Feed aggregator

Detroit's tech job growth nearly double the national average, fueled by car industry hires (Christina Tynan-Wood/ITworld)

TechMeme - Sun, 04/20/2014 - 1:25pm

Christina Tynan-Wood / ITworld:
Detroit's tech job growth nearly double the national average, fueled by car industry hires  —  By the numbers: Detroit offers a bright future for technology professionals  —  Metro Detroit's tech job growth was nearly 2x the national average in recent years

Categories: Technology

Cody Wilson Interview at Reason: Happiness Is a 3D Printed Gun

Slashdot - Sun, 04/20/2014 - 12:45pm
An anonymous reader writes "Cody Wilson details his conflict with the State Department over 3-D printable guns in this new interview with ReasonTV. In this video, he discusses how 3-D printing will render gun control laws obsolete and unenforceable; why Dark Wallet, his new crypto-currency, is much more subversive than Bitcoin; his legal defense, headed by Alan Gura (attorney in District of Columbia v. Heller and McDonald v. Chicago); and his forthcoming book about anarchy and the future."

Read more of this story at Slashdot.

Categories: Open Source, Technology

Google and Facebook: Unelected Superpowers?

Slashdot - Sun, 04/20/2014 - 11:48am
theodp (442580) writes "'The government is not the only American power whose motivations need to be rigourously examined,' writes The Telegraph's Katherine Rushton. 'Some 2,400 miles away from Washington, in Silicon Valley, Google is aggressively gaining power with little to keep it in check. It has cosied up to governments around the world so effectively that its chairman, Eric Schmidt, is a White House advisor. In Britain, its executives meet with ministers more than almost any other corporation. Google can't be blamed for this: one of its jobs is to lobby for laws that benefit its shareholders, but it is up to governments to push back. As things stand, Google — and to a lesser extent, Facebook — are in danger of becoming the architects of the law.' Schmidt, by the way, is apparently interested in influencing at least two current hot-button White House issues. Joined by execs from Apple, Oracle, and Facebook, the Google Chairman asserted in a March letter to Secretary of State John Kerry that the proposed Keystone XL pipeline is not in the economic interests of the U.S.; the Obama administration on Friday extended the review period on the pipeline, perhaps until after the Nov. 4 congressional elections. And as a 'Major Contributor' to Mark Zuckerberg's FWD.us PAC, Schmidt is also helping to shape public opinion on the White House's call for immigration reform; FWD.us just launched new attack ads (videos) and a petition aimed at immigration reform opponent Rep. Steve King. In Dave Eggers' The Circle, politicians who impede the company execs' agenda are immediately brought down. But that's fiction, right?"

Read more of this story at Slashdot.

Categories: Open Source, Technology

Why Tesla Really Needs a Gigafactory

Slashdot - Sun, 04/20/2014 - 10:56am
Hodejo1 (1252120) writes "Tesla has already put over 25,000 cars on the road with more to come and, presumably, most will still be running well past the 8-year battery warranty. What would happen if it is time to replace the battery pack on an old Model S or X and the cost is $25K? Simple, it would destroy the resale value of said cars, which would negatively affect the lease value of new Tesla automobiles. That's a big part of the real reason why Tesla is building its own battery factory. They not only need to ensure enough supply for new cars, but they have to dramatically bring down the price of the replacement batteries low enough so owners of otherwise perfectly running old Teslas don't just junk them. The Tesla Roadster was not a mass produced vehicle, so the cost of replacing its battery is $40K. The economies of scale of a gigafactory alone will drop battery costs dramatically. Heavy research could drop it further over the next decade or so."

Read more of this story at Slashdot.

Categories: Open Source, Technology

Inside Nokia's effort to build a detailed, three-dimensional "HD Map" for self-driving cars (Chris Davies/SlashGear)

TechMeme - Sun, 04/20/2014 - 10:35am

Chris Davies / SlashGear:
Inside Nokia's effort to build a detailed, three-dimensional “HD Map” for self-driving cars  —  Inside the Nokia HERE HD Maps putting Google on notice  —  Where exactly am I?  That's the question Nokia is facing, not in its position following the Microsoft deal that will see it shed …

Categories: Technology

Weekend Project: Start Guarding Yourself Against Heartbleed

ReadWriteWeb - Sun, 04/20/2014 - 10:11am

It’s a dangerous world out there, now made a little scarier thanks to Heartbleed.

