Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security

XML Encryption Broken, Need To Fix W3C Standard 80

Posted by timothy from the let's-keep-this-in-the-open dept.
gzipped_tar writes "Researchers from Ruhr University Bochum demonstrated the insecurity of XML encryption standard at ACM Conference on Computer and Communications Security in Chicago this week. 'Everything is insecure,' is the uncomfortable message from Bochum. As pointed out by the Ars Technica article, XML Encryption is used widely as part of server-to-server Web services connections to transmit secure information mixed with non-sensitive data, based on cipher-block chaining. But it is apparently too weak, as demonstrated by Juraj Somorovsky and Tibor Jager. They were able to decrypt data by sending modified ciphertexts to the server by gathering information from the received error messages. The attack was tested against a popular open source implementation of XML Encryption, and against the implementations of companies that responded to the responsible disclosure — in all cases the result was the same: the attack worked. Fixing the vulnerability will require a revision of the W3C XML encryption standard, Somorovsky said. The researchers informed all possibly affected companies through the mailing list of W3C, following a clear responsible disclosure process."
Biotech

Hybrid Human-Animal DNA Experiments Raise Concerns 311

Posted by Soulskill from the wonder-what-al-gore-thinks-about-this dept.
Kevin Fishburne writes "British scientists are calling for a new agency to oversee the mixing of human and animal DNA, which is progressing at a rate most may not be aware of: 'Among experimentation that might spark concern are those where human brain cells might change animal brains, those that could lead to the fertilization of human eggs in animals and any modifications of animals that might create attributes considered uniquely human, like facial features, skin or speech. ... Some disagree. "We think some of these should be done, but they should be done in an open way to maintain public confidence," said Robin Lovell-Badge, head of stem cell biology and developmental genetics at Britain's Medical Research Council, one of the expert group members. He said experiments injecting human brain cells into the brains of rats might help develop new stroke treatments or that growing human skin on mice could further understanding of skin cancer.'"

Comment no early school (Score 1) 309

by Pictish Prince (#36571534) Attached to: If I could revisit / re-run a chunk of my schooling:

My mother taught me to read when I was 4. My father taught me basic arithmetic when I was 5. I was eager to start school. Then I found out that school wasn't a place for learning but a place for pain and humiliation. We sat with our chairs in a circle while the teacher tried to teach the idiots to read Dick, Jane & frikkin' Sally. I was excruciatingly bored, so I wrote a note to a girl sitting on the other side of the circle. Of course she couldn't read it so gave it to the teacher. It was traced back to me and I had to sit in the corner the rest of the day. Arithmetic was worse: In the 3rd grade they were still trying to teach the 'tards basic addition so we had to stamp these damned yellow chickens on poster paper. I didn't do mine so they made me stay after school to do it.

High school was just as bad. I got kicked in the nuts almost every day. I learned almost nothing. I signed up for the senior science course which was supposed to contain an intro to computer programming. I was the only one to sign up for it so they dropped it.

On the whole, what should have been some of the most productive years of my life were wasted trapped in a goddam hell-hole where the only lessons to be learned were how to be a good prisoner and submit to authority whenever they wanted to torture me.

Everyone is bemoaning how the US is not pumping out scientists and engineers like it used to. I would be surprised if it were.

Google

Bing Becomes No.2 Search Engine at 4.37% 366

Posted by CmdrTaco from the now-that's-a-gap dept.
suraj.sun writes "Bing overtook Yahoo for the first time worldwide in January, and increased its lead in February, according to web analytics company, StatCounter. Its research arm StatCounter Global Stats finds that globally Bing reached 4.37%, in February ahead of Yahoo! at 3.93%. Both trail far behind Google's 89.94% of the global search engine market." Just a little more plagiarizing to go!
Businesses

Steve Jobs Taking Medical Leave of Absence 471

Posted by CmdrTaco from the zomg-everybody-panic dept.
Uttini writes "Apple CEO Steve Jobs has just announced that he is taking a medical leave of absence, according to a release issued by the company today. While it's unclear what the reason is for the medical leave, Jobs' previous medical history includes pancreatic cancer as well as a liver transplant. While Jobs is out, Tim Cook is to be responsible for all of Apple's day to day operations."
GUI

Xfce 4.8 Released 193

Posted by timothy from the when-snappy-matters dept.
PerlDudeXL writes "Today, after almost two years of work, we have the special pleasure of announcing the much awaited release of Xfce 4.8, the new stable version that supersedes Xfce 4.6. [..] Xfce 4.8 is our attempt to update the Xfce code base to all the new desktop frameworks that were introduced in the past few years. We hope that our efforts to drop pieces like ThunarVFS and HAL with GIO, udev, ConsoleKit and PolicyKit will help bringing the Xfce desktop to modern distributions."
Internet Explorer

New IE Zero Day 305

Posted by CmdrTaco from the well-that's-not-good dept.
RebootKid writes "Microsoft has released a notice about a new zero day attack against Internet Explorer. Guess it's going to be more a 'Script Kiddie Christmas,' less of a 'White Christmas.' 'Ok, fess up — who asked for an IE 0 day for Christmas? I'm guessing Santa got his lumps of coal mixed up with a bag of exploits. This exploit has been discussed over the last day or so on full disclosure and a number of other sites. Metasploit already has a module available for it (just search for CSS & IE). Microsoft has put out an advisory 2488013 regarding the issue which manifests itself when a specially crafted web page is used and could result in remote code execution on the client.'"
Science

Immaculate Conception In a Boa Constrictor 478

Posted by samzenpus from the gold-frankincense-and-mice dept.
crudmonkey writes "Researchers have discovered a biological shocker: female boa constrictors are capable of giving birth asexually. But the surprise doesn't end there. The study in Biology Letters found that boa babies produced through this asexual reproduction — also known as parthenogenesis — sport a chromosomal oddity that researchers thought was impossible in reptiles. While researchers admit that the female in the study may have been a genetic freak, they say the findings should press researchers to re-think reptile reproduction. Virgin birth among reptiles, especially primitive ones like boas, they argue may be far commoner than ever expected."

