Become a fan of Slashdot on Facebook


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Comment: Re: Some questions (Score 1) 348

by _0xd0ad (#45102071) Attached to: The W3C Sells Out Users Without Seeming To Get Anything In Return

The reason for DRM's existence is to limit web content to those users who have the money (resources) to pay for it.

No, no... the reason for DRM's existence is to enable users who have the money to obtain content. Otherwise, the creators could keep it to themselves and nobody would benefit from it! Repeat after me: war is peace. freedom is slavery. ignorance is strength. DRM is good.

I joke, but I think there are must be people who actually believe this. It's the only logical explanation for some people's behavior. The W3C is just the latest example...

+ - NSA and GCHQ target Tor network that protects anonymity of web users->

Submitted by darrellg1
darrellg1 (969068) writes "Top-secret NSA documents, disclosed by whistleblower Edward Snowden, reveal that the agency's current successes against Tor rely on identifying users and then attacking vulnerable software on their computers. One technique developed by the agency targeted the Firefox web browser used with Tor, giving the agency full control over targets' computers, including access to files, all keystrokes and all online activity.

One top-secret presentation, titled 'Tor Stinks', states: "We will never be able to de-anonymize all Tor users all the time." It continues: "With manual analysis we can de-anonymize a very small fraction of Tor users," and says the agency has had "no success de-anonymizing a user in response" to a specific request."

Link to Original Source

+ - Charged Superhydrophobic Condenser Surface May Make Power Plants More Efficient-> 1

Submitted by _0xd0ad
_0xd0ad (1974778) writes "The activities of bantam water droplets in just one region of a power plant could make a significant difference in the output of power plants, scientists say.

Right now, in current condenser designs, water congeals in a thin film on the condenserâ(TM)s surface. Before new water droplets can form there, this water must fall away from the surface and be conveyed back over the boiler. âoeTo have the most efficient condensing surface, you want to remove the droplets as early as possible,â says Dr. Nenad Miljkovic, postdoctoral associate at MIT and co-author on âoeElectrostatic charging of jumping dropletsâ.

When a water droplet forms on a sheet of metal coated with a superhydrophobe, the droplet can camp there only so long as it does not merge with another droplet. As soon as it weds with another droplet, the energy produced is so great that the two will âoejumpâ away from that surface, as if in urgent deference to the surfaceâ(TM)s severe water phobia. Scientists have proposed that this âoejumpingâ could be incorporated into power plant design. But, in prototypes, this âoejumpingâ design is not as efficient as engineers believe it could be. Some of the droplets will just fall back to the condenserâ(TM)s surface, recoating it and slowing the process down.

A newly discovered component to the âoejumpingâ process might allow scientists to eliminate this fall back. In an accidental find, the MIT team found that droplets donâ(TM)t just spring from the surface â" they also rebound from each other, because an electrical charge forms on the droplets as they flee the hydrophobic surface. So, if a charge is applied to the condenser system, the water droplets can be electrically prevented from returning to the surface, he said. âoeIf you utilize the fact that these droplets are charged, you can now create an external electric field, which can attract the droplets away from the surface, and make sure they donâ(TM)t return,â says Miljkovic.

At the moment, these are lab results, but the scientists say that they are confident that the charged âoejumpingâ can be reproduced on a macro-scale suitable for commercial purposes â" those possible applications include not just use in power plants, but also in de-icing technologies for airplanes and wind turbines."

Link to Original Source

+ - Apple Loses Motion against Lodsys->

Submitted by gwstuff
gwstuff (2067112) writes "In 2011, iOS developers everywhere breathed a sigh of relief when Apple sued Lodsys in response to the company's patent lawsuits against individual developers. Now seemingly well in time for Halloween, a Texas court has rejected Apple's motion presumably re-exposing devs to the front lines of the legal battle. Is it time for devs to suck it up and resign to the ugly one, or is there still hope that Martha Stewart will succeed where Apple failed and save the day? As a developer myself I find it bizarre and sad that a company can use the legal system to enforce patents that it itself does not use in any of its own products."
Link to Original Source

Comment: Re:Of course, since it's SCADA... (Score 4, Informative) 34

by _0xd0ad (#41017687) Attached to: ICS-CERT Warns of Serious Flaws In Tridium SCADA Software

Actually, it's designed to be web-facing.

Niagara^AX is a software framework and development environment that solves the challenges associated with building Internet-enabled products, device-to-enterprise applications and distributed Internet-enabled automation systems.

Worse, this is a laughably simple exploit of the web-facing interface:

By default, the Tridium Niagara AX software is not configured to deny access to restricted parent directories... An attacker could exploit this vulnerability by sending a specially crafted request to the Web server running on Port 80/TCP

"The system insecurely stores user authentication credentials, which are susceptible to interception and retrieval. User authentication credentials are stored in the Niagara station configuration file, config.bog, which is located in the root of the station folder"

In other words, it's about as simple as GET /../config.bog HTTP/1.1

Adding features does not necessarily increase functionality -- it just makes the manuals thicker.