News

Supermassive Black Hole Rocketing Out of Distant Galaxy At 5 Million MPH

slashdot - 12 hours 30 min ago
The Bad Astronomer writes: Astronomers have found a supermassive black hole barreling out of its home galaxy at 5 million miles per hour. The 3 billion solar mass behemoth formed from the merger of two slightly smaller black holes after two galaxies collided and themselves merged. The resulting blast of gravitational waves is thought to have been asymmetric, causing a rocket effect which launched the resulting black hole away. It's currently 40,000 light years from the galaxy's core. Source: ESA/Hubble

Share on Google+

Read more of this story at Slashdot.

Why You Should Care About the Supreme Court Case On Toner Cartridges

slashdot - Sat, 03/25/2017 - 03:30
rmdingler quotes a report from Consumerist: A corporate squabble over printer toner cartridges doesn't sound particularly glamorous, and the phrase "patent exhaustion" is probably already causing your eyes to glaze over. However, these otherwise boring topics are the crux of a Supreme Court case that will answer a question with far-reaching impact for all consumers: Can a company that sold you something use its patent on that product to control how you choose to use after you buy it? The case in question is Impression Products, Inc v Lexmark International, Inc, came before the nation's highest court on Tuesday. Here's the background: Lexmark makes printers. Printers need toner in order to print, and Lexmark also happens to sell toner. Then there's Impression Products, a third-party company makes and refills toner cartridges for use in printers, including Lexmark's. Lexmark, however, doesn't want that; if you use third-party toner cartridges, that's money that Lexmark doesn't make. So it sued, which brings us to the legal chain that ended up at the Supreme Court. In an effort to keep others from getting a piece of that sweet toner revenue, Lexmark turned to its patents: The company began selling printer cartridges with a notice on the package forbidding reuse or transfer to third parties. Then, when a third-party -- like Impression -- came around reselling or recycling the cartridges, Lexmark could accuse them of patent infringement. So far the courts have sided with Lexmark, ruling that Impression was using Lexmark's patented technology in an unauthorized way. The Supreme Court is Impression's last avenue of appeal. The question before the Supreme Court isn't one of "can Lexmark patent this?" Because Lexmark can, and has. The question is, rather: Can patent exhaustion still be a thing, or does the original manufacturer get to keep having the final say in what you and others can do with the product? Kate Cox notes via Consumerist that the Supreme Court ruling is still likely months away. However, she has provided a link to the transcript of this week's oral arguments (PDF) in her report and has dissected it to see which way the justices are leaning on the issue.

Share on Google+

Read more of this story at Slashdot.

'Moore's Law' For Carbon Would Defeat Global Warming

slashdot - Sat, 03/25/2017 - 02:05
An anonymous reader quotes a report from MIT Technology Review: A streamlined set of goals for reducing carbon emissions could simplify the way nations approach the quest to reduce human impact on the planet. A group of European researchers have a refreshingly straightforward solution that they call a carbon law -- or, as the Guardian has coined it, a "Moore's law for carbon." The overarching goal is simple: globally, we must halve carbon dioxide emissions every decade. That's essentially it. The rule would ideally be applied "to all sectors and countries at all scales," and would encourage "bold action in the short term." Dramatic changes would naturally have to occur as a result -- from quick wins like carbon taxes and energy efficiency regulations, to longer-term policies like phasing out combustion-engine cars and carbon-neutral building regulations. If policy makers followed the carbon law, adoption of renewables would continue its current pace of doubling energy production every 5.5 years, and carbon dioxide sequestration technologies would need to ramp up in order for the the planet to reach net-zero emissions by the middle of the century, say the researchers. Along the way, coal use would end as soon as 2030 and oil use by 2040. There are, clearly, issues with the idea, not least being the prospect of convincing every nation to commit to such a vision. The very simplicity that makes the idea compelling can also be used as a point of criticism: Can such a basic rule ever hope to define practical ideas as to how to change the world's energy production and consumption? The study has been published in the journal Science.

Share on Google+

Read more of this story at Slashdot.

Microsoft Delivers Secure China-Only Cut of Windows 10

slashdot - Sat, 03/25/2017 - 01:25
Earlier this week, CEO of Microsoft Greater China, Alain Crozier, told China Daily that the company is ready to roll out a version of Windows 10 with extra security features demanded by China's government. "We have already developed the first version of the Windows 10 government secure system. It has been tested by three large enterprise customers," Crozier said. The Register reports: China used Edward Snowden's revelations to question whether western technology products could compromise its security. Policy responses included source code reviews for foreign vendors and requiring Chinese buyers to shop from an approved list of products. Microsoft, IBM and Intel all refused to submit source code for inspection, but Redmond and Big Blue have found other ways to get their code into China. IBM's route is a partnership with Dalian Wanda to bring its cloud behind the Great Firewall. Microsoft last year revealed its intention to build a version of Windows 10 for Chinese government users in partnership with state-owned company China Electronics Technology Group Corp. There's no reason to believe Crozier's remarks are incorrect, because Microsoft has a massive incentive to deliver a version of Windows 10 that China's government will accept. To understand why, consider that China's military has over two million active service personnel, the nation's railways employ similar numbers and Microsoft's partner China Electronics Technology Group Corp has more than 140,000 people on its books. Not all of those are going to need Windows, but plenty will.

Share on Google+

Read more of this story at Slashdot.

US Scientists Launch World's Biggest Solar Geoengineering Study

slashdot - Sat, 03/25/2017 - 00:45
In what will be the world's biggest solar geoengineering program to date, U.S. scientists part of the $20 million Harvard University project are going to send aerosol injections 20km (~12.4 miles) into the earth's stratosphere "to establish whether the technology can safely simulate the atmospheric cooling effects of a volcanic eruption," The Guardian reports. From the report: Scientists hope to complete two small-scale dispersals of first water and then calcium carbonate particles by 2022. Future tests could involve seeding the sky with aluminum oxide -- or even diamonds. Janos Pasztor, Ban Ki-moon's assistant climate chief at the UN who now leads a geoengineering governance initiative, said that the Harvard scientists would only disperse minimal amounts of compounds in their tests, under strict university controls. Geoengineering advocates stress that any attempt at a solar tech fix is years away and should be viewed as a compliment to -- not a substitute for -- aggressive emissions reductions action. But the Harvard team, in a promotional video for the project, suggest a redirection of one percent of current climate mitigation funds to geoengineering research, and argue that the planet could be covered with a solar shield for as little as $10 billion a year. Some senior UN climate scientists view such developments with alarm, fearing a cash drain from proven mitigation technologies such as wind and solar energy, to ones carrying the potential for unintended disasters. If lab tests are positive, the experiment would then be replicated with a limestone compound which the researchers believe will neither absorb solar or terrestrial radiation, nor deplete the ozone layer.

Share on Google+

Read more of this story at Slashdot.

Venezuelan Developers Are Using Bitcoin, Rare Pepe Trading Cards To Fight Against a Dismal Economy

slashdot - Sat, 03/25/2017 - 00:05
According to Crypto Insider, Venezuelan developers have been selling "rare pepes" -- trading cards that contain unique illustrations and photoshops of the character Pepe the Frog. While the trading cards started out as nothing more than a joke, many of them have been traded for thousands of dollars on the Counterparty platform, which is built on top of Bitcoin, and have provided a way for many developers to sustain themselves in Venezuela's poor economy. From the report: The basic idea behind the issuance of rare pepes on top of the Counterparty platform is that it enables scarcity in a digital world. Each rare pepe card is linked to a little bit of bitcoin through a practice known as coin coloring. Whoever owns the private keys associated with the address where the bitcoins that represent a specific rare pepe card is located is the one who owns that particular trading card. Now, a group of developers in Venezuela are building games similar to Hearthstone and Pokemon where the rare pepe trading cards will play an integral role. If you go to rarepepe.party right now, you're mainly presented with a video of what the first game based on the Rare Pepe digital trading cards will look like. The concept is similar to Hearthstone or Magic: The Gathering where players essentially do battle with their opponents via characters on trading cards, which have specific stats and features. In this case, the characters are various rare pepes. With many rare pepes already released (you can view them in the official rare pepe directory), the developers behind Rare Pepe Party are attempting to provide a use case for these new trading cards. While some rare pepe cards already have stats on them, the developer who chatted with Crypto Insider says those stats may not mean much when it's time to play the game. While rare pepes are nothing more than fun and games for much of the developed world, they're a matter of survival in Venezuela. "We're based in Venezuela, and our business has been saved by bitcoin many times," said the developer. The developer claims roughly 80 percent of the offices around the area where Rare Pepe Party is being developed have shut down over the past year. The biggest businesses on their street have also dropped as much as 90 percent of their employees.

