An anonymous reader writes "India, the world's largest democracy, votes entirely on government made electronic voting machines that authorities claim are 'tamperproof,' 'infallible,' and 'perfect,' but last week security researchers proved that they can be manipulated to steal elections. A team led by Hari Prasad, Professor J. Alex Halderman, and Rop Gonggrijp released an awesome video that shows off hardware hacks they built. These machines are much simpler than e-voting designs used in the US, but as the research paper explains, this makes attacking the hardware even easier. Halderman's students at the University of Michigan took only about a week to build a replacement display board that lies about the vote totals, and the team also built a pocket-sized device that clips onto the memory chips, with the machine powered on, and rewrites the votes. Clippy says, 'It looks like you're trying to rig an election ...'"

Read more of this story at Slashdot.

An anonymous reader writes "NEC has announced that its video content identification technology has been incorporated in the upcoming Mpeg 7 video standard, allowing for each video frame to have its own signature, meaning that even minute changes to the file such as adding subtitles, watermarks or dogtags, and of course cutting out adverts, will alter the overall signature of the video. According to NEC this will allow the owners of the video to automatically 'detect illegal copies' and 'prevent illegal upload of video content' without their consent. NEC also claims that its technology will do away with the current manual checking by members of the movie industry and ISPs to spot dodgy videos."

Read more of this story at Slashdot.

crimeandpunishment points out the Associated Press's look (as carried by SkunkPost) "at an issue the government has been aware of for more than 20 years, but still isn't fixed and continues to cause internet outages: a flaw in the routing system that sends data from carrier to carrier. Most outages are innocent and fixed quickly, but there's growing concern the next one could be devastating. A general manager at Renesys Corporation, which tracks the performance of Internet data routes, says 'It amazes me every day when I get into work and find it's working.'"

Read more of this story at Slashdot.

Bruce Perens writes "The Galaxy 15 commercial satellite has not responded to commands since solar flares fried its CPU in April, and it won't turn off. Intelsat controllers moved all commercial payloads to other birds except for WAAS, a system that adds accuracy to GPS for landing aircraft and finding wayward geocaches. Since the satellite runs in 'bent pipe' mode, amplifying wide bands of RF that are beamed up to it, it is likely to interfere with other satellites as it crosses their orbital slots on its way to an earth-sun Lagrange point, the natural final destination of a geostationary satellite without maneuvering power." (More below.)

Read more of this story at Slashdot.

An anonymous reader writes "For the first time in 35 years the UK government is looking to be at risk of getting a hung or coalition government. (The most recent previous hung parliaments were in 1974 and 1929.) The voting rules are somewhat arcane and the votes this time are such that there are many strange possible outcomes and a surprisingly large number of permutations of coalitions that could be formed and political strategies that may go into their forming. There are at least 60 permutations, some more politically plausible than others. Adam Back wrote some software to work out the permutations , and lists some of the arcane factors affecting the outcome. If Labour Prime Minister Gordon Brown chose to, it would appear even that he could simply refuse to resign, ostensibly trying to form a coalition indefinitely, maybe even forcing the Queen to dismiss the current Government, which last happened in 1834 under King William IV."

Read more of this story at Slashdot.

walterbyrd writes "Microsoft will offer an online version of Office 2010 for free. I have to wonder, will this remain free indefinitely? Or is Microsoft just trying to firmly establish its OOXML standard, then go back to business as usual?" Probably a harder sell after Google's acquisition of DocVerse.

Read more of this story at Slashdot.

synsynackack writes "The Register reports that the DNSSEC protocol could have some very interesting geo-political implications, including erosion of the scope of state sovereign powers. The chairman of ICANN, Peter Dengate-Thrush, explained, 'We will have to handle the geo-political element of DNSSEC very carefully.' Experts also explained that split DNS and the DNSSEC protocol don't match very well; technically, it is possible for someone at the interface of the global Internet and a country-wide Internet to strip electronic certificates attached to data and repackage the data with a new one."

Read more of this story at Slashdot.

separsons writes "Researchers at the Lawrence Livermore National Laboratory recently unveiled a three-inch-long bio-detector than can scan for 3,000 different types of viruses and bacteria in just 24 hours. The device, dubbed the Lawrence Livermore Microbial Detection Array (LLMDA), boasts significant advantages over traditional bio-detectors, which can only identify a maximum of 50 pathogens. The three-inch-long glass slide is packed with 388,000 probes that can detect more than 2,000 viruses and 900 bacteria. The device may have huge implications in identifying agents released during biological and chemical attacks. Plus, in more everyday uses, LLMDA can ensure food, drug and vaccine safety and help diagnose medical problems. Scientists' next version of LLMDA is even more impressive: A new bio-detector will be lined with 2.1 million probes that can scan for 5,700 viruses and thousands of bacteria as well as fungi and protozoa."

