Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security

Submission + - Siemens SCADA Flaws To Be Disclosed at Black Hat (itworld.com)

Submitted by
itwbennett
itwbennett writes: "In May, NSS Labs Researcher Dillon Beresford pulled out of a Dallas hacking conference at the last minute when Siemens was unable to fix problems he'd found in the firmware of its S7 programmable logic controller. Now NSS Labs CEO Rick Moy says Beresford is rescheduled to deliver his talk at Black Hat, which runs Aug. 2-3. Beresford has discovered six vulnerabilities in the S7 that 'allow an attacker to have complete control of the device,' Moy said. Devices like the S7 do things such as control how fast a turbine spins or open gates on dams."
Microsoft

Submission + - Malware scanner finds 5% of Windows PCs infected (winbeta.org) 1

Submitted by
BogenDorpher
BogenDorpher writes: "According to statistics generated by Microsoft's new free malware scanning and scrubbing tool, Safety Scanner, one in every twenty Windows PCs were infected with malware.

Microsoft's Safety Scanner was downloaded 420,000 times in just one week of availability and it cleaned up malware or signs of exploitation from more than 20,000 Windows PCs, according to statistics generated by Microsoft's Malware Protection Center. This resulted in an infection rate of nearly 5%."

Submission + - A better solution to CAPTCHAs? (ottawacitizen.com)

Submitted by Anonymous Coward
An anonymous reader writes: The Ottawa Citizen's article on HIVE's alternative to CAPTCHAs. No more mangled words you can't read and annoying typing in of text you think might be right if you are lucky! (Slashdot software devs, take note!) You can take a test drive at http://www.hive-secure.com/. It's still not an invisible authentication that you aren't a bot, but its better than the current method by a big bit.

Subby notes that he had to prove himself with just such an annoying text cap to submit this story!
Apple

Submission + - Alaska Airlines Jettisons Paper Manuals (engadget.com)

Submitted by fullymodo
fullymodo writes: "Alaska Airlines has become the first major US airline to hop on board the paperless bandwagon. While it's not quite ready to ditch paper navigation charts just yet (though that is under consideration), the airline has announced that it will be replacing its traditional flight manuals with iPads, which will be loaded up with the GoodReader app and PDFs of 41 different manuals and other materials."
So explain why I have to shut off my non-wi-fi-capable ebook reader during take-off and landing?

Submission + - Lodsys after pay wall websites

Submitted by denizb
denizb writes: We are a small company with a website offering paid membership to access our own produced reality show type videos. Non members are able to preview trailers, and then if they like what they see, can purchase a monthly membership to watch our shows via streaming on desktop and mobile platforms.

We have just received the same Infringement notice from Lodsys as the app developers.

They are claiming that they basically invented the internet by asserting that anything that allows for a user to access its content from his or her current physical location, and stores information about said user, and offers a way to sell that user a membership, or product (where the product is full access to the content), is infringing on their patent.

Basically they are claiming to have invented commerce on the internet.

What do?
Science

Submission + - Massive storm erupts on Saturn (cosmosmagazine.com)

Submitted by Anonymous Coward
An anonymous reader writes: A giant early-spring storm in Saturn's northern hemisphere — so powerful that it stretches around the entire planet — has been detected.
Android

Submission + - Android security practices? 1

Submitted by Soft
Soft writes: Smartphone security recommendations seem to boil down to Windows-like practices: install an antivirus, run updates, and don't execute apps from untrusted sources. On my own computers, running Linux, I choose to only install (signed) packages from the distribution's or well-known repositories, or programs I can check and compile myself, or run them as a dedicated user--and I don't bother with an antivirus.

