30 Jul 2016

feedSlashdot

Russian Government Gets 'Hacked Back', Attacks Possibly Launched By The NSA

An anonymous reader write: Russian government bodies have been hit by a "professional" cyber attack, according to the country's intelligence service, which said the attack targeted state organizations and defense companies, as well as Russia's "critically important infrastructures". The agency told the BBC that the powerful malware "allowed those responsible to switch on cameras and microphones within the computer, take screenshots and track what was being typed by monitoring keyboard strokes." ABC News reports that the NSA "is likely 'hacking back' Russia's government-linked cyber-espionage teams "to see once and for all if they're responsible for the massive breach at the Democratic National Committee, according to three former senior intelligence officials... Robert Joyce, chief of the NSA's shadowy Tailored Access Operations, declined to comment on the DNC hack specifically, but said in general that the NSA has technical capabilities and legal authorities that allow the agency to 'hack back' suspected hacking groups, infiltrating their systems to gather intelligence about their operations in the wake of a cyber attack... In some past unrelated cases...NSA hackers have been able to watch from the inside as malicious actors conduct their operations in real time."

Share on Google+

Read more of this story at Slashdot.

30 Jul 2016 11:35pm GMT

feedLifehacker

This Week's Top Downloads

Every week, we share a number of downloads for all platforms to help you get things done. Here were the top downloads from this week.

Read more...

30 Jul 2016 11:00pm GMT

feedSlashdot

After New GIMP Release, Core Developer Discusses Future of GIMP and GEGL

GIMP 2.9.4 was released earlier this month, featuring "symmetry painting" and the ability to remove holes when selecting a region, as well as improvements to many of its other graphics-editing tools. But today core developer Jehan Pages discussed the vision for GIMP's future, writing that the Generic Graphics (GEGL) programming library "is a hell of a cool project and I think it could be the future of Free and Open Source image processing": I want to imagine a future where most big graphics programs integrate GEGL, where Blender for instance would have GEGL as the new implementation of nodes, with image processing graphs which can be exchanged between programs, where darktable would share buffers with GIMP so that images can be edited in one program and updated in real time in the other, and so on. Well of course the short/mid-term improvements will be non-destructive editing with live preview on high bit depth images, and that's already awesomely cool right...? [C]ontributing to Free Software is not just adding any random feature, that's also about discussing, discovering others' workflow, comparing, sometimes even compromising or realizing that our ideas are not always perfect. This is part of the process and actually a pretty good mental builder. In any case we will work hard for a better GIMP

Share on Google+

Read more of this story at Slashdot.

30 Jul 2016 10:35pm GMT

Babylon 5 Actor Jerry Doyle Dies

Slashdot reader tiqui writes: Jerry Doyle, best known for playing Security Chief Michael Garibaldi on Babylon 5 has passed away in Las Vegas at only 60 years of age. His B5 character was often paired-up with G'Kar (played by Andreas Katsulas who died in 2006 at age 59) and with Jeffrey Sinclair (played by Michael O'Hare who died in 2012, also at age 60) He seems to have lead an interesting life. Cause of death not yet known. Slashdot reader The Grim Reefer quotes the BBC: Fellow Babylon 5 actor Bruce Boxleitner tweeted that he was "so devastated at the news of the untimely death of my good friend", while astronaut Scott Kelly said the news was "very sad to hear".

Share on Google+

Read more of this story at Slashdot.

30 Jul 2016 10:05pm GMT

feedLifehacker

Make a "Caveman Ziptie" In the Wild With a Palmetto Plant

If you ever find yourself lost in the wilds of a warmer climate, the strong leaves from a palmetto plant can help you build a shelter.

Read more...

30 Jul 2016 10:00pm GMT

Learn Coding Skills for the Raspberry Pi and Minecraft With This Free Book

There are few things that go together better than Minecraft and the Raspberry Pi, and the little microcomputer meant to teach kids coding can do even more with Minecraft. The folks at MagPi, the official magazine of the Raspberry Pi Foundation, have a free PDF that teaches you everything you need to know.

Read more...

30 Jul 2016 9:00pm GMT

feedArs Technica

DNC Breach extended to systems used by Clinton campaign

Congressional campaign and DNC breach allegedly by same Russian group.

30 Jul 2016 7:10pm GMT

This science fiction novel is a perfect antidote to U.S. election season

Malka Older's Infomocracy is a realistic picture of a future global democracy.

30 Jul 2016 4:42pm GMT

White dwarf bombards its companion with relativistic electrons

AR Scorpii turns out to be a binary system, not a single variable star.

