tomalpha - Slashdot User

Comment Has been being researched for a while (Score 2, Interesting) 61

by tomalpha on Saturday June 06, 2009 @07:12AM (#28231629) Attached to: New Display Keeps an Eye On the Viewer

I remember doing work experience at Philips Research Labs back in the mid nineties and they were working on a similar concept back then - a monitor that doubled as a flatbed scanner. It was based on an lcd monitor, with small gaps between pixels to allow light to pass through to the scanner at the back. The big challenges were getting the focal depth right, and avoiding refraction(?) patterns after the light had passed through the screen portion.

They seemed to have gotten roung that problem by placing the photoreceptors and lcd pixels at the same level. Can't wait to see a monitor sized one.

Comment Getting rid of Windows (Score 4, Insightful) 152

by tomalpha on Tuesday March 10, 2009 @04:16AM (#27131745) Attached to: DirectX 10 Coming To Linux and Mac

The only reason I still have a Windows PC at home is for gaming. DirectX 10 support is a step closer to me being able to get rid of it. Can't come soon enough, and I'm happy to pay for it if that's what it takes.

Submission + - Age of Steam (edge-online.com)

Submitted by

Ant

on Monday March 09, 2009 @09:31PM

Ant writes: "Blue's News share a six pages Edge Online article titled "The Age of Steam" about Steam's history: "The name could hardly be more appropriate. Just as railroads swept the United States/U.S., leaving in their wake a west that was significantly less wild, so has Valve's Steam client spread across the personal computer/PC, centralising, simplifying and consolidating. What started as a way of administering updates has become a delivery platform so powerful that it has threatened to render even the big publishers' alternatives obsolete, an online community so well-supported that it sets standards even for those found on consoles, and a no-fiddling environment that allows your games, settings and saves to follow you from one PC to the next every time you log in. Looking back, such success seems inevitable, but in reality Steam was far from an obvious idea. Creator Valve was a developer, not a publisher or distributor, and the service's opening months were marred by bottlenecks and a frustrating online registration experiment. More interesting than the triumph, then, is the journey: what has made Steam such a powerful platform? Which forces shape its evolution? And how can it rewire not just the PC market, but the way that games themselves are developed? ...""

Terry Pratchett Knighted 366

Posted by samzenpus on Wednesday December 31, 2008 @04:07AM from the sir-discworld dept.

ackthpt writes "Headlines have been popping up on Google News: 'Terry Pratchett declared himself "flabbergasted" to receive a knighthood as he led a group of writers, actors and performers honoured today.' The Discworld author and stalwart adversary of Alzheimers Disease has been a member of the Order of the British Empire (OBE) for Services to Literature since 1998. He will be entering the new year as Knight Commander. Well done and Oook, Sir Terry."

Submission + - GPS PDA for diving and underwater exploration

Submitted by Alex Davis on Monday December 18, 2006 @07:08AM

Alex Davis writes: This company in the UK are reportedly working on a new version of their PDA device that will work underwater. It will use GPS to tour divers and scuba aficionados around the world's most famous dive sights. The report appeared in a local newspaper that referred to their technical researchers doing on-site demos at this dive site. Are there any divers out there who would go in for this sort of thing?

Journal Journal: Tempur and futon mattresses [UPDATE] 7

Journal by October_30th on Monday December 18, 2006 @06:20AM

For some time I have had problems with pain in my lower back.

It is an annoying ache and stiffness that is concentrated not on the spine but on the Erector Spinae radiating towards the Obliques.

Submission + - Game Editor

Submitted by

Makslane Rodrigues

on Monday December 18, 2006 @05:52AM

Makslane Rodrigues writes: "Game Editor is the game design application that gives every user the power to create the games of their dreams. You can create shoot'Em up, side scroller, platform, fighting, arcade, jump and run, puzzle, board, and role playing games. Power users can use the program's Global Code Editor to program advanced actions. The powerful scripting language lets you extend Game Editor's functionality to support unusual and custom game rules. With Game Editor you can create games for Windows , Pocket PC / Windows Mobile, Handheld PC, Windows Mobile-based Smartphones, GP2X and Linux! More info at: http://game-editor.com/ — - —"

Submission + - 20 experts comment Vista's security

Submitted by on Monday December 18, 2006 @05:34AM

An anonymous reader writes: SecurityFocus published a survey about Vista security. They collected opinions from 9 anti-virus vendors, and from 11 security companies and experts. The answers are quite surprising as they are far different, and based on different points of view. But, in the end, let me use the words of Marc Maiffret (eEye Digital Security's CTO): "if you are already an owner of a PC that has XP with SP2, there really aren't many compelling reasons to rush out and buy Vista, as it is not so much more secure that a consumer should shell out even more money for Vista. Add in a non-security perspective, and Vista is lacking in any real new features that makes it compelling to spend money on it." Redmond, we have a problem...