A small coding error in OpenSSL, a massively adopted open-source protocol, the Heartbleed flaw managed to go undetected for two years as it tore security holes across huge swathes of the Internet. 

That’s enough to strike fear into the heart of any modern Web-using person—which is practically everyone in the developed world. And yet, most people I’ve spoken to still haven’t changed their passwords or taken other steps to make hackers’ jobs more difficult. 

If you’ve also been putting this off, or simply don't know where to start, dedicate a little time this weekend to this checklist of tasks that can help protect you against Heartbleed. 

Stopping The Bleed

Anxiety has been running high ever since the security flaw was made public on April 7. In less than two weeks since then, legions of Website administrators, app developers, security pros and others have been scrambling to address this mess. Although some companies say they’ve now patched it, plenty still haven’t. It will likely take years before the Heartbleed threat can be considered largely neutralized. 

Until then, users find themselves in a weird place. Since the onus is on tech purveyors to lock things down, there’s not much individuals can do—except make it harder for hackers to target them and actually use that data. That’s why experts urge people not to frequent Heartbleed-vulnerable sites, and change their passwords across their various accounts. 

This suggestion sounds reasonable; unfortunately, trying to remember every site, service and app you use and manually checking them, one by one, before changing logins is a tedious process. And, in itself, it's prone to human error. After all, there’s bound to be some site or service you forget about. 

Sure, you can go to extremes by locking everything down—you can even take yourself totally offline—but realistically, that’s not going to work for most of us. So let’s focus on the simpler things you can do with the biggest security payoff. 

Step 1: Make A List Of Important Sites And Accounts

Start by corralling your top-priority accounts—anything that touches your financial or medical data, email and messaging accounts, online identities (including social media), or anything else you wouldn’t want strangers to access. 

  • The sites that come to mind first will likely be your most frequently used applications, which means they're probably important to you in some way, so jot those down. 
  • Browse through your desktop and phone applications, and call out any apps or accounts that sync your data to the Internet. (Note: Intranets, VPNs and other proprietary cloud services may also be vulnerable, but you’ll want to follow administrators’ guidelines for that. Don’t include those in this list.)
  • If you’re an Apple OS X user, look at the apps and sites listed in Keychain, which holds usernames and passwords. The Keychain is located in the Utilities folder within your Applications folder.
  • If you use a password manager, take note of those accounts as well. (If you don’t use one, see below.) 
  • Parse your browser bookmarks, for Web accounts you access directly. 

Basically you want to consider any app, Website or service that requires login credentials and goes to, or through, the Internet. Keep in mind that some store passwords and log you in automatically. 

Step 2: Check Which Apps or Sites Are Vulnerable To Heartbleed See also: 7 Heartbleed Myths Debunked

Now that you've compiled your list of sites and services, you'll need to check which accounts are actually vulnerable to this bug. Then you'll go through and change passwords. It sounds straightforward, but it's not, partially because there’s disagreement about how to actually do this. 

Some experts say you should change all your passwords immediately. Emmanuel Schalit, chief executive of password management service Dashland, urged users to quickly change their passwords for all critical accounts—like banks, PayPal and email—and then change them again once those sites actually plugged the holes. 

Others—like Rik Ferguson, vice president of security research at Trend Micro—advise holding off on changing passwords for affected sites until they’ve implemented the fix.

Ferguson tweeted that changing one's password “while the vuln[erability] is probably under widespread exploitation isn’t a good suggestion,” adding, "Changing now increases your risk of exposure in the short term as the vuln[erability] is now public." 

