Brazilian Geek - Slashdot User

Adobe Confirms PDF Zero-Day, Says Kill JavaScript 211

Posted by timothy on Wednesday April 29, 2009 @03:18PM from the kpdf-has-better-panning-anyhow dept.

CWmike writes "Adobe Systems has acknowledged that all versions of its Adobe Reader, including editions for Windows, the Mac and Linux, contain at least one, and possibly two, critical vulnerabilities. 'All currently supported shipping versions of Adobe Reader and Acrobat, [Versions] 9.1, 8.1.4 and 7.1.1 and earlier, are vulnerable to this issue,' said Adobe's David Lenoe said in a blog entry yesterday. He was referring to a bug in Adobe's implementation of JavaScript that went public early Tuesday. A "Bugtraq ID," or BID number has been assigned to a second JavaScript vulnerability in Adobe's Reader. Proof-of-concept attack code for both bugs has already been published on the Web. Adobe said it will patch Reader and Acrobat, but Lenoe offered no timetable for the fixes. In lieu of a patch, Lenoe recommended that users disable JavaScript in the apps. Andrew Storms, director of security operations at nCircle Network Security, said of the suggestion in lieu of patches, 'Unfortunately, for Adobe, disabling JavaScript is a broken record, [and] similar to what we've seen in the past with Microsoft on ActiveX bugs.'"

The Circus Widens In Aftermath of Pirate Bay Verdict 319

Posted by kdawson on Saturday April 25, 2009 @04:19PM from the buy-me-some-peanuts-and-crackerjacks dept.

MaulerOfEmotards sends along an in-depth followup, from the Swedish press, of our discussion the other day about the biased trial judge in the Pirate Bay case. "The turmoil concerns Tomas Norström, the presiding judge of The Pirate Bay trial, who is suspected of bias after reports surfaced of affiliation with copyright protection organizations. For this he has been reported to the appeals court (in Swedish; translation here). The circus around the judge is currently focused on three points. First, his personal affiliation with at least four copyright protection organizations, a state the potential bias of which he himself fails to see and refuses to admit. Secondly, Swedish trials use a system of several lay assessors to supervise the presiding judge. One of these, a member of an artists' interest organization, was forced by Mr. Norström to resign from the trial for potential bias. The judge's failure to see the obvious contradiction in this (translation) casts doubts on his suitability and competence. Thirdly, according to professor of judicial sociology Håkan Hydén (translation), the judge has inappropriately 'duped and influenced the lay assessors' during the trial: 'a judge that has decided that "this is something we can't allow" has little problem finding legal arguments that are difficult for assisting lay assessors to counter.'" Click the link below to read further on Professor Hydén's enumeration of "at least three strange things in a strange trial." On a related note, reader Siker adds the factoid that membership in the Pirate Party exploded 150% in the week following the verdict. The Pirate Party now surpasses in size four smaller parties in Sweden, and is closing in on a fifth. Political fallout could ensue as soon as June, when an election for EU parliament will be held.

Judge In Pirate Bay Trial Biased 415

Posted by CmdrTaco on Thursday April 23, 2009 @08:48AM from the aren't-we-all dept.

maglo writes "The judge who handed down the harsh sentence to the four accused in the The Pirate Bay trial was biased, writes Sveriges Radio (Sweden Public Radio): sr.se (swedish). Google translation. The judge is member of two copyright lobby organizations, something he shares with several of the prosecutor attorneys (Monique Wadsted, Henrik Pontén and Peter Danowsky). The organizations in question are Svenska Föreningen för Upphovsrätt (SFU) and Svenska föreningen för industriellt rättsskydd (SFIR)."

Comment Oh good god... (Score 1) 1582

by Brazilian Geek on Wednesday April 01, 2009 @09:39AM (#27415183) Attached to: Slashdot Launches User Achievements

I never understood achievements in games, they seem to me like a cheap way to add replayability, and now it's come to Slashdot.

