Forgot your password?
typodupeerror

Follow Slashdot stories on Twitter

Printer

Consumers Not Impressed With 3D Printing 160

Posted by Unknown Lamer
from the drip-coffee-and-widget-maker dept.
Lucas123 (935744) writes "Putting a 3D printer beside the coffee maker in every home, as some manufacturers hope will happen someday, is a long ways from reality as consumers today still don't understand how the technology will benefit them, according to a new study. The study, by Juniper Research, states that part of the problem is that killer applications with the appropriate eco-system of software, apps and materials have yet to be identified and communicated to potential users. And, even though HP has announced its intention to enter the 3D printing space (possibly this fall) a massive, mainstream corporation isn't likely to change the market."
Security

Anonymous' Airchat Aim: Communication Without Need For Phone Or Internet 141

Posted by timothy
from the turn-down-your-volume-before-clicking dept.
concertina226 (2447056) writes "Online hacktivist collective Anonymous has announced that it is working on a new tool called Airchat which could allow people to communicate without the need for a phone or an internet connection — using radio waves instead. Anonymous, the amorphous group best known for attacking high profile targets like Sony and the CIA in recent years, said on the project's Github page: 'Airchat is a free communication tool [that] doesn't need internet infrastructure [or] a cell phone network. Instead it relies on any available radio link or device capable of transmitting audio.' Despite the Airchat system being highly involved and too complex for most people in its current form, Anonymous says it has so far used it to play interactive chess games with people at 180 miles away; share pictures and even established encrypted low bandwidth digital voice chats. In order to get Airchat to work, you will need to have a handheld radio transceiver, a laptop running either Windows, Mac OS X or Linux, and be able to install and run several pieces of complex software." And to cleanse yourself of the ads with autoplaying sound, you can visit the GitHub page itself.
Music

Band Releases Album As Linux Kernel Module 122

Posted by samzenpus
from the because-we-can dept.
netbuzz (955038) writes "A band called netcat is generating buzz in software circles by releasing its debut album as a Linux kernel module (among other more typical formats.) 'Are you ever listening to an album, and thinking "man, this sounds good, but I wish it crossed from user-space to kernel-space more often!" We got you covered,' the band says on its Facebook page. 'Our album is now fully playable as a loadable Linux kernel module.'"
Security

OpenSSL: the New Face of Technology Monoculture 109

Posted by Soulskill
from the relied-upon-to-a-fault dept.
chicksdaddy writes: "In a now-famous 2003 essay, 'Cyberinsecurity: The Cost of Monopoly,' Dr. Dan Geer argued, persuasively, that Microsoft's operating system monopoly constituted a grave risk to the security of the United States and international security, as well. It was in the interest of the U.S. government and others to break Redmond's monopoly, or at least to lessen Microsoft's ability to 'lock in' customers and limit choice. The essay cost Geer his job at the security consulting firm AtStake, which then counted Microsoft as a major customer. These days Geer is the Chief Security Officer at In-Q-Tel, the CIA's venture capital arm. But he's no less vigilant of the dangers of software monocultures. In a post at the Lawfare blog, Geer is again warning about the dangers that come from an over-reliance on common platforms and code. His concern this time isn't proprietary software managed by Redmond, however, it's common, oft-reused hardware and software packages like the OpenSSL software at the heart (pun intended) of Heartbleed. 'The critical infrastructure's monoculture question was once centered on Microsoft Windows,' he writes. 'No more. The critical infrastructure's monoculture problem, and hence its exposure to common mode risk, is now small devices and the chips which run them.'"
Apple

You Can Now Run Beta Versions of OS X—For Free 194

Posted by Unknown Lamer
from the debian-did-it-better dept.
redletterdave (2493036) writes "Apple on Tuesday announced the OS X Beta Seed Program, which allows anyone to download and install pre-release Mac software for the sake of testing and submitting feedback before the public launch. Until Tuesday, Apple charged users $99 a year to test out new OS X software—doing so required a paid-up developer account. (Testing new iPhone software still requires a separate developer account for another $99 a year.) Now, much the same way new OS X software is now totally free to download, it's also free to try out. All you need is an Apple ID to sign up."
Music

