Google Chrome Flaw Sets Your PC’s Mic Live

First time accepted submitter AllTheTinfoilHats (3612007) writes “A security flaw in Google Chrome allows any website you visit with the browser to listen in on nearby conversations. It doesn’t allow sites to access your microphone’s audio, but provides them with a transcript of the browser’s speech-to-text transcriptions of anything in range. It was found by a programmer in Israel, who says Google issued a low-priority label to the bug when he reported it, until he wrote about it on his blog and the post started picking up steam on social media. The website has to keep you clicking for eight seconds to keep the microphone on, and Google says it has no timeline for a fix.” However, as discoverer Guy Aharonovsky is quoted, “It seems like they started to look for a way to quickly mitigate this flaw.”

Share on Google+

Read more of this story at Slashdot.



Speedy Attack Targets Web Servers With Outdated Linux Kernels

alphadogg writes “Web servers running a long-outdated version of the Linux kernel were attacked with dramatic speed over two days last week, according to Cisco Systems. All the affected servers were running the 2.6 version, first released in December 2003. ‘When attackers discover a vulnerability in the system, they can exploit it at their whim without fear of it being remedied,’ Cisco said. After the Web server has been compromised, the attackers slip in a line of JavaScript to other JavaScript files within the website. That code bounces the website’s visitors to a second compromised host. ‘The two-stage process allows attackers to serve up a variety of malicious content to the visitor,’ according to Cisco.”

Share on Google+

Read more of this story at Slashdot.



Nate Silver’s FiveThirtyEight Relaunches As Data Journalism Website

Hugh Pickens DOT Com writes “After a parting of ways with the New York Times after calling 50 out of 50 states right in the 2012 elections, Nate Silver has relaunched FiveThirtyEight as a website dedicated to data journalism under the auspices of ESPN. Silver has expanded his staff from two full-time journalists to 20 and instead of focusing on politics exclusively FiveThirtyEight’s coverage will span five major subject areas — politics, economics, science, life and sports. According to Silver, his team has a broad set of skills and experience in methods that fall under the rubric of data journalism including statistical analysis, data visualization, computer programming and data-literate reporting. ‘One of our roles will be to critique incautious uses of statistics when they arise elsewhere in news coverage. At other times, we’ll explore ways that consumers can use data to their advantage and level the playing field against corporations and governments.’ The site has launched with a variety of stories including ‘Many Signs Pointed to Crimea Independence Vote — But Polls Didn’t,’ ‘Building a Bracket Is Hard This Year, But We’ll Help You Play the Odds,’ ‘Toilet Seat Covers: To Use or Not to Use,’ and ‘Three Rules to Make Sure Economic Data Aren’t Bunk.’ The story that caught my eye was ‘This Winter Wasn’t the Coldest, But It Was One of the Most Miserable’ with some good data visualization that showed that although average temperature may not have set records in the Northeast Corridor this winter, the intensity of the cold when it did hit was impressive. According to Matt Lanza although most statistics cite the winter of 1978-79 as the coldest in U.S. history, the winter of 2013-14 brought a rare combination of miseries that many of us hadn’t seen in years, and some had never seen. It was colder than usual, it was extremely cold more often than usual, and it snowed more than usual in more places than usual. Traditionally, big snow winters occur in a couple regions. The East Coast might have great snows, while the Midwest is quiet. Snowfall this winter didn’t discriminate; it blanketed just about everybody (outside the dry West and icier Mid-South). Look how many cities had not just a little more, but way more, than their normal snowfall.”

Share on Google+

Read more of this story at Slashdot.