30 Jul 2016 3:30pm GMT

feedOSNews

iPad-only is the new desktop Linux

If you're going to tell me "normal people" don't do those tasks, please don't. Quilters run blogs. Salespeople create presentations. And non-techie writers send revisions to editors. It's us nerds who insist that iOS solves the "problem" of normal people who don't understand the file system putting all their files on the desktop. But the desktop acts as shared document storage, which is something it turns out normal people sometimes need, and iOS does not solve that problem. Lecture me about the virtues of containers all you want, but there is no world in which having to use Dropbox as a temporary storage medium is a step forward. This is a great article, and it hits the nail on the head so hard, the nail's probably in Fiji by now. The only people going iPad-only are bloggers writing "I went iPad-only"-posts, and people who are trying to prove a point. Neither of them constitute a market.

30 Jul 2016 12:37pm GMT

Protecting Android with more Linux kernel defenses

Android relies heavily on the Linux kernel for enforcement of its security model. To better protect the kernel, we've enabled a number of mechanisms within Android. At a high level these protections are grouped into two categories - memory protections and attack surface reduction.

30 Jul 2016 12:20pm GMT

GPLGPU walkthrough

The goal was to publish source code to a GPU that is register compatible with the late 90's era Number Nine "Ticket To Ride IV" GPU. Although the project didn't meet its funding goal, the person behind it later published the code on github. Despite the fact that this is an older design, it has lots of stuff that is worth studying. It's interesting to compare this design to the VideoCore GPU that I walked through in a previous post. While there are some fundamental differences, there are surprising number of functions that are similar, which shows how modern GPUs evolved from earlier ones. A walkthrough of the GPLGPU as well as some history and backstory of the Number Nine "Ticket To Ride IV" GPU.

30 Jul 2016 12:19pm GMT

29 Jul 2016

feedThe Register - Software: Operating Systems

Windows 10 pain: Reg man has 75 per cent upgrade failure rate

Support for older systems less than satisfactory

Comment As your humble HPC correspondent for The Register, I should probably be running Linux on the array of systems here at the home office suite. But I don't. I've been a Microsoft guy since I bought my first computer way back in 1984.…

29 Jul 2016 5:58pm GMT

28 Jul 2016

feedThe Register - Software: Operating Systems

Cortana expelled from Windows 10's new school editions

Academic licence-holders get new education versions whether they want it or not

Microsoft has announced two new cuts of Windows 10, for schools.…

28 Jul 2016 7:19am GMT

26 Jul 2016

feedThe Register - Software: Operating Systems

Remix chomps Marshmallow, updates its Android for PCs

Who needs Windows or an iPad anyway?

An imminent update to Jide's Remix OS, for Android, is the first to be based on Marshmallow 6.0 and a bunch of UI enhancements.…

26 Jul 2016 11:40am GMT

21 May 2016

feedBacarospo – Jetzt live Geld verdienen

Etoro – Social Trading geht doch?!

Die Copy Trader ist die einfache und innovative Art und Weise , Geld online mit Forex Trading zu verdienen. Es ist ein gültiges und weithin bewährte System , gefolgt von vielen kleinen Investoren auf der ganzen Welt. Leider ist in Italien, sind sie so gut wie unbekannt diese Spiegel Handelssysteme oder Programme, mit denen Sie […]

21 May 2016 4:05pm GMT

28 Jun 2015

feedPlanet Sun

PicoChess 0.43 released

Just a short hint for all fans of chess programs. PicoChess 0.43 has been released.

28 Jun 2015 11:02pm GMT

20 May 2012

feedPlanet Sun

Annular Solar Eclipse on Sunday, May 20th 2012

On Sunday, May 20th 2012, people in a narrow strip from Japan to the western United States will be able to see an annular solar eclipse, the first in 18 years. The moon will cover as much as 94% of the sun. An Annular Solar Eclipse is different from a Total Solar Eclipse, when the […]

20 May 2012 9:51pm GMT

09 Nov 2011

feedIGN PC

2 Million Leave World of Warcraft

In the last year the number of World of Warcraft subscribers has fallen in the from 12 million to 10.3 million...

09 Nov 2011 11:55am GMT

AC: Revelations First-Person Missions

Assassin's Creed: Revelations will have first-person missions...

09 Nov 2011 10:58am GMT

An Experience Loophole in Battlefield 3

Via YouTube user DarkSydeGeoff, we came across a Battlefield 3 exploit that allows friends to boost enormous amounts of experience in hardcore matches...