Share on Google+

Read more of this story at Slashdot.

South Korea Finds Qualcomm Prevented Samsung From Selling Its Exynos Processors

slashdot - Fri, 03/24/2017 - 23:20
According to the South Korea Trade Commission (SKTC), Qualcomm prevented Samsung from selling its Exynos processors to various third-party phone manufacturers. "The Commission's report claims that Qualcomm abused its standard-essential patents -- which define technical standards like Wi-Fi and 4G -- to prevent Samsung from selling its modems, integrated processors, and other chips to smartphone makers like LG, Huawei, Xiaomi, and others," reports Digital Trends. "The Commission reportedly threatened to file suit against Samsung, which had agreed to license the patents for an undisclosed sum, if the South Korean electronics maker began competing against it in the mobile market." From the report: That bullying ran afoul of the South Korea Trade Commission's rules, which require that standard-essential patents be licensed on fair, reasonable, and non-discriminatory (FRAND) terms. "Samsung Electronics has been blocked from selling its modem chips to other smartphone manufacturers due to a license deal it signed with Qualcomm," the commissioners wrote. The report provides legal justification for the $853 million fine the SKTC placed on Qualcomm in December for "anti-competitive practices." Qualcomm intends to appeal. "[We] strongly disagree with the KFTC's announced decision, which Qualcomm believes is inconsistent with the facts and the law, reflects a flawed process, and represents a violation of due process rights owed American companies" under an applicable agreement between the U.S. and South Korea.

Share on Google+

Read more of this story at Slashdot.

FedEx Will Pay You $5 To Install Flash

slashdot - Fri, 03/24/2017 - 22:40
FedEx's Office Print department is offering customers $5 to enable Adobe Flash in their browsers. Why would they do such a thing you may ask? It's because they want customers to design posters, signs, manuals, banners and promotional agents using their "web-based config-o-tronic widgets," which requires Adobe Flash. The Register reports: But the web-based config-o-tronic widgets that let you whip and order those masterpieces requires Adobe Flash, the enemy of anyone interested in security and browser stability. And by anyone we mean Google, which with Chrome 56 will only load Flash if users say they want to use it, and Microsoft which will stop supporting Flash in its Edge browser when the Windows 10 Creators Update debuts. Mozilla's Firefox will still run Flash, but not for long. The impact of all that Flash hate is clearly that people are showing up at FedEx Office Print without the putrid plug-in. But seeing as they can't use the service without it, FedEx has to make the offer depicted above or visible online here. That page offers a link to download Flash, which is both a good and a bad idea. The good is that the link goes to the latest version of Flash, which includes years' worth of bug fixes. The bad is that Flash has needed bug fixes for years and a steady drip of newly-detected problems means there's no guarantee the software's woes have ended. Scoring yourself a $5 discount could therefore cost you plenty in future.

Share on Google+

Read more of this story at Slashdot.

Judge: eBay Can't Be Sued Over Seller Accused of Patent Infringement

slashdot - Fri, 03/24/2017 - 22:00
An anonymous reader quotes a report from Ars Technica: It's game over for an Alabama man who claims his patent on "Carpenter Bee Traps" is being infringed by competing products on eBay. Robert Blazer filed his lawsuit in 2015, saying that his U.S. Patent No. 8,375,624 was being infringed by a variety of products being sold on eBay. Blazer believed the online sales platform should have to pay him damages for infringing his patent. A patent can be infringed when someone sells or "offers to sell" a patented invention. At first, Blazer went through eBay's official channels for reporting infringement, filing a "Notice of Claimed Infringement," or NOCI. At that point, his patent hadn't even been issued yet and was still a pending application, so eBay told him to get back in touch if his patent was granted. On February 19, 2013, Blazer got his patent and ultimately sent multiple NOCI forms to eBay. However, eBay wouldn't take down any items, in keeping with its policy of responding to court orders of infringement and not mere allegations of infringement. In 2015, Blazer sued, saying that eBay had directly infringed his patent and also "induced" others to infringe. That lawsuit can't move forward, following an opinion (PDF) published this week by U.S. District Judge Karon Bowdre. The judge found that eBay lacked any knowledge of actual infringement and rejected Blazer's argument that eBay was "willfully blind" to infringement of Blazer's patent. The opinion was first reported yesterday by The Recorder (registration required).

