Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×

Submission + - Nasty Security Flaw In OAuth, OpenID Discovered (cnet.com)

Submitted by jones_supa
jones_supa writes: Notable security vulnerability has been discovered which impacts both OAuth and OpenID, which are software packages that provide a secure delegated access to websites. Wang Jing, a Ph.D student at the Nanyang Technological University in Singapore, discovered that the 'Covert Redirect' flaw can masquerade as a login popup based on an affected site's domain. Covert Redirect is based on a well-known exploit parameter. For example, someone clicking on a malicious phishing link will get a popup window in Facebook, asking them to authorize the app. Instead of using a fake domain name that's similar to trick users, the Covert Redirect flaw uses the real site address for authentication. If a user chooses to authorize the login, personal data will be released to the attacker instead of to the legitimate website. Wang did already warn a handful of tech giants about the vulnerability, but they mostly dodged the issue. In all honesty, it is not trivial to fix, and any effective remedies would negatively impact the user experience. Users who wish to avoid any potential loss of data should be careful about clicking links that immediately ask you to log in to Facebook or Google, and be aware of this redirection attack.

Submission + - E.T. Found In New Mexico Landfill (kotaku.com) 1

Submitted by skipkent
skipkent writes: One of the most infamous urban legends in video games has turned out to be true.P

Digging in Alamogordo, New Mexico today, excavators discovered cartridges for the critically-panned Atari game E.T., buried in a landfill way back in 1983 after Atari couldn't figure out what else to do with their unsold copies. For decades, legend had it that Atari put millions of E.T. cartridges in the ground, though some skeptics have wondered whether such an extraordinary event actually happened.
Music

ASCAP Seeks Licensing Fees For Guitar Hero Arcade 146

Posted by Soulskill from the understanding-is-too-much-effort dept.
Self Bias Resistor writes "According to a post on the Arcade-Museum forums, ASCAP is demanding an annual $800 licensing fee from at least one operator of a Guitar Hero Arcade machine, citing ASCAP licensing regulations regarding jukeboxes. An ASCAP representative allegedly told the operator that she viewed the Guitar Hero machine as a jukebox of sorts. The operator told ASCAP to contact Raw Thrills, the company that sells the arcade units. The case is ongoing and GamePolitics is currently seeking clarification of the story from ASCAP."
Sci-Fi

Forry Ackerman Dead At 92 83

Posted by kdawson from the famous-monsters-wave-bye-bye dept.
rrohbeck was one of several readers to note the passing of Forrest J. Ackerman at the age of 92. Ackerman, who coined the term sci-fi in 1954, has been called the 'world's biggest fan.' Over a long career he acted as literary agent for Isaac Asimov, A.E. van Vogt, Hugo Gernsback, and L. Ron Hubbard; he published Ray Bradbury's first short story in a fan magazine in 1938. Ackerman wrote over 2,000 articles and short stories, including, oddly enough, lesbian fiction in the 1940s. In recent years, mounting health bills forced him to sell his home, the 'Ackermansion,' and most of the 300,000 items of memorabilia it stored.

Slashdot Top Deals

System going down in 5 minutes.

Close