Security

Tools Coming To Def Con For Hacking RFID Access Doors 2 2

jfruh writes: Next month's Def Con security conference will feature, among other things, new tools that will help you hack into the RFID readers that secure doors in most office buildings. RFID cards have been built with more safeguards against cloning; these new tools will bypass that protection by simply hacking the readers themselves. ITWorld reports that Francis Brown, a partner at the computer security firm Bishop Fox, says: "...his aim is to make it easier for penetration testers to show how easy it is to clone employee badges, break into buildings and plant network backdoors—without needing an electrical engineering degree to decode the vagaries of near-field communication (NFC) and RFID systems."
China

What Federal Employees Really Need To Worry About After the Chinese Hack 44 44

HughPickens.com writes: Lisa Rein writes in the Washington Post that a new government review of what the Chinese hack of sensitive security clearance files of 21 million people means for national security is in — and some of the implications are quite grave. According to the Congressional Research Service, covert intelligence officers and their operations could be exposed and high-resolution fingerprints could be copied by criminals. Some suspect that the Chinese government may build a database of U.S. government employees that could help identify U.S. officials and their roles or that could help target individuals to gain access to additional systems or information. National security concerns include whether hackers could have obtained information that could help them identify clandestine and covert officers and operations (PDF).

CRS says that if the fingerprints in the background investigation files are of high enough quality, "depending on whose hands the fingerprints come into, they could be used for criminal or counterintelligence purposes." Fingerprints also could be trafficked on the black market for profit — or used to blow the covers of spies and other covert and clandestine officers, the research service found. And if they're compromised, fingerprints can't be reissued like a new credit card, the report says, making "recovery from the breach more challenging for some."
vivaoporto Also points out that these same hackers are believed to be responsible for hacking United Airlines.
GNU is Not Unix

Interviews: Ask Richard Stallman a Question 108 108

RMS founded the GNU Project, the Free Software Foundation, and remains one of the most important and outspoken advocates for software freedom. He now spends much of his time fighting excessive extension of copyright laws, digital restrictions management, and software patents. RMS has agreed to answer your questions about GNU/Linux, how GNU relates to Linux the kernel, free software, why he disagrees with the idea of open source, and other issues of public concern. As usual, ask as many as you'd like, but please, one question per post.
Input Devices

Ask Slashdot: Why Is the Caps Lock Key Still So Prominent On Keyboards? 337 337

Esther Schindler writes: The developers at .io are into tracking things, I guess. In any case, a few weeks back they decided to track team performance in terms of keyboard and mouse activity during the working day. They installed a simple Chrome plugin on every Macbook and collected some statistics. For instance, developers have fewer keypresses than editors and managers—around 4k every day. Managers type more than 23k characters per day. And so on. Some pretty neat statistics.

But the piece that jumped out at me was this: "What's curious—the least popular keys are Capslock and Right Mouse Button. Somewhere around 0.1% of all keypresses together. It's time to make some changes to keyboards." I've been whining about this for years. Why is it that the least-used key on my keyboard is not just in a prominent position, but also bigger than most other keys? I can I invest in a real alternate keyboard with a different layout (my husband's a big fan of the Kinesis keyboards, initially to cope with carpal tunnel). But surely it's time to re-visit the standard key layout? What keys would you eliminate or re-arrange?
PC Games (Games)

Sprked Tries To Solve Valve's Paid Mods Scandal 18 18

SlappingOysters writes: This article takes a closer look at the emerging crowdfunding platform Sprked, which aims to follow the Patreon support model, but exclusively for video game modders. The service is currently in its early stages, but by crafting a system of appreciation and support that acknowledges the loyalty of the modding community, Sprked has the potential to promote and foster the creativity that is so integral to modding, instead of hampering it with the murky baggage of a mandatory economy. Valve's attempt to let modders make some money for their efforts backfired within the community — there are four demons the paid mods plan must slay to actually work.
Android

Maliciously Crafted MKV Video Files Can Be Used To Crash Android Phones 71 71

itwbennett writes: Just days after publication of a flaw in Android's Stagefright, which could allow attackers to compromise devices with a simple MMS message, researchers have found another Android media processing flaw. The latest vulnerability is located in Android's mediaserver component, more specifically in how the service handles files that use the Matroska video container (MKV), Trend Micro researchers said. "When the process opens a malformed MKV file, the service may crash (and with it, the rest of the operating system). The vulnerability is caused by an integer overflow when the mediaserver service parses an MKV file. It reads memory out of buffer or writes data to NULL address when parsing audio data."
Privacy

Kentucky Man Arrested After Shooting Down Drone 806 806

McGruber writes: Hillview, Kentucky resident William H. Merideth describes his weekend: "Sunday afternoon, the kids – my girls – were out on the back deck, and the neighbors were out in their yard. And they come in and said, 'Dad, there's a drone out here, flying over everybody's yard.'" Merideth's neighbors saw it too. "It was just hovering above our house and it stayed for a few moments and then she finally waved and it took off," said neighbor Kim VanMeter. Merideth grabbed his shotgun and waited to see if the drone crossed over his property. When it did, he took aim and shot it out of the sky.

