Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Government

California Launches Mandatory Data Collection For Police Use-of-Force (seattletimes.com) 6

An anonymous Slashdot reader quotes the AP: All 800 police departments in California must begin using a new online tool launched Thursday to report and help track every time officers use force that causes serious injuries... The tool, named URSUS for the bear on California's flag, includes fields for the race of those injured and the officers involved, how their interaction began and why force was deemed necessary.

"It's sort of like TurboTax for use-of-force incidents," said Justin Erlich, a special assistant attorney general overseeing the data collection and analysis. Departments must report the data under a new state law passed last November. Though some departments already tracked such data on their own, many did not... "As a country, we must engage in an honest, transparent, and data-driven conversation about police use of force," California Attorney General Kamala Harris said in a news release.

It's an open source tool developed by Bayes Impact, and California plans to share the code with other interested law enforcement agencies across the country. Only three other states currently require their police departments to track data about use-of-force incidents, "but their systems aren't digital, and in Colorado's case, only capture shootings."
Education

The Ig Nobel Awards Celebrate Their 26th First Annual Awards Ceremony (improbable.com) 13

Thursday Harvard's Sanders Theatre hosted the 26th edition of the humorous research awards "that make people laugh, then think...intended to celebrate the unusual, honor the imaginative -- and spur people's interest in science, medicine, and technology." One of this year's winners actually lived as a goat, wearing prosthetic extensions on his arms and legs so he could travel the countryside with other goats. Long-time Slashdot reader tomhath writes: The Journal of Improbable announced these winners:

REPRODUCTION PRIZE [EGYPT] -- The late Ahmed Shafik, for studying the effects of wearing polyester, cotton, or wool trousers on the sex life of rats, and for conducting similar tests with human males.

ECONOMICS PRIZE [NEW ZEALAND, UK] -- Mark Avis, Sarah Forbes, and Shelagh Ferguson, for assessing the perceived personalities of rocks, from a sales and marketing perspective...

PEACE PRIZE [CANADA, USA] -- Gordon Pennycook, James Allan Cheyne, Nathaniel Barr, Derek Koehler, and Jonathan Fugelsang for their scholarly study called 'On the Reception and Detection of Pseudo-Profound Bullshit'...

PERCEPTION PRIZE [JAPAN] -- Atsuki Higashiyama and Kohei Adachi, for investigating whether things look different when you bend over and view them between your legs.

The Improable Research site lists the rest of this year's 10 winners, as well as every winner for the previous 25 years.
Education

How ITT Tech Screwed Students and Made Millions (gizmodo.com) 84

An anonymous Slashdot reader shares "a grim story about a company that screwed poor people, military veterans, and taxpayers to turn a profit." Gizmodo reports: By the time ITT Technical Institute closed its doors earlier this month, the for-profit college had been selling tenuous diplomas at exorbitant prices for more than 20 years...burying low-income and first-generation students in insurmountable debt, and evading regulators since the early 1990s...
ITT collected $178 million over two years just in federal education funding for veterans -- even while the company projected 33% of its students would ultimately default on their loans -- and last year 70% of the school's total revenue came directly from federal financial aid programs. Gizmodo spoke to one student who "will now spend the rest of his life paying back loans for a degree that is practically useless," after compounding interest turned his $70,000 loan into $200,000 in debt. "Like all of the former students interviewed by Gizmodo, he was placed in a job that did not require professional training" -- specifically, a game-testing position that didn't even require a high school diploma, while ITT "placed" another student in a $5.95-an-hour telemarketing job. Her assessment of ITT? "It was totally worthless."
United States

Kentucky's Shotgun 'Drone Slayer' Gets Sued Again (yahoo.com) 120

"Technology has surpassed the law..." argues a Kentucky man who fired a shotgun at a drone last year. An anonymous Slashdot reader reports: The drone's owner has now filed for damages in Federal Court over the loss of his $1,800 drone, arguing that the shotgun blast was unjustified because his drone wasn't actually trespassing or invading anyone's privacy. The defendant -- who has dubbed himself 'the Drone Slayer' -- said the aerial vehicle was over his garden and his daughter, and the verdict could ultimately set a new precedent in U.S. law: who owns the air?

"Operators need to know where they can fly," argued the drone pilot's lawyer, "and owners must know when they can reasonably expect privacy and be free of prying eyes." He estimates a drone is shot from he skies about once a month, and "What happens typically is that law enforcement doesn't know what to do and civil suits are uncommon as most people don't want to get involved due to the costs."

