Please create an account to participate in the Slashdot moderation system


Forgot your password?
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Damn Vulnerable Linux — Most Vulnerable Linux Ever 227 227

An anonymous reader writes "Usually, when installing a new operating system, the hope is that it's as up-to-date as possible. After installation there's bound to be a few updates required, but no more than a few megabytes. Damn Vulnerable Linux is different; it's shipped in as vulnerable a state as possible. As the DVL website explains: 'Damn Vulnerable Linux (DVL) is everything a good Linux distribution isn't. Its developers have spent hours stuffing it with broken, ill-configured, outdated, and exploitable software that makes it vulnerable to attacks. DVL isn't built to run on your desktop – it's a learning tool for security students.'"

Security For Open Source Web Projects? 105 105

PoissonPilote writes "I'm currently developing a multi-player, browser-based game, using the good old HTML, JavaScript, PHP, and MySQL combination. Progress is good so far, and the number of players is slowly but steadily increasing. At the beginning of the project, I decided to put the entirety of my game under the MIT license, so that anyone could study the code or even start their own server for the game. However, with the increasing popularity of my project, I am starting to worry about security issues. Even though I consider myself decent at web development and am pretty sure I'm not making any classic mistakes (SQL injection, cross-site scripting, URL forgery, etc.), I am no web security expert. I didn't find any relevant examples to compare my game to, as most open source games are written in a compiled language, and no web server is at stake in those cases. Some web developer friends told me not to release the source code at all; others told me to release it only when the game will be shut down. Naturally, I'm not satisfied by either of these solutions. What approach would you recommend?"

Spitzer Telescope Witnesses Star Being Born 34 34

Arvisp tips news of a discovery by astronomers using the Spitzer Space Telescope and the Submillimeter Array in Hawaii of the youngest known star in a nearby star-forming region. From the Yale press release: "Astronomers think L1448-IRS2E is in between the prestellar phase, when a particularly dense region of a molecular cloud first begins to clump together, and the protostar phase, when gravity has pulled enough material together to form a dense, hot core out of the surrounding envelope. ... Most protostars are between one to 10 times as luminous as the Sun, with large dust envelopes that glow at infrared wavelengths. Because L1448-IRS2E is less than one tenth as luminous as the Sun, the team believes the object is too dim to be considered a true protostar. Yet they also discovered that the object is ejecting streams of high-velocity gas from its center, confirming that some sort of preliminary mass has already formed and the object has developed beyond the prestellar phase. This kind of outflow is seen in protostars (as a result of the magnetic field surrounding the forming star), but has not been seen at such an early stage until now."

NASA Astronomers To Observe Hayabusa's Fiery Homecoming 142 142

coondoggie writes "NASA said that a group of its astronomers will have a front row seat in Australia to watch the Japanese spacecraft Hayabusa's high-speed, fiery return to Earth. It is bringing with it a hunk of the asteroid Itokawa. The spacecraft is expected to land in an unpopulated area of Australia at approximately midnight locally, or 7 am PDT, on Sunday, June 13. Some 30 NASA astronomers will be flying onboard a specially equipped DC-8 with instruments that can monitor Hayabusa's reentry."

AI Astronomer Aids Effort To Analyze Galaxies 40 40

kkleiner writes "Scientists are teaching an artificial intelligence how to classify galaxies imaged by telescopes like the Hubble. Manda Banerji at the University of Cambridge, along with researchers at University College London, Johns Hopkins, and elsewhere, has succeeded in getting the program to agree with human analysis at an impressive rate of more than 90%. Banerji used data from Galaxy Zoo, a massive online project that has used more than 250,000 volunteers to analyze more than 60 million galaxies. The new automated astronomer will help with even larger analytical projects on the horizon, taking care of trivial classifications and leaving the tough cases to humans."

Qualcomm Ships Dual-Core Snapdragon Chipsets 168 168

rrossman2 writes "Qualcomm has issued a press release revealing it has started shipping new dual-core Snapdragon chipsets. These chipsets run each core at up to 1.2GHz, include a GPU that supports 2D/3D acceleration engines for Open GLES 2.0 and Open VG 1.1, 1080p video encode/decode, dedicated low-power audio engine, integrated low-power GPS, and support for 24-bit WXGA 1280x800 resolution displays. These chipsets come in two variants, the MSM8260 for HSPA+ and the MSM8660 for multi-mode HSPA+/CDMA2000 1xEV-DO Rev B. The press release also lists QSD8672 as a third-gen chipset like the two mentioned, but doesn't go into any detail of what its role is. With this announcement of shipping chipsets, how long until HTC makes a super smartphone?"

