You are here

Feed aggregator

Developer Argues For 'Forgotten Code Constructs' Like GOTO and Eval

Slashdot - Sun, 02/05/2017 - 08:34
mikeatTB quotes TechBeacon: Some things in the programming world are so easy to misuse that most people prefer to never use them at all. These are the programming equivalent of a flamethrower... [But] creative use of features such as goto, multiple inheritance, eval, and recursion may be just the right solution for experienced developers when used in the right situation. Is it time to resurrect these four forgotten code constructs? The article notes that the Linux kernel uses goto statements, and links to Linus Torvalds' defense of them. ("Any if-statement is a goto. As are all structured loops...") And it points out that eval statements are supported by JavaScript, Python, PHP, and Ruby. But when the article describes recursion as "more forgotten than forbidden," it begs the inevitable question. Are you using these "forgotten code constructs" -- and should you be?

Read more of this story at Slashdot.

Categories: Tech/Science News

Massive Study Links IP Addresses Per Capita To GDP

Slashdot - Sun, 02/05/2017 - 05:34
Three researchers "decided to scan the entire IPv4 address range every 15 minutes between 2006-2012 to work out what insights they could gain from humanity's mass connection to the internet," reports ITnews. The study...analysed data from 411 large regions from middle to high-income countries and found a positive correlation between GDP per capita and the number of IP addresses per head. A 10% increase in IP addresses per capita was associated with an 0.8% hike in GDP, the analysis found. The researchers cautioned that the output and productivity growth they noted when the number of IP address increased was correlation rather than causation. Service-oriented sectors -- such as publishing, news, film production, administrative support, and education -- appear to have suffered a negative effect from increasing internet penetration [PDF]. The researchers believe these sectors were susceptible to competition from cheaper outsourcing providers. Slashdot Bismillah pointed out that the researchers also measured sleeping patterns over seven years, assuming IP addresses of internet-connected devices generally correlated to people who were awake. According to the article, "They found that sleep patterns may be changing and converging around the world: Europeans slept less, East Asians more, while Americans' sleeping patterns remained static over the seven-year period."

Read more of this story at Slashdot.

Categories: Tech/Science News

Ask Slashdot: How Do You Deal With Aggressive Forum Users?

Slashdot - Sun, 02/05/2017 - 03:34
Slashdot reader dryriver writes: I've noticed a disturbing trend while trying to resolve a rather tricky tech issue by asking questions on a number of internet forums. The number of people who don't help at all with problems but rather butt into threads with unhelpful comments like "Why would you want to do that in the first place?" or "why don't you look at X poorly written documentation page " was staggering. One forum user with 1,500+ posts even posted "you are such a n00b if you can't figure this out" in my question thread, even though my tech question wasn't one that is obvious or easy to resolve... I seem to remember a time when people helped each other far more readily on the internet. Now there seems to be a new breed of forum user who a) hangs out at a forum socially all day b) does not bother to help at all and c) gets a kick out of telling you things like "what a stupid question" or "nobody will help you with that here" or similar... Where have the good old days gone when people much more readily gave other people step-by-step tips, tricks, instructions and advice? The original submission claims the ratio of unhelpful comments to helpful ones was 5 to 1. Has anyone else experienced this? And if so, what's the best response? Leave your best answers in the comments. How do you deal with aggressive forum users?

Read more of this story at Slashdot.

Categories: Tech/Science News

New Book Describes How AirBNB Influenced City Laws

Slashdot - Sun, 02/05/2017 - 01:34
"For years, Airbnb was the friendly foil to Uber, aiming to work with cities rather than against them," writes Slashdot reader mirandakatz. "But as it grew and regulatory challenges mounted, the startup had to grow fangs." She shares an excerpt from a new book called The Upstarts: How Uber, Airbnb, and the Killer Companies of the New Silicon Valley Are Changing the World. The reality people saw often depended on where their sympathies lay. Regulators, left-wing politicians, hotel CEOs, union leaders, affordable housing advocates, and angry neighbors tired of carousing guests saw Airbnb as nothing but a rule breaker from the far-away land of arrogant, entitled billionaires. Investors, hosts, property owners struggling to make their monthly mortgage payments, travel-discount shoppers, and high-tech aficionados tended to believe in the startup with good intentions that was disrupting the stultified hospitality industry. The book is by Brad Stone, who also wrote The Everything Store: Jeff Bezos and the Rise of Amazon. He describes how "good AirBNB" got Portland to eliminate the $4,000 permits for B&Bs by agreeing to collect lodging taxes from AirBNB hosts (and by opening a Portland call center). But his excerpt ends as "momentum was shifting" against AirBNB in New York City, as powerful hotels and their service employee unions convinced city lawmakers that legitimizing the company would be "politically radioactive" -- while the company's CEO "was going to fight for every inch of territory".

