Kreggan - Slashdot User

Comment: Re:Complexity breeds problems. (Score 3, Informative) 105

by Kreggan on Tuesday July 24 2007, @02:58PM (#19973573) Attached to: "DNS Forgery Pharming" Attack Against BIND 9

Frankly, yes. The basic concepts of a DNS server are fairly straightforward, but as demonstrated by this attack, the devil is in the details. This attack uses reasonably advanced cryptanalysis, and exploits the predictable behaviour of DNS clients. I suspect that this attack would also have been mitigated by the use of DNSSEC, but the roll-out of that has been held up for years - and DNSSEC itself introduces even more cryptographic complexity.

New presidential directive gives dictatorial power-> 0

Submitted by

the terminal of geoff goodfellow

on Thursday July 19 2007, @10:09PM

the terminal of geoff goodfellow writes "that GlobalResearch.ca reports that by executive order, the president of the United States signed into law directive NSPD 51 & HSPD 20, that in the event of a "catastrophic event" (that could be located anywhere in the world), the president can become what is best described as "a dictator":

"The President shall lead the activities of the Federal Government for ensuring constitutional government."
This directive, completely unnoticed by the media, and given no scrutiny by Congress, literally gives the White House unprecedented dictatorial power over the government and the country, bypassing the US Congress and obliterating the separation of powers. The directive also placed the Secretary of Homeland Security in charge of domestic "security". Would the events of say Sept. 11th, 2001 or hurricane Katrina be "catastrophic events"? A critical analysis on the directive can be found here."
Link to Original Source

iPhone/Yahoo mail security vulnerability-> 0

Submitted by

Will Sheward

on Thursday July 19 2007, @07:13PM

Will Sheward writes "Whilst trying to figure out how the iPhone was doing it's 'push' email with Yahoo (it seems it doesn't — but that's another story) we came across another security flaw. The iPhone authenticates with Yahoo using a private protocol called XYMPKI, used in conjunction with IMAP. Yahoo do not provide a general IMAP service — they use IMAP only for iPhone access. Although the iPhone supports TLS (Transport Layer Security) Yahoo! IMAP doesn't, which can lead to a replay attack. Anyone able to eavesdrop on the authentication exchange, such as when using any open (public or private) wi-fi service, can easily gain full access to the user's email account until the user changes their password. We would advise against using the Yahoo service with an iPhone, because of this security risk. Full details here"
Link to Original Source

Wired: Limit-Telephotographer Spies on Stealth Military Installations->

From feed by wiredfeed on Friday July 13 2007, @01:12AM

Trevor Paglen's subjects are good at keeping secrets - and their distance: Many miles of secure federal land frequently surround the off-limits military installations that he goes to great lengths to photograph.

Link to Original Source

AES may be breakable (and/or have a trapdoor!)-> 0

Submitted by nodrog on Thursday June 21 2007, @04:23PM

nodrog writes "A preprint at the International Association for Cryptologic Research (IACR) claims that AES may be susceptible to a new cryptanalysis technique. From the article abstract: — We describe a new simple but more powerful form of linear cryptanalysis. It appears to break AES (and undoubtably other cryptosystems too, e.g. SKIPJACK). The break is "nonconstructive," i.e. we make it plausible (e.g. prove it in certain approximate probabilistic models) that a small algorithm for quickly determining AES-256 keys from plaintext-ciphertext pairs exists — but without constructing the algorithm. Even if this break breaks due to the underlying models inadequately approximating the real world, we explain how AES still could contain "trapdoors" which would make cryptanalysis unexpectedly easy for anybody who knew the trapdoor. If AES's designers had inserted such a trapdoor, it could be very easy for them to convince us of that. But if none exist, then it is probably infeasibly difficult for them to convince us of that."
Link to Original Source

Legality of laptop border searches->

Submitted by

Bassman59

on Wednesday June 20 2007, @03:45PM

Bassman59 writes "This is something I didn't know they could do ... Apparently, border agents can demand that a citizen returning home must allow searches of the contents of their laptop computers. The good news is that the courts are looking at this."
Link to Original Source

WAN-friendly filesystems for Linux

Submitted by Anonymous Coward on Tuesday June 19 2007, @03:23PM

An anonymous reader writes "What options are there for folks who want to have synchronized filesystems on Internet-connected Linux machines, like at two associated branch offices sharing common data, or a small office with an off-site machine maintained for disaster recover purposes? The files should appear to be local at both locations (caching and file-locking), and changes need to propagate efficiently between the two systems. If the Internet connection becomes temporarily unavailable, the data kept as available as possible on each end in the interim.

We're not talking about rsync-replicated snapshots, although those are useful too, but rather live, fast access to a shared filesystem, with the geographical separation transparent to the end users. If the filesystem is large, it can initially be "seeded" from an image on tape(s)/disk(s)/dvd(s). Both sides should be able to access the common data over local Samba shares, too, if they want.

Production quality reliable solutions that work over DSL-type connections are what we're looking for..."

General Relativity Experimentally Confirmed!

Submitted by Anonymous Reader on Tuesday June 12 2007, @06:43PM

Anonymous Reader writes "I have been watching this project for some years now, eagerly anticipating the results to incorporate them into my own theories on gravity being faster than light. I had feared the experiment was critially flawed because it was so delicate. However when I checked the site today it appears that Gravity Probe B is being hailed as a success!

"GP-B SUCCEEDED IN COLLECTING THE DATA TO TEST EINSTEIN'S PREDICTIONS ABOUT GRAVITY
Over four decades of planning, inventing, designing, developing, testing, training and rehearsing paid off handsomely for GP-B. The 17.3-month flight mission succeeded in collecting all the data needed to carry out this unprecedented, direct experimental test of Einstein's general theory of relativity — his theory of gravity.
...
THE EFFECTS OF GENERAL RELATIVITY ARE CLEARLY VISIBLE"

This is big scientific news. I have yet to peruse the detailed results myself and absorb them into my personal view of the universe, but I am curious what readers here make of the results."

EA Announces support for games on Intel Macs->

Submitted by Anderson Council on Monday June 11 2007, @10:15PM

Anderson Council writes "MacRumors reports from the WWDC, that EA announces support for Intel macs on games. Interesting at least that a games company has decided it's financially sound to develop simultaneous releases for PC and Mac. Probably lead to better OpenGL support in general, which isn't bad."
Link to Original Source

Microsoft playing dirty in Virtualization->

Submitted by Anonymous Coward on Monday June 11 2007, @08:42PM

An anonymous reader writes "In this whitepaer from VMWare:
( http://www.vmware.com/solutions/whitepapers/msoft_ licensing_wp.html )
They detail the various things Microsoft is doing to ensure they own the virtualization market. This sounds like the usual questionable business tactics that has put Microsoft in trouble with the various competition watchdogs around the world. Is the open source virtualization world concerned about these moves by Microsoft? Has anyone started any legal actions against these activities?"
Link to Original Source