Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

+ - Where do you host open source projects (for non-developer users)?

Submitted by StealthHunter
StealthHunter (597677) writes "I know that github is popular as is Google code, but where do you host open source projects when your primary user base just wants to read webpages and download software? As in, the average person that doesn't want to figure out how to use svn or navigate wiki pages. Google code used to have "downloads" but those have recently been abandoned and github's norm is an awkward "tarball commit" for releases. Is SourceForge really the only option?"

+ - First major Chinese computer security CTF (hosted by Baidu)->

Submitted by Anonymous Coward
An anonymous reader writes "Computer and Network security Capture the Flag events have recently gained great popularity. Arguably the most well-known is the contest associated with the annual hacker con: DEFCON. Most other CTFs are mostly English-speaking and held by US or European universities (though South Korea is visibly present in the circuit). Now the search giant Baidu is hosting one in Chinese and there are serious prizes. The affiliated university hosts the first Chinese team to make it to the DEFCON CTF finals."
Link to Original Source

+ - Do you ever wonder where video game characters go when they die?->

Submitted by StealthHunter
StealthHunter (597677) writes "Recycled into another game! At least temporarily. That is the basis of continue?9876543210

"You are a dead, failed video game character wandering the recesses of the Random Access Memory, trying to find peace in the final moments of your existence before being deleted forever...."

This game is full of objects and scenarios that have deeper meanings. Can you identify the system bus, the creation of null pointers in the vimeo trailer?

Yes, it runs on Linux (and OSX, IOS, and Windows)."

Link to Original Source

+ - Browser user-agent triggered backdoor found in D-Link home routers ->

Submitted by StealthHunter
StealthHunter (597677) writes "It turned out that just by setting a browsers user-agent to "xmlset_roodkcableoj28840ybtide" anyone can remotely bypass all authentication on D-Link routers. It seems that thttpd was modified by Alphanetworks who inserted the backdoor. Unfortunately, vulnerable routers can be easily identified by services like shodanHQ. At least these models may have vulnerable firmware: DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240."
Link to Original Source
Security

+ - QR code phishing study demonstrates viability of the attack - users ARE curious!->

Submitted by StealthHunter
StealthHunter (597677) writes "QR codes are starting to appear everywhere. The 2D barcode is an easy way to get unauthenticated data into a smartphone, and many apps automatically visit URLs found in QR codes without allowing the user to see the URL first. We attempt to teach users not to click on links, but what about QR codes? A new study shows that people scan QR codes primarily out of curiosity, and that the devices used to scan are unpatched against the latest exploits leaving users fundamentally unprotected.

The work from Carnegie Mellon will be presented at the Workshop on Usable Security in Japan next week. The data collection period strangely correlates with news and Slashdot posts observing such an attack."

Link to Original Source
Privacy

+ - Mobile Phone Use Patterns Identify Individuals Better Than Fingerprints->

Submitted by
chicksdaddy
chicksdaddy writes "Mobile phone use may be a more accurate identifier of individuals than even their own fingerprints, according to research published on the web site of the scientific journal Nature.
Scientists at MIT and the Université catholique de Louvain in Belgium analyzed 15 months of mobility data for 1.5 million individuals who the same mobile carrier. Their analysis, “Unique in the Crowd: the privacy bounds of human mobility” showed that data from just four, randomly chosen “spatio-temporal points” (for example, mobile device pings to carrier antennas) was enough to uniquely identify 95% of the individuals, based on their pattern of movement. Even with just two randomly chosen points, the researchers say they could uniquely characterize around half of the 1.5 million mobile phone users. The research has profound implications for privacy, suggesting that the use of mobile devices makes it impossible to remain anonymous – even without the use of tracking software.

For their research, they studied anonymized carrier data from a “significant and representative part of the population of a small European country.” In the study, the researchers used sample data collected between April 2006 and June 2007. Each time a user interacted with their mobile phone operator network by initiating or receiving a call or a text message, the location of the connecting antenna was recorded, providing both a spatial and temporal data point.
“We show that the uniqueness of human mobility traces is high, thereby emphasizing the importance of the idiosyncrasy of human movements for individual privacy,” the researchers write. Given the amount of information that can be inferred from mobility data, as well as the potentially large number of simply anonymized mobility datasets available, this is a growing concern.”"

