Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Mozilla

Mozilla's Proposed Conclusion: Game Over For WoSign and Startcom? (google.com) 55

Reader Zocalo writes: Over the last several months Mozilla has been investigating a large number of breaches of what Mozilla deems to be acceptable CA protocols by the Chinese root CA WoSign and their perhaps better known subsidiary StartCom, whose acquisition by WoSign is one of the issues in question. Mozilla has now published their proposed solution (GoogleDocs link), and it's not looking good for WoSign and Startcom. Mozilla's position is that they have lost trust in WoSign and, by association StartCom, with a proposed action to give WoSign and StartCom a "timeout" by distrusting any certificates issued after a date to be determined in the near future for a period of one year, essentially preventing them issuing any certificates that will be trusted by Mozilla. Attempts to circumvent this by back-dating the valid-from date will result in an immediate and permanent revocation of trust, and there are some major actions required to re-establish that trust at the end of the time out as well.
This seems like a rather elegant, if somewhat draconian, solution to the issue of what to do when a CA steps out of line. Revoking trust for certificates issued after a given date does not invalidate existing certificates and thereby inconvenience their owners, but it does put a severe -- and potentially business-ending -- penalty on the CA in question. Basically, WoSign and StartCom will have a year where they cannot issue any new certificates that Mozilla will trust, and will also have to inform any existing customers that have certificate renewals due within that period they cannot do so and they will need to go else where -- hardly good PR!

What does Slashdot think? Is Mozilla going too far here, or is their proposal justified and reasonable given WoSign's actions, making a good template for potential future breaches of trust by root CAs, particularly in the wake of other CA trust breaches by the likes of CNNIC, DigiNotar, and Symantec?

Space

China's Giant Radio Telescope Begins Searching For Signals From Space (ctvnews.ca) 31

Years of work and millions of dollars later, China finished its alien-hunting telescope in May this year. Now the country says its telescope has begun its operation. The company flipped the switch over the weekend, hoping to find signals from stars and galaxies -- and more importantly from extraterrestrial life. The telescope also illustrates China's growing ambition to stay among the frontrunners in space efforts. AP reports: Beijing has poured billions into such ambitious scientific projects as well as its military-backed space program, which saw the launch of China's second space station earlier this month. Measuring 500 metres in diameter, the radio telescope is nestled in a natural basin within a stunning landscape of lush green karst formations in southern Guizhou province. It took five years and $180 million to complete and surpasses that of the 300-meter Arecibo Observatory in Puerto Rico, a dish used in research on stars that led to a Nobel Prize. The official Xinhua News Agency said hundreds of astronomers and enthusiasts watched the launch of the Five-hundred-meter Aperture Spherical Telescope, or FAST, in the county of Pingtang. Researchers quoted by state media said FAST would search for gravitational waves, detect radio emissions from stars and galaxies and listen for signs of intelligent extraterrestrial life. "The ultimate goal of FAST is to discover the laws of the development of the universe," Qian Lei, an associate researcher with the National Astronomical Observatories of the Chinese Academy of Sciences, told state broadcaster CCTV. "In theory, if there is civilization in outer space, the radio signal it sends will be similar to the signal we can receive when a pulsar (spinning neutron star) is approaching us," Qian said.
Transportation

Uber Is Researching a New Vertical-Takeoff Ride Offering That Flies You Around (recode.net) 129

If Uber's recently launched self-driving cars surprised you, wait for the company's "flying" vehicles. Speaking with Recode, Uber's head of products said the company is research small planes that can vertically take off and land, so that they can be used for short-haul flights in cities. From the report:The technology is called VTOL -- which stands for vertical takeoff and landing. Simply put, VTOL is an aircraft that can hover, take off and land vertically, which would also describe a helicopter. But, unlike the typical helicopter, these planes have multiple rotors, could have fixed wings and perhaps eventually would use batteries and be more silent. In time, like cars, such aircraft would be autonomous. Jeff Holden said that he has been researching the area, "so we can someday offer our customers as many options as possible to move around." He added that "doing it in a three-dimensional way is an obvious thing to look at."
Power

Amazon Pursues More Renewable Energy, Following Google, Apple, And Facebook (fortune.com) 81

An anonymous Slashdot reader writes: Amazon will open a 100-turbine, 253-megawatt wind farm in Texas by the end of next year -- generating enough energy to power almost 90,000 U.S. homes. Amazon already has wind farms in Indiana, North Carolina, and Ohio (plus a solar farm in Virginia), and 40% of the power for AWS already comes from renewable sources, but Amazon's long-term plan is to raise that to 100%.

But several of the world's largest tech companies are already pursuing their own aggressive renewable energy programs, according to Fortune. Google "has said it's the largest non-utility purchaser of renewable energy in the world. Apple claims that in 2015, 93% of its energy came from renewable sources, and its data centers are already 100% run on renewables (though that claim does rely on carbon trading). Facebook, which also uses Texas wind facilities, is aiming for 50% of its data center power to come from renewables by 2018. Even slightly smaller companies like Salesforce have made big commitments to renewable energy."

Last year for the first time utilities actually bought less than half the power produced by wind farms -- because tech companies, universities, and cities had already locked it down with long-term contracts.
Yahoo!

Moving Beyond Flash: the Yahoo HTML5 Video Player (streamingmedia.com) 86

Slashdot reader theweatherelectric writes: Over on Streaming Media, Amit Jain from Yahoo has written a behind-the-scenes look at the development of Yahoo's HTML5 video player. He writes, "Adobe Flash, once the de-facto standard for media playback on the web, has lost favor in the industry due to increasing concerns over security and performance. At the same time, requiring a plugin for video playback in browsers is losing favor among users as well. As a result, the industry is moving toward HTML5 for video playback...

At Yahoo, our video player uses HTML5 across all modern browsers for video playback. In this post we will describe our journey to providing an industry-leading playback experience using HTML5, lay out some of the challenges we faced, and discuss opportunities we see going forward."

Yet another brick in the wall? YouTube and Twitch have already switched to HTML5, and last year Google started automatically converting Flash ads to HTML5.
Education

How ITT Tech Screwed Students and Made Millions (gizmodo.com) 310

An anonymous Slashdot reader shares "a grim story about a company that screwed poor people, military veterans, and taxpayers to turn a profit." Gizmodo reports: By the time ITT Technical Institute closed its doors earlier this month, the for-profit college had been selling tenuous diplomas at exorbitant prices for more than 20 years...burying low-income and first-generation students in insurmountable debt, and evading regulators since the early 1990s...
ITT collected $178 million over two years just in federal education funding for veterans -- even while the company projected 33% of its students would ultimately default on their loans -- and last year 70% of the school's total revenue came directly from federal financial aid programs. Gizmodo spoke to one student who "will now spend the rest of his life paying back loans for a degree that is practically useless," after compounding interest turned his $70,000 loan into $200,000 in debt. "Like all of the former students interviewed by Gizmodo, he was placed in a job that did not require professional training" -- specifically, a game-testing position that didn't even require a high school diploma, while ITT "placed" another student in a $5.95-an-hour telemarketing job. Her assessment of ITT? "It was totally worthless."
United States

Kentucky's Shotgun 'Drone Slayer' Gets Sued Again (yahoo.com) 281

"Technology has surpassed the law..." argues a Kentucky man who fired a shotgun at a drone last year. An anonymous Slashdot reader reports: The drone's owner has now filed for damages in Federal Court over the loss of his $1,800 drone, arguing that the shotgun blast was unjustified because his drone wasn't actually trespassing or invading anyone's privacy. The defendant -- who has dubbed himself 'the Drone Slayer' -- said the aerial vehicle was over his garden and his daughter, and the verdict could ultimately set a new precedent in U.S. law: who owns the air?