Read more of this story at Slashdot.

Categories: Tech/Science News

Pong's Inventor Unveils Three New VR Arcade Games - Including Pong

Slashdot - Sun, 02/05/2017 - 00:34
Pong's creator is now "a grizzled guy in his mid-70s" who believes there's a market for people who'd prefer to try out virtual reality headsets at videogame arcades. An anonymous reader quotes MIT Technology Review: In 1972, Atari founder Nolan Bushnell invented Pong, a version of table tennis that, in many ways, launched the video-game industry. Forty-five years later, Bushnell is using that same simple game to test the waters for virtual-reality arcade gaming. Bushnell's latest venture is a company called Modal VR, which is building its own wireless virtual-reality headsets and games that it plans to roll out in places like arcades, malls, and movie theaters in the coming months. Bushnell's company has built three games -- a fighting game called Mythic Combat and Project Zenith a first-person shooter set in outer space. (More than 16 players can gather in the same virtual space.) Their third game, a VR adaptation of Pong "was originally put together as a joke, in homage to Bushnell's past -- but the company decided to use the simple two-player game anyway to demonstrate what it's working on at the World's Fair Nano technology fair in San Francisco in late January." The article describes players who "donned a prototype bulky black headset and played Pong in virtual reality, running from side to side to control the game's simple white paddles -- which a smiling Bushnell said was fitting because "we're at the Pong stage of VR."

Read more of this story at Slashdot.

Categories: Tech/Science News

Privacy-Centric Linux Distro Tails 3.0 Will Drop 32-Bit Processor Support

Slashdot - Sat, 02/04/2017 - 23:34
All of its outgoing connections are routed through Tor, and it even blocks non-anonymous connections. You can carry it around on a USB stick, and Edward Snowden uses it. But a big change is coming with Tails 3.0. BrianFagioli quotes BetaNews: Unfortunately for some users, Tails will soon not work on their computers. The upcoming version 3.0 of the operating system is dropping 32-bit processor support. While a decline in compatibility is normally a bad thing, in this case, it is good. You see, because there are so few 32-bit Tails users, the team was wasting resources by supporting them. Not to mention, 64-bit processors are more secure too... "In the beginning of 2016, only 4% of Tails users were still using a 32-bit computer. Of course, some of these computers will keep working for a while. But once the number had fallen this low, the benefits of switching Tails to 64-bit outweighed the reasons we had to keep supporting 32-bit computers," says the Tails team... "In the last few years, the developers who maintain Tails have spent lots of time addressing such issues. We would rather see them spend their time in ways that benefit our users on the long term, and not on problems that will vanish when Tails switches to 64-bit eventually."

Read more of this story at Slashdot.

Categories: Tech/Science News

16 Years of GPS Space Weather Data Made Publicly Available

Slashdot - Sat, 02/04/2017 - 22:34
"It's not often that a scientific discipline gains a 23-satellite constellation overnight," reports Science magazine, describing 16 years worth of radiation measurements from GPS satellites finally released by Los Alamos National Lab. "Although billions of people globally use data from GPS satellites, they remain U.S. military assets." Scientists have long sought the data generated by sensors used to monitor the status of the satellites, which operate in the heavy radiation of medium-Earth orbit and can be vulnerable to solar storms. But few have been allowed to tap this resource... That attitude changed in October 2016, when the outgoing Obama administration issued an executive order aimed at preparing the country for extreme space weather. Such bursts in charged particles, originating in a solar flare or coronal mass ejection, could disable the electrical power grid or divert flights away from the Arctic, where radiation exposure is heightened. The GPS data, which dates from December 2000, fill a hole in studies of space weather, the complex interplay of Earth's magnetic field with bombarding radiation from cosmic rays and the sun.

Read more of this story at Slashdot.

