Sign up for the Slashdot newsletter! OR check out the new Slashdot job board to browse remote jobs or jobs in your area

Do you develop on GitHub? You can keep using GitHub but automatically sync your GitHub releases to SourceForge quickly and easily with this tool so your projects have a backup location, and get your project in front of SourceForge's nearly 20 million monthly users. It takes less than a minute. Get new users downloading your project releases today!

409159 submission

Submission + - Australia ratifies Kyoto (bbc.co.uk)

Submitted by on Tuesday December 04, 2007 @05:15AM

An anonymous reader writes: From BBC news:

Australian Labor Party leader Kevin Rudd has been sworn in as prime minister, following a landslide victory in parliamentary elections last week. Immediately after the ceremony, he signed documents to ratify the Kyoto Protocol on climate change, reversing the previous administration's policy.
http://news.bbc.co.uk/2/hi/asia-pacific/7124236.stm

409153 submission

Submission + - eBay Still Has Login Vulnerabilities?

Submitted by

Atario

on Tuesday December 04, 2007 @05:12AM

Atario writes: "This morning I checked my email to find several apparent eBay-alike spam messages in my Inbox. This reminded me that I needed to leave feedback for something on the actual eBay. So I went there, only to find that I could no longer log in. Long story short, I realized that those "fake" eBay emails were the real thing — and were sent from my eBay account! Horrified, I contacted their help people and got my password reset, and some mass eBay emails following up to those who had been spammed, saying that I hadn't done it. Going to my account, I saw that the attackers had sent a "visit our happy and good-spirit Chinese web site and buy electronics" spam to 30 different people. (Only the first six came to me, because those used a general "contact an eBay-er" mechanism, whereas the rest used a "ask seller a question" one; apparently the latter doesn't automatically send you a copy in email automatically.) At any rate, whoever this was was able to change my password and send messages as me; this, to me, implies that they were able to crack my password and log in as me. This would mean either (1) inside job with DB access or (2) eBay is vulnerable to brute-force login-attempt attacks, which is something so easy to defeat (increasing attempt delays), they would need to be ashamed for about aleph-null years were this the case. So, what does Slashdot think: eBay is infested with Chinese spammers as employees, or they can't get security minimally right after all these years?"

409141 submission

Submission + - NASA, Russia test sex in space (guardian.co.uk) 1

Submitted by azuredrake on Tuesday December 04, 2007 @05:07AM

azuredrake writes: According to The Guardian, both NASA and the Russian space agency have tested the feasibility of sex in space with human astronauts as the so-called "guinea pigs". While the purpose behind this research was to ascertain whether families could be sent on colonization missions together in zero-g, it's still amusing to think that two humans were sent up into space with government funding to copulate repeatedly on video. Of course, leave it up to the American government to come up with a mission codename like "STS:XX".

408995 submission

Submission + - Flaw in GMail message routing? 1

Submitted by

manoffoo

on Tuesday December 04, 2007 @03:14AM

manoffoo writes: "I was signing up for a TV channel listing service to work with my pvr software and I incorrectly entered my garbage email address of manoffoo978@gmail.com when in fact it's actually man.of.foo978@gmail.com. Upon checking the account I saw that gmail had in fact routed the message. This is a repeatable behavior from other accounts. Makes you wonder if this could be exploited to receive messages intended for someone else."

408987 journal

Journal Journal: Zeroday privilege escalation exploit In RedHat Linux

Journal by Sillygates on Tuesday December 04, 2007 @03:11AM

After fooling around with one of my freshly installed, fully patched Fedora linux systems, I found a serious flaw in autofs's configuration file, which can lead to lead to a local user gaining root access without a password in an "out of the box install".

345239 submission

Submission + - An Insider's View of Apple Store Sales Training

Submitted by

Dekortage

on Wednesday October 24, 2007 @07:29AM

Dekortage writes: "FastCompany has a report about the training that would-be Apple Store sales clerks undergo, with some insights as to the "magic" of low-key, high-volume sales movers. "Other workers... explained to customers that they had some questions to understand their needs, got permission to fire away, and then kept digging to ascertain which products would be best. Position, permission, probe. ... At an Apple Store, workers don't seem to be selling (or working) too hard, just hanging out and dispensing information. And that moves a ridiculous amount of goods: Apple employees help sell $4,000 worth of product per square foot per month." Note that Apple just beat analysts' quarterly profit estimates by around fifteen percent, and now has a market cap bigger than IBM's."

319521 submission

Submission + - Setting up a wargame server

Submitted by

zeridon

on Sunday October 07, 2007 @04:58PM

zeridon writes: "I am touting at the moment with setting up a Wargame server. The main idea being to educate users in risks and treats of security, research, reverse engineering and such.
Typical examples of wargame servers are the ones from Pullthe plug http://www.pulltheplug.org/wargames/

My questions are:

Can you advise on level of complexity? — i mainly intend to target medium to advanced users (but unfortunately i hardly make a distinction)
Can you advise on software to be used?
Which environment is better? virtual machines, real machines, some faked simulation?
What forensic tools to be deployed? tripwire and snort are good candidates
Should i record all the generated traffic for later analysis etc?
Have you ever stumbled on a tool/framework/general howto for realizing such service?
Ald finaly Can you propose some subject/theme? — I am kinda tempted to create something based on The Hitchikers Guide To The Galaxy but that's prety distant for the younger people (at least in my country)

And yes, please excuse me for my many questions *WINK*"

319461 submission

Submission + - Possession of the Anarchist's Cookbook==Terrorist

Submitted by Anonymous Terrorist on Sunday October 07, 2007 @04:14PM

Anonymous Terrorist writes: Back in the midsts of time, when I was a lad and gopher was the height of information retrieval I read The Anarchist's Cookbook in one huge text file. Now it appears the UK government considers possession of the book an offence under the Terrorism Act 2000 and is prosecuting a 17 year old boy, in part, for having a copy of the book.

