Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Security

Submission + - Google Releases a Tutorial for Hackers 1

Hugh Pickens writes: ""Learn how hackers find security vulnerabilities and exploit web applications!" as the San Francisco Chronicle reports that Google has released Jarlsberg, a "small, cheesy" web application specifically designed to be full of bugs and security flaws as a security tutorial for coders and encourages programmers to try their hands at exploiting weaknesses in Jarlsberg as a way of teaching them how to avoid similar vulnerabilities in their own code. Jarlsberg has multiple security bugs ranging from cross-site scripting and cross-site request forgery, to information disclosure, denial of service, and remote code execution. The codelab is organized by types of vulnerabilities. In black box hacking, users try to find security bugs by experimenting with the application and manipulating input fields and URL parameters, trying to cause application errors, and looking at the HTTP requests and responses to guess server behavior while in white-box hacking, users have access to the source code and can use automated or manual analysis to identify bugs. The tutorial notes that accessing or attacking a computer system without authorization is illegal in many jurisdictions but while doing this codelab, users are specifically granted authorization to attack the Jarlsberg application as directed."
Google

Submission + - Google Rolls Out First Flashified Chrome (conceivablytech.com)

An anonymous reader writes: Take this, Apple. Google quietly released a new beta version of its Chrome browser, which not only blows its rivals out of the water as far as performance is concerned, but comes with half a dozen new features, including direct integration of Adobe Flash. First benchmarks show that the new beta is about 10% faster than the previous beta in the SunSpider and V8 benchmark, and about 30% faster than Chrome 4, which remains the fastest Javascript browser available today. Kudos to the Chrome team, the speed gains are truly amazing.
GNU is Not Unix

Submission + - There go our web standards..... (pwnage.ca) 2

blozza2070 writes: Jeff Jaffe (AKA Zonker), Software Patent Supporter, Microsoft Apologist, Ex-IBM, Ex-Novell, FSF hating troll is now the CEO of the W3C. It is the organization responsible for web standards which have been promoted by Firefox, Opera, and Google. The w3c has been known for hiring bad staff but this just takes the cake. How long do you think it will take before MS-invented standards are pushed as defacto standards?
Software

Submission + - US eases Internet export rules to Iran, Sudan,Cuba (networkworld.com)

coondoggie writes: Looking to facilitate what it calls free speech rights in countries that don’t look favorably at such liberties, the US government today said it would ease the regulations around exporting Internet-based applications such as e-mail, blogging and social networking software to Iran, Sudan and Cuba. Specifically the Treasury Department said it would add general licenses authorizing the exportation of free personal Internet-based communications services – such as instant messaging, chat and email, and social networking – to Cuba, Iran and Sudan. The amendments also allow the exportation of related software to Iran and Sudan, the department said in a release (the US Commerce Department controls software exports with Cuba). Until now all such exports were would have broken federal laws.
Security

Submission + - NSA Still Ahead in Crypto - But Not by Much

Hugh Pickens writes: "Network World reports that former National Security Agency technical director Brian Snow told the RSA Conference that cryptographers for the NSA have been losing ground to their counterparts in universities and commercial security vendors for 20 years but still maintain the upper hand in the sophistication of their crypto schemes and in their ability to decrypt. "I do believe NSA is still ahead, but not by much — a handful of years," says Snow. "I think we've got the edge still." Snow added that that in the 1980s there was a huge gap between what the NSA could do and what commercial encryption technology was capable of. "Now we are very close together and moving very slowly forward in a mature field." The NSA has one key advantage with their deep staff of Ph.D. mathematicians and other cryptographic experts who work on securing traffic and breaking codes. "We cheat. We get to read what [academics] publish. We do not publish what we research," says Snow. Snow's claim of NSA superiority seemed to rankle some members at the conference. Adi Shamir, the "S" in the RSA encryption algorithm and a computer science professor at Israel's Weizmann Institute of Science, says when the titles of papers in NSA technical journals were declassified up to 1983, there were none that included public key encryption. "That demonstrates that NSA was behind," says Shamir although Snow replied that when technologies are developed separately in parallel, the developers don't necessarily use the same terms for them."
Intel

Submission + - 8 Core Intel Nehalem-EX To Launch This Month (hothardware.com)

MojoKid writes: "What could you do with 8 physical cores of CPU processing power? Intel's upcoming 8-core Nehalem-EX is launching later this month, according to Intel Xeon Platform Director Shannon Poulin. The announcement puts to rest rumors that the 8-core part might be delayed, and makes good on a promise Intel made last year when the chip maker said it would release the chip in the first half of 2010. To quickly recap, Nehalem-EX boasts an extensive feature-set, including up to 8 cores per processor, up to 16 threads per processor with Intel Hyper-threading, scalability up to eight sockets via Intel's serial Quick Path Interconnect and greater with third-party node controllers, and 24MB of shared cache."

