Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×
Security

Bugs In Belkin Routers Allow DNS Spoofing, Credential Theft 3

Trailrunner7 writes: The CERT/CC is warning users that some Belkin home routers contain a number of vulnerabilities that could allow an attacker to spoof DNS responses, intercept credentials sent in cleartext, access the web management interface, and take other actions on vulnerable routers. The vulnerabilities affect the Belkin N600 DB Wireless Dual Band N+ router, model F9K1102 v2 with firmware version 2.10.17, and potentially earlier versions of the firmware, as well. The vulnerabilities have not been patched by Belkin, the advisory from the CERT/CC says there aren't any practical workarounds for them. "DNS queries originating from the Belkin N600, such as those to resolve the names of firmware update and NTP servers, use predictable TXIDs that start at 0x0002 and increase incrementally. An attacker with the ability to spoof DNS responses can cause the router to contact incorrect or malicious hosts under the attacker's control," the advisory says.

Comment Thanks (Score 1) 1

You're right the date range from the Digital Journal article, which was used in the submission to Slashdot, contains a significant typo that changes the importance of the story. I've updated the article with proper dates and a note explaining the significance.

Thanks for the note -- in the future, feel free to use submissions to let us know about such issues, or email the editors directly at editorname@slashdot.org.

Earth

Citi Report: Slowing Global Warming Could Save Tens of Trillions of Dollars 92

Layzej writes with news carried by The Guardian about a report published by the Global Perspectives & Solutions division of Citibank (America's third-largest bank) examining the costs and benefits of a low-carbon future. The report examined two hypothetical futures: one "business as usual," and the other (the "Action" scenario) which includes an aggressive move to reduce energy use and carbon emission. From the article: "One of the most interesting findings in the report is that the investment costs for the two scenarios are almost identical. In fact, because of savings due to reduced fuel costs and increased energy efficiency, the Action scenario is actually a bit cheaper than the Inaction scenario. Coupled with the fact the total spend is similar under both action and inaction, yet the potential liabilities of inaction are enormous, it is hard to argue against a path of action." But there will be winners and losers, says the report: "The biggest loser stands to be the coal industry, where we estimate cumulative spend under our Action scenario could be $11.6 trillion less than in our Inaction scenario over the next quarter century, with renewables, wind and nuclear (as well as energy efficiency) the main beneficiaries."

Submission + - Pile of Bugs in Belkin Routers Allow DNS Spoofing, Credential Theft 1

Trailrunner7 writes: The CERT/CC is warning users that some Belkin home routers contain a number of vulnerabilities that could allow an attacker to spoof DNS responses, intercept credentials sent in cleartext, access the web management interface, and take other actions on vulnerable routers.

The vulnerabilities affect the Belkin N600 DB Wireless Dual Band N+ router, model F9K1102 v2 with firmware version 2.10.17, and potentially earlier versions of the firmware, as well. The vulnerabilities have not been patched by Belkin, the advisory from the CERT/CC says there aren’t any practical workarounds for them.

“DNS queries originating from the Belkin N600, such as those to resolve the names of firmware update and NTP servers, use predictable TXIDs that start at 0x0002 and increase incrementally. An attacker with the ability to spoof DNS responses can cause the router to contact incorrect or malicious hosts under the attacker’s control,” the CERT/CC advisory says.
Cellphones

Smartphone Malware Planted In Popular Apps Pre-sale 35

An anonymous reader writes with news from The Stack that makes it a little harder to scoff at malware on phones as being largely the fruit of dodgy sideloaded software, game cracks, et cetera. They report that even phones marketed as brand new, from well-known brands like Lenovo and Xiaomi, have been tampered with and "infected prior to sale with intelligent malware disguised in popular apps such as Facebook." (To U.S. buyers, those makers may be slightly obscure as cellphone vendors; the scheme this article addresses involves handsets sold by vendors in Europe and Asia, involving more than 20 different handset types.)

