Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
Slashdot Deals: Prep for the CompTIA A+ certification exam. Save 95% on the CompTIA IT Certification Bundle ×

Comment Re:Single Sign on aka FB (Score 1) 446

If you are like most people, then your email should be one of the most secure. If someone compromises your email they can reset the passwords on all your other accounts. They can figure out what other accounts you have by looking at your email.

One of the hazards of allowing people to reset their passwords by email.

Comment Very sad (Score 1) 1613

It is really weird (for someone I really don't even know), but the news of his death hit me pretty hard. I think part of it was that he really wasn't very old, in fact he is wasn't much much older than one of my brothers.

A reminder that all of us have a finite amount of time here and we really should try and make the best of it.

RIP Steve.

Comment So how does this all work? (Score 1) 79

I'm curious, how does this contest work? You sign up for a 30 minute spot. Do they allow the security researcher to sit at the system to compromise and operate it or does the security researcher direct a user to visit some url with a potential exploit? Part of the contest is to exploit the browser so I am guessing that the browser needs someone operating it and fetching well crafted html etc. from some where.

The phone stuff looks interesting as they are looking for drive by exploits as well as browser exploits.

Idle

Study Finds Most Would Become Supervillians If Given Powers 419

It probably comes as no surprise, but researchers have found that most of us would gladly put on a mask and fight do-gooders if given super powers. From the article: "But power also acts like strong cologne that affects both the wearer and those within smelling distance, Galinsky noted. The person gains an enhanced sense of their importance, and other people may regard them with greater respect as well as extend leniency toward their actions. That combination makes for an easy slide into corruption."

Comment Re:security holes of releasing source code (Score 1) 187

You don't need the source code to find holes to exploit! In fact some security researchers only care about having the released binaries. For more information read "Hacking: The Art of Exploitation". IIRC it has something to do with the fact that different; compilers, versions of same compiler, options to same compiler can all generate different binaries. So to truly exploit the code you need to know what instructions actually made it into the binary that people are using. That is why tools like IDA Pro are so useful.

 

The confusion of a staff member is measured by the length of his memos. -- New York Times, Jan. 20, 1981

Working...