The Drone Slayer was originally charged with felony counts of wanton endangerment and criminal mischief. But all of those charges were dismissed in October when a district judge ruled he "had a right to shoot at the aircraft."
Security

Street Fighter V Update Installed Hidden Rootkits on PCs (theregister.co.uk) 74

Capcom's latest update for Street Fighter V was installing a secret rootkit on PCs. An anonymous Slashdot reader quotes The Register: This means malicious software on the system can poke a dodgy driver installed by Street Fighter V to completely take over the Windows machine. Capcom claims it uses the driver to stop players from hacking...to cheat. Unfortunately, the code is so badly designed, it opens up a full-blown local backdoor... it switches off a crucial security defense in the operating system, then runs whatever instructions are given to it by the application, and then switches the protection back on
Friday Capcom tweeted "We are in the process of rolling back the security measures added to the PC version of Street Fighter V." This prompted one user to reply, "literal rootkits are the opposite of security measures."
Microsoft

Tuesday Was Microsoft's Last Non-Cumulative Patch (helpnetsecurity.com) 121

There was something unique about this week's Patch Tuesday. An anonymous Slashdot reader quotes HelpNetSecurity: It was the last traditional Windows Patch Tuesday as Microsoft is moving to a new patching release model. In the future, patches will be bundled together and users will no longer be able to pick and choose which updates to install. Furthermore, these new 'monthly update packs' will be combined, so for instance, the November update will include all the patches from October as well.
Last month a Slashdot reader asked for suggestions on how to handle the new 'cumulative' updates -- although the most common response was "I run Linux."
Security

97% of the Top Companies Have Leaked Credentials Online (onthewire.io) 21

Apparently lots of people have been use both their work email address and work password on third-party sites -- suggesting a huge vulnerability. Trailrunner7 quotes On The Wire: The last few years have seen a number of large-scale breaches at popular sites and companies, including LinkedIn, Adobe, MySpace, and Ashley Madison, and many of the credentials stolen during those incidents have ended up online in various places... [R]esearch from Digital Shadows found that the most significant breach for the global 1,000 companies it looked at was the LinkedIn incident... Digital Shadows found more than 1.6 million credentials online for the 1,000 companies it studied. Adobe's breach was next on the list, with more than 1.3 million credentials.
"For Ashley Madison alone, there were more than 200,000 leaked credentials from the top 1,000 global companies," the researchers report, noting they also found many leaked credentials from breaches at other dating and gaming sites, as well as Myspace. Their conclusion? "The vast majority of organizations have credentials exposed online..."
Space

Cisco Blamed A Router Bug On 'Cosmic Radiation' (networkworld.com) 121

Network World's news editor contacted Slashdot with this report: A Cisco bug report addressing "partial data traffic loss" on the company's ASR 9000 Series routers contended that a "possible trigger is cosmic radiation causing SEU [single-event upset] soft errors." Not everyone is buying: "It IS possible for bits to be flipped in memory by stray background radiation. However it's mostly impossible to detect the reason as to WHERE or WHEN this happens," writes a Redditor identifying himself as a former [technical assistance center] engineer...
"While we can't speak to this particular case," Cisco wrote in a follow-up, "Cisco has conducted extensive research, dating back to 2001, on the effects cosmic radiation can have on our service provider networking hardware, system architectures and software designs. Despite being rare, as electronics operate at faster speeds and the density of silicon chips increases, it becomes more likely that a stray bit of energy could cause problems that affect the performance of a router or switch."

Friday a commenter claiming to be Xander Thuijs, Cisco's principal engineer on the ASR 9000 router, posted below the article, "apologies for the detail provided and the 'concept' of cosmic radiation. This is not the type of explanation I would like to see presented to the respected users of our products. We have made some updates to the DDTS [defect-tracking report] in question with a more substantial data and explanation. The issue is something that we can likely address with an FPD update on the 2x100 or 1x100G Typhoon-based linecard."
United States

US Panel Extends Nuclear Power Tax Credit (thehill.com) 156

Slashdot reader mdsolar quotes The Hill: The House Ways and Means Committee voted Wednesday to remove a key deadline for a nuclear power plant tax credit... The credit was first enacted in 2005 to spur construction of new nuclear plants, but it has gone completely unused because no new plants have come online since then...

It would likely benefit two reactors under construction at Southern Co.'s Vogtle Electric Generating Plant in Georgia and another two at Virgil C. Summer Nuclear Generating Station in South Carolina. Both projects are at risk of missing the 2020 deadline... "When Congress passed the 2005 act, it could not have contemplated the effort it would take to get a nuclear plant designed and licensed," said representative Tom Rice (R-S.C.).

Although one Democrat criticized the extension by arguing that nuclear power "does better in a socialist economy than in a capitalist one, because nuclear energy prefers to have the public do the cleanup, do the insurance, cover all of the losses and it only wants the profits."
Security

Malware Evades Detection By Counting Word Documents (threatpost.com) 59

"Researchers have found a new strain of document-based macro malware that evades discovery by lying dormant when it detects a security researcher's test environment," reports Threatpost, The Kaspersky Lab security news service. Slashdot reader writes: Once a computer is compromised, the malware will count the number of Word documents stored on the local drive; if it's more than two, the malware executes. Otherwise, it figures it's landed in a virtual environment or is executing in a sandbox and stays dormant.

A typical test environment consists of a fresh Windows computer image loaded into a VM. The OS image usually lacks documents and other telltale signs of real world use [according to SentinelOne researcher Caleb Fenton]. If no Microsoft Word documents are found, the VBA macro's code execution terminates, shielding the malware from automated analysis and detection. Alternately, if more than two Word documents are found on the targeted system, the macro will download and install the malware payload.

