Comment Re:11:30 AM? (Score 1) 89
Guys fron San Quentin once attempted an escape with a makeshift canoe painted with the legend "Rub a Dub Dub, Marin Yacht Club!". It sunk and they were re-imprisoned.
"Team America" Gets Post-Hack Yanking At Alamo Drafthouse, Too 230
Slate reports that even old movies are enough to trigger a pretty strong knee jerk: Team America, World Police, selected as a tongue-in-cheek replacement by Dallas's Alamo Drafthouse Theater for the Sony-yanked The Interview after that film drew too much heat following the recent Sony hack, has also been pulled. The theater's tweet, as reprinted by Slate: "due to circumstances beyond our control,” their Dec. 27 Team America screening has also been canceled." If only I had a copy, I'd like to host a viewing party here in Austin for The Interview, which I want to see now more than ever. (And it would be a fitting venue.)
Submission + - Extracting Data from the Microsoft Data (jeffhuang.com)
An anonymous reader writes: The Microsoft Band introduced last month hosts a slew of amazing sensors, but like so many wearable computing devices, users are unable to access their own data. A Brown University professor decompiles the app, finds that the data is transmitted to the Microsoft "cloud", and explains how to intercept the traffic to retrieve the raw minute-by-minute data captured by the Band.
Comment Re:Grinch is not a flaw - has no CVE!!! (Score 5, Informative) 118
About 3/4 of the way down the "article" they explained the vulnerability:
To control administrative access, Linux keeps a list of all the registered users on a machine, in a group typically known as “wheel,” who can be granted full root access (usually through the Unix sudo command).
A knowing attacker could get full root access by modifying the wheel group, either directly or by manipulating an adjoining program such as the Polkit graphical interface for setting user permissions, Alert Logic said.
This is patently stupid. Yes, if you give a badguy administrative access, bad things can happen--even if you use a fancy GUI to give the bad guy administrative access. The only thing that is even slightly newsworthy here is that maybe a novice admin won't understand the purpose of the wheel group and could be tricked into giving permissions, but there are a lot of ways you can trick a dumb admin, there's no need to single this one out.
Comment Agreed: Transactional Currency, not Investment (Score 1) 144
Sure, some people will invest in Bitcoins, and other people will invest in racehorses. (I avoid the problem by mining Dogecoins, which are almost totally worthless.) That's missing the point of Bitcoin, which is that it's intended to be a currency for relatively-private transactions.
Unfortunately, the markets that most wanted a currency for relatively-private transactions didn't do as good a job as they should have about being relatively-private on their own end (i.e. Silk Road got busted), but there is still a market for legitimate transactions, as you've pointed out.
Grinch Vulnerability Could Put a Hole In Your Linux Stocking 118
itwbennett writes In a blog post Tuesday, security service provider Alert Logic warned of a Linux vulnerability, named grinch after the well-known Dr. Seuss character, that could provide attackers with unfettered root access. The fundamental flaw resides in the Linux authorization system, which can inadvertently allow privilege escalation, granting a user full administrative access. Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September.
Update: 12/19 04:47 GMT by S : Reader deathcamaro points out that Red Hat and others say this is not a flaw at all, but expected behavior.
Submission + - Wikileaks.org users at risk due to a Web vulnerability (wikileaks-forum.com)
An anonymous reader writes: We have been made aware of a potential security risk with open source software Wikileaks is utilizing which uses a flash library to display PDF files in .swf format. Two vulnerabilities XSS and content spoofing can be used by malicious users. Whether to affect the privacy of users of wikileaks. eg: Using Flash components specifically to decloack behind Tor network users OR link to external content to discredit Wikileaks, something Wikileaks should avoid given the nature of the content published on Wikileaks servers. Given the fact that most browsers use plugins to enable the reading of PDF's, we strongly urge Wikileaks to link directly to PDF files instead of using third party software that could put users at risk
Comment Re:Who cares (Score 1) 89
What's so crazy about the idea that they lived out the rest of their lives with assumed identities?
Comment Good Voice-only Interface for Phone (Score 4, Informative) 232
What you need is a good voice-only interface for your phone, and if possible in your clean-room environment, some kind of Bluetooth headset. Phone rings, you tell it "answer". If you want to do something, tell Siri or equivalent, and get voice feedback. Not being an iPhone user, I don't know if Siri's good enough. (The Android stuff I've used so far hasn't been, but my car's phone-dialing interface is at least a start.)
Submission + - Woz on being Aussie, and escaping Steve Jobs 'dogma' (afr.com)
Techy77 writes: Apple co-founder Steve Wozniak has become an Aussie permanent resident. Wide-ranging interview on how Apple is escaping Steve Jobs' "dogma", why Google Glass is an admirable failure and why he isn't universally liked within Apple.
Ask Slashdot: What Can I Really Do With a Smart Watch? 232
kwelch007 writes I commonly work in a clean-room (CR.) As such, I commonly need access to my smart-phone for various reasons while inside the CR...but, I commonly keep it in my front pocket INSIDE my clean-suit. Therefore, to get my phone out of my pocket, I have to leave the room, get my phone out of my pocket, and because I have a one track mind, commonly leave it sitting on a table or something in the CR, so I then have to either have someone bring it to me, or suit back up and go get it myself...a real pain. I have been looking in to getting a 'Smart Watch' (I'm preferential to Android, but I know Apple has similar smart-watches.) I would use a smart-watch as a convenient, easy to transport and access method to access basic communications (email alerts, text, weather maps, etc.) The problem I'm finding while researching these devices is, I'm not finding many apps. Sure, they can look like a nice digital watch, but I can spend $10 for that...not the several hundred or whatever to buy a smart-watch. What are some apps I can get? (don't care about platform, don't care if they're free) I just want to know what's the best out there, and what it can do? I couldn't care less about it being a watch...we have these things called clocks all over the place. I need various sorts of data access. I don't care if it has to pair with my smart-phone using Bluetooth or whatever, and it won't have to be a 100% solution...it would be more of a convenience that is worth the several hundred dollars to me. My phone will never be more than 5 feet away, it's just inconvenient to physically access it. Further, I am also a developer...what is the best platform to develop for these wearable devices on, and why? Maybe I could make my own apps? Is it worth waiting for the next generation of smart-watches?
Australia Moves Toward New Restrictions On Technology Export and Publication 91
An anonymous reader writes Australia is starting a public
consultation process for new legislation that further restricts the
publication and export of technology on national security grounds. The
public consultation starts now (a few days before Christmas) and it is due
by Jan 30th while a lot of Australians are on holidays. I don't have the
legal expertise to dissect the proposed legislation, but I'd like some
more public scrutiny on it. I find particularly disturbing the phrase "The
Bill includes defences that reverse the onus of proof which limit the
right to be presumed innocent until proven guilty" contained in this
document, also available on the consultation web site.
Submission + - Grinch Vulnerability Could Put a Hole In Your Linux Stocking (itworld.com)
itwbennett writes: In a blog post Tuesday, security service provider Alert Logic warned of a Linux vulnerability, named grinch after the well-known Dr. Seuss character, that could provide attackers with unfettered root access. The fundamental flaw resides in the Linux authorization system, which can inadvertently allow privilege escalation, granting a user full administrative access. Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September.
Comment Re:Poll purpose (the simple explanation) (Score 5, Interesting) 286
Nah
Actually, it's my 40th birthday, and I've been amused (pleased, too) by the nice greetings I've gotten from friends both older and younger. If Dice Incorporated Amalgamated International Limited wants to make something of the results, they're free to, but since (this being a Slashdot poll) the answers are far less the point than the discussion, I don't think that's very likely. Our polls (we love poll submissions, by the way) are kernels for discussion, and often the product of whimsy. There are lots of ways that age (esp. in technical fields) tends to come up on Slashdot, and a pretty wide range both of what "old" *is* and what it means.
There may be many conspiracies in the world; this just isn't one
Comment Re:It's my birthday today! (Score 5, Informative) 286
Happy birthday! Mine's today, too, hence the poll
