Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Comment OK, so here's what this exploit is. (Score 1) 179

by Rob from RPI (#32934542) Attached to: Millions of Home Routers Are Hackable

And it's not really an Exploit, either.

1: It's javascript that tries to guess what your modems IP address is. If it's possible for javascript to find out what your IP Address is, it becomes trivial, and it it's possible for javascript to find out what your default route is, then it's solved.

2: It then tries to get into your router. I would assume there would be another js library that it would load, that could be easily kept up to date, containing fingerprints of modems so it can figure out what it is, and try the default (root/password, admin/admin, etc)

3: It then updates the DNS servers in the modem to NOT use the ISP assigned ones, but nasty ones. As your PC queries the modem (99% of the time, unless you've manually changed your DNS servers) for DNS results, if the DNS relay in the modem is pointing to the wrong root, then you'll get crap answers.

I realise they say that using OpenDNS wouldn't avoid this, but I think that's known, technically, as bullshit.
Linux

Submission + - Linux 2.6.34 released

Submitted by diegocg
diegocg writes: Linux 2.6.34 has been released. This version adds two new filesystem, the distributed filesystem Ceph and LogFS, a filesystem for flash devices. Other features are a driver for almost-native KVM network performance, the VMware ballon driver, the "kprobes jump" optimization for dynamic probes, new perf features (the "perf lock" tool, cross-platform analysis support), several Btrfs improvements, RCU lockdep, Generalized TTL Security Mechanism (RFC 5082) and private VLAN proxy arp (RFC 3069) support, asynchronous suspend/resume, several new drivers and many other small improvements. See the full changelog here.
Politics

Submission + - Pentagon Hacker Demands Government Payback (thinq.co.uk)

Submitted by Stoobalou
Stoobalou writes: Pentagon hacker, Gary McKinnon has called on the newly-elected British government to put its money where its mouth is and tear up his extradition order.

US prosecutors have been trying to get McKinnon before a New Jersey court for seven years after they caught him hacking into US military and NASA computers for evidence of UFOs.

David Cameron, the newly elected Prime Minister, and Nick Clegg, the Deputy Prime Minister, had both voiced their support for McKinnon's campaign against extradition. Other ministers in the coalition government had branded the extradition unjust. Clegg had even joined McKinnon's mother, Janis Sharp on a protest march.

Comment It's done this before.. (Score 4, Funny) 440

by Rob from RPI (#25714379) Attached to: AVG Virus Scanner Removes Critical Windows File

I've been using AVG at customers sites since version 6.. It has, over the years, deleted entire outlook pst's, repeatedly uninstalled VNC servers and radmin, and generally been grumpy for the slightest reason.

I am a sucker for punishment, because I still keep using it. It's just as good as the rest, it's half the price, and noticably faster than all the others I've tried.

I think that, however, the entire concept of antivirus is going to have to fail, and we'll need a whitelist, rather than a blacklist.

There has been quite a bit of discussion about this over the years, and it's going to come true.

Oh. And as an added bonus, Slashdot is screwing up my display. When I load the page, I get the comments page, and then it clears and I get a spammy IBM flash ad of some sort. Serves me right for not installing ABP after a reinstall.

--Rob
Operating Systems

Submission + - Create virtual machine image of OS on hard disk 1

Submitted by skristir
skristir writes: I have a couple of old clunker boxes on which I run Windows NT and Windows XP. They are around because I have s/w and data on them that I still need. Having upgraded to a reasonably powerful Linux (Ubuntu) machine, I was hoping that I could create virtual machine images from the hard disk and then de-commission the old hardware. I do have the original install disks, but I am not interested in re-installing all the s/w on a virtual machine. What would be the point of that?! Can anyone suggest how one would go about converting existing s/w on a hard disk into a virtual machine image? I looked at Xen and Virtual Box but not enough information is available. VMWare wants my money but I still don't know if it can do what I want....
Education

Submission + - Call To Halt Donations To Stop Wikipedia Deletions 4

Submitted by
ObsessiveMathsFreak
ObsessiveMathsFreak writes: "Howard Tayler, the webcomic artist of Schlock Mercenary fame, is calling on people not to donate money during the latest Wikimedia Foundation fund-raiser, in protest at the "notability purges" taking place throughout Wikipedia, where articles are being removed en-masse by what many see as overzealous admins. The webcomic community in particular has long felt slighted by the application of Wikipedia's contentious Notability policy. Wikinews reporters have recently begun investigating this issue, but are the admins listening? Is Deletionism becoming a dominant ethos on Wikipedia? Are the right people holding the reigns?"
Software

Submission + - The green cure to the internet cafe blues (userful.com)

