Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


Owners Smash iPhones To Get Upgrades, Says Insurance Company 406

Posted by timothy
from the dog-ate-it dept.
markass530 writes "An iPhone insurance carrier says that four in six claims are suspicious, and is worse when a new model appears on the market. 'Supercover Insurance is alleging that many iPhone owners are deliberately smashing their devices and filing false claims in order to upgrade to the latest model. The gadget insurance company told Sky News Sunday that it saw a 50-percent rise in claims during the month Apple launched the latest version, the iPhone 3GS.'"

Comment: Re:Does anyone notable *not* support CNNIC? (Score 1) 256

by travd (#31004576) Attached to: Mozilla Accepts Chinese CNNIC Root CA Certificate

As I understand it the "Advanced" list is correct - it is the one that the application itself is enforcing (if you uncheck an option there, the application will not use the specified certificate for that purpose). The list of purposes under "view" is, I believe, the list of purposes declared by the certificate itself, as specified by whoever generated the certificate. You may choose to use it for a smaller list of purposes, which is what Chrome is doing wrt email (in the same way, Firefox only trusts the CNNIC cert for SSL, not for email or binary signing).

Comment: Re:Sorry, what? (Score 2, Informative) 256

by travd (#31004450) Attached to: Mozilla Accepts Chinese CNNIC Root CA Certificate
Why does there have be hysteresis to the process? That is, why does the burden of proof change once Mozilla has accepted the certificate? If you see how the process worked, it was basically the case that by the time it became relatively common knowledge that the CNNIC certificate was going be added, the time for comments had passed (not many people make the habit of trolling through Bugzilla entries or the Mozilla "RFC" page to find things they may want to comment on). If, once it became common knowledge, there were serious objections raised to adding the certificate - why not start the process again from scratch? Why force anyone to prove that CNNIC will violate the duties of a CA, especially given that these violations may be in the future? Furthermore, the whole discussion should be considered special given that the "great firewall" has apparently begun blocking most of the threads discussing the issue, such that open discussion isn't even possible since the very people who may be affected by this most (those within China) are being prevented from discussing it.
PlayStation (Games)

PS3 Hacked? 296

Posted by Soulskill
from the another-one-bites-the-dust dept.
Several readers have sent word that George Hotz (a.k.a. geohot), the hacker best known for unlocking Apple's iPhone, says he has now hacked the PlayStation 3. From his blog post: "I have read/write access to the entire system memory, and HV level access to the processor. In other words, I have hacked the PS3. The rest is just software. And reversing. I have a lot of reversing ahead of me, as I now have dumps of LV0 and LV1. I've also dumped the NAND without removing it or a modchip. 3 years, 2 months, 11 days...that's a pretty secure system. ... As far as the exploit goes, I'm not revealing it yet. The theory isn't really patchable, but they can make implementations much harder. Also, for obvious reasons I can't post dumps. I'm hoping to find the decryption keys and post them, but they may be embedded in hardware. Hopefully keys are setup like the iPhone's KBAG."

Comment: Re:iGoogle support? (Score 1) 275

by travd (#30759972) Attached to: Gmail Moves To HTTPS By Default
This kind of vulnerability extends even to very commonly used applications. The firefox download, remarkably, does not occur over HTTPS, and yet that is the way in which you get your root certificates used by SSL. It is entirely possible for someone to intercept your download and return you a hacked version of firefox which contains malicious root certificates which would then could to sign any sort of phishing or other attack site, allowing spoofing of pretty much any website's identity.

Super-Earths Discovered Orbiting Nearby, Sun-Like Star 242

Posted by Soulskill
from the i-for-one dept.
likuidkewl writes "Two super-earths, 5 and 7.5 times the size of our home, were found to be orbiting 61 Virginis a mere 28 light years away. 'These detections indicate that low-mass planets are quite common around nearby stars. The discovery of potentially habitable nearby worlds may be just a few years away,' said Steven Vogt, a professor of astronomy and astrophysics at UCSC. Among hundreds of our nearest stellar neighbors, 61 Vir stands out as being the most nearly similar to the Sun in terms of age, mass, and other essential properties."

Comment: Re:Can they not use... (Score 1) 379

by travd (#27366899) Attached to: Are Long URLs Wasting Bandwidth?
Deflate doesn't work well on shortish strings because (a) it has some 11 or bytes of overhead you pay no matter what (b) you are no likely to find a lot of long-run duplication in short strings (c) the relative cost of including the huffman tree in the output is large, so it is likely that a less efficient static variation will be chosen.

"What is wanted is not the will to believe, but the will to find out, which is the exact opposite." -- Bertrand Russell, _Sceptical_Essays_, 1928