Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror

Comment: Re:Only as secure as the gate-keeper. (Score 1) 280

by zaajats (#28886653) Attached to: Null Character Hack Allows SSL Spoofing

This isn't really a browser issue.

The browser is going "Show me that this cert is valid for paypal.com" and the CA is going "Here it is, for paypay.com" , at least as far as the browser is concerned.
  This is no more a flaw then if the CA just started letting anyone buy certs for paypal.com.

Having multiple CAs (and cheap CAs) is a good thing, but we're only ever secure with ssl as the least secure CA.

As far as I understand, it's more like:

* Browser gets cert for Paypal.com\0.badguy.com from the server

* Browser reads domain from cert, but does so invalidly, and only gets Paypal.com

* etc

Comment: Re:Well that's just fantastic (Score 2, Insightful) 150

by zaajats (#28386781) Attached to: iPhone 3.0 Update Delivers Prodigious Patch Batch

Now I'm looking at keeping my Sanza Fuze and Nokia E51. Apple can get fucked.

Your Fuze gets feature-rich updates often?

Point being — I find it somewhat strange that when Apple charges for an update, it's somehow worse than the competitors who don't offer any of the features, free or otherwise.

Comment: Re:Well that's just fantastic (Score 1) 150

by zaajats (#28380817) Attached to: iPhone 3.0 Update Delivers Prodigious Patch Batch

But when are they going to patch these security flaws on my 2.1 ipod? Paying for an update is ridiculous, especially when it fixes critical security flaws. I sure hope apple does the right thing.

Sure, paying for a security update alone is a bit strange, but really — it's only $10 and gives you so much more. Besides, it's not like your iPod has been taken over by viruses due to the bugs.

Censorship

Comcast Blocks Web Browsing 502

Posted by CmdrTaco
from the because-they-can dept.
An anonymous reader writes "A team of researchers have found that Comcast has quietly rolled out a new traffic-shaping method, which is interfering with web browsers in addition to p2p traffic. The smoking gun that documents this behavior are network traces collected from Comcast subscribers Internet connections. This evidence shows Comcast is forging packets and blocking connection attempts from web browsers. One has to hope this isn't the congestion management system they are touting as no longer targeting BitTorrent, which they are deploying in reaction to the recent FCC investigations."
Windows

+ - Windows 7 - What we know so far...->

Submitted by
Anonymous Anti-Coward
Anonymous Anti-Coward writes "We're still in the long dark before 7's dawn, but the earliest signs are encouraging: a new streamlined kernel, an inbuilt VM for running old software, a revised and simplified UI... there's every chance that Microsoft intends Windows 7 to rise from the ashes of Vista and be what Mac OS X was for Apple.'

Vista was released on January 30 2007 at which time it became available to one and all.
Unfortunately for Microsoft, the number of people who bought Vista was much closer to 'one' than 'all'."

Link to Original Source
The Internet

+ - Owner of Rizon to serve time for DDOS attacks.->

Submitted by Anonymous Coward
An anonymous reader writes "A man from Kentucky is sentenced for prison after being convicted in Detroit of charges that he carried out attacks on computers numbering in thousands and cutting them off from the Internet, as per the news published by Crime-research on June 22, 2007.

Jason Michael Downey, 24 and belonging to Dry Ridge, Kentucky admitted having committed computer fraud in order to operate a botnet. When Downey was pleading guilty in the court, the information presented there served as evidence of Downey's ownership of the Rizon.net Internet Relay Chat (IRC) network from June 18, 2004 to September 5, 2004.

Downey infected large number of computers with various kinds of bot viruses after which the computers responded to Downey's commands. He built a network with about 6,000 computers he had infected.

Through the Internet Relay Chat network, Downey controlled and issued commands to the botnet to hurl a series of 'Denial of Service' (DoS) attacks on different kinds of computer systems connected to the Internet. The attacks overloaded the systems with network data and therefore could not operate properly.

Rizon themselves have not issued any statements regarding the charges, they can be found at http://www.rizon.net/

More of the story can be read at http://www.spamfighter.com/News-8671-Man-Pleads-Gu ilty-To-Cyber-Crime.htm

The full U.S. Department of Justice briefing and sentencing guidelines can be found at the following address.
http://www.usdoj.gov/usao/mie/press/2007/2007-6-20 _mdowney.pdf"

Link to Original Source
The Internet

+ - 35 Different Ways of Looking at Social Networks->

Submitted by jg21
jg21 (677801) writes "Social Computing Magazine has just published a list of thirty-five perspectives on online social networking reflecting how protean and difficult to pin down the phenomenon is. It was compiled by Malene Charlotte Larsen, a PhD student at Aalborg University in Denmark, who has been doing research on Danish youngsters and online social networking. She ends with an open request for further perspectives.

[From the article "I must say that I certainly do not agree with all of the mentioned perspectives, but some of them do represent the opinions (or prejudices) I hear when I am out giving lectures to adults."]"

Link to Original Source

I never cheated an honest man, only rascals. They wanted something for nothing. I gave them nothing for something. -- Joseph "Yellow Kid" Weil

Working...