Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×

+ - Lenovo Accused of Pushing Self-signed MITM Proxy-> 2

Submitted by jones_supa
jones_supa (887896) writes "More OEM crapware coming at you. Chinese hardware manufacturer Lenovo has come under fire for allegedly shipping consumer Windows laptops with software that hijacks secure website connections, as well as inserting ads into search results. The software is called "Superfish" and it installs its own self-signed root certificate authority. Superfish comes with Lenovo consumer products only, and is a technology that helps users "find and discover products visually". The technology instantly analyzes images on the web and presents identical and similar product offers. Google's Chris Palmer has been analyzing the issue on a Yoga 2 laptop. He has confirmed with one other affected user that the certificates used share the same key, which leaves any impacted Lenovo user vulnerable to an attack from anyone able to extract the certificate's private key, with the user left without any warning or notice of such an attack. Superfish can be uninstalled, but it reportedly leaves the root certificate authority behind. On a new laptop, the software can be disabled simply by not accepting the Terms of User and Privacy Policy on initial setup."
Link to Original Source

Comment: Re:Let me get this straight (Score 3, Informative) 158

by SQL Error (#48599447) Attached to: 9th Circuit Will Revisit "Innocence of Muslims" Takedown Order

Well, it goes many ways to Sunday, but long story short this has potential uses. Just imagine if an extra on Stupid Franchise That Needs To Die VII could get it yanked if "I didn't expect a certain character to make any appearances" could be a valid argument. (Though I joke, misrepresentation of contract is legally dishonest but should have been a tort with the production team, not a DMCA claim with hosts. She should have taken it one rung up the ladder, so to speak - Google is "too late" in that process.)

This exactly. Its not that the actress doesn't have rights here, it's that the court affirmed the wrong rights. If the filmmaker materially misrepresented the film or the role in writing, that should be a fairly straightforward lawsuit.

Comment: Re:Stop giving her attention (Score 4, Insightful) 105

by SQL Error (#48290507) Attached to: Video Raises Doubts About Attkisson's Claims of Malicious Hacking

I think a technical debunking of her claims of being hacked is ideal Slashdot material.

We don't have enough information yet. to properly analyse those claims. What I've seen written so far has been sensationalised and technically incoherent. That's reason enough to dismiss it, but not reason enough to consider it proven false.

Comment: Re:Wake up America ... (Score 1) 95

Automation is fundamentally incompatible with capitalism, or at least a version of capitalism where people are expected to "earn" their income by working.

Automation is fundamentally incompatible with some magic fairy version of capitalism where no jobs are eliminated but everyone has a better standard of living. But for those of us living in the real world, there's no incompatibility. Automation improves efficiency and so reduces cost. Yes, it shifts jobs, and yes, that causes social problems, and no, I don't have a solution for that, and nor does anyone else. But writing nonsense about it doesn't change what is real.

Any sufficiently advanced technology is indistinguishable from a rigged demo.

Working...