Gateway Login

Close X
Login for Bowdoin-only view  |  ?

IT News

3 Former Astronauts: Earth-Asteroid Collisions Are a Real But Preventable Danger

Slashdot - Sat, 04/19/2014 - 17:28
Three former astronauts — Ed Lu, Tom Jones, and Bill Anders — say that reassuring figures about the rarity of asteroid collisions with Earth are perhaps too reassuring. The B612 Foundation, of which Lu is a director, has been established to draw public awareness to the risks of a large asteroid hitting a population center -- which these three men say is a far more serious public danger than has been acknowledged by NASA and other agencies. And beyond awareness, the Foundation's immediate goal is to raise money to " design and build an asteroid-finding space telescope and launch it by 2017," and then, Armageddon-style, to follow that up with technology to divert any asteroids whose path would threaten earth.

Read more of this story at Slashdot.








Categories: IT News

3 Former Astronauts: Earth-Asteroid Collisions Are a Real But Preventable Danger

Slashdot - Sat, 04/19/2014 - 17:28
Three former astronauts — Ed Lu, Tom Jones, and Bill Anders — say that reassuring figures about the rarity of asteroid collisions with Earth are perhaps too reassuring. The B612 Foundation, of which Lu is a director, has been established to draw public awareness to the risks of a large asteroid hitting a population center -- which these three men say is a far more serious public danger than has been acknowledged by NASA and other agencies. And beyond awareness, the Foundation's immediate goal is to raise money to " design and build an asteroid-finding space telescope and launch it by 2017," and then, Armageddon-style, to follow that up with technology to divert any asteroids whose path would threaten earth.

Read more of this story at Slashdot.








Categories: IT News

3 Former Astronauts: Earth-Asteroid Collisions Are a Real But Preventable Danger

Slashdot - Sat, 04/19/2014 - 17:28
Three former astronauts — Ed Lu, Tom Jones, and Bill Anders — say that reassuring figures about the rarity of asteroid collisions with Earth are perhaps too reassuring. The B612 Foundation, of which Lu is a director, has been established to draw public awareness to the risks of a large asteroid hitting a population center -- which these three men say is a far more serious public danger than has been acknowledged by NASA and other agencies. And beyond awareness, the Foundation's immediate goal is to raise money to " design and build an asteroid-finding space telescope and launch it by 2017," and then, Armageddon-style, to follow that up with technology to divert any asteroids whose path would threaten earth.

Read more of this story at Slashdot.








Categories: IT News

3 Former Astronauts: Earth-Asteroid Collisions Are a Real But Preventable Danger

Slashdot - Sat, 04/19/2014 - 17:28
Three former astronauts — Ed Lu, Tom Jones, and Bill Anders — say that reassuring figures about the rarity of asteroid collisions with Earth are perhaps too reassuring. The B612 Foundation, of which Lu is a director, has been established to draw public awareness to the risks of a large asteroid hitting a population center -- which these three men say is a far more serious public danger than has been acknowledged by NASA and other agencies. And beyond awareness, the Foundation's immediate goal is to raise money to " design and build an asteroid-finding space telescope and launch it by 2017," and then, Armageddon-style, to follow that up with technology to divert any asteroids whose path would threaten earth.

Read more of this story at Slashdot.








Categories: IT News

3 Former Astronauts: Earth-Asteroid Collisions Are a Real But Preventable Danger

Slashdot - Sat, 04/19/2014 - 17:28
Three former astronauts — Ed Lu, Tom Jones, and Bill Anders — say that reassuring figures about the rarity of asteroid collisions with Earth are perhaps too reassuring. The B612 Foundation, of which Lu is a director, has been established to draw public awareness to the risks of a large asteroid hitting a population center -- which these three men say is a far more serious public danger than has been acknowledged by NASA and other agencies. And beyond awareness, the Foundation's immediate goal is to raise money to " design and build an asteroid-finding space telescope and launch it by 2017," and then, Armageddon-style, to follow that up with technology to divert any asteroids whose path would threaten earth.

Read more of this story at Slashdot.