Submission + - Athlete Passes Gender Test, Then Fails

Submitted by Anonymous Coward on Monday December 18, 2006 @02:30AM

An anonymous reader writes: http://news.bbc.co.uk/2/hi/south_asia/6188775.stm I'm not sure what this test actually tests. If it really tests gender, it should be fairly obvious why someone would fail it. If it tests estrogen or something, it should be called the 'Estrogen or Something Test'.

Submission + - Smash Your PC!

Submitted by

comet-boy

on Monday December 18, 2006 @02:00AM

comet-boy writes: "http://www.slashgear.com/realistic-monitor-rage-wi th-screensmasher-stress-reliever-142968.php http://www.gearlog.com/2006/12/smash_your_pc.php Clever idea — saw this reviewed on slashgear and gearlog. Thought it would be good for slashdot. It's a Windows product that *relieves* stress when you use it (!) It's a foam axe with a shock sensor that plugs into your USB. Bash your monitor with the foam axe and this thing simulates the breaking of your monitor with realistic enough graphics and sound effects to make it quite viscerally satisfying. I used it and it is actually pretty fun. (When's the last time a Windows product was viscerally satisfying to use?)"

Submission + - Microsoft formally unveils robotics software

Submitted by

futuresheet

on Wednesday December 13, 2006 @08:18AM

futuresheet writes: "Microsoft formally unveiled its robotics software today http://seattletimes.nwsource.com/html/businesstech nology/2003474692_msftrobots130.html The software could spur new innovations in the field. Here's an excerpt: "The software, free for hobbyists, students and others pursuing robotics for non-commercial purposes, also has a host of tutorials, robot models and technology services for use by even programming novices." Microsoft says it has already logged more than 100,000 downloads of the free preview."

Submission + - One Year in World of Warcraft

Submitted by Captain Kirk on Wednesday December 13, 2006 @08:07AM

Captain Kirk writes: I've been playing WoW for just over a year now. Its my second MMO. I had been playing Star Wars Galaxies for about 18 months when I made the decision to switch.
Why switch? Why abandon a toon that had 7 million credits in the bank, Master Swordsman and Master Doctor and well on the way to becoming a Jedi?
One word answer: Sony.
Slightly longer version: The Swordsman and Doctor professions were both taken out of the game. Completely removed. As was the Jedi system. Sony had decided that the game had too much lore, was too complex and that making it simple would be great. Unfortunately, they didn't have time to test the changes before imposing them so suddenly I had a character that could not move, had no combat skills, and was called "SomethingDialog_07" This was no fun at all so I tried World of Warcraft.
WoW was amazing. My first toon was a Tauren. As I ran about the lush green hills of Mulgore, I found myself tapping the Space bar just for the fun of watching my little bull jump. The quests are no different from any other MMO. Find 10 mobs, kill them and report back for a reward. But the implementation is complete, they are challenging and the rewards are fun.
Now I've a level 60 toon, an Orc Shaman, and I am bored so no longer play except to test my http://www.craftgold.com/ program. I'm hoping the Burning Crusade catches my imagination. I've been into online games since Quake 1 and it's a bit sad not having one I am interested in.

Who Owns Deployments - Dev or IT? 152

Posted by Cliff on Wednesday December 13, 2006 @07:45AM from the custody-battles-are-always-nasty dept.

txpenguin asks: "I am IT manager for a small software company. We host several generations of our applications in a fairly complex environment. Our systems are very much inter-dependent (clustering, replication, heavily loaded, and so forth), and bad changes tend to have a domino effect. Additionally, it seems that there are always those who need to be 'in the loop', but aren't aware of changes which affect them. There is a constant battle between IT and Development regarding who should handle the deployment of new code releases and database schema changes to production systems. Dev doesn't understand the systems, and IT does not know the code well. How do you handle this at your company? What protocols seem to work best? Can there be a middle ground?"

Submission + - Linux pre-installed on PS3

Submitted by SomeGuy on Wednesday December 13, 2006 @07:39AM

SomeGuy writes: PS3s can now be ordered with Yellow Dog Linux pre-installed.

From the press release: "More than a gamebox, the PLAYSTATION®3 with the multi-core Cell microprocessor was designed by Sony Computer Entertainment to function as a personal computer. Yellow Dog Linux offers this functionality with greater than 2000 applications, everything needed for a personal computer, Cell workstation, or light-duty cluster node."

If this won't destroy xbox live, what will?