09 Nov 2011 1:43am GMT

06 Nov 2011

feedPlanet Arch Linux

Tyrs a Microblogging Client based on Ncurses

Tyrs is a microblogging client, supporting Twitter and Status.net (identi.ca), it's based on console using the NCurses module from Python. The release of the 0.5.0 version is a good excuse to introduce Tyrs. Tyrs aims to get a good interaction with a fairly intuitive interface that can provide support ncurses. Tyrs tries also not to [...]

06 Nov 2011 9:43pm GMT

05 Nov 2011

feedPlanet Arch Linux

Pulling strings

After one year of managing a network of 10 servers with Cfengine I'm currently building two clusters of 50 servers with Puppet (which I'm using for the first time), and have various notes to share. With my experience I had a feeling Cfengine just isn't right for this project, and didn't consider it seriously. These servers are all running Debian GNU/Linux and Puppet felt natural because of the good Debian integration, and the number of users whom also produced a lot of resources. Chef was out of the picture soon because of the scary architecture; CouchDB, Solr and RabbitMQ... coming from Cfengine this seemed like a bad joke. You probably need to hire a Ruby developer when it breaks. Puppet is somewhat better in this regard.

Puppet master needs Ruby, and has a built-in file server using WEBrick. My first disappointment with Puppet was WEBrick. Though PuppetLabs claim you can scale it up to 20 servers, that proved way off, the built-in server has problems serving as little as 5 agents/servers, and you get to see many dropped connections and failed catalog transfers. I was forced to switch to Mongrel and Nginx as frontend very early in the project, on both clusters. This method works much better (even though Apache+Passenger is the recommended method now from PuppetLabs), and it's not a huge complication compared to WEBrick (and Cfengine which doesn't make you jump through any hoops). Part of the reason for this failure is my pull interval, which is 5 minutes with a random sleep time of up to 3 minutes to avoid harmonics (which is still a high occurrence with these intervals and WEBrick fails miserably). In production a customer can not wait on 30/45 minute pull intervals to get his IP address whitelisted for a service, or some other mundane task, it must happen within 10 minutes... but I'll come to these kind of unrealistic ideas a little later.

Unlike the Cfengine article I have no bootstrapping notes, and no code/modules to share. By default the fresh started puppet agent will look for a host called "puppet" and pull in what ever you defined to bootstrap servers in your manifests. As for modules, I wrote a ton of code and though I'd like to share it, my employer owns it. But unlike Cfengine v3 there's a lot of resources out there for Puppet which can teach you everything you need to know, so I don't feel obligated to even ask.

Interesting enough, published modules would not help you get your job done. You will have to write your own, and your team members will have to learn how to use your modules, which also means writing a lot of documentation. Maybe my biggest disappointment is getting disillusioned by most Puppet advocates and DevOps prophets. I found articles and modules most of them write, and experiences they share have nothing to do with the real world. It's like they host servers in a magical land where everything is done in one way and all servers are identical. Hosting big websites and their apps is a much, much different affair.

Every customer does things differently, and I had to write custom modules for each of them. Just between these two clusters a module managing Apache is different, and you can abstract your code a lot but you reach a point where you simply can't push it any more. Or if you can, you create a mess that is unusable by your team members, and I'm trying to make their jobs better not make them miserable. One customer uses an Isilon NAS, the other has a content distribution network, one uses Nginx as a frontend, other has chrooted web servers, one writes logs to a NFS, other to a Syslog cluster... Now imagine this on a scale with 2,000 customers and 3 times the servers and most of the published infrastructure design guidelines become laughable. Instead you find your self implementing custom solutions, and inventing your own rules, best that you can...

I'm ultimately here to tell you that the projects are in a better state then they would be with the usual cluster management policy. My best moment was an e-mail from a team member saying "I read the code, I now understand it [Puppet]. This is fucking awesome!". I knew at that moment I managed to build something good (or good enough), despite the shortcomings I found, and with nothing more than using PuppetLabs resources. Actually, that is not completely honest. Because I did buy and read the book Pro Puppet which contains an excellent chapter on using Git for collaboration on modules between sysadmins and developers, with proper implementation of development, testing and production (Puppet)environments.

05 Nov 2011 11:17pm GMT

Jshon

Creating json is now ten times easier.

05 Nov 2011 3:10am GMT

13 May 2011

feedPlanet Sun

The story behind Planet Sun

Some words about history of Planet Sun. For round about six years Planet Sun has been an aggregation of public weblogs written by employees of Sun Microsystems. Though it never was a product or publication of Sun Microsystems itself. The website was powered by Planet and run by David Edmondson. On 01 Mar 2010 David […]

13 May 2011 12:36am GMT