Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Apple Denies Systems Breach In Photo Leak 311

Posted by Soulskill
from the not-my-fault-i-promise dept.
Hamsterdan notes that Apple has posted an update to its investigation into the recently celebrity photo leak, which was attributed to a breach of iCloud. Apple says the leak was not due to any flaw in iCloud or Find My iPhone, but rather the result of "a targeted attack on user names, passwords and security questions." Despite this, Wired reports that hackers on an anonymous web board have been openly discussing a piece of software designed for use by law enforcement. Whether it was involved in the celebrity attacks or not, it's currently being used to impersonate a user's device in order to download iCloud backups.

"For Apple, the use of government forensic tools by criminal hackers raises questions about how cooperative it may be with Elcomsoft. The Russian company’s tool, as Zdziarski describes it, doesn't depend on any 'backdoor' agreement with Apple and instead required Elcomsoft to fully reverse engineer Apple’s protocol for communicating between iCloud and its iOS devices. But Zdziarski argues that Apple could still have done more to make that reverse engineering more difficult or impossible." Meanwhile, Nik Cubrilovic has waded into the data leak subculture that led to this incident and provides insight into the tech and the thinking behind it.

Comment: a multi-sensical cloaking device (not just sight) (Score 1) 828

by dberstein (#28037685) Attached to: I'll keep my castle secure primarily with ...
The device would create the illusion of a standard habitat (sound, sight and smell) to those outside... but inside the cloaked frontier you'll perceive all wonders of my castle. The main point is that I need not to defend from those that don't intend on attack me. Since for the "world" there's nothing special in my castle, why would they want to spend resources attacking me?

Comment: Re:Um, (Score 2, Interesting) 109

by dberstein (#27292821) Attached to: Giving Your Greytrapping a Helping Hand
Webmail as your primary MUA?! Are you kidding me?
I guess that's like saying skateboarding should be your primary transportation vehicle. Some people do it I suppose, but is it the best idea?
Get your own infrastructure and access your emails as you wish, like for example mutt on a remote terminal, or webmail (squirrelmail), or in any mobile IMAP client (my iPhone works great).
What about backups? What if tomorrow they change the policy of old/archived message?
I do have a couple of gmail accounts, but those are mostly for redundancy and seldom used by me.

Comment: Re:Um, (Score 2, Informative) 109

by dberstein (#27291751) Attached to: Giving Your Greytrapping a Helping Hand
I run my own mail server(s) and actually the number of spams I get is quite low with a daily average of 0.75 spams per day. That's down from ~20 spams a day before I enabled gray listing, RBL on my MTA and HELO restrictions.
There 0.75 spam/day emails are detected by my MUA's spam filter, meaning I tend to never have a spam email in my inbox!
You can find good/reliable VPS'es from $10/mo. that'll allow you to:
  • Run your own DNS servers.
  • Run your own SMTP/IMAP/POP servers (Postfix/Dovecote make a great combo).
  • Run your own web server.
  • Practice/learn sysadmin skills.
  • No lock-in to any vendor.

I rather pay for my own VPS than pay Google for a freaking email account and/or their App Engine.

Comment: Give a man a fish... (Score 2, Insightful) 936

by dberstein (#27142681) Attached to: Living Free With Linux, Round 2

Give a man a fish...

To click icons and tick boxes you need to first understand the meaning of them, rationalize which of these elements fulfill your desired goal, and then activate the proper GUI widgets... each time to you're confronted with the GUI.

...Teach a man how to fish and he'll eat every day.

Using the CLI you need to know before hand the arguments/parameters that will fulfill your desired goal. It requires preparation (i.e. read the man page), but once you learn it it stays with you.

IMO CLI provides a more immutable interface, as opposed to GUI widgets that can and will change over time.

Software is a tool than when someone uses routinely its sensible to expect him to learn how to use it properly... for the rest of the human race there is Windows.

I couldn't be happier that the Linux experience is different from the Windows experience! Attempting to make a Linux or OSX experience Windows-er is as wrong, futile and useless as trying to compare a high-school romance with your spouse.


+ - Email Database Stolen?->

Submitted by
borderstheft writes "Two nights ago, the plus-based address I gave to started receiving spam and virus-containing emails. No other plus-based address at the domain has been receiving spam of any kind. I attempted to contact but they won't acknowledge there is a problem. If there email database has been stolen, what else could be at risk? Can anyone else serve as verification of the problem?"
Link to Original Source

+ - My company's website was plagiarized: what next?-> 1

Submitted by
Anonymous writes "After a recent design revamp, I discovered that my company's website ( has had a large portion of its content "ripped off." After digging through this other site (I am purposefully leaving out the URL) I have discovered that they have taken quite a bit of content from multiple other websites besides my own. A few calls and emails have been disregarded on their part (" boss is out sick...), and I'm trying to avoid legal action for as long as possible. It seems inevitable though, and I have to ask: do I owe it to the other companies to show them that their content has been plagiarized, or is it their own problem? If so, should I take this on alone? What would you Slashdot readers do in this situation?"
Link to Original Source

Privatunes Anonymizes iTunes Plus 176

Posted by CmdrTaco
from the i-don't-know-if-anonymizes-is-a-word dept.
njondet writes " reports that, a French website specialized in technology news and software downloads, has just launched Privatunes, a free software that anonymizes DRM-free files bought on iTunes Plus. Last month's revelations that the DRM-free files sold by EMI on iTunes Plus came with user's full name and account e-mail embedded in them had raised serious privacy concerns. explains (in French) that Privatunes is aimed at guaranteeing the privacy of users but also their rights as consumers to freely share and trade the songs they have purchased. However, the claim that this software is perfectly legal will surely be tested."

+ - DrinkOrDie leader senteced to 4 years jail->

Submitted by Anonymous Coward
An anonymous reader writes "Hew Griffiths, the long-time leader of the DrinkOrDie software piracy network and an elder in the underground Internet piracy community, will spend 4 years in jail. Griffiths pleaded guilty to two copyright-related charges in U.S. District Court for the Eastern District of Virginia in Alexandria. His sentence is half of what he faced.;15031 07502"
Link to Original Source

+ - Largest ISP in Norway want to charge for peering->

Submitted by Anonymous Coward
An anonymous reader writes "The largest ISP in Norway, Telenor will disconnect from the Norwegian Internet Exchange (NIX) and start charging everyone that wants to connect to it. NIX is where all ISP's in Norway are connected, but now all ISP's in Norway must pay Telenor for peering."
Link to Original Source

Professional wrestling: ballet for the common man.