Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


+ - Vulnerability disclosure for 70 million websites

Submitted by sectest
sectest (656626) writes "CSO has a "chilling" article about the shifting landscape of vulnerability disclosure from shrink-wrapped software to real-world websites. "Grossman (CTO, WhiteHat Security) claims XSS vulnerabilities can be found in 70 percent of websites." ... "If you apply those number to a recent Netcraft survey, which estimated that there are close to 100 million websites, you've got 70 million sites with XSS vulnerabilities. Repairing them one-off, two-off, 200,000-off is spitting in the proverbial ocean." Also unclear is the legality of even finding a vulnerability in a website. Recent high profile prosecutions have cautioned security researches about sharing their discoveries. And if those people stop looking, "That leaves the malicious ones, unconcerned by the legal or social implications of what they do, as the dominant demographic still looking for Web vulnerabilities.""

+ - The Missing MyBlogLog Tools

Submitted by inblosam
inblosam (581789) writes "MyBlogLog was recently acquired by Yahoo! and is a social network of blogs, sites, authors, and readers. To better harness the power of this expanding social network, Michael Jensen has created "The Missing MyBlogLog Tools". These tools allow you to go beyond searching and browsing at, to discover blogs and people based on your contacts, members in communities, and real-time visitors to blogs."

"It's ten o'clock... Do you know where your AI programs are?" -- Peter Oakley