naugrim - Slashdot User

'Death Star' Aimed at Earth 400

Posted by Zonk on Tuesday March 04, 2008 @03:41PM from the don't-destroy-earth-that's-where-i-keep-my-stuff dept.

An anonymous reader writes "A spectacular, rotating binary star system is a ticking time bomb, ready to throw out a searing beam of high-energy gamma rays that could lead to a major extinction event — and Earth may be right in the line of fire. Australian science magazine Cosmos Magazine reports: 'Though the risk may be remote, there is evidence that gamma ray bursts have swept over the planet at various points in Earth's history with a devastating effect on life. A 2005 study showed that a gamma-ray burst originating within 6,500 light years of Earth could be enough to strip away the ozone layer and cause a mass extinction. Researchers led by Adrian Melott at the University of Kansas in Lawrence, U.S., suggest that such an event may have been responsible for a mass extinction 443 million years ago, in the late Ordovician period, which wiped out 60 per cent of life and cooled the planet.'"

Submission + - Hibernation file a new potential threat. 3

Submitted by on Monday March 03, 2008 @09:33AM

An anonymous reader writes: Matthieu Suiche writes:

For Windows 2000, Microsoft provides a feature called Hibernation also know as suspend to disk that aims to save the system state into an undocumented file called hiberfil.sys. This file contains all the physical memory saved by the Operating System and aims to be restored by the user the next time the computer is powered on. Live forensics analysis is used to use physical memory dump to recover information on the targeted machine. One of the main problems is to obtain a readable physical memory dump, hibernation is an efficient way to save and load physical memory. Hibernation analysis has notable advantages. System activity is totally frozen, therefore coherent data is acquired and no software tool is able to block the analysis. The system is left perfectly functional after analysis, with no side effects. The hibernation file opens two valuable doors: The first one is (live?) forensics analysis for defensive computing. Hibernation is an efficient and easy way to get a physical memory dump. But the main issue about it was: How to read the hiberfil.sys? That's how the idea of SandMan born. The second one is a new concept we will be introduced and called "offensics" which is a portmanteau from "offensive" and "forensics". If we can read hiberfil.sys, can we rewrite it? The answer is: Yes, with SandMan you can.
SandMan is an open-source framework which makes readable and writable the undocumented windows hibernation file. The author said that 32bits hibernation file "from Windows XP to Windows 2008 Server" are supported yet. Then, it's now possible to retrieve keys/hash used by cryptographic softwares present in memory if they are present during the hibernation process. Furthermore, internal structures mapped in memory which contains information like "application privilege rights" can be modified too though the hibernation file.

Titan's Organics Surpass Oil Reserves on Earth 555

Posted by samzenpus on Wednesday February 13, 2008 @10:43PM from the black-gold-titan-tea dept.

jcgam69 writes "Saturn's orange moon Titan has hundreds of times more liquid hydrocarbons than all the known oil and natural gas reserves on Earth, according to new Cassini data. The hydrocarbons rain from the sky, collecting in vast deposits that form lakes and dunes."

A Torrid Tale of Plagiarizing Paleontologists 160

Posted by Zonk on Thursday January 31, 2008 @07:04PM from the sexy-tales-of-science dept.

its hard to think of writes "There's an interesting story up at Nature News about scientific ethics. It seems that while one group of scientists is figuring out details about aetosaurs (ancient crocodiles), another group in New Mexico is repeatedly taking credit for their work and naming the new animals they 'discover'. It also looks like the state government, which has been asked to intervene, is trying to sidestep the issue. 'The New Mexico cultural-affairs department, which oversees the museum, conducted a review of two of the instances last October and concluded that the allegations were groundless. But some experts call that review a whitewash, claiming that it failed to follow accepted practices of US academic institutions faced with claims of misconduct. Now all three cases are before the Ethics Education Committee of the Society of Vertebrate Paleontology, a professional organization based in Northbrook, Illinois, which is awaiting responses from the New Mexico team before making a ruling.' How widespread is this kind of thing?"

