Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security

Submission + - Facebook bug lets hackers delete friends (cio.com.au)

Submitted by swandives
swandives writes: There's lot of talk about Facebook and privacy at the moment, but a bug in Facebook's website lets hackers delete Facebook friends without permission. Steven Abbagnaro, a student from Marist College in Poughkeepsie, New York reported the flaw, writing proof-of-concept code that scrapes publicly available data from users' Facebook pages and deletes all of their friends, one by one. The victim first has to click on a malicious link while logged into Facebook.

Abbagnaro's code exploits the same underlying flaw that was first reported by Alert Logic security analyst, M.J. Keith, who discovered cross-site request forgery bug, where the website doesn't properly check code sent by users' browsers to ensure that they were authorized to make changes on the site.
Google

Submission + - Vimeo to Support WebM Video (vimeo.com)

Submitted by Anonymous Coward
An anonymous reader writes: Vimeo has plans in progress to offer WebM video content in the near future. In response to a question posted on the community forums, Vimeo's Andrew Pile responded, 'We've been working for it for a few weeks now and hope to have some preliminary videos for people to play with soon. It looks promising!'
Cellphones

Submission + - Any Android Phones Can Process Credit Cards Now 1

Submitted by adeelarshad82
adeelarshad82 writes: A plug-in device known as Square, accompanied by an app, is helping the concept of mobile payments anywhere, anytime on android phones. A simple swipe through Square allows it to read the credit card and send instructions to the mobile app which then allows the user to make payment. Square can be plugged into the 3.5mm headphone jack. The device and the app are free, however Square banks 2.75 percent of the total transaction in addition to a charge of 15 cents per swipe, and 3.5 percent plus 15 cents for each transaction made with a keyed in entry.

Submission + - Numeral Systems of the World's Languages (eva.mpg.de)

Submitted by labr!nth
labr!nth writes: Linguist Eugene Chan has "successfully collected basic numeral systems and data from about 4,000 languages in the world." He gives a summary of many of these on his website. All sorts of interesting systems are used including various bases (e.g. 2, 3, 4, 5, 10, and 12), body-part tallying, and languages that only distinguish between one and many (c.f. various wikipedia articles on Everett and the Piraha language). The site is ugly and difficult to navigate, but summary boxes at the bottom of specific language pages are informative. Especially interesting are those from indigenous languages from remote areas (c.f. pages for Bella Coola or Kwadi).

Submission + - A new app to hide text messages from prying eyes (safebox.mobi)

Submitted by jolypip
jolypip writes: A new mobile application, called SafeBox, has been launched to let users send and receive private text messages, invisible to anyone taking their phone. The application combines the popularity and mobility of texting with the privacy and security of modern cryptography to give some privacy to the SMS communications.

Stories of intercepted and incriminating SMS texts make the celebrity gossip headlines regularly, whether a prince, a footballer, an actor, a musician, a politician or a golfer, the examples are many where the SafeBox application could have kept those texts private and protected from curious intruders, paparazzi, stalkers and other prying eyes.

Privacy in general has become increasingly important, but especially so in the mobile space, as incidents of SMS spoofing and interception multiply.
SafeBox is a privacy tool that is simple to use, available to everyone around the world, and free to download. The first version has been released with J2ME for Java and Symbian phones and can be used in 7 languages.

Besides text messages, the SafeBox application, also offers other features such as a hidden private contact list, and confidential notes. The application is PIN-protected preventing its content to be seen from the outside without knowledge of the PIN. If the phone is lost, stolen or just gets in the wrong hands for a while, nobody can read the messages sent or received or even see whom they were written to.

For more information about SafeBox or to download the application for free, visit the www.safebox.mobi website from a mobile phone browser or from the web.

