Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Businesses

Ask Slashdot: What To Do When Finding a Security Breach On Shared Hosting? 168

Posted by Soulskill from the responsible-disclosure-irresponsible-support dept.
An anonymous reader writes "A few months ago I stumbled across an interesting security hole with my webhost. I was able to access any file on the server, including those of other users. When I called the company, they immediately contacted the server team and said they would fix the problem that day. Since all you need when calling them is your username, and I was able to list out all 500 usernames on the server, this was rather a large security breach. To their credit, they did patch the server. It wasn't a perfect fix, but close enough that moving to a new web host was moved down on my list of priorities. Jump a head to this week: they experienced server issues, and I asked to be moved to a different server. Once it was done, the first thing I did was run my test script, and I was able to list out everyone's files again. The hosting company only applied the patch to old server. I'm now moving off this web host all together. However, I do fear for the thousands of customers that have no clue about this security issue. With about 10 minutes of coding, someone could search for the SQL connection string and grab the username/password required to access their hosting account. What's the best way to handle this type of situation?"

Comment Re:Wow (Score 0) 396

by cdp0 (#41600119) Attached to: Curiosity Spies Unidentified, Metallic Object On Mars

Sooner or later, even if we find primitive life, we should start thinking about what can be done with the planet, even if it takes 1000 years to get something to live there.

Let's first decide what we do with this planet for the next 100 (one hundred) years. So far we seem to be incapable of doing that.
Security

GoDaddy Goes Down, Anonymous Claims Responsibility 483

Posted by samzenpus from the protect-ya-neck dept.
An anonymous reader writes "A member of the Anonymous hacktivist group appears to have taken down GoDaddy with a massive Distributed Denial of Service (DDoS). The widespread issue seems to be affecting countless websites and services around the world, although not for everyone. Godaddy.com is down, but so are some of the site's DNS servers, which means GoDaddy hosted e-mail accounts are down as well, and lots more. It's currently unclear if the servers are being unresponsive or if they are completely offline. Either way, the result is that if your DNS is hosted on GoDaddy, your site may also look as if it is down, because it cannot resolve."

Comment Re:N9 or N900 -- full *nix (Score 2) 197

by cdp0 (#40734327) Attached to: Ask Slashdot: Scripting-Friendly Smartphones?

You can use FingerTerm on Nokia N9, like I do. It isn't as good as a HW full keyboard, but it's the next best thing. Even more, it is also opensource.

Aegis security system is a bit more limiting than I would like it to be, but you can easily bypass the limitations with inception (for the moment the site seems to be down, so just use your favorite search engine to get some info). With inception you don't even need a computer, everything is done on the phone afaik. Haven't yet tried it myself, because so far I am fully satisfied with the official "developer mode" which can be easily activated from settings menu.

One extra feature for N9 is the community backing it up. You can join IRC freenode network and join #harmattan channel for instance and get help in matters related to SW development.

An alternative would be to try to find a Nokia N950, but as I recall although it has a full hw keyboard, it has some drawbacks compared to N9.

Finally I must also add that as far as I can tell you can't get a better user experience than with N9 UI. It's simply amazing. I hope Jolla will be able to provide it in their future phones.

Comment Re:I've had mine for about 3 weeks. (Score 1) 107

by cdp0 (#40383931) Attached to: Samsung Galaxy S III Launched, Hands-On Testing

I specifically like the motion based silence mode, if I see a call I don't like, just upturn the phone face down, put it on the desk - silenced, love that.

My Nokia N9 has that. It works for calls and alarms of any kind (clock, calendar).

Only "con" I know of is that there's some issues installing swype to it but that can be gotten around.

Nokia N9 has Swype by default and it works extremely well. Although I thought I would never use it, now I use it for everything.
Firefox

Microsoft Blocks 3d-Party Browsers In Windows RT, Says Mozilla Counsel 329

Posted by timothy from the embrace-extend-extinguish dept.
nk497 writes "Mozilla has accused Microsoft of trying to go back to the 'digital dark ages' by limiting rival browsers in the ARM version of Windows 8. Third-party browsers won't work in the desktop mode, and Metro style browsers will be limited in what APIs they can use, said Mozilla general counsel Harvey Anderson, forcing users to move to IE instead. Mozilla said it was the first step toward a new platform lock-in that 'restricts user choice, reduces competition and chills innovation,' and pointed out that such browser control was exactly what upset EU and U.S. regulators about IE in the first place. Anderson called on Microsoft to 'reject the temptation to pursue a closed path,' adding 'the world doesn't need another closed proprietary environment.'"
Microsoft

Microsoft Forges Ahead With New Home-Automation OS 196

Posted by samzenpus from the home-of-tomorrow dept.
suraj.sun writes "More than a decade ago, Microsoft execs, led by Chairman Bill Gates, were touting a future where .Net coffee pots, bulletin boards, and refrigerator magnets would be part of homes where smart devices would communicate and inter-operate. Microsoft hasn't given up on that dream. In 2010, Microsoft researchers published a white paper about their work on a HomeOS and a HomeStore — early concepts around a Microsoft Research-developed home-automation system. Those concepts have morphed into prototypes since then, based on a white paper, 'An Operating System for the Home,' (PDF) published this month on the Microsoft Research site. The core of HomeOS is described in the white paper as a kernel that is agnostic to the devices to which it provides access, allowing easy incorporation of new devices and applications. The HomeOS itself 'runs on a dedicated computer in the home (e.g., the gateway) and does not require any modifications to commodity devices,' the paper added. Microsoft has been testing HomeOS in 12 real homes over the past four to eight months, according to the latest updates. As is true with all Microsoft Research projects, there's no guarantee when and if HomeOS will be commercialized, or even be 'adopted' by a Microsoft product group."
Lord of the Rings

Hobbit Film Underwhelms At 48 Frames Per Second 607

Posted by Soulskill from the change-is-scary dept.
bonch writes "Warner Bros. aired ten minutes of footage from The Hobbit at CinemaCon, and reactions have been mixed. The problem? Peter Jackson is filming the movie at 48 frames per second, twice the industry standard 24 frames per second, lending the film a '70s era BBC-video look.' However, if the negative response from film bloggers and theater owners is any indication, the way most people will see the movie is in standard 24fps."

Slashdot Top Deals

He has not acquired a fortune; the fortune has acquired him. -- Bion

Close