Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

Comment: You're all doomed! You'll be killed by your PC! (Score 5, Insightful) 135 135

An "Infosec" vendor that no one knows and cares makes big prediction about how future hackers would kill you with compromised Internet devices. You need protection! We offer it! Remember our name so we stay relevant!

I would probably consider this news (that is in no way interesting and informative) if this prediction is made by Symantec, McAfee or Kaspersky. Put some obscure "IID" here and it just smells so slash-PR.

Comment: Re:Laws of country (Score 4, Informative) 113 113

The fact is, Google is not struggling because the Great Firewall or because the government makes competition hard. Google is struggling on their own regards and only by themselves. They seem not to be able to justify their existence in China and doesn't seem to offer Chinese citizens what they want.

Hmm, it only takes one paragraph to tell that you're talking out of your ass. Have you ever tried to use any Google service from China? Do you have the faintest idea how long does it take to load one page of search results, or how often does the Wall reset all connections to Google from your IP for one full minute, for some censorship filter was triggered by the most ordinary and unoffensive search terms? And these things are not exactly good for business.

Security

+ - Dreamhost tells customers to expose themselved to MitM attack->

rstory writes: It appears that there was some sort of security breach at Dreamhost, and on Friday they decided to generate new SSH host keys for all their servers. This was done without any notification to their customers. The only mention is on their status blog page, which I'd venture to guess that most customers don't even know about, and there they tell all their customers to delete their old keys and accept the new ones. They seem to lack a basic understanding of public key cryptography: public keys are meant to be PUBLIC. Can anyone think of a good reason why a) they wouldn't send out an email in advance (or immediately afterwards) to notify their customers, and b) they wouldn't post a page of all the new keys for customers to be able to verify? This seems to be highly irresponsible.
Link to Original Source
Security

+ - Ask Slashdot: What to do when finding a Security Breach on Shared Hosting 1 1

An anonymous reader writes: A few months ago i stumbled across an interesting security hole with my webhost, where I was able access any file on the server, including other users. When I called the company they immediately contacted the server team and stated that they will fix the problem that day. Since all you need when calling them is your username, and I was able to list out all 500 usernames of the server, this was rather a large security breach. Which to there credit they did patch the server, not 100% of the way but close enough where moving to a new web host was moved down the 'list' a little.

Jump a head to this week, they experienced server issue, and we requested being moved to a different server. First thing I did was run my test script, and I was able to list out everyone's files again. They only applied the patch to old server. We are now moving off from this web host all together. However I do fear for the thousands of customers that have no clue about this security issue, along with about 10 mins of coding someone could search for the sql connection string and grab the username/password required to access their hosting account.

Whats the best way to handle this type of situation?
KDE

+ - KDE Performs Better Than Unity On Nexus 7->

sfcrazy writes: This guy installed both Ubuntu and Kubuntu on his Google Nexus 7 and there is a clear comparison between Unity and KDE. While Unity was developed as touch-centric it fails miserably. It was slow and buggy where as unlike it's mythical reputation KDE was snappier, faster, more customizable and usable on this tablet. I also installed Kubuntu on this tablet and I was actually surprised to find that KDE was more responsive, fast usable compared to Ubuntu Unity. Since you can customize the size of panel, fonts and application buttons and borders you can use KDE on this tablet just with your finger. No mouse or keyboard is needed. So, I found the desktop KDE to be more usable than Unity.
Link to Original Source

If the code and the comments disagree, then both are probably wrong. -- Norm Schryer

Working...