Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror

Comment Warrants? Cry him a river. (Score 1) 153

He went on to argue that the phenomenon of communications "going dark" due to more sophisticated technology and wider use of encryption is "overwhelmingly affecting" law enforcement operations

Basically he is whining because the FBI actually has to, you know, go to a judge and prove sufficient cause for her to grant them a warrant before accessing an individual's property or papers like the 4th amendment says they have to.

Cry him a river, build him a bridge, and tell him to get over it.

Comment Re:Brought it on themselves (Score 3, Insightful) 67

I hope that Apple changes the iOS App Store approval process to look for this insanely-dangerous BACKDOOR, and make the inclusion of that cause for instant REJECTION of the App.

I'm curious when exactly they changed their policy in the first place. Apple used to reject any application that tried to do anything like this.

Comment Re:Victims should sue (Score 1) 100

And a fsckin security researcher to boot. I don't get it - What kind of secure world does he live in where you publish - and therefore do the legwork - for the very people you are supposed to be securing against?

Maybe the various AV companies can sue him for infringement of their methods patent on this.

Comment Re:I care not. (Score 1) 302

I am a Netflix user. I could give a crap about what CBS/NBC/ABC have to offer...Netflix will have it eventually

Which means you do give a crap, or at least you should. For all that Netflix is, it doesn't actually produce a whole lot of content. It makes content produced by others available to you. If those other content producers go away and Netflix becomes the sole creator and provider, what happens then?

Comment Re:after reading the details, this is significant (Score 1) 146

Unless the user has 2FA enabled.....

From TFA:

Attacker can intercept 2FA codes

Additionally, the attacker can even check these credentials against the LastPass API, verify their accuracy, and even ask the user for the two-factor authentication code if this feature is turned on.

If everything is correct, and all the codes verify through, using the same LastPass API, an attacker can collect any data from the user's account he wants, including the password vault.

Comment The Developer of Lucky7Coin... (Score 4, Informative) 90

It was not the developer of Lucky7Coin that introduced this backdoor, or at least not the original developer. The heart of this attack was a social engineering. Lucky7Coin support had been abandoned. Someone else came along, claiming that they were taking over support for this particular altcoin. They even created a new github repo for it. As part of the initial commit though they introduced a backdoor. Cryptsy picked up the new version of the code and the rest is history.

Slashdot Top Deals

10.0 times 0.1 is hardly ever 1.0.

Working...