SlashDot

Long-time Slashdot reader Wycliffe writes: So I have a travel keyboard that I love. I can carry my OS on a USB flash drive. There are several options for portable battery powered monitors. The only thing I'm missing to have a completely modular laptop is the CPU/MB/RAM... I can get a laptop but it seems silly to carry around a laptop with a keyboard when I never use the keyboard. I don't need a long battery life, if I need more than an hour then I can find somewhere to plug it in... I've thought about buying a small box like a Zotac and trying to replace the hard drive with a battery -- but does anything like this already exist...? Also, are there any systems like this with decent specs? Most stuff I see like the Intel Compute Stick are horribly underpowered compared to a decent laptop. The original submission drew some interesting discussion. Another option is "a good x86/x64 tablet that I can install Linux on" -- especially with a decent processor -- or "laptop-like systems that got rid of the screen entirely... I just need the travel CPU part without the added weight of a second keyboard and monitor." So leave your best suggestions in the comments. Is there a good, lightweight computer that's battery-powered without a screen or a keyboard?

Read more of this story at Slashdot.

Slashdot reader BrianFagioli has posted an update about his communication with Opera over their plans for iOS. They'd originally tweeted Thursday that "at this moment we don't have a team working on IOS which is why we haven't released any updates." But Friday they clarified that "It does not mean we give up development on iOS. It's just that now our resources are on Android." They reiterated that point in an email. We would like to clarify that Opera does not abandon iOS... We plan to keep developing it as Opera Min[i] provides unique features that other browsers do not have, such as data saving for both webpages and video, ad-blocking, built-in newsfeed etc. And people love using it. As most of the engineering resources are now on Android, our update on iOS is slow at this moment. Please bear with us and do stay tune for our next updates. The tweet Friday also emphasized that "We will update iOS for sure."

Read more of this story at Slashdot.

An anonymous reader quotes Bloomberg: [A] Russian tycoon and his Renova Group plan a record-breaking effort to send a plane around the world nonstop using only the power of the sun. If all goes well, a single pilot will fly for five days straight at altitudes of up to 10 miles, about a third higher than commercial airliners. The project isn't just a stunt. The glider-style airplane with a 36-meter (120-foot) wingspan will be a test of technologies that are set to be used to build new generations of autonomous craft for the military and business, say aerospace experts. They will fly continuously, have far greater reach and control than satellites and expand broadcast, communication and spying capabilities around the globe... "Our flight should prove that it's possible to make long-distance flights using solar energy," said Mikhail Lifshitz, Renova's director of high-tech asset development and a qualified pilot-instructor. A "flying laboratory" test-plane will be ready by year-end, Lifshitz said in an interview. The plane will conserve power by slowly gliding down from the high altitudes at night -- without ever touching the ground. In comparison a solar plane (partially funded by Google) already circled the earth last year -- but it took 22 days, and made 17 different stops.

Read more of this story at Slashdot.

An anonymous reader writes: NAND flash memory chips, the building blocks of solid-state drives (SSDs), include what could be called "programming vulnerabilities" that can be exploited to alter stored data or shorten the SSD's lifespan. According to research published earlier this year, the programming logic powering of MLC NAND flash memory chips (the tech used for the latest generation of SSDs), is vulnerable to at least two types of attacks. The first is called "program interference," and takes place when an attacker manages to write data with a certain pattern to a target's SSD. Writing this data repeatedly and at high speeds causes errors in the SSD, which then corrupts data stored on nearby cells. This attack is similar to the infamous Rowhammer attack on RAM chips. The second attack is called "read disturb" and in this scenario, an attacker's exploit code causes the SSD to perform a large number of read operations in a very short time, which causes a phenomenon of "read disturb errors," that alters the SSD ability to read data from nearby cells, even long after the attack stops.

Read more of this story at Slashdot.

