Follow Slashdot stories on Twitter


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


+ - Security Firm Cylance say Iran hackers targeted airlines, energy, defense->

Submitted by Anonymous Coward
An anonymous reader writes "Iranian hackers have infiltrated major airlines, energy companies, and defense firms around the globe over the past two years in a campaign that could eventually cause physical damage, according to U.S. cyber security firm Cylance.

The California-based company said its researchers uncovered breaches affecting more than 50 entities in 16 countries, and had evidence they were committed by the same Tehran-based group that was behind a previously reported 2013 cyber attack on a U.S. Navy network.

It did not identify the companies targeted, but said they included major aerospace firms, airports and airlines, universities, energy firms, hospitals, and telecommunications operators based in the United States, Israel, China, Saudi Arabia, India, Germany, France, England and others.

Cylance said it had evidence the hackers were Iranian, and added the scope and sophistication of the attacks suggested they had state backing."

Link to Original Source

+ - Hacker took over BBC server, tried to 'sell' access on Christmas Day->

Submitted by Anonymous Coward
An anonymous reader writes "A hacker secretly took over a computer server at the BBC, Britain's public broadcaster, and then launched a Christmas Day campaign to convince other cyber criminals to pay him for access to the system.

It was not clear how the BBC, the world's oldest and largest broadcaster, uses that site,"

Link to Original Source

+ - How to get non-developers to send meaningful bug r 2

Submitted by DemonGenius
DemonGenius (2247652) writes "I'm in the midst of a major rollout of one of our primary internal applications at work and we have a beta version available for all the staff to use. The problem here is most of the staff don't know how to send reports meaningful enough to get us devs started on solving their problems without constant back and forth correspondence that wastes both developer time and theirs. Some common examples are: screenshots of the YSOD that don't include the page URL, scaled screenshots that are unreadable, the complaint that wants to be a bug report but is still just a complaint, etc. FYI, from the user's perspective they just send an email, but that email registers in our tracking system. Any thoughts on how to get the non-devs sending us descriptive and/or meaningful reports? Does anyone here have an efficient and user-friendly bug tracking system/policy/standard at their workplace and how does it work?"

Comment: Re:Define professionals? (Score 1) 556

by jclarke (#37747442) Attached to: Is Apple Pushing Away Professionals?

Bzzt. Try again.

That's, as of this posting, $339.99 for two 8GB DDR3 ECC DIMMS for the current-generation Mac Pro. To get to your precious 64G goal, you'd buy four of those two-dimm bundles which would total $1359.96 before taxes and shipping. And that's prices a well-known seller, without whatever coupons might be offered. I'm sure there's a newegg deal or something that'd make it even less. But that's "retail" right there. A far cry from your claimed "more than 5k by itself."

Comment: Re:NASA and cards (Score 1) 44

by jclarke (#37671822) Attached to: German Researchers Crack Mifare RFID Encryption

the FIPS201 PIV (HSPD12) cards you refer to can be used for contactless authentication in a number of ways:
1. CHUID (easily duplicated, no authentication required to read from the card)
2. CAK (PKI validation of the card itself)
3. PKI (PKI validation of the cert issued to the person, stored on the card)
4. BIO (on card or off card matching of fingerprints)

3+4 = awesome stuff. if they can do it. i'd be surprised if they are using this for their doors. it's a ton of equipment, labor, time for end users, money, and burden for getting through a door.
1 = horrific, LESS secure than mifare or desfire or prox. i believe someone at Defcon was sniffing and playing these on a wall-of-sheep sort of display in '08 or '09

now. wanna know how most organizations are doing contactless access control with their HSPD-12 cards? they get them manufactured with a mifare or desfire inlay inside, instead of the contactless antenna for the PIV electronics. and they can even go further and have a PIV+Mifare+Prox card or PIV+Desfire+Prox card by putting a oldschool 125khz prox inlay inside as well (different frequencies, so no interference)

to the outsider or layperson it looks like your super-sexy PIV card is doing everything. In reality, it's the same old tech sandwiched in the middle of your PIV card.

not saying this is the case at NASA, i have no knowledge of their PIV deployment. But this is how it's done elsewhere.....

Comment: Re:Why not? (Score 1) 263

by jclarke (#37655286) Attached to: Was the iPod Accessory Port Inspired By a 40-Year-Old Camera?


According to a book entitled Michigan Yesterday & Today authored by Robert W. Domm, the assembly line and its basic concept is credited to Ransom Olds, who used it to build the first mass-produced automobile, the Oldsmobile Curved Dash.

The more they over-think the plumbing the easier it is to stop up the drain.