The latter suggestion appears to be the predominant wisdom, but either way, it's necessary to check each one of your important sites and note which are vulnerable to this bug. CNET offers an ongoing Heartbleed status list for popular sites, but there are other tools that can help: 

  • Browser users can install extensions like Chromebleed (Chrome) or Heartbleed-Ext (Firefox) or Netcraft (Chrome, Firefox, Opera), to see if sites they’re visiting are affected and get browser notifications. 
  • Android users can check on their device’s Heartbleed risk using Lookout’s Heartbleed Detector app, or use Bluebox Heartbleed Scanner to evaluate both the operating system and installed applications. There’s also a Heartbleed app for Windows Phone, though it’s simply a URL checker. Apple says iOS is not vulnerable to Heartbleed. 
  • Check URLs directly with an online Heartbleed checker, like the ones by Filippo Valsorda or LastPass

For Android users, we may just be scratching the surface. According to Google, most gadgets that run its mobile operating system are safe from Heartbleed exploitation, except those that run Android 4.1.1. But Lookout claims that a few Android 4.2.2 devices could be affected

A representative from the company, which compiled data from 100,000 of its app users, told me that 5.4% of users running 4.2.2 had the affected version of OpenSSL with Heartbeat—the specific extension that carries the Heartbleed flaw—enabled. These mobile devices could be running custom versions of the Android software, but for peace of mind, you can use Lookout or Bluebox’s mobile apps to check your handset. 

Step 3: Change Your Passwords

The final step is changing your passwords for every site that’s no longer vulnerable to Heartbleed, especially those were initially at risk but have now patched the hole. 

There are three common ways to deal with passwords, but the first two of these are incredibly insecure: Many create the same easy-to-memorize login for every site, or set different passwords and store them in a text file for easy access. But we recommend you keep your passwords diverse and store them all in a password manager. 

Here's what you need to bear in mind when changing passwords: 

  • For optimal security, you want long passwords with random numbers and punctuation.
  • Passwords are more secure if there are no actual words in them.
  • Vary your passwords for each account. Every single one of them. 
  • Can't remember them all? Few could. So rely on password managers instead—that's what they're there for. In fact, not only can they store your logins, but they can suggest new ones, too, which would take care of all of the above.

There are plenty of password management apps and services—like LastPass, Dashlane, 1Password, Keeper, Roboform, Lookout and PasswordBox. They're basically highly encrypted password vaults that work across different devices—whether iOS or Android, Windows or Mac. And most of these services feature password generators that can toss out different, hard-to-guess logins for every account. LastPass even has a Heartbleed checker built-in. 

Note: If you're a small business owner or running a team, you may need a more robust, collaborative password manager with administrative functions instead. In that case, something like Meldium or OneLogin may be up your alley. 

Other Considerations

You can change all of your passwords now, or only some, subtracting those services that are still vulnerable. Either way, you’ll still need to stay on top of the Heartbleed status for affected sites, so keep one or more of the tools listed above on hand. You'll also want to keep your desktop and mobile apps updated so you always have the latest security updates. 

Finally, if you haven’t done so before, activate multi-factor authentication wherever you can. It’s a secondary security protocol that usually involves sending a code or password to another device, like your smartphone, before allowing account access. On sites that offer it—including many online banking services, and email and social networks like Gmail, Twitter and Facebook—you can typically enable the feature from the settings page after you log in. 

Unfortunately, even this extra layer of security isn’t foolproof. Nothing really is, though, short of shutting down our accounts and going totally offline. But even then, our information is often saved online in some way. So even though end users can't fix this hole—it's up to the Web's architects to shore up the leaks in the Internet's foundation—we can do more than just sit idly by. We can and should create more obstacles for the intruders who would exploit it. 


Images courtesy of Flickr users Rachel Hofton (feature image), Horia Varlan (puzzle), cali4beach (image cropped) and Alonis (heart lock).

Categories: Technology

LADEE Probe Ends Its Mission On the Far Side Of the Moon

Slashdot - Sun, 04/20/2014 - 9:27am
The mission of NASA's LADEE probe was brought to an intentional violent end yesterday, when it smashed into the far side of the moon. As the Ars Technica report explains, "NASA's policy is to treat the locations of the Moon landings as historical sites, and it takes pains to preserve them from possible damage. LADEE didn't have the fuel to control its orbit indefinitely. As a result, the controllers had been preparing to terminate the probe for several weeks. ... The exact moment of impact isn't clear, since the precise terrain it hit couldn't be determined in advance. (If it hit a ridge, it would have happened earlier than if LADEE plowed across a plain. What is clear is that the impact destroyed the probe." Before the end of LADEE's mission, besides close up observations, the craft was used to test a new laser-based communication system.

