Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Submission + - Linux antivirus? 3

garyebickford writes: "Does an actually useful antivirus software package for Linux exist — either FOSS or commercial?

Today's article cited in Slashdot's Apple section discusses Apple's recommendation for its users to install antivirus software. I think that Linux users who think viruses won't attack their machines are increasingly whistling in the dark. Depending on its lack of market penetration will eventually be a failing strategy, as Linux becomes more popular in servers, appliances and especially desktops and laptops.

Considering the widely distributed development process and vast number of applications developed by (largely altruistic) independent teams all over the world, preventing viruses permanently is an intractable problem. I have personally come up with at least a few motives and methods for evil baddies to incorporate evil software into essential Linux applications in such a way that the exploit might not become known until triggered some time in the future. If you think about it, it is not a substantially different problem than a 'mole' infiltrating a high tech company or government body.

I confess that I sometimes do not exercise sufficient care when installing software. I suspect I am not alone, and even if I do take care, it would be highly difficult for me or anyone, no matter how sophisticated, to catch all possible exploits by reading the code. What if a user is offered a downloaded software package? What if it's my hypothetical grandmother who I have converted to Linux? They might accept the installation, and even provide the root password. No, they shouldn't — but some absolutely will. Or what if the software exploits a hidden flaw in some other software to achieve root access?

Once an exploit is executed and discovered, the community will no doubt be very quick in response, but that is closing the barn door after the horse has been stolen."

Submission + - Toshiba slashes HD DVD prices (computerworld.com)

Lucas123 writes: "Toshiba announced today that it will slash the prices on HD DVD players from 40% to 50% to boost market adoption of its hi-def DVD format by mainstream consumers after it said it had a successful fourth quarter in unit sales. "While price is one of the consideration elements for the early adopter, it is a deal-breaker for the mainstream consumer," said Toshiba executive Yoshi Uchiyama in a statement."

Submission + - Google redesigns mobile apps after iPhone surge (networkworld.com)

jbrodkin writes: "Google had to redesign its mobile applications to enable faster browsing for the iPhone's unique touch-based interface after realizing that a disproportionate amount of mobile Web traffic is coming from iPhone owners. Symbian operating systems are 30 times as prevalent as the iPhone, yet traffic to Google from the iPhone actually surpassed traffic to Google from Symbian phones over the Christmas holiday. Yahoo and a major ad agency have noticed similar surges in iPhone traffic. Google has acted quickly, rushing new improvements to applications like search, e-mail, calendar and news feeds, making them easier to manipulate with the iPhone's touch screen."

Submission + - Indian ISP Bharti goofs up, lands innocent in jail (indiatimes.com)

Chronically_Dissatisfied writes: "An Indian man was "mistakenly" sent to jail for 50 days and tortured when his ISP Bharti Airtel turned in the wrong IP address. The Bangalore based software engineer had allegedly posted unpolitical comments about a religious leader, which in turn was revealed to the Police by Google's Orkut. The Service provider, which has subsequently been sued, has apologized for the "inconvinience", but had the effrontery to send a text message to the accused's mobile phone about an impending bill payment."
The Courts

Submission + - FBI Doesn't Tell Courts About Bogus Evidence

dprovine writes: According to a joint investigation by series of articles in The Washington Post and 60 Minutes, a forensic test used by the FBI for decades is known to be invalid. The National Academy of Science issued a report in 2004 that FBI investigators had given "problematic" testimony to juries. The FBI later stopped using "bullet lead analysis", but sent a letter to law enforcement officials saying that they still fully supported the science behind it. Hundreds of criminal defendants — some already convicted in part on the testimony of FBI experts — were not informed about the problems with the evidence used against them in court. Does anyone at the Justice Department even care about what effect this will have on how the public in general (and juries in particular) regards the trustworthiness of FBI testimony?

Submission + - Vote to Eliminate Leap Seconds 6

Mortimer.CA writes: As mentionted on Slahdot previously, there is a proposal to remove leap seconds from UTC (nee 'Greenwich' time). It wil be put to a vote to ITU member states, and if 70% agree, the leap second will be eliminated by 2013. There is some debate as to whether this change is a good or bad idea. One philosophical point opponents make is that the 'official' time on Earth should match the time of the sun and heavens. People with appliances that blink '12:00' can probably ignore this issue.
United States

Submission + - 15% of United States Workforce Routinely Drunk (sciencedaily.com) 3

bl8n8r writes: "According to an article based on research conducted by the University of Buffalo, Alcohol use and impairment at work is a problem for 15% of the U.S. workforce (19.2 million people). Not surprisingly, Among the broad group of occupations with the highest rate of use were the management and sales occupations with grounds maintenance pulling in an honorable mention. Perhaps the next interview will go better if you bring along some Crown Royal"

Submission + - iPhone/Yahoo mail security vulnerability (isode.com)

Will Sheward writes: "Whilst trying to figure out how the iPhone was doing it's 'push' email with Yahoo (it seems it doesn't — but that's another story) we came across another security flaw. The iPhone authenticates with Yahoo using a private protocol called XYMPKI, used in conjunction with IMAP. Yahoo do not provide a general IMAP service — they use IMAP only for iPhone access. Although the iPhone supports TLS (Transport Layer Security) Yahoo! IMAP doesn't, which can lead to a replay attack. Anyone able to eavesdrop on the authentication exchange, such as when using any open (public or private) wi-fi service, can easily gain full access to the user's email account until the user changes their password. We would advise against using the Yahoo service with an iPhone, because of this security risk. Full details here"

Let's organize this thing and take all the fun out of it.