Please create an account to participate in the Slashdot moderation system


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


+ - Worm steals more than 45,000 Facebook logins->

Submitted by expo53d
expo53d (2511934) writes "A nasty bit of malware making the rounds on Facebook has reportedly made off with the usernames and passwords of more than 45,000 users. Most of those affected by the worm --called Ramnit-- are from France and the United Kingdom, according to a bulletin issued by security researchers at Securlet. It is capable of infecting Windows executables, Microsoft Office, and HTML files, according to McAfee."
Link to Original Source

Comment: Re:Conflicted Issue (Score 1) 154

by expo53d (#38607598) Attached to: Shopping Center Tracking System Condemned by Civil Rights Campaigners

It might be a breach of privacy to take advantage of radio signals from cell phones, since you never gave the store permission to use the signals your own device generates, but that is a matter of popular opinion - does the store have a right to record or use signals produced by their customers for their own purposes?

It *might* be? I think not... Imagine you are at Starbucks drinking coffee, and surfing with your laptop. Does that give the Barista the right to use sslstrip and extract your credit card numbers? Not at all.

Comment: Opt Out (Score 3, Interesting) 154

by expo53d (#38607570) Attached to: Shopping Center Tracking System Condemned by Civil Rights Campaigners
You can 'opt out' of this tracking service by turning off your mobile phone. But in this time and day, this solution seems akin to telling people to stop using email to 'opt out' from spam or to stop eating foods to 'opt out' of food poisoning. But even if the management wanted the costumers to be able to opt out, how would they do it? The only way is to tell the system to stop tracking the phones opted out, which means the system will need to start tracking the phones individually (to identify which phones are to be tracked and which are opted out), and by doing that, they enable the system to track *individual* users who have not opted out, making the issue worse for the average consumer who has no idea that these systems exist/how they work.

+ - PayPal Executive Named Chief of Yahoo->

Submitted by expo53d
expo53d (2511934) writes "Yahoo, the struggling consumer media company, announced on Wednesday that its new chief executive would be Scott Thompson, the president of PayPal, the online payment service. In a conference call on Wednesday morning, Roy J. Bostock, the chairman of Yahoo’s board, said that at PayPal Mr. Thompson had proved he could take a company with solid assets and build the business. That is the central challenge at Yahoo, Mr. Bostock said, noting that the company has a wealth of strong media and advertising assets, and an online audience of more than 700 million visitors a month."
Link to Original Source

+ - SCADA Vulnerabilities in Correctional Facilities->

Submitted by Orome1
Orome1 (1901578) writes "Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publicly available exploits along with evaluating vulnerabilities in electronic and physical security designs, researchers discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to "open" or "locked closed" on cell doors and gates."
Link to Original Source

Comment: Re:If even strong passwords can get leaked... (Score 1) 141

by expo53d (#38518220) Attached to: Data Exposed In Stratfor Compromise Analyzed
The advantage of "try and guess THIS one!" type password is not only are they hard to guess, but if they are long enough and hashed properly (SHA1 or similiar) they cannot be unercrypted. (Presuming that the decrpyting party does not have access to a super computer). This is due to the fact that these passwords go through a one-way type hash, thus the only way to crack them is having a list of every single possible hash and its key (or generating such a list). So if one has a password that is 27 characters long, an attacker will need to generate a hash for every password from 1 character long to 27 characters long. Example: 1,2 ... 001, 002 .... goalcar, goalcat, goalcau ... and so on.
The Internet

+ - GoDaddy accused of interfering with anti-SOPA exod->

Submitted by expo53d
expo53d (2511934) writes ""An effort by GoDaddy customers to boycott the domain registrar over its support for Hollywood-backed copyright legislation has sparked allegations of foul play. NameCheap, whose chief executive last week likened SOPA to "detonating a nuclear bomb" on the Internet, said today that GoDaddy has intentionally thrown up technical barriers to prevent its customers from leaving. GoDady lost over 70,000 domains last week." Not something surprising from a company that supports SOPA (and acts like it does not to the media)."
Link to Original Source

+ - HP Fixes Security Flaws in LaserJet Firmware->

Submitted by wiredmikey
wiredmikey (1824622) writes "In late November, news surfaced that researchers from Columbia University had discovered vulnerabilities in upgradeable firmware in HP laser printers that could be compromised and modified by an attacker, enabling them to do anything from overheating the printer, to compromising a network, with some saying that the devices could even be set up in flames.

While HP responded saying the reports of devices being able to be set on fire remotely were “sensational and inaccurate,” it did acknowledge existence of a security vulnerability related to the firmware in some its LaserJet printers and has now released a firmware update to mitigate the issues and is notifying customers and partners.

While HP provides software that enables admins to set configurations and security policies for devices, and provides IT infrastructure and filtering technology to help remove suspicious files and devices on a network, being able to monitor the health of the firmware on its printers is lacking, and has sparked concern by some."

Link to Original Source
The Internet

+ - Go Daddy Loses 21,000 Domains in One Day-> 1

Submitted by expo53d
expo53d (2511934) writes "Hats off to all those who transferred their domains off GoDady. CNET reports that yesterday 21,054 domains where pulled off, a subsidiary of GoDady. While this maybe a coincidence, it is likely to be caused by GoDady's controversial support for SOPA. It seems that GoDady's attempts at remedying the problem were of no use."
Link to Original Source

"Pull the trigger and you're garbage." -- Lady Blue