Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Comment: Cancel *EVERYTHING* (Score 1) 257

by JBMcB (#49602965) Attached to: Native Hawaiian Panel Withdraws Support For World's Largest Telescope

Stop all federal funding for new construction projects in all of Hawaii. Cancel everything. Close all federally funded operations. Close Pearl Harbor and move the base back to the mainland. Cut all federal spending for Hawaii, including energy, roads, and education.

There, now Hawaii is protected.


Researcher Bypasses Google Password Alert For Second Time 34

Posted by timothy
from the if-you-watch-everything-you-lose-perspective dept.
Trailrunner7 writes with this excerpt: A security researcher has developed a method–actually two methods–for defeating the new Chrome Password Alert extension that Google released earlier this week.

The Password Alert extension is designed to warn users when they're about to enter their Google passwords into a fraudulent site. The extension is meant as a defense against phishing attacks, which remain a serious threat to consumers despite more than a decade of research and warnings about the way the attacks work.

Just a day after Google released the extension, Paul Moore, a security consultant in the U.K., developed a method for bypassing the extension. The technique involved using Javascript to look on a given page for the warning screen that Password Alert shows users. The method Moore developed then simply blocks the screen, according to a report on Ars Technica. In an email, Moore said it took him about two minutes to develop that bypass, which Google fixed in short order.

However, Moore then began looking more closely at the code for the extension, and Chrome itself, and discovered another way to get around the extension. He said this one likely will be more difficult to repair.

"The second exploit will prove quite difficult (if not near impossible) to resolve, as it leverages a race condition in Chrome which I doubt any single extension can remedy. The extension works by detecting each key press and comparing it against a stored, hashed version. When you've entered the correct password, Password Alert throws a warning advising the user to change their password," Moore said.

Comment: Re:This again? (Score 1) 431

by Bruce Perens (#49598949) Attached to: New Test Supports NASA's Controversial EM Drive

OK, I will try to restate in my baby talk since I don't remember this correctly.

Given that you are accelerating, the appearance to you is that you are doing so linearly, and time dilation is happening to you. It could appear to you that you reach your destination in a very short time, much shorter than light would allow. To the outside observer, however, time passes at a different rate and you never achieve light speed.

Comment: Where we need to get to call this real (Score 1) 431

by Bruce Perens (#49596461) Attached to: New Test Supports NASA's Controversial EM Drive

Before we call this real, we need to put one on some object in orbit, leave it in continuous operation, and use it to raise the orbit by a measurable amount large enough that there would not be argument regarding where it came from. The Space Station would be just fine. It has power for experiments that is probably sufficient and it has a continuing problem of needing to raise its orbit.

And believe me, if this raises the orbit of the Space Station they aren't going to want to disconnect it after the experiment. We spend a tremendous amount of money to get additional Delta-V to that thing, and it comes down if we don't.

Comment: Re:already done (Score 2) 126

by JBMcB (#49590985) Attached to: Obama Announces e-Book Scheme For Low-Income Communities

It's e-books, not e-readers. You can read an e-book on practically any device with a screen, from a $30 e-reader to a cell phone or a 10 year-old computer.

Same difference. There are libraries filled with books you can read for free. It's a sunk cost. What specific problem are ebooks going to solve?

You mean like this?

Exactly. Now take the money wasted on ebooks and fund that instead.

Comment: Re:already done (Score 2) 126

by JBMcB (#49590613) Attached to: Obama Announces e-Book Scheme For Low-Income Communities

By definition the middle class can AFFORD things, the poor and lower class need help MORE than the middle-class does.

So we're blowing money on e-readers when, last time I checked, libraries still exist? How about $250 million worth of more free pre-school for underprivileged kids, which has been proven to lead to better outcomes?

"A child is a person who can't understand why someone would give away a perfectly good kitten." -- Doug Larson