Become a fan of Slashdot on Facebook


Forgot your password?

Comment Re:Laws of reality (Score 1) 116

"One iPhone app, Pumpkin Maker (a pumpkin-carving game), transmits location to an ad network without asking permission."

That is flat out impossible. I am an iPhone developer; there is no way for an application to obtain user location without the user being prompted if that is OK.

It makes the rest of the conclusions very suspect to me. Just how would an app get age and gender? Again I cannot think of a way that is even possible on an iPhone without being asked; no-where on my iPhone is my birthday or age stored.

Impossible? Anything's possible.


Submission Trojan responsible for plane crash? FUD or fact?->

pariax writes: Tired of a week of stories hyping the role the malware infection may have played in the Spanair crash, a security consultant and pilot has dissected the official report on the incident and provides a detailed account of the chain of failures that led to the crash. AV vendors duck and cover!
Link to Original Source

Submission Cracking PGP in the Cloud->

pariax writes: So you wanna build your own massively distributed password cracking infrastructure? Electric Alchemy has published a writeup detailing their experiences cracking PGP ZIP archives using brute force computing power provided by Amazon EC2 and a distributed password cracker from Elcomsoft. Full article at
Link to Original Source

Comment Re:other PKI options (Score 1) 171

Instead of disabling CRL's, you should publish them to a directory, rather than an HTTP server. In the case of MSAD, the CRL will be replicated to every domain controller in the domain. The CRL can specify a ldap:///path_to_crl.crl CRL which will allow a client to lookup the CRL from any domain controller which is up.

How many surrealists does it take to screw in a lightbulb? One to hold the giraffe and one to fill the bathtub with brightly colored power tools.