Follow Slashdot stories on Twitter


Forgot your password?
Slashdot Deals: Deal of the Day - 6 month subscription of Pandora One at 46% off. ×

Submission + - Security, GPL and Corporates

An anonymous reader writes: Recently I received an ADSL modem from my landline provider, I have plugged it in and began exploring what it was capable of doing.
I have found out that under it's default configuration it has more security holes than a Swiss cheese, wireless is active, receives configuration updates from a TR-069 server, UPNP is active, it also has some preconfigured bridges to some unknown preconfigured VPI,VCI and an open TCP port (besides the one that is used from UPNP) that peeked my interest.
Some of the holes that were discovered were plugged but I didn't find a way to close the open port.
I also heard some stories that the landline provider has remotely connected to some users and has fixed their modem issues although it is a great thing I prefer to do it myself and consider it a security risk.
Digging around I found out that it contains Linux kernel and what appears to be a crippled BusyBox, so I contacted my landline provider and have asked him to provide the source code for the GPLed software so I could find out the process that keeps the port open and kill it, they refused.
I am a fan of Linux and personally use it, I have notified the author of the busybox of the apparent violation but my main concern is the possible security holes in the device.
Any idea on what can be done in order to secure it?
User Journal

Journal Journal: IT Non-profit as a post-retirement career? 2

I'm bored.
I retired on disability back in 2002, spending the previous 20+ years as a WAN admin, Network Engineer, Security consultant, Unix SysAdmin, Computer retail store owner, Navy Electronics Tech, etc, etc.
While sitting around playing computer games and working on open source projects is fun, it is starting to get a little old.
I've been thinking fairly seriously about starting a not-for-profit business; recycling old computers for use by cash-strapped schools, libraries and l

Feed Techdirt: Washington State Sues Company For Fake Error Messages (

For years, questionable "software" firms would buy up ads that pretended to look like computer warning messages telling you that your computer was at risk. Then there were scamming companies that would include a web-based "test" of your computer to see if it was at risk -- and, of course, it always found that you were. The scam is just to get you to download (and buy) their software which rarely does anything (and most of the time you don't need it). The FTC had cracked down on these companies a while back, but it appears at least some are still in business. Washington state is now suing a software company that apparently did something similar sending messages to computer users claiming "CRITICAL ERROR!" and demanding that they download the company's product immediately to repair the problem. Of course, there was almost never an actual problem... but the software cost $40.

Permalink | Comments | Email This Story


Submission + - Censored in Finland (

k33l0r writes: "The web site of W3C, or, was briefly censored (Google Translation) by at least some of the local ISPs. For an unknown reason the URL was mistakenly entered into the Federal Police's censor database. Some of the Finnish ISPs use the database to filter out questionable content such as child pornography. The censor database is itself already highly questionable and largely ineffective, as online activist Matti Nikki writes:

For example a document that goes by the name "Railaksen Selvitys" and dated 2005-12-16 lists several critical problems and unanswered questions regarding the censorship. These problems are listed in the very beginning of the document and include things like effectiveness of the filtering solutions, the problem of collateral damage when censorship affects more material than it should, freedom of speech, what kind of crimes the censorship should exactly target, etc. Most of these went unanswered and the problems are seen with the current implementation of the censorship. Some of the issues were only addressed partially, for example the freedom of speech regarding reception of illegal material was touched but the police has now been found censoring even sites that do not contain illegal material themselves. What is being practiced now isn't what was planned.

This isn't the first time that a site has been wrongly blocked; at least for a period in the past the site protesting against the filtering, maintained by Matti Nikki, was blocked. (NB. 'Lapsiporno' is 'child pornography' in Finnish, but the site has nothing to do with pornography, or indeed any other sordid materials)"


Submission + - SPAM: Unix challenged as never before by HPC 2008

Ep0xi writes: After testing the stability, performance, scalability and backward support of the Microsoft Windows Server 2008
my first thought is, Unix systems are being challenged by this Microsoft product as never before.

I usually support both, open and closed source technologies because my of clients, but i ask
you to compare it and put the oncoming HPC Server 2008 on the table against any other Unix
and tell if the whole system availability is challenging the entire industry?

Mainly the Unix came from Military and Universities around the globe in development,
but this is the first time that a closed company has dealt the user desktop with so much
acuracy in terms of user needs of a stable Server/Desktop platform twice as a whole.

Any different experiences?

Link to Original Source

A failure will not appear until a unit has passed final inspection.