Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×
Software

Keeping Passwords Embedded In Code Secure? 130

Posted by Cliff from the execute-only dept.
JPyObjC Dude asks: "When designing any system that requires automated privileged access to databases or services, developers often rely on hard coding (embedding) passwords within the source code. This is obviously a bad practice as the password is then made available to anybody who has access to the source code (eg. software source control). Putting the passwords in configuration files is another practice, but it is still quite insecure as cracking hashed passwords from a text file is a trivial exercise. What do you do to manage your application passwords so that your system can run completely automated and yet make it difficult for hackers to get their hands on this precious information?"
Spam

Submission + - Setting Up a Distributed Email Server

Submitted by
An anonymous reader writes: My boss has recently asked me to find out about creating a distributed email distribution system to distribute marketing materials globally. We intend to send about 300 million emails every day. Obviously, we're going to need a lot of bandwidth. But my worry is that our IP addresses are going to get black listed by SPAMHaus and the like very quickly.

The current proposal includes using a dozen servers powered by AMD processors, with one of them acting as an "email pool" from which the others request a new batch of addresses. They will all be running Debian GNU/Linux. The tricky part is the networking — ideally we'd want to use something like Tor. As it stands, the plan is to use multiple T3's, but again, we're worried about our static IPs getting black listed.

Have any of you set up a distributed email distribution system before? How much hardware did you throw at the problem? How did you circumvent blacklisting? Any suggestions would be greatly appreciated!
NASA

Submission + - NASA Needs Fake Moon Dust

Submitted by
crisco
crisco writes: "NASA's renewed interest in lunar exploration and "in situ resource utilization," or ISRU, is driving the need for tons of carefully faked lunar dust and sand for testing purposes:
"We don't have enough real moondust to go around," says Larry Taylor, director of Planetary Geosciences Institute at the University of Tennessee in Knoxville. To run all the tests, "we need to make a well-qualified lunar simulant." And not just a few bags will do. "We need tons of it, mainly for working on technologies for diggers and wheels and machinery on the surface," adds David S. McKay, chief scientist for astrobiology at the Johnson Space Center (JSC).
"
Space

Submission + - iPod Generation Indifferent to Space Exploration

Submitted by Anonymous Coward
An anonymous reader writes: CNN tells us that today's young adults are no longer excited at the possibility of space exploration: "The 2004 and 2006 surveys by Dittmar Associates Inc. revealed high levels of indifference among 18- to 25-year-olds toward manned trips to the moon and Mars." As a result, NASA's budget will include a greater amount of public relations spending. We'll have to wait for Netcraft to confirm that NASA is dying.
The Internet

Submission + - Taiwan Earthquake Disrupts Virtual Currency Market

Submitted by
miller60
miller60 writes: "Telecommunications outages from Tuesday's earthquake in near Taiwan have disrupted the market for virtual currency from MMORPGs, with market leader IGE and other major online sellers reporting inventory and delivery problems. The market for the real money trading of game assets is highly dependent upon suppliers operating "gold farms" in China and other Asian countries. With Internet access from Asia limited, these suppliers are apparently having trouble logging into games to make deliveries of gold and accounts. Online markets for the sale of game assets have grown in recent years, despite heated debates about the practice among gamers."
Programming

Submission + - The NSFW HTML Attribute

Submitted by
phaln
phaln writes: "Over at The Frosty Mug Revolution, PJ Doland makes a compelling case for a new HTML attribute in the spirit of the highly-regarded 'nofollow' attribute promoted by Google — the NSFW attribute (rel="nsfw")."
Biotech

Submission + - Vaccine for flu to be tested on humans

Submitted by Adam9
Adam9 writes: British scientists are on the verge of producing a revolutionary flu vaccine that works against all major types of the disease. Described as the 'holy grail' of flu vaccines, it would protect against all strains of influenza A — the virus behind both bird flu and the nastiest outbreaks of winter flu. Just a couple of injections could give long-lasting immunity — unlike the current vaccine which has to be given every year.
Programming

Journal Journal: [programming] Is Hibernate Worth It? 7

Journal by dthable

I've got into a little debate/argument with a former boss over how to code up a new Java web application. I suggested looking into Hibernate (which I know very little about) to ease up on the developers. He thought we should take control of writing the SQL because there might be too much overhead. Does Hibernate, or any relational mapping library, cause enough slow downs to resort to writing SQL? Is Hibernate really going to make my database and application that much easier to maintain?
It's funny. Laugh.

MPAA Goes After Home Entertainment Systems 402

Posted by ScuttleMonkey from the jokes-that-some-people-just-wont-get dept.
philba writes to tell us that home theaters may become the new jurisdiction of our MPAA overlords. The MPAA is lobbying to make sure that home users authorize their entertainment systems before any in-home viewings. From the article: "The MPAA defines a home theater as any home with a television larger than 29" with stereo sound and at least two comfortable chairs, couch, or futon. Anyone with a home theater would need to pay a $50 registration fee with the MPAA or face fines up to $500,000 per movie shown."

Worst Security Clean-Up You've Performed? 158

Posted by Cliff from the with-this-track-record-are-you-going-to-trust-vista dept.
nakhla writes "Last night, I was tasked (by my wife) to help fix her friend's computer. It is a Windows XP home system which has been running slowly, almost to the point of un-usability (like *that's* never happened before). It turns out that hundreds of random processes had filled up its meager 256 MB of RAM. The cause? Nearly 7,500 viruses and worms that had infected the system. That number doesn't even include the hundreds of spyware and adware programs that had installed themselves, as well. Although the box is now behind a firewall, that wasn't always the case. This was, by far, the most infected system I'd ever seen, but I'm sure it can't be the worst ever. What was the worst security cleanup you ever had to perform?"

Slashdot Top Deals

"Here's something to think about: How come you never see a headline like `Psychic Wins Lottery.'" -- Comedian Jay Leno

Close