Submission + - Body Area Networks To Collect Physiological Data (computerworld.com)

Submitted by Lucas123
Lucas123 writes: The FCC is considering a request by the healthcare industry to allocate radio bandwidth for the creation of body area networks, which would use small, disposable monitors in the form of patches or bracelets to collect physiological data on critically and chronically ill patients, such as temperature, pulse, blood glucose level, blood pressure and respiratory health. The body area networks would transmit the data to electronic medical records, which could be remotely monitored by care givers and could not only head off heart attacks and strokes but reduce staph infections in hospitals, which kill 200,000 people annually in the U.S.
Security

More Mac Vulnerabilities Than Windows In 2007? 329

Posted by Zonk from the dogs-and-cats-living-together-mass-hysteria dept.
eldavojohn writes "A ZDNet blog reports stats from Secunia showing OSX averaged 20.25 vulnerabilities per month while XP & Vista combined averaged 3.67/month. Is this report card's implication accurate, or is this a symptom of one company turning a blind eye while the other concentrates on timely bugfixes? 'While Windows Vista shows fewer flaws than Windows XP and has more mitigating factors against exploitation, the addition of Windows Defender and Sidebar added 4 highly critical flaws to Vista that weren't present in Windows XP. Sidebar accounted for three of those additional vulnerabilities and it's something I am glad I don't use. The lone Defender critical vulnerability that was supposed to defend Windows Vista was ironically the first critical vulnerability for Windows Vista.'"
Music

Submission + - Next for Apple: Lossless iTunes Store (cnet.co.uk)

Submitted by DrJenny
DrJenny writes: C|net has an interesting piece running at the moment about why Apple developed their own lossless codec, and more importantly that iTunes will become a download store for lossless audio, potentially from all the major labels. This would be a massively positive move for people who spend hundreds, if not thousands, of dollars on hi-fi gear, but refuse to give money to stores that only offer compressed music. It's a big FLAC, DRM, ALAC and GB discussion, but it's a very exciting perspective, and surely one that'll pan out meaning audiophiles will finally be able to take advantage of legal digital downloads.
Security

Submission + - SquirrelMail Repository Poisoned (beskerming.com)

Submitted by
SkiifGeek
SkiifGeek writes: "Late last week the SquirrelMail team posted information on their site about a compromise to the main download repository for SquirrelMail that resulted in a critical flaw being introduced into two versions of the webmail application (1.4.11 and 1.4.12).

After gaining access to the repository through a release maintainer's compromised account (it is believed), the attackers made a slight modification to the release packages, modifying how a PHP global variable was handled. As a result, it introduced a remote file inclusion bug — leading to an arbitrary code execution risk on systems running the vulnerable versions of SquirrelMail.

The poisoning was identified after it was reported to the SquirrelMail team that there was a difference in MD5 signatures for version 1.4.12.

Version 1.4.13 is now available."

Where are Wii? 440

Posted by CmdrTaco from the not-under-my-tree dept.
WirePosted writes "Santa is in trouble, it looks like supplying the Christmas need for a Nintendo Wii game console is in jeopardy as stocks wither under constant and heavy demand. Conspiracy believers suggest this is an orchestrated move on behalf of Nintendo." Since this happens to be what I want for Christmas, I hope they work it out, or my loving wife has already found one.

CSIRO Wireless Patent Reaffirmed In US Court 147

Posted by ScuttleMonkey from the i-was-here-first-nyah-nyah dept.
An anonymous reader writes ""The CSIRO has won a landmark US legal battle against Buffalo Technology, under which it could receive royalties from every producer of wireless local area network (WLAN) products worldwide." From the article: "The patent, granted to CSIRO in 1996, encompasses elements of the 802.11a/g wireless technology that is now an industry standard. It stems from a system developed by CSIRO in the early '90s, 'to exchange large amounts of information wirelessly at high speed, within environments such as offices and homes,' said a CSIRO spokeswoman."

Comment Instaload (Score 1) 65

by Xoder (#15769593) Attached to: Gotuit Launches Broadband Video Portal
So, I realize that this is impossible, but I definately noticed almost no lag time (a second at most) both for initial playback and pause-restart. The longest lag point is when the page itself is being loaded. (DSL, highest transfer rate I've ever seen coming down it is 110KBps (Torrent).)

Researcher Jailed for Falsifying Research 195

Posted by Zonk from the nerd-police-blotter dept.
Caldeso writes "For the first time in U.S. history, a researcher has received jail time for falsifying research data to obtain federal grants. Eric Poehlman pled guilty to defrauding the government to the tune of nearly 3 million dollars by changing and making up research and was sentenced to a year in a federal prison work camp and a lifetime ban on further federal grants."

Slashdot Top Deals

BLISS is ignorance.

Close