Submission + - Watch This: 70-Minute Video Review of Star Wars: T (slashfilm.com)

ScuttleMonkey writes: "cowmix writes "When TPM came out ten years ago, its utter crappiness shocked me to the core and wounded a entire generation of geeks. My inner child had been abused and betrayed. I moped around, talking to no one, for almost two weeks. I couldn't bring myself to see #2 or #3, whatever they were called. Now, a decade later, comes Star Wars: The Phantom Menace Review , the ultimate, seven-part, seventy minute analysis of this mother of all train wrecks. Not only does it nail how the film blows, but tells us why. Time, apparently, does not heal all wounds." Or, if you prefer all 7 parts embedded in one page, you can check out slashfilm's aggregation."
Microsoft

Microsoft Sued Over Bing Trademark 191

mentus writes "Bing! Information Design, a design company from Missouri, is suing Microsoft over 'intentional interference' with their trademark and claiming Microsoft had knowledge of the trademark when it relaunched its rebranded search engine. Microsoft legal representative Kevin Kutz states that he believes the case will be dismissed and that Microsoft 'always respect[s] trademarks and other people's intellectual property, and look[s] forward to the next steps in the judicial process.'"
Google

Submission + - Android's Success a Threat to Free Software? (linuxjournal.com)

Glyn Moody writes: Two years after its launch, Google's Linux-based Android platform is finally making its presence felt in the world of smartphones. Around 20,000 apps have been written for it: although well behind the iPhone's tally, that's significantly more than just a few months ago. But there's a problem: few of these Android apps are free software. Instead, we seem to be witnessing the birth of a new hybrid stack: open source underneath, and proprietary on top. If, as many believe, mobile phones will become the main computing platform for most of the world, that could be a big problem for the health of the free software ecosystem. So what, if anything, should the community be doing about it?
Firefox

Firefox 3.5 Now the Most Popular Browser Worldwide 422

gQuigs notes a graph up at StatCounter Global Statistics, which shows that in the last few days Firefox 3.5 became the most used browser version worldwide, edging ahead of IE7. IE8 is rising fast (along with Windows 7), but over the last few months the slope of Firefox's worldwide curve has been steeper. (In the US, IE8 has always been ahead of Firefox 3.5; in Europe Firefox has led since late summer.) The submitter suggests using the time when Firefox rules the roost, globally speaking, to put the final nail in the coffin of IE6, which still has a 14% global share (5%-7% in the US and EU; China and Korea are holding up IE6's numbers).
Debian

Shuttleworth To Step Down As Canonical CEO In 2010 163

LinuxScribe writes "In a blog announcement today, Canonical Founder and CEO Mark Shuttleworth revealed he will be stepping down from his CEO role to be replaced by current COO Jane Silber. Both execs do not see major strategic changes on the horizon. Silber's official blog and Linux.com each have more details on how the change will be implemented."
GNU is Not Unix

SFLC Sues 14 Companies For BusyBox GPL Violations 309

eldavojohn writes "The Software Freedom Law Center has filed a lawsuit accusing fourteen companies, including Best Buy, Samsung and Westinghouse, of violating the GPL in nearly 20 separate products. This is similar to earlier BusyBox GPL suits. The commercial uses of BusyBox must be much more prolific than anyone could have imagined. Having dealt with hundreds of compliance problems and finding an average of one violation per day, the SFLC recommends one thing: be responsive to their requests (they try to settle things in private first) lest you find one of these (PDF) in your inbox."
GNOME

Submission + - Gnome to Split Off from GNU Project? (pwnage.ca)

blozza2070 writes: According to a recent posting from Philip Van Hoof, he suggests that Gnome split off from the GNU Project and proposes a vote. He has been informed he will need 5% of members to agree for there to be a vote put forth. At the same time David Schlesinger (on the Gnome Advisory Board) has agreed on a vote. Stormy Peters claims she doesn’t agree with this but then gives everyone instructions on how to achieve this goal. She mentions that roughly 20 members are needed to agree.

Slashdot Top Deals

Biology is the only science in which multiplication means the same thing as division.

Working...