Breach notification service LeakedSource may be permanently shut down after the owner of the site was raided earlier this week. "At the start of the new year, LeakedSource indexed more than 3 billion records," reports CSO Online. "Their collection is the result of information sharing between a number of sources, including those who hacked the data themselves. Access to the full archive requires a membership fee." From the report: On the OGFlip forum Thursday, a user posted vague details about the LeakedSource raid, but Salted Hash has been unable to verify the claims. The U.S. Department of Justice will not comment, refusing to confirm or deny any investigations related to LeakedSource. The operators of the notification service itself have been offline for several days, and the LeakedSource website stopped working late Tuesday evening. The message from OGF reads as follows: âoeLeakedsource is down forever and won't be coming back. Owner raided early this morning. Wasn't arrested, but all SSD's got taken, and Leakedsource servers got subpoena'd and placed under federal investigation. If somehow he recovers from this and launches LS again, then I'll be wrong. But I am not wrong. (sic)"

Automakers are using the Digital Millennium Copyright Act to shut down tools used by car mechanics -- but three states are trying to stop them. An anonymous reader quotes IFixIt.Org: in 2014, Ford sued Autel for making a tool that diagnoses car trouble and tells you what part fixes it. Autel decrypted a list of Ford car parts, which wound up in their diagnostic tool. Ford claimed that the parts list was protected under copyright (even though data isn't creative work) -- and cracking the encryption violated the DMCA. The case is still making its way through the courts. But this much is clear: Ford didn't like Autel's competing tool, and they don't mind wielding the DMCA to shut the company down...

Thankfully, voters are stepping up to protect American jobs. Just last week, at the behest of constituents, three states -- Nebraska, Minnesota, and New York -- introduced Right to Repair legislation (more states will follow). These 'Fair Repair' laws would require manufacturers to provide service information and sell repair parts to owners and independent repair shops.
Activist groups like the EFF and Repair.org want to "ensure that repair people aren't marked as criminals under the DMCA," according to the site, arguing that we're heading towards a future with many more gadgets to fix. "But we'll have to fix copyright law first."

For the second time in 9 months, ATT is raising its activation and upgrade fee. In April 2016, the fee for non-contract customers was raised from $15 to $20. Today, it has been raised another $5, from $20 to $25, according to PhoneScoop. Ars Technica reports: As the mobile carrier switched from contracts to device payment plans, ATT initially did not charge an activation and upgrade fee for customers who brought their own phone or bought one from ATT on an installment plan. But in July 2015, ATT started charging a $15 activation fee to customers who don't sign two-year contracts. (ATT also raised the activation/upgrade fee for contract customers from $40 to $45 in July 2015.) The $25 fee is charged for new activations or upgrades when customers purchase devices on installment agreements, ATT says. Customers who bring their own phone to the network are charged the $25 fee when they activate a new line of service, but not when they upgrade phones on an existing line. "We are making a minor adjustment to our activation and upgrade fees. The change is effective today," ATT told Ars. ATT also still charges the $45 activation and upgrade fee on two-year contracts, but those contracts are "available only on select devices."

mask.of.sanity writes from a report via The Register: U.S. president-elect Donald Trump's freshly minted cyber tsar Rudy Giuliani runs a website so insecure that its content management system is five years out of date, unpatched and is utterly hackable. Giulianisecurity.com, the website for Giuliani's eponymous infosec consultancy firm, runs Joomla! version 3.0, released in 2012, and since found to carry 15 separate vulnerabilities. More bugs and poor secure controls abound. The Register report adds: "Some of those bugs can be potentially exploited by miscreants using basic SQL injection techniques to compromise the server. This seemingly insecure system also has a surprising number of network ports open -- from MySQL and anonymous LDAP to a very out-of-date OpenSSH 4.7 that was released in 2007. It also runs a rather old version of FreeBSD. 'You can probably break into Giuliani's server,' said Robert Graham of Errata Security. 'I know this because other FreeBSD servers in the same data center have already been broken into, tagged by hackers, or are now serving viruses. 'But that doesn't matter. There's nothing on Giuliani's server worth hacking.'"

