TSHTF - Slashdot User

Submission + - Apple to end free case program for iPhone 4 (marketwatch.com)

Submitted by TSHTF on Friday September 10, 2010 @05:19PM

TSHTF writes: Apple has just announced their intention to end the free case program for the iPhone 4. According to Apple, "we now know that the iPhone 4 antenna attenuation issue is even smaller than we originally thought". The official page for the program confirmed the announcement.

Submission + - Geolocation in Firefox vulnerable to theft

Submitted by Anonymous Coward on Tuesday August 17, 2010 @10:12PM

An anonymous reader writes: In a recent post to the BugTraq mailing list, noted Google security researcher Michael Zalewski brings up the topic of designing secure user interfaces to take human cognitive deficiencies into account. More interestingly, the same post also provides an example of a simple attack that apparently exploits the HTML5 geolocation feature in Firefox to pinpoint your location without your consent. According to the researcher, other browsers are also vulnerable to the same trick. A bit scary, especially coming on the heels of the bug covered earlier today.

Submission + - ScienceBlogs.com Facing Writer Mutiny over PepsiCo (guardian.co.uk) 2

Submitted by History's Coming To on Thursday July 08, 2010 @04:59PM

History's Coming To writes: Several writers for the ScienceBlogs.com collective have Publicly resigned from the site, and many more have voiced concerns over parent company Seed's decision to include a paid blog under the nutrition category from PepsiCo. The blog is written by PepsiCo food scientists, detailing their work. The UK's Guardian newspaper has picked up on the story, and includes a letter from Seed editor Adam Bly which covers the company's rationale. Troy McClure has been quoted as saying "Now, turn to the next problem. If you have three Pepsis and drink one, how much more refreshed are you? You, the redhead in the Chicago school system?".

Submission + - Skype Encryption Revealed (h-online.com)

Submitted by TSHTF on Thursday July 08, 2010 @04:26PM

TSHTF writes: Just weeks after Skype unveiled a public API for the service, a group of cryptographers led by Sean O'Neill have successfully reverse engineered the encryption used by the Skype protocol. Source code is available under a non-commercial license which details Skype's implementation of the RC4 cipher. Is it just a matter of time now until there is a true open-source Skype client?

Submission + - Open Source Music Fingerprinter C&D'd (google.com)

Submitted by Nushio on Thursday July 08, 2010 @01:59PM

Nushio writes: The code wasn't even released, and yet Roy van Rijn, a Music & Free Software enthusiast received a C&D from Landmark Digital Services, owners of Shazam, an Android application that allows you to find a song, by listening to a part of it. And if that wasn't enough, they want him to take down his blog post (Google Cache) explaining how he did it because it "may be viewed internationally. As a result, [it] may contribute to someone infringing our patents in any part of the world".

Comment What to do when a vulnerability is found? (Score 3, Informative) 105

by TSHTF on Sunday June 27, 2010 @02:55PM (#32710298) Attached to: Security For Open Source Web Projects?

I highly recommend you read the announcing security vulnerabilities section of Producing Open Source Software book. You'll probably want to read the whole thing, however!

Submission + - Do cyber vigilantes make computing world safer? (infoworld.com) 1

Submitted by tsamsoniw on Tuesday June 15, 2010 @06:06PM

tsamsoniw writes: Fed up with companies failing to address security holes fast enough, white hats are turning up the pressure by quickly making the vulnerabilities public. First Goatse Security made public thousands of email addresses of iPad users that it swiped from AT&T's Web site — after AT&T failed to disclose the data theft fast enough. Next a Google security engineer publicized an exploit for Windows XP — which is now being used widely — after deciding Microsoft was moving to slowly to fix the problem. In both cases, the Goatse and the security engineer are claiming they did what they did for the greater good: Though their actions put users at risk, it forces the offending companies to worker faster to fix the problem. Do the ends justify the means?

Submission + - Hackers Exploit Google-Outed Windows XP Zero-Day (computerworld.com)

Submitted by CWmike on Tuesday June 15, 2010 @05:15PM

CWmike writes: A compromised Web site is serving an exploit of the bug in Windows' Help and Support Center, identified by a Google engineer last week, to hijack PCs running Windows XP, said Graham Cluley, a senior technology consultant at antivirus vendor Sophos. Cluley declined to identify the site, saying only that it was dedicated to open-source software. 'It's a classic drive-by attack,' said Cluley. The tactic was one of two that Microsoft said last week were the likely attack avenues. The other: Convincing users to open malicious e-mail messages. The vulnerability was disclosed last Thursday by Google security engineer Tavis Ormandy. Ormandy, who also posted proof-of-concept attack code, defended his decision to reveal the flaw only five days after reporting it to Microsoft — a move that Microsoft and other researchers questioned. Cluley called Ormandy's action 'utterly irresponsible,' and in a blog post asked, 'Tavis Ormandy — are you pleased with yourself?'

