mr_mischief - Slashdot User

Submission + - Another Google cross-domain vulnerability fixed (theregister.co.uk)

Submitted by mr_mischief on Friday September 28, 2007 @12:52PM

mr_mischief writes: The Register reports that a vulnerability allowed exploiting Google Docs to access information stored in users' GMail accounts. The bug is said to be fixed now. It was possible using proof-of-concept code to grab Gmail contact lists as witnessed by the reporters. The developer of the PoC says he could just as easily grab actual email messages or other user data on Google's servers until the hole was closed.

Submission + - CNet reporter calls for Microsoft to abandon Vista (news.com)

Submitted by mr_mischief on Thursday September 27, 2007 @12:00PM

mr_mischief writes: As it's hard to miss the stories lately, all of us on /. are likely to know people are underwhelmed with Windows Vista. Well, Don Reisinger over at CNet's News.com is not quite just underwhelmed. He suggests that Vista may be the downfall of Microsoft because the company has really just missed the mark with the operating system. Despite years in development, Reisinger says Vista was delivered to market too early. He also says it's overpriced and plain doesn't work well enough for its users, among other complaints. His suggestion? Support those who are running it, but ditch Vista and move on.

Submission + - $199 Linux laptop (hothardware.com)

Submitted by

mr_mischief

on Monday July 30, 2007 @02:44PM

mr_mischief writes: "According to Hot Hardware's recent review, Asus is getting ready to unleash a $199 compact notbook running Linux. This is entirely different from this recent $150 Linux laptop story which many Slashdot readers believ to be a scam.

There's a dual-mode menu which offers a simple system for novice computer users, and a slightly more advanced version for others. It's not aimed squarely at the same market as the One Laptop Per Child project's XO, and is expected to be sold to end suers worldwide. It's targeted at new users who don't own a computer or at people who want a cheap, small laptop for basic tasks.

The reviewed version has a 7" screen and a cramped keyboard to match, but a 10" version is available for $100 more. It offers built-in wired and wireless networking,four USB 2.0 ports, and a three-hour battery life. The storage options are a bit cramped, as you only get 4 GB of onboard storage (8 GB on the $299 model) and no optical drive. As the review says, though, USB 2.0 can make up for that if you like, and the lack of moving drive parts makes the machine run dead quiet."

Submission + - Firefox 2.0 update -- get yours now

Submitted by mr_mischief on Wednesday December 20, 2006 @10:59AM

mr_mischief writes: Got Firefox? Get it updated!

The Mozilla Foundation has released an important security update for Firefox 2.0 which fixes eight vulnerabilities (five of them rated critical) among other things.

Patches are also available for Firefox 1.5.0.x and Thunderbird 1.5.0.x as well.

See Secunia's advisory to find out more about security issues with memory corruption in the JavaScript and layout engines, a heap-based buffer overflow handling Windows bitmaps, a couple of arbitrary HTML/script vulnerabilities and what appear to be a couple of arbitrary native code vulnerabilities.

Submission + - Cicrumcision provides some protection against HIV

Submitted by mr_mischief on Wednesday December 13, 2006 @07:53PM

mr_mischief writes: It turns out that circumcision, which some berate as a cruel and primitive practice while others say helps in cleanliness and disease control, may actually have a significant impact on the spread of certain diseases. In particular, the BBC is reporting a US National Institutes of Health study in whichthe practice cut HIV transmission rates from women to heterosexual men by about 50%.

While doctors understandably don't want to promote promiscuous sex and 50% is still too strong a chance of transmitting such a serious disease, the recommendation is that circumcision be part of a plan to combat the disease.

Although every disease is different, I wonder if it's clear enough to people that if one disease is slowed by this practice that it probably has some effect in slowing some other diseases as well.

Submission + - This robot designed for Microsoft Windows

Submitted by mr_mischief on Wednesday December 13, 2006 @04:13PM

mr_mischief writes: EETimes reports Microsoft is working on standardizing a robotics platform and development for it. They want to make it easier to develop robots, starting with the IDE and development environment and continuing through specifying acceptable hardware, just like for PCs and Windows CE devices.

What's next, the MS directives of robotic behavior, including "Do not allow Microsoft to be harmed through your actions or inactions", and "Do not play music, movies, or games that are not from cartel-approved suppliers?"

Submission + - Serious bug in unneeded feature:what's the point?

Submitted by mr_mischief on Wednesday September 27, 2006 @10:17AM

mr_mischief writes: Microsoft has a bulletin about a vulnerability for something called Vector Markup Language. Security Focus has one too.

Vector Markup Language was a proposed web standard that was passed on by the standards bodies and which was both subsumed and superseded by Scalable Vector Graphics.

Despite VML being passed over and another alternative being made a standard, Microsoft implemented it anyway. In the implementation there is a security problem that MS says can allow an attacker total control of a target system.

If it's nonstandard, duplicating functionality offered by a standard, and they can't be bothered to do it right the first time, perhaps they shouldn't preinstall it on millions of computers around the world. How could Microsoft actually get enough of an edge from undercutting a fairly widely implemented standard with a dangerous implementation that it is financially worthwhile for them? Wouldn't be better for them in the long run to just implement the standard, or is there some huge installed base of VML somewhere that I'm just missing?

Slashdot Top Deals