[« 2017/06/30] [today] [2017/07/02 »] [« previous 15]
GitHub Urges Companies To Participate In 'Open Source Fridays' Slashdotby EditorDavid on opensource at January 1, 1970, 1:00 am (cached at July 1, 2017, 11:04 pm)

An anonymous reader quotes VentureBeat: GitHub wants to help more people become open source contributors with a new initiative called Open Source Friday. As the name implies, the program encourages companies to set aside time at the end of the week for their employees to work on open source projects. It's designed to bolster the ranks of open source contributors at a time when many businesses rely on freely available projects for mission-critical applications. Open Source Friday isn't just about getting businesses to offer their employees' time as a form of charity, it's also a way to improve key business infrastructure, according to Mike McQuaid, a senior software engineer at GitHub... McQuaid hopes that carving out employees' time on Fridays could help provide additional structure and incentive to participate in the ecosystem... Users don't need to be engineers in order to take part, either. While code contribution is important to the success of a project, creating and maintaining documentation is also key. OpenSourceFriday.com includes tips for interested contributors, as well as a page suggesting to employers that they could see benefits like developers learning to code faster, better, and more transparently.

Read more of this story at Slashdot.

New Google Project Lets You Collaborate On Doodles With A Neural Network Slashdotby EditorDavid on google at January 1, 1970, 1:00 am (cached at July 1, 2017, 10:04 pm)

Long-time Slashdot reader Giant Robot writes: Google Brain's latest experiment is a neural network that allows you to collaboratively draw with it inside of your web browser in real-time. The neural network is trained using the drawings collected from an earlier web game called Quick, Draw! released a few months earlier. "Once you stop doodling, the neural network takes over and attempts to guess the rest of your doodle," explains Google's page about the project, adding "You can take over drawing again and continue where you left off."

Read more of this story at Slashdot.

Lazy-Util-0.004 search.cpan.orgby Pink Mist at January 1, 1970, 1:00 am (cached at July 1, 2017, 10:03 pm)

Perl utilities for lazy evaluation
RPi-Serial-0.01 search.cpan.orgby Steve Bertrand at January 1, 1970, 1:00 am (cached at July 1, 2017, 10:03 pm)

Basic read/write interface to a serial port
The White House Now Has Zero Science Advisors Slashdotby EditorDavid on government at January 1, 1970, 1:00 am (cached at July 1, 2017, 9:04 pm)

DogDude shares an article from CBS News: The science division of the White House's Office of Science and Technology Policy was unstaffed as of Friday as the three remaining employees departed this week, sources tell CBS News... On Friday afternoon, Eleanor Celeste, the assistant director for biomedical and forensic sciences at the OSTP, tweeted, "Science division out. Mic drop" before leaving the office for the last time... Under Mr. Obama, the science division was staffed with nine employees who led the charge on policy issues such as STEM education, biotechnology and crisis response. It's possible that the White House will handle these issues through staff in other divisions within the OSTP.

Read more of this story at Slashdot.

Qatar FM: The list of demands was meant to be rejected AL JAZEERA ENGLISH (AJE)(cached at July 1, 2017, 9:00 pm)

Doha rejects demands made by Saudi Arabia and its allies, saying 'the world is not governed by ultimatums'.
New Fidget Spinners Are Catching On Fire Slashdotby EditorDavid on toy at January 1, 1970, 1:00 am (cached at July 1, 2017, 8:04 pm)

An anonymous reader quotes Newsweek's latest story about fidget spinners: In a development that now seems like it was inevitable, the three-pronged toys are starting to catch on fire. Gizmodo on Thursday pointed to two recent instances of Bluetooth-enabled fidget spinners going up in flames while they were charging. In Alabama, a fidget spinner owned by the son of Gardendale woman Kimberly Allums caught fire after being plugged in for less than 45 minutes. In Fenton, Michigan, Michelle Carr said her spinner started smoking after charging for less than half an hour. "He noticed that it burst into flames and he just started screaming," said Allums of her son and his spinner. "I was downstairs and all I heard was 'fire...fire,' and the fidget spinner had literally, It wasn't smoking, It was in flames"... The fidget spinners in question were Bluetooth-enabled so that they could light up and play music as they spun. Friday CNET ran a column titled "Fidget spinners exploding? Of course they are." It concludes with a warning that "if you choose a powered off-brand tech item, you better pay close attention when you plug it in."

Read more of this story at Slashdot.