Link to Original Source
Android

+ - Study says users (at least a set that thinks about security) prefer Android->

Submitted by StealthHunter
StealthHunter (597677) writes "The survey, conducted by av-comparatives, asked 5000 users questions about browsers, mobile OS, etc. "The survey also asked about preferred mobile operating systems and preferred browsers. Android took 51 percent of mobile users, Symbian 17 percent, and iOS/Apple 17 percent. The report notes that the dominance of Android means it will remain the biggest target for malware."

This survey doesn't quite match recent market-share numbers by Neilson which shows 52% Android, 34% iOS, and 8% BlackBerry."

Link to Original Source

+ - Fantastic JS1K submissions->

Submitted by Anonymous Coward
An anonymous reader writes "With just five days left in the current "write 1kb of JavaScript" competition, the submissions are becoming increasingly impressive. Take for instance a beautiful 3d animation, written in 1k and drawing on a 2d canvas. Or a mine cart animation. If you wait long enough you'll actually get to caves! Can you manage to write a demo that fits on the hall of fame before the deadline closes?"
Link to Original Source

+ - T-Mobile ends contracts, ends subsidies.

Submitted by AlphaWolf_HK
AlphaWolf_HK (692722) writes "In what I see as a refreshing change, T-Mobile, the fourth largest carrier in the USA, has made sweeping changes to its service, with its CEO saying: "Here's the deal: If we suck this month, go somewhere else. If we're good, stay with us." after quietly ending contract plans last weekend. As part of that change, the new base plan will include unlimited access, including voice, text, and data. Data will be restricted to edge speeds after 500GB with no overage costs, but can be upgraded to 2.5GB for $10, or unlimited for $20. Portable wifi hotspot usage is also unrestricted for no additional cost. In addition, LTE services just went live in 8 markets. As is already standard practice with t-mobile, you are free to bring your own device. However, customers won't be fronting the full cost of the phone with unsubsidized plans. Unlike in the past, they'll know exactly what they're paying for the phone by means of interest free installments, and paying off the phone is an option at any time. Oh, and they're also offering the iphone 5 next month for $650. Or, you can do as I did and drop a cool $300 on a Nexus 4 directly from google, which unofficially works with t-mobiles LTE."
Security

+ - Could the Election of the New Pope be Hacked? 1

Submitted by
Hugh Pickens writes
Hugh Pickens writes writes "The rules for papal elections are steeped in tradition. John Paul II last codified them in 1996, and Benedict XVI left the rules largely untouched. The "Universi Dominici Gregis on the Vacancy of the Apostolic See and the Election of the Roman Pontiff" is surprisingly detailed. Now as the College of Cardinals prepares to elect a new pope, security people like Bruce Schneier wonder about the process. How does it work, and just how hard would it be to hack the vote? First, the system is entirely manual, making it immune to the sorts of technological attacks that make modern voting systems so risky. Second, the small group of voters — all of whom know each other — makes it impossible for an outsider to affect the voting in any way. The chapel is cleared and locked before voting. No one is going to dress up as a cardinal and sneak into the Sistine Chapel. In short, the voter verification process is about as good as you're ever going to find. A cardinal can't stuff ballots when he votes. Then the complicated paten-and-chalice ritual ensures that each cardinal votes once — his ballot is visible — and also keeps his hand out of the chalice holding the other votes. Ballots from previous votes are burned, which makes it harder to use one to stuff the ballot box. What are the lessons here? First, open systems conducted within a known group make voting fraud much harder. Every step of the election process is observed by everyone, and everyone knows everyone, which makes it harder for someone to get away with anything. Second, small and simple elections are easier to secure. This kind of process works to elect a pope or a club president, but quickly becomes unwieldy for a large-scale election. And third: When an election process is left to develop over the course of a couple of thousand years, you end up with something surprisingly good."
Firefox

+ - Firefox Will Soon Block Third-Party Cookies->

Submitted by Anonymous Coward
An anonymous reader writes "Stanford researcher Jonathan Mayer has contributed a Firefox patch that will block third-party cookies by default. It's now on track to land in version 22. Kudos to Mozilla for protecting their users and being so open to community submissions. The initial response from the online advertising industry is unsurprisingly hostile and blustering, calling the move 'a nuclear first strike.'"
Link to Original Source

You might have mail.

Working...