"Operators need to know where they can fly," argued the drone pilot's lawyer, "and owners must know when they can reasonably expect privacy and be free of prying eyes." He estimates a drone is shot from he skies about once a month, and "What happens typically is that law enforcement doesn't know what to do and civil suits are uncommon as most people don't want to get involved due to the costs."

The Drone Slayer was originally charged with felony counts of wanton endangerment and criminal mischief. But all of those charges were dismissed in October when a district judge ruled he "had a right to shoot at the aircraft."
Microsoft

Tuesday Was Microsoft's Last Non-Cumulative Patch (helpnetsecurity.com) 210

There was something unique about this week's Patch Tuesday. An anonymous Slashdot reader quotes HelpNetSecurity: It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches will be bundled together and users will no longer be able to pick and choose which updates to install. Furthermore, these new 'monthly update packs' will be combined, so for instance, the November update will include all the patches from October as well.
Last month a Slashdot reader asked for suggestions on how to handle the new 'cumulative' updates -- although the most common response was "I run Linux."
Google

Judge Skewers Oracle Attorney For Revealing Google, Apple Trade Secrets (arstechnica.com) 51

An anonymous reader quotes a report from Ars Technica: The federal judge who presided over the Google-Oracle API copyright infringement trial excoriated one of Oracle's lawyers Thursday for disclosing confidential information in open court earlier this year. The confidential information included financial figures stating that Google generated $31 billion in revenue and $22 billion in profits from the Android operating system in the wake of its 2008 debut. The Oracle attorney, Annette Hurst, also revealed another trade secret: Google paid Apple $1 billion in 2014 to include Google search on iPhones. Judge William Alsup of San Francisco has been presiding over the copyright infringement trial since 2010, when Oracle lodged a lawsuit claiming that Google's Android operating system infringed Oracle's Java APIs. After two trials and various trips to the appellate courts, a San Francisco federal jury concluded in May that Google's use of the APIs amounted to fair use. Oracle's motion before Alsup for a third trial is pending. Oracle argues that Google tainted the verdict by concealing a plan to extend Android on desktop and laptop computers. As this legal saga was playing out, Hurst blurted out the confidential figures during a January 14 pre-trial hearing, despite those numbers being protected by a court order. The transcript of that proceeding has been erased from the public record. But the genie is out of the bottle. Google lodged a motion (PDF) for sanctions and a contempt finding against Hurst for unveiling a closely guarded secret of the mobile phone wars. During a hearing on that motion Thursday, Judge Alsup had a back-and-forth with Hurst's attorney, former San Francisco U.S. Attorney Melinda Haag. According to the San Francisco legal journal The Recorder, Haag said that her client Hurst -- of the law firm Orrick, Herrington and Sutcliffe -- should not be sanctioned because of "one arguable mistake made through the course of a very complex litigation."
Google

Google To Introduce Google Wifi, Google Home and 4K Chromecast Ultra Devices On October 4th (androidpolice.com) 49

Android Police has learned of a new Google device that will launch alongside the Google Pixel smartphones, Google Home, and 4K 'Chromecast Ultra' dongle on October 4th. Called Google Wifi, the Wi-Fi router will cost $129 and contain several "smart" features. Android Police reports: [The] source additionally claims that Google will advertise the router as having "smart" features -- probably similar to OnHub in some respects -- and that Google will claim it provides enhanced range over typical Wi-Fi routers (a claim we see basically every router make, to be fair). But the one thing that will make it an insta-buy for many over OnHub? Our source claims multiple Google Wifi access points (two or more) can be linked together to create one large wireless network. We don't have any details on how this works, unfortunately. But one source claims that Google Wifi device will essentially be like a little white Amazon Echo Dot. So, relatively small and inconspicuous. In a separate report, Android Police details Google's upcoming smart speaker called Google Home, along with their upcoming 4K 'Chromecast Ultra' devices. Specifically, they will be priced at $129 and $69 respectively: Google Home was announced at Google I/O in May. Our sources also confirmed that the personalized base covers Google showed at I/O will be a feature of the final device. $129 also undercuts Amazon's Echo by a full $40, and though matches the price of the portable Amazon Tap, it's clear Google has Amazon's flagship smart home product in its sights with Home. Chromecast Ultra, which we are now all but certain is the name of Google's upcoming 4K version of Chromecast, will come in at $69 retail. As for what it brings beyond 4K, one of our sources claims that HDR is indeed on the list of bullet points.
Space

