Celarent Darii writes: There is a vulnerability in the latest ubuntu distributions due to the DNS resolver included in systemd. The inclusion of the dns resolver was lamented by many on the mailing list, not without cause. All are advised to update their distribution. Read more of this story at Slashdot.
View article:
Vulnerability Discovered In Latest Ubuntu Distributions, Users Advised To Update
An anonymous reader quotes a report from The Guardian: The world’s first floating windfarm has taken to the seas in a sign that a technology once confined to research and development drawing boards is finally ready to unlock expanses of ocean for generating renewable power. After two turbines were floated this week, five now bob gently in the deep waters of a fjord on the western coast of Norway ready to be tugged across the North Sea to their final destination off north-east Scotland. The ~$256 million Hywind project is unusual not just because of the pioneering technology involved, which uses a 78-meter-tall underwater ballast and three mooring lines that will be attached to the seabed to keep the turbines upright. It is also notable because the developer is not a renewable energy firm but Norway’s Statoil, which is looking to diversify away from carbon-based fuels. Read more of this story at Slashdot.
More:
World’s First Floating Windfarm To Take Shape Off Coast of Scotland
Chrisq shares a report from The Telegraph: Fears have been raised that Britain’s largest ever warship could be vulnerable to cyber attacks after it emerged it appears to be running the outdated Microsoft Windows XP. A defense source told The telegraph that some of the on-boar hardware and software “would have been good in 2004” when the carrier was designed, “but now seems rather antiquated.” However, he added that HMS Queen Elizabeth is due to be given a computer refit within a decade. And senior officers said they will have cyber specialists on board to defend the carrier from such attacks. Read more of this story at Slashdot.
Read the original post:
Britain’s Newest Warship Runs Windows XP, Raising Cyber Attack Fears
An anonymous reader quotes CNET: Anthem, the largest health insurance company in the U.S., has agreed to settle a class action lawsuit over a 2015 data breach for a record $115 million, according to lawyers for the plaintiffs. The settlement still has to be approved by US District Court Judge Lucy Koh, who is scheduled to hear the case on August 17 in San Jose, California. And Anthem, which didn’t immediately respond to a request for confirmation and comment, isn’t admitting any admitting any wrongdoing, according to a statement it made to CyberScoop acknowledging the settlement. But if approved, it would be the largest data breach settlement in history, according to the plaintiffs’ lawyers, who announced the agreement Friday. The funds would be used to provide victims of the data breach at least two years of credit monitoring and to reimburse customers for breach-related expenses. The settlement would also guarantee a certain level of funding for “information security to implement or maintain numerous specific changes to its data security systems, including encryption of certain information and archiving sensitive data with strict access controls, ” the plaintiff attorneys said. The breach compromised data for 80 million people, including their social security numbers, birthdays, street addresses (and email addresses) as well as income data. The $115 million settlement averages out to $1.43 for every person who was affected. Read more of this story at Slashdot.
Read more here:
Anthem To Pay $115 Million In The Largest Data Breach Settlement Ever
mikeebbbd writes: As reported in the Los Angeles Daily News, during the current heatwave various officials swooped down on streets coated with an experimental light-gray sealer that makes the old asphalt into a “cool street” — and it works, with average temperature differences between coated streets and adjacent old asphalt around 10F. At a large parking lot, the temperature reduction was over 20F. If the material holds up and continues to meet other criteria, LA plans to use it on more pavement rehab projects, which could eventually make a difference in the heat island effect. The “CoolSeal” coating is apparently proprietary to a company named GuardTop LLC, costs $25-40K/mile, and lasts 5-7 years. At that price, it’s might not be used a lot, at least at first; typical slurry seals run $15-30K/mile. Read more of this story at Slashdot.
View the original here:
Los Angeles Tests Reflective ‘Cool Pavement’ On Streets
Fines for texting and driving in Colorado have jumped to $300, but according to the fine print, the increased fine only applies to drivers who are texting in “a careless or imprudent manner.” Therefore, drivers who are texting in any other manner are still within the law. FOX31 Denver reports: Before the new legislation, any texting while driving was illegal. Tim Lane of the Colorado District Attorney’s Office confirmed the softening crackdown on all texting and driving. “The simple fact is that if you are texting while driving but not being careless, it’s no longer illegal, ” he said. What constitutes “careless” driving is up to the discretion of each individual law enforcement officer. Cellphone use of any kind is still banned for drivers younger than 18. Teens caught with a phone in hand while driving will be slapped with a $50 fine. Read more of this story at Slashdot.