What does replayability (or whatever else achievements are meant to give) mean for a site that's "news for nerds" and random microsoft bashing?

Comment I liked it (Score 1) 852

by Brazilian Geek on Sunday March 22, 2009 @06:50PM (#27292225) Attached to: Battlestar Galactica Comes To an End

As has been said, it was an emotional ending.

Its plot may have been weak and some promised answers never came but I feel good that it's over now and I got to see my favorite characters reach a place to call home.

I know I'm not the only one that feels this way but an ending that wraps up a voyage as long as Galactica's with humanity surviving is quite nice.

Jacket Lets You Feel the Movies 111

Posted by CmdrTaco on Thursday March 19, 2009 @11:03AM from the hands-of-doctor-manhattan dept.

sp3cialk79 writes "Researchers from Philips Electronics plan to describe a jacket they have lined with vibration motors to study the effects of touch on a movie viewer's emotional response to what the characters are experiencing. 'People don't realize how sensitive we are to touch, although it is the first sense that fetuses develop in the womb,' says Paul Lemmens, a Philips senior scientist who will be presenting research done using the jacket at the IEEE-sponsored 2009 World Haptics Conference in Salt Lake City. The jacket contains 64 independently controlled actuators distributed across the arms and torso. The actuators are arrayed in 16 groups of four and linked along a serial bus; each group shares a microprocessor. The actuators draw so little current that the jacket could operate for an hour on its two AA batteries even if the system was continuously driving 20 of the motors simultaneously."

DIY Space Photography 106

Posted by samzenpus on Wednesday March 18, 2009 @04:33PM from the exploring-on-a-budget dept.

Four Spanish teenagers sent a camera-operated weather balloon into the stratosphere. The boys built the electronic sensor components from scratch. Gerard Marull Paretas, Sergi Saballs Vila, Marta Gasull Morcillo and Jaume Puigmiquel Casamort attached a £56 camera to a heavy duty £43 latex balloon, and sent their science project 20-miles above the Earth. Team leader Gerard Marull, 18, said, "We were overwhelmed at our results, especially the photographs, to send our handmade craft to the edge of space is incredible."

Are Quirky Developers Brilliant Or Dangerous? 1134

Posted by CmdrTaco on Monday March 16, 2009 @10:14AM from the hey-wait-a-minute dept.

jammag writes "Most developers have worked with a dude like Josh, who's so brilliant the management fawns over him even as he takes a dump in the lobby flowerpot. Eric Spiegel tells of one such Josh, who wears T-shirts with offensive slogans, insults female co-workers and, when asked about documentation, smirks, "What documentation?' Sure, he was whipsmart and could churn out code that saved the company millions, but can we please stop enabling these people?"

Finnish Guy Gets Prosthetic USB Finger Storage 113

Posted by samzenpus on Friday March 13, 2009 @03:39PM from the I'd-still-choose-a-shotgun-leg dept.

An anonymous reader writes "Jerry had a motorcycle accident last May and lost a finger. When the doctor working on the artificial finger heard he is a hacker, the immediate suggestion was to embed a USB 'finger drive' to the design. Now he carries a Billix Linux distribution as part of his hand."

Filmmaker Working On Eye-Socket Camera 114

Posted by Soulskill on Friday March 06, 2009 @08:09PM from the take-two-they're-small dept.

An anonymous reader writes "Wired has a story about Rob Spence, a Canadian filmmaker who plans to have a mini camera installed in his prosthetic eye. 'A camera module will have to be connected to a transmitter inside the prosthetic eye that can broadcast the captured video footage. To boost the signal, he says he can wear another transmitter on his belt. A receiver attached to a hard drive in a backpack could capture that information and then send it to another device that uploads everything to a web site in real time. ... Even though his project is still in its early stages, Spence says many people have already told him they wouldn't be comfortable being filmed. "People are more scared of a center-left documentary maker with an eye than the 400 ways they are filmed every day at the school, the subway, the mall," he says. He hopes he will help get people thinking about privacy, how surveillance cameras and the footage they record are being used and accessed.'" Spence runs a blog for the 'Eyeborg Project,' as he calls it, and has recently posted a video about the progress they're making.

