Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security

Security Researcher Finds Hundreds of Browser Bugs 145

Posted by Soulskill from the going-for-the-gusto dept.
An anonymous reader writes "PC Magazine reports on a very understated late night post to the full-disclosure mailing list, in which security researcher Michael Zalewski shared a fuzzing tool reportedly capable of identifying over a hundred browser bugs. Some of these bugs, he says, may be already known to third parties in China. The report also includes an account of how browser vendors fared fixing these flaws so far. Not surprisingly, Microsoft's response timeline appears depressing."
Image

Jboss AS 5 Performance Tuning Screenshot-sm 45

Posted by samzenpus from the read-all-about-it dept.
RickJWagner writes "20 percent inert ingredients, 80 percent nitro glycerin. That's how I'd describe JBoss AS 5 Performance Tuning from Packt. The first 50 pages are nothing to get excited about. This first chapter and a half describes the author's performance tuning life cycle methodology and introduces us to a handful of open source tools that can assist us in our tuning efforts. The tools section seems especially weak-- there are plenty of screenshots showing the tool's menu screens, something you'd normally pick up in about a minute from the tool's distribution website. Honestly, at this point I was beginning to wonder if this book was going to live up to my expectations. Luckily I pressed on for a few more pages, and hit the rich paydirt that makes up the rest of the book. From that point on, every section yielded valuable tuning advice." Keep reading for the rest of Rick's review.
Security

Gawker Source Code and Databases Compromised 207

Posted by samzenpus from the let's-see-what-we-have dept.
An anonymous reader writes "Passwords and personal data for 1.3 million Gawker Media readers — this includes readers of sites like Gizmodo, Lifehacker, Kotaku, and io9 — have been released as a BitTorrent by a group of hackers called Gnosis, who also managed to gain access to both the Gawker CMS and Gizmodo's Twitter account. Gawker confirms and urges readers to change their passwords: 'Our user databases do indeed appear to have been compromised. The passwords were encrypted. But simple ones may be vulnerable to a brute-force attack. You should change the password on Gawker (GED/commenting system) and on any other sites on which you've used the same passwords. Out of an abundance of caution, you should also change your company email password and any passwords that may have appeared in your email messages. We're deeply embarrassed by this breach. We should not be in the position of relying on the goodwill of the hackers who identified the weakness in our systems.'"
The Internet

Amazon Web Services Launches DNS Service 146

Posted by CmdrTaco from the welcome-to-the-holiday-dolldrums dept.
wiredmikey writes "Amazon Web Services (AWS) today announced a highly available and scalable Domain Name System service designed to give developers and businesses a reliable and cost effective way to route end users to Internet applications. The service, 'Route 53,' effectively connects user requests to infrastructure running in AWS — such as an Amazon Elastic Compute Cloud instance, an Amazon Elastic Load Balancer, or an Amazon Simple Storage Service bucket — and can also be used to route users to infrastructure outside of AWS."
Biotech

Dolly the Sheep Alive Again 233

Posted by samzenpus from the bah-bah-clone-sheep dept.
SpeZek writes "Dolly the sheep has been reborn. Four clones have been made by the scientist behind the original research. The quads, which have been nicknamed 'the Dollies,' are exact genetic copies of their predecessor, who was put down seven years ago. The latest experiments were partly carried out to check if improvements to the technique cut the risk of problems in and out of the womb. Named after country and western singer Dolly Parton, Dolly was created from a cell taken from a mammary gland. The rest of the sample of tissue has lain in a freezer since, until it was defrosted to make the Dollies."
Google

Who Will Win Control of the Web? 206

Posted by Soulskill from the probably-some-fourteen-year-old dept.
Barence writes "Control of the web is up for grabs. Each of the big three computing companies – Microsoft, Apple and Google – has its own radically different vision to promote, as does the world's biggest creative software company, Adobe. And HTML itself is changing, too. This article examines the case for each of the contenders in the war of the web and, with the help of industry experts, assesses which – if any – is most likely to emerge as victor."
Security

Making Airport Scanners Less Objectionable 681

Posted by kdawson from the still-the-little-matter-of-x-rays dept.
Hugh Pickens writes "The Washington Post reports that one of the researchers who helped develop the software for the scanners says there is a simple fix that would make scanning less objectionable. The fix would distort the images captured on full-body scanners so they look like reflections in a fun-house mirror, but any potentially dangerous objects would be clearly revealed, says Willard 'Bill' Wattenburg, a former nuclear weapons designer at the Livermore lab. 'Why not just distort the image into something grotesque so that there isn't anything titillating or exciting about it?' asks Wattenburg, adding that the modification is so simple that 'a 6-year-old could do the same thing with Photoshop... It's probably a few weeks' modification of the program.' Wattenburg said he was rebuffed when he offered the concept to Department of Homeland Security officials four years ago. A TSA official said the agency is working on development of scanner technology that would reduce the image to a 'generic icon, a generic stick figure' that would still reveal potentially dangerous items." Reader FleaPlus points out an unintended consequence: some transportation economists believe that the TSA's new invasive techniques may lead to more deaths as more people use road transportation to avoid flying — much more dangerous by the mile than air travel.
Advertising

Privacy Option Proposed To Control Behavioral Ads 81

Posted by Soulskill from the wishful-thinking dept.
techinsider sends this quote from Security Week: "A group of media and marketing trade associations, with support from the Council of Better Business Bureaus, today announced the details of a self-regulatory program designed to give consumers enhanced control over the collection and use of data regarding their Web viewing for online behavioral advertising purposes. The program promotes the use of the 'Advertising Option Icon' and accompanying language, to be displayed within or near online advertisements or on Web pages where data is collected and used for behavioral advertising. The Advertising Option Icon indicates a company's use of online behavioral advertising and adherence to the Principles guiding the program. Similar to a Web site’s privacy policy, consumers will be able to link to a clear disclosure statement regarding the company's online behavioral advertising data collection and use practices as well as an easy-to-use opt-out option."
Earth

Facing Oblivion, Island Nation Makes Big Sacrifice 360

Posted by Soulskill from the sink-or-swim dept.
Damien1972 writes "Kiribati, a small nation consisting of 33 Pacific island atolls, is forecast to be among the first countries swamped by rising sea levels. Nevertheless, the country recently made an astounding commitment: it closed over 150,000 square miles of its territory to fishing, an activity that accounts for nearly half the government's tax revenue. What moved the tiny country to take this monumental action? President Anote Tong, says Kiribati is sending a message to the world: 'We need to make sacrifices to provide a future for our children and grandchildren.'"
The Media

iPad Getting a Subscription Infrastructure? 94

Posted by timothy from the matter-of-time dept.
itwbennett writes "Peter Smith is blogging about an article in the San Jose Mercury News leaking news that Apple is 'almost ready to take the wraps off a new system to support subscriptions. The terms, if the leaks are accurate, sound less than ideal for publishers though. Apple will take 40% of advertising revenue, and 30% of subscription fees from participating publishers. In return, Apple will offer consumers the ability to opt-in to sharing their data with the publishers.' Apple isn't commenting on the speculation. 'In somewhat related news, Apple has released iOS 4.2 to developers. This is the version of iOS that will let iPads, iPhones and iPad Touches print to a WiFi-enabled or shared printer on a local network, via the new AirPrint service. It sounds like you'll be able to print articles from your digitally delivered newspaper before too long,' says Smith."
Data Storage