Groove Basin: Quest For the Ultimate Music Player 87

Posted by Soulskill
from the it's-dangerous-to-go-alone,-take-this-ipod dept.
An anonymous reader writes "Andrew Kelley was a big fan of the Amarok open source music player. But a few years ago, its shortcomings were becoming more annoying and the software's development path no longer matched with the new features he wanted. So he did what any enterprising hacker would do: he started work on a replacement. Three and a half years later, his project, Groove Basin, has evolved into a solid music player, and it's still under active development. Kelley has now posted a write-up of his development process, talking about what problems he encountered, how he solved them, and how he ended up contributing code to libav."
Programming

The Ethical Dilemmas Today's Programmers Face 178

Posted by samzenpus
from the do-the-right-thing dept.
snydeq (1272828) writes "As software takes over more of our lives, the ethical ramifications of decisions made by programmers only become greater. Unfortunately, the tech world has always been long on power and short on thinking about the long-reaching effects of this power. More troubling: While ethics courses have become a staple of physical-world engineering degrees, they remain a begrudging anomaly in computer science pedagogy. Now that our code is in refrigerators, thermostats, smoke alarms, and more, the wrong moves, a lack of foresight, or downright dubious decision-making can haunt humanity everywhere it goes. Peter Wayner offers a look at just a few of the ethical quandaries confronting developers every day. 'Consider this less of a guidebook for making your decisions and more of a starting point for the kind of ethical contemplation we should be doing as a daily part of our jobs.'"
Google

Apple, Google Vying For Mobile Game Exclusivity 50

Posted by samzenpus
from the mine-all-mine dept.
An anonymous reader writes "Here's an interesting look at the battle for mobile video game money between Google and Apple. 'Last August, for the launch of "Plants Vs. Zombies 2," a highly anticipated sequel to a popular zombie-survival strategy game, publisher Electronic Arts Inc. struck a deal with Apple, which promoted the game prominently in its App Store, according to people familiar with the matter. In exchange, one of these people said, EA agreed to give Apple about a two-month window of exclusivity for the title, which wasn't released on Google's Android software until October.'"
Software

Ask Slashdot: Professional Journaling/Notes Software? 167

Posted by timothy
from the unexamined-life-not-worth-living dept.
netdicted writes "At the very outset of my career the importance of keeping a daily journal of activities and notes was clearly evident. Over the years I've always had a college ruled composition notebook nearby to jot down important ideas, instructions, tasks, etc. Putting away the rock and chisel was not optional when the volumes grew beyond my mental capacity to successfully index the contents. Over the years I've tried countless apps to keep a digital journal and failed miserably.

In my mind the ideal app or solution is a single file or cloud app where I can organize personal notes on projects, configurations, insights, ideas, etc., as well as noting major activities or occurrences of the day. My original journals saved me on a number of occasions. Unfortunately my tenacity for keeping one has suffered from a fruitless search for a suitable solution. Currently I'm experimenting with Evernote and Tiddlywiki. They approach the problem from two different angles. What do you use?"
Encryption

OpenSSL Cleanup: Hundreds of Commits In a Week 374

Posted by timothy
from the the-good-kind-of-competition dept.
New submitter CrAlt (3208) writes with this news snipped from BSD news stalwart undeadly.org: "After the news of heartbleed broke early last week, the OpenBSD team dove in and started axing it up into shape. Leading this effort are Ted Unangst (tedu@) and Miod Vallat (miod@), who are head-to-head on a pure commit count basis with both having around 50 commits in this part of the tree in the week since Ted's first commit in this area. They are followed closely by Joel Sing (jsing@) who is systematically going through every nook and cranny and applying some basic KNF. Next in line are Theo de Raadt (deraadt@) and Bob Beck (beck@) who've been both doing a lot of cleanup, ripping out weird layers of abstraction for standard system or library calls. ... All combined, there've been over 250 commits cleaning up OpenSSL. In one week.'" You can check out the stats, in progress.
Security

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions 59

Posted by timothy
from the bleeding-from-the-ears dept.
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software.

"Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated."

After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."
Displays

For $20, Build a VR Headset For Your Smartphone 50

Posted by timothy
from the watch-movies-on-the-plane dept.
An anonymous reader writes "Not everyone can drop a few hundred dollars on a VR headset, but that doesn't mean they can't experience VR! For those with the time and a bit of handiwork skill, this DIY guide from guest writer Ohaple will show you how to make a smartphone-based VR headset for as little as $20. Along the way, you'll learn the hardware and software basics of a VR headset." This project screams for a ready-made commercial version; does anyone know of existing purpose-built headgear? As one of the comments on the linked tutorial says, Poppy seems close, but lacks an LED for tracking.
AI

DARPA Developing the Ultimate Auto-Pilot Software 75

Posted by timothy
from the have-they-not-seen-airplanes-1-or-2? dept.
coondoggie (973519) writes "Call it the ultimate auto-pilot — an automated system that can help take care of all phases of aircraft flight-even perhaps helping pilots overcome system failures in-flight. The Defense Advanced Research Projects Agency (DARPA) will in May detail a new program called Aircrew Labor In-Cockpit Automation System (ALIAS) that would build upon what the agency called the considerable advances that have been made in aircraft automation systems over the past 50 years, as well as the advances made in remotely piloted aircraft automation, to help reduce pilot workload, augment mission performance and improve aircraft safety."
Media

MediaGoblin and FSF Successfully Raise Funds For Federation, Privacy Features 22

Posted by Soulskill
from the if-you-build-it-they-will-come dept.
paroneayea writes: "GNU MediaGoblin and the Free Software Foundation have jointly run a campaign for privacy and federation on the web. The campaign is in its last day but has already passed the first two funding milestones, and is hoping to raise more with the possibility of bringing in multiple dedicated resources to the project. The project has also released a full financial transparency report so donors can know how they can expect their money to be used!"
Bug

Bug Bounties Don't Help If Bugs Never Run Out 235

Posted by Soulskill
from the trying-to-bail-the-ocean dept.
Bennett Haselton writes: "I was an early advocate of companies offering cash prizes to researchers who found security holes in their products, so that the vulnerabilities can be fixed before the bad guys exploited them. I still believe that prize programs can make a product safer under certain conditions. But I had naively overlooked that under an alternate set of assumptions, you might find that not only do cash prizes not make the product any safer, but that nothing makes the product any safer — you might as well not bother fixing certain security holes at all, whether they were found through a prize program or not." Read on for the rest of Bennett's thoughts.
The Courts

Oracle Deflects Blame For Troubled Oregon Health Care Site 162

Posted by samzenpus
from the who's-to-blame dept.
itwbennett (1594911) writes "Oracle is gearing up for a fight with officials in Oregon over its role developing an expensive health insurance exchange website that still isn't fully operational. In a letter obtained by the Oregonian newspaper this week, Oracle co-president Safra Catz said that Oregon officials have provided the public with a 'false narrative' concerning who is to blame for Cover Oregon's woes. In the letter, Catz pointed out that Oregon's decision to act as their own systems integrator on the project, using Oracle consultants on a time-and-materials basis, was 'criticized frequently by many'. And as far as Oracle is concerned, 'Cover Oregon lacked the skills, knowledge or ability to be successful as the systems integrator on an undertaking of this scope and complexity,' she added."
Linux Business

