Forgot your password?
typodupeerror

Comment: There are already bigger though (Score 4, Informative) 221

by JenniP (#44282411) Attached to: Samsung Ups Ante In Smartphone Size Wars: 6.3 Inches
http://uk.asus.com/Tablet/Fonepad/ASUS_Fonepad/

I just bought an Asus Fonepad to replace my ageing Galaxy Note (Which is still a nice phone but too small). The Fonepad is 7" (Nexus 7 sized), and is a completely functional phone, although I haven't had to take a call yet I can imagine you will look a complete idiot.

Jen

Comment: Re:Let's do the math (Score 1) 193

Except that 6 minutes is a very conservative estimate, I work in local government and our PC's were taking 20 minutes+ to get to a state they were usable. Worse if you were at one of the remote offices with poor WAN links you could be waiting upwards of 30-40 minutes. We recently did a complete restructure of our AD that along with an upgrade to Windows 7 and a series of PC refreshes has cut this dramatically, down to 3-4 minutesish now. However as for this £6000 figure I can see how this could work, where I work all PC and IT services are managed in house and I think on the whole we provide a good service to our customers, but most central government departments outsourced it all and its now generally dire, my partner has one of the better machines in their office and its cringingly slow, very out of date (1.2Ghz single core) and still running Windows XP with no announced plans to get off XP before support expires.
Idle

+ - Best Buy Flexes Legal Muscles Over "Geek" Word -> 1

Submitted by siliconbits
siliconbits (943161) writes "US Electronics retailer Best Buy has been slow but steady in the fight to protect its Geek Squad trademark but some are wondering whether the 800-lbs gorilla of tech retailing sector is not going too far in its war to right some wrongs.
The word "Geek" is a century-old word that used to mean a fool or crazy but has, since the beginning of the 1980's, been associated with fans of technology in general and computers in particular.
That hasn't prevented a number of geek-related themed companies from being hit over the last decade by Best Buy's legal team including Geek Housecalls, Rent a Geek, Geek Rescue, Speak with A Geek and, not surprisingly, archrival Newegg."

Link to Original Source

+ - Skype Said to Fire Executives, Avoiding Payouts->

Submitted by jkirch
jkirch (2224694) writes "Skype Technologies SA, the Internet- calling service being bought by Microsoft Corp. (MSFT), is firing senior executives before the deal closes, a move that reduces the value of their payout, according to three people familiar with the matter.

Vice Presidents David Gurle, Christopher Dean, Russ Shaw and Don Albert were dismissed from the Luxembourg-based company, said the people, who requested anonymity because the departures aren’t public. Chief Marketing Officer Doug Bewsher and Anne Gillespie, head of human resources, were also fired. Executives Ramu Sunkara and Allyson Campa, from the 2011 Qik purchase, were also let go."

Link to Original Source
Security

+ - Most Attacks Still Use Old Exploits For Old Bugs->

Submitted by Trailrunner7
Trailrunner7 (1100399) writes "While the high-profile attacks against RSA, Google and others over the last couple of years has focused a lot of attention on defending against advanced, targeted attacks, the fact remains that most attackers are in fact relying on crimeware packs loaded with commodity exploits for older vulnerabilities that have no trouble bypassing the security systems deployed at the vast majority of enterprises today.
Researcher Dan Guido looked at many of the major crimeware packs that are in use today, including kits such as Zeus, Spyeye and others, and looked at what kind of exploits they're using. What he found is that not only did the huge majority of the exploits target a handful of widely deployed platforms, only a tiny percentage of them could possibly be called sophisticated. In 2010, the crimeware packs mostly targeted just five platforms with vulnerabilities discovered that year: Java, Adobe Flash, Adobe Reader, QuickTime and Internet Explorer.

And only five of the exploits seen in the last two years have used any bypass of the ASLR and DEP exploit mitigations included in many browsers, and those were mostly based on publicly available code written by a security researcher."

Link to Original Source
Security

+ - SSL/TLS vulnerability widely unpatched-> 1

Submitted by
kaiengert
kaiengert writes "In November 2009 a Man-In-the-Middle vulnerability for SSL/TLS/https was made public (CVE-2009-3555), and shortly afterwards demonstrated to be exploitable. In February 2010 researchers published RFC 5746 that described how servers and clients can be made immune. Software that implements the TLS protocol enhancements became available shortly afterwards. Most modern web browsers are patched, but the solution requires that both browser developers and website operators take action.

Unfortunately, 16 months later, many major websites, including several ones that deal with real world transactions of goods and money, still haven't upgraded their systems.