Read More:
Texting While Driving Now Legal In Colorado — In Some Cases
An anonymous reader quotes a report from TorrentFreak: Two years ago, academic publisher Elsevier filed a complaint (PDF) against Sci-Hub and several related “pirate” sites. It accused the websites of making academic papers widely available to the public, without permission. While Sci-Hub is nothing like the average pirate site, it is just as illegal according to Elsevier’s legal team, who obtained a preliminary injunction from a New York District Court last fall. The injunction ordered Sci-Hub’s founder Alexandra Elbakyan to quit offering access to any Elsevier content. However, this didn’t happen. Instead of taking Sci-Hub down, the lawsuit achieved the opposite. Sci-Hub grew bigger and bigger up to a point where its users were downloading hundreds of thousands of papers per day. Although Elbakyan sent a letter to the court earlier, she opted not engage in the U.S. lawsuit any further. The same is true for her fellow defendants, associated with Libgen. As a result, Elsevier asked the court for a default judgment and a permanent injunction which were issued this week. Following a hearing on Wednesday, the Court awarded Elsevier $15, 000, 000 in damages, the maximum statutory amount for the 100 copyrighted works that were listed in the complaint. In addition, the injunction, through which Sci-Hub and LibGen lost several domain names, was made permanent. Read more of this story at Slashdot.
Visit site:
Sci-Hub Ordered To Pay $15 Million In Piracy Damages
An anonymous reader shares a Bloomberg Businessweek feature: The Austrian village of Donawitz has been an iron-smelting center since the 1400s, when ore was dug from mines carved out of the snow-capped peaks nearby. Over the centuries, Donawitz developed into the Hapsburg Empire’s steel-production hub, and by the early 1900s it was home to Europe’s largest mill. With the opening of Voestalpine AG’s new rolling mill this year, the industry appears secure. What’s less certain are the jobs. The plant, a two-hour drive southwest of Vienna, will need just 14 employees to make 500, 000 tons of robust steel wire a year — vs. as many as 1, 000 in a mill with similar capacity built in the 1960s. Inside the facility, red-hot metal snakes its way along a 700-meter (2, 297-foot) production line. Yet the floors are spotless, the only noise is a gentle hum that wouldn’t overwhelm a quiet conversation, and most of the time the place is deserted except for three technicians who sit high above the line, monitoring output on a bank of flatscreens. “We have to forget steel as a core employer, ” says Wolfgang Eder, Voestalpine’s chief executive officer for the past 13 years. “In the long run we will lose most of the classic blue-collar workers, people doing the hot and dirty jobs in coking plants or around the blast furnaces. This will all be automated.” Read more of this story at Slashdot.
Continued here:
Just 14 People Make 500,000 Tons of Steel a Year in Austria
New submitter threc shares a report from MIT Technology Review: The tech world descended on Washington, D.C. yesterday to attend a tech summit at the White House. According to MIT Technology Review associate editor Jamie Condliffe: “Trump suggested he might relax his stance on immigration as a way to get tech leaders to help his cause. ‘You can get the people you want, ‘ he told the assembled CEOs. That sweetener may be a response to a very vocal backlash in the tech world against the administration’s recent travel bans. Trump may hope that his business-friendly stance will offer enough allure: if tech giants scratch his back, he may later deign to scratch theirs.” The report continues: “‘Our goal is to lead a sweeping transformation of the federal government’s technology that will deliver dramatically better services for citizens, ‘ said Trump at the start of his meeting with the CEOs, according to the Washington Post. ‘We’re embracing big change, bold thinking, and outsider perspectives.’ The headline announcement from the event was Trump’s promise to overhaul creaking government computing infrastructure. According to Jared Kushner, the president’s son-in-law and advisor, there’s much to be done: federal agencies have over 6, 000 data centers that could be consolidated, for instance, while the 10 oldest networks in use by the government are all at least 39 years old. The upgrade, said Trump, could save the country $1 trillion over the next 10 years.” Read more of this story at Slashdot.
Excerpt from:
Trump Promises a Federal Technology Overhaul To Save $1 Trillion
Earlier this month, a developer accidentally discovered the private key of a Cisco subdomain. An anonymous reader shares the post: Last weekend, in an attempt to get Sky’s NOW TV video player (for Mac) to work on my machine, I noticed that one of the Cisco executables contains a private key that is associated with the public key in a trusted certificate for a cisco.com sub domain. This certificate is used in a local WebSocket server, presumably to allow secure Sky/NOW TV origins to communicate with the video player on the users’ local machines. I read the Baseline Requirements document (version 1.4.5, section 4.9.1.1), but I wasn’t entirely sure whether this is considered a key compromise. I asked Hanno Bock on Twitter, and he advised me to post the matter to this mailing list. The executable containing the private key is named ‘CiscoVideoGuardMonitor’, and is shipped as part of the NOW TV video player. In case you are interested, the installer can be found here (SHA-256: 56feeef4c3d141562900f9f0339b120d4db07ae2777cc73a31e3b830022241e6). I would recommend to run this installer in a virtual machine, because it drops files all over the place, and installs a few launch items (agents/daemons). The executable ‘CiscoVideoGuardMonitor’ can be found at ‘$HOME/Library/Cisco/VideoGuardPlayer/VideoGuardMonitor/ VideoGuardMonitor.bundle/Contents/MacOS/CiscoVideoGuardMonitor’. Certificate details: Serial number: 66170CE2EC8B7D88B4E2EB732E738FE3A67CF672, DNS names: drmlocal.cisco.com, Issued by: HydrantID SSL ICA G2. The issuer HydrantID has since communicated with the certificate holder Cisco, and the certificate has been revoked. Read more of this story at Slashdot.
Link:
Cisco Subdomain Private Key Found in Embedded Executable