Read more of this story at Slashdot.

An anonymous reader writes with this excerpt from Cosmos Magazine: "Two tiny meteorites recently recovered from Antarctic snow contain material dating back to the birth of our Solar System, and may provide clues about the delivery of organic matter to Earth. Researchers believe that these micrometeorites likely came from the cold, comet-forming outer regions of the gas and dust cloud that comprised the early Solar System, and sample its composition. Discovered in 2006, the particles measure less than 0.25 mm across and survived their journey through Earth's atmosphere relatively unscathed. More importantly, scientists found that they contain unusually high amounts of organic matter."

Read more of this story at Slashdot.

Hugh Pickens writes "The Washington Post reports that the increasing number and intensity of cyberattacks has attracted the attention of the Obama administration and Congress, which have begun steering dollars to the problem. Much of that new spending, estimated at $6 to $7 billion annually just in unclassified work, is focused on the Washington region, as the federal government consolidates many of its cybersecurity-focused agencies in the area. 'I think it is a real growth opportunity in coming years,' says David Z. Bodenheimer, a partner at law firm Crowell & Moring in Washington, who leads the firm's homeland security practice and specializes in government contracts. 'The market is still rather fragmented and in flux, but is developing with a speed that it is attracting both the major defense and homeland security contractors who are establishing independent business units to pursue these opportunities, and it is also a real opportunity for the smaller players who have niche products.' One reason the field is attracting so many companies is that the barriers to entry are low — at least, relative to other defense industries. But as start-ups and others rush to stake claims, some wonder if a bubble of sorts is beginning to inflate and recall that many venture firms in the early 2000s chased similar prospects. 'A lot of the early people made significant money,' says Roger Novak, founder of Novak Biddle Venture Partners. 'But there were [also] a lot of "me too" companies.'"

Read more of this story at Slashdot.

Hudson: The butler for your cron jobs, too
For years, I used cron (sometimes anacron) without asking questions. The method was simple enough, and every project requiring cron-related capabilities documented the setup.

There is a much better way, and it involves Hudson. I introduced “Hudson for cron” as a sidebar at the Drupal Scalability and Performance Workshop a few weeks ago. To my surprise, several of the attendees remarked on their feedback questionnaires that it was one of the most valuable things they picked up that day. So, I’ve decided to write this up for everyone.

read more

Midnight Warrior writes "We could solve the H.264 debate if a country's legislature were to mandate that any patents that contribute to an industry-recognized standard were unenforceable in the application of that standard. Ideally, each standard would also be required to have a 'reference design' that could be used without further licensing. This could also solve problems with a ton of other deeply-entrenched areas like hard drives, DRAM, etc. RAND tries to solve this strictly within industry, but both the presence of submarine patents and the low-bar required to obtain a patent have made an obvious mess. Individual companies also use patent portfolios to set up mutual assured destruction. I'm not convinced that industry can solve this mess that government created. But I'm not stupid; this clearly has a broad ripple effect. Are there non-computer industries where this would be fatal? What if the patents were unenforceable only if the standard had a trademark and the implementer was compliant at the time of 'infringement?' Then, the patents could still be indirectly licensed, but it would force strict adherence to standards and would require the patent holders to fund the trademark group to defend it to the end. In the US model, of course."

Read more of this story at Slashdot.

Securityemo writes "The Register is running an article about a new method to bypass antivirus software, discovered by Matousec. By sending benign code to the antivirus driver hooks, and switching it out for malicious code at the last moment, the antivirus can be completely bypassed. This attack is apparently much more reliable on multi-core systems. Here's the original research paper." El Reg notes that "The technique works even when Windows is running under an account with limited privileges," but "it requires a large amount of code to be loaded onto the targeted machine, making it impractical for shellcode-based attacks or attacks that rely on speed and stealth. It can also be carried out only when an attacker already has the ability to run a binary on the targeted PC."

Read more of this story at Slashdot.

In the past few month, since Drupalcon Paris, I was busy upgrading Organic groups (a.k.a OG) to Drupal7. I'd like to give a quick overview of what has been done, what needs to be done, and the changes that came with the upgrade.

