jmcbain writes: I am an software engineer for a client-server user account system handling both Web and smartphone clients. I have been searching for definitive and crystal-clear best practices for managing user account and password data using open-source software, but I have only cobbled together a complete picture from dozens of websites. I currently have a system that sends passwords over SSL and performs bcrypt hashing for storage and authentication checking at the server side. Is that good enough? The recent Ashley Madison breach and the exposure of MD5-hashed passwords (as opposed to bcrypt) has me worried again. Can someone please suggest a definitive, cookbook-style Web resource or book on how to use open-source software to handle user passwords for multiple client-server scenarios? I would like answers to questions such as: Where do I perform hashing (smartphone/web client or server)? What hash algorithm should I use? How do I store the hashes? How can clients recover forgotten passwords? etc.

An anonymous reader writes: NASA has announced that it's partnering with Harmonic to launch a new TV channel that delivers video at 4k resolution (4096x2160). The channel is called NASA TV UHD, and it'll go live on November 1. Content will be generated by cameras at the International Space Station and on other NASA missions, as well as any 4K content they can remaster from old footage.

alphadogg writes: It was retail remodeling that spurred NCR, a venerable cash-register company, to find out how it could use newly opened frequencies to link registers and mainframes without wires. Its customers wanted to stop drilling new holes in their marble floors for cabling every time they changed a store layout. In 1985, the U.S. Federal Communications Commission voted to leave large blocks of spectrum unlicensed and let vendors build any kind of network they wanted as long as they didn't keep anyone else from using the frequencies. NCR jumped at the chance to develop a wireless LAN, something that didn't exist at the time, according to Vic Hayes, a former engineer at the company who's been called the Father of Wi-Fi.

aglider writes: The newest stable iteration of the famous and glorious OpenWRT has just been released in the wild for all the supported architectures. The latest version is 15.05, codenamed "Chaos Calmer" after a cocktail drink, just like all previous ones. Major changes from the official announcements: "Linux kernel updated to version 3.18. Improved Security Features. Rewritten package signing architecture based on ed25519. Added support for jails. Added support for hardened builds. Improved Networking Support. Platform and Driver Support." For the full details you are welcome on the forums while the firmware itself and extra packages are available from the distribution servers.

An anonymous reader writes: The U.S. National Highway Traffic Safety Administration, Department of Transportation, and Institute for Highway Safety announced today a landmark agreement from 10 of the world's biggest automakers to include automatic emergency braking on all new vehicles as a standard safety feature. The car manufacturers are: Audi, BMW, Ford, General Motors, Mazda, Mercedes Benz, Tesla, Toyota, Volkswagen and Volvo. "Automatic emergency braking includes a range of systems designed to address the large number of crashes, especially rear-end crashes, in which drivers do not apply the brakes or fail to apply sufficient braking power to avoid or mitigate a crash. AEB systems use on-vehicle sensors such as radar, cameras or lasers to detect an imminent crash, warn the driver and, if the driver does not take sufficient action, engage the brakes."

Zothecula writes: Police officers are trained to shoot for the center of mass, not necessarily to kill, but to stop – although the end result can often be one and the same. "The Alternative" is designed to give officers a less lethal option in the form of a clip-on "air bag" for semiautomatic pistols that reduces the velocity of a standard round to make it less lethal. At the front of the bright orange carrier is a hollow sphere made of a proprietary alloy that catches the bullet and firmly embeds it as it leaves the barrel. The ball and bullet fuse, slowing the round by 80 percent. At this speed, the ball-encased round is less likely to penetrate flesh, but it will transfer enough kinetic energy across a wide surface to knock a suspect down with less chance of a lethal outcome.

1sockchuck writes: RagingWire has begun building a 1 million square foot data center campus in the Telecom Corridor north of Dallas. Data centers have been growing in scale for years, but this project reflects the extent to which massive amounts of computing power are being concentrated in regional hubs. This super-sizing of data center campuses allows cloud platforms (and the data center providers that serve them) to rapidly add server capacity and electric power.

New submitter mutherhacker writes: A group from Osaka University in Japan and McMaster University in Canada have presented a method to control a virtual 3D object using a smartphone [video]. The method was primarily designed for presentations but also applies to virtual reality using a head mounted display, gaming or even quadrocopter control. There is an open paper online as well as a git repository for both the client and the server. The client smartphone communicates with the main computer over the network with TUIO for touch and Google protocol buffers for orientation sensor data.

You can't teach all programming by using Minecraft to keep kids interested, but you can use Minecraft, Java, and Eclipse to give them a good start. That's what Tyler Kilgore and his colleagues at GameStart are doing. Watch today's video (number 1), tomorrow's video (number 2) and read both days' transcripts for the full scoop.