Dan Bernstein Confirms Security Flaw In Djbdns 66

Posted by timothy on Thursday March 05, 2009 @04:52PM from the gets-yer-money-and-takes-yer-chances dept.

secmartin writes "Dan Bernstein has just admitted that a security issue has been found in the djbdns software, one of most popular alternatives for the BIND nameserver. As part of the djbdns security guarantee, $1000 will be paid to Matthew Dempsky, the researcher that found the bug. The bug allows a nameserver running djbdns to be poisoned using just a single packet. Other researchers have found a separate issue that allows dnscache, the DNS cache that is also part of the djbdns package, to be poisoned within just 18 minutes when using the default configuration. Anyone using djbdns is strongly encouraged to patch their servers immediately." Reader emad contributes a link to the djbdns mailing list post containing both a patch and a sample exploit, and adds: "In the words of Dan Kaminsky (of recent DNS security fame): 'However, Dempsky's bug in djb's tinydns is way more surprising, if only because ... holy crap, he pulled an exploitable scenario out of THAT?!'"

Portugal's Vortalgate — No Microsoft, No Bidding 312

Posted by kdawson on Tuesday March 03, 2009 @04:04PM from the bad-for-bidders-and-for-bidness dept.

An anonymous reader writes "Companies using software other than Microsoft's are unable to bid at many Portuguese public tenders. This is due to the use of Silverlight 2.0 technology by the company, Vortal, contracted to build the e-procurement portal. This situation has triggered a complaint to the European Commission by the Portuguese Open Source Business Association; the case is unofficially known in Portugal as 'Vortalgate.'"

Best FOSS Help Desk Software For Small Firms? 321

Posted by timothy on Thursday February 26, 2009 @08:32PM from the what-is-your-quest-please-press-one dept.

Nocts writes "I'm currently working for a moderately sized company that manages a large portion of its internal help desk questions through a Jabber-based chat room. What we're looking for instead is an open source, preferably Web-based solution that will give us the ability to have floor representatives queue questions and concerns in a similar fashion to BugTraq, directed at the help desk. Email capability would be preferred for elaboration of specific issues, but the more we can centralize everything into the queued system the better. Any recommendations and experiences? Just about any language is doable since I have the ability to configure and upgrade our servers and we're looking at about a user base of 100 people, with around 5-10 questions a minute."

'Cybot' Development For Network Defense 51

Posted by Soulskill on Saturday February 21, 2009 @01:02AM from the paging-bill-adama-to-oak-ridge dept.

lwbrown writes with this excerpt from Government Computer News about a concept being explored at Oak Ridge National Laboratory: "UNTAME is the product of a long-term program by the division's Cyber Security and Information Intelligence Research Group to develop futuristic security functionality for increasingly large, complex environments. The cybots differ from traditional software agents in that they form a collective and are aware of the condition and activities of other cybots in the collective. 'You give it a mission and tools to work with, such as mobility and intrusion sensors, and it uses those tools and cooperates with other cybots to accomplish the mission," said Lawrence MacIntyre, one of the project's developers.'"

Ma.gnolia User Data Is Gone For Good 450

Posted by kdawson on Friday February 20, 2009 @12:48PM from the lost-in-the-clouds dept.

miller60 writes "The social bookmarking service Ma.gnolia reports that all its user data was irretrievably lost in the Jan. 30 database crash that knocked the service offline. Ma.gnolia founder Larry Halff recently discussed the crash and the lessons to be learned from Ma.gnolia's experience. A lesson for users: don't assume online services have lots of staff and servers, and always keep backup copies of your data. Ma.gnolia was a one-man operation running on two Mac OS X servers and four Mac minis."

Slashdot Top Deals