Become a fan of Slashdot on Facebook

 


Forgot your password?
Close
typodupeerror
×
Bug

Microsoft Dynamics GP "Encrypted" Using Caesar Cipher 206

Posted by kdawson from the no-safety-in-numbers dept.
scribblej writes "Many large companies use Microsoft's Dynamics GP product for accounting, and many of these companies use it to store credit card numbers for billing customers. Turns out these numbers (and anything else in GP) are encrypted only by means of a simple substitution cipher. This includes the master system password, which can be easily selected and decrypted from the GP database by any user. Quoting: '[Y]ou DON'T HAVE TO GIVE ACCESS TO THE DYNAMICS DATABASE. What that means is if you create a base user in GP, that user can log into the SQL server and run a select statement on the table containing the "encrypted" GP System password. Not good.'" Update: 05/22 02:57 GMT by T : The original linked post has been revised in a few places; significantly, the following has been added as a correction: "By default, GP gives the user access to the DYNAMICS database but the user CANNOT login to the SQL server using SQL Enterprise Manager."
Cellphones

Will Your Car Tell You To Put Down the Phone? 349

Posted by timothy from the but-you-can't-talk-through-a-hamburger dept.
crimeandpunishment writes with this story from the AP: "We know it's dangerous to text while driving, or talk on a cell phone without using a hands-free device. What if our car knew it as well, and warned us about it? Our cars buzz and beep at us when our seatbelts aren't buckled ... now there are new applications in the works that could lead to a warning if we're driving with a cell phone in our hand."
Google

Google To Challenge Facebook Again 197

Posted by Soulskill from the clash-of-the-titans dept.
Hugh Pickens writes "Google is set to make a fresh attempt to gain a foothold in the booming social networking business, seeking to counter the growing threat that Facebook poses to some of its core services. USA Today reports that the search giant is upgrading Gmail to add social-media tools similar to those found on Facebook, including photo and video sharing within the Gmail application, along with a new tool for status updates. According to reports, Google is planning to give Gmail users a way to aggregate the updates of their various contacts on the service, creating a stream of notifications that would echo the similar real-time streams from Facebook and Twitter. Google's decision to exploit the heavily-used Gmail service as the basis for its latest assault on the social networking business partly reflects the failure of Google's previous stand-alone efforts to enter the social networking sector. Its Orkut networking service, though launched before Facebook, has failed to gain a mass following in most parts of the world, despite success in Brazil, and its acquisition of Twitter rival Jaiku ended in failure after it scrapped development of the service." Update: 02/09 19:32 GMT by KD : It's been announced as Google Buzz; CNET has a detailed writeup.
Microsoft

Craig Mundie Wants "Internet Driver's Licenses" 427

Posted by timothy from the genuine-advantage dept.
I Don't Believe in Imaginary Property writes "Craig Mundie, Microsoft's Chief Research and Strategy Officer, called for the creation of an 'Internet Driver's License' at the World Economic Forum in Davos, saying, 'If you want to drive a car you have to have a license to say that you are capable of driving a car, the car has to pass a test to say it is fit to drive and you have to have insurance.' Of course, there are quite a few problems with this. For starters, internet use cannot yet cause death or dismemberment like car accidents can; and this would get rid of most of the good of internet anonymity while retaining all of the bad parts, especially in terms of expanding the market for stolen identities. Even though telephone networks have long been used by scammers and spammers/telemarketers, we've never needed a 'Telephone Driver's License.'"
Cellphones

New iPhone Attack Kills Apps, Reroutes Web Traffic 125

Posted by kdawson from the dead-cert dept.
Trailrunner7 sends in a threatpost.com article on exploiting flaws in the way the iPhone handles digital certificates. "[Several flaws] could lead to an attacker being able to create his own trusted certificate and entice users into downloading malicious files onto their iPhones. The result of the attack is that a remote hacker is able to change some settings on the iPhone and force all of the user's Web traffic to run through any server he chooses, and also to change the root certificate on the phone, enabling him to man-in-the-middle SSL traffic from that phone. ... Charlie Miller, an Apple security researcher at Independent Security Evaluators, said that the attack works, although it would not lead to remote code execution on the iPhone. 'It definitely works. I downloaded the file and ran it and it worked,' Miller said. 'The only thing is that it warns you that the file will change your phone, but it also says that the certificate is from Apple and it's been verified.'"

Comment Garfield Had It's Place (Score 1) 327

by baptiste (#30993778) Attached to: "Calvin and Hobbes" Creator Bill Watterson Looks Back With No Regrets
A lot of people, rightly so, hate what Jim Davis has done or allowed to happen to Garfield. But it too was once a great comic strip - if you were 10. Those of us who grew up in the 70's were lucky as we had two new comic strips that fit our age perfectly. We got Garfield before we were teens and C&H when we were teens, old enough to look back on our recent childhood and see parallels as well as possibly learn some life lessons to us in upcoming adulthood. C&H is the best strip IMHO - hands down. It appealed to me as a teenager and also an adult. But the early Garfield strips are also timeless. When I was growing up, I loved Garfield - read it religiously in the paper. Every Christmas my mom had a standing present - whatever Garfield collections that had been published that year. I think I have 1-30. A while back while sorting through my old things, I found them and put them where my kids could read them. They read them cover to cover, multiple times. My eldest, now barely a teenager has moved on, and checks out C&H books from the library (since I can't find my entire collection - it's in my old stuff somewhere) But the youngest, just learning to read, is having fun reading about the big 'fat cat' and lasagna. Those old books are worn, in cases shredded held together with tape, but adored by my four kids. I'm sure C&H will be too. So while I agree that Garfield today is a mere shell of it's old self. There was a time it was worth reading as a kid and even an adult.

