Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security

SCADA Vulnerabilities In Prisons Could Open Cell Doors 134

Posted by timothy from the prison-break-meets-wargames dept.
Orome1 writes "Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publicly available exploits along with evaluating vulnerabilities in electronic and physical security designs, researchers discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to 'open' or 'locked closed' on cell doors and gates."
Hardware Hacking

Hello World On PS Vita, Thanks to Buffer Overflow 123

Posted by timothy from the in-the-palm-of-your-hand dept.
YokimaSun writes "Mamosuke, a PSP Homebrewer from Japan, has posted the first Hello World on the PS Vita which comes from the PSP Emulator in the console. Using a buffer overflow, he has found a way into the PSVita, and with many PSP Game exploits still around and not published for the whole homebrew and hacking community this means that in the short term homebrew is here on the PSvita. Lets hope this is the start of a true PSVita homebrew scene."
Security

Submission + - Lost UAV or Trojan Horse? (thesecuritydialogue.org)

Submitted by scrivenlking
scrivenlking writes: I'm sure you've read all the hoopla about the Iranians capturing a U.S. spy drone. The news media has asked just about every intelligence "expert" they have on their rosters. Most have taken the bait and sensationalized the story almost beyond belief. The other day I heard someone call it a "massive intelligence failure". Others have claimed the Iranians will reverse engineer this aircraft (actually the Iranians said this) and use its "stealth" technology. Some have even lauded the "success" of Iran's first unmanned bombing drone also supposedly equipped with "stealth" technology. You would think these guys were Romulans.

Here's a link to my theory of the most plausible explanation:

http://blog.thesecuritydialogue.org/2011/12/lost-uav-or-trojan-horse.html
Idle

Submission + - Facebook Is Suing 'Mark Zuckerberg'

Submitted by Anonymous Coward
An anonymous reader writes: This has to be the funniest Facebook name story in a while. Facebook disabled the account of Israeli entrepreneur Rotem Guez because he runs a business called the Like Store, where he sold Likes to advertisers. Guez countered by suing Facebook for deleting his accounts on the social network. Facebook countered with its own cease and desist letter. Guez didn't respond to Facebook's demands. Instead, he legally changed his name to Mark Zuckerberg. "If you want to sue me, you’re going to have to sue Mark Zuckerberg," Guez reportedly told Facebook. Talk about a publicity stunt.
Security

Was Russia Behind Stuxnet? 281

Posted by Soulskill from the from-russia-with-root dept.
An anonymous reader writes "Despite the U.S. and Israel being widely assumed to be responsible for Stuxnet, Russia is the more likely culprit, says U.S. Air Force cyber analyst. The nuclear gangsterism of the past 20 years gives it plenty of motive. Quoting: 'So what better way to maintain Russian interests, and innocence, than to plant a worm with digital U.S.-Israeli fingerprints? After all, Russian scientists and engineers are familiar with the cascading centrifuges whose numbers and configuration – and Siemen’s SCADA PLC controller schematics – they have full access to by virtue of designing the plants. ... the observers of the virus could alert the Iranians before full nuclear catastrophe struck. The Belarusian computer security experts who 'discovered' the code seemingly played that role well. They didn't seem too preoccupied with reverse engineering the malicious code to see what it was designed to do.'"
Blackberry

PlayBook Jailbreak Tool Released 60

Posted by timothy from the hacksaw-is-in-the-cake dept.
Trailrunner7 notes that some dedicated hackers who've been working on jailbreaking RIM's PlayBook tablet have now "posted a detailed walkthrough of how users can accomplish the same task on their own. The technique requires the use of a custom tool, but otherwise is fairly straightforward. One of the researchers, known as Neuralic, posted the walkthrough to Pastie.org Tuesday morning. In order to begin the process, a PlayBook user need to first install the beta 2.0 version of the PlayBook software and then install the Dingleberry tool, which exploits a weakness in the PlayBook architecture which stems from the fact that the backups the device takes aren't signed."
NASA

