Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Submission + - Evaluating The Security Of Open Source Software

An anonymous reader writes: The Core Infrastructure Initiative (CII), a project managed by The Linux Foundation, is developing a new free Badge Program, seeking input from the open source community on the criteria to be used to determine security, quality and stability of open source software. The first draft of the criteria is available on GitHub and is spearheaded by David A. Wheeler, an open source and security research expert who works for the Institute for Defense Analyses (IDA) and is also coordinating the CII's Census Project, and Dan Kohn, a senior adviser on the CII.

Submission + - MDM vulnerability in Apple iOS sandbox facilitates 'rogue apps'->

An anonymous reader writes: A vulnerability in Apple's iOS sandbox, which could affect personal information as well as configuration settings, has been discovered by Appthority's Enterprise Mobility Threat Team. It affects all mobile device management (MDM) clients, and any mobile applications distributed by an MDM that use the “Managed App Configuration” setting for private data. An attacker could potentially create a rogue app, perhaps masquerading as a productivity tool to increase the chances of it getting installed, and then distribute the attack by means of the iTunes store or “spear fishing” email attacks.
Link to Original Source

Submission + - Barcelona Wants Children to Take the Bus to School - not "Lazy Moms on SUVs"

dkatana writes: In 1969, 48 percent of American elementary students walked or bicycled to school. By 2009, only 13 percent did.

Barcelona’s transport authority has a solution: A new program (KanGo!), piloted during the first six months of this year, that offers children the chance to go to school by regular bus while keeping parents informed each step of the journey. The program uses NFC cards and helpers armed with smartphones to monitor children as they go to school by public transport.

The city also offers free use of the public transportation system to children 13 and younger. Parents need only apply for a T-12 card, paying a one-time fee of €35 ($40).

Submission + - Amazon ban Flash ads from September->

An anonymous reader writes: In the light of Adobe Flash ads continuing to prove a popular and successful attack vector for fraudsters and hackers [http://tech.slashdot.org/story/15/08/04/1714245/hackers-exploit-adobe-flash-vulnerability-in-yahoo-ads], Amazon has decided to ban Flash ads on its network. The announcement suggests that the move is inspired by Firefox's recent default blocking of Flash [http://yro.slashdot.org/story/15/07/14/1413221/new-default-mozilla-temporarily-disables-flash-in-firefox], and Google's decision to automatically convert Flash ads to HTML5 on its own ad network [http://news.slashdot.org/story/15/02/25/1838231/google-now-automatically-converts-flash-ads-to-html5].
Link to Original Source

Comment Not a place most English people want to live (Score 0) 410

I can assure you, as someone who lives elsewhere in the UK, only people in London want to live in London. There is no desire amongst the rest of the UK population to move there. Unless you have to go there for work it's somewhere you might visit once every few years at most, with a very specific purpose in mind, and you don't enjoy it when you do.

Comment Re:extremely common fraud protection (Score 1) 130

The difference here seems to be that in your example you are primarily interested in where the the transaction is taking place (or in the case of e-commerce, where it is initiated from). All fairly reasonable, but obviously does still create a "tracking" record, but only of where you use your cards. This is suggesting, and admittedly it's quite vague (but that should never be taken as a good thing), they are just as interested in knowing where you are, by unspecified means using your electronic devices.

Now from what's said it doesn't suggest an app has to be involved in the actual transaction, and if it's not an interactive process then they must be keeping a record of where you are to compare against transactions as and when they happen. Maybe the their app pings them your location regularly, regardless of making any transactions, or maybe they pay the phone companies to give location info for your phone.

They also don't limit themselves to location, they may also use unspecified "other data" from/about your devices.

Comment Re:Yes, this needs to stop, but... "Help yourself" (Score 1) 130

It doesn't actually say this is based on using their app, although that seems like the most likely way they might do it. It says "where we hold information about devices you use such as mobiles or tablets", doesn't say in connection with an app, or with accessing online banking, etc. all a bit vague really.

Submission + - Santander to track customer location via mobiles & tablets->

raburton writes: Santander (one of the biggest banks in Europe) slipped a little note on the corner of my latest statement saying they intend to start collecting "location or other data" from mobiles and tablets that their customers own, from 1st July 2015. There is no link to further information about the policy, or any suggestion you can opt out of it. The stated aim is of course to "prevent and detect fraud", but once they have the data (and they'll probably keep it for a long time) they, or anyone who can gain access to it, can do whatever they like with it. In this day and age I find it hard to take any assurances to the contrary very seriously. Is this kind of policy common practice with banks elsewhere?
Link to Original Source

Comment Re:Assumptions (Score 4, Informative) 78

Very pleased we have a different system in the UK. Drug reps aren't even supposed to give us pens anymore. That said I've had plenty of free lunches from drug reps along with a presentation about their latest drug, but I'm not talking about fancy dinners just a light picnic type spread from the nearest supermarket. There isn't much point them doing it anyway, as a general rule we are only supposed to prescribe things that are approved by NICE (after proper cost/benefit analysis) and/or in our local formulary. If you are prescribing outside that they'll be coming to you for an explanation, not the drug companies. Drug companies are also not allowed to advertise prescription only drugs direct to the public, which I think is probably the most important difference.

Comment Re:What? Why discriminate? (Score 0) 700

Simple. 'Real religions' that have been around for hundreds or thousands of years could be true. Presumably they can't all be, but one or more of them could be. I know many people don't believe in any religion and think they are all made up, but that's opinion (yes it is, you really can't prove otherwise) and it's not the point. Choosing to follow a religion, despite knowing that it could be made up, is called faith. Choosing to follow a 'fake religion', one where the origin is recent enough to be well documented and ultimately known to be made up is called stupidity.

Comment Physical product, so you can't pirate it? (Score 1) 56

Timothy: An important question, because you’ve got a physical product: what does it cost?

Implication being that a physical product can't simply be pirated, so cost becomes a factor in whether people will want it. I guess if it was software he wouldn't have bothered asking because cost is unimportant in that scenario ;-)

Our OS who art in CPU, UNIX be thy name. Thy programs run, thy syscalls done, In kernel as it is in user!

Working...