Slashdot

Subscribe to Slashdot feed Slashdot
News for nerds, stuff that matters
Updated: 14 min ago

Verizon To Sell Tumblr To WordPress Owner

Mon, 08/12/2019 - 4:55pm
According to The Wall Street Journal, Verizon has agreed to sell its blogging website Tumblr to the owner of popular online-publishing tool WordPress. Tumblr was acquired by Yahoo for $1.1 billion in 2013, and was later included in Verizon's $4.5 billion purchase of Yahoo's web assets in 2017. Bloomberg reports: Automattic Inc. will buy Tumblr for an undisclosed sum and take on about 200 staffers, the companies said. Tumblr is a free service that hosts millions of blogs where users can upload photos, music and art, but it has been dwarfed by Facebook, Reddit and other services. The Tumblr acquisition is the largest ever in terms of price and head count for Automattic, the company's Chief Executive Matt Mullenweg said in an interview. The San Francisco company has a stable of brands focused on online publishing, including longform site Longreads, comment-filtering service Akismet, and avatar-managing service Gravatar. Mr. Mullenweg said his company intends to maintain the existing policy that bans adult content. He said he has long been a Tumblr user and sees the site as complementary to WordPress.com. "It's just fun," he said of Tumblr. "We're not going to change any of that." Tumblr has a strong mobile interface and dashboard where users follow other blogs, he said. Executives will look for ways WordPress.com and Tumblr can share services and functionality.

Read more of this story at Slashdot.

US Significantly Weakens Endangered Species Act

Mon, 08/12/2019 - 4:10pm
The Trump administration on Monday announced that it would change the way the Endangered Species Act is applied, significantly weakening the nation's bedrock conservation law credited with rescuing the bald eagle [Editor's note: the link may be paywalled; alternative source], the grizzly bear and the American alligator from extinction. From a report: The changes will make it harder to consider the effects of climate change on wildlife when deciding whether a given species warrants protection. They would most likely shrink critical habitats and, for the first time, would allow economic assessments to be conducted when making determinations. The rules also make it easier to remove a species from the endangered species list and weaken protections for threatened species, a designation that means they are at risk of becoming endangered. Overall, the new rules would very likely clear the way for new mining, oil and gas drilling, and development in areas where protected species live. Interior Secretary David Bernhardt said the changes would modernize the Endangered Species Act and increase transparency in its application. "The act's effectiveness rests on clear, consistent and efficient implementation," he said in a statement Monday. Commerce Secretary Wilbur Ross said in a statement the revisions "fit squarely within the president's mandate of easing the regulatory burden on the American public, without sacrificing our species' protection and recovery goals." The new rules are expected to appear in the Federal Register this week and will go into effect 30 days after that.

Read more of this story at Slashdot.

Epic Hit With Class-Action Suit Over Hacked Fortnite Accounts

Mon, 08/12/2019 - 3:35pm
Epic Games is being sued over security breaches that allowed hackers to access the personal information of Epic Games accounts. From a report: The class-action lawsuit, filed by Franklin D. Azar & Associates in U.S. District Court in North Carolina, alleges Epic's "failure to maintain adequate security measures and notify users of the security breach in a timely manner." The lawsuit states that "there are more than 100 class members." In January, Epic acknowledged that a bug in Fortnite may have exposed personal information for millions of user accounts.

Read more of this story at Slashdot.

Getting Cool Vanity License Plate 'NULL' Is Not Really a Cool Idea, Infosec Researcher Discovers