Categories: Tech/Science News

Kaspersky Lab Promises New Backup Tool To Help Unhappy Social Media Users Quit

Slashdot - Sat, 02/04/2017 - 21:34
Kaspersky Lab surveyed 16,750 people and concluded that often negative experiences on social experience overpower their positive effects -- and they're doing something about it. JustAnotherOldGuy pointed us to their latest announcement. 59% have felt unhappy when they have seen friends' posts from a party they were not invited to, and 45% revealed that their friends' happy holiday pictures have had a negative influence on them. Furthermore, 37% also admitted that looking at past happy posts of their own can leave them with the feeling that their own past was better than their present life. Previous research has also demonstrated peoples' frustration with social media as 78% admitted that they have considered leaving social networks altogether. The only thing that makes people stay on social media is the fear of losing their digital memories, such as photos, and contacts with their friends. To help people decide more freely if they want to stay in social media or leave without losing their digital memories, Kaspersky Lab is developing a new app -- FFForget will allow people to back up all of their memories from the social networks they use and keep them in a safe, encrypted memory container and will give people the freedom to leave any network whenever they want, without losing what belongs to them -- their digital lives. The FFForget app will be released in 2017, but there's already a web page where you can sign up for early access. Kaspersky plans to monetize this by creating both a free version of the app -- limited to one social network -- and a $1.99-per-month version which automatically backs up social content from Facebook, Google, Twitter, and Instagram in real-time with a fancier interface and more powerful encryption.

Read more of this story at Slashdot.

Categories: Tech/Science News

Peter Thiel Thinks There's Not Enough Sex In Silicon Valley

Slashdot - Sat, 02/04/2017 - 20:34
Peter Thiel recently complained parts of Silicon Valley are "hyper-politically correct" about sexual activity, and shared a friend's theory that conservative parts of America tolerate Silicon Valley "because people there just don't have that much sex. They're not having that much fun." Long-time Slashdot reader SonicSpike quotes Business Insider's investigation into Thiel's claim. Silicon Valley has the highest ratio of single men to single women... (However, it's worth noting that the San Francisco metropolitan area also has the highest ratio of people who identify as LGBT in the U.S.) In fact, Dr. Sandra Lindholm, a sex therapist and clinical psychologist in the Bay Area, recently told Forbes that she's now seeing an uptick in young, male clients who complain about a variety of sexual challenges and issues. "They're coming to sex therapy because they don't feel they have time or energy for sex," Lindhold said. Some of the common issues include low sexual desire, difficulty meeting women, and performance issues. Plus, she points out people in tech generally have a reputation for being introverted. Another particular issue that frequently comes up is what she calls "tech overload": people spend so much time on their gadgets that they "forget about being in the moment." Although there's no official data on Silicon Valley's sex frequency, a 2012 survey by condom maker Trojan revealed that Bay Area residents had the least amount of sex and the shortest time in bed, in a sample of 10 major US cities including New York, Chicago, Miami, and so on.

Read more of this story at Slashdot.

Categories: Tech/Science News

A Hacker Just Pwned Over 150,000 Printers Exposed Online

Slashdot - Sat, 02/04/2017 - 19:39
Last year an attacker forced thousands of unsecured printers to spew racist and anti-semitic messages. But this year's attack is even bigger. An anonymous reader writes: A grey-hat hacker going by the name of Stackoverflowin has pwned over 150,000 printers that have been left accessible online. For the past 24 hours, Stackoverflowin has been running an automated script that searches for open printer ports and sends a rogue print job to the target's device. The script targets IPP (Internet Printing Protocol) ports, LPD (Line Printer Daemon) ports, and port 9100 left open to external connections. From high-end multi-functional printers at corporate headquarters to lowly receipt printers in small town restaurants, all have been affected. The list includes brands such as Afico, Brother, Canon, Epson, HP, Lexmark, Konica Minolta, Oki, and Samsung. The printed out message included recommendations for printer owners to secure their device. The hacker said that people who reached out were very nice and thanked him. The printers apparently spew out an ASCII drawing of a robot, along with the words "stackoverflowin the hacker god has returned. your printer is part of a flaming botnet... For the love of God, please close this port." The messages sometimes also include a link to a Twitter feed named LMAOstack.

Read more of this story at Slashdot.

Categories: Tech/Science News

Mozilla Binds Firefox's Fate To The Rust Language

Slashdot - Sat, 02/04/2017 - 18:34
An anonymous reader quotes InfoWorld: After version 53, Firefox will require Rust to compile successfully, due to the presence of Firefox components built with the language. But this decision may restrict the number of platforms that Firefox can be ported to -- for now... Rust depends on LLVM, which has dependencies of its own -- and all of them would need to be supported on the target platform. A discussion on the Bugzilla tracker for Firefox raises many of these points... What about proper support for Linux distributions with long-term support, where the tools available on the distro are often frozen, and where newer Rust features might not be available? What about support for Firefox on "non-tier-1" platforms, which make up a smaller share of Firefox users? Mozilla's stance is that in the long run, the pain of transition will be worth it. "The advantage of using Rust is too great," according to maintainer Ted Mielczarek. "We normally don't go out of our way to make life harder for people maintaining Firefox ports, but in this case we can't let lesser-used platforms restrict us from using Rust in Firefox." InfoWorld points out most Firefox users won't be affected, adding that those who are should "marshal efforts to build out whatever platforms need Rust support." Since most users just want Mozilla to deliver a fast and feature-competitive browser, the article concludes that "The pressure's on not only to move to Rust, but to prove the move was worth it."