The first noticeable thing is that like Ubecart became Commerce, Organic groups has changed its name to Group. The second thing you will notice, is that Group is a complete rewrite of OG! Why was it done? OG is a great module, and it has been around for a long time. Long enough to be very popular and feature rich, but on the same time, concepts and implementations that were right in earlier Drupal versions became outdated. Using Drupal 7 new features - especially field API - were too hard to resist.

Here are the Group's main concepts, by importance:

read more

qwerty8ytrewq writes "Ryan Singel, writing for Wired, claims that Facebook has gone rogue: 'Facebook used to be a place to share photos and thoughts with friends and family and maybe play a few stupid games that let you pretend you were a mafia don or a homesteader. It became a very useful way to connect with your friends, long-lost friends and family members. ... And Facebook realized it owned the network. Then Facebook decided to turn "your" profile page into your identity online — figuring, rightly, that there’s money and power in being the place where people define themselves. But to do that, the folks at Facebook had to make sure that the information you give it was public.' Singel goes on to call for an open, distributed alternative. 'Facebook’s basic functions can be turned into protocols, and a whole set of interoperating software and services can flourish. Think of being able to buy your own domain name and use simple software such as Posterous to build a profile page in the style of your liking.' Can Slashdotters predict where social networking is going? And how?" Relatedly, jamie points out a graphical representation of how Facebook's privacy settings have changed over the last five years.

Read more of this story at Slashdot.

An anonymous reader writes "A fierce argument has begun over whether children are actually 'reading' new e-books or simply 'watching' them. As publishers pump increasing levels of interactivity into e-books, the New York Times and others argue that these highly-interactive, popular titles are ruining the purpose of reading. The NYT also worries that new e-book titles could distract kids from the tougher task of actually concentrating on literature: '[W]hat will become of the readers we've been: quiet, thoughtful, patient, abstracted, in a world where interactive can be too tempting to ignore?' Others, like Gizmodo, defend these new e-books, pointing at titles like Alice for the iPad, of which they blabber, 'For the first time in my life, I'm blown away by an interactive book design.' But, the NYT counters, 'what I really love [about traditional books] is their inertness. No matter how I shake Alice's Adventures in Wonderland, mushrooms don't tumble out of the upper margin, unlike the Alice for the iPad.'"

Read more of this story at Slashdot.

1sockchuck writes "In the past year we've seen several new cooling systems that submerge rack-mount servers. Now liquid immersion cooling is coming to blade servers. Liquid-cooled PC specialist Hardcore Computer has entered the data center market with Liquid Blade, which features two Intel 5600 Xeon processors with an S5500HV server board in a chassis filled with dielectric fluid. Hardcore, which is marketing the product for render farms, says it eliminates the need for rack-level fans and room-level air conditioning. In recent months Iceotope and Green Revolution Cooling have each introduced liquid cooling for rack-mount servers."

Read more of this story at Slashdot.

We've been starting to think about what we want to include in Weld 1.1. Of course, you can expect the usual bug fixes, as well as a few new features -- I'll outline those for you here.

Container integration improvements

A number of refinements are planned to the existing requirements -- the biggest change will be exposing our reflection abstraction API to the container. The Weld Reflection API extends the Annotated interface hierarchy from the CDI SPI, adding in additional methods to support discovery of meta-annotated classes, methods, fields, constructors and parameters, as well as some methods to complete the reflection API. You can find the API in SVN (you can glean the intention from the API, but be aware we do intend to clean it up before exposing it to the world!).

This will allow the container to replace our built in implementation (based on JDK Reflection) allowing extensive optimisations. For example, the container must scan classes for annotations for multiple components (such as JPA, EJB 3, JAX-RS, CDI, JSF, Servlet 3) - each implementation performing its own scan is clearly both a waste of time and memory (if the implementation caches this information). Further, a container might choose to use Javassist rather than JDK Reflection to provide faster scanning.

CDI API

A CDI maintenance release is planned, and if finalised in time, we plan to include this update in Weld 1.1.

You can expect this release around September. If the CDI MR is not final, we will provide the latest revision of the changes in our non-portable API, allowing you to experiment with them in advance!

Anything else you think should be included? If so, get in touch!

Pete Muir 2010-05-08T15:11:44Z

Just out is an iPhone app by Semper that helps parents with children find locations of interest. A Drupal-powered server provides the data backend.

If you have not participated in core development then please do not write ill informed, baseless derisive blog posts and especially not to the Drupal Planet. Critique is good, baseless bashing just makes those who actually do the work feel depressed, angry and sad. I now abstain from reading the development list, the forums could we please keep at least the Planet a place which a developer can read without wanting to hit something? kthxbye