Submission + - Digitally filtering out the drone of the World Cup 1

Submitted by qubezz on Tuesday June 15, 2010 @04:42PM

qubezz writes: World Cup soccer fans may think a hornet's nest has infiltrated their TVs. However the buzz that is the background soundtrack of the South African-hosted games comes from tens of thousands of plastic horns called Vuvuzelas, that are South Africa's version of ringing cowbells or throwing rats. It looks like the horns won't be banned anytime soon though.

A savvy German hacker, 'Tube' discovered that the horn sound can be effectively filtered out by applying a couple of digital notch filters to the audio at the frequencies the horn produces (another summary in English). Now it looks like even broadcasters like the the BBC and others are considering using such filters on their broadcasts.

Submission + - iPhone 4's 'Retina Display' Claims Challenged

Submitted by adeelarshad82 on Wednesday June 09, 2010 @05:07PM

adeelarshad82 writes: Of the many things that buyers might need to know about the new iPhone; Raymond Soneira — president of DisplayMate Technolgies, added one more to the list. Raymond Soneira challenged Apple's claims that Apple's new iPhone contains a so-called "retina display". In his keynote speech, Steve Jobs noted that there was a point at which pixels blurred together into continuous curves, and that point is about 300 ppi when the phone is held at about twelve inches from one's eye. According to Raymond Soneira the the resolution of the retina is in angular measure, 50 cycles per degree, whereas a cycle is a line pair which is two pixels, so the angular resolution of the eye is 0.6 arc minutes per pixel. So, if you hold an iPhone at the typical 12 inches from your eyes that works out to 477 pixels per inch and at 8 inches it's 716 ppi. You have to hold iPhone 4 out about 18 inches before it falls to 318 ppi. So the iPhone has significantly lower resolution than the retina.

Submission + - Mobile cell number as login for webportal?

Submitted by ankitasdeveloper on Monday March 29, 2010 @03:28PM

ankitasdeveloper writes: For one of our clients we have requirements for online admissions. As all students (or newbies on internet) may not have email address, our client suggested to have mobile numbers as a way to login into the web-portal. As far as I know mobile number are subjected to re-assignments by providers, I strongly discouraged this as a requirement. I want to know Slashdot's opinion or consequence on using mobile numbers as usernames. Surely, SMS cannot be used for password recovery. What are the other ways of password recovery can be employed?

Comment Technical details here (Score 4, Informative) 162

by TSHTF on Tuesday March 23, 2010 @07:26PM (#31591196) Attached to: How To Evade URL Filters With (Not-So) Fancy Math

The linked article is next to worthless. The real details are in this blog post.

Mozilla Plans Fix For Critical Firefox Vulnerability In Next Release 140

Posted by Soulskill on Saturday March 20, 2010 @12:05PM from the sooner-than-later dept.

Trailrunner7 writes "A month after an advisory was published detailing a new vulnerability in Firefox, Mozilla said it has received exploit code for the flaw and is planning to patch the weakness on March 30 in the next release of Firefox. Mozilla officials said Thursday that the vulnerability, which was disclosed February 18 by Secunia, is a critical flaw that could result in remote code execution on a vulnerable machine. The vulnerability is in version 3.6 of Firefox."

OpenBSD 4.7 Preorders Are Up 191

Posted by timothy on Saturday March 13, 2010 @09:07PM from the so-you're-in-favor-then? dept.

badger.foo writes "The OpenBSD 4.7 pre-orders are up. That means the release is done, sent off to CD production, and snapshots will turn -current again. Order now and you more likely than not will have your CD set, T-shirt or other cool stuff before the official release date. You get the chance to support the most important free software project on the planet, and get your hands on some cool playables and wearables early. The release page is still being filled in, but the changelog has detailed information about the goodies in this release."

Comment Netbooks aren't DME (Score 4, Informative) 727

by TSHTF on Saturday March 13, 2010 @03:40PM (#31465880) Attached to: Why Are Digital Hearing Aids So Expensive?

On a recent flight, I heard an older man talk to the woman he was sitting next to about this same issue.

Hearing aids tend to be classified as DME (durable medical equipment). Medical equipment has a higher support cost than netbooks, and the insurance companies are happy to pay. The cost of entry in the DME market is much higher the netbook market.

Although there is a huge market for the product, the liabilities involved in selling these products significantly raises the risk, and therefore the price, in such products.

Slashdot Top Deals