Mon, 08/12/2019 - 2:50pm
Choosing NULL as your license plate might seem like a funny idea. But as an infosec researcher discovered recently, the cool-looking NULL vanity plate comes with its own consequences. Researcher Droogie, that's his handle, who presented at this year's DEF CON in Las Vegas, said he has been on the receiving end of thousands of dollars worth of tickets that aren't his. From a report: Droogie registered a vanity California license plate consisting solely of the word "NULL" -- which in programming is a term for no specific value -- for fun. And, he admitted to laughs, on the off chance it would confuse automatic license plate readers and the DMV's ticketing system. "I was like, 'I'm the shit,'" he joked to the crowd. "'I'm gonna be invisible.' Instead, I got all the tickets." Things didn't go south immediately. As Droogie explained, he's a cautious driver and didn't get any tickets for the first year he owned the vanity plate. Then he went to reregister his tags online, and, when prompted to input his license plate, broke the DMV webpage. It seemed the DMV site didn't recognize the plate "NULL" as an actual input. That was the first sign that something was amiss. The next sign was, well, a little more serious: After receiving a legitimate parking ticket, thousands of dollars in random tickets starting arriving in the mail at his house, addressed to him. It seemed that a privately operated citation processing center had a database of outstanding tickets, and, for some reason -- possibly due to incomplete data on their end -- many of those tickets were assigned to the license plate "NULL." In other words, the processing center was likely trying to tell its systems it didn't know the plates of the offending cars. Instead, with Droogie's vanity plate now in play, it pegged all those outstanding tickets on him. Specifically, over $12,000 worth of outstanding tickets. Long story short, Droogie went on the painstaking process to explain the situation to the DMV and the LAPD, both of whom advised him to change his plate. At any rate, the DMV reached out to the private vendor and sorted the issue.

Read more of this story at Slashdot.

Unroll.me Settles FTC Allegations That It Deceived Consumers About How it Accesses and Uses Emails

Mon, 08/12/2019 - 2:15pm
Unroll.me, a firm that helps people manage their email list subscriptions but also sells users' data for profit, has settled with the FTC after allegations of deceiving consumers, the agency said. In a press release, the agency wrote: In a complaint, the FTC alleges that Unrollme , falsely told consumers that it would not "touch" their personal emails, when in fact it was sharing the users' email receipts (e-receipts) with its parent company, Slice Technologies. E-receipts are emails sent to consumers following a completed transaction and can include, among other things, the user's name, billing and shipping addresses, and information about products or services purchased by the consumer. Slice uses anonymous purchase information from Unrollme users' e-receipts in the market research analytics products it sells. Unrollme helps users unsubscribe from unwanted subscription emails and consolidates wanted email subscriptions into one daily email called the Rollup. The service requires users to provide Unrollme with access to their email accounts.

Read more of this story at Slashdot.

Google Will Now Let Android Users Log In To Some Services Without A Password

Mon, 08/12/2019 - 1:38pm
If you're an Android user, you can now sign into some of Google's services using your fingerprint, rather than having to type in a password. "The feature is available starting today for some Android phones, and it will be rolling out to all phones running Android 7 or later 'over the next few days,'" reports The Verge. "According to a Google help page, the feature also allows you to log in using whichever method you have set up to unlock your phone, which can include pins and pattern unlock." From the report: Android phones already let you use your fingerprint to authenticate Google Pay purchases and log in to apps. What's new here is being able to use that same fingerprint to log in to one of Google's web services within the Chrome browser. At the moment, you can use the functionality to view and edit the passwords that Google has saved for you at passwords.google.com, but Google says it plans to add the functionality to more Google and Google Cloud services in the future. If you have a compatible Android handset, then you can try the functionality out now by heading over to passwords.google.com using the Chrome app on your phone. This service lets you manage all of the passwords that Chrome has saved for you. If you tap on any one of these saved passwords, then Google will prompt you to "Verify that it's you," at which point, you can authenticate using your fingerprint or any other method you'd usually use to unlock your phone. You'll need to already have your personal Google Account added to your Android device for this to work.

Read more of this story at Slashdot.