Education

Poor Scientific Research Is Disproportionately Rewarded (economist.com) 69

A new study calculates a low probability that real effects are actually being detected in psychology, neuroscience and medicine research paper -- and then explains why. Slashdot reader ananyo writes: The average statistical power of papers culled from 44 reviews published between 1960 and 2011 was about 24%. The authors built an evolutionary computer model to suggest why and show that poor methods that get "results" will inevitably prosper. They also show that replication efforts cannot stop the degradation of the scientific record as long as science continues to reward the volume of a researcher's publications -- rather than their quality.
The article notes that in a 2015 sample of 100 psychological studies, only 36% of the results could actually be reproduced. Yet the researchers conclude that in the Darwin-esque hunt for funding, "top-performing laboratories will always be those who are able to cut corners." And the article's larger argument is until universities stop rewarding bad science, even subsequent attempts to invalidate those bogus results will be "incapable of correcting the situation no matter how rigorously it is pursued."
Cloud

A New Programming Language Expands on Google's Go (infoworld.com) 136

"One sure sign your language is successful: When people build other languages that transpile into it." An anonymous Slashdot reader quotes a report from InfoWorld: The Have project uses Go's toolchain, but sports a different syntax and makes key additions to the language... Previously, a language named Oden worked with Go's toolchain to add features that Go didn't support. Now Polish developer Marcin Wrochniak has introduced Have, a language that transpiles to and expands on Go.

In the blog post that introduces the project to Go developers, Wrochniak describes Have as a hobby project, with the goal of becoming a "companion" to Go that addresses some of its common "landmines"... Go uses curly braces in the manner of C/C++, while Have uses block indents, like Python... The way that variable declaration, structs, and interfaces work have all been modified in Have to be more consistent with each other and to avoid internal inconsistencies that Wrochniak feels are a common source of bugs.

Botnet

Spam Hits Its Highest Level Since 2010 (networkworld.com) 39

Long-time Slashdot reader coondoggie quotes Network World: Spam is back in a big way -- levels that have not been seen since 2010 in fact. That's according to a blog post from Cisco Talos that stated the main culprit of the increase is largely the handiwork of the Necurs botnet... "Many of the host IPs sending Necurs' spam have been infected for more than two years.

"To help keep the full scope of the botnet hidden, Necurs will only send spam from a subset of its minions... This greatly complicates the job of security personnel who respond to spam attacks, because while they may believe the offending host was subsequently found and cleaned up, the reality is that the miscreants behind Necurs are just biding their time, and suddenly the spam starts all over again."

Before this year, the SpamCop Block List was under 200,000 IP addresses, but surged to over 450,000 addresses by the end of August. Interestingly, Proofpoint reported that between June and July, Donald Trump's name appeared in 169 times more spam emails than Hillary Clinton's.
Government

Senators Accuse Russia Of Disrupting US Election (washingtonpost.com) 150

An anonymous Slashdot reader quotes The Washington Post: Two senior Democratic lawmakers with access to classified intelligence on Thursday accused Russia of "making a serious and concerted effort to influence the U.S. election," a charge that appeared aimed at putting pressure on the Obama administration to confront Moscow... "At the least, this effort is intended to sow doubt about the security of our election and may well be intended to influence the outcomes," the statement said. "We believe that orders for the Russian intelligence agencies to conduct such actions could come only from very senior levels of the Russian government..."

White House officials have repeatedly insisted that they are awaiting the outcome of a formal FBI investigation, even though U.S. intelligence are said to have concluded with "high confidence" that Russia was responsible for the DNC breach and other attacks. The White House hesitation has become a source of frustration to critics, including senior members of Congress.

Meanwhile, U.S. intelligence officials are reportedly investigating whether Donald Trump's foreign policy adviser "opened up private communications with senior Russian officials -- including talks about the possible lifting of economic sanctions if the Republican nominee becomes president."
The Almighty Buck

Accenture Patents a Blockchain-Editing Tool (techweekeurope.co.uk) 77

A blockchain "produces a permanent ledger of transactions with which no one can tamper," reports TechWeekEurope. "Until now." Slashdot reader Mickeycaskill quotes their report: One of the core principles of Blockchain technology has potentially been undermined by the creation of an editing tool. The company responsible however, Accenture, says edits would only be carried out "under extraordinary circumstances to resolve human errors, accommodate legal and regulatory requirements, and address mischief and other issues, while preserving key cryptographic features..."

Accenture's move to create an editing system will no doubt be viewed by some technology observers as a betrayal of what blockchain technology is all about. But the company insisted it is needed, especially in the financial services industry... "The prototype represents a significant breakthrough for enterprise uses of blockchain technology particularly in banking, insurance and capital markets," said Accenture.

They're envisioning "permissioned" blockchain systems, "managed by designated administrators under agreed governance rules," while acknowledging that cyptocurrency remains a different environment where "immutable" record-keeping would still be essential.

Slashdot Top Deals