Forgot your password?
typodupeerror
Security

+ - Dreamhost tells customers to expose themselved to MitM attack->

Submitted by rstory
rstory (155367) writes "It appears that there was some sort of security breach at Dreamhost, and on Friday they decided to generate new SSH host keys for all their servers. This was done without any notification to their customers. The only mention is on their status blog page, which I'd venture to guess that most customers don't even know about, and there they tell all their customers to delete their old keys and accept the new ones. They seem to lack a basic understanding of public key cryptography: public keys are meant to be PUBLIC. Can anyone think of a good reason why a) they wouldn't send out an email in advance (or immediately afterwards) to notify their customers, and b) they wouldn't post a page of all the new keys for customers to be able to verify? This seems to be highly irresponsible."
Link to Original Source
Data Storage

+ - FreeNAS 8.3.0-RELEASE is available with full ZFS 28 Support->

Submitted by Anonymous Coward
An anonymous reader writes "FreeNAS project once again has made available an update to their NAS/SAN appliance operating system "FreeNAS" at version 8.3.0-RELEASE. Improvements include support for ZFS 28 (which include on-disk de-duplication of data), as well as other features such as USB 3.0 support, webshell console, etc. As usual, download package or ISO is about 100 megs."
Link to Original Source

+ - Supreme Court to hear First Sale Doctrine case->

Submitted by Registered Coward v2
Registered Coward v2 (447531) writes "SCOTUS is set to hear a case to determine how copyright law and the doctrine of first sale applies to copyrighted works bought overseas, imported to the US and then sold. The case involves a foreign student who imported textbooks from Asia and the resold them in the US to help fund his education. He was sued by the publisher, lost and was ordered to pay $600k in damages. Now SCOTUS gets to weigh in on the issue."
Link to Original Source

+ - Indian Govt. scraps a patent based on traditional/ancient knowledge->

Submitted by Anonymous Coward
An anonymous reader writes "The Indian government denied a patent for diabities care based on extracts of plants by saying that for centuries, it was known that the plants were used for management of diabetes and there were no inventions. "When plants are known to act against a particular disease, extracts would certainly perform the same function," an official said. Besides, the government is of the view that a patent cannot be granted for validating something that is part of traditional knowledge."
Link to Original Source

+ - Protecting against smash and grab?

Submitted by rstory
rstory (155367) writes "I seem to be hearing about more smash and grab thefts lately, from low-tech purse snatching to thieves after laptops and cameras. Bold thieves are even snatching stuff in church/day-care parking lots in the 5 minute window while a parent goes in to pick up their child. I often drive around with my laptop, and want to find the best way to protect against theft. Besides the obvious "don't leave equipment in the car" solution, what else are people doing? Right now I just use a regular backpack instead of a fancy laptop case. I don't have a trunk, so when I leave the car I put the backpack on the floor of the back seat, sometimes throwing other junk on top. The only interesting thing I've found while googling is a couple of 'anti-theft' backpacks which have wire mesh to prevent cutting them open and a (thin looking) cable for securing to a stationary object. What do you do to protect your gear?"
Microsoft

+ - Microsoft automatically updates IE for everyone

Submitted by adeelarshad82
adeelarshad82 (1482093) writes "While Microsoft has always had patches and new major versions available via Windows Update, the process was never automatic. However starting January, users in Australia and Brazil will begin receiving automatic IE updates. Microsoft will gradually extend coverage to other parts of the world. Ryan Gavin, Microsoft’s senior director for Internet Explorer, pointed out several benefits. The overall security of the Windows user community will be improved as outdated browsers are replaced, developers can focus their attention on building sites using modern web code, and those who surf with IE will be able to enjoy the full Beauty of the Web."

+ - Opera goes 64-bit for Windows (finally)->

Submitted by Anonymous Coward
An anonymous reader writes "Windows users around the world (who use Opera) have been waiting for Opera to release a 64-bit version for Windows: The wait's over and Opera Labs has such a 64-bit build just in time for X-Mas 2011 here http://dev.opera.com/articles/view/64-bit-opera-and-out-of-process-plug-ins/ and you can read more on it here http://my.opera.com/desktopteam/blog/2011/12/15/64-bit-and-out-of-process-plugins-builds-now-available-on-labs also. It's based on the "wahoo" Opera 12.x series builds too (the most feature laden yet)."
Link to Original Source
Technology

+ - Grady Booch Documenting Computers to Chart->

Submitted by jjp9999
jjp9999 (2180664) writes "Computer scientist Grady Booch, an original creator of the Unified Model Language, hopes to do for computing what Sagan did for the universe with ‘Cosmos.’ By presenting the history and state of global computing, both the good and the bad, he hopes to help society ‘be intentional how about how we will shape the future of computing as well as how we might choose to be shaped by it It is as if we have created a new world, and chose to step inside it,’ he said. This will be done through a transmedia documentary series, ‘Computing: The Human Experience.’ According to Booch, ‘We will set the stage, we will pose the questions, but our audience can draw their own conclusions.as well as hopefully be inspired to be part of creating that future.’"
Link to Original Source

Comment: Re:Spoofing has not been a problem for years (Score 1) 211

by rstory (#15252914) Attached to: Can You Spoof IP Packets?
Sigh. There's never a mod point around when you need it.

every self-respecting network operator has RPF ... enabled at the edge

No, they don't. Not even close.

Gone are the days of spoofing

You haven't been paying attention, have you? The recent DNS DDOS attacks used spoofing to help generate the DOS attacks that hit rates of Gb/s.

Spoofing is still a concern, and every self-respecting network operator should have anti-spoofing filters, but they don't.

If all the world's economists were laid end to end, we wouldn't reach a conclusion. -- William Baumol

Working...