GM, Volkswagen Say Goodbye To Hybrid Vehicles

Mon, 08/12/2019 - 12:55pm
An anonymous reader quotes a report from The Wall Street Journal: Auto makers for two decades have leaned on hybrid vehicles to help them comply with regulations on fuel consumption and give customers greener options in the showroom. Now, two of the world's largest car manufacturers say they see no future for them in their U.S. lineups. General Motors and Volkswagen are shifting the bulk of their future investment into fully electric cars (Warning: source paywalled; alternative source), seeing hybrids, which save fuel by combining a gasoline engine with an electric motor, as only a stopgap to ultimately meeting tougher tailpipe-emissions requirements, particularly in China and Europe. GM plans to launch 20 fully electric vehicles world-wide in the next four years, including plug-in models in the U.S. for the Chevy and Cadillac brands. Volkswagen also has committed billions to producing more battery-powered models, including introducing a small plug-in SUV in the U.S. next year and an electric version of its minibus around 2022. VW and GM are focused on all-electric cars largely because of China, where new regulations require car companies to sell a minimum number of zero-emissions vehicles to avoid financial penalties. VW plans to use its electric-car expansion in China to build scale and drive down prices faster in the U.S., said Scott Keogh, VW's U.S. chief. "If I had a dollar more to invest, would I spend it on a hybrid? Or would I spend it on the answer that we all know is going to happen, and get there faster and better than anybody else?" GM President Mark Reuss said in an interview.

Read more of this story at Slashdot.

The US Navy Will Replace Its Touchscreen Controls With Mechanical Ones On Its Destroyers

Mon, 08/12/2019 - 10:48am
The US Navy will replace the touchscreen throttle and helm controls currently installed in its destroyers with mechanical ones starting in 2020. From a report: The move comes after the National Transportation Safety Board released an accident report from a 2017 collision, which cites the design of the ship's controls as a factor in the accident. On August 21st, 2017, the USS John S. McCain collided with the Alnic MC, a Liberian oil tanker, off the coast of Singapore. The report provides a detailed overview of the actions that led to the collision: when crew members tried to split throttle and steering control between consoles, they lost control of the ship, putting it into the path of the tanker. The crash killed 10 sailors and injured 48 aboard the McCain. The report says that while fatigue and lack of training played a role in the accident, the design of the ship's control console were also contributing factors. Located in the middle of the McCain's bridge, the Ship's Control Console (SCC) features a pair of touch-screens on both the Helm and Lee Helm stations, through which the crew could steer and propel the ship. Investigators found that the crew had placed it in "backup manual mode," which removed computer-assisted help, because it allowed for "more direct form of communication between steering and the SSC."

Read more of this story at Slashdot.

Samsung is Spamming Galaxy Phones With Multiple Note10 Ads

Mon, 08/12/2019 - 10:03am
An anonymous reader shares a report: In case you were living under a rock this past week, it was hard to miss Samsung's big reveal for the Galaxy Note10. It was all over social media, news sites, televisions, and... notification trays. That's right, Samsung is once again spamming Galaxy phones with advertisements, this time for the Note10. This time around, push notifications advertising the Note10 are being sent out by at least three pre-installed applications -- Samsung Pay, Bixby, and the Samsung Push Service. Bixby wants you to ask it about the Note10, Samsung Pay is offering points when you look at the phone's product page, and Samsung Push Service just gives you a banner ad with no indication of where it came from. I received the Bixby ad on my international Galaxy S10e, but I haven't personally seen the others. To make matters even worse, Samsung has blocked disabling these alerts by holding down on them, at least for the Bixby app (again, I can't verify the other types of alerts). To disable the Bixby notifications, you have to open Bixby, tap the menu icon at the top-right, select Settings, and set 'Marketing notifications' to off.

Read more of this story at Slashdot.

A Wearable Robotic Tail Could Improve Your Balance

Mon, 08/12/2019 - 7:34am
Long-time Slashdot reader Ken McE shared a video of a new working prototype for a wearable tail. Engadget reports: There are lots of companies who make wearable tails for humans, but they're usually for cosplay or other entertainment pursuits. Researchers at Keio University in Japan have created a wearable animated tail that promises to genuinely augment the wearer's capabilities -- not just appearance -- by improving their balance and agility. The easiest way to understand what inspired this creation is to watch a video of monkeys effortlessly leaping from tree to tree. Their tails not only serve as an additional limb for grasping branches but also help them reposition their bodies mid-flight for a safe landing by shifting the monkey's center of balance as it moves. The Arque tail, as it's been named, does essentially the same thing for humans, although leaping from the highest branches of a tree isn't recommended just yet.... Inside the tail are a set of four artificial muscles powered by compressed air that contract and expand in different combinations to move and curl the tail in any direction. Though the researchers have built a prototype, their video describes it as a "proposed tail" -- specifically, an artificial biomimicry-inspired anthropomorphic one. So how exactly would the tail controlled externally? The video describes its ability "to passively provide forces to the user's body based on the estimated center of gravity of his posture in order to correct his body balance." So basically, the tail would have a mind of its own, like the arms of Doctor Octopus? "We also demonstrated a different approach for using the tail other than equilibrium maintenance, which is to change the center of mass of the user to off-balance his posture."

