Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Cyber Monday Sale Extended! Courses ranging from coding to project management - all eLearning deals 20% off with coupon code "CYBERMONDAY20". ×

Submission + - UK's largest online pharmacy sold patients' personal data to fraudsters (ibtimes.co.uk)

Ewan Palmer writes: The UK's biggest online pharmacy has been fined $200,000 for selling thousands of patients' personal data to scammers who targeted the sick and vulnerable. Pharmacy2U (P2U) was found to have breached the Data Protection Act for giving away details of patients to Australian Lottery fraudsters who targeted male pensioners and health supplements company that has been cautioned for misleading advertising

A company who dealt with patients who were being marketed said they had "no idea the trade in their data was as murky as this".

Submission + - Portable self-encrypting WD hard disk not so encrypted after all.

lesincompetent writes: Quoting the abstract should be enough to show how dire the situation is:
We will describe the security model of these devices and show several security weaknesses like RAM leakage, weak key attacks and even backdoors on some of these devices, resulting in decrypted user data, without the knowledge of any user credentials.
Paper by Alendal, Kison and modg is available here in PDF format.

Submission + - Microsoft keeps sneaking in update

lesincompetent writes: How many of you noticed the infamous KB3035583 coming back over and over again even after being manually hidden?
Yes, that's the one that brought us both the free windows 10 upgrade notice and the unwarranted download of up to 6GB of installation files.
For us with no intention of "upgrading" to windows 10, how can we end this frustration once and for all?

Submission + - New attacks on Firefox (and Internet Explorer, Edge) privacy

An anonymous reader writes: Researchers unveiled two attacks against privacy in Firefox. Both attacks exploit HTML5's performance object. The first attack probes the computer's cache for data from other users/processes. The second attack (demo here) finds the computer's clock speed and whether it's virtualized. This one also applies to Internet Explorer and Edge browsers.

Submission + - Linux Foundation: Security Threatens 'Golden Age' Of Open Source

Mickeycaskill writes: The executive director Linux Foundation has outlined its plans to improve open source security, which could otherwise threaten a 'golden age' which has created billion dollar companiesand seen Microsoft and Apple among others embrace open technologies.

The organisation launched the Core infrastructure Initiative (CII), a body backed by 20 major IT firms, last year and is investing millions of dollars in grants, tools and other support for open source projects that have until now been underfunded.

This was never move obvious than following the discovery of the Heartbleed Open SSL bug last year.

“Almost the entirety of the internet is entirely reliant on open source software,” he said. “We’ve reached a golden age of open source. Virtually every technology and product and service is created using open source.

“Heartbleed literally broke the security of the Internet. Over a long period of time, whether we knew it or not, became dependent on open source for the security and Integrity of the internet.”

“We want to find the projects on the Internet that are broken and fix them. We have raised a multi-million fund to provide grants to projects to help them out."

“We’re not talking about some new technology product or service, we’re talking about your privacy, your security. We believe creating a more secure, more robust Internet is good for all of us.”

Adapt. Enjoy. Survive.