Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
The Internet

Europe Proposes International Internet Treaty 116

Posted by Soulskill from the it-will-all-be-accessible-by-train dept.
Stoobalou writes "Europe has proposed an Internet Treaty to protect the Internet from the political interference which threatens to break it up. The draft international law has been compared to the 1967 Outer Space Treaty, which sought to prevent space exploration being pursued for anything less than the benefit of all human kind. The Internet Treaty would similarly seek to preserve the Internet as a global system of free communication that transcends national borders."
Security

Submission + - Hole in Linux kernel provides root rights (h-online.com)

Submitted by oztiks
oztiks writes: A vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges. For instance, attackers can break into a system and exploit a hole in the web server to get complete root (also known as superuser) rights or permissions for a victim's system.

According to a report, the problem occurs because the 32-bit call emulation layer does not check whether the call is truly in the Syscall table. Ben Hawkes, who discovered the problem, says the vulnerability can be exploited to execute arbitrary code with kernel rights. An exploit (direct download of source code) is already in circulation; in a test conducted by The H's associates at heise Security on 64-bit Ubuntu 10.04, it opened a shell with root rights.

The kernel developers have remedied the flaw in the repository, and Linux distributors will probably soon publish new kernels to close the hole. Until then, switching off 32-bit ELF support solves the problem if you can do without this function. For instructions, see: "Workaround for Ac1db1tch3z exploit".

Hawkes says the vulnerability was discovered and remedied back in 2007, but at some point in 2008 kernel developers apparently removed the patch, reintroducing the vulnerability. The older exploit apparently only needed slight modifications to work with the new hole.

 

Submission + - Young developers to Microsoft: You're not hip (nytimes.com)

Submitted by Anonymous Coward
An anonymous reader writes: Microsoft's failures with the KIN phone (only two months on the market, less than 10,000 phones sold) are well-known to slashdot readers, but the New York Times has more. Apparently Microsoft has all but admitted that they have lost young developers to the lures of free software. “We did not get access to kids as they were going through college,” acknowledged Bob Muglia, the president of Microsoft’s business software group, in an interview last year. “And then, when people, particularly younger people, wanted to build a start-up, and they were generally under-capitalized, the idea of buying Microsoft software was a really problematic idea for them.” Others, however, laugh at the idea that Microsoft requires the start-ups to meet certain guidelines and jump through hoops to receive software, when its free software competitors simply allow anyone to download products off a Web site with the click of a button. Is this another sign of the old dinosaur not being nimble enough to keep up with free software?
Portables

Submission + - Where is the universal power brick for laptops? (pcauthority.com.au)

Submitted by Anonymous Coward
An anonymous reader writes: One of the most frustrating things about laptops is the myriad power supplies used. On a PC, an ATX power supply for example will screw into certain mounting holes, have a maximum size and shape, and will take a standard 3-pin 'kettle cord' for incoming power. If it complies with these standards the PSU will be able to bolt into any manufacturer's ATX case. Laptop design, on the other hand, involves cramming a PC into a tiny chassis, which usually has its own thermal design and power distribution requirements. This has led to the somewhat bizarre situation where every manufacturer has its own laptop power supply design. It now appears that some of the major players in laptops are getting together to work on a standardized laptop power supply design. Not only are big players involved, but the IEEE (Institute of Electrical and Electronics Engineers) has created a team to work on the Power Supply standard.
Networking

Submission + - IEEE 802.3ba Standard Released (net-security.org) 1

Submitted by Anonymous Coward
An anonymous reader writes: EEE announced the ratification of IEEE 802.3ba 40Gb/s and 100Gb/s Ethernet, a new standard governing 40 Gb/s and 100 Gb/s Ethernet operations. An amendment to the IEEE 802.3 Ethernet standard, IEEE 802.3ba, the first standard ever to simultaneously specify two new Ethernet speeds, paves the way for the next generation of high-rate server connectivity and core switching. The new standard will act as the catalyst needed for unlocking innovation across the greater Ethernet ecosystem. IEEE 802.3ba is expected to trigger further expansion of the 40 Gigabit and 100 Gigabit Ethernet family of technologies by driving new development efforts, as well as providing new aggregation speeds that will enable 10 Gb/s Ethernet network deployments.
Security