Read more of this story at Slashdot.

Categories: Tech/Science News

OPNsense 17.1 Released, Based On FreeBSD 11

Slashdot - Sat, 02/04/2017 - 17:34
An anonymous reader quotes Phoronix: OPNsense 17.1 is now available as the newest release of this network-focused FreeBSD-based operating system forked from pfSense. It's now been two years since the first official release of OPNsense and to celebrate they have out a big update. OPNsense 17.1 re-bases to using FreeBSD 11.0, there's now a SSH remote installer, new language support, more hardening features used from HardenedBSD, new plugins, integrated authentication via PAM, and many other improvements. Some of the new plug-ins include FTP Proxy, Tinc VPN, and Let's Encrypt support. This version has been named "Eclectic Eagle".

Read more of this story at Slashdot.

Categories: Tech/Science News

Microsoft Is Disabling Older Versions of Skype For Mac and Windows On March 1

Slashdot - Sat, 02/04/2017 - 16:34
If you're using an older, outdated version of Skype, you may want to consider updating soon. Microsoft said today that starting on March 1 people will no longer be able to sign in to version 7.16 of Skype for Window desktop and older versions, and version 7.18 of Skype for Mac and older versions thereof. VentureBeat reports: "If you're one of those users, all you'll need to do is download the new update," the Skype team said in a blog post. This isn't the first time Skype is retiring old software. But that doesn't mean the upcoming move won't rankle some people. Version 7.18 of Skype for Mac and version 7.16 of Skype for Windows both came out less than a year and a half ago -- in December 2015. So it's not as if this is very old software. Still, Microsoft has been doing a lot to improve Skype in the past year. It's been migrating the app to its Azure public cloud infrastructure, and adding chatbots. Current versions of Skype -- like version 7.44 for Mac -- come with amenities like better previews of websites and better support for emoticons and other content in the input box for chats. "We've poured our energy and passion into creating something truly special, and this is just the beginning," Skype said.

Read more of this story at Slashdot.

Categories: Tech/Science News

Sweden Pledges To Cut All Greenhouse Gas Emissions By 2045

Slashdot - Sat, 02/04/2017 - 14:00
Sweden has announced ambitious plans to completely phase out greenhouse gas emissions by 2045. The nation also reaffirmed the urgency of tackling climate change and called for all countries to "step up and fulfill the Paris Agreement." The Independent reports: "Our target is to be an entirely fossil-fuel-free welfare state," said Climate Minister Isabella Lovin. "We see that the advantages of a climate-smart society are so huge, both when it comes to health, job creation and also security. Being dependent on fossil fuels and gas from Russia is not what we need now,â she added. All parties but the far-right Sweden Democrats party agreed to pass the law in the coming month, which will oblige the government to set tougher goals to cut fossil fuel emissions every four years until the 2045 cut-off date. Plans also include a 70 per cent cut to emissions in the domestic transport sector by 2030. The Government said the target would require domestic emissions to be cut by at least 85 per cent and the remaining emissions would be offset by planting trees or by sustainable investments abroad. The law is expected to enter into force as early as 2018.

Read more of this story at Slashdot.

Categories: Tech/Science News

Microsoft's H-1B Workers Cited In Motion That Successfully Blocked Trump's Travel Ban