Categories: IT News

3 Former Astronauts: Earth-Asteroid Collisions Are a Real But Preventable Danger

Slashdot - Sat, 04/19/2014 - 17:28
Three former astronauts — 2, Ed Lu, Tom Jones, and Bill Anders, — say that reassuring figures about the rarity of asteroid collisions with Earth are perhaps too reassuring. The B612 Foundation, of which Lu is a director, has been established to draw public awareness to the risks of a large asteroid hitting a population center -- which these three men say is a far more serious public danger than has been acknowledged by NASA and other agencies. And beyond awareness, the Foundation's immediate goal is to raise money to " design and build an asteroid-finding space telescope and launch it by 2017," and then, Armageddon-style, to follow that up with technology to divert any asteroids whose path would threaten earth.

Read more of this story at Slashdot.








Categories: IT News

Ask Slashdot: Hungry Students, How Common?

Slashdot - Sat, 04/19/2014 - 17:00
Gud (78635) points to this story in the Washington Post about students having trouble with paying for both food and school. "I recall a number of these experiences from my time as grad student. I remember choosing between eating, living in bad neighborhoods, putting gas in the car, etc. Me and my fellow students still refer to ourselves as the 'starving grad students.' Today we laugh about these experiences because we all got good jobs that lifted us out of poverty, but not everyone is that fortunate. I wonder how many students are having hard time concentrating on their studies due to worrying where the next meal comes from. In the article I found the attitude of collage admins to the idea of meal plan point sharing, telling as how little they care about anything else but soak students & parents for fees and pester them later on with requests for donations. Last year I did the college tour for my first child, after reading the article, some of the comments I heard on that tour started making more sense. Like 'During exams you go to the dining hall in the morning, eat and study all day for one swipe' or 'One student is doing study on what happens when you live only on Ramen noodles!' How common is 'food insecurity in college or high school'? What tricks can you share with current students?"

Read more of this story at Slashdot.








Categories: IT News

Why Your Favorite App Isn’t Business-Related And How It Can Be

TechCrunch - Sat, 04/19/2014 - 16:00
 Think about your favorite app. Let me guess. It’s a consumer app -- something like Uber, Instagram or Pinterest. So what do we do to get business apps into that list of favorites? If we put the user experience first and incorporate utility, simplicity, engagement and emotion into our products, we can make work just as easy and delightful as posting a photo. Read More
Categories: IT News

Google's New Camera App Simulates Shallow Depth of Field

Slashdot - Sat, 04/19/2014 - 15:30
New submitter katiewilliam (3621675) writes with a story at Hardware Zone about a new feature that Google's working on for Android phones' built-in cameras: the illusion of shallow depth of field in phone snapshots, which typically err on the side of too much in focus, rather than too little. Excerpting: "The Google Research Blog [note: here's a direct link] revealed that there's quite a fair bit of algorithms running to achieve this effect; to put it in a nutshell, computer vision algorithms create a 3D model of the world based on the shots you have taken, and estimate the depth to every point in the scene."

Read more of this story at Slashdot.








Categories: IT News

Nike Says The FuelBand Isn’t Dead, New Color Options Coming

TechCrunch - Sat, 04/19/2014 - 14:15
 Nike was said to be shutting down its FuelBand department on the heels of layoffs on Friday, signalling a significant exit of the wearable fitness device market by one of the more prominent companies involved in the space. That's not quite true, however, according to information provided to Re/code by the company. Read More
Categories: IT News

Beer Price Crisis On the Horizon

Slashdot - Sat, 04/19/2014 - 14:10
Rambo Tribble (1273454) writes "The aficionados of beer and distilled spirits could be in for a major price-shock, if proposals by the Food and Drug Administration come to pass. Currently, breweries are allowed to sell unprocessed brewing by-products to feed farm animals. Farmers prize the nutritious, low-cost feed. But, new rules proposed by the FDA could force brewers to implement costly processing facilities or dump the by-products as waste. As one brewer put it, "Beer prices would go up for everybody to cover the cost of the equipment and installation.""

Read more of this story at Slashdot.








Categories: IT News

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 04/19/2014 - 13:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: IT News

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 04/19/2014 - 13:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: IT News

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 04/19/2014 - 13:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: IT News

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 04/19/2014 - 13:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: IT News

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 04/19/2014 - 13:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: IT News

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 04/19/2014 - 13:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: IT News

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 04/19/2014 - 13:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: IT News

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 04/19/2014 - 13:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: IT News

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions

Slashdot - Sat, 04/19/2014 - 13:03
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software. "Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated." After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Read more of this story at Slashdot.








Categories: IT News
Syndicate content