SecFreak writes "A flaw in a DSL home gateway could lead broadband users inadvertently to divulge personal information, according to a group of self-styled ethical hackers.
In summary, if the victim visits our evil proof-of-concept webpage, his/her browser sends a HTTP request to the BT Home Hub's web interface. After this, the Home Hub starts a VoIP/telephone connection to the recipient's phone number specified in the exploit page. This is what the attack looks like: the victim's VoIP telephone starts ringing and shows an external call message on the LCD screen along with the recipient's phone number. However, what's interesting is that from the point of view of the victim, it looks like he/she is receiving a phone call from the number shown on the screen, but in fact he/she is calling that number!
http://www.gnucitizen.org/blog/call-jackinghttp://www.pcworld.com/article/id,141587-c,onlinesecurity/article.html" Link to Original Source
Zonk from the in-a-post-blah-blah-blah dept.
mplex writes "How vulnerable is the internet to terrorist attack? Is it robust enough to handle an outage on a massive scale? Should the commercial infrastructure that powers the internet be kept secret? These are the sorts of questions raised by Mark Gibbs in his latest column in Network World. 'There is an alternate route available for nearly all services through Las Vegas or Northern California serving all facilities-based carriers in Los Angeles -- all interconnected at numerous L.A. and L.A.-area fiber-optic terminals supporting both metro and long-distance cable.' Given that the internet thrives on open networks, it's hard to imagine keeping them a secret. At best, we must be prepared to deal with the worst."
n9com (1086503) writes "The news you have all been waiting for! The Halo 3 Beta will be available for download on May 16th. The beta test will last until the 6th of June. The full details
are here and the Official
Halo 3 BETA footage can be downloaded from
this link or from the 360 marketplace."
Online encyclopedia gets far more encyclopedic when it comes to pop culture topics like Star Trek and Buffy the Vampire Slayer than historic events or science. Not that we're complaining. Link to Original Source
insane_coder writes "The Insane Coding Blog has a nice story up about wether one can trust their applications. An interesting point from the article: "Not using a high level compiler or virtual machine gives us a layer of security in that it would be harder for one to pass out an 'evil compiler' that would understand what the developer was trying to do and instead have it do something malicious." If you're wondering where your 'evil compiler' would come from, "If you're using a Linux distro which offers binary packages, what really stops a package maintainer from compiling a modified application and putting that in the distro's repositories?""