Slashdot - Sat, 02/04/2017 - 11:00
"President Trump's travel ban is on hold," reports WGN. "A federal judge in Seattle blocked the executive order banning travelers from seven predominately Muslim countries." But Slashdot reader theodp noticed that the judge's temporary restraining order might've been responding to something specific: the motion argued Trump's executive order had been harmful because it impacted major tech companies in the state of Washington, including Microsoft. From the motion: Washington's technology industry relies heavily on the H-1B visa program. Nationwide, Washington ranks ninth in the number of applications for high-tech visas. Microsoft, which is headquartered in Washington, employs nearly 5,000 people through the program. Other Washington companies, including Amazon, Expedia, and Starbucks, employ thousands of H-1B visa holders. Loss of highly skilled workers puts Washington companies at a competitive disadvantage with global competitors. It was in response to the motion from Washington that the judge ultimately ruled that "the States have met their burden of demonstrating that they face immediate and irreparable injury as a result of signing and implementation of the Executive Order," citing its harm on the state's public universities -- and on its tax base. And Attorney General Bob Ferguson told GeekWire that he gave some credit for the judge's ruling to the declarations of support filed by Amazon and Expedia which specifically say that "Microsoft's U.S. workforce is heavily dependent on immigrants and guest workers. At least 76 employees at Microsoft are citizens of Iran, Iraq, Syria, Somalia, Sudan, Libya, or Yemen and hold U.S. temporary work visas."

Read more of this story at Slashdot.

Categories: Tech/Science News

Misophonia: Scientists Crack Why Eating Sounds Can Make People Angry

Slashdot - Sat, 02/04/2017 - 08:00
An anonymous reader quotes a report from BBC: Why some people become enraged by sounds such as eating or breathing has been explained by brain scan studies. The condition, misophonia, is far more than simply disliking noises such as nails being scraped down a blackboard. UK scientists have shown some people's brains become hardwired to produce an "excessive" emotional response. Olana developed the condition when she was eight years old. Her trigger sounds include breathing, eating and rustling noises. Scientists, including Olana, at multiple centers in the UK scanned the brains of 20 misophonic people and 22 people without the condition. They were played a range of noises while they were in the MRI machine, including: neutral sounds such as rain; generally unpleasant sounds such as screaming; people's trigger sounds. The results, published in the journal Current Biology, revealed the part of the brain that joins our senses with our emotions -- the anterior insular cortex -- was overly active in misophonia. And it was wired up and connected to other parts of the brain differently in those with misophonia. Dr Sukhbinder Kumar, from Newcastle University, told BBC News: "They are going into overdrive when they hear these sounds, but the activity was specific to the trigger sounds not the other two sounds. The reaction is anger mostly, it's not disgust, the dominating emotion is the anger -- it looks like a normal response, but then it is going into overdrive." There are no treatments, but Olana has developed coping mechanisms such as using ear plugs. It is still not clear how common the disorder is, as there is no clear way of diagnosing it and it was only recently discovered. Ultimately, the researchers hope, understanding the difference in the misophonic brain will lead to new treatments. One idea is that low levels of targeted electricity passed through the skull, which is known to adjust brain function, could help.

Read more of this story at Slashdot.

Categories: Tech/Science News

FCC Rescinds Claim That AT&T, Verizon Violated Net Neutrality

Slashdot - Sat, 02/04/2017 - 04:30
jriding writes: The Federal Communications Commission's new Republican leadership has rescinded a determination that ATT and Verizon Wireless violated net neutrality rules with paid data cap exemptions. The FCC also rescinded several other Wheeler-era reports and actions. The FCC released its report on the data cap exemptions (aka "zero-rating") in the final days of Democrat Tom Wheeler's chairmanship. Because new Chairman Ajit Pai opposed the investigation, the FCC has now formally closed the proceeding. The FCC's Wireless Telecommunications Bureau sent letters to ATT, Verizon, and T-Mobile USA notifying the carriers "that the Bureau has closed this inquiry. Any conclusions, preliminary or otherwise, expressed during the course of the inquiry will have no legal or other meaning or effect going forward." The FCC's Wireline Competition Bureau also sent a letter to Comcast closing an inquiry into the company's Stream TV cable service, which does not count against data caps. The FCC issued an order that "sets aside and rescinds" the Wheeler-era report on zero-rating. All "guidance, determinations, and conclusions" from that report are rescinded, and it will have no legal bearing on FCC proceedings going forward, the order said. ATT and Verizon allow their own video services (DirecTV and Go90, respectively) to stream on their mobile networks without counting against customers' data caps, while charging other video providers for the same data cap exemptions. The FCC under Wheeler determined that ATT and Verizon unreasonably interfered with online video providers' ability to compete against the carriers' video services.

Read more of this story at Slashdot.

Categories: Tech/Science News

Lawsuit Claims Apple Forced Users To iOS 7 By Breaking FaceTime

Slashdot - Sat, 02/04/2017 - 03:05
According to Apple Insider, a class-action lawsuit has been filed in California that claims Apple broke FaceTime in iOS 6 to force users to upgrade to iOS 7. The lawsuit says Apple forced users to upgrade so it could avoid payments on a data deal with Akamai. From the report: When FaceTime launched in 2010, Apple included two methods of connecting one iPhone to another. The first, a peer-to-peer technology, transferred audio and video data over a direct connection, while a second "relay method" used third-party servers run by Akamai to shuttle data back and forth. Initially, calls routed through Akamai's relay servers only accounted for only 5 to 10 percent of FaceTime traffic, but usage quickly spiked. On Nov. 7, 2012, a jury found Apple's peer-to-peer FaceTime call technology in infringement of patents owned by VirnetX. Along with a $368 million fine, the ruling meant Apple would have to shift away from peer-to-peer to avoid further infringement. Apple began to incur multi-million dollar monthly charges from Akamai as a result of the change. Testimony from the 2016 VirnetX retrial pegged relay fees at about $50 million between April 2013 and September 2013, rates that according to today's lawsuit were of concern to Apple executives. After eating rising relay service charges for nearly a year, Apple saw a chance to slow down or completely negate the fees in iOS 7. Among other system improvements, the next-generation OS included a method of creating peer-to-peer FaceTime connections without infringing on VirnetX patents. The only problem, according to the lawsuit, was that users continued to operate devices running iOS 6. Citing internal emails and sworn testimony from the VirnetX trial, the lawsuit alleges Apple devised a plan to "break" FaceTime on iOS 6 or earlier by causing a vital digital certificate to prematurely expire. Apple supposedly implemented the "FaceTime Break" on April 16, 2014, then blamed the sudden incompatibility on a bug, the lawsuit claims.

Read more of this story at Slashdot.

Categories: Tech/Science News

Google Will Reportedly Remove Google Now Launcher From Play Store

Slashdot - Sat, 02/04/2017 - 02:25
An anonymous reader quotes a report from Android Police: Google currently has two launcher apps in the Play Store; Google Now Launcher and Pixel Launcher. In a few months, there will only be one. According to an email forwarded to us by a tipster, Google has alerted GMS partners of its intention to remove Google Now Launcher from the Play Store in the coming weeks. OEMs that use GNL have options, though. The email (which you can see below) explains that the Search Launcher Services library for OEMs that has been in testing is now available. That's what Sony used to integrate the Google Now panel (now just the Google Feed) into its stock launcher a while back. That means OEMs can slap the Google Now panel on whatever launcher they want. Google plans to remove GNL from the optional GMS package on March 1st, meaning no devices with the launcher pre-installed will be approved after that. Existing devices can continue using GNL, though. It will technically still be updated via the Google app. However, the listing will go away by the end Q1 2017 (i.e. now-ish). That affects people who just installed GNL on their devices from the store. You can keep using it, but don't expect any major improvements.

Read more of this story at Slashdot.

Categories: Tech/Science News

Zero-Day Windows Security Flaw Can Crash Systems, Cause BSODs

Slashdot - Sat, 02/04/2017 - 01:45
Orome1 quotes a report from Help Net Security: A zero-day bug affecting Windows 10, 8.1, Windows Server 2012 and 2016 can be exploited to crash a vulnerable system and possibly even to compromise it. It is a memory corruption bug in the handling of SMB traffic that could be easily exploited by forcing a Windows system to connect to a malicious SMB share. Tricking a user to connect to such a server should be an easy feat if clever social engineering is employed. The vulnerability was discovered by a researcher that goes by PythonResponder on Twitter, and who published proof-of-exploit code for it on GitHub on Wednesday. The researcher says that he shared knowledge of the flaw with Microsoft, and claims that "they had a patch ready 3 months ago but decided to push it back." Supposedly, the patch will be released next Tuesday. The PoC exploit has been tested by SANS ISC CTO Johannes Ullrich, and works on a fully patched Windows 10. "To be vulnerable, a client needs to support SMBv3, which was introduced in Windows 8 for clients and Windows 2012 on servers," he noted, and added that "it isn't clear if this is exploitable beyond a denial of service." Until a patch is released, administrators can prevent it from being exploited by blocking outbound SMB connections (TCP ports 139 and 445, UDP ports 137 and 138) from the local network to the WAN, as advised by CERT/CC. "The tweet originally announcing this issue stated that Windows 2012 and 2016 is vulnerable," the researcher said. "I tested it with a fully patched Windows 10, and it got an immediate blue screen of death."

Read more of this story at Slashdot.

Categories: Tech/Science News

Pages

Theme by Danetsoft and Danang Probo Sayekti inspired by Maksimer