Read more of this story at Slashdot.

Was 2007 the 'Golden Age of Open Source'?

Mon, 08/12/2019 - 5:34am
Just a few months ago, the editor of the recently-departed Linux Journal wrote that in many ways the golden age of Linux and FOSS was 2007. "Linux was now mainstream in corporate IT, and it was much rarer to meet much resistance when you wanted to set up Linux servers, unless your company was a 100% Windows shop... FOSS companies were making a lot of money, and developers were being paid to work on Linux and FOSS full time." He also wrote that when Linux Journal later folded (the first time), "It became clearer than ever to me that while Linux and FOSS had won the battle over the tech giants a decade before, new ones had taken their place in the meantime, and we were letting them win." And he offered this final assessment in April: Today, Linux has wide hardware support, and a number of vendors offer hardware with Linux pre-installed and supported. The internet itself is full of FOSS projects, and one of the first things people do when they are about to start on a software project is to look on GitHub to see if anything that meets their needs already exists. Linux absolutely dominates the cloud in terms of numbers of VMs that run it, and much cloud infrastructure also runs FOSS services. Linux also is in many people's pockets and home appliances. Linux and FOSS are more ubiquitous than ever. Linux and FOSS also are more hidden than ever. So many of those FOSS projects on GitHub ultimately are used as building blocks for proprietary software. So many companies that seem to champion FOSS by helping upstream projects they rely on also choose to keep the projects they write themselves proprietary. Although Linux dominates the cloud, more and more developers and system administrators who use the cloud do so via proprietary APIs and proprietary services. New developers and sysadmins get less exposure to Linux servers and FOSS services if they use the cloud how the providers intended. And, while Linux runs in your pocket and in your home, it's hidden underneath a huge layer of proprietary applications. For the most part, the FOSS philosophy that defined Linux in its early days is hidden as well. Many people in the community tout FOSS only in terms of the ability to see code or as a way to avoid writing code themselves. It has become rarer for people to tout the importance of the freedoms that come along with FOSS and the problems that come from proprietary software. Indeed, most Linux application development in the cloud these days is done on Mac or Windows machines -- something that would have been considered unthinkable in the early days of Linux... I encourage everyone from all corners of the community not to take FOSS and Linux for granted. The world of readily available code and mostly open protocols you enjoy today isn't a given. If current trends continue, we could be back to a world of proprietary software, vendor lock-in and closed protocols like the world before 1994. This new battle we find ourselves in is much more insidious. The ways that proprietary software and protocols have spread, in particular on mobile devices, has made it much more challenging for FOSS to win compared to in the past. If we want to win this battle, we need the whole community to work together toward a common goal.

Read more of this story at Slashdot.

Are We In 'The Golden Age of Open Source'?

