Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Slashdot Deals: Cyber Monday Sale Extended! Courses ranging from coding to project management - all eLearning deals 20% off with coupon code "CYBERMONDAY20". ×

Submission + - GIMP Abandons SourceForge. Distributes via FTP Instead (

Dangerous_Minds writes: GIMP, a free and open source altenernative to image manipulation software like Photoshop, recently announced that it will no longer be distributing their program through SourceForge. Citing some of the ads as reasons, they say that the tipping point was "the introduction of their own SourceForge Installer software, which bundles third-party offers with Free Software packages. We do not want to support this kind of behavior, and have thus decided to abandon SourceForge." The policy changes were reported back in August by Gluster. GIMP is now distributing their software via their own FTP page instead. Is Sourceforge becoming the next CNET?

Submission + - What Apple Does and Doesn't Know About You (

Daniel_Stuckey writes: Tucked inside Apple's first-ever transparency report, published yesterday, was a not-so-subtle dig at the tech giant's competitors. "Our business does not depend on collecting personal data," Apple wrote. "We have no interest in amassing personal information about our customers." It's no secret that for social web companies like Google or Facebook, collecting, storing, and analyzing data about every aspect of your life translates into cold, hard cash—the more sensitive and personal, the better. But in the emerging post-NSA new world order, the unwritten privacy-for-cool services agreement that drives the internet ecosystem is making netizens increasingly uneasy.

Submission + - Top WordPress Plugins Contain Serious Security Vulnerabilities (

wiredmikey writes: According to recent analysis of the top 50 most downloaded plugins for the WordPress platform, 18 were vulnerable and could be exploited to infect Websites and distribute malware. Out of the top 10 most popular e-commerce plugins, seven contained serious security flaws. Two were directly from the WordPress team and affected BuddyPress, and several dealt with online payments or interacted with Facebook and other social networks, according to Maty Siman of security firm Checkmarx.

Many of the popular add-ons could be exploited by a number of common attacks, such as SQL injection and cross-site scripting, Checkmarx found, meaning that attackers can easily use an automated exploit kit and point it to a WordPress site and compromise it.

This problem isn't unique to WordPress. While the survey looked at only WordPress plugins because of the platform's popularity, other content management platforms and other Web software suffer similar problems.

The first version always gets thrown away.