Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Deal of the Day - 6 month subscription of Pandora One at 46% off. ×

Submission + - Security flaw in Yahoo mail exposes auth info

tdalek writes: After patching its plaintext authentication gaffe, Yahoo! Zimbra Desktop has fumbled the security and privacy ball once again. Yahoo! Zimbra now uses the standard authentication method used by the rest of the Yahoo! Mail family. However, unlike other implementations where invalid SSL certificates will throw up plenty of warnings for the user, Yahoo! Zimbra Desktop is trivially vulnerable to a man-in-the-middle attack, as it simply transmits the usernames & passwords regardless of who's picked up on the other side. With all of the news about DNS vulnerabilities, this seems like exceptionally poor timing for a MiTM. For the time being you may wish to switch to using the Yahoo! webmail interface, until this bug gets fixed.

Submission + - Commercial applications come to the OpenMoko 1

spamcakes writes: "The development of the first commercial application for the OpenMoko is apparently getting underway. Devicescape, which makes a program for automatic Wi-Fi logins to networks like Starbucks, is going to be getting on the OpenMoko bandwagon. Are more commercial applications going to move to the OpenMoko platform because of its open platform? Is the restrictiveness of other platforms help push applications to the OpenMoko?"

To do two things at once is to do neither. -- Publilius Syrus