Submission + - Lack of sleep puts you at higher risk for colds, first experimental study finds->

sciencehabit writes: Moms and sleep researchers alike have stressed the importance of solid shuteye for years, especially when it comes to fighting off the common cold. Their stance is a sensible one—skimping on sleep weakens the body’s natural defense system, leaving it more vulnerable to viruses. But the connection relied largely on self-reported, subjective surveys—until now. For the first time, a team of scientists reports that they have locked down the link experimentally, showing that sleep-deprived individuals are more than four times more likely to catch a cold than those who are well-rested.
Link to Original Source
Power

Gaming Computers Offer Huge, Untapped Energy Savings Potential 142

Required Snark writes: According to Phys.org, a study by Evan Mills at Berkeley Lab shows that "gamers can achieve energy savings of more than 75 percent by changing some settings and swapping out some components, while also improving reliability and performance" because "your average gaming computer is like three refrigerators." Gaming computers represent only 2.5 percent of the global installed personal computer (PC) base but account for 20 percent of the energy use. Mills estimated that gaming computers consumed 75 TWh of electricity globally in 2012, or $10 billion, and projects that will double by 2020 given current sales rates and without efficiency improvements. Potential estimated savings of $18 billion per year globally by 2020, or 120 terawatt hours (TWh) are possible. Mills started the site GreeningtheBeast.org. You can read the full paper as a PDF.
Science

Carbon Dating Shows Koran May Predate Muhammad 392

HughPickens.com writes: Brian Booker writes at Digital Journal that carbon dating suggests the Koran, or at least portions of it, may actually be older than the prophet Muhammad himself, a finding that if confirmed could rewrite early Islamic history and shed doubt on the "heavenly" origins of the holy text. Scholars believe that a copy of the Koran held by the Birmingham Library was actually written sometime between 568 AD and 645, while the Prophet Mohammad was believed to have been born in 570 AD and to have died in 632 AD. It should be noted, however, that the dating was only conducted on the parchment, rather than the ink, so it is possible that the Koran was simply written on old paper. Some scholars believe, however, that Muhammad did not receive the Koran from heaven, as he claimed during his lifetime, but instead collected texts and scripts that fit his political agenda. "This gives more ground to what have been peripheral views of the Koran's genesis, like that Muhammad and his early followers used a text that was already in existence and shaped it to fit their own political and theological agenda, rather than Muhammad receiving a revelation from heaven," says Keith Small, from the University of Oxford's Bodleian Library. "'It destabilises, to put it mildly, the idea that we can know anything with certainty about how the Koran emerged," says Historian Tom Holland. "and that in turn has implications for the history of Muhammad and the Companions." Update: 09/01 17:32 GMT by S : There was a typo in the dates used by the original linked article — in the press release from the University of Birmingham, the date range given for the parchment is between 568 AD and 645 AD, which overlaps more closely with Muhammad's lifetime. The dates and link have been fixed now in the summary. Historians say this new information highlights the uncertainty surrounding the emergence of such religious texts, rather than being a major upheaval.
The Almighty Buck

Ask Slashdot: What Would You Do If You Were Suddenly Wealthy? 745

An anonymous reader writes: There are a few articles floating around today about comments from Markus Persson, aka "Notch," the creator of Minecraft. He sold his game studio to Microsoft last year for $2.5 billion, but he seems to be having a hard time adjusting to his newfound fame and wealth. He wrote, "The problem with getting everything is you run out of reasons to keep trying, and human interaction becomes impossible due to imbalance. ... Found a great girl, but she's afraid of me and my life style and went with a normal person instead. I would Musk and try to save the world, but that just exposes me to the same type of a$#@%&*s that made me sell minecraft again." While he later suggests he was just having a bad day, he does seem to be dealing with some isolation issues. Granted, it can be hard to feel sorry for a billionaire, but I've wondered at times how I'd handle sudden wealth like that, and I long ago decided it would make the human relationships I'm accustomed to rather difficult. So, how would you deal with Notch's problem? It seems like one the tech industry should at least be aware of, given the focus on startup culture.
Google

Google Facing Fine of Up To $1.4 Billion In India Over Rigged Search Results 149

An anonymous reader writes: The Competition Commission of India has opened an investigation into Google to decide whether the company unfairly prioritized search results to its own services. Google could face a fine of up to $1.4 billion — 10% of its net income in 2014. A number of other internet companies, including Facebook and FlipKart, responded to queries from the CCI by confirming that Google does this. "The CCI's report accuses Google of displaying its own content and services more prominently in search results than other sources that have higher hit rates. It also states that sponsored links shown in search results are dependent on the amount of advertising funds Google receives from its clients. Ecommerce portal Flipkart noted that it found search results to have a direct correlation with the amount of money it spent on advertising with Google." The company has faced similar antitrust concerns in the EU and the U.S

Submission + - Red Fireworks Go Green->

An anonymous reader writes: Makers of fireworks and flares have long believed that the beautiful red color in their explosions could be attained only with chlorine-based compounds. But after these ingredients combust, they can transform into cancer-causing chemicals that then fall to the ground. New chlorine-free pyrotechnics could pave the way for a generation of red fireworks and flares that are better for the environment and for people’s health.