Submission + - Do cyber vigilantes make computing world safer? (infoworld.com) 1

Submitted by tsamsoniw
tsamsoniw writes: Fed up with companies failing to address security holes fast enough, white hats are turning up the pressure by quickly making the vulnerabilities public. First Goatse Security made public thousands of email addresses of iPad users that it swiped from AT&T's Web site — after AT&T failed to disclose the data theft fast enough. Next a Google security engineer publicized an exploit for Windows XP — which is now being used widely — after deciding Microsoft was moving to slowly to fix the problem. In both cases, the Goatse and the security engineer are claiming they did what they did for the greater good: Though their actions put users at risk, it forces the offending companies to worker faster to fix the problem. Do the ends justify the means?
Security

Submission + - Olympus digital camera ships with computer worm (sophos.com)

Submitted by Anonymous Coward
An anonymous reader writes: Olympus Japan has issued a warning to customers who have bought its Stylus Tough 6010 digital compact camera that it comes with an unexpected extra — a virus on its internal memory card.

The Autorun worm cannot infect the camera itself, but if it is plugged into a Windows computer USB port it can copy itself onto the PC, and then subsequently infect any attached USB device. Olympus says it "humbly apologises" for the incident which is believed to have affected some 1700 units, and that it will make every effort to improve its quality control procedures in future.

Security company Sophos says that more companies need to wake up to the need for better quality control to ensure that they don't ship virus-infected gadgets. At the same time, consumers should learn to always ensure Autorun is disabled, and scan any device for malware, before they use it on their computer.
Hardware

Submission + - Is EFI just a DRM BIOS? (thesilentnumber.me)

Submitted by
shadowmage13
shadowmage13 writes: "This recent post estimates that uEFI will replace BIOS in the next three years. This isn't breaking news, but should we be concerned? EFI could be considered a "DRM BIOS" because its control system may give it power over your OS and fully-free BIOS projects would be useless since they would require proprietary binary-only code to run on EFI. Linus Torvals has said it would add more complexity without any real advantages, and he refers to it as "this other Intel brain-damage (the first one being ACPI)"."
Wine

Submission + - Wine 1.2 release candidate announced (winehq.org)

Submitted by Anonymous Coward
An anonymous reader writes: After evolving over 15 years to get to 1.0, a mere 2 years later and Wine 1.2 is just about here.
There have been many many improvements and plenty of new features added. Listing just a few (doing no justice to the complete change set)
    — Many new toolbar icons.
    — Support for alpha blending in image lists.
    — Much more complete shader assembler.
    — Support for Arabic font shaping and joining.
    — A number of fixes for video rendering.
    — Font anti-aliasing configuration through fontconfig.
    — Improved handling of desktop link files.

Win64 support is the milestone that marks this release.

Please test your favorite applications for problems and regressions and let the Wine team know so fixes can be made before the final release. Find the release candidate here.
Hardware

1 Molecule Computes Thousands of Times Faster Than a PC 246

Posted by timothy from the but-only-for-certain-tasks dept.
alexhiggins732 writes with this tantalizing PopSci snippet: "A demo of a quantum calculation carried out by Japanese researchers has yielded some pretty mind-blowing results: a single molecule can perform a complex calculation thousands of times faster than a conventional computer. A proof-of-principle test run of a discrete Fourier transform — a common calculation using spectral analysis and data compression, among other things — performed with a single iodine molecule transpired very well, putting all the molecules in your PC to shame."

Slashdot Top Deals

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (5) All right, who's the wiseguy who stuck this trigraph stuff in here?

Close