Comment Re:Oh, just great (Score 1) 841

by Pictish Prince (#34050970) Attached to: Researchers Find a 'Liberal Gene'

Conservatives opposed communism

In favor of Tsarism. Great principled stand there guys.

Nazism

Hitler was a liberal? Yeah, he did confiscate guns, but nothing characterizes Nazism better than extreme nationalism, a conservative trait.

eugenics

Eugenics was supported by both sides. Progressives who thought they could make humanity better, and conservatives who wanted to use genetics to enforce the class structure. Notice how it was always the lower classes who got sterilized.

And also notice that whether it's liberals or conservatives in power, the direction is always towards more control : Gun control and laws enforcing political correctness from the liberals; Banning of gay marriage and abortions and loyalty oaths from the conservatives. It never goes the other way in the U.S. even though most Americans say they want government out of their lives; the media can always stir them to a killing rage by pointing out what the other side does.
Medicine

Look-Alike Tubes Lead To Hospital Deaths 520

Posted by timothy from the no-wait-this-one-goes-in-your-mouth dept.
Hugh Pickens writes "In hospitals around the country, nurses connect and disconnect interchangeable clear plastic tubing sticking out of patients' bodies to deliver or extract medicine, nutrition, fluids, gases or blood — sometimes with deadly consequences. Tubes intended to inflate blood-pressure cuffs have been connected to intravenous lines leading to deadly air embolisms, intravenous fluids have been connected to tubes intended to deliver oxygen, leading to suffocation, and in 2006 a nurse at in Wisconsin mistakenly put a spinal anesthetic into a vein, killing 16-year-old who was giving birth. 'Nurses should not have to work in an environment where it is even possible to make that kind of mistake,' says Nancy Pratt, a vocal advocate for changing the system. Critics say the tubing problem, which has gone on for decades, is an example of how the FDA fails to protect the public. 'FDA could fix this tubing problem tomorrow, but because the agency is so worried about making industry happy, people continue to die,' says Dr. Robert Smith." This reminds me of the sort of problem that Michael Cohen addressed in a slightly different medical context (winning a MacArthur Foundation grant) a few years ago.
Internet Explorer

Internet Explorer Turns 15 271

Posted by CmdrTaco from the and-the-internet-has-never-been-the-same dept.
An anonymous reader writes "Software giant Microsoft's Internet Explorer turned 15 years old on Monday. The company recently said it would launch the Internet Explorer 9 public beta version on September 15, 2010. The software giant launched the first version of the browser, Internet Explorer 1, on August 16, 1995. It was a revised version of Spyglass Mosaic, which Microsoft had licensed from Spyglass Inc."

Comment WTF? (Score 0, Troll) 285

by Pictish Prince (#33246016) Attached to: The Fuel Cost of Obesity

[...]
As it turns out, part of the problem is us.
[...]

Speak for yourself, White Man.

Yeah, obese people are everywhere in the US today, mostly due to the plastic shite the corporations provide for them to eat. I haven't owned a motor vehicle since 1991 and, guess what? I'm slim & trim from walking and biking.

That's just skirting around the problem, though. In the last couple of decades I've observed a steady trend towards A) larger gas-guzzling vehicles and B) single person occupancy. Americans hold it to be their right (and it is) to drive alone 5 blocks to the supermarket in their huge goddam vehicles. However, if they simply understood the implications of their actions on the environment I feel we'd see far less of it. But instead, the TeeVee has them pissing their britches watching out for murderers, rapists and now terrorists so they will never, ever EVER stop to give someone a ride, even on the hottest or coldest days of the year. On the flip-side, one would be far more inclined to walk to their destination if there were a good chance they'd be offered a ride, as was the case a mere 30 years ago (I remember).

One more thing: I detest BP (and other mega corps) as much as anyone, but blaming them for the destruction of aquatic and wetland habitats and countless rare and valuable species is logically and morally equivalent to blaming Mexico for the US drug problem. The market will work, bringing the supply to where there is the demand, no matter how much imbecile legislation is passed. The problem is the ignorance of the average US citizen. Find some way to fix that and a lot of huge problems simply disappear. I was hopeful that the switch to digital TV would so frustrate a large number of viewers that they would simply give up the tube. That would have had a chance to break the increasingly sophisticated mind control the mega corps have over a vast majority of the US population. Alas, I was wrong and now I and to some degree every inhabitant of this planet are paying the price.

Crime

Child Porn As a Weapon 774

Posted by Soulskill from the guilty-until-proven-innocent dept.
VoiceOfDoom writes "Want to get rid of your boss and move up to his position? Put kiddie porn on his computer then call the cops! This was the cunning plan envisaged by handyman Neil Weiner of east London after falling out with school caretaker Edward Thompson too many times. Thankfully, Weiner didn't cover his tracks quite well enough to avoid being found out — earlier boasts about his plan to friends at a BBQ provided the police with enough evidence to arrest him for trying to pervert the course of justice. Frighteningly, however, between being charged with possession of indecent images and being exonerated, innocent (if 'grumpy') Thompson was abused and ostracized for eight months by neighbors and colleagues. With computer forensics for police work often being performed by 'point 'n click'-trained, nearly-retired cops, or languishing in a 6-month queue for private sector firms to attend to it, the uncomfortable question is raised: how easily might this trick have succeeded if Weiner had been a little more intelligent about it?"

Slashdot Top Deals

"May your future be limited only by your dreams." -- Christa McAuliffe

Close