Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.


Forgot your password?

A Look Into China's Web Censorship Program 125

Posted by timothy
from the sorry-if-y'all-can't-read-this dept.
kev0153 writes "MSNBC is offering a good article explaining some of the details behind China's web censorship program. 'Google's face-off with Beijing over censorship may have struck a philosophical blow for free speech and encouraged some Chinese Netizens by its sheer chutzpah, but it doesn't do a thing for Internet users in China. Its more lasting impact may lie in the global exposure it has given to the Chinese government's complex system of censorship – an ever-shifting hodgepodge of restrictions on what information users can access, which Web tools they can use and what ideas they can post.'"

Remote Malware Injection Via Flaw In Network Card 49

Posted by timothy
from the just-where-you-least-expect-it dept.
kfz-versicherung writes "During the CanSecWest international conference in Vancouver, members of ANSSI described how an attacker could be able to exploit a flaw to run arbitrary code inside some network controllers (full presentation; PDF). The attack uses routable packets delivered to the victim's NIC. Consequently, multiple attacks can be conducted including man-in-the-middle attacks on network connections, access to cryptographic keys on the host platform, or malware injection on the victim's computer host platform."

It's Time To Split Up NSA Between Spooks and Geeks 122

Posted by timothy
from the sideline-coaches dept.
Hugh Pickens writes "Noah Shachtman writes in Wired that most of us know the National Security Agency as the supersecret spook shop that allegedly slurped up our email and phone calls after the September 11 attacks, but not so many know that the NSA is actually home to two different agencies under one roof: the signals-intelligence directorate, who can tap into any electronic communication, and the information-assurance directorate, the cybersecurity nerds who make sure our government's computers and telecommunications systems are hacker- and eavesdropper-free. 'The problem is, their goals are often in opposition,' writes Shachtman. 'One team wants to exploit software holes; the other wants to repair them.' Users want to know that Google is safeguarding their data and privacy. The trouble is that when Google calls the NSA, everyone watching sees it as a package deal. Google wants geeks, but it runs the risk of getting spies, too."

Comment: Re:Hum off topic'ish. (Score 2, Informative) 168

by Chris Croome (#11735340) Attached to: Arkeia Network Backup Agent Remote Access
If target is compromised, a malicious user can run arbitrary commands through rsync.

I agree this is an issue, the best solution I have found is Push Mirroring with this the command that can be run is put in the ssh public key and then the compromised client can only run this specific command.

Red Hat Software

Journal: RedHat and Fedora

Journal by Chris Croome

RedHat is opening up the development process via Fedora and this is a great thing.

The exchange value of a Fedora CD set is basically the cost of producing and shipping them, there is some money to be made there but not much.

I think this is why RedHat are concentrating on selling services to businesses.

You are in a maze of little twisting passages, all alike.