Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment: Re:Debunked - Did anyone actually try verifying th (Score 4, Informative) 191

by bshroyer (#44318455) Attached to: Blackberry 10 Sends Full Email Account Credentials To RIM

Karl continues:

Let's push the button and see who talks to us.

Jul 18 10:25:05 NewFS imapd[88446]: Login user=test host=mc35536d0.tmodns.net [208.54.85.195]

And that's all. (That's the phone's IP address on T-Mobile, incidentally.)

Now let's look at the SMTP server and see if there's any evidence of a connection from the 68.171 address block -- which belongs to BlackBerry, and which is alleged tries to connect back.

[root@NewFS /var/log]# grep 68.171 spamblock
[root@NewFS /var/log]#

Nothing. Is the 208.54 address there?

Jul 18 10:09:21 NewFS spamblock-sys[81673]: Starting SSL/TLS negotiation with peer [208.54.85.195]
Jul 18 10:24:53 NewFS spamblock-sys[88447]: Starting SSL/TLS negotiation with peer [208.54.85.195]
[root@NewFS /var/log]#

Why yes there is, as the phone does connect to validate that the connection works (and it tells you it's doing so.) The other line, incidentally, is because there's another email account there (my real one!)

The phone connected to the SMTP server ("spamblock-sys" is my custom spam filter, which knows how to perform SSL/TLS negotiation) and performs a STARTTLS negotiation exactly as I told it to do.

Incidentally, it also brings up the server's certificate and asks me if it's ok too.

But there is no connection back to either service from any other location related to this account setup. Not from BlackBerry, not from some other place, nowhere. Period.

For those who want a bit more background on the SMTP side the code in question, particularly the SMTP code, is mine. The SMTP server in question ("Spamblock-Sys") was written from the ground up by myself. I know every single line of that code and am not relying on anyone else's word as to what is and is not logged, since I wrote it.

The IMAP server in question is WU's with moderate modification.

I have no idea if the guy in Germany is lying or if he is on an account provisioned for BIS (the older BlackBerry handsets) and his mobile provider is intercepting the transaction and passing it to BIS, which is doing what he's talking about.

Comment: Debunked - Did anyone actually try verifying this? (Score 3, Interesting) 191

by bshroyer (#44318437) Attached to: Blackberry 10 Sends Full Email Account Credentials To RIM

Karl Denninger writes up his experience in attempting to replicate the claim. Karl calls BS:

http://market-ticker.org/cgi-ticker/akcs-www?singlepost=3242634

Don't Buy The BS Being Run on BB10 Email Security

There's a "report" flying around alleging that BB10 phones send unencrypted email passwords to BlackBerry and additionally that BlackBerry immediately connects back to the email server and signs on (which would, of course, require that it knows the password.)

This is easily tested and since I have a Z10 I decided to do exactly that.

What am doing here is setting up an account called "test" on my IMAP server to receive email and then will enter the credentials into the phone.

To make it interesting I will do it over the Cellular Connection rather than over WiFi, so that if the phone wants to do some sort of DNS lookup that my server might block (if it was using my DNS servers as it was connected via WiFi) it'll work.

Here we go. {full documentation follows}

Games

The Struggle For Private Game Servers 125

Posted by Soulskill
from the let's-make-onyxia-fight-ragnaros dept.
A story at the BBC takes a look at the use of private game servers for games that tend not to allow them. While most gamers are happy to let companies like Blizzard and NCSoft administer the servers that host their MMORPGs, others want different rules, a cheaper way to play, or the technical challenge of setting up their own. A South African player called Hendrick put up his own WoW server because the game "wasn't available in the country at the time." A 21-year-old Swede created a server called Epilogue, which "had strict codes of conduct and rules, as well as a high degree of customized content (such as new currency, methods of earning experience, the ability to construct buildings and hire non-player characters, plus 'permanent' player death) unavailable in the retail version of the game." The game companies make an effort to quash these servers when they can, though it's frequently more trouble that it's worth. An NCSoft representative referenced the "growing menace" of IP theft, and a Blizzard spokesperson said,"We also have a responsibility to our players to ensure the integrity and reliability of their World of Warcraft gaming experience and that responsibility compels us to protect our rights."
Microsoft

+ - Office 2010 to Work Natively on Linux, Sort Of-> 1

Submitted by
superslacker87
superslacker87 writes "Yes, that's right, Office 2010 will work on natively on Linux, the web apps anyway. It is reportedly going to be compatible with Safari, Firefox, and of course, Internet Explorer. Google Chrome is not mentioned, probably due to the current war between the two.

From the Article:

Your cheap little Linux netbook just got a boost in credibility, or will get a boost when Microsoft drops the web app version of Office 2010 next year. To date, Linux netbooks or anything else running the OS had to rely on non-Microsoft programs to read, edit and save in the familiar .doc, .ppt and .xls file formats. What is MS thinking? .... "Linux just gained some street cred."

"

Link to Original Source

: is not an identifier

Working...