319449 story

Windows XP SP3 Build 3205 Released w/ New Features 286

Posted by Zonk on Sunday October 07, 2007 @04:13PM from the new-tricks-for-an-old-dog dept.

jBubba writes "Windows XP SP3 build 3205 is the first official & authorized release of the next Windows XP service pack; and has been made available to testers as a part of the Windows Server 2008/Windows Vista SP1 beta program. NeoSmart Technologies has the run-down on the included 1,073 patches/hotfixes including security updates. Contrary to popular belief, Windows XP SP3 does ship with new features/components, most of which have been backported from Windows Vista. Some included features: 'New Windows Product Activation model: no need to enter product key during setup. Network Access Protection modules and policies have been brought to XP after being one of the more-well-received features in Windows Vista. New Microsoft Kernel Mode Cryptographic Module - the Windows XP SP3 kernel now includes an entire module that provides easy access to multiple cryptographic algorithms and is available for use in kernel-mode drivers and services. New "Black Hole Router" detection - Windows XP SP3 can detect and protect against rogue routers that are discarding data.'"

319437 submission

Submission + - Corporate Encouragement for Sharing Your WiFi

Submitted by

anagama

on Sunday October 07, 2007 @03:21PM

anagama writes: "BT to UK customers: Share your WiFi... please! Conventional wisdom is that one should lockdown wifi, your ISP doesn't want you to share your connection, that person checking email outside the coffee shop ought to be arrested. Here is an alternative model: "BT will encourage its three million broadband users to pick up a FON router and start sharing signals. The router provides two channels: one for public access, and one for access by the owner. The public channel is bandwidth-limited so as not to disrupt the user's own connection. Other "Foneros" can access the public channel for free, while non-Foneros can pay a few dollars a day to use the access points.""

319417 submission

Submission + - GAO report says Energy Star deficient (canada.com) 1

Submitted by

walterbays

on Sunday October 07, 2007 @02:47PM

walterbays writes: "The credibility of blue Energy Star labels that consumers use to identify energy efficient TVs and other home electronics could be damaged because many products are tested in standby mode rather than when turned on, while other tests could have been manipulated using computer controls"

319411 submission

Submission + - Thunderbird in crisis?

Submitted by

Elektroschock

on Sunday October 07, 2007 @02:35PM

Elektroschock writes: "The two core developers of Thunderbird leave Mozilla. Scott McGregor made a brief statement: "I wanted to let the Thunderbird community know that Friday October 12th will be my last day as an employee of the Mozilla Corporation." and David blogged "Just wanted to let everyone know that my last day at The Mozilla Corporation will be Oct. 12. I intend to stay involved with Thunderbird... I've enjoyed working at Mozilla a lot, and I wish Mozilla Co and the new Mail Co all the best." I am scared. A few month ago Mozilla management considered to abandon their second product and set up a special corporation just for the mail client. Scott was more or less supportive. David joined in. While Sunbird just released a new version no appropriate resources were dedicated to the missing component. And while Thunderbird became the most used Linux mail client it is abandoned by Mozilla for 'popularity reasons'. Both messages from David and Scott do not sound if they as founders will play any role in the Thunderbird Mail Corporation. What happened to Mozilla? Is it a case of pauperization through donations?"

319343 submission

Submission + - The Race to Secure Citrix Gateways (beskerming.com)

Submitted by

SkiifGeek

on Sunday October 07, 2007 @12:52PM

SkiifGeek writes: "After recent posts to the GNUCitizen blog, it seems that some in the Information Security industry have started to pay attention to the inadvertent risks posed by poorly secured and managed CITRIX gateway systems.

While some of the techniques in use are nothing new, it is disturbing that they are still functional after such a long period of time (going on 5 years) and so many systems offer up information so easily. With a number of .mil, .edu, and .gov sites identified as highly likely candidates for successful attack, the race will be on to secure them before the hackers start knocking."

262347 feed

Feed news.com: How MySpace brought down a spammer (com.com)

From feed by cnetfeed on Wednesday August 22, 2007 @07:13AM

Internet attorney Eric J. Sinrod explains how MySpace defeated a noted spammer.

262335 feed

Feed The Register: Google will carpet YouTube with 'overlay' ads (theregister.com)

From feed by registerfeed on Wednesday August 22, 2007 @07:12AM

Not for user generated content....yet

Google will introduce a new advertising model for YouTube today which it reckons will be five to 10 times more effective than existing ad formats used on the video sharing website.

« Newer Older »

Slashdot Top Deals