RSS 생중계

India Tech Giant Warns Trump's 'Radical Shift' to Hurt Industry

Slashdot - 3시간 34분 지남
The vice chairman at Tech Mahindra, one of India's largest technology services companies warned that U.S. President Donald Trump's visa policies will damage the industry as his company reported weak earnings and his stock fell the most in almost two years. From a report: Tech Mahindra said net income was 5.9 billion rupees ($91 million) in the fourth quarter, compared with the average analyst estimate of 7.8 billion, according to estimates compiled by Bloomberg. The U.S. is tightening the criteria for visa programs that Tech Mahindra and other outsourcing companies use to bring skilled foreign workers into the country. Trump and other politicians have criticized the programs for hurting American workers and allowing companies to use cheaper employees from abroad. Tech services companies, including Cognizant Technology Solutions, have been cutting positions in India. Some workers have blamed Trump for prompting the job losses and exacerbating problems in the industry.

Read more of this story at Slashdot.

카테고리:

Apple Co-founder Thinks Apple Is Now Too Big a Company To Come Up With the Next Big Thing

Slashdot - 4시간 34분 지남
When it comes to the next great tech breakthroughs, Steve Wozniak isn't betting on the company he founded. Instead, he believes Tesla is at the forefront of anticipating the world to come. From a report: Interviewed by Bloomberg on what are likely to be the biggest tech breakthroughs in the coming years, and which companies are likely to make them, Woz didn't list Apple as a contender. He said, "look at the companies like Google and Facebook and Apple and Microsoft that changed the world -- and Tesla included. They usually came from young people. They didn't spring out of big businesses." Small businesses, he argued, take bigger risks -- and their founders create the products they really want, without the dilution that occurs with multiple decision-makers. "I think Tesla is on the best direction right now. They've put an awful lot of effort into very risky things. I'm going to bet on Tesla," he added.

Read more of this story at Slashdot.

카테고리:

CVE-2017-9148

Latest 7 days CVE Lists - 5시간 5분 지남
The TLS session cache in FreeRADIUS before 3.0.14 fails to reliably prevent resumption of an unauthenticated session, which allows remote attackers (such as malicious 802.1X supplicants) to bypass authentication via PEAP or TTLS.

CVE-2017-9289

Latest 7 days CVE Lists - 5시간 5분 지남
Bram Korsten Note through 1.2.0 is vulnerable to a reflected XSS in note-source\ui\editor.php (edit parameter).

CVE-2017-9292

Latest 7 days CVE Lists - 5시간 5분 지남
Lansweeper before 6.0.0.65 has XSS in an image retrieval URI, aka Bug 542782.

UK Tech Visas Quadruple After Applications Soar

Slashdot - 5시간 34분 지남
James Timcomb, writing for The Telegraph: Technology industry demands for special measures to let companies hire foreign workers after Brexit have been boosted by a surge in demand for technology visas. Tech City UK, the government organisation that processes applications for the dedicated "Tier 1 Exceptional Talent" visa, said successful applications had more than quadrupled in the last 12 months, with 260 endorsed in the last fiscal year. It follows fears in the British tech community that access to skilled computer coders would be hit by restrictions to freedom of movement when the UK leaves the EU. David Cameron introduced the tech visa scheme in 2014 in a bid to make London the technology capital of Europe and rival Silicon Valley as a destination for start-ups, and amid fears of a shortage of skilled coders in the UK. The "Tech Nation" visa scheme allows Tech City UK to endorse applications from non-EU workers, and lets successful applicants stay in the country for five years, after which they can apply to settle. Just a handful of visas were granted in its first few months, due to what were seen as onerous requirements, and the rules were relaxed in 2015. Applications have soared since then, and rose again after the Brexit vote.

Read more of this story at Slashdot.

카테고리:

CVE-2017-7913

Latest 7 days CVE Lists - 6시간 5분 지남
A Plaintext Storage of a Password issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA. The application's configuration file contains parameters that represent passwords in plaintext.

CVE-2017-7915

Latest 7 days CVE Lists - 6시간 5분 지남
An Improper Restriction of Excessive Authentication Attempts issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA. An attacker can freely use brute force to determine parameters needed to bypass authentication.