Chemists formulated the new explosive by replacing polyvinyl chloride on the old ingredient list with either hexamine, a preservative in citrus washing solutions, or 5-amino-1H-tetrazole, an air-bag propellant.

Link to Original Source

Submission + - Google Facing Fine of Up To $1.4 Billion In India Over Rigged Search Results->

An anonymous reader writes: The Competition Commission of India has opened an investigation into Google to decide whether the company unfairly prioritized search results to its own services. Google could face a fine of up to $1.4 billion — 10% of its net income in 2014. A number of other internet companies including Facebook and FlipKart responded to queries from the CCI confirming their suspicion that Google does this. "The CCI’s report accuses Google of displaying its own content and services more prominently in search results than other sources that have higher hit rates. It also states that sponsored links shown in search results are dependent on the amount of advertising funds Google receives from its clients. Ecommerce portal Flipkart noted that it found search results to have a direct correlation with the amount of money it spent on advertising with Google." The company has faced similar antitrust concerns in the EU and the U.S
Link to Original Source
Power

Plunging Battery Prices Expected To Spur Renewable Energy Adoption 127

Lucas123 writes: Lithium-ion (Li-on) and flow battery prices are expected to drop by as much as 60% by 2020, making them far more affordable for storing power from distributed renewable energy systems, such as wind and solar, according to a recent report by Australia's Renewable Energy Agency (ARENA). The 130-page report (PDF) shows that Li-on batteries will drop from $550 per kilowatt hour (kWh) in 2014 to $200 per kWh by 2020; and flow battery prices will drop from $680 per kWh to $350 per kWh during the same time. Flow batteries and Li-ion batteries work well with intermittent energy sources such as solar panels and wind turbines because of their ability to be idle for long periods without losing a charge. Both battery technologies offer unique advantages in that they can easily be scaled to suit many applications and have high cycle efficiency, the ARENA report noted. Li-ion batteries more easily suit consumer market. Flow batteries, which are less adaptable for consumer use because they're typically too large, scale more easily because all that's needed to grow storage capacity is more electrolyte liquid; the hardware remains the same.
Government

Where the Tech Industry's Political Donations Are Going 124

An anonymous reader writes: Early estimates suggest the 2016 U.S. presidential election will result in $5-10 billion in spending by candidates and organizations — much more than ever before. To support this, they need lots of contributions, and the tech industry is becoming a significant player. (Not as much as the financial industry, of course, but tech's influence is growing.) Re/Code breaks down which candidates are getting the most money from the tech sector so far. Right now, Senator Marco Rubio (R-FL) has gotten the most tech money by far — more than the rest of the field combined, thanks in large part to Larry Ellison. Jeb Bush, former governor of Florida, is a distant second, followed closely by former Secretary of State Hillary Clinton and Senator Bernie Sanders (I-VT). New Jersey governor Chris Christie and Senator Rand Paul (R-KY) are the only other candidates with significant tech contributions so far. Carly Fiorina, a tech industry veteran, has only managed about $13,000 in donations.

Submission + - Where the Tech Industry's Political Donations Are Going->

An anonymous reader writes: Early estimates suggest the 2016 U.S. presidential election will result in $5-10 billion in spending by candidates and organizations — much more than ever before. To support this, they need lots of contributions, and the tech industry is becoming an significant player. (Not as much as the financial industry, of course, but tech's influence is growing.) Re/Code breaks down which candidates are getting the most money from the tech sector so far. Right now, Senator Marco Rubio (R-FL) has gotten the most money by far — more than the rest of the field combined, thanks in large part to Larry Ellison. Jeb Bush, former governor of Florida, is a distant second, followed closely by former Secretary of State Hillary Clinton and Senator Bernie Sanders. Chris Christie and Rand Paul are the only other ones with significant contributions so far. Carly Fiorina, a tech industry veteran, has only managed about $13,000 in donations.
Link to Original Source

Our OS who art in CPU, UNIX be thy name. Thy programs run, thy syscalls done, In kernel as it is in user!

Working...