Long-time Slashdot reader lactose99 writes: One of the original copyright trolls finally got their comeuppance. From TFA: "John L. Steele, a Chicago lawyer who pled guilty to perjury, fraud and money laundering resulting from alleged 'honeypot' schemes, has just been disbarred by an Illinois court." John L. Steele, as you may know, is one of the principals of Prenda Law, a notorious copyright troll who has been featured on /. several times. The article goes on to describe how the Prenda lawyers used honeypot-like tactics to trick people into downloads and then subsequently scammed them for copyright violations. Their operation brought in $6 million in settlement fees, reports Engadget, adding "While it is illegal to download copyrighted files from file-sharing sites, it is also against the law to extort downloaders."

Read more of this story at Slashdot.

An anonymous reader quotes CNBC: British Airways canceled all flights from London's Heathrow and Gatwick airports on Saturday as a global IT failure upended the travel plans of tens of thousands of people on a busy U.K. holiday weekend. The airline said it was suffering a "major IT systems failure" around the world. Chief executive Alex Cruz said "we believe the root cause was a power-supply issue and we have no evidence of any cyberattack." He said the crash had affected "all of our check-in and operational systems." BA operates hundreds of flights from the two London airports on a typical day -- and both are major hubs for worldwide travel. Several hours after problems began cropping up Saturday morning, BA suspended flights up to 6 p.m. because the two airports had become severely congested. The airline later scrapped flights from Heathrow and Gatwick for the rest of the day.

Read more of this story at Slashdot.

An anonymous reader quotes DistroWatch: Natanael Copa has announced the release of Alpine Linux 3.6.0. Alpine Linux is an independent, minimal operating system that is well suited to running servers, routers and firewalls. Version 3.6.0 introduces support for 64-bit POWER machines, 64-bit IBM z Systems computers and features many up to date packages, including PHP 7.1, LLVM 4.0 and version 6.3 of the GNU Compiler. "Noteworthy new packages" include Rust 1.17.0 and Cargo 0.18.0, as well as Julia 0.5.2, as we ll as "significant updates" like Go 1.8, Python 3.6, and Ruby 2.4. And in addition, "MD5 and SHA-1 hashes have been removed from APKBUILDs, being obsoleted by SHA-512."

Read more of this story at Slashdot.

theodp writes: Fortune reports that LinkedIn co-founder Reid Hoffman is "leading a $30 million funding round in Change.org, a for-profit petition and fundraising website focused on social and political change." Joining Hoffman in this round, as well as an earlier $25 million round in 2014, is Bill Gates. Change.org, Hoffman explained in a Friday LinkedIn post, "helps enable a world where you don't need to hire a lobbyist to have real impact on the issues and policies that matter to you." He added, "In its decade of existence, Change.org petitions have resulted in more than 21,000 victories, i.e., instances in which a government agency, corporation, or other entity has changed a regulation or a policy in the face of a Change.org petition urging it to do so." Last year, Hoffman joined Gates and some of the biggest names in tech and corporate America who threw their weight behind a Change.org petition that tried to get Congress to fund K-12 Computer Science education. The Change.org petition fell short of its 150,000-signature goal despite claims of support from 90% of the parents of the nation's 58 million K-12 schoolchildren (based on a Google-funded survey of 1,685 parents), widespread press coverage (including a full-page ad in petition signer Jeff Bezos's Washington Post), lobbying efforts by the tech coalition that organized the petition (which counts LinkedIn and Microsoft among its members), and even some free PR from Change.org.

Read more of this story at Slashdot.

Long-time Slashdot reader williamyf was the first to share news of "a wormable bug [that] has remained undetected for seven years in Samba verions 3.5.0 onwards." Ars Technica reports: Researchers with security firm Rapid7...said they detected 110,000 devices exposed on the internet that appeared to run vulnerable versions of Samba. 92,500 of them appeared to run unsupported versions of Samba for which no patch was available... Those who are unable to patch immediately can work around the vulnerability by adding the line nt pipe support = no to their Samba configuration file and restart the network's SMB daemon. The change will prevent clients from fully accessing some network computers and may disable some expected functions for connected Windows machines. The U.S. Department of Homeland Security's CERT group issued an anouncement urging sys-admins to update their systems, though SC Magazine cites a security researcher arguing this attack surface is much smaller than that of the Wannacry ransomware, partly because Samba is just "not as common as Windows architectures." But the original submission also points out that while the patch came in fast, "the 'Many eyes' took seven years to 'make the bug shallow'."