An anonymous reader quotes a report from Ars Technica: As part of the process to gain federal approval for the simultaneous landing of its Falcon Heavy rocket boosters in Florida, SpaceX has prepared an environmental assessment of the construction of two additional landing pads alongside its existing site. The report considers noise and other effects from landing up to three first stages at the same time. After undergoing a preliminary review by the U.S. Air Force, the document has been released for public comment. As part of the document, SpaceX also says it would like to build a Dragon capsule processing facility on the landing zone to support refurbishment of the Dragon 2 spacecraft, designed to carry crew into orbit. The 130-foot-long facility would provide a "temporary" facility for vehicle propellant load and propulsion system servicing. When it originally designed its Landing Zone 1 facility at Cape Canaveral Air Force Station, for the single Falcon 9 first stage booster, the company envisioned the need for one main pad approximately 200 feet across, and four smaller contingency pads, each approximately 150 feet in diameter. The chosen site had enough acreage to accommodate all five pads. Improvements in the rocket's landing navigation guidance system obviated the need for the contingency pads with the Falcon 9, however. So now the company wants to use the additional space to construct two concrete landing pads, each with an approximate diameter of 282 feet surrounded by an approximate 50-foot-wide hard-packed soil "apron." This would give SpaceX three landing pads and the ability to bring back all three Falcon Heavy boosters to land while also retaining the option to land one or two on drone ships in the Atlantic Ocean. In addition to the potential for a dozen Falcon 9 launches and landings each year, the document says SpaceX may eventually make six Falcon Heavy launches a year, potentially returning an additional 18 boosters to the Florida-based site. The new pads and crane sites would be configured to allow parallel processing of landed boosters. With U.S. Air Force Approval, construction could begin as early as this spring.

Song Su-hyun, reporting for The Korea Herald: LG Electronics' upcoming flagship smartphone will have a 5.7-inch Quad HD liquid crystal display panel with a ratio of 18:9, LG Display said on Tuesday. LG Electronics confirmed it will be the G6 smartphone slated for launch next month. The new display panel, dubbed "QHD+," will be the world's first 18:9 QHD LCD, according to LG Display. The 18:9 ratio will provide users with greater immersion than previous displays and allow consumers to multitask by using the dual-screen feature.

Libreboot became an official GNU project in May. Now an anonymous Slashdot reader writes: Richard Stallman has officially announced that Libreboot is no longer a GNU package. The maintainer of Libreboot had tried to leave the GNU project in September 2016, but the departure was not acknowledged until January 2017. Libreboot is a replacement for proprietary BIOS systems, effectively a distribution of coreboot without any binary blobs and adding an automated build/install process.
In the post titled "Goodbye to GNU Libreboot," Stallman wrote that "When a package's maintainer steps down, that doesn't by itself break the relationship between GNU and the package. If it is left without a maintainer but is still useful, the GNU Project will usually look for new maintainers to work on it. However, we can instead drop ties with the package, if that seems the right thing to do.

"A few months ago, the maintainer of GNU Libreboot decided not to work on Libreboot for the GNU Project any more. That was her decision to make. She also asserted that Libreboot was no longer a GNU package -- something she could not unilaterally do. The GNU Project had to decide what to do in regard to Libreboot. We have decided to go along with the former GNU maintainer's wishes in this case, for a combination of reasons: (1) it had not been a GNU package for very long, (2) she was the developer who had originally made it a GNU package, and (3) there were no major developers who wanted to continue developing Libreboot under GNU auspices."

A 37-year-old credits his MacBook Pro laptop with saving his life during a shooting at the baggage claim of the Fort Lauderdale-Hollywood International Airport. An anonymous reader quotes WPLG Miami: He placed it in his backpack, but didn't think of it when he felt an impact on his back during the shooting... When the bloodshed was over, he said he went to the men's restroom and saw a bullet hole on the laptop. He gave it to FBI agents. And he was in shock when they found a 9 mm bullet in his backpack. That was when he realized a gunman aimed to kill him, but the laptop took the bullet for him. "If I didn't have that backpack on, the bullet would have shot me between the shoulders," Frappier said.

