news

3 Former Astronauts: Earth-Asteroid Collisions Are a Real But Preventable Danger

Slashdot - Sat, 2014-04-19 16:28
Three former astronauts — Ed Lu, Tom Jones, and Bill Anders — say that reassuring figures about the rarity of asteroid collisions with Earth are perhaps too reassuring. The B612 Foundation, of which Lu is a director, has been established to draw public awareness to the risks of a large asteroid hitting a population center -- which these three men say is a far more serious public danger than has been acknowledged by NASA and other agencies. And beyond awareness, the Foundation's immediate goal is to raise money to " design and build an asteroid-finding space telescope and launch it by 2017," and then, Armageddon-style, to follow that up with technology to divert any asteroids whose path would threaten earth.

Read more of this story at Slashdot.








Categories: news

3 Former Astronauts: Earth-Asteroid Collisions Are a Real But Preventable Danger

Slashdot - Sat, 2014-04-19 16:28
Three former astronauts — Ed Lu, Tom Jones, and Bill Anders — say that reassuring figures about the rarity of asteroid collisions with Earth are perhaps too reassuring. The B612 Foundation, of which Lu is a director, has been established to draw public awareness to the risks of a large asteroid hitting a population center -- which these three men say is a far more serious public danger than has been acknowledged by NASA and other agencies. And beyond awareness, the Foundation's immediate goal is to raise money to " design and build an asteroid-finding space telescope and launch it by 2017," and then, Armageddon-style, to follow that up with technology to divert any asteroids whose path would threaten earth.

Read more of this story at Slashdot.








Categories: news

3 Former Astronauts: Earth-Asteroid Collisions Are a Real But Preventable Danger

Slashdot - Sat, 2014-04-19 16:28
Three former astronauts — Ed Lu, Tom Jones, and Bill Anders — say that reassuring figures about the rarity of asteroid collisions with Earth are perhaps too reassuring. The B612 Foundation, of which Lu is a director, has been established to draw public awareness to the risks of a large asteroid hitting a population center -- which these three men say is a far more serious public danger than has been acknowledged by NASA and other agencies. And beyond awareness, the Foundation's immediate goal is to raise money to " design and build an asteroid-finding space telescope and launch it by 2017," and then, Armageddon-style, to follow that up with technology to divert any asteroids whose path would threaten earth.

Read more of this story at Slashdot.








Categories: news

Six Clicks: Linux Mint tips and tricks

Linux Today - Sat, 2014-04-19 16:00

 ZDnet: Want to get the most out of Linux Mint, one of the most popular of the Linux desktops? Then read on!

Categories: linux, news, open source

Ask Slashdot: Hungry Students, How Common?

Slashdot - Sat, 2014-04-19 16:00
Gud (78635) points to this story in the Washington Post about students having trouble with paying for both food and school. "I recall a number of these experiences from my time as grad student. I remember choosing between eating, living in bad neighborhoods, putting gas in the car, etc. Me and my fellow students still refer to ourselves as the 'starving grad students.' Today we laugh about these experiences because we all got good jobs that lifted us out of poverty, but not everyone is that fortunate. I wonder how many students are having hard time concentrating on their studies due to worrying where the next meal comes from. In the article I found the attitude of collage admins to the idea of meal plan point sharing, telling as how little they care about anything else but soak students & parents for fees and pester them later on with requests for donations. Last year I did the college tour for my first child, after reading the article, some of the comments I heard on that tour started making more sense. Like 'During exams you go to the dining hall in the morning, eat and study all day for one swipe' or 'One student is doing study on what happens when you live only on Ramen noodles!' How common is 'food insecurity in college or high school'? What tricks can you share with current students?"

Read more of this story at Slashdot.








Categories: news

Two killed by bomb inside Bahrain car: ministry

Reuters: Technology - Sat, 2014-04-19 14:41
MANAMA (Reuters) - Two people were killed in a car that blew up in a mainly Shi'ite village in Bahrain on Saturday, and the interior ministry said the initial investigation showed that a homemade bomb had detonated inside the vehicle.