Mon, 08/12/2019 - 3:34am
InfoWorld's Matt Asay argues we're in (or near) "the golden age of open source." Here and there an open source company might struggle to make a buck, but as a community of communities, open source has never been healthier. There are a few good indicators for this. The first is that the clouds -- yes, all of them -- are open sourcing essential building blocks that expose their operations. Google rightly gets credit for moving first on this with projects like Kubernetes and TensorFlow, but the others have followed suit. For example, Microsoft Azure released Azure Functions, which "extends the existing Azure application platform with capabilities to implement code triggered by events occurring in virtually any Azure or third-party service as well as on-premises systems...." More recently, AWS released Firecracker, a lightweight, open source virtualization technology for running multi-tenant container workloads that emerged from AWS' serverless products (Lambda and Fargate). In a textbook example of how open source is supposed to work, Firecracker was derived from the Google-spawned crosvm but then spawned its own upgrade in the form of Weave Ignite, which made Firecracker much easier to manage. These are just a few examples of the interesting open source projects emerging from the public clouds. (Across the ocean, Alibaba has been open sourcing its chip architecture, among other things.) More remains to be done, but these offer hope that the public clouds come not to bury open source, but rather to raise it... it's not hard to believe that the more companies get serious about becoming software companies, the more they're going to encourage their developers to get involved in the open source communities upon which they depend... [I]t's not just the upstarts. Old-school enterprises like Home Depot host code on GitHub, while financial services companies like Capital One go even further, sponsoring open source events to help foster community around their proliferating projects.... So, again, not everybody is doing it. Not yet. But far more organizations are involved in open source today than were back in 2008... Such involvement is happening both at the elite level (public clouds) and in more mainstream ways, ushering in a golden era of open source.

Read more of this story at Slashdot.

Guido van Rossum Looks at Python's Past, Present, and Future

Sun, 08/11/2019 - 11:56pm
This week from 63-year-old Python creator Guido van Rossum shared some interesting stories with ZDNet's senior reporter Nick Heath: While sharing software with the world today only takes a few clicks, in the 1980s it was an altogether more laborious affair, with van Rossum recalling the difficulties of trying to distribute Python precursor ABC. "I remember around '85, going on a vacation trip to the US, my first ever visit to the US, with a magnetic tape in my luggage," says van Rossum. Armed with addresses and phone numbers of people who had signalled an interest in ABC via the rudimentary email system available at the time -- which wasn't suited to handling anything as large as source code -- he travelled door-to-door posting the tapes. Despite this effort, ABC didn't really take off. "So, no wonder we didn't get very far with the distribution of ABC, despite all its wonderful properties," he says. But as the internet revolution gathered steam, it would be much easier to distribute Python without a suitcase full of tapes. Van Rossum released Python to the world via the alt.sources newsgroup in 1991, under what was pretty much an open-source licence, six years before the term was first coined. While Python interpreter still had to be joined together into a compressed file from 21 separate parts and downloaded overnight on the Usenet network, it was still a vastly more efficient delivery mechanism than the hand deliveries of a few years earlier. Guido also shared some new comments on why he stepped down as Python's Benevolent Dictator for Life: "I was very disappointed in how the people who disagreed technically went to social media and started ranting that the decision process was broken, or that I was making a grave mistake. I felt attacked behind my back," he says. "In the past, it had always been clear that if there were a decision to be made about a change in the language or an improved feature, a whole bunch of core developers would discuss the pros and cons of the thing. Either a clear consensus would appear or, if it was not so clear, I would mull it over in my head and decide one way or another. With PEP572, even though it was clearly controversial, I chose 'Yes, I want to do this', and people didn't agree to disagree. "It wasn't exactly a revolt, but I felt that I didn't have the trust of enough of the core developer community to keep going." He thinks the change in how disputes about the language play out is partly a result of how many people use Python today. "It's probably also the fact that the Python community is so much larger. It's harder to reach any form of consensus, of course, because there's always fringe dissidents, no matter which way you decide." Earlier this year, Python core developers -- those who work on maintaining and updating Python's reference CPython interpreter -- elected a steering council to oversee the future of the language. Van Rossum was elected, alongside Warsaw and fellow core developers Brett Cannon, Carol Willing, and Nick Coghlan.

Read more of this story at Slashdot.

Does Quantum Cryptography Need a Reboot?