Lingua-Identify-Blacklists-0.04b search.cpan.orgby Joerg Tiedemann at January 1, 1970, 1:00 am (cached at July 1, 2017, 8:03 pm)

Language identification for related languages based on blacklists
World leaders pay tribute to German unifier Helmut Kohl AL JAZEERA ENGLISH (AJE)(cached at July 1, 2017, 8:00 pm)

Foreign dignitaries hail the former German Chancellor and and father of reunification at his funeral in Strasbourg.
At least 1,500 people killed by cholera in Yemen: WHO AL JAZEERA ENGLISH (AJE)(cached at July 1, 2017, 8:00 pm)

The World Health Organisation says that the number of suspected cases of cholera in Yemen is growing by 5,000 every day.
UN peacekeepers hit by new allegations of sex abuse AL JAZEERA ENGLISH (AJE)(cached at July 1, 2017, 8:00 pm)

Data released by UN show new allegations continue to stream in dispute Secretary-General's commitment to end scourge.
6 Ways Businesses Can Protect Their Computers from Ransomware Like Petya (Forbes) SANS ISC SecNewsFeed(cached at July 1, 2017, 7:30 pm)

Using nmap to scan for MS17-010 (CVE-2017-0143 EternalBlue), (Sat, Jul 1st) SANS Internet Storm Center, InfoCON: green(cached at July 1, 2017, 7:30 pm)

With both WannaCry and NotPetya using MS17-010 for propagation it is important to be able to detect servers which are vulnerable. Even if you have comprehensive vulnerability management and patching programs there are almost certainly servers that have been missed, whether because they are vendor supported or part of your companyscottage IT. It is important to be able to find those servers and either remediate them or put additonal controls in place to protect them.

My fall back to do any kind of discovery scanning is always nmap. It is easy enough to identifydevices that have SMB open using nmap.

nmap -Pn -p445 ip-netblock

Starting Nmap 7.40 ( https://nmap.org ) at 2017-06-30 23:40 EDT

Nmap scan report for ...

Host is up (0.11s latency).

PORT STATE SERVICE

445/tcp open microsoft-ds

While detecting SMB is the first step, there are legitimate reasons why a server may have SMB open. For the specific case of finding servers that are vulnerable to MS17-010 we need to dig a bit deeper.

Fortunately, Paulino Calderon has created an nmap NSE script which will reliably detect MS17-010. The script is not part of the standard nmap NSE scripts, so you will need to go and grab the smb-vuln-ms17-010 script from githuband place it into the NSE scripts directory before you can use it (on linux that directory is/usr/share/nmap/scripts/)

This is the nmap command line that seems to work best with this nse script. (with thanks to Neo23x0)

nmap -Pn -p445 --open --max-hostgroup 3 --script smb-vuln-ms17-010 ip_netblock

When the scan finds a server with SMB open and not vulnerable to MS17-010 then the output looks identical to the previous scan however a vulnerable server will generate additional output.

Starting Nmap 7.40 ( https://nmap.org ) at 2017-07-01 11:13 EDT

Nmap scan report for ...

Host is up (0.23s latency).

PORT STATE SERVICE

445/tcp open microsoft-ds

Host script results:

| smb-vuln-ms17-010:

| VULNERABLE:

| Remote Code Execution vulnerability in Microsoft SMBv1 servers (ms17-010)

| State: VULNERABLE

| IDs: CVE:CVE-2017-0143

| Risk factor: HIGH

| A critical remote code execution vulnerability exists in Microsoft SMBv1

| servers (ms17-010).

|

| Disclosure date: 2017-03-14

| References:

| https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

| https://blogs.technet.microsoft.com/msrc/2017/05/12/customer-guidance-for-wannacrypt-attacks/

|_ https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-0143

-- Rick Wanner MSISE - rwanner at isc dot sans dot edu - http://namedeplume.blogspot.com/ - Twitter:namedeplume (Protected)

(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
Study Claims Discarded Solar Panels Create More Toxic Waste Than Nuclear Plants Slashdotby EditorDavid on power at January 1, 1970, 1:00 am (cached at July 1, 2017, 7:04 pm)

Templer421 shares an article from National Review: A new study by Environmental Progress warns that toxic waste from used solar panels now poses a global environmental threat. The Berkeley-based group found that solar panels create 300 times more toxic waste per unit of energy than nuclear-power plants. Discarded solar panels, which contain dangerous elements such as lead, chromium, and cadmium, are piling up around the world, and there's been little done to mitigate their potential danger to the environment. "We talk a lot about the dangers of nuclear waste, but that waste is carefully monitored, regulated, and disposed of," says Michael Shellenberger, founder of Environmental Progress, a nonprofit that advocates for the use of nuclear energy. "But we had no idea there would be so many panels -- an enormous amount -- that could cause this much ecological damage." Solar panels are considered a form of toxic, hazardous electronic or "e-waste," and according to EP researchers Jemin Desai and Mark Nelson, scavengers in developing countries like India and China often "burn the e-waste in order to salvage the valuable copper wires for resale. Since this process requires burning off plastic, the resulting smoke contains toxic fumes that are carcinogenic and teratogenic (birth defect-causing) when inhaled." A spokesman for the Solar Energy Industries Association argues that the study is incorrect, and that in fact solar panels are "mainly made up of easy-to-recycle materials that can be successfully recovered and reused at the end of their useful life."

Read more of this story at Slashdot.

Qatar hires law firm to probe violations from blockade AL JAZEERA ENGLISH (AJE)(cached at July 1, 2017, 7:00 pm)

Lalive will pursue the cases of some 2,450 citizens and foreign residents hit by the anti-Qatar measures.
[« 2017/06/30] [today] [2017/07/02 »] [« previous 15]