SoylentNews

I find this pretty amusing:

http://i.imgur.com/qufh4xI.jpg

If you're not familiar with that Bible verse, here's the text: "You are not to make incisions in your flesh on account of the dead nor submit to cuts or tattoos. I am the LORD." (via http://biblehub.com/leviticus/19-28.htm)

I'm sure the guy intended it ironically but I'm not sure that I'd have paid the price of a tattoo, and permanently altered my skin, to make an ironic point. This is probably why I'm not a hipster...

[Full Title: Worm Rapidly Spreads to Over 84,000 Twitter Users - Now Fixed]

A self-replicating cross-site scripting attack written in a tweet exploited a vulnerability in the application Tweetdeck, spreading via retweets over the course of a few hours.

Ars Technica reports:

Twitter on Wednesday was briefly overrun by a powerful computer worm that caused tens of thousands of users to tweet a message that contained self-propagating code exploiting a bug in the TweetDeck app.

Within a few hours, the cross-site scripting (XSS) attack caused at least 84,700 users to retweet a single message originally transmitted by the user @derGeruhn. The body of the message contained JavaScript commands that caused anyone viewing it in TweetDeck to automatically retweet it. The message spread virally. The more times it was retweeted, the more times it was viewed and retweeted by other people using the vulnerable app. The BBC News Twitter account alone pushed the message to 10.1 million followers.

It's by no means the first time a worm has slithered through Twitter. Worms based on clickjacking exploits and XSS attacks were documented as long ago as 2009 and were also used maliciously in 2011 to spread scam messages.

The out-of-control tweets were the result of a software flaw that prevented TweetDeck from properly filtering code out of messages it displayed. As a result, the app executed JavaScript commands transmitted in message bodies that contained commands for retweeting the message. The episode underscores the vexing difficulty of eliminating XSS vulnerabilities from websites and end-user apps. Even when developers erect defenses that filter out harmful code from user-supplied content, there are frequently ways to circumvent them.

The developers worked quickly to fix the exploit:

Officials with the Twitter-owned TweetDeck declared the bug fixed shortly after it surfaced. They later suspended service to investigate further and finally verified the fix and restored service.

The report contains several links to previous attacks, within Twitter and without, and the official statements.

Article Page

So I was just about to install Words With Friends on my android phone, but then it popped up with the list of app permissions that the game requires.

Identity - Who I am
Contacts/Calendar - Everyone I know, and/or what my schedule looks like
Location - Where I am/have been
SMS - What I am saying via text (And also send them)
Photos/Media/Files - All the pictures and music on my phone
Wifi connection information - Everything about any wifi access points I connect to
Device ID & call information - What kind of phone I have, and who/when I have called

All I want to do is destroy my coworker with my immense vocabulary, but now I feel like I need to bust out a tinfoil hat just to download the game.

Now I am not so sure, I mean, why does a Scrabble knockoff need to know everything about me? Is that weird, or am I suddenly paranoid?

[Full Title: Court Allows Google's University Book Scanning Sans Author Permission]

Ars Technica has a piece on the ruling:

A federal appeals court on Tuesday upheld the right of universities, in conjunction with Google, to scan millions of library books without the authors' permission.

The 2nd US Circuit Court of Appeals, ruling in a case brought by the Authors Guild and other writers' groups, argued that the universities were not breaching federal copyright law, because the institutions were protected by the so-called "fair use" doctrine. More than 73 percent of the volumes were copyrighted.

The guild accused 13 universities in all of copyright infringement for reproducing more than 10 million works without permission and including them in what is called the HathiTrust Digital Library (HDL) available at 80 universities. The institutions named in the case include the University of California, Cornell University, Indiana University, and the University of Michigan.

Those with "certified print disabilities" like the blind may access the complete scanned works, which the New York-based appeals court also found are preserved indefinitely because of their digital reproduction. Those without disabilities may only search keywords in the books unless an author grants greater permission.

The full ruling may be found here.

Merged Article Page

For a while now I've had a little bot running in the #rss-bot channel on irc.soylentnews.org and a few people have asked how to contact me to suggest additional RSS feeds or possible improvements etc. (Thanks Bytram, for jogging my memory to do something regards that).

So to that end - if you have any such suggestions please reply to this Journal entry with them and provided they are something within the bounds of sanity, reality and my ability then I will endeavour to incorporate them.

This one is for the regular submitters...

When submitting to SN (and previously I guess, /.) what do you use to quickly write up your summaries and insert/check your embedded links? Do you just use the text box on the Submit Story page, or do you use something else offline or online?