Sun, 08/11/2019 - 9:39pm
"Despite decades of research, there's no viable roadmap for how to scale quantum cryptography to secure real-world data and communications for the masses," according to IEEE Spectrum. Wave723 shares their report: A handful of companies now operate or pay for access to networks secured using quantum cryptography in the United States, China, Austria, and Japan. According to a recent industry report, six startups plus Toshiba are leading efforts to provide quantum cryptography to governments, large companies (including banks and financial institutions), and small to medium enterprises. But these early customers may never provide enough demand for these services to scale... From a practical standpoint, then, it doesn't appear that quantum cryptography will be anything more than a physically elaborate and costly -- and, for many applications, largely ignorable -- method of securely delivering cryptographic keys anytime soon. This is in part because traditional cryptography, relying as it does on existing computer networks and hardware, costs very little to implement. Whereas quantum crypto requires an entirely new infrastructure of delicate single-photon detectors and sources, and dedicated fiber optic lines. So its high price tag must be offset by a proven security benefit it could somehow deliver -- a benefit that has remained theoretical at best. Though it was supposed to replace mathematical cryptography, "Math may get the last laugh," the article explains. "An emerging subfield of mathematics with the somewhat misleading name 'post-quantum cryptography' now appears better situated to deliver robust and broadly scalable cryptosystems that could withstand attacks from quantum computers." They quote the security engineer at a New York cybersecurity firm who says quantum cryptography "seems like a solution to a problem that we don't really have." The article ends by suggesting that research may ultimately be applicable to quantum computers -- which could then be used to defeat math-based cryptography. But riffing on the article's title, sjames (Slashdot reader #1,099) quips that instead of giving quantum cryptography a reboot, maybe it just needs the boot.

Read more of this story at Slashdot.

New Electric Motor Design Massively Boosts Power, Torque, and Efficiency

Sun, 08/11/2019 - 7:44pm
A Texas-based, father/son team raised $4.5 million in seed funding to build "a remarkable electric motor technology," reports New Atlas. Long-time Slashdot reader Namarrgon writes: Linear Labs' impressive new circumferential flux motor design (video) uses four rotors [where other motors typically run one or two] and a software-reconfigurable, multi-coil stator, enclosed in a 3D magnetic "torque tunnel" to maximize efficiency even at high speeds. The stator can be configured on the fly by regrouping coils to use a variable number of overlapping phases simultaneously, producing full torque smoothly at low rpms without torque pulsing, or changing speeds with no change to frequency, current, or voltage, like an electronic transmission. An innovative approach to field weakening by gradually misaligning permanent magnets allows efficiencies to actually climb as speeds increase. These features produce a highly compact motor with two to five times the torque density, at least three times the power density and at least twice the total output of any conventional permanent magnet motor of the same size. This also eliminates the need for gearing in many applications, reducing costs and weight while gaining 10-20% more range from a given battery pack. Linear Labs has received 21 patents so far, with another 29 pending, and their prototypes have been verified by independent expert tests. Recently they received $4.5 million in seed funding, and are planning to build them into car and scooter prototypes over the next couple of years.

Read more of this story at Slashdot.

Amazon Ring Alert Leads To Capture of 'Extremely Dangerous' Escaped Convict

Sun, 08/11/2019 - 6:51pm
ABC News describes how Amazon's surveillance doorbell cameras today led to the capture of an "extremely dangerous" inmate: Homicide suspect Curtis Watson, 44, escaped from work detail on a tractor at the West Tennessee State Penitentiary in Henning, Tennessee, about 50 miles northeast of Memphis, on Wednesday. The tractor was later found about a mile away from the prison. Around 3:30 a.m. Sunday morning, police received a tip from Henning residents Harvey and Anne Taylor that they believed they had video surveillance of Watson outside their home, Tennessee Bureau of Investigation Director David Rausch told reporters in a news conference. The couple was woken up by an alarm from their Ring video doorbell system that alerted them someone was in their backyard, Harvey Taylor said. When they pulled up the screen, they saw a man looking in the refrigerator in their carport, but couldn't see his face. Once Watson closed the refrigerator door, Ann Taylor recognized Watson from his beard, and the couple called 911... Within 30 minutes of receiving the Taylors' call, law enforcement officers from multiple agencies descended on the area, "which then kept it contained and controlled from that point forward," Rausch said.

Read more of this story at Slashdot.