What rules should I adopt on my soon-to-be-bought Android device? Can I use it purely with open-source apps and still make the most of it? Are Android's fine-grained permissions (accessing the network, contacts...) reliable? Can apps be trusted not to scan your files and keyboard for passwords and emails? What precautions do security-conscious Slashdotters take to keep control of their phones?
Security

Submission + - EduHookUps.com Rebooting, Security an Issue (edenfantasys.com) 1

Submitted by
jabberwock
jabberwock writes: "EduHookUps.com, a sex-dating site started at the University of Chicago that has been spreading to campuses across the U.S. since March, is under new management and will effectively be starting over. News on the site indicates that the site, which has prided itself on providing anonymity, may not have been secure. “ all user data generated to date (posts, private messages, etc.) will be reset in the interest of privacy and security. The registration system will be re-enabled, and all current members will need to re-register.” SexIs magazine reports that the domain name was sold for $1,000."
Iphone

Submission + - iPhone Explosion: 5M iOS Games Downloaded Per Day (industrygamers.com)

Submitted by donniebaseball23
donniebaseball23 writes: iPhone gaming has certainly accelerated in the last year or so, and iOS in general has seen a boost from iPod Touch and iPad as well. The numbers are impressive, as new research from Newzoo and Distimo (an App Store analytics firm) shows that games now represent the largest single App-category on Apple App Stores, and account for half of the downloads of both free and paid Apps. Newzoo said that more than five million games were downloaded per day in the U.S. and six major European territories combined during March 2011. There are 63 million iOS gamers in these countries who downloaded an average of 2.5 games per month.
Open Source

Submission + - Teagueduino: Arduino without the soldering (teague.com)

Submitted by Anonymous Coward
An anonymous reader writes: Teagueduino makes Arduino a whole lot easier.

1. There's no soldering required. Inputs and outputs simply snap into place.
2. Realtime programming and feedback shows the effects of changes as they are made.
3. Simple, always-valid code creation means programs always runs (coding by dropdown menus).

And of course, Teagueduino is completely open source.
Nintendo

Submission + - Gameboy Color And Linux Emulated in JavaScript (conceivablytech.com)

Submitted by Anonymous Coward
An anonymous reader writes: Nintendo's Gameboy Color may never have been better: You can now play Gameboy games in your web browser and on some smartphones. You can run Linux as well: a French developer emulates Linux (2.6.20 kernel) complete with a 32-bit x86 CPU, an interrupt controller, interrupt timer as well as serial interface — all within 90 KB.
Education

Submission + - Woz, Chambers, Ballmer deliver commencement talks (networkworld.com) 1

Submitted by alphadogg
alphadogg writes: So far this month Cisco CEO John Chambers has delivered a commencement speech at Duke, while Apple co-founder Steve Wozniak did the same at Michigan State and Microsoft CEO Steve Ballmer did likewise at USC. They were among a slew of tech bigshots in demand at 2011 commencement ceremonies. Among Chambers' advice: Go to the bathroom before you make important decisions. The Woz advised being nice to people to get anywhere in life, and that once a jerk, always a jerk...(videos)
Botnet

Submission + - Coreflood Botnet Shows How ISPs are Clueless (securityweek.com)

Submitted by wiredmikey
wiredmikey writes: Internet Service Providers are maintaining environments in which malicious networks can thrive.

For Example — Coreflood is one of the oldest botnets in operation. It has gained fame due to the intervention the Justice Department recently took to seize control of the expansive botnet. But its impact has been documented for years in various exploits resulting in millions of infected computers and unique bots, stolen banking, credit card, email, and social site passwords.

Coreflood was able to operate continuously due to the lack of accountability of Service Providers and lack of visibility into their networks.

The FBI complaint lists some of the major ISPs that the botnet operators used in their C&C (Command and Control) infrastructure, including: 2 ASNs (Autonomous Systems), 24 domain names (60, including tertiary), 15 DNS Providers, and 18 Registrars.

This information is knowable and can be managed and secured. It’s well past time for ISP scorecards.....[CONTINUED]

Slashdot Top Deals

"It may be that our role on this planet is not to worship God but to create him." -Arthur C. Clarke

Close