StartsWithABang writes: At the end of the 19th century, Lord Kelvin famously said, "There is nothing new to be discovered in physics now. All that remains is more and more precise measurement." He was talking about how Newtonian gravity and Maxwell's electromagnetism seemed to account for all the known phenomena in the Universe. Of course, nuclear physics, quantum mechanics, general relativity and more made that prediction look silly in hindsight. But in the 21st century, the physics of the Standard Model describes our Universe so well that there truly may be nothing else new to find not only at the LHC, but at any high-energy particle collider we could build here on Earth. If there are no new particles found below about 2–3 TeV in energy—particles that the LHC should detect if they’re present—it’s a reasonable assumption that there might not be anything new to find until energy scales of 100,000,000 TeV or more. And even if we build a particle accelerator to the fullest capacity of our technology around the equator of the Earth, we still couldn’t reach those energies.

An anonymous reader writes: The next browser battle is upon us. Edge has been out for more than a month, and its two biggest competitors have received significant updates: Chrome 45 and Firefox 40. This article puts all three through their paces, and each manages to win a few tests. Edge convincingly won the JetSteam and SunSpider JavaScript benchmarks, while also eking out a victory in Google's Octane test. Chrome was victorious in Mozilla's Kraken benchmark for JavaScript performance, while also edging out Firefox in HTML5Test and the Oort Online WebGL test. Firefox won the WebXPRT test that combines HTML5 and JavaScript performance, and also the Peacekeeper test for general browser performance. There's no clear dominant browser for performance, and none of the three are obvious laggards, either. Browser competition seems to be in a good place right now.

Flash Modin writes: NASA has poured considerable time and resources into Ridley Scott's The Martian — perhaps more than any other movie in history — going so far as to time a Mars human landing site selection workshop to coincide with the film. Jim Green, NASA's head of planetary sciences, was one of the consultants, with other astronomers fact checking every aspect of the set and script. The rockets, modules, and space suits were built — and 3-D printed — with heavy guidance from NASA. The filmmakers even hired Rudi Schmidt, former project manager of the European Space Agency's Mars Express spacecraft, to test the experiments done in the movie, including turning water into rocket fuel — which works. And, on the eve of The Martian's premiere at the Toronto International Film Festival this weekend, some of those scientists believe that this obsessive adherence to science fact will be enough to make NASA's Journey to Mars real for Americans. The space agency needs a Hail Mary because, in truth, the real program is nowhere near ready for prime time.

New submitter autonomous_reader writes: Ars Technica has a story on this week's Intelligence & National Security Summit, where CIA Director John Brennan and FBI Director James Comey had a lot to say about the resistance of the American public to government cyber spying and anti-encryption efforts. Blaming resistance on "people who are trying to undermine" the intelligence mission of the NSA, CIA, and FBI, John Brennan explained it was all a "misunderstanding." Comey explained that "venom and deep cynicism" prevented rational debate of his campaign for cryptographic backdoors.

An anonymous reader writes with an update to the news we discussed in July that a small library in New Hampshire would be used as a Tor exit relay. Shortly after the project went live, the local police department received an email from the Department of Homeland Security. The police then met with city officials and discussed all the ways criminals could make use of the relay. They ultimately decided to suspend the project, pending a vote of the library board of trustees on Sept. 15. DHS spokesman Shawn Neudauer said the agent was simply providing "visibility/situational awareness," and did not have any direct contact with the Lebanon police or library. "The use of a Tor browser is not, in [or] of itself, illegal and there are legitimate purposes for its use," Neudauer said, "However, the protections that Tor offers can be attractive to criminal enterprises or actors and HSI [Homeland Security Investigations] will continue to pursue those individuals who seek to use the anonymizing technology to further their illicit activity." ...Deputy City Manager Paula Maville said that when she learned about Tor at the meeting with the police and the librarians, she was concerned about the service’s association with criminal activities such as pornography and drug trafficking. "That is a concern from a public relations perspective and we wanted to get those concerns on the table," she said.

An anonymous reader writes: Chinese researchers claim to be able to deduce a person's emotional state using accelerometer data from mobile devices attached to the wrist and ankle. The study recorded baseline data and then comparitive data after showing either disturbing or amusing videos to test subjects. The paper envisages the ultimate development of smartphone and wearable apps capable of providing systematic long-term and short-term data on someone's state of being, based mostly on the movement of the ankle whilst walking. They posit the usefulness of the information in medical applications, but do not address possible unsuitable uses, such as for the purposes of employment assessment or insurance premiums.