Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×

Submission + - I challenged hackers to investigate me and what they found out is chilling 3

Submitted by Anonymous Coward
An anonymous reader writes: In 1999 while writing for Forbes, Adam Penenberg wanted to see how easy it would be for hackers to access his family's bank account information, social security numbers, and online passwords. Now, in 2013, with more of our data than ever at the fingertips of nefarious operators, Penenberg is at it again, asking a group of "white-hat" hackers how easy it would be to hack his and his wife's lives.

What he found is that if someone is determined and savvy enough to access your private information, there's a good chance that person will be successful. Using a combination of phishing emails, mal-ware, and old school surveillance tactics, the team at SpiderLabs was able to take over his laptop and iPhone, and gain access to his personal bank information and online passwords.

Submission + - GCC 4.9 Will Make Compilers More Exciting In 2014 (phoronix.com) 1

Submitted by noahfecks
noahfecks writes: It seems that the GCC developers finally took actions to improve after CLANG is stepping ahead. Among the highlights to look forward to right now with GCC 4.9 include:
  • The Undefined Behavior Sanitizer has been ported to GCC.
  • ADA and Fortran have seen upgrades.
  • Improved C++14 support.
  • - RX100, RX200, and RX600 processor support by GCC.
  • Intel Silvermont hardware support.

Submission + - Mac OS 10.9 -- Infinity times your spam (fastmail.fm)

Submitted by Anonymous Coward
An anonymous reader writes: Email service FastMail.fm has an blog post about an interesting bug they're dealing with related to the new Mail.app in Mac OS 10.9 Mavericks. After finding a user who had 71 messages in his Junk Mail folder that were somehow responsible for over a million entries in the index file, they decided to investigate. 'This morning I checked again, there were nearly a million messages again, so I enabled telemetry on the account ... [Mail.app] copying all the email from the Junk Folder back into the Junk Folder again!. This is legal IMAP, so our server proceeds to create a new copy of each message in the folder. It then expunges the old copies of the messages, but it’s happening so often that the current UID on that folder is up to over 3 million. It was just over 2 million a few days ago when I first emailed the user to alert them to the situation, so it’s grown by another million since. The only way I can think this escaped QA was that they used a server which (like gmail) automatically suppresses duplicates for all their testing, because this is a massively bad problem.' The actual emails added up to about 2MB of actual disk usage, but the bug generated an additional 2GB of data on top of that.

Submission + - Capturing The Flag, SQLi-Style (darkreading.com)

Submitted by CowboyRobot
CowboyRobot writes: Penetration tester and long-time security professional Sumit "Sid" Siddharth has developed a real-world SQL injection sandbox simulator, and invites the public for a capture the flag event later this month. "The only way you can understand the true impact of vulnerabilities is by practicing exploitation. Even vulnerability identification goes hand-in-hand with exploitation," says Siddharth. "Sometimes identifying the vulnerability is really difficult, and it's only when you know advanced exploitation techniques that you can do so. "We've also put together some really nice examples where identifying the vulnerability is really difficult, and we've asked people to find the needle in the haystack because that's how websites get compromised at the end of the day,"

Comment Re:TAILS (Score 1) 234

by JSG (#45039693) Attached to: How The NSA Targets Tor

Yeah right, except quite a few of us post on Slashdot and other tech sites - we are a gated community. Nearly all sysadmins are a piece of piss to find on t'interwebs.

Perhaps those site's web log files might not be as well protected as you might want - I doubt that our host's web masters are the only viewers.

Perhaps you describe some aspect of your home/work/cloudy system, perhaps over many posts over several months/years (your modus operandus) on these tech sites.

Perhaps there is someone who has a system that draws neat graphs linking posts to persons to groups of IT systems and hence to how they are secured.

To make it especially easy to follow, why not sign off your posts in a distinctive way.

Cheers
Jon

PS Bugger AC - I've been here years and a few years before I signed up. I've never bothered posting AC - I'm a security consultant.

Comment Re:Hopefully (Score 1) 39

by JSG (#44987451) Attached to: Rapid7 Launches Crowdsourced Security Research Project

Stale -Ha!