Submission + - Google's Orkut Multiple XSS Vulnerabilities

Submitted by

Rajesh Sethumadhavan

on Wednesday December 13, 2006 @07:21AM

Rajesh Sethumadhavan writes: "Google's Orkut Multiple Vulnerabilities

################################################## ###################

XDisclose Advisory : XD100097, XD100098, XD100092
Vulnerability Discovered: November 30th 2006
Advisory Released : December 8th 2006
Credit : Rajesh Sethumadhavan

Class : Information Disclosure
Severity : Highly Critical
Solution Status : Unpatched/Reported
Vendor : Google Inc
Vendor Website : http://www.orkut.com/
Affected applications : Orkut Services
Affected Platform : All

################################################## ###################

Overview:
Orkut is an Internet social network service run by Google with more than 37 million total members and nearly 1.3 million daily visitors. It claims to be designed to help users meet new friends and maintain existing relationships with pictures and messages, and establish new ones by reaching out to people you've never met before.

1) Orkut Email Address Disclosure Vulnerability

Orkut service is vulnerable to email address disclosure vulnerabilities. Due to this It is possible to get email address of any users in orkut. This is caused due to improper designing of orkut portal.

Description:
A remote attacker can get the email address of anyone in the orkut as demonstrated below. The victim interaction is not required at all.

Demonstration:
Note: Demonstration leads to email address information disclosure

- Login to your orkut account
- Add any user as your friend (Person you want to get email address)
- Click 'friends' tab
- Click 'open friend requests' tab
- Click edit button the email address of the user will be displayed
as in the screenshot

Same way your can find your friends email address also

Solution:
Orkut can improve their portal design by hiding the users email address

Screenshot:
http://www.xdisclose.com/images/xdorkutemailid.jpg

Impact:
Successful exploitation allows email address disclosure.

2) Orkut Multiple Cross Site Scripting Vulnerabilities

Orkut service is vulnerable to Cross-Site Scripting and HTML Injection. This is caused due to improper validation of user-supplied inputs.

Description:
A remote attacker can craft a GET request with the XSS payload as demonstrated below. When the victim clicks on the GET request the payload will get executed which result in stealing of cookie, IP info, refer info, browser information, clipboard content, operating system info, hardware Info, modification of page or html injection, url redirection, port scanning of the network, and even phishing is possible.

1)Orkut Invite XSS:

The flaws are due to improper sanitization of inputs passed to 'continue' parameter in GET request
— - —
http://www.orkut.com/Invite.aspx?con...ument.coo kie)
— - —

Demonstration:
Note: Demonstration leads to your personal information disclosure

- Login to your orkut account
- Paste the above URL
- Click on BACK button
- Orkut Cookies will get displayed

The similar way HTML injection is also possible.

Vulnerable Code:
— - —

back
— - —

2)Orkut Next page XSS:

The flaws are due to improper sanitization of inputs passed to 'nid' parameter in GET request. This vulnerability is already fixed 2 days before
Get Request with XSS payload:
— - —
http://www.orkut.com/Scrapbook.aspx?...02785&pageS ize &na=3&nst=-2&nid=13550271097807907792-%22};%20aler t('Xdisclose');%20function%20tt(){//
— - —

Vulnerable Code:
— - —
function changePageSize(value) {
window.location="/Scrapbook.aspx?uid=3595989687719 502785&na= 1&nst=1&nid=13550271097807907792-"}; alert('Xdisclose');
function tt(){//&pageSize="+value; }
— - —

3)Orkut Group XSS:

The flaws are due to improper sanitization of inputs passed to 'show' parameter in GET request
— - —
http://www.orkut.com/Friends.aspx?sh...ocument.coo kie
— - —

Demonstration:
Note: Demonstration leads to your personal information disclosure

- Login to your orkut account
- Paste the above URL
- Click on 'delete group' & 'ok' button
- Orkut Cookies will get displayed

The similar way HTML injection is also possible.

Vulnerable Code:
— - —

— - —

Solution:
Orkut can improve their filters by disallowing certain characters like " /\?&`~!@#$%^*()[]|;:"' " in user input URL.

Screenshot:
http://www.xdisclose.com/images/xdorkutinvitexss.j pg
http://www.xdisclose.com/images/xdorkutgroupxss.jp g

Impact:
Successful exploitation allows execution of arbitrary script code in a user's browser session in context of an affected site which result in stealing of cookie(account login without password), IP info, refer info, browser information, clipboard content, operating system info, Referer info, hardware Info, modification of page or html injection (temporary webpage defacement), modification of page title, hijacking page flow, url redirection, port scanning of the victim's network, and even phishing is possible.

Impact of the vulnerability is network level.

Original Advisory:
http://www.xdisclose.com/XD100092.txt
http://www.xdisclose.com/XD100098.txt
http://www.xdisclose.com/XD100097.txt

Credits:
Rajesh Sethumadhavan has been credited with the discovery of this vulnerability

Disclaimer:
This entire document is strictly for educational, testing and demonstrating purpose only. Modification use and/or publishing this information is entirely on your own risk. The exploit code is to be used on your own orkut account. I am not liable for any direct or indirect damages caused as a result of using the information or demonstrations provided in any part of this advisory."

Slashdot Top Deals