Scientists have classified a new organ called the mesentery, which connects a person's small and large intestines to the abdominal wall and anchors them in place, according to the Mayo Clinic. Until recently, it was thought of a number of distinct membranes by most scientists. It was none other than Leonardo da Vinci who identified the membranes as a single structure, according to a recent review. Live Science reports: In the review, lead author Dr. Calvin Coffey, a professor of surgery at the University of Limerick's Graduate Entry Medical School in Ireland, and colleagues looked at past studies and literature on the mesentery. Coffey noted that throughout the 20th century, anatomy books have described the mesentery as a series of fragmented membranes; in other words, different mesenteries were associated with different parts of the intestines. More recent studies looking at the mesentery in patients undergoing colorectal surgery and in cadavers led Coffey's team to conclude that the membrane is its own, continuous organ, according to the review, which was published in November in the journal The Lancet Gastroenterology and Hepatology. The reclassification of the mesentery as an organ "is relevant universally as it affects all of us," Coffey said in a statement. By recognizing the anatomy and the structure of the mesentery, scientists can now focus on learning more about how the organ functions, Coffey said. In addition, they can also learn about diseases associated with the mesentery, he added.

Slashdot reader westand writes, "Wikipedia's 5000 most-visited articles of 2016 have been released, and Donald Trump leads the pack." (Though the site's second-most popular article was about a porn site.) The top 5000 pages account for 21.6 billion views, with 42% of those being mobile traffic... After artificial traffic is discounted, election and celebrity deaths feature prominently.
Wikipedia's article about the U.S. presidential election of 2016 also came in at #11, while their articles about Melania Trump and Hillary Clinton came in at #16 and #19, respectively. Other top-20 articles covered deaths in 2016, as well as "Prince (musician)" and David Bowie, with four more articles that covered 2016 superhero movies also reaching the top 20. (Along with "List of Bollywood films of 2016".) The eighth most-popular article was about web scraping, while Wikipedia's 404.php page was actually more popular than any article on the site.

The original submission also points out that 323 million views were covered by The Wikipedia Zero project, in which mobile operators in the Global South ""'zero-rate' access to Wikimedia sites in their billing system, so their subscribers will not incur data charges while accessing Wikipedia and the sister projects on the mobile web or apps." And Wikipedia adds that their list is generated by Andrew G. West, a senior research scientist at Verisign Labs who "is particularly interested in academic collaboration regarding this English Wikipedia dataset."

Slashdot reader horrido shares an article that "has done more for Smalltalk advocacy than any other article in memory." It was the second-most popular article of the year on the Hewlett Packard Enterprise site TechBeacon (recently passing 20,000 views), with Richard Eng, the founder of the nonprofit Smalltalk Renaissance, arguing that the 44-year-old language is much more than a tool for teachers -- and not just because Amber Smalltalk transpiles to JavaScript for front-end web programming. It's a superlative prototyping language for startups. It's an industrial-strength enterprise language used by businesses both big and small all around the globe... Smalltalk's implementation of the object-oriented paradigm is so excellent that it has influenced an entire generation of OO languages, such as Objective-C, Python, Ruby, CLOS, PHP 5, Perl 6, Erlang, Groovy, Scala, Dart, Swift, and so on. By learning Smalltalk, you'll understand how all of those useful features in today's OO languages came to be.
The article also argues that Smalltalk pioneered just-in-time compilation and virtual machines, the model-view-controller design paradigm, and to a large extent, even test-driven development. But most importantly, Smalltalk's reliance on domain-specific languages makes it "the 'purest' OO, and one of the earliest... It is often said that programming in Smalltalk or Python is rather like Zen; your mind just flows effortlessly with the task. This is the beauty and value of language simplicity, and Smalltalk has this in spades... Smalltalk, by virtue of its object purity and consistency, will give you a profoundly better understanding of object-oriented programming and how to use it to its best effect."

An anonymous reader writes from a report via BleepingComputer: A security flaw discovered in a common PHP class allows knowledgeable attackers to execute code on a website that uses a vulnerable version of the script, which in turn can allow an attacker to take control over the underlying server. The vulnerable library is PHPMailer, a PHP script that allows developers to automate the task of sending emails using PHP code, also included with WordPress, Drupal, Joomla, and more. The vulnerability was fixed on Christmas with the release of PHPMailer version 5.2.18. Nevertheless, despite the presence of a patched version, it will take some time for the security update to propagate. Judging by past incidents, millions of sites will never be updated, leaving a large chunk of the Internet open to attacks. Even though the security researcher who discovered the flaw didn't publish any in-depth details about his findings, someone reverse-engineered the PHPMailer patch and published their own exploit code online, allowing others to automate attacks using this flaw, which is largely still unpatched due to the holiday season.

