Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×

Submission + - Jungle Disk remarkably insecure (daemonology.net)

Submitted by Anonymous Coward
An anonymous reader writes: Insecurity in the Jungle (disk)
A few weeks ago, in the wake of stories about Dropbox's poor security, a user of my Tarsnap online backup service mentioned that he had heard Jungle Disk recommended as a secure alternative. This surprised me, since I remembered from the early days on the Amazon Web Services developers forums that JungleDave — as the author called himself — was always far more concerned with ease of use than with security. Had things improved? I decided to investigate, and I wasn't impressed with what I found.

Unlike most online backup / storage companies, Jungle Disk has released source code, here and here. They did this because in the early days of Jungle Disk, people wanted some assurance that they could get their data back if Jungle Disk went out of business; since the Jungle Disk client stores data directly to Amazon S3 and Rackspace Cloud Files, it is also possible to read files directly from those services. (This is also a feature which Tarsnap users frequently request, but the design of Tarsnap — including amortizing S3 PUT costs across blocks uploaded from multiple users — makes it impossible to provide such a mechanism for Tarsnap.)

Now, this code is not the code used in the actual Jungle Disk client — like most other online backup services all you get is a binary, and you have to trust that it isn't doing anything wrong (either due to intentional mis-features or accidental bugs) — but the fact that the published source code can interoperate with the Jungle Disk client code does at least provide us with some information about what Jungle Disk does cryptographically.
Patents

Submission + - UK launches Peer to Patent pilot project (h-online.com)

Submitted by Anonymous Coward
An anonymous reader writes: Inspired by a proposal by Beth Noveck, professor of law at New York Law School, the Minister for Intellectual Property, Baroness Wilcox laucnched a UK "Peer To Patent" pilot project to identify prior art in patent applications by harnessing the wider community of experts and engaged citizens
Software

Submission + - Microsoft Unveils First Windows 8 Preview On Video (dlhub.net)

Submitted by Anonymous Coward
An anonymous reader writes: We have seen leaked images and downloads of Windows 8 OS but this time Microsoft has finally unveiled the very first video demonstration showing us what's in the store for upcoming major upgrade to Windows platform.

The video demos the next generation of Windows, internally code-named “Windows 8”. According to the official announcement the "Windows 8" based PC is really a new kind of device completely revamped from the chip to the user-interface, one that scales from touch-only small screens through to large screens, with or without a keyboard and mouse.

Comment Re:too late (Score 1) 233

http://www.next-gen.biz/news/psn-outage-begins-to-hit-retail

“In the first week of downtime we did not really see any major change in sales or trades,” says one source, a store manager at a major UK retailer speaking on condition of anonymity. “However from the second week onwards we have seen an increase of over 200 per cent on PS3 consoles being traded in, split almost 50/50 between those trading for cash and those taking a 360 instead.”

Comment Re:At the end of the day (Score 1) 83

by CyberDragon777 (#36056078) Attached to: LastPass: Users Don't Have To Reset Master PWDs

LastPass gives the user the option to use all these security features (strong master password, authentication grid, fingerprint/card reader, hardware key), but they can't force the user to be secure.

The user is always the weakest link, but this doesn't mean that those who know what they are doing can't be safe.

Comment Re:Why not Safari as well as Chrome? (Score 2) 110

by CyberDragon777 (#36027912) Attached to: Chrome, IE To Allow Users To Delete Flash Cookies

I haven't been able to find an equivalent in Firefox 4's NPAPI documentation, but it may exist. If it doesn't now, it will soon -- it's a really obvious feature to have.

https://wiki.mozilla.org/NPAPI:ClearSiteData

https://bugzilla.mozilla.org/show_bug.cgi?id=508167
Looks like it was added in February.

https://bugzilla.mozilla.org/show_bug.cgi?id=625496
And "Clear recent history" will remove the cookies once flash 10.3 is released.

Slashdot Top Deals

"Go to Heaven for the climate, Hell for the company." -- Mark Twain

Close