Read more of this story at Slashdot.

Categories: Open Source, Technology

Obama Delays Decision On Keystone Pipeline Yet Again

Slashdot - Sun, 04/20/2014 - 8:29am
Hugh Pickens DOT Com (2995471) writes "The Christian Science Monitor reports that once again, the Obama administration has pushed back a final decision on the controversial Keystone XL pipeline possibly delaying the final determination until after the November midterm elections. In announcing the delay, the State Department cited a Nebraska Supreme Court case that could affect the route of the pipeline that may not be decided until next year, as well as additional time needed to review 2.5 million public comments on the project. Both supporters and opponents of the pipeline criticized the delay as a political ploy. Democratic incumbents from oil-rich states have urged President Obama to approve the pipeline but approving the pipeline before the election could staunch the flow of money from liberal donors and fund-raisers who oppose the project. The Senate Republican leader, Mitch McConnell said in a statement that "at a time of high unemployment in the Obama economy, it's a shame that the administration has delayed the construction of the Keystone XL pipeline for years." Activists say its construction could devastate the environment, but several State Department reviews have concluded that the pipeline would be safe and was unlikely to significantly increase the rate of carbon pollution in the atmosphere. Even if the pipeline was canceled, it said, the oil sands crude was likely to be extracted and brought to market by other means, such as rail, and then processed and burned."

Read more of this story at Slashdot.

Categories: Open Source, Technology

Samsung data center fire causes outage, errors on smart TVs and phones (update: fixed) (Richard Lawler/Engadget)

TechMeme - Sun, 04/20/2014 - 7:40am

Richard Lawler / Engadget:
Samsung data center fire causes outage, errors on smart TVs and phones (update: fixed)  —  Seeing an error message on your Samsung phone, tablet or Smart TV today?  You're not alone, as the Samsung.com website appears to be down and owners worldwide have reported anything from error messages …

Categories: Technology

Aereo's CEO on the future of Netflix, TV sports and the public airwaves (Jeff John Roberts/Gigaom)

TechMeme - Sun, 04/20/2014 - 7:25am

Jeff John Roberts / Gigaom:
Aereo's CEO on the future of Netflix, TV sports and the public airwaves  —  In 2012, Chet Kanojia set out to take on TV's goliaths with a slingshot full of tiny antennas, but he never imagined things would go so far so fast.  Aereo, the start-up he created, is going before the Supreme Court …

Categories: Technology

OpenSSL Cleanup: Hundreds of Commits In a Week

Slashdot - Sun, 04/20/2014 - 6:37am
New submitter CrAlt (3208) writes with this news snipped from BSD news stalwart undeadly.org: "After the news of heartbleed broke early last week, the OpenBSD team dove in and started axing it up into shape. Leading this effort are Ted Unangst (tedu@) and Miod Vallat (miod@), who are head-to-head on a pure commit count basis with both having around 50 commits in this part of the tree in the week since Ted's first commit in this area. They are followed closely by Joel Sing (jsing@) who is systematically going through every nook and cranny and applying some basic KNF. Next in line are Theo de Raadt (deraadt@) and Bob Beck (beck@) who've been both doing a lot of cleanup, ripping out weird layers of abstraction for standard system or library calls. ... All combined, there've been over 250 commits cleaning up OpenSSL. In one week.'" You can check out the stats, in progress.

Read more of this story at Slashdot.

Categories: Open Source, Technology

Sony Xperia Z2 review: a big, powerful slab of a phone (Sharif Sakr/Engadget)

TechMeme - Sun, 04/20/2014 - 5:50am

Sharif Sakr / Engadget:
Sony Xperia Z2 review: a big, powerful slab of a phone  —  It's been nearly three years since I reviewed the Xperia Neo, manufactured by what was then Sony Ericsson.  The Neo represented just the second generation of Xperia phones running on Android, from a period when Sony was finding …

Categories: Technology