TSHTF - Slashdot User

Submission + - Miss Minnesota USA 2012 wants to code! (missuniverse.com)

Submitted by PerlThoughts on Thursday May 24, 2012 @04:52PM

PerlThoughts writes: The lovely and intelligent Nitaya Panemalaythong, Miss Minnesota 2012 wants to code according to an official Miss USA interview. When asked "if you could be great at one thing and why?" her answer: "computer programming." Bonus: she's also not going to talk anyone out of their pr0n (though she would never do it herself). Her rather remarkable bio even tells an amazing family story. You can vote her into the semifinals (up to 10x/day/email address .. NoScript and a back button makes quick work of that #justSayin) of the Miss USA competition if you're so inclined. The competition airs live from Vegas June 3rd at 9pm EDT.

Comment Re:My college did it easier (Score 4, