Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×

Submission + - Ubuntu Edge Project Fails to Meet Crowdfunding Goal (slashdot.org)

Submitted by Nerval's Lobster
Nerval's Lobster writes: The crowdfunding campaign to build an Ubuntu-powered smartphone has fallen short of its ambitious goal. Canonical, which works with the open-source community to support Ubuntu worldwide, decided to fund its Ubuntu Edge smartphone via crowdfunding Website Indiegogo. The funding goal was set at $32 million, and at first it looked as if the project had enough momentum to actually succeed: within the first 24 hours of the project’s July 22 launch, some $3.45 million had poured in. But that torrent of cash soon slowed to a trickle. In the end, the campaign managed to amass $12,809,906 by its August 21 closing. Nonetheless, Canonical did its best to put a brave face on the situation. “While we passionately wanted to build the Edge to showcase Ubuntu on phones, the support and attention it received will still be a huge boost as other Ubuntu phones start to arrive in 2014,” the organization wrote in a posting. “Thousands of you clearly want to own an Ubuntu phone and believe in our vision of convergence, and rest assured you won’t have much longer to wait.”

Submission + - One-Click Escape From the Internet Explorer Sandbox

Submitted by Trailrunner7
Trailrunner7 writes: Software vendors often give intentionally vague and boring names to the updates they use to fix security vulnerabilities. The lamer the name, the less attention it may attract from attackers looking to reverse-engineer the patch. There was one patch in Microsoft’s August Patch Tuesday release earlier this month that fit that bill, MS13-059, Cumulative Security Update for Internet Explorer. But hidden inside the big fix was a patch for a vulnerability that enabled a one-click escape of the IE sandbox.

The vulnerability was discovered by researcher Fermin J. Serna, a former Microsoft security engineer, and it takes advantage of the way that IE handles some command line options in certain conditions. Serna found that the ElevationPolicy in IE will treat the Microsoft Diagnostic Tool (msdt.exe) as a medium-integrity process if the user requests it to do so. In IE, Protected Mode is the sandbox that is designed to prevent attackers from being able to use one bug in a low-level process to compromise the machine.

“Assuming you have code execution at the sandboxed process though some other bug (let’s say the common use after free problem all browsers suffer) then it is not easy but trivial. This sandbox escape vulnerability is not a memory corruption that can fail but a logical one that does not fail. The only requirement is the attacked user has to click a “continue” button on a dialog with attacker controlled messages. This is the reason for a one click versus a full 0 click where the user does not see anything,” Serna said via email.

Comment My predictions.... (Score 1) 582

I predict a massive influx of John Does names in Huffington's future. Even Google had to back off on the real name shit. I also predict that the depth of conversation will become much shallower. Many people have viewpoints that they would rather not share with family, employers, and potential employers.

Submission + - New canon-faithful Star Trek series is in pre-production. (indiegogo.com)

Submitted by Anonymous Coward
An anonymous reader writes: Star Trek veterans such as Walter Koenig (Pavel Chekov), Tim Russ (Tuvok), Robert Picardo (the Doctor) and others are busy in pre-production of a professionally produced pilot episode for a suggested new online Star Trek series named Star Trek: Renegades, which will be faithful to the original Star Trek canon. The events of the series are placed a decade after Voyager's return from Delta Quadrant. They have also opened an Indiegogo campaign, seeking more funds from Star Trek fans to help make the production even more professional.

Comment Re:I call Junk Science (Score 1) 287

by TrentTheThief (#44615879) Attached to: Soda Makes Five-Year-Olds Break Your Stuff, Science Finds

Yep. It's not so much thirst as it is to get that first big hit of caffeine to light me off in the morning (0530). After I finish that bottle, I generally don't have anything else to drink during the day until I knock off (~1530-1600).

I am due for bloodwork and I'll ask the doc to check for diabetes, too.

Comment I call Junk Science (Score 1) 287

by TrentTheThief (#44594085) Attached to: Soda Makes Five-Year-Olds Break Your Stuff, Science Finds

I've been a heavy drinker for 50 years. I never went around attacking people or getting into arguments or randomly destroying shit just for kicks.

I enjoy a few liters of diet coke every day. When I was younger, I drank a few 12-16 oz bottles of sugared pepsi, root beer, ginger ale, or cream soda just about ever day. Maybe a couple more in the summer time.

IMHO, they're just poking at shit to see what the gullible will accept so that they can wring out some grant money from politicians pandering to their mindless constituents.

Slashdot Top Deals

You must realize that the computer has it in for you. The irrefutable proof of this is that the computer always does what you tell it to do.

Close