Slashdot

This exploit would also only be possible if the user turned on Remote Desktop Sharing which is disabled by default out of the box on 'ALL the Macs in the world'.

When you turn that service on, it warns you of the security risks and still requires additional configuration to actually allow a connection to actually execute code remotely.

Oooh, applescript! you have pwnt us again.

Too bad this evidence still won't be enough to make creationists change their minds.

fanboys GO

Roland Piquepaille writes "As you can guess, hardwired computer systems are much faster than general-purpose ones because they are designed to do a single task. But when they fail, they need to be totally reconfigured. This can be just a costly problem in a lab on Earth, but it can be vital in space. This is why a University of Arizona (UA) team is working with NASA to design self-healing computer systems for spacecraft. The UA engineers are working on hybrid hardware/software systems using Field Programmable Gate Arrays (FPGAs) to develop these reconfigurable processing systems. As the lead researcher said, 'Our objective is to go beyond predicting a fault to using a self-healing system to fix the predicted fault before it occurs.'"

Stony Stevenson writes "The security firm Fortify Software has warned against a series of attacks against Facebook and MySpace. Buffer overflows that enabled hackers to exploit the Aurigma ActiveX image uploading software used by social networking sites were at the heart of the assault. 'Criminal hackers now view social networking sites as their best target for attacks ... [partially because] such sites are designed to be usable by "unsophisticated" consumers, meaning that the barrier to entry for attacks is potentially lower as users are more likely to click on a link that leads to malware.'"

A number of readers wrote in to make sure we know about Microsoft's change of heart regarding IE8. The new version of the dominant browser will render in full standards mode by default. Developers wishing to use quirks mode for IE6- and IE7-compatible rendering will have to opt in explicitly. We've previously discussed IE8's render mode a few times. Perhaps Opera's complaint to the EU or the EU's record antitrust fine had something to do with Redmond's about-face.

The IE8 team announced today that due a recent Microsoft publication and considerable feedback form the development community that IE8 will NOT require developers to opt in for full W3C standards compliance. IE8 will render in full standards mode by default and developers wishing to use quirks mode for IE6 and IE7 compatible rendering will be required to specifically opt in. This might be the most sensible move in Microsoft's history. The render modes in IE8 have previously been discussed on Slashdot here and here.

Buffer overflows that enabled hackers to exploit the Aurigma ActiveX image uploading software used by Facebook, MySpace and other social networking sites, were at the heart of a series of attacks against Facebook and MySpace, security firm Fortify Software has warned. Criminal hackers now view social networking sites as their best target for attacks, according to Rob Rachwald, director of product marketing at Fortify Software. Part of the reason is that such sites are designed to be usable by "unsophisticated" consumers, meaning that the barrier to entry for attacks is potentially lower as users are more likely to click on a link that leads to malware.

Dan100 brings us an announcement that Sandia and Oak Ridge National Laboratories are setting their sights on an exaflop supercomputer. Researchers from the two laboratories jointly launched the Institute for Advanced Architectures to facilitate development. One of the problems they hope to solve is how to provide each core of each processor with enough data so that cycles aren't going to waste. "The idea behind the institute — under consideration for a year and a half prior to its opening — is 'to close critical gaps between theoretical peak performance and actual performance on current supercomputers,' says Sandia project lead Sudip Dosanjh. 'We believe this can be done by developing novel and innovative computer architectures.' The institute is funded in FY08 by congressional mandate at $7.4 million."

bondsbw writes "'In a scientific double-take, new research is challenging the long-held belief that identical twins have identical genetics,' according to researchers Jan P. Dumanski and Carl Bruder at the University of Alabama at Birmingham's Department of Genetics. 'Using cutting-edge technology, the researchers found genetic differences in every set of twins, according to the study published online in the American Journal of Human Genetics.' Studies of identical twins have helped scientists distinguish hereditary and environmental factors when researching human development and behavior. This discovery, using 'some of the most advanced genetic analysis equipment in the world,' may impact future studies of obesity, Parkinson's disease, asthma, and other health issues. 'Scientists have always known there were differences between identical twins. Some of the differences were so slight that only a mother could spot them, while others were profound, such as one twin developing a fatal disease while the other remained healthy. "So far it has been blamed on environmental factors," Bruder said.'"
http://www.al.com/news/birminghamnews/index.ssf?/base/news/120306702086760.xml&coll=2

The Narrative Fallacy brings us a story about a project by University of Alabama researchers to develop a database capable of anticipating targets for future guerrilla attacks. Quoting Space War: "Adversaries the US currently faces in Iraq rely on surprise and apparent randomness to compensate for their lack of organization, technology, and firepower. 'One way to combat these attacks is to identify trends in the attackers' methods, then use those trends to predict their future actions,' said UA-Huntsville researcher Wes Colley. 'Some trends from these attacks show important day-to-day correlations. If we can draw inferences from those correlations, then we may be able to save lives by heightening awareness of possible events or changing the allocation of our security assets to provide more protection.' Researchers reviewed the behavior signatures of terrorists on 12,000 attacks between 2003 and mid-2007 to calculate relative probabilities of future attacks on various target types."

bitrex writes "Modern Mechanix recently ran a reprint of a 1934 article describing the problem of offshore pirate radio stations broadcasting advertisements and drowning out local, licensed radio programs. 'The primary purpose of the unlicensed broadcast station was to advertise the gambling, liquor, and other dubious pleasure activities of the ship upon which it was built ... they found other sundry rackets, such as a fortune telling program ... After numerous unsuccessful attempts of a local nature, the floating broadcasting establishment was silenced, but only after the state department at Washington, D. C, had made diplomatic representations which forced a Central American country to cancel the ship's registry.' The article also has a great artist's conception of what might be called a machine age 'data haven' bobbing in international waters in the Gulf of Mexico."

An anonymous reader writes "Starting on Thursday, January 31st, Time Warner subscribers in Texas starting experiencing connectivity issues to the iTunes store to the point where the service wasn't usable. General internet traffic issues haven't coincided with these problems, and many folks have reported that the store works as normal when they head to the nearest mega-bookstore and use their ISP instead. Time Warner has announced that they're going to begin trials of tiered pricing in one local Texas market, but I'll be darn sure to switch my provider if I hear the slightest hint of destination/content based tiers instead of bandwidth tiers."

prostoalex writes "The bionic arm project sponsored by DARPA is nearing completion, and might undergo clinical trials. 'The arm has motor control fine enough for test subjects to pluck chocolate-covered coffee beans one by one, pick up a power drill, unlock a door, and shake a hand. Six preconfigured grip settings make this possible, with names like chuck grip, key grip, and power grip. The different grips are shortcuts for the main operations humans perform daily.'"