Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror

Comment: Re:Mystery Pits (Score 1) 552

by morbuz (#26558247) Attached to: Oldest Weapons-grade Plutonium Found In Dump

Under intense time pressure to work with previously theoretical isotopes that just might save tens of thousands of American lives?

At the cost of hundreds of thousands of civilian Japanese lives.

One thing I have thought about quite a few times: Why didn't the Americans just drop the atom bomb right *outside* a major city, thereby reducing the loss of lives to a minimum while still sending the same message of "give up, we can bomb you to back to dust"?

Security

Major Security Hole In Samsung Linux Drivers 295

Posted by kdawson
from the drive-a-truck-through dept.
GerbilSoft writes with news of a major security hole in Samsung's proprietary Linux printer drivers. From the Ubuntu Forums: "Just to inform you about a recent post on the French Ubuntu forum about Samsung drivers (sorry, in French). [Google translation here.] It appears that Samsung unified drivers change rights on some parts of the system: After installing the drivers, applications may launch using root rights, without asking any password. What is more, you may be able to kill your system, by deleting system components, generally modifiable only by using sudo." GerbilSoft adds: "Among the programs that it sets as setuid-root are OpenOffice, xsane, and xscanimage."
Software

+ - Samsung Linux printer driver sets OO as root

Submitted by Anonymous Coward
An anonymous reader writes: The April 2007 Samsung Linux printer drivers "update" many applications, including OpenOffice.org, to open with root permissions. http://linuxfr.org/comments/850495,1.html, shows the installation script and the whole story is at http://linuxfr.org/forums/15/22562.html

Originally found on digg at http://digg.com/linux_unix/Samsung_Linux_printer_d river_modifies_the_permissions_of_many_executables 1 by apterium — http://digg.com/users/apterium
Security

Secretly Monopolizing the CPU Without Being Root 250

Posted by CmdrTaco
from the because-you-shouldn't dept.
An anonymous reader writes "This year's Usenix security symposium includes a paper that implements a "cheat" utility, which allows any non-privileged user to run his/her program, e.g., like so 'cheat 99% program' thereby insuring that the programs would get 99% of the CPU cycles, regardless of the presence of any other applications in the system, and in some cases (like Linux), in a way that keeps the program invisible from CPU monitoring tools (like 'top'). The utility exclusively uses standard interfaces and can be trivially implemented by any beginner non-privileged programmer. Recent efforts to improve the support for multimedia applications make systems more susceptible to the attack. All prevalent operating systems but Mac OS X are vulnerable, though by this kerneltrap story, it appears that the new CFS Linux scheduler attempts to address the problem that were raised by the paper."
Handhelds

+ - DVD Jon releases iPhone hack

Submitted by Anonymous Coward
An anonymous reader writes: Engadget has a story up on DVD-Jon releasing a hack which lets you activate an iPhone without going through AT&T.

A little hex editing of iTunes, a little hostfile hacking, a little program called Phone Activation Server v1.0, and you're on your way to an AT&T service free iPhone, friend. That's right, Jon, knock that toxic AT&T-tied iPod-coffee out of Steve's hand. Ok, so apparently the phone still doesn't work (we wonder if there isn't some kind of mechanism that binds the iPhone to select AT&T SIMs), so it's not like it's an unlocked device, but at least you can now use it as "the best iPod [Apple's] ever made."

The solution of this problem is trivial and is left as an exercise for the reader.

Working...