Samsung may only be in the planning stages for its Note7-disabling update in South Korea, but over in the U.S. things are in full swing. The company announced earlier this month that such an update would be sent out to all remaining Note7 units in the US starting on December 19. And now it's time for the first of the big four carriers to push the software to devices it's sold. From a report: That carrier is T-Mobile, which is starting the rollout today. The update will prevent the handset for charging, and will display a notification with information about Samsung's Galaxy Note7 recall and the steps needed to return the device. The build number for the update is N930TUVU2APL2.

HandBrake, popular open source video transcoder, has finally hit version 1.0.0 affter spending roughly more than 13 years in development. HandBrake 1.0.0 brings tons of new presets and support for more devices and file types. From a report: HandBrake 1.0.0 comes with new web and MKV presets. The official presets from HandBrake 0.10.x can be found under 'Legacy.' New Jason-based preset system, including command line support, has been added. The additional features of HandBrake are title/chapter selection, queuing up multiple encodes, chapter markers, subtitles, different video filters, and video preview. Just in case you have a compatible Skylake or later CPU, Intel QuickSync Video H.265/HEVC encoder support brings performance improvements. HandBrake 1.0.0 also brings along new online documentation beta. It's written in a simple and easy-to-understand language.You can download it here.

An anonymous reader quotes a report from SFGate: Uber is moving its self-driving pilot to Arizona, one day after the California Department of Motor Vehicles ordered the autonomous vehicles off the roads in San Francisco. "Our cars departed for Arizona this morning by truck," an Uber spokeswoman said Thursday afternoon in a statement. "We'll be expanding our self-driving pilot there in the next few weeks, and we're excited to have the support of Governor Ducey." After starting its San Francisco pilot on Dec. 14, the ride-hailing company angered the mayor and officials at the DMV by refusing to get a permit to operate its self-driving cars. And so, around noon on Thursday, a fleet of Uber self-driving cars passed through the South of Market area on the backs of several flat-bed trucks. Commuters gawked at the fleet with their distinctive hoods, backing up traffic as the convoy slowly drove by. In a statement Thursday, Arizona Governor Doug Ducey called California's regulations "burdensome" and said Arizona welcomes Uber's self-driving car pilot with "open arms." "While California puts the brakes on innovation and change with more bureaucracy and more regulation, Arizona is paving the way for new technology and new businesses," he said. It is unclear which city -- or cities -- the cars are headed to.

Gandalf_the_Beardy quotes a report from The Register: The Register reports on the story of Jim Giercyk, an amateur radio enthusiast who had his copy of the popular Ham Radio Deluxe (HRD) software revoked after posting a negative review. Other radio hams have followed up with us regarding claims that this was not an isolated incident and others may have had their license keys blacklisted for being publicly critical of the company. And just to be clear: by blackballing keys, installed copies of the software stop working. Giercyk, a professional musician in South Carolina, U.S., says that after his dealings with HRD Software (which has since reinstated his software key) and the statement made by the developer's co-owner Dr Michael Carper, he takes issue with claims made by the company. Giercyk, aka N2SUB, told us on Tuesday: "The issue is not the refusal of service, the issue is that HRD disabled my software, and then offered to enable it in exchange for the removal of an online review of their product. It's extortion, not refusal of service." Giercyk also said that since he went public about his blacklisting last week, he has received messages from other users who have stories of their software keys being revoked by HRD without their knowledge for speaking up about having a bad support experience. A number of other readers pointed out a collection of bad reviews posted on hobbyist site eHam by customers who had their license keys blacklisted. HRD told us some of those users could have written their assessments after requesting a refund and deactivating their software, thus their licenses will appear revoked. Meanwhile, Reddit threads and follow-up discussions to Giercyk's catalyst forum post reveal similar stories of keys being revoked after critical comments about Ham Radio Deluxe have appeared online. Other sources allege some amateur radio forums have in the past deleted posts critical of HRD.