SpaceX Blast Investigation Suggests Breach in Oxygen Tank's Helium System (reuters.com) 78

Weeks after a SpaceX rocket exploded inexplicably, engineers at Elon Musk's company have traced the flaw to its source. Space today released the initial results of its investigation, in which it says that a breach in helium system in the Falcon 9's liquid oxygen system caused the sudden flare up. From a Reuters report: SpaceX, owned and operated by technology entrepreneur Elon Musk, was fueling a Falcon 9 rocket on the launch pad in Florida on Sept. 1 in preparation for a routine test-firing when a bright fireball suddenly emerged around the rocket's upper stage. "At this stage of the investigation, preliminary review of the data and debris suggests that a large breach in the cryogenic helium system of the second stage liquid oxygen tank took place," SpaceX said in a statement posted on its website. No one was hurt in the explosion, which could be heard 30 miles (48 km) away from SpaceX's launch pad 40 at Cape Canaveral Air Force Station. The cause of the accident is under investigation.
Microsoft

Salesforce, Google, Microsoft, Verizon Are In Talks With Twitter For a Potential Acquisition (cnbc.com) 65

Twitter is in conversation with a number of tech companies for a potential sale. The social company is in talks with Google and cloud computing company Salesforce (which also wanted to purchase LinkedIn), and may receive a formal offer soon, reports CNBC. TechCrunch corroborating on the report adds that Microsoft and Verizon are also in talks, albeit separately, with Twitter for the same. From CNBC report: Shares of Twitter were up 20 percent Friday. Twitter's board of directors is said to be largely desirous of a deal, according to people close to the situation, but no sale is imminent. There's no assurance a deal will materialize, but one source close to the conversations said that they are picking up momentum and could result in a deal before year-end. Suitors are said to be interested as much in the data that Twitter generates as its place as a media company.
Republicans

Oculus Founder Palmer Luckey Is Secretly Funding Trump's Meme Machine (thedailybeast.com) 847

The founder of Oculus, Palmer Luckey, has backed a pro-Trump political organization called Nimble America that is dedicated to "shitposting" and spreading inflammatory memes about Hillary Clinton. In 2014, Luckey's virtual-reality company, Oculus, was acquired by Facebook for $2 billion. Forbes estimates his current net worth to be $700 million. The Daily Beast reports: "The 24-year-old told The Daily Beast that he had used the pseudonym "NimbleRichMan" on Reddit with a password given to him by the organization's founders. Nimble America says it's dedicated to providing that "shitposting is powerful and meme magic is real," according to the company's introductory statement, and has taken credit for a billboard its founders say was posted outside of Pittsburgh with a cartoonishly large image of Clinton's face alongside the words "Too Big to Jail." "We conquered Reddit and drive narrative on social media, conquered the [mainstream media], now it's time to get our most delicious memes in front of Americans whether they like it or not," a representative for the group wrote in an introductory post on Reddit. Potential donors from Donald Trump's biggest online community -- Reddit's r/The_Donald, where one of the rules is "no dissenters" -- turned on the organization this weekend, refusing to believe "NimbleRichMan" was the anonymous "near-billionaire" he claimed to be and causing a rift on one of the alt-right's most powerful organizational tools. Luckey insists he's just the group's money man -- a wealthy booster who thought the meddlesome idea was funny. But he is also listed as the vice-president of the group on its website. In another post written under Luckey's Reddit pseudonym, Luckey echoes Peter Thiel, the tech billionaire who used his wealth to secretly bankroll Hulk Hogan's lawsuit against Gawker. The Daily Beast adds: "'The American Revolution was funded by wealthy individuals," NimbleRichMan wrote on Saturday. Luckey confirmed to The Daily Beast he penned the posts under his Reddit pseudonym. 'The same has been true of many movements for freedom in history. You can't fight the American elite without serious firepower. They will outspend you and destroy you by any and all means.'"
Security