The owners showed up shortly, and the police right after. He was arrested and charged with first degree criminal mischief and first degree wanton endangerment before being released the next day. Merideth says he will pursue legal action against the drone's owner, "He didn't just fly over. If he had been moving and just kept moving, that would have been one thing -- but when he come directly over our heads, and just hovered there, I felt like I had the right. You know, when you're in your own property, within a six-foot privacy fence, you have the expectation of privacy. We don't know if he was looking at the girls. We don't know if he was looking for something to steal. To me, it was the same as trespassing."
Security

Hacking a 'Smart' Sniper Rifle 49 49

An anonymous reader writes: It was inevitable: as soon as we heard about computer-aimed rifles, we knew somebody would find a way to compromise their security. At the upcoming Black Hat security conference, researchers Runa Sandvik and Michael Auger will present their techniques for doing just that. "Their tricks can change variables in the scope's calculations that make the rifle inexplicably miss its target, permanently disable the scope's computer, or even prevent the gun from firing." In one demonstration they were able to tweak the rifle's ballistic calculations by making it think a piece of ammunition weighed 72 lbs instead of 0.4 ounces. After changing this value, the gun tried to automatically adjust for the weight, and shot significantly to the left. Fortunately, they couldn't find a way to make the gun fire without physically pulling the trigger.
Windows

Poll Will You Be Installing Windows 10? 189 189

Percentage of others that also voted for:

0

You have already voted on this poll.

News

Newfound Bacteria Expand Tree of Life 24 24

An anonymous reader writes: It used to be that to find new forms of life, all you had to do was take a walk in the woods. Now it's not so simple. The most conspicuous organisms have long since been cataloged and fixed on the tree of life, and the ones that remain undiscovered don't give themselves up easily. You could spend all day by the same watering hole with the best scientific instruments and come up with nothing. Maybe it's not surprising, then, that when discoveries do occur, they sometimes come in torrents. Find a different way of looking, and novel forms of life appear everywhere. A team of microbiologists based at the University of California, Berkeley, recently figured out one such new way of detecting life. At a stroke, their work expanded the number of known types — or phyla — of bacteria by nearly 50 percent, a dramatic change that indicates just how many forms of life on earth have escaped our notice so far.
Windows

Windows 10 Launches 227 227

An anonymous reader writes: Today Microsoft officially released Windows 10 in 190 countries as a free upgrade for anyone with Windows 7 or later. Major features include Continuum (which brings back the start menu and lets you switch between a keyboard/mouse UI and a touch UI without forcing you into one or the other), the Cortana digital assistant, the Edge browser, virtual desktops, DirectX 12 support, universal apps, an Xbox app, and security improvements. Reviews of the operating system generally consider it an improvement over Windows 8.1, despite launch-day bugs. Peter Bright writes, "Windows 8 felt unfinished, but it was an unfinished thought. ... Windows 10 feels unfinished, but in a different way. The concept of the operating system is a great deal better than its predecessor. It's better in fact than all of its predecessors. ... For all my gripes, it's the right idea, and it's implemented in more or less the right way. But I think it's also buggier than Windows 8.1, 8, 7, or Vista were on their respective launch days." Tom Warren draws similar conclusions: "During my testing on a variety of hardware, I've run into a lot of bugs and issues — even with the version that will be released to consumers on launch day. ... Everything about Windows 10 feels like a new approach for Microsoft, and I'm confident these early bugs and issues will be addressed fairly quickly."
The Military

US Military Stepping Up Use of Directed Energy Weapons 74 74

An anonymous reader writes: At a conference on Tuesday, U.S. officials explained that all branches of the military would be increasing their use of lasers and other directed energy weapons. Lieutenant General William Etter said, "Directed energy brings the dawn of an entirely new era in defense." The Navy's laser deployment test has gone well, and they're working on a new prototype laser in the 100-150 kilowatt range. "[Navy Secretary Ray] Mabus said Iran and other countries were already using lasers to target ships and commercial airliners, and the U.S. military needed to accelerate often cumbersome acquisition processes to ensure that it stayed ahead of potential foes."
Patents

MPEG LA Announces Call For DASH Patents 58 58

An anonymous reader writes: The MPEG LA has announced a call for patents essential to the Dynamic Adaptive Streaming over HTTP (or DASH) standard. According to the MPEG LA's press release, "Market adoption of DASH technology standards has increased to the point where the market would benefit from the availability of a convenient nondiscriminatory, nonexclusive worldwide one-stop patent pool license." The newly formed MPEG-DASH patent pool's licensing program will allegedly offer the market "efficient access to this important technology."
AI

A Computer Umpires Its First Pro Baseball Game 61 61

An anonymous reader writes: Baseball has long been regarded as a "game of inches." Among the major professional sports it arguably requires the greatest amount of precision — a few extra RPMs can turn a decent curveball into an unhittable one, and a single degree's difference in the arc of a bat swing can change a lazy popup into a home run. As sensor technology has improved, it's been odd to see how pro baseball leagues have made great efforts to keep it away from the sport. Even if you aren't a fan of the game, you're probably familiar with the cultural meme of an umpire blowing a key call and altering the course of the game.

Thus, it's significant that for the first time ever, sensors and a computer have called balls and strikes for a professional game. In a minor league game between the San Rafael Pacifics and the Vallejo Admirals, a three-camera system tracked the baseball's exact position as it crossed home plate, and a computer judged whether it was in the strike zone or not. The game went without incident, and it provided valuable data in a real-life example. The pitch-tracking system still has bugs to work out, though. Dan Brooks, founder of a site that tracks ball/strike accuracy for real umpires, said that for the new system to be implemented permanently, fans must be "willing to accept a much smaller amount of inexplicable error in exchange for a larger amount of explicable error."
United Kingdom

UK Campaign Wants 18-Year-Olds To Be Able To Delete Embarrassing Online Past 240 240

An anonymous reader writes: People should be allowed to delete embarrassing social media posts when they reach adulthood, UK internet rights campaigners are urging. The iRights coalition has set out five rights which young people should expect online, including being able to easily edit or delete content they have created, and to know who is holding or profiting from their information. Highlighting how campaigners believe adults should not have to bear the shame of past immaturity, iRights also wants children to be protected from illegal or distressing pages; to be digitally literate; and be able to make informed and conscious choices.