Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror

+ - Serious flaws in NTP (the application, not the protocol) need to be patched 3

Submitted by hawkinspeter
hawkinspeter (831501) writes "A new set of vulnerabilities with the most common NTP daemon have been discovered by Google security researchers. There exist public exploits that target these flaws, so it's recommended to patch to version 4.2.8 (or switch to openntp which doesn't have the same issues) immediately. This is especially problematic for those systems that run ntpd with root privileges as a single carefully crafted packet can allow access at the privilege level of the process. This was reported by ZDNet a few days ago and I have yet to see the Ubuntu patches for this, but it looks like Red Hat are on top of things."

+ - Do backups on Linux no longer matter?-> 5

Submitted by cogcritter
cogcritter (3614357) writes "In June of 2009, the dump/restore utilities version 0.4b42 for Linux's ext3 filesystem were released. This was the last version where incremental dumps could actually be used. A bug introduced in 0.4b43, one year later, causes restore to fail when processing an incremental backup unless, basically, no directory deletions occurred since the level 0 part of the backup set was taken.

The bug is certainly present in Debian Wheezy, and comments in Debian's defect tracking system suggest that the bug has permeated out into other distros as well.

How can Linux's backup/restore tools for its popular ext2/ext3 filesystem be broken for 3+ years, and nobody seems to care? Does nobody take backups? Or do they not use incremental backups? How many people are going to find themselves scrambling when they next NEED to restore a filesystem, and find themselves in possession of long-broken tools?

Just in case this article is where some hapless sysadmin ends up, the workaround is to go to dump.sf.net, go to the files section, pull down the 0.4b42 version and build it for yourself. For me, I think going forward I'm going to switch to filesystem mirroring using rsync."

Link to Original Source

Comment: Re:Stupid (Score 1) 61

by C18H27NO3 (#46332329) Attached to: Meet the Developers Who Want To Build the Next Snapchat

The entire concept is stupid. Screenshots.

Exactly. The same could be said in regards to private Facebook profiles.
Nothing stops someone that is part of the private group to make available anything that they see to others not in the group. eg., Save the page, the text, pictures, screenshot it, etc.

+ - NSA and GCHQ target 'leaky' phone apps to scoop user data->

Submitted by schwit1
schwit1 (797399) writes "New leaked NSA documents shed a new light on the agency's assault on the data controls of smartphone apps. Using app data permissions as a jumping off point, the documents show agency staffers building huge quantities of data, including "intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information." One slide lists capabilities for "hot mic" recording, high precision geotracking, and file retrieval which would reach any content stored locally on the phone, including text messages, emails and calendar entries. As the slide notes in a parenthetical aside, "if it's on the phone, we can get it."
Link to Original Source

Computer programmers do it byte by byte.

Working...