Even worse, for a big portion of those sites it can be shown that their operators failed to apply the essential configuration hotfix. They support the style of handshakes that can allow a MITM attacker to inject attack data into the transaction stream.

Here is an exemplary list of patched and unpatched sites, along with more background information. The patched sites demonstrate that patching is indeed possible.

Given that attackers could execute malicious transactions with a customer's credentials, customers should demand that this security issue gets resolved quickly. What can we do to remind service providers that fixing this issue deserves a high priority?"

Link to Original Source
Hardware

+ - K-computer: What made it the fastest in the world?-> 3

Submitted by AustinAlert
AustinAlert (2203328) writes "The Japanese K-computer supercomputer took the world title for the fastest computer in the world, after the latest TOP500 list was announced Monday morning at the International Supercomputing Conference in Hamburg, Germany. In this article, the author sets out to understand why this computer is fast as well as energy-efficient. Apparently, the microprocessor chips that were used are very energy efficient. Thus, the author, being a microprocessor architect, explores the chip architecture in great depth.

There are five unique features about the Sun VIIIfx processor including ISA extensions, software controlled caches, software predication, a deep pipeline, and a lack of threading. I particularly liked his analysis of why this chip did not do threading. A must read for anyone interested in this kind of stuff!"

Link to Original Source

+ - Turning memories on/off with the flip of a switch->

Submitted by cylonlover
cylonlover (1921924) writes "Using electrical probes embedded into the brains of rats, scientists have managed to replicate the brain function associated with long-term behavior and found a way to literally turn memories on and off with the flip of a switch. The scientists hope their research will eventually lead to a neural prosthesis to help people suffering Alzheimer's disease, the effects of stroke or other brain injury to recover long-term memory capability."
Link to Original Source
Google

+ - Google Hackers Had Ability to Alter Source Code->

Submitted by ub3r n3u7r4l1st
ub3r n3u7r4l1st (1388939) writes "Hackers who breached Google and other companies in January targeted source-code management systems, security firm McAfee asserted Wednesday. They manipulated a little-known trove of security flaws that would allow easy unauthorized access to the intellectual property the system is meant to protect.

The software-management systems, widely used at businesses unaware that the holes exist, were exploited by the Aurora hackers in a way that would have enabled them to siphon source code, as well as modify it to make customers of the software vulnerable to attack. It’s akin to making yourself a set of keys in advance for locks that are going to be sold far and wide."

Link to Original Source

Comment: Its not an easy place to cross (Score 5, Informative) 929

by JenniP (#30455834) Attached to: Israeli Border Police Shoot US Student's Laptop
I've crossed into Israel at this particular border point, around 5 years ago, and yes it was one of the hardest border crossings I've ever done, we were part of a tourist party who were going to be in Israel for around 30 minutes (a quick drive through Elat then out into Jordan), and its not somewhere I would take anything bigger than a camera I would even if I could empty the card before I went through. Everything was Xrayed, the metal detectors were so sensitive every scrap of metal was detected, a few people having to remove jeans with quite a few studs, your personal property was swabbed and checked for explosives and then once through there you were grilled about your personal details at passport control, quite a few people getting long grillings. All under the watch of guys with automatic weapons. It wasn't a place you made any kind of joke, you do exactly as you are told. At the time I though it was overkill then a week later this happened http://en.wikipedia.org/wiki/2004_Sinai_bombings, a terrorist attack aimed at the Israelis pretty much at that border point (although on the Egyptian side), kind of puts it all into perspective. Saying that since that border crossing, I am a lot more careful what I take with me, laptops and cameras fully backed up, and only take essentials, even bought a travel laptop so my main machine would stay safe at home. Everything electrical packed into one easy to search bag. Jen

Comment: Development uses only (Score 2, Insightful) 627

by JenniP (#23931583) Attached to: When Is a Self-Signed SSL Certificate Acceptable?

I'm a software developer and will often create my own certificates for testing purposes, and in my test lab people will trust them, however out in the wild there is no excuse for not getting a proper certificate signed by a proper authority.

Not only is this coming across as the company trying to do things on the cheap it has the possiblity of unraveling the trust of SSL for places you actually care about. If this becomes wide spread just think of the phishers create a copy of A Bank's site make their own SSL and put a note on the login screen "Dont worry you have to do some work to trust this certificate everything is alright honest guv."

Personally I normally trust self signed SSL certificates for sites I visit if they have them as i know the risks, but to potentially undermine for general users is just mad.

Some people have a great ambition: to build something that will last, at least until they've finished building it.

Working...