Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Privacy

Submission + - No appeal from Google on YouTube data ruling (itwire.com)

Submitted by gingerkazza
gingerkazza writes: An appeal by Google against the decision of a federal judge in New York that it must hand over details of every video ever viewed on YouTube to Viacom was not only widely expected, but thought to be pretty much a given. A comment by Google's senior litigation counsel seems to suggest otherwise...
Windows

Submission + - Dell 'Windows Vista Bonus' is a PC with Windows XP (itwire.com)

Submitted by gingerkazza
gingerkazza writes: http://www.itwire.com/content/view/19154/53/ According to Microsoft, Windows XP died on June 30th when it stopped sending it to the likes of Dell and HP, as well as ceasing shrink-wrapped distribution. According to Dell, new buyers can have a Windows Vista Bonus: a machine with a copy of Windows XP pre-installed instead...
Security

Journal Journal: The truth about software low hanging fruit vulnerability

Journal by gingerkazza
http://www.daniweb.com/blogs/entry1560.html If you were to just take weekly media reports and monthly security researcher statistics as your metric, then I suspect it would be a safe bet to suggest that you would say software security vulnerabilities are on a steep upwards curve. Furthermore, it is just as likely that given the media exposure to such events as Microsoft Patch Tuesday and the furore when Adobe or Apple announce a hole has
Security

Submission + - Government online visa application security breach

Submitted by
An anonymous reader writes: http://www.daniweb.com/blogs/entry1466.html Online Visa applications are being suspended around the world following this bloggers investigation into the web based system which reveals any application could be viewed just by changing part of the URL. It was the lead story on Channel 4 News in the UK last night, and it looks like governments around the world will have some questions to answer after it was also revealed the breach had first been reported a year ago!!!
Security

Submission + - India: US Visa Application Database vulnerability

Submitted by Krish
Krish writes: Daniweb reports that the the US visa application database in India has a very serious vulnerability. It is very easy to get the applicant information from the database. It appears the company to which the process was outsourced were slacking in security.

Feed Indian Visa Application Data Easily Accessible Using Old 'Change Number In URL' (techdirt.com)

From feed by techdirtfeed
The folks over at Daniweb have submitted their story about the online visa application system in India. Approximately a year ago, someone who was using the system ran into a problem, where all the work he had done in filling out the application seemed to disappear, and the back button wasn't work. So he tried making small changes to the URL... which gave him access to someone else's visa application. There are plenty of online systems that do this, but you would expect something a little more secure when it comes to government documents that include all sorts of personal info. The guy notified those responsible, and his alert was promptly ignored. It was only after they were contacted a second time, by the person writing the article about it, that they took it seriously enough to finally plug the hole. With governments leaking data all the time, is it any wonder that people don't feel particularly safe when the government wants even more data from us, while promising that there's no way it would ever be leaked?
Security

Submission + - Exposed: Indian visa application data accessible t

Submitted by
jenwren1010
jenwren1010 writes: "http://www.daniweb.com/blogs/entry1466.html A DaniWeb investigation uncovers huge gaping hole in website security of company that provides official visa application services for Indian citizens wishing to enter the US and UK. By simply changing part of the URL it has been possible to access the complete personal data of anyone who has made an application, including passport numbers, names, address, employer, parental information, travel plans and so on. Worse, the company were first informed of the vulnerability, by a concerned Indian citizen, over a year ago and did nothing. Considering these people work on behalf of the government, and the terrorist implications of being able to access all that visa application data are obvious, it is incredible that such Mickey Mouse security was allowed to go unchecked for so long."

Slashdot Top Deals

"If it ain't broke, don't fix it." - Bert Lantz

Close