Here's a snippet from one of the data dumps (telnet is less than 300MB), note the dates. Have a look yourself and you'll get the IP address this belongs to along with many, many others:

(This is a telnet login banner which I've had to clean out somewhat to post here)
Copyright (c) 1998-2007 Huawei Technologies Co., Ltd. All rights reserved. Without the owner's prior written consent, no decompiling or reverse-engineering shall be allowed.

I was pretty horrified but not too surprised at the contents of just one data dump after a quick look.

Cheers
Jon

Submission + - Scientists create new form of matter from photons (phys.org)

Submitted by wasteoid
wasteoid writes: We are one step closer to Star Trek replicators and holodecks with the advancement achieved by scientists at the Harvard-MIT Center for Ultracold Atoms. The scientists have managed to coax the photons to bind together to form photonic molecules, a state of matter that was previously only theoretical. Using an ultra-cold version of light refraction, two photons were slowed down sufficiently to cause them to bind together in the ultra-cold media, exiting as a single photon molecule.

Submission + - Big Box? Nissan Note The First-Ever Car You Can 'Buy' On Amazon (thecarconnection.com)

Submitted by cartechboy
cartechboy writes: You knew the day was coming when they started selling diapers. Amazon is now dipping its toe into car sales by selling a single car: the 2014 Nissan Versa Note. Amazon users hit a real live Versa Note product page, but instead of "Add to cart" you provide your ZIP code so Amazon can connect you with a nearby Nissan dealer. The first 100 Versa Note customers whose car purchases are initiated through Amazon receive $1,000 Amazon gift cards. Best part: Customers who end up actually buying the Note *will* receive them via boxed home delivery. Now, that's a big box.

Submission + - Undiscovered Country of HFT: FPGA JIT Ethernet packet assembly

Submitted by michaelmalak
michaelmalak writes: In a technique that reminds me of the just-in-time torpedo engineering of Star Trek VI: The Undiscovered Country, a company called Argon Design has "developed a high performance trading system" that puts an FPGA — and FPGA-based trading algorithms — right in the Ethernet switch. And it isn't just to cut down on switch/computer latency — they actually start assembling and sending out the start of an Ethernet packet simultaneously with receiving and decoding incoming price quotation Ethernet packets, and decide on the fly what to put in the outgoing buy/sell Ethernet packet. They call these techniques "inline parsing" and "pre-emption."

Submission + - RSA devs - Do NOT USE RSA as it may have been backdoored by the NSA (bbc.co.uk) 2

Submitted by Anonymous Coward
An anonymous reader writes: RSA, the internet security firm, has warned customers not to use one of its own encryption algorithms after fears it can be unlocked by the US National Security Agency (NSA).
In an advisory note to its developer customers, RSA said that a default algorithm in one of its toolkits could contain a "back door" that would allow the NSA to decrypt encrypted data.
It "strongly recommends" switching to other random number generators.
RSA is reviewing all its products.

- Source (bbc.co.uk)

Submission + - Vietnamese Father and Son Found Living in a Treehouse for 40 Years (telegraph.co.uk)

Submitted by jones_supa
jones_supa writes: A father and son who fled their village during the Vietnam War 40 years ago have apparently been discovered living in a treehouse deep in the jungle. They wore loincloths made of bark and used a homemade axe to chop down trees for firewood. They fed on corn that they had grown, plus fruits and cassava roots from the jungle. Inside their treehouse home, five metres in the air, the pair kept a stash of arrows for hunting and knives for killing animals. After they were returned back to rest of civilization by travelers, they had almost completely lost the ability to speak a language. The Vietnamese district authorities have confirmed that the father Ho Van Thanh once lived a normal life with his family in the commune’s Tra Kem hamlet. They suggested that he was probably driven by shock when he took his young son and ran into the jungle after the mine explosion wiped out the rest of their family.

Slashdot Top Deals

An Ada exception is when a routine gets in trouble and says 'Beam me up, Scotty'.

Close