Impact On Jupiter Observed By Amateur Astronomers 53 53

Omomyid and other readers send in the news that the bright flash of an impact on Jupiter has been observed — and caught on film — by amateur astronomers. That WMV is from amateur Christopher Go. Here's Anthony Wesley's video (45 MB AVI; the site is already overloaded). In the larger video you can see the impact lasting for a couple of seconds, and a good deal of structure is visible. The amateurs report that no dark debris field developed around the impact site in the time before it rotated out of sight; this may indicate that the impactor burned up high in Jupiter's atmosphere. Soon professional astronomers, and possibly Hubble, will be on the job.

Citizen Scientists Help Explore the Moon 60 60

Pickens writes "NPR reports that NASA's Lunar Reconnaissance Orbiter is doing such a good job photographing every bit of the moon's surface that scientists can't keep up, so Oxford astrophysicist Chris Lintott is asking amateur astronomers to help review, measure, and classify tens of thousands of moon photos streaming to Earth using the website Moon Zoo, where anyone can log on, get trained, and become a space explorer. 'We ask people to count the craters that they can see ... and that tells us all sorts of things about the history and the age of that bit of surface,' says Lintott. Volunteers are also asked to identify boulders, measure the craters, and generally classify what is found in the images. If one person does the classification — even if they're an expert — then anything odd or interesting can be blamed on them. But with multiple independent classifications, the team can statistically calculate the confidence in the classification. That's a large part of the power of Moon Zoo. Lintott adds the British and American scientists heading up the LRO project have been randomly checking the amateur research being sent in and find it as good as you would get from an expert. 'There are a whole host of scientists ... who are waiting for these results, who've already committed to using them in their own research.'"

Google TV Announced With Intel, Sony, and Logitech 224 224

MojoKid writes "Google's own I/O conference in California is wrapping up today, but not before the company goes out with a serious bang. Google just announced something that has been rumored for a while now: Google TV. Basically, Google is taking the Apple TV concept, but going way overboard by introducing apps, screen customization, and channel searching. Following Google's own announcement, Intel stepped in to provide some backbone to the story. Google is obviously using the big players to move Google TV forward, with Intel, DISH Network, Best Buy, and Adobe firmly on board. Google TV itself is based on Android, runs the Google Chrome browser, and will allow users to access all of their usual TV channels as well as a world of Internet and cloud-based information and applications, including Adobe Flash-based content."

Scientist Uses Nanodots To Create 4Tb Storage Chip 207 207

arcticstoat writes "Solid state disks could soon catch up with mechanical hard drives in terms of cost and capacity, thanks to a new data-packed chip developed by a scientist at the University of North Carolina. Using a uniform array of 10nm nanodots, each of which represents a single bit, Dr. Jay Narayan created a data density of 1 terabit per square centimeter. The end result was a 4cm2 chip that holds 4Tb of data (512GB), but the university says that the nanodots could have a diameter of just 6nm, enabling an even greater data density. The university explains that the nanodots are 'made of single, defect-free crystals, creating magnetic sensors that are integrated directly into a silicon electronic chip.' Dr. Narayan says he expects the technology overtaking traditional solid state disk technology within the next five years."

Zen Coding 175 175

Download Squad has a quick review, with video, of Zen Coding (Google Code project page here), an extremely well-thought-out accelerator for anyone who codes HTML. Its syntax is CSS-like. Zen Coding has been around for a while — here's its author Sergey Chikuyonok's introduction in Smashing Magazine from last November — and it has now picked up support for more than a dozen editing environments, including Notepad++ and TextMate.

Mass. Data Security Law Says "Thou Shalt Encrypt" 510 510

emeraldd writes with this snippet from SQL Magazine summarizing what he calls a "rather scary" new data protection law from Massachusetts: "Here are the basics of the new law. If you have personally identifiable information (PII) about a Massachusetts resident, such as a first and last name, then you have to encrypt that data on the wire and as it's persisted. Sending PII over HTTP instead of HTTPS? That's a big no-no. Storing the name of a customer in SQL Server without the data being encrypted? No way, Jose. You'll get a fine of $5,000 per breach or lost record. If you have a database that contains 1,000 names of Massachusetts residents and lose it without the data being encrypted, that's $5,000,000. Yikes.'"

A User's Guide To the Universe 153 153

alfredw writes "Have you ever wanted to buttonhole a physicist at a cocktail party? Do you have the burning desire to sit down with a professor and ask a laundry list of 'physics' questions about time travel and black holes? Do you want to know more about modern physics, but want to do it with pop culture experiments instead of mathematics? If you answered 'yes' to any of those questions, then you're in the target audience for A User's Guide to the Universe: Surviving the Perils of Black Holes, Time Paradoxes, and Quantum Uncertainty." Keep reading for the rest of alfredw's review.

What is now proved was once only imagin'd. -- William Blake