Read more of this story at Slashdot.

"Rocket Lab: We have lift-off!" wrote long-time Slashdot reader ClarkMills on Wednesday. "History made as Electron launches successfully from Mahia." The New Zealand Herald reports: Rocket Lab engineers have started analyzing data from yesterday's historic launch from the Mahia Peninsula that took the company to space but not able to complete its orbital mission. Lift-off at 4.20 pm was the first orbital-class rocket launched from a private launch site in the world. New Zealand became the 11th country with potential to launch cargo into space, joining superpowers and tech heavyweights. The Government hailed the lift-off as a major milestone for the country's space industry... "We didn't quite reach orbit and we'll be investigating why, however reaching space in our first test puts us in an incredibly strong position to accelerate the commercial phase of our program," said founder and chief executive Peter Beck. Beck added they'd developed their rocket "from scratch" in under four years, and the company's official Twitter feed is now proudly tweeting photos and videos from the launch.

Read more of this story at Slashdot.

An anonymous reader writes: Fight for the Future has found another issue with the fake comments submitted to the FCC opposing net neutrality. "The campaign group says that some of the comments were posted using the names and details of dead people," according to the BBC. The exact same comment was also submitted more than 7,000 times using addresses in Colorado, where a reporter discovered that contacting the people at those addresses drew reactions which included "I have never seen this before in my life" and "No, I did not post this comment. In fact, I disagree with this comment." Fight for the Future also knocked on doors in Tampa, Florida, where the few people who answered "were shocked to hear that their name and address were publicly listed alongside a political message they did not necessarily understand or agree with." An alleged commenter in Montana told a reporter she didn't even know what net neutrality was. 14 people have already signed Fight for the Future's official complaint to the FCC, which calls for notification of all people affected, an investigation, and the immediate removal of all fake comments from the public docket. "Based on numerous media reports, nearly half a million Americans may have been impacted by whoever impersonated us," states the letter, "in a dishonest and deceitful campaign to manufacture false support for your plan to repeal net neutrality protections." Fight for the Future says they've already verified "dozens" of instance of real people discovering a fake comment was submitted in their name -- and that in addition, more than 2,400 people have already used their site to contact their state Attorneys General demanding an investigation. They note the FCC has taken no steps to remove the fake comments from its docket, "risking the safety and privacy of potentially hundreds of thousands of people," while a campaign director at Fight for the Future added, "For the FCC's process to have any legitimacy, they simply cannot move forward until an investigation has been conducted."

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Guardian: Google argued that it was too financially burdensome and logistically challenging to compile and hand over salary records that the government has requested, sparking a strong rebuke from the U.S. Department of Labor (DoL), which has accused the Silicon Valley firm of underpaying women. Google officials testified in federal court on Friday that it would have to spend up to 500 hours of work and $100,000 to comply with investigators' ongoing demands for wage data that the DoL believes will help explain why the technology corporation appears to be systematically discriminating against women. Noting Google's nearly $28 billion annual income as one of the most profitable companies in the U.S., DoL attorney Ian Eliasoph scoffed at the company's defense, saying, "Google would be able to absorb the cost as easy as a dry kitchen sponge could absorb a single drop of water."

Read more of this story at Slashdot.

dryriver writes: It is 2017 and the long dead Amiga platform has suddenly been resurrected. The new Amiga X5000 costs about $1,800 and is an exotic mix of PC parts and completely new custom chips, including "Xena," an XMOS 16-core programmable 32-bit 500 MHz coprocessor that can be configured by software to act as any type of custom chip imaginable. It is connected to a special "Xorro" slot that has the same physical connection as a PCIe x8 expansion card, but it is dedicated to adding more Xena chips as desired. Amiga X5000 can run all legacy Amiga software, including software written for later PowerPC Amigas. It boots from a U-Boot BIOS. The OS is AmigaOS 4.1, but the X5000 can also boot into MorphOS or Linux. The test system used by Ars came with a ATI Radeon R9 270X video card.