Reason I ask - I've been pipped to the post attempting to submit stories a few times now as I'm clearly spending too much time formatting my submission. :(

All thoughts on this and how to improve my workflow greatly appreciated. :)

During the CD Projekt RED and GOG.com Summer Conference, GOG (Previously, Good Old Games) announced their plans to release GOG Galaxy.

From GOG.com's News section:

GOG Galaxy [is] a truly gamer-friendly, 100% DRM-free online gaming platform that will finally provide the GOG.com community with the easy option to play together online. GOG Galaxy will allow you to share your achievements, stay in touch with your pals and get the updates for your games automatically.

One may think this will lead to client lock-in with mandated use, but:

here's the great thing: it is totally optional, so it's all up to you! If you do not want to play online, or use our optional client to access these features, then no worries, you will always be able to play the single-player mode 100% DRM-free, and download manually the latest updated version of your favorite title from our website.

They go on to describe cross-play:

We always believed in an open world for gamers, with no obligation to be tied to a specific platform or client; and this is why GOG Galaxy will allow gamers to play with their buddies who use Steam, without any need to use any 3rd party client or account, nothing, nada. We're taking care of connecting GOG.com and Steam players, so just sit back, relax and give it a try.

Signing up on the Galaxy page appears to queue you for the beta of both Galaxy and the first game to use it, The Witcher Adventure Game.

Article page

Previous Articles:

GPU Interconnect Created for Faster Supercomputing

Canada's Big Carriers Appear to be Price Fixing

So, it appears we have quite a community of DF players here at SN, and enough I think to warrent getting a succession game going. For those who are unaware, succession games are when one plays for one year (Spring to Spring traditionally), then passes off the fort to the next player in line. Boatmurdered is perhaps the most famous of the succession games ever done, though there are others, such as Battlefailed, Failcannon, and .

I'm interested in doing this, especially since it requires relatively little in infrastructure to setup. I'd like to do it on SN itself, perhaps either with a shared account as journals, or just creating a new section on the site. Obviously I'm going to have to tweak the codebase to allow images, and it gives a way to help build our community out. So, if we do this, here's what we need to decide:

• What version of DF? 2012, or wait for the new release

• What type of biome?

• Any mods?

And probably some other stuff. I've been playing a fort which is at war with the elves, and I find its quite a bit of fun since you regularly get seiged, and requires that we have a badass military to survive (and there are ways, even in stock, to get military training to work and start churning out Lords and Masters relatively quickly.

I recommend we apply bugfixes to the raws such as elven treecap diplomacy, and human merchants, which seriously helps getting the supplies we need. I've had good look with Accelerated Modest Mod for bug fixes, and preventing FPS death even in crud hardware so its my vote if we just don't go vanilla. I also recommend we also use all the DFHack fixes (the patrol bug one is almost essential).

Post below if you're interested, turn list is first come, first serve, but you can sign up for a second turn after your first (likely necessary since I expect only 5-6 players). Regular updates, and timely turns are a must as well. Beyond that, the sky is the limit.

Here is a preview of upcoming changes to SoylentNews that are scheduled to go live on 6-1.

• New user selectable themes, including a Night Mode. Themes are now CSS based and use no images for effects.
• New collapsible comment with the Improved Threaded mode. (Will be set as default for all users that have Threaded or Nested set. You can change it back if you dislike it.)
• New message display that shows all messages in reverse chronological order as a full message (now without the email footer). Also set the Daily Newsletter to be off for new users.
• Removed a bunch of unneeded code that will make page loading faster.
• Static pages (FAQ and About) are now dynamic and show the proper user menu and theme.
• RSS now encoded properly.
• Preferences update to make pages work together better. (Most of the work was on the admin side so most of you will never see the bulk of the changes.) Also fixed a issue with the Homepage Prefs where the reset to default would not set everything to the defaults.
• Updates to the Submissions system. The pages look better and now you past submissions are organized better.
• Login system updated to allow passwords with unlimited lengths and user names of upto 35 characters.
• Slashboxes fixed so that they show properly when you change your Homepage settings.
• Pollbooth updates to make pages look better.
• Fixed issue with long words and page elements overflowing their parent divs by adding word-wrap: break-word; to the css.
• And a bunch of smaller fixes that you will be sure to notice.

While not everything has been fixed we are making progress. If you want to check the changes out now go to http://dev.soylentnews.org. If you signed up on SN before 4-1 your account is already on dev and you can log in if you care to.

Two of my favorite authors: Link

More on Snowden, Greenwald, et al. Link

Still more on Snowden: A TV interview? Link

Cognitive Bias Parade: Link

David Brin: Brave Citizenship beats a Scorched Earth Policy Link Watch out for Dr. Brin, he generally doesn't contain blog posts to one topic.

Snowden again, now with embedded video: Link