Share on Google+

Read more of this story at Slashdot.

How Noisy Is Your Neighborhood? Now There's A Map For That

slashdot - Fri, 03/24/2017 - 21:40
An anonymous reader share an NPR article: There's no denying it: Los Angeles isn't exactly gentle on the ears. That's one lesson, at least, from a comprehensive noise map created by the U.S. Bureau of Transportation Statistics. On the interactive U.S. map the agency released this week, which depicts data on noise produced primarily by airports and interstate highways, few spots glare with such deep and angry color as the City of Angels. Blame the area's handful of major airports and its legendary snarls of traffic -- ranked this year as the worst in the nation.

Share on Google+

Read more of this story at Slashdot.

AMC Plans Ad-Free Streaming Service

slashdot - Fri, 03/24/2017 - 21:20
An anonymous reader shares a Fortune report: AMC Networks, whose shows include The Walking Dead, is planning to launch a commercial-free online video streaming service aimed at millennial TV subscribers, two sources familiar with the situation told Reuters this week. Unlike standalone streaming options from Time Warner's HBO and from CBS, AMC's would be exclusively available to consumers who subscribe to a cable TV package. AMC is doing this, the sources said, as a way to support the traditional cable television industry at a time when many younger consumers are increasingly cutting the cord. AMC is discussing featuring digital-only spinoff shows of its existing programs like The Walking Dead and is considering pricing between $4.99 to $6.99 a month, according to the sources, who cautioned final details are still being worked out.

Share on Google+

Read more of this story at Slashdot.

Uber Manager Told Female Engineer That 'Sexism is Systemic in Tech'

slashdot - Fri, 03/24/2017 - 20:40
Sam Levin, writing for The Guardian: Uber is facing yet another discrimination scandal after a manager who was recruiting a female engineer defended the company by saying "sexism is systemic in tech." On 14 March, an engineering manager at Uber tried to recruit Kamilah Taylor, a senior software engineer at another Silicon Valley company, for a developer position at the San Francisco ride-hailing startup, which is struggling to recover from a major sexual harassment controversy. Taylor, who provided copies of her LinkedIn messages with the Guardian, responded by saying: "In light of Uber's questionable business practices and sexism, I have no interest in joining." Taylor was stunned by the reply she received from Uber. The manager, who is a woman, wrote: "I understand your concern. I just want to say that sexism is systemic in tech and other industries. I've met some of the most inspiring people here."

Share on Google+

Read more of this story at Slashdot.

T-Mobile Kicks Off Industry Robocall War With Network-Level Blocking and ID Tools

slashdot - Fri, 03/24/2017 - 20:00
T-Mobile is among the first U.S. telecom companies to announce plans to thwart pesky robocallers. From a report on VentureBeat: The move represents part of an industry-wide Robocall Strike Force set up by the Federal Communications Commission (FCC) last year to combat the 2 billion-plus automated calls U.S. consumers deal with each month. Other key members of the group include Apple, Google, Microsoft, and Verizon. T-Mobile's announcement comes 24 hours after the FCC voted to approve a new rule that would allow telecom companies to block robocallers who use fake caller ID numbers to conceal their true location and identity. From a report on WashingtonPost: The Federal Communications Commission on Thursday proposed new rules (PDF) that would allow phone companies to target and block robo-calls coming from what appear to be illegitimate or unassigned phone numbers. The rules could help cut down on the roughly 2.4 billion automated calls that go out each month -- many of them fraudulent, according to FCC Chairman Ajit Pai. "Robo-calls are the No. 1 consumer complaint to the FCC from members of the American public," he said, vowing to halt people who, in some cases, pretend to be tax officials demanding payments from consumers, or, in other cases, ask leading questions that prompt consumers to give up personal information as part of an identity theft scam.

Share on Google+

Read more of this story at Slashdot.

The Days of Google Talk Are Over

slashdot - Fri, 03/24/2017 - 19:20
The days of Google Talk are quickly coming to an end. An anonymous reader shares a TechCrunch report: As the company announced today, the messaging service that allowed Gmail users to talk to each other since it launched in 2005, will now be completely retired. Even while Google pushed Hangouts as its consumer messaging service (before Allo, Duo, Hangouts Chat and Hangouts Meet) over the last few years, it still allowed die-hard Gtalk users (and there are plenty of them) to stick to their preferred chat app. Over the next few days, these users will get an "invite" to move to Hangouts. After June 26, that switch will be mandatory.

Share on Google+

Read more of this story at Slashdot.

Samsung's Calls For Industry To Embrace Its Battery Check Process as a New Standard Have Been Ignored

slashdot - Fri, 03/24/2017 - 18:40
Months after the Galaxy Note 7 debacle, the topic remains too hot for the rest of the wireless industry to handle. From a report on CNET: With Samsung's Galaxy S8 to launch next week, a renewed discussion of the Note 7, which had an unhealthy tendency to catch fire and which had to be recalled, is inevitable. Samsung opened that door in January when it embarked on a mea culpa tour. Beyond spelling out the cause of the overheating problem in its popular phone, the company unveiled an eight-point battery check system it said surpassed industry practices, and it invited rivals to follow its model. But two months after the introduction, what's the industry response? A collective shrug. Interviews with phone makers and carriers found that while all placed a high priority on safety, few would talk specifically about Samsung's new battery check process or the idea of adopting it for themselves.

Share on Google+

Read more of this story at Slashdot.

A Statement from the Executive Director

drupal - Thu, 03/23/2017 - 22:49

Drupal Association

We understand that there is uncertainty and concern in the Drupal community about project founder, Dries Buytaert, asking Larry Garfield to leave the Drupal community, and about the Drupal Association removing Larry's DrupalCon sessions and ending his term as track chair.

We want to be clear that the decision to remove Larry's DrupalCon session and track chair role was not because of his private life or personal beliefs. The Drupal Association stands by our values of inclusivity. Our decision was based on confidential information conveyed in private by many sources. Due to the confidential nature of the situation we cannot and will not disclose any information that may harm any members of our community, including Larry.

This decision followed our established process. As the Executive Director, charged with safekeeping the goodwill of the organization, I made this decision after considering input from various sources including the Community Working Group (CWG) and Drupal Project Lead, Dries Buytaert. Upon Larry’s request for an appeal, the full board reviewed the situation, all the evidence, and statements provided by Larry. After reviewing the entirety of the information available (including information not in the public view) the decision was upheld.

In order to protect everyone involved we cannot comment more, and trust that the community will be understanding.  

We do see that there are many feelings and questions around this DrupalCon decision and we empathize with those community members. We will continue to monitor comments. We are listening.

Mars Rover Spots Clouds Shaped By Gravity Waves

slashdot - Thu, 03/23/2017 - 07:00
sciencehabit writes from a report via Science Magazine: NASA's Curiosity rover has shot more than 500 movies of the clouds above Mars, including the first ground-based view of martian clouds shaped by gravity waves, researchers reported this week at the Lunar and Planetary Science Conference. The shots are the best record made so far of a mysterious recurring belt of equatorial clouds known to influence the martian climate. Understanding these clouds will help inform estimates of ground ice depth and perhaps recurring slope lineae, potential flows of salty water on the surface, says John Moores, a planetary scientist at York University in Toronto, Canada, who led the study with his graduate student, Jake Kloos. "If we wish to understand the water story of Mars's past," Moores says, "we first need to [separate out] contributions from the present-day water cycle." Using Curiosity's navigation camera, Moores and Kloos recorded eight-frame movies of this wispy cloud belt for two martian years. They've used two angles to capture the clouds: one pointed directly up, to see wind direction and speed, and another that keeps the rover's horizon in the frame, allowing a view into the clouds' depth. Given the limited water vapor, solar energy, and atmosphere, the martian clouds lack the variety of shapes seen on Earth. But during one day of cloud gazing -- Curiosity's 1302th martian day, to be precise -- the team got lucky and saw something unusual. That day, when Curiosity looked to the horizon, it saw a sequence of straight, parallel rows of clouds flowing in the same direction: the first ground-based view of a gravity wave cloud. Similar to the waves that follow a pebble tossed into a pond, gravity waves are created when some unknown feature of the martian landscape causes a ripple in the atmosphere that is then seen in clouds. Such waves are common at the edge of the martian ice caps, but thought to be less frequent over its equator.

Share on Google+

Read more of this story at Slashdot.