Video Appliance For a Large Library On a Network? 516

Posted by timothy from the wants-it-all-in-one-place dept.
devjj writes "For the past year or so I have been trying (and failing) to figure out a reasonable solution for bringing my large media library to my living room. All of my media lives on an Ubuntu server that sits on my network. It's been very reliable and it's fast enough for streaming purposes. My content is exposed via SMB. It's the living room side where I keep running into problems. I am currently using Windows 7 and XBMC, but the case is too big and noisy, I don't particularly care for Windows, and the whole thing just seems overkill. What I want is a device that can present a decent UI that the non-Slashdot crowd would be able to use, but that is still powerful enough to stream full-fidelity 1080p. I dream of a small box that can transcode video over a network, but that's probably a pipe dream. The new Apple TV would be great if it could connect to network shares. What say you, Slashdot? Is what I'm looking for possible, or should I just give in to the iTunes/Amazon/whatever juggernauts?"
Businesses

CTRC Orders Big ISPs To Provide Matching Speeds For Resellers 91

Posted by Soulskill from the streaming-hockey-is-a-serious-business dept.
Meshach writes "In Canada there has been a regulatory decision rendered by the CRTC ordering ISPs to provide the same speed to resellers as they do for their own customers. 'Smaller internet providers such as Teksavvy and Execulink had argued that without requirements to offer matching speeds, the big companies would put them out of business. Bell and Telus are selling internet connections of up to 25 and 15 megabits per second respectively over newer fibre-based networks, but smaller providers can typically offer speeds of no more than five megabits per second over older copper-based infrastructure. After holding a public hearing earlier this year, the CRTC now says it will allow phone companies to charge smaller providers an extra 10-per-cent mark-up to use their newer infrastructure in order to recoup the costs of their investments. The regulator also said it would require cable companies to modify their existing internet access services to make it easier for smaller, "alternative" providers to connect to them.'"
Google

Google Patches 10 Chrome Bugs, Pays Out $10K 95

Posted by timothy from the splat-splat-splat dept.
CWmike writes "Google patched 10 vulnerabilities in Chrome on Thursday, but it didn't award any of the researchers who reported bugs its new top-dollar reward. Google divulged no details of the vulnerabilities and, as is its custom, it blocked public access to its bug-tracking database — a practice meant to keep attackers from using the information before most users have upgraded. Some rivals, such as Mozilla, do the same; others, like Microsoft, do not. Sergey Glazunov banked $4,674 for reporting four bugs, including the previous maximum $1,337 each for two of the quartet. A researcher known as 'kuzzcc,' who has also reported flaws in Opera to that browser's Norwegian maker, took home $2,000 for uncovering a pair of Chrome vulnerabilities. But no one received Google's new biggest bounty, which the company set at $3,133.70 last month, after Mozilla had increased its maximum vulnerability payment to $3,000."
Censorship

German Photog Wants to Shoot Buildings Excluded From Street View 327

Posted by timothy from the irregular-shoot-'em-up dept.
crf00 writes with this report excerpted from Blogoscoped: "'Spiegel reports that German photographer and IT consultant Jens Best wants to personally take snapshots of all those (German) buildings which people asked Google Street View to remove. He then wants to add those photos to Picasa, including GPS coordinates, and in turn re-connect them with Google Maps. Jens believes that for the internet 'we must apply the same rules as we do in the real world. Our right to take panoramic snapshots, for instance, or to take photographs in public spaces, both base laws which determine that one may photograph those things that are visible from public streets and places.' Jens says that for his belief in the right of photographing in public places, as last resort he's even willing to go to jail. Spiegel says Jens already found over 200 people who want to help out in this project and look for removed locations in Google Street View, as there's no official list of such places published by Google."
Mozilla

New Firefox iFrame Bug Bypasses URL Protections 118

Posted by CmdrTaco from the is-nothing-safe-any-more dept.
Trailrunner7 writes "There is a newly discovered vulnerability in Mozilla's flagship Firefox browser that could enable an attacker to trick a user into providing his login credentials for a given site by using an obfuscated URL. In most cases, Firefox will display an alert when a URL has been obfuscated, but by using an iFrame, an attacker can evade this layer of protection, possibly leading to a compromise of the user's sensitive information."

Slashdot Top Deals

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (5) All right, who's the wiseguy who stuck this trigraph stuff in here?

Close