The Great Microkernel Debate Continues 405

Posted by Zonk on Thursday January 31, 2008 @12:21PM from the tiny-issues dept.

ficken writes "The great conversation about micro vs. monolithic kernel is still alive and well. Andy Tanenbaum weighs in with another article about the virtues of microkernels. From the article: 'Over the years there have been endless postings on forums such as Slashdot about how microkernels are slow, how microkernels are hard to program, how they aren't in use commercially, and a lot of other nonsense. Virtually all of these postings have come from people who don't have a clue what a microkernel is or what one can do. I think it would raise the level of discussion if people making such postings would first try a microkernel-based operating system and then make postings like "I tried an OS based on a microkernel and I observed X, Y, and Z first hand." Has a lot more credibility.'"

Mastering the Grails Powerful Tiny Web Framework 89

Posted by kdawson on Saturday January 26, 2008 @08:10PM from the coffee-on-the-train dept.

Someone from IBM tips this article on their Developerworks site about Grails, a modern Web development framework that mixes familiar Java technologies like Spring and Hibernate. "Grails gives you the development experience of Ruby on Rails while being firmly grounded in proven Java technologies. This article show you how to build your first Grails application with the lessons learned from Rails and the sensibilities of modern Java development."

PHP In Action: Objects, Design, Agility 232

Posted by samzenpus on Wednesday January 23, 2008 @03:30PM from the read-all-about-it dept.

Michael J. Ross writes "Despite being perhaps the most popular Web language in use, PHP has for much of its history been criticized for not offering the full capabilities of object-oriented programming (OOP). But with the release of version 5, PHP introduced a robust object model, and made it easier for its proponents to create well-architected Web sites and applications. In turn, the new OOP capabilities have facilitated additional best practices, such as design patterns, test-driven development, continual refactoring, and HTML templates. These topics and more are explored in the book PHP in Action: Objects, Design, Agility."

Dinosaurs Grew Fast and Bred Young 63

Posted by kdawson on Tuesday January 15, 2008 @06:56PM from the dinosaur-named-sue dept.

Smivs writes "It is thought that dinosaurs were able to breed before they were fully grown, much like todays mammals. This ensured that they could breed before they were predated in the violent world of the Mesozoic era. Calcium-rich medullary bone, which, in birds, is used to produce egg shells, was found inside the fossilized shin-bones of two specimens: the meat-eating Allosaurus and the plant-eater Tenontosaurus.Sarah Werning and Andrew Lee of the University of California, Berkeley, deduced from growth rings inside the bone that the two females were aged eight and 10, very young for dinosaurs, which lived to about 30. 'This shows us beyond any doubt how fast dinosaurs grow,' said Kevin Padian, a professor at UC Berkeley's Museum of Palaeontology. 'They're growing as fast as big birds and big mammals.'"

McAfee Worried Over "Ambiguous" Open Source Licenses 315

Posted by ScuttleMonkey on Saturday January 05, 2008 @05:36AM from the play-by-the-rules-and-no-one-gets-hurt dept.

willdavid writes to tell us InformationWeek is reporting that McAfee, in their annual report, has warned investors that "ambiguous" open source licenses "may result in unanticipated obligations regarding [McAfee] products." "McAfee said it's particularly troubling that the legality of terms included in the GNU/General Public License -- the most widely used open source license -- have yet to be tested in court. 'Use of GPL software could subject certain portions of our proprietary software to the GPL requirements, which may have adverse effects on our sales of the products incorporating any such software,' McAfee said in the report filed last month with the Securities and Exchange Commission. Among other things, the GPL requires that manufacturers who in their products use software governed by the license distribute the software's source code to end users or customers. Some manufacturers have voiced concerns that the requirement could leave important security or copyright protection features in their products open to tampering."

Schneier On the War On the Unexpected 405

Posted by kdawson on Thursday November 01, 2007 @08:36AM from the security-theater-on-an-escalator dept.

jamie found this essay by Bruce Schneier, The War on the Unexpected. (It originally appeared in Wired but this version has all the links.) "We've opened up a new front on the war on terror. It's an attack on the unique, the unorthodox, the unexpected; it's a war on different. If you act different, you might find yourself investigated, questioned, and even arrested — even if you did nothing wrong, and had no intention of doing anything wrong. The problem is a combination of citizen informants and a CYA attitude among police that results in a knee-jerk escalation of reported threats... After someone reports a 'terrorist threat,' the whole system is biased towards escalation and CYA instead of a more realistic threat assessment... If you ask amateurs to act as front-line security personnel, you shouldn't be surprised when you get amateur security."