Read more of this story at Slashdot.

An anonymous reader writes: Two recent news stories give new prominence to politically-motivated data breaches. Friday the Wall Street Journal reported that last year Guccifer 2.0 sent 2.5 gigabytes of Democratic Congressional Campaign Committee election data to a Republican operative in Florida, including their critical voter turnout projections. At the same time ABC News is reporting that the FBI is investigating "an attempted overseas cyberattack against the Trump Organization," adding that such an attack would make his network a high priority for government monitoring. "In the course of its investigation," they add, "the FBI could get access to the Trump Organization's computer network, meaning FBI agents could possibly find records connected to other investigations." A senior FBI official (now retired) concedes to ABC that "There could be stuff in there that they [the Trump organization] do not want to become part of a separate criminal investigation." It seems like everyone's talking about the privacy of their communications. Tonight the Washington Post writes that Trump's son-in-law/senior advisor Jared Kushner "discussed the possibility of setting up a secret and secure communications channel between Trump's transition team and the Kremlin, using Russian diplomatic facilities in an apparent move to shield their pre-inauguration discussions from monitoring, according to U.S. officials briefed on intelligence reports." And Friday Hillary Clinton was even quoted as saying, "I would have won had I not been subjected to the unprecedented attacks by Comey and the Russians..."

Read more of this story at Slashdot.

An anonymous reader writes: Two recent news stories give new prominence to politically-motivated data breaches. Friday the Wall Street Journal reported that last year Guccifer 2.0 sent 2.5 gigabytes of Democratic Congressional Campaign Committee election data to a Republican operative in Florida, including their critical voter turnout projections. At the same time ABC News is reporting that the FBI is investigating "an attempted overseas cyberattack against the Trump Organization," adding that such an attack would make his network a high priority for government monitoring. "In the course of its investigation," they add, "the FBI could get access to the Trump Organization's computer network, meaning FBI agents could possibly find records connected to other investigations." A senior FBI official (now retired) concedes to ABC that "There could be stuff in there that they [the Trump organization] do not want to become part of a separate criminal investigation." It seems like everyone's talking about the privacy of their communications. Tonight the Washington Post writes that Trump's son-in-law/senior advisor Jared Kushner "discussed the possibility of setting up a secret and secure communications channel between Trump's transition team and the Kremlin, using Russian diplomatic facilities in an apparent move to shield their pre-inauguration discussions from monitoring, according to U.S. officials briefed on intelligence reports." And Friday Hillary Clinton was even quoted as saying, "I would have won had I not been subjected to the unprecedented attacks by Comey and the Russians..."

Read more of this story at Slashdot.

A third of the honeybees in the United States were lost over the last year, part of a decade-long die-off experts said may threaten our food supply. USA Today reports: The annual survey of roughly 5,000 beekeepers showed the 33% dip from April 2016 to April 2017. The decrease is small compared to the survey's previous 10 years, when the decrease hovered at roughly 40%. From 2012 to 2013, nearly half of the nation's colonies died. The death of a colony doesn't necessarily mean a loss of bees, explains vanEngelsdorp, a project director at the Bee Informed Partnership. A beekeeper can salvage a dead colony, but doing so comes at labor and productivity costs. That causes beekeepers to charge farmers more for pollinating crops and creates a scarcity of bees available for pollination. It's a trend that threatens beekeepers trying to make a living and could lead to a drop-off in fruits and nuts reliant on pollination, vanEngelsdor said. So what's killing the honeybees? Parasites, diseases, poor nutrition, and pesticides among many others. The chief killer is the varroa mite, a "lethal parasite," which researchers said spreads among colonies.

Read more of this story at Slashdot.