A Lithuanian Phisher Tricked Two Big US Tech Companies Into Wiring Him $100 Million

slashdot - Thu, 03/23/2017 - 03:30
According to a recent indictment from the U.S. Department of Justice, a 48-year-old Lithuanian scammer named Evaldas Rimasauskas managed to trick two American technology companies into wiring him $100 million. He was able to perform this feat "by masquerading as a prominent Asian hardware manufacturer," reports The Verge, citing court documents, "and tricking employees into depositing tens of millions of dollars into bank accounts in Latvia, Cyprus, and numerous other countries." From the report: What makes this remarkable is not Rimasauskas' particular phishing scam, which sounds rather standard in the grand scheme of wire fraud and cybersecurity exploits. Rather, it's the amount of money he managed to score and the industry from which he stole it. The indictment specifically describes the companies in vague terms. The first company is "multinational technology company, specializing in internet-related services and products, with headquarters in the United States," the documents read. The second company is a "multinational corporation providing online social media and networking services." Both apparently worked with the same "Asia-based manufacturer of computer hardware," a supplier that the documents indicate was founded some time in the late '80s. What's more important is that representatives at both companies with the power to wire vast sums of money were still tricked by fraudulent email accounts. Rimasauskas even went so far as to create fake contracts on forged company letterhead, fake bank invoices, and various other official-looking documents to convince employees of the two companies to send him money. Rimasauskas has been charged with one count of wire fraud, three counts of money laundering, and aggravated identity theft. In other words, he faces serious prison time of convicted -- each charge of wire fraud and laundering carries a max sentence of 20 years. The court documents don't reveal the names of the two companies. Though, one could surely think of a few candidates that would fit the descriptions provided in the court documents.

Share on Google+

Read more of this story at Slashdot.

Japanese Company Develops a Solar Cell With Record-Breaking 26%+ Efficiency

slashdot - Thu, 03/23/2017 - 01:25
An anonymous reader quotes a report from Ars Technica: The silicon-based cells that make up a solar panel have a theoretical efficiency limit of 29 percent, but so far that number has proven elusive. Practical efficiency rates in the low-20-percent range have been considered very good for commercial solar panels. But researchers with Japanese chemical manufacturer Kaneka Corporation have built a solar cell with a photo conversion rate of 26.3 percent, breaking the previous record of 25.6 percent. Although it's just a 2.7 percent increase in efficiency, improvements in commercially viable solar cell technology are increasingly hard-won. Not only that, but the researchers noted in their paper that after they submitted their article to Nature Energy, they were able to further optimize their solar cell to achieve 26.6 percent efficiency. That result has been recognized by the National Renewable Energy Lab (NREL). In the Nature Energy paper, the researchers described building a 180.4 cm2 cell using high-quality thin-film heterojunction (HJ) -- that is, layering silicon within the cell to minimize band gaps where electron states can't exist. Controlling heterojunctions is a known technique among solar cell builders -- Panasonic uses it and will likely incorporate it into cells built for Tesla at the Solar City plant in Buffalo, and Kaneka has its own proprietary heterojunction techniques. For this record-breaking solar cell, the Kaneka researchers also placed low-resistance electrodes toward the rear of the cell, which maximized the number of photons that collected inside the cell from the front. And, as is common on many solar cells, they coated the front of the cell with a layer of amorphous silicon and an anti-reflective layer to protect the cell's components and collect photons more efficiently.

Share on Google+

Read more of this story at Slashdot.

LastPass Bugs Allow Malicious Websites To Steal Passwords

slashdot - Thu, 03/23/2017 - 00:45
Earlier this month, a Slashdot reader asked fellow Slashdotters what they recommended regarding the use of password managers. In their post, they voiced their uncertainty with password managers as they have been hacked in the past, citing an incident in early 2016 where LastPass was hacked due to a bug that allowed users to extract passwords stored in the autofill feature. Flash forward to present time and we now have news that three separate bugs "would have allowed a third-party to extract passwords from users visiting a malicious website." An anonymous Slashdot reader writes via BleepingComputer: LastPass patched three bugs that affected the Chrome and Firefox browser extensions, which if exploited, would have allowed a third-party to extract passwords from users visiting a malicious website. All bugs were reported by Google security researcher Tavis Ormandy, and all allowed the theft of user credentials, one bug affecting the LastPass Chrome extension, while two impacted the LastPass Firefox extension [1, 2]. The exploitation vector was malicious JavaScript code that could be very well hidden in any online website, owned by the attacker or via a compromised legitimate site.

Share on Google+

Read more of this story at Slashdot.