Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Cyber Monday Sale Extended! Courses ranging from coding to project management - all eLearning deals 20% off with coupon code "CYBERMONDAY20". ×

Submission + - Why IoT Security Is So Critical (techcrunch.com)

An anonymous reader writes: Software engineer Ben Dickson starts off an opinion piece about Internet of Things security with this amusing comment: "Twenty years ago, if you told me my phone could be used to steal the password to my email account or to take a copy of my fingerprint data, I would’ve laughed at you and said you watch too much James Bond. But today, if you tell me that hackers with malicious intents can use my toaster to break into my Facebook account, I will panic and quickly pull the plug from the evil appliance." Dickson then lays out many of the issues with securing internet-connected devices, and explains the work being done to make them more secure. He highlights areas that manufacturers must focus on: "In contrast to human-controlled devices, they go through a one-time authentication process, which can make them perfect sources of infiltration into company networks. Therefore, more security needs to be implemented on these gateways to improve the overall security of the system. ... There also must be a sound plan for installing security updates on IoT devices. Each consumer will likely soon own scores — if not hundreds — of connected devices. The idea of manually installing updates on so many devices is definitely out of the question, but having them automatically pushed by manufacturers also can be a risky business."

Submission + - How wikileaks killed Spain's anti-P2P law (zeropaid.com)

Frankie70 writes: Spain last night killed a controversial anti-P2P bill that would have made it easier to shut down websites that link to infringing content. Wikileaks exposed the pressure from the United States to push through the highly controversial law in Spain. It seems that the exposure of the pressure from the US may have backfired somewhat because the provision in the Sustainable Economy Act that would mandate ISPs to block websites should they get a call from the Culture Ministry has been voted down
The Internet

Submission + - BIND Still Susceptible to DNS Cache Poisoning

An anonymous reader writes: To lazy to write a full summary. Someone else can do it. John Markoff of NYTimes writes about a Russian physicist who has successfully poisoned the latest, patched BIND with randomized ports. Originally, the randomized ports were never supposed to completely solve the problem, but just make it harder to do. It was thought that with port randomization it would take roughly a week to get a hit, but using his own exploit code, 2 desktop computers and a GigE link, the Russian hacker reduced the time to 10 hours. Link to NY Times story: http://www.nytimes.com/2008/08/09/technology/09flaw.html?partner=rssnyt&emc=rss Link to Zbr site: http://tservice.net.ru/~s0mbre/blog

Submission + - Metallica Album Preview Cover-up? (comcast.net)

Kifoth writes: It's Metallica vs The Internet again.

It seems as though the band have tried to strong arm early album reviews off the web.

From the article: "The Quietus and other websites ran pieces on the album, but were quickly contacted by Metallica's management via a third party and told to remove the articles. The Quietus kept our article up the longest and, as no non-disclosure agreement had been signed, [was] not prepared to remove it merely due to the demands of Metallica's management. We only eventually removed the article earlier today to protect the professional interests of the writer concerned"

Metallica: 0 — Google Cache: 1

Wireless Networking

Submission + - Wi-Fi routers are vulnerable to viruses (newscientist.com) 3

Harry Coal writes: The viral infection that began in Cambridge, Massachusetts, somewhere between MIT and Harvard University, failed to cross the Charles River into Boston; in California, the San Francisco Bay stymied a similar attack. This was not a biological infection, but the first simulation of an airborne computer virus. It spread by hopping between wireless routers, which are more susceptible to viruses than computers, says Steven Myers of Indiana University in Bloomington. "We forget that routers are mini-computers. They have memory, they are networked and they are programmable." And since they aren't scanned for viruses, or protected by existing firewalls, they are easy targets. Myers knows of no actual router viruses, but says such a virus could steal credit-card numbers, make the router send out spam and block incoming security patches. Routers close enough together to communicate — less than 100 metres apart — could act as a vast network for viruses. Although routers don't usually communicate with each other, it would be easy enough for malicious hackers to use a virus to switch on that capability if the router's encryption system were weak, Myers says.

Submission + - Inside a Modern Malware Distribution System 1

Scrabblous writes: "This eweek.com article provides a peek at the backend code and control server associated with Pushdo, a complex Trojan downloader that meticulously tracks its victims. From the article: For starters, the Pushdo controller uses the GeoIP geolocation database in conjunction with whitelists and blacklists of country codes to allow the malware distributor to limit one of the malware loads from infecting users located in a particular country. It also goes a step further, logging the victim's primary hard drive serial number, tracking whether the file system is NTFS, the number of times the victim system has launched a Pushdo variant, and the Windows OS version that executed the malware."

Feed Techdirt: What The Entertainment Industry Could Learn From Al Neuharth (techdirt.com)

No matter what you feel about USA Today founder Al Neuharth (who certainly elicits quite a strong reaction from many people), he revealed a very interesting story about a decision made in the early days of USA Today in an interview on the 25th anniversary of the paper. It's a story that the entertainment industry, busy in its plan to sue college kids, could learn a lot from. Apparently, soon after USA Today launched, some college kids stole some of the cool looking vending machines USA Today was using. Neuharth then took what may seem like the counter-intuitive step in dealing with it:

"Our lawyers, as lawyers are wont to do, said, "Let's sue the bastards." And I said, "Like hell we will. Let's find them and we will make them our distributors." And we did that."
Every time we write about why it's dumb for the entertainment industry to enforce its copyrights in doing things like suing YouTube, people yell at us for taking away the rights of content creators. This is a misreading of what we've been writing. We've never said to take away their rights -- just that they can be better off if they choose, of their own will, to ignore those rights and use the fact that people are using their content to their advantage. It's the same thing here. Neuharth clearly would have been within his rights to follow his lawyers' advice and "sue the bastards." Instead, he realized that it could make a lot more business sense to realize that these "criminals" could be a lot more useful. Clearly, they were "fans" of USA Today, so why not use that to the company's advantage and make them distributors, helping to promote USA Today? It's the same thing with the entertainment industry today. For those who decide not to enforce copyrights, and actually encourage their best fans to promote and share their content for them, it can help get a lot more attention, a lot more fans and open up many new avenues for profit.

16.5 feet in the Twilight Zone = 1 Rod Serling