Yahoo Confirms Massive Data Breach, 500 Million Users Impacted [Updated] (recode.net) 169

Update: 09/22 18:47 GMT by M :Yahoo has confirmed the data breach, adding that about 500 million users are impacted. Yahoo said "a copy of certain user account information was stolen from the company's network in late 2014 by what it believes is a state-sponsored actor." As Business Insider reports, this could be the largest data breach of all time. In a blog post, the company said:Yahoo is notifying potentially affected users and has taken steps to secure their accounts. These steps include invalidating unencrypted security questions and answers so that they cannot be used to access an account and asking potentially affected users to change their passwords. Yahoo is also recommending that users who haven't changed their passwords since 2014 do so. The Intercept reporter Sam Biddle commented, "It took Yahoo two years to announce that info on half a billion user accounts was stolen." Amid its talks with Verizon for a possible acquisition -- which did happen -- Yahoo knew about the attack, but didn't inform Verizon about it, Business Insider reports. Original story, from earlier today, follows.

Last month, it was reported that a hacker was selling account details of at least 200 million Yahoo users. The company's service had apparently been hacked, putting several hundred million users accounts at risk. Since then Yahoo has remained tight-lipped on the matter, but that could change very soon. Kara Swisher of Recode is reporting that Yahoo is poised to confirm that massive data breach of its service. From the report: While sources were unspecific about the extent of the incursion, since there is the likelihood of government investigations and legal action related to the breach, they noted that it is widespread and serious. Earlier this summer, Yahoo said it was investigating a data breach in which hackers claimed to have access to 200 million user accounts and was selling them online. "It's as bad as that," said one source. "Worse, really." The announcement, which is expected to come this week, also possible larger implications on the $4.8 billion sale of Yahoo's core business -- which is at the core of this hack -- to Verizon. The scale of the liability could be large and bring untold headaches to the new owners. Shareholders are likely to worry that it could lead to an adjustment in the price of the transaction.
Hardware

At Least 26 Claimed Galaxy Note 7 Fire Reports Were Untrue, Samsung Says (zdnet.com) 106

Lately, a lot of behind the scene conversations have been suggesting that perhaps the Note 7 battery explosion fiasco has been blown out of the proportion. There's no evidence of any of that, so we won't discuss it any further, but amid all of this, Samsung has confirmed that at least 26 explosion reports that circulated everywhere were hoaxes. From a ZDNet report:Out of the 26 reports, the South Korean tech giant said that in 12 cases they found no fault with the devices. In seven cases, the reported victim could not be reached and in another seven incidents, the consumer cancelled the report or alleged that they threw away the device. In the US, where 1 million devices were recalled, nine such cases were reported. There were three in South Korea, two in France, and one each from the UK, Canada, Singapore, Philippines, Turkey, Vietnam, Croatia, Romania, Iraq, Lebanon, the UAE, and Czech Republic. In Korea, a worker at a convenience store alleged online that their phone exploded but Samsung said the person was currently unreachable. The user in Canada used a picture they found of the Note 7 catching fire and posed it as their own, the company said, and in Singapore, a user claimed they threw the handset out of their car when it caught fire but could not show proof.Makes you think doesn't it?

Slashdot Top Deals