50 an hour, telecom line installer, $37.60 an hour, and sales representatives, $33.60 an hour. The study did not look at 'who is actually sitting in those jobs and whether people are under-employed,' said Kate Wittels, a director at HR&A Advisors, a real-estate and economic-development consulting firm, and report author.. Many people in the 'accessible' non-degree jobs may indeed have degrees. For instance. About 75% of the 25 employees who work at New York Computer Help in Manhattan have a Bachelor's degree. Of those with Bachelor's degrees, about half have IT-related degrees."

Slashdot Top Deals