Linux Voice is a New Magazine for Linux Users — On Paper (Video) 69

Posted by Roblimo
from the there's-nothing-quite-like-the-smell-of-ink-on-paper dept.
This is an interview with Graham Morrison, who is one of four people behind the shiny-new Linux Voice magazine, which is printed on (gasp) paper. Yes, paper, even though it's 2014 and a lot of people believe the idea of publishing a physical newspaper or magazine is dead. But, Graham says, when you have a tight community (like Linux users and developers) you have an opportunity to make a successful magazine for that community. This is a crowdfunded venture, through Indiegogo, where they hoped to raise £90,000 -- but ended up with £127,603, which is approximately $214,288 as of this video's publishing date. So they have a little capital to work with. Also note: these are not publishing neophytes. All four of the main people behind Linux Voice used to work on the well-regarded Linux Format magazine. Graham says they're getting subscribers and newsstand sales at a healthy rate, so they're happily optimistic about their magazine's future. (Here's an alternate video link)
Ubuntu

Ubuntu Linux 14.04 LTS Trusty Tahr Released 177

Posted by timothy
from the what-in-tahr-nation dept.
An anonymous reader writes with this announcement: "Ubuntu Linux version 14.04 LTS (code named "Trusty Tahr") has been released and available for download. This updated version includes the Linux kernel v3.13.0-24.46, Python 3.4, Xen 4.4, Libreoffice 4.2.3, MySQL 5.6/MariaDB 5.5, Apache 2.4, PHP 5.5, improvements to AppArmor allow more fine-grained control over application, and more. The latest release of Ubuntu Server is heavily focused on supporting cloud and scale-out computing platforms such as OpenStack, Docker, and more. As part of the wider Ubuntu 14.04 release efforts the Ubuntu Touch team is proud to make the latest and greatest touch experience available to our enthusiast users and developers. You can install Ubuntu on Nexus 4 Phone (mako), Nexus 7 (2013) Tablet (flo), and Nexus 10 Tablet (manta) by following these instructions. On a hardware front, ARM multiplatform support has been added, enabling you to build a single ARM kernel image that can boot across multiple hardware platforms. Additionally, the ARM64 and Power architectures are now fully supported. See detailed release notes for more information. A quick upgrade to a newer version of Ubuntu is possible over the network."
Open Source

Apache OpenOffice Reaches 100 Million Downloads. Now What? 285

Posted by timothy
from the hundreds-of-millions-served dept.
We're thankfully long past the days when an emailed Word document was useless without a copy of Microsoft Word, and that's in large part thanks to the success of the OpenOffice family of word processors. "Family," because the OpenOffice name has been attached to several branches of a codebase that's gone through some serious evolution over the years, starting from its roots in closed-source StarOffice, acquired and open-sourced by Sun to become OpenOffice.org. The same software has led (via some hamfisted moves by Oracle after its acquisition of Sun) to the also-excellent LibreOffice. OpenOffice.org's direct descendant is Apache OpenOffice, and an anonymous reader writes with this excellent news from that project: "The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 170 Open Source projects and initiatives, announced today that Apache OpenOffice has been downloaded 100 million times. Over 100 million downloads, over 750 extensions, over 2,800 templates. But what does the community at Apache need to do to get the next 100 million?" If you want to play along, you can get the latest version of OpenOffice from SourceForge (Slashdot's corporate cousin). I wonder how many government offices -- the U.S. Federal government has long been Microsoft's biggest customer -- couldn't get along just fine with an open source word processor, even considering all the proprietary-format documents they're stuck with for now.
Programming

Code Quality: Open Source vs. Proprietary 133

Posted by Soulskill
from the put-your-money-where-your-code-is dept.
just_another_sean sends this followup to yesterday's discussion about the quality of open source code compared to proprietary code. Every year, Coverity scans large quantities of code and evaluates it for defects. They've just released their latest report, and the findings were good news for open source. From the article: "The report details the analysis of 750 million lines of open source software code through the Coverity Scan service and commercial usage of the Coverity Development Testing Platform, the largest sample size that the report has studied to date. A few key points: Open source code quality surpasses proprietary code quality in C/C++ projects. Linux continues to be a benchmark for open source quality. C/C++ developers fixed more high-impact defects. Analysis found that developers contributing to open source Java projects are not fixing as many high-impact defects as developers contributing to open source C/C++ projects."

If money can't buy happiness, I guess you'll just have to rent it.

Working...