'Who Owns Your Wireless Service? Crooks Do'

Sun, 08/11/2019 - 5:43pm
Long-time Slashdot reader trolman scared this scathing editorial by security researcher Brian Krebs: If you are somehow under the impression that you -- the customer -- are in control over the security, privacy and integrity of your mobile phone service, think again. And you'd be forgiven if you assumed the major wireless carriers or federal regulators had their hands firmly on the wheel. No, a series of recent court cases and unfortunate developments highlight the sad reality that the wireless industry today has all but ceded control over this vital national resource to cybercriminals, scammers, corrupt employees and plain old corporate greed... Incessantly annoying and fraudulent robocalls. Corrupt wireless company employees taking hundreds of thousands of dollars in bribes to unlock and hijack mobile phone service. Wireless providers selling real-time customer location data, despite repeated promises to the contrary. A noticeable uptick in SIM-swapping attacks that lead to multi-million dollar cyberheists... Is there any hope that lawmakers or regulators will do anything about these persistent problems? Gigi Sohn, a distinguished fellow at the Georgetown Institute for Technology Law and Policy, said the answer -- at least in this administration -- is probably a big "no." "The takeaway here is the complete and total abdication of any oversight of the mobile wireless industry," Sohn told KrebsOnSecurity. "Our enforcement agencies aren't doing anything on these topics right now, and we have a complete and total breakdown of oversight of these incredibly powerful and important companies."

Read more of this story at Slashdot.

Vintage 30-Year-Old Mac Resurrected As a Web Server

Sun, 08/11/2019 - 5:04pm
Long-time Slashdot reader Huxley_Dunsany writes: After much work rebuilding and upgrading it, my Macintosh SE/30 from 1989 is now connected via Ethernet to the Web, and is hosting a simple website and old-style "guestbook." The site has been online for a few days (other than semi-frequent reboots of the system when it gets overloaded with requests), and has served nearly 20,000 visitors. For a machine with a 16MHz CPU and 68 megabytes of ram, it's held up remarkably well! I'm basically inviting a "Slashdotting" of my old Mac, but I thought this project might bring a few smiles here. Enjoy! "Awesome," wrote one visitor in the guestbook, adding "You should join a webring!"

Read more of this story at Slashdot.

Landmark 2.80 Release of Open Source Blender 3D With Improved UI Now Available

Sun, 08/11/2019 - 4:34pm
"In the 3D content creation space, where are lot of professional 3D software costs anywhere from 2K to 8K Dollars a license, people have always hoped that the free, open source 3D software Blender would some day be up to the job of replacing expensive commercial 3D software packages," writes Slashdot reader dryriver: This never happened, not because Blender didn't have good 3D features technically, but rather because the Blender Foundation simply did not listen to thousands of 3D artists screaming for a "more standard UI design" in Blender. Blender's eccentric GUI with reversed left-click-right-click conventions, keyboard shortcuts that don't match commercial software and other nastiness just didn't work for a lot of people. After years of screaming, Blender finally got a much better and more familiar UI design in release 2.80, which can be downloaded here. Version 2.80 has many powerful features, but the standout feature is that after nearly 10 years of asking, 3D artists finally get a better, more standard, more sensible User Interface. This effectively means that for the first time, Blender can compete directly with expensive commercial 3D software made by industry leaders like Autodesk, Maxon, NewTek and SideFX. Why the Blender Foundation took nearly a decade to revise the software's UI is anybody's guess.

Read more of this story at Slashdot.

Researchers Find More Than 40 Vulnerable Windows Device Drivers

Sun, 08/11/2019 - 3:34pm
Artem S. Tashkinov writes: Researchers from security company Eclypsium have discovered that more than forty drivers from at least twenty different vendors -- including every major BIOS vendor, as well as hardware vendors like ASUS, Toshiba, NVIDIA, and Huawei -- include critical vulnerabilities allowing an escalation of privileges to full system level access. Considering how widespread these drivers are, and the fact that they are digitally signed by Microsoft, they allow an attacker to more successfully penetrate target systems and networks, as well as remain hidden. Also while some of these drivers "are designed to update firmware, the driver is providing not only the necessary privileges, but also the mechanism to make changes" which means the attacker can gain a permanent foothold. Eclypsium has already notified Microsoft about the issues and at least NVIDIA has already released fixed drivers.

Read more of this story at Slashdot.

Pages