CVE-2017-7917

Latest 7 days CVE Lists - 6시간 5분 지남
A Cross-Site Request Forgery issue was discovered in Moxa OnCell G3110-HSPA Version 1.3 build 15082117 and previous versions, OnCell G3110-HSDPA Version 1.2 Build 09123015 and previous versions, OnCell G3150-HSDPA Version 1.4 Build 11051315 and previous versions, OnCell 5104-HSDPA, OnCell 5104-HSPA, and OnCell 5004-HSPA. The application does not sufficiently verify if a request was intentionally provided by the user who submitted the request, which could allow an attacker to modify the configuration of the device.

CVE-2017-9287

Latest 7 days CVE Lists - 6시간 5분 지남
servers/slapd/back-mdb/search.c in OpenLDAP through 2.4.44 is prone to a double free vulnerability. A user with access to search the directory can crash slapd by issuing a search including the Paged Results control with a page size of 0.

CVE-2017-9288

Latest 7 days CVE Lists - 6시간 5분 지남
The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected XSS in sendtesterror.php (backurl parameter).

Asus Goes Big On Slim Laptops at Computex

Slashdot - 6시간 34분 지남
At Computex, Asus announced a range of new laptops. From a report: The new ZenBook Pro takes center stage, featuring powerful hardware in a slim form factor -- an Intel Core i7-7700HQ as well as a Nvidia GeForce GTX 1050 Ti, while the world's thinnest convertible ZenBook Flip S lets you play around with its 4K display. But it's not all just flagship products, Asus also announced new VivoBooks meant for the mainstream market. The new VivoBook Pro packs Intel's seventh-generation processors and comes loaded with discrete graphics in the form of Nvidia's GeForce GTX 1050. The VivoBook S15 features more modest specs but still packs Nvidia GeForce GTX 940 discrete graphics. You can real the full-specifications of aforementioned laptops here.

Read more of this story at Slashdot.

카테고리:

British Airways CEO Won't Resign, Says Outsourcing Not To Blame For IT Failure

Slashdot - 7시간 34분 지남
British Airways CEO Alex Cruz insisted he would not resign on Monday as he sought to draw a line under three days of chaos at the UK flag carrier after IT problems left tens of thousands of passenger stranded. In an interview -- the first since a global computer outage all but shut the airline down -- Cruz said he doesn't think "it would make much of use for me to resign." Separately, he also denied an outsourcing deal was to blame for the IT problems that hit on Saturday, causing the airline to cancel almost all its services over the weekend. From a report: A leaked staff email revealed Mr Cruz had told staff not to comment on the system failure. When asked about the email he told the BBC the tone was clear: "Stop moaning and come and help us." The airline is now close to full operational capacity after the problems resulted in mass flight cancellations at Heathrow and Gatwick over the bank holiday weekend. Questions remain about how a power problem could have had such impact, said the BBC's technology correspondent Rory Cellan-Jones. One theory was that returning systems were unusable as the data had become unsynchronised. [...] Cruz told the BBC a power surge, had "only lasted a few minutes," but the back-up system had not worked properly. He said the IT failure was not due to technical staff being outsourced from the UK to India.

Read more of this story at Slashdot.

카테고리:

Kernel prepatch 4.12-rc3

lwn.net - 월, 2017/05/29 - 11:06오후
Linus has released the 4.12-rc3 kernel prepatch. "Hey, things continue to look good, and rc3 isn't even very big. I'm hoping there's not another shoe about to drop, but so far this really feels like a nice calm release cycle, despite the size of the merge window."
카테고리:

US Might Ban Laptops On All Flights Into And Out of the Country

Slashdot - 월, 2017/05/29 - 11:00오후
The United States might ban laptops from aircraft cabins on all flights into and out of the country as part of a ramped-up effort to protect against potential security threats, U.S. Homeland Security Secretary John Kelly said on Sunday. From a report:In an interview on "Fox News Sunday," Kelly said the United States planned to "raise the bar" on airline security, including tightening screening of carry-on items. "That's the thing that they are obsessed with, the terrorists, the idea of knocking down an airplane in flight, particularly if it's a U.S. carrier, particularly if it's full of U.S. people." In March, the government imposed restrictions on large electronic devices in aircraft cabins on flights from 10 airports, including the United Arab Emirates, Qatar and Turkey. Kelly said the move would be part of a broader airline security effort to combat what he called "a real sophisticated threat." He said no decision had been made as to the timing of any ban. "We are still following the intelligence," he said, "and are in the process of defining this, but we're going to raise the bar generally speaking for aviation much higher than it is now."

Read more of this story at Slashdot.

카테고리:

Are There More Developers Than We Think?