3D Video of Asteroid Vesta 26

Posted by timothy from the why-there-is-the-internet dept.
TheNextCorner writes "Glide over the giant asteroid Vesta with NASA's Dawn spacecraft in a new 3-D video. Dawn has been orbiting Vesta since July 15, obtaining high-resolution images of its bumpy, cratered surface and making other scientific measurements." You'll need some red/green or red/blue glasses for the 3D effect.
Blackberry

RIM PlayBook Tablet Jailbroken 63

Posted by timothy from the hardware-wants-to-be-free dept.
Trailrunner7 writes "A group of researchers is claiming that they've found a root exploit that enables them to jailbreak the BlackBerry PlayBook tablet made by Research In Motion. In a video demonstration of the jailbreak, one of the researchers shows off the ability to change the settings on a PlayBook and says that he also has the ability to install the Android Market app on the tablet."
Graphics

A 3D Display You Can Touch 63

Posted by Unknown Lamer from the lasers-through-the-looking-glass dept.
mikejuk writes "Are we getting closer to really effective volumetric 3D display technology? A new display, designed in Russia, uses cold fog and a laser projector to create a volumetric 3D image that you can touch. A tracking device (no, it's not a Kinect) is used to detect the user's hand and moves the virtual objects in response. There have been cold fog 3D displays before, but this one has a reasonable resolution and looks near to being a finished product that could be on sale soon. Estimated price? Between $4000 and $30,000."
Android

CyanogenMod 9 Working On the Nexus S 218

Posted by Unknown Lamer from the is-it-better-than-android-1.6 dept.
MrSeb writes with an article in Extreme Tech about progress toward getting an AOSP build working on the Nexus S. From the article: "Over the past week, ROM Manager extraordinaire Koush has been frantically working on making a working build of CyanogenMod 9 (Ice Cream Sandwich) for the Samsung Nexus S. The custom ROM, which is built purely from the Android Open Source Project, has now reached 'alpha 11.' All major features are present and no significant bugs remain. It's too early to say that the build is ready for prime time or mission-critical work — the final release of CM9 is due in the new year — but it's certainly stable enough for daily use. The most significant feature, if you can call it that, is that Koush's build of ICS is really very smooth — it's as nimble as Gingerbread, if not more so. Unlike the previous, non-CM build that was released last week, this alpha build of CM9 has every feature enabled, including Google Wallet, and setting a mobile data limit. As usual, the custom ROM is pre-rooted, has ROM Manager installed, and absolutely no bloatware. "

Comment Re:What about metamods? (Score 1) 21

by vroom (#38153148) Attached to: Comments & Moderation Improvements Under Way
That is one of the things further down my list to revisit and reconsider. Your complaints are definitely not alone and it was something that was mentioned on the survey several times.

I'm not 100% sure what our decision will be but it's a problem I was considering before delving into reader comments much, and it's certainly something that's been voiced by many community members too. There's certainly improvements which could be made, and one of those on the table is going back to the old way of doing things.

We have some things we intend to fix or improve on the core comment navigation experience first, but we should eventually get to giving metamod some attention.
User Journal

Journal Journal: Comments & Moderation Improvements Under Way 21

Journal by vroom
While reading through your responses to the reader survey from a couple months ago a couple things were clear. You both love & hate comments. You love the insightfulness of our readers, you hate trolls, and there are a number of things currently getting in the way from you being able to navigate through discussions as easily as you might like to.

Load All Comments

Security

SCADA Hacker: Water District Used 3-Character Password 213

Posted by samzenpus from the abc-easy-as-123 dept.
Trailrunner7 writes "In an e-mail interview with Threatpost, a hacker who compromised software used to manage water infrastructure for South Houston, Texas, said the district had HMI (human machine interface) software used to manage water and sewage infrastructure accessible to the Internet and used a password that was just three characters long. The hacker, using the handle 'pr0f' took credit for a remote compromise of supervisory control and data acquisition (SCADA) systems. Communicating from an e-mail address tied to a Romanian domain, the hacker told Threatpost that he discovered the vulnerable system using a scanner that looks for the online fingerprints of SCADA systems. 'This was barely a hack. A child who knows how the HMI that comes with Simatic works could have accomplished this,' he wrote in an e-mail."

Slashdot Top Deals

UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things. -- Doug Gwyn

Close