Long-time Slashdot reader emil writes about how ADUPS, an Android "firmware provisioning" company specializing in both big data collection of Android usage and hostile app installation and/or firmware control, has been found pre-loaded on Barnes and Noble's new $50 tablet: ADUPS was recently responsible for data theft on BLU phones and an unsafe version of the ADUPS agent is pre-loaded on the Barnes and Noble BNTV450. ADUPS' press releases claim that Version 5.5 of their agent is safe, but the BNTV450 is running 5.2. The agent is capable of extracting contacts, listing installed apps, and installing new apps with elevated privilege. Azzedine Benameur, director of research at Kryptowire, claims that "owners can expect zero privacy or control while using it."

An anonymous reader quotes a report from Ars Technica: The U.S. electric grid continued to transform in 2016. No new coal plants were added, and solar became the top new source of generating capacity. Combined with wind, a small bit of hydro, and the first nuclear plant added to the grid in decades, sources that generate power without carbon emissions accounted for two-thirds of the new capacity added in 2016. These numbers come from the U.S. Energy Information Administration, which asked utilities about what sources they expected to have online at the end of the year. These numbers typically show a burst of activity in December, as projects are raced to completion to take advantage of the tax benefits of reaching operational status in the current year. Overall, the EIA recorded 26 GW of new capacity added to the grid in 2016. This includes a small amount (0.3GW) of new hydropower and a smattering of projects collected under "other" that produce a similar magnitude. Notably absent from the list is coal. Also absent is distributed solar, meaning panels installed on homes and other small-scale projects. Distributed solar accounted for about 2GW of new capacity in 2015, and the EIA notes that the incentives for these projects haven't changed considerably in 2016. Even without that 2GW, solar comes out on top, with 9.5GW of new additions this year. At 8GW, natural gas comes in second place on the EIA's list, followed by wind at 6.8GW. Thanks to the opening of a new reactor at Watts Bar in Tennessee, nuclear also joins the list for the first time in years, adding 1.1GW of capacity. Combined, wind, nuclear, hydro, and solar account for 68 percent of the new additions, making 2016 a low-carbon year for the U.S. grid. Assuming distributed solar this year is similar to its 2015 levels, the percentage of new non-fossil generation goes up above 70.

The penis bone can be as long as a finger in a monkey and two feet long in a walrus, but the human male has lost it completely. According to a new report published in Proceedings of the Royal Society, the lack of a penis bone in human males may be a consequence of monogamy and quick sex. The Guardian reports: Known as the baculum to scientists with an interest, the penis bone is a marvel of evolution. It pops up in mammals and primates around the world, but varies so much in terms of length and whether it is present at all, that it is described as the most diverse bone ever to exist. Prompted by the extraordinary differences in penis bone length found in the animal kingdom, scientists set out to reconstruct the evolutionary story of the baculum, by tracing its appearance in mammals and primates throughout history. They found that the penis bone evolved in mammals more than 95 million years ago and was present in the first primates that emerged about 50 million years ago. From that moment on, the baculum became larger in some animals and smaller in others. Kit Opie who ran the study with Matilda Brindle at University College London, said that penis bone length was longer in males that engaged in what he called "prolonged intromission." In plain English, that means that the act of penetration lasts for more than three minutes, a strategy that helps the male impregnate the female while keeping her away from competing males. The penis bone, which attaches at the tip of the penis rather than the base, provides structural support for male animals that engage in prolonged intromission. Humans may have lost their penis bones when monogamy emerged as the dominant reproductive strategy during the time of Homo erectus about 1.9 million years ago, the scientists believe. In monogamous relationships, the male does not need to spend a long time penetrating the female, because she is not likely to be leapt upon by other amorous males. That, at least, is the theory.

An anonymous reader quotes Recode: Technology that replaces food service workers is already here. Sushi restaurants have been using machines to roll rice in nori for years, an otherwise monotonous and time-consuming task. The company Suzuka has robots that help assemble thousands of pieces of sushi an hour. In Mountain View, California, the startup Zume is trying to disrupt pizza with a pie-making machine. In Shanghai, there's a robot that makes ramen, and some cruise ships now mix drinks with bartending machines.

More directly to the heart of American fast-food cuisine, Momentum Machines, a restaurant concept with a robot that can supposedly flip hundreds of burgers an hour, applied for a building permit in San Francisco and started listing job openings this January, reported Eater. Then there's Eatsa, the automat restaurant where no human interaction is necessary, which has locations popping up across California.