Slashdot - 월, 2017/05/29 - 8:30오후
JavaScript's npm package manager reports 4 million users, doubling every year, leading to an interesting question from tech industry analyst James Governor: Just how many developers are there out there? GitHub is very well placed to know, given it's where (so much) of that development happens today. It has telemetry-based numbers, with their own skew of course, but based on usage rather than surveys or estimates. According to GitHub CEO Chris Wanstrath, "We see 20 million professional devs in the world as an estimate, from research companies. Well we have 21 million [active] users -- we can't have more users than the entire industry"... If Github has 21 million active users, Wanstrath is right that current estimates of the size of the developer population must be far too low... Are we under-counting China, for example, given its firewalls? India continues to crank out developers at an astonishing rate. Meanwhile Africa is set for crazy growth too... You certainly can't just count computer science graduates or software industry employees anymore. These days you can't even be an astronomer without learning code, and that's going to be true of all scientific disciplines. The analyst attributes the increasing number of developers to "the availability, accessibility and affordability of tools and learning," adding "It's pretty amazing to think that GitHub hit 5 million users in 2012, and is now at 20 million." As for the total number of all developers, he offers his own estimate at the end of the essay. "My wild assed guess would be more like 35 million."

Read more of this story at Slashdot.

카테고리:

ESR Announces The Open Sourcing Of The World's First Text Adventure

Slashdot - 월, 2017/05/29 - 4:30오후
An anonymous reader writes: Open source guru Eric S. Raymond added something special to his GitHub page: an open source version of the world's first text adventure. "Colossal Cave Adventure" was first written in 1977, and Raymond remembers it as "the origin of many things; the text adventure game, the dungeon-crawling D&D (computer) game, the MOO, the roguelike genre. Computer gaming as we know it would not exist without ADVENT (as it was known in its original PDP-10 incarnation...because PDP-10 filenames were limited to six characters of uppercase)... "Though there's a C port of the original 1977 game in the BSD game package, and the original FORTRAN sources could be found if you knew where to dig, Crowther & Woods's final version -- Adventure 2.5 from 1995 -- has never been packaged for modern systems and distributed under an open-source license. Until now, that is. With the approval of its authors, I bring you Open Adventure." Calling it one of the great artifacts of hacker history, ESR writes about "what it means to be respectful of an important historical artifact when it happens to be software," ultimately concluding version control lets you preserve the original and continue improving it "as a living and functional artifact. We respect our history and the hackers of the past best by carrying on their work and their playfulness." "Despite all the energy Crowther and Woods had to spend fighting ancient constraints, ADVENT was a tremendous imaginative leap; there had been nothing like it before, and no text adventure that followed it would be innovative to quite the same degree."

Read more of this story at Slashdot.

카테고리:

US Senators Propose Bug Bounties For Hacking Homeland Security

Slashdot - 월, 2017/05/29 - 1:30오후
An anonymous reader quotes CNN: U.S. senators want people to hack the Department of Homeland Security. On Thursday, Senators Maggie Hassan, a Democrat and Republican Rob Portman introduced the Hack DHS Act to establish a federal bug bounty program in the DHS... It would be modeled off the Department of Defense efforts, including Hack the Pentagon, the first program of its kind in the federal government. Launched a year ago, Hack the Pentagon paved the way for more recent bug bounty events including Hack the Army and Hack the Air Force... The Hack the DHS Act establishes a framework for bug bounties, including establishing "mission-critical" systems that aren't allowed to be hacked, and making sure researchers who find bugs in DHS don't get prosecuted under the Computer Fraud and Abuse Act. "It's better to find vulnerabilities through someone you have engaged with and vetted," said Jeff Greene, the director of government affairs and policy at security firm Symantec. "In an era of constrained budgets, it's a cost-effective way of identifying vulnerabilities"... If passed, it would be among the first non-military bug bounty programs in the public sector.

Read more of this story at Slashdot.

카테고리:

CVE-2016-10377

Latest 7 days CVE Lists - 월, 2017/05/29 - 1:29오후
In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in `lib/flow.c` in the function `miniflow_extract`, permitting remote bypass of the access control list enforced by the switch.

CVE-2017-9261

Latest 7 days CVE Lists - 월, 2017/05/29 - 1:29오후
In ImageMagick 7.0.5-6 Q16, the ReadMNGImage function in coders/png.c allows attackers to cause a denial of service (memory leak) via a crafted file.

페이지

KLDP 수집기 구독하기