Crowdsourcing Confirms: Websites Inaccessible on Comcast

Bennett Haselton writes with a bit of online detective work done with a little help from some (internet-distributed) friends: “A website that was temporarily inaccessible on my Comcast Internet connection (but accessible to my friends on other providers) led me to investigate further. Using a perl script, I found a sampling of websites that were inaccessible on Comcast (hostnames not resolving on DNS) but were working on other networks. Then I used Amazon Mechanical Turk to pay volunteers 25 cents apiece to check if they could access the website, and confirmed that (most) Comcast users were blocked from accessing it while users on other providers were not. The number of individual websites similarly inaccessible on Comcast could potentially be in the millions.” Read on for the details.

Share on Google+

Read more of this story at Slashdot.



BPAS Appeals £200,000 Fine Over Hacked Website

DW100 writes “A UK charity that provides help and guidance for women seeking abortions has been fined £200,000 after a hacker breached its website in 2012 and was able to gather data on 9,900 people that had requested help from the organization. The hacker was given almost three years in jail for the attack. The charity’s CEO has condemned the decision, arguing it rewards the hacker for his efforts.” The data was unintentionally stored in their CMS after miscommunication with a contractor, and they never performed security audits. Martin S. writes “The BPAS is appealing a £200,000 fine imposed by the ICO after their website was hacked by an Anonymous anti-abortion extremist. The amount is particularly egregious when perpetrators of willful data theft often attract fines of only a few thousand pounds.”

Share on Google+

Read more of this story at Slashdot.



Oregon Withholding $25.6M From Oracle Over Health Website Woes

itwbennett writes “Oregon is holding back $25.6 million in payments from Oracle (out of some $69.5 million Oracle claims it is owed) over work the vendor did on the state’s troubled health care exchange website. The site was supposed to go live on Oct. 1 but its launch has been marred by a slew of bugs and it is not yet fully functional. This week, Cover Oregon said it had reached an agreement with Oracle laying out ‘an orderly transition of technology development services, and protects current and future Cover Oregon enrollees,’ according to a statement. Oregon officials reached the deal with Oracle after the company reportedly threatened to pull all of its workers off the project and essentially walk away.”

Share on Google+

Read more of this story at Slashdot.



Website Simulates Amiga OS

cyclomedia writes “The Decibel Kid — the “AudioVisual Artist” responsible for last summer’s Ipswich Zelda Map — has unveiled his new website. Modeled on Amiga OS it supports changing the wallpaper, window dragging, resizing, minimizing, and that z-index shuffle button. The mobile site is a completely different beast, modeling itself as a low-res LCD.” There’s even a drum machine. If you’re pining for the “real” thing, there’s always UAE (if you can find a ROM).

Share on Google+

Read more of this story at Slashdot.



Apple Closes OpenNI the Open Source Kinect Framework

mikejuk writes “The OpenNI website, home to the widely used framework for 3D sensing, will be shutdown in April. When, in November 2013, Apple bought PrimeSense for $350 million, people speculated how this would affect the Capri mobile technology but no mention was made of what would happen to OpenNI, the open source SDK most often used as an alternative to Microsoft’s closed SDK for the Kinect. After Apple acquired PrimeSense, its website quickly shut, but the Developers link still points to Open NI. The status of OpenNI is a not-for-profit whose framework allows developers to create middleware and applications for a range of devices, including the Asus Xtion Pro. It claims to be a widely used community with over 100,000 active 3D developers.”

Share on Google+

Read more of this story at Slashdot.



The Emerging RadioShack/Netflix Debacle

New submitter DigitalParc writes “RadioShack recently launched a promotion for 6 months of free Netflix service with the purchase of a laptop, tablet, or phone. This ended up being a fantastic deal, until the shoddy redemption site they were using for the Netflix code redemption was exploited and many of the codes were stolen. ‘Users on slickdeals, a deal-finding and sometimes deal-exploiting website, found that the URL of the redemption website could be changed upon trying to enter a code, resulting in a valid Netflix subscription code being generated. Within hours, many of Netflix codes that were allocated to this promotion were stolen and some were redeemed or put up for sale on eBay.’”

Share on Google+

Read more of this story at Slashdot.