Categories: news

High stakes as restive Benghazi votes in Libyan local polls

Reuters: Technology - Sat, 2014-04-19 14:32
BENGHAZI (Reuters) - Libyan voters went to the polls on Saturday to elect municipal council members in 15 cities, including Benghazi, the country's second city, which is seeking greater autonomy for the eastern seaboard region.
Categories: news

Google's New Camera App Simulates Shallow Depth of Field

Slashdot - Sat, 2014-04-19 14:30
New submitter katiewilliam (3621675) writes with a story at Hardware Zone about a new feature that Google's working on for Android phones' built-in cameras: the illusion of shallow depth of field in phone snapshots, which typically err on the side of too much in focus, rather than too little. Excerpting: "The Google Research Blog [note: here's a direct link] revealed that there's quite a fair bit of algorithms running to achieve this effect; to put it in a nutshell, computer vision algorithms create a 3D model of the world based on the shots you have taken, and estimate the depth to every point in the scene."

Read more of this story at Slashdot.








Categories: news

Beer Price Crisis On the Horizon

Slashdot - Sat, 2014-04-19 13:10
Rambo Tribble (1273454) writes "The aficionados of beer and distilled spirits could be in for a major price-shock, if proposals by the Food and Drug Administration come to pass. Currently, breweries are allowed to sell unprocessed brewing by-products to feed farm animals. Farmers prize the nutritious, low-cost feed. But, new rules proposed by the FDA could force brewers to implement costly processing facilities or dump the by-products as waste. As one brewer put it, "Beer prices would go up for everybody to cover the cost of the equipment and installation.""

Read more of this story at Slashdot.








Categories: news

France's oldest nuclear plant shut down after incident but no danger posed - EDF

Reuters: Technology - Sat, 2014-04-19 12:43
PARIS (Reuters) - France's oldest nuclear power plant, Fessenheim, was shut down on Saturday following an incident at the facility away from the reactor which did not pose any danger, operator EDF said.
Categories: news

Egyptian court jails Muslim Brotherhood leader for insulting judiciary

Reuters: Technology - Sat, 2014-04-19 12:23
CAIRO (Reuters) - An Egyptian court sentenced a leading figure of the Muslim Brotherhood, Mohamed El-Beltagy, to one year in prison on Saturday for insulting the judiciary, the first sentence handed to a leader of the organization since it was outlawed last year, security and judicial sources said.






Categories: news

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 2014-04-19 12:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: news

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 2014-04-19 12:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: news

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 2014-04-19 12:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: news

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 2014-04-19 12:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: news

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 2014-04-19 12:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: news

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 2014-04-19 12:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: news

Pixel Piracy, A Pirate Sandbox Sim Gains Better Linux Support, Yarrrr!

Linux Today - Sat, 2014-04-19 12:00

 GamingOnLinux: Pixel Piracy already has a Linux version out for a while now, but they have just realised a patch they have been working on for some-time fixing start-up issues for Linux & Mac, yarrr maties, land ahoy!

Categories: linux, news, open source

Russia Writes Off 90 Percent of North Korea Debt

Slashdot - Sat, 2014-04-19 10:47
jones_supa (887896) writes "In Russia, the State Duma (lower house) on Friday ratified a 2012 agreement to write off the bulk of North Korea's debt. It said the total debt stood at $10.96 billion as of Sept. 17, 2012. Russia sees this lucrative in advancing the plans to build a gas pipe and railroad through North to South Korea. The rest of the debt, $1.09 billion, would be redeemed during the next 20 years, to be paid in equal installments every six months. The outstanding debt owed by North Korea will be managed by Russia's state development bank, Vnesheconombank. Moscow has been trying to diversify its energy sales to Asia away from Europe, which, in its turn, wants to cut its dependence on oil and gas from the erstwhile Cold War foe. Russia's state-owned top natural producer Gazprom is dreaming shipping 10 billion cubic meters of gas annually through the Koreas. Russia has written off debts to a number of impoverished Soviet-era allies, including Cuba. North Korea's struggling communist economy is just 2 percent of the size of neighboring South's."

Read more of this story at Slashdot.








Categories: news

New militant group claims responsibility for Friday blast in Cairo

Reuters: Technology - Sat, 2014-04-19 10:06
CAIRO (Reuters) - The Egyptian militant group Ajnad Misr claimed responsibility on Saturday for a blast that killed one police officer in Cairo.
Categories: news