Comment Missing the forest for the trees (Score 1) 295

by baptiste (#30979578) Attached to: Facebook Rewrites PHP Runtime For Speed
250 comments later and all we get is arguments about what Facebook 'should' have done to resolve specific architectural problems none of us really know. Facebook is growing like wildfire. It has it's issue, some big. Many features are 'bad' (ever tried to run pop out chat? Jeebus my CPU cried for mercy) But it's quickly becoming THE go to site for millions of people. So Facebook has growth beyond their current ability to scale and they decide that rewriting PHP is a possible answer. The agree to open source it. Isn't this *exactly* what makes FOSS so great? Everyone benefits from the efforts of those using the code for their needs. Will this rewrite mean a global replacement to PHP's current implementation? I doubt it. But it may be just what is needed for many other sites with growing user bases and less $$$ for HW. Again, this is a bad thing because... If some random guy in a basement had done this, he'd be a borderline hero. But because a large corporate entity did, it's suspect and bad. I for one look forward to seeing what they really did and hearing from the PHP developers who attended the meetings as to what they are really doing, what types of bottlenecks they found, and what ideas they had to resolve them. Will they be 100% right? Doubt it. But in the end a large corporation is contributing back to the community, and potentially in a big way if their rewrite is widely usable. This. Is. A. Good. Thing.
Google

Google Proposes DNS Extension 271

Posted by CmdrTaco from the you-know-my-name dept.
ElusiveJoe writes "Google, along with a group of DNS and content providers, hopes to alter the DNS protocol. Currently, a DNS request can be sent to a recursive DNS server, which would send out requests to other DNS servers from its own IP address, thus acting somewhat similar to a proxy server. The proposed modification would allow authoritative nameservers to expose your IP address (instead of an address of your ISP's DNS server, for example) in order to 'load balance traffic and send users to a nearby server.' Or it would allow any interested party to look at your DNS requests. Or it would send a user from Iran or Libya to a 'domain name doesn't exist' server."
Cellphones

Rumor — AT&T Losing iPhone Exclusivity Next Week 353

Posted by Soulskill from the can-we-terminate-luke-wilson-now dept.
MojoKid writes "An inside source over at HotHardware reports that AT&T will lose their iPhone exclusivity on 1/27, coincident with Apple's upcoming press event next week, though it's not yet clear what other carriers will be stepping in to pick up the iPhone. For anyone who has followed the saga, you may notice that you haven't seen AT&T fighting to extend their original exclusive agreement as of late. In fact, they have spent most of their time fighting Verizon's negative ad campaigns. This may not be all that surprising. Inside of AT&T, word is that the iPhone is causing more trouble than ever before. On some level, having the iPhone is hurting AT&T's image. Do you remember hearing about AT&T's 'horrible network' before the iPhone? The iPhone itself doesn't really handle the switch from 3G to EDGE very gracefully, so calls that are in-progress tend to fail whenever 3G connections aren't optimal and the phone attempts to step down to EDGE. It seems that AT&T may finally be tired of taking the heat."

Comment Re:I love this bit (Score 1) 307

by baptiste (#30706614) Attached to: Recession Turning Software Auditors Into Greedy Traffic Cops
Wish I had mod points to mod you up - after reading through the comments - great way to end my reading because it's very true. I'm an IT professional and when you tell people Google is your most valuable resource, it never dawns on them that they have access to it too! Teaching young kids problem solving like this - great idea. But never happens.
Software

Is Getting Acquired Good For FOSS Projects? 131

Posted by samzenpus from the big-fish-eats-little-fish dept.
ruphus13 writes "While open source companies are legion, their acquisitions by proprietary source companies may cause concern for the viability of projects. Can a FOSS project 'survive' an acquisition? According to the article posing that question: 'One has to ask, though, how healthy it is for increasingly important open-source platforms and applications to come under the wing of huge, proprietary software companies. Probably the best example to cite on that topic is the ongoing car crash that is Oracle’s proposed acquisition of Sun Microsystems...Sun Micrososytems is one of only three big, US public companies focused almost entirely on open source. If it gets swallowed up, that will leave just Red Hat and Novell. Open-source pundits are predicting that small, promising open-source players will be snapped up by bigger fish this year. And Google's relationship to Android gets ever murkier as it sinks its commercial hooks deeper into the platform, billing its own offerings as superphones relative to other Android phones.'"
Handhelds

Bringing Free Television To Phones In America 159

Posted by kdawson from the all-upside dept.
ideonexus writes "South Korea, China, Brazil, parts of Europe, and Japan have been watching television on their phones for free since 2005, but American mobile carriers are struggling to offer clunky streaming video using Qualcomm's proprietary MediaFLO system for an additional monthly fee and excessive bandwidth demands. Now, with America having gone digital in June, if Mobile carriers were to have ATSC M/H (advanced television systems committee — mobile/handheld) television-tuner chips built into their handsets it sounds like we could enjoy free TV on our cell phones too; however, these companies have already invested a great deal of money adapting their networks to Qualcomm's format and Qualcomm is considering becoming a mobile television distributor itself."

Slashdot Top Deals

As far as the laws of mathematics refer to reality, they are not certain, and as far as they are certain, they do not refer to reality. -- Albert Einstein

Close