Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror

Comment: Re:Ought to bring down ... (Score 2) 151

by NIK282000 (#48310259) Attached to: Ford Develops a Way To Monitor Police Driving

Knowing where speed traps are would make them 100% effective. The point is to reduce speeding and no one will speed if they know there is a trap on the road, no one gets a ticket and the road becomes safer. The only way in which the trap is ineffective is that it doesn't generate any cash for the department.

Security

Researcher Finds Tor Exit Node Adding Malware To Downloads 126

Posted by Soulskill
from the at-least-it's-anonymous-malware dept.
Trailrunner7 writes: A security researcher has identified a Tor exit node that was actively patching binaries users download, adding malware to the files dynamically. The discovery, experts say, highlights the danger of trusting files downloaded from unknown sources and the potential for attackers to abuse the trust users have in Tor and similar services. Josh Pitts of Leviathan Security Group ran across the misbehaving Tor exit node while performing some research on download servers that might be patching binaries during download through a man-in-the middle attack.

What Pitts found during his research is that an attacker with a MITM position can actively patch binaries–if not security updates–with his own code. In terms of defending against the sort of attack, Pitts suggested that encrypted download channels are the best option, both for users and site operators. "SSL/TLSis the only way to prevent this from happening. End-users may want to consider installing HTTPS Everywhere or similar plugins for their browser to help ensure their traffic is always encrypted," he said via email.
Security

Hackers Break Into HealthCare.gov 150

Posted by samzenpus
from the our-bad dept.
mpicpp is one of many to point out that hackers broke into the HealthCare.gov website in July and uploaded malicious software. "Hackers silently infected a Healthcare.gov computer server this summer. But the malware didn't manage to steal anyone's data, federal officials say. On Thursday, the Health and Human Services Department, which manages the Obamacare website, explained what happened. And officials stressed that personal information was never at risk. "Our review indicates that the server did not contain consumer personal information; data was not transmitted outside the agency, and the website was not specifically targeted," HHS spokesman Kevin Griffis said. But it was a close call, showing just how vulnerable computer systems can be. It all happened because of a series of mistakes. A computer server that routinely tests portions of the website wasn't properly set up. It was never supposed to be connected to the Internet — but someone had accidentally connected it anyway. That left it open to attack, and on July 8, malware slipped past the Obamacare security system, officials said.
Patents

Intellectual Ventures Sheds At Least Part of Its "Patent Troll" Reputation 75

Posted by timothy
from the look-sir-it-has-atoms dept.
pacopico writes Intellectual Ventures, the world's most infamous patent troll, has changed its tune — maybe. According to a story in Businessweek, the company has started turning a number of its ideas into products, ranging from hydration sensors to waterless washing machines and self-healing concrete. The story reveals some new tidbits about IV, including that it pays inventors $17,000 per idea, has a new start-up fund and that one of its cofounders got tossed out of school for hacking. IV is obvisouly trying to improve its reputation, but plenty of skeptics remain who think this is just a ruse meant to draw attention away from its patent lawsuits.

Comment: Neither (Score 2, Insightful) 436

by NIK282000 (#47561551) Attached to: Which Is Better, Adblock Or Adblock Plus?

If the ads on a site are so obstructive or malicious that you want to block them then stop using that site. Blocking ads only encourages site operators to use more aggressive ad serving tactics and resorting to that kind of subsidized assault on the user is usually an indicator that the site doesn't have anything useful on it in the first place.

In the sciences, we are now uniquely priviledged to sit side by side with the giants on whose shoulders we stand. -- Gerald Holton

Working...