New submitter cinemetek quotes a report from University of Central Florida: Researchers at the University of Central Florida have developed a new color changing surface tunable through electrical voltage that could lead to three times the resolution for televisions, smartphones and other devices. Current LCD's are made up of hundreds of thousands of pixels that display different colors. With current technology, each of these pixels contain three subpixels -- one red, one green, one blue. UCF's NanoScience Technology Center (Assistant Professor Debashis Chanda and physics doctoral student Daniel Franklin) have come up with a way to tune the color of these subpixels. By applying differing voltages, they are able to change the color of individual subpixels to red, green or blue -- the RGB scale -- or gradations in between. By eliminating the three static subpixels that currently make up every pixel, the size of individual pixels can be reduced by three. Three times as many pixels means three times the resolution. That would have major implications for not only TVs and other general displays, but augmented reality and virtual-reality headsets that need very high resolution because they're so close to the eye.

Read more of this story at Slashdot.

An anonymous reader writes: "Following years of criticism and user requests, the FileZilla FTP client is finally adding support for a master password that will act as a key for storing FTP login credentials in an encrypted format," reports BleepingComputer. "This feature is scheduled to arrive in FileZilla 3.26.0, but you can use it now if you download the 3.26.0 (unstable) release candidate from here." By encrypting its saved FTP logins, FileZilla will finally thwart malware that scrapes the sitemanager.xml file and steals FTP credentials, which were previously stolen in plain text. The move is extremely surprising, at least for the FileZilla user base. Users have been requesting this feature for a decade, since 2007, and they have asked it many and many times since then. All their requests have fallen on deaf ears and met with refusal from FileZilla maintainer, Tim Kosse. In November 2016, a user frustrated with Koose's stance forked the FileZilla FTP client and added support for a master password via a spin-off app called FileZilla Secure.

Read more of this story at Slashdot.

Lirodon quotes a report from Variety: Facebook has joined the fight against illegal video-streaming devices. The social behemoth recently added a new category to products it prohibits users to sell under its commerce policy: Products or items that "facilitate or encourage unauthorized access to digital media." The change in Facebook's policy, previously reported by The Drum, appears primarily aimed at blocking the sale of Kodi-based devices loaded with software that allows unauthorized, free access to piracy-streaming services. Kodi is free, open-source media player software. The app has grown popular among pirates, who modify the code with third-party add-ons for illegal streaming. Even with the ban officially in place, numerous "jail-broken" Kodi-enabled devices remain listed in Facebook's Marketplace section, indicating that the company has yet to fully enforce the new ban. A Facebook rep confirmed the policy went into effect earlier this month. In addition, the company updated its advertising policy to explicitly ban ads for illegal streaming services and devices.

Read more of this story at Slashdot.

Two studies are warning of thousands of vulnerabilities found in pacemakers, insulin pumps and other medical devices. "One study solely on pacemakers found more than 8,000 known vulnerabilities in code inside the cardiac devices," reports BBC. "The other study of the broader device market found only 17% of manufacturers had taken steps to secure gadgets." From the report: The report on pacemakers looked at a range of implantable devices from four manufacturers as well as the "ecosystem" of other equipment used to monitor and manage them. Researcher Billy Rios and Dr Jonathan Butts from security company Whitescope said their study showed the "serious challenges" pacemaker manufacturers faced in trying to keep devices patched and free from bugs that attackers could exploit. They found that few of the manufacturers encrypted or otherwise protected data on a device or when it was being transferred to monitoring systems. Also, none was protected with the most basic login name and password systems or checked that devices they were connecting to were authentic. Often, wrote Mr Rios, the small size and low computing power of internal devices made it hard to apply security standards that helped keep other devices safe. In a longer paper, the pair said device makers had work to do more to "protect against potential system compromises that may have implications to patient care." The separate study that quizzed manufacturers, hospitals and health organizations about the equipment they used when treating patients found that 80% said devices were hard to secure. Bugs in code, lack of knowledge about how to write secure code and time pressures made many devices vulnerable to attack, suggested the study.

Read more of this story at Slashdot.