Submission + - Fans or No Fans for Silent PCs

Submitted by Anonymous Coward on Thursday October 11, 2007 @08:38AM

An anonymous reader writes: Can a PC with a fan ever be made quiet enough? Is it enough to use a big fan and run it very slowly? Is the best solution a huge heat sink made of aluminum or copper that runs on convection? This article examines the question of how to make a computer quiet enough to sit proudly in the living room without drowning out the movie playing on the TV next to it?

Submission + - Feds bust botnet boss (networkworld.com)

Submitted by

coondoggie

on Thursday October 04, 2007 @02:14PM

coondoggie writes: "According to court documents, a California man this week was indicted on four counts of electronic transmission of codes to cause damage to protected computers. Greg King, also known as "Silenz, Silenz420, sZ, GregK, and Gregk707, " allegedly controlled over seven thousand such "bots" and used them to conduct multiple distributed denial of service attacks against websites of two businesse — CastleCops and KillaNet. The botnet attacks on KillaNet took place between July 2004 and February 2007 causing at least $5,000 in damage. KillaNet said on its Web site today that "King caused thousands of dollars in losses of time and content through many attacks against our webserver." In addition King allegedly taunted KillaNet in a series of emails during the attacks. http://www.networkworld.com/community/node/20231"

Submission + - Morgan Stanley abused CareerBuilder.com resumes (networkworld.com)

Submitted by

coondoggie

on Monday October 01, 2007 @11:24AM

coondoggie writes: "Massachusetts is charging and financial advisors from Morgan Stanley in Boston with improperly accessing CareerBuilder .com to download resumes and collect personal information of job seekers in an effort to solicit business on behalf of Morgan Stanley. The state also says Morgan Stanly advisors broke state and national Do Not Call registries by making "several hundred calls." Court papers state at least one advisor downloaded over 1,000 resumes contain personal and financial information. The use of such information for sales purposed is a breach of contract between Careerbuilder.com and Morgan Stanley, as the financial firm was to only use such information for recruitment purposes only, the state says. http://www.networkworld.com/community/node/20082"

The World's Languages Are Fast Becoming Extinct 939

Posted by kdawson on Monday October 01, 2007 @12:06AM from the culture-drain dept.

Ant sends news of a report, released a couple of weeks back by the Living Tongues Institute for Endangered Languages in Oregon, on the alarming rate of extinction of the world's languages. While half of all languages have gone extinct in the last 500 years, the half-life is dropping: half of the 7,000 languages spoken today won't exist by the year 2100. The NY Times adds this perspective: "83 languages with 'global' influence are spoken and written by 80 percent of the world population. Most of the others face extinction at a rate, the researchers said, that exceeds that of birds, mammals, fish and plants."

Submission + - VM-based rootkits proved easily detectable (stanford.edu)

Submitted by paleshadows on Sunday September 30, 2007 @11:55PM

paleshadows writes: A year and a half has passed since SubVirt, the first VMM (virtual machine monitor) based rootkit, was introduced. The idea spawned two lively slashdot discussions: the first, which followed the initial report about SubVirt, and the second, which was conducted after Joanna Rutkowska has recycled the idea (apparently without giving credit to the initial authors). Conversely, in this year's HotOS workshop, researchers from Stanford, CMU, VMware, and XenSource have published a paper titled " Compatibility Is Not Transparency: VMM Detection Myths and Realities" which shows that VMM-based rootkits are actually easily detectable. The introduction of the paper explains that

"While commodity VMMs conform to the PC architecture, virtual implementations of this architecture differ substantially from physical implementations. These differences are not incidental: performance demands and practical engineering limitations necessitate divergences (sometimes radical ones) from native hardware, both in semantics and performance. Consequently, we believe the potential for preventing VMM detection under close scrutiny is illusory — and fundamentally in conflict with the technical limitations of virtualized platforms."

The paper concludes by saying that

"Perhaps the most concise argument against the utility of VMBRs (VM-based rootkits) is: "Why bother?" VMBRs change the malware defender's problem from a very difficult one (discovering whether the trusted computing base of a system has been compromised), to the much easier problem of detecting a VMM."

Slashdot Top Deals