Submitted by
Cathie Walker
Cathie Walker writes: "Hotels, cafes and other high-traffic areas need a hassle-free way of providing internet access. Kiosks.Userful.com is now giving away the software, supplies & support to set up & run turnkey self-service internet cafes. A pod of 10 environmentally responsible internet stations running off a single PC in use just 90 minutes a day could make $25,000 per year. Userful's revolutionary software, DiscoverStation is quickly becoming the standard for green computing worldwide. DiscoverStation leverages the unused computing power of modern PCs to create an environmentally efficient computing option. Attaching up to 10 monitors, mice and keyboards to a single computer reduces CO2 emissions by up to 15 tons per year per system and reduces electronic waste by up to 80%. Userful recently stated that in the last year their software has saved over 13,250 tons of CO2 emissions, the equivalent of taking 2,300 cars off the road."
Caldera

Submission + - Via Groklaw Court Rules: Novell owns the UNIX (groklaw.net)

Submitted by
RobertLTux
RobertLTux writes: "Quoth PJ
"Court Rules: Novell owns the UNIX and UnixWare copyrights! Novell has right to waive!
  Dated: Friday, August 10 2007 @ 04:52 PM EDT
Hot off the presses: Judge Dale Kimball has issued a 102-page ruling [PDF] on the numerous summary judgment motions in SCO v. Novell. Here is what matters most:

        [T]he court concludes that Novell is the owner of the UNIX and UnixWare Copyrights.

That's Aaaaall, Folks! The court also ruled that "SCO is obligated to recognize Novell's waiver of SCO's claims against IBM and Sequent". That's the ball game. There are a couple of loose ends, but the big picture is, SCO lost. Oh, and it owes Novell a lot of money from the Microsoft and Sun licenses. "

anybody got a good recording of TAPS?"
Operating Systems

Submission + - Judge Kimball rules; Novell owns Unix copyrights (groklaw.net)

Submitted by
Eggplant62
Eggplant62 writes: "In his most damaging ruling yet, Judge Kimball today released his ruling in the SCO v. Novell case, saying that it is his belief that after examining the all the documentation and motion practice and after the hearings earlier this year on various summary judgment motions, the jist is: "[T]he court concludes that Novell is the owner of the UNIX and UnixWare Copyrights." Of course, Groklaw is covering the story and broke the news just over a half hour prior to this submission.

There is also a ruling in SCO v IBM on summary judgment motions but the actual rulings are yet to become available. Keep your eyes peeled."
Education

OLPC Project Rollout Begins In Uruguay 248

Posted by Zonk from the go-get-em-kids dept.
Acer500 writes "The One Laptop Per Child project became a reality Thursday in Uruguay, as the 160 children of school number 24 in the humble town of Cardal received their XO computers. The learning tools came directly from the hands of president Tabaré Vazquez. It has become a matter of national pride that Uruguay is the first country to realize the project's goal. The target is that by 2009, every school-age child in Uruguay will have one, and an initial 15 million dollars have already been allocated to the project. From the newspaper articles: 'The happiness of having a PC in their hands, some of them for the first time, had the kids in ecstasy, which didn't wait to turn on their computers, introduce their personal information (required the first time they're turned on), choose the screen colors, and start experimenting with them. What initially made them more enthusiastic was the possibility of taking photographs and filming each others with the included webcams.'" More information below.
Security

Submission + - Debian remote vulnerability, 35 days & running

Submitted by
An anonymous reader writes: About a month ago, Lighttpd version 1.4.15 was officially released with two important security patches (1, 2). Debian was initially quick to pick up on this version, in fact they did so more than 35 days ago for their work-in-progress "unstable" project. But the official stable distribution of Debian is STILL vulnerable. A bug report tagged "remote root" has been left unanswered for more than a week.
Networking

Submission + - the mistery of "DNS server registration"

Submitted by
Anonymous Coward
Anonymous Coward writes: "I have recently been burned by the mystical (at least to me) "DNS server registration". I changed the DNS server for a domain I own to new ones. After the update period passed I was horrified to see that only one of the two new servers has been accepted and my domain left in an "INACTIVE" state. After conversations with the support team they told me the second DNS server FQDN I have entered is "not a registered DNS server" and thus was "not accepted by the system". Despite of it being a completely valid and resolvable FQDN, on which there is a server running BIND authoritative for the domain.

They couldn't give any details about what is this thing, except for "DNS servers need to be registered, just as domain names".

My research wasn't very fruitful too, so you are my only hope!

I still can't accept that there is such a thing and there is not single easy to find clear document explaining it. All I could find was this http://www.hps.com/howtodns.html and some links to "Register a DNS server" at sites of registrars like Enom and network solutions accesible to resellers only.

Who is responsible for "registering DNS servers" — the registries or the registrars? What happens if the FQDN of the DNS server is in one TLD and the domain I'm trying to use it for is in another from a different registry/registrar? How do I as a domain owner "register a DNS server"? Where is this info stored — in DNS, in whois database, else? How can I check if an FQDN is already a "registered DNS server"? How do I unregister a DNS server? Can one IP be registered under multiple domains? What is the point of life, universe and everything?!

Please HELP!"

Slashdot Top Deals

"Protozoa are small, and bacteria are small, but viruses are smaller than the both put together."

Close