Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Submission + - WhatsApp is using IMEI numbers as passwords (

mpol writes: "In the past WhatsApp has been hightly critisized over their insecure use of the XMPP messaging protocol. Recently new versions of their app have incorporated encryption.

It seems the trouble isn't over yet for WhatsApp and its users. Sam Granger writes on his blog that WhatsApp is using IMEI numbers as passwords. This is at least the case with the Android app, but other platforms are probably using similar methods.
Since it is easily readable what someone's IMEI number is, this isn't really secret information that should be used for authentication.
In the wake of the Apple/FBI UDID fiasco, will we see lists with phone numbers and IMEI numbers appear on the net?"


Submission + - Zero-Day exploit market sells mostly to US government (

mpol writes: "Forbes magazine published a profile of French exploit-selling firm Vupen last April. Now there's a blog article about a broker from South Africa, complete with a price-list of zero-day exploits and their platform. iOS is the highest valued here.
The article also claims most exploits are being sold to agencies of the US government.
It does raise a concern though. What if black-hats got more serious, and the US government would become a victim. When shit hits the fan, how will they react."

Thus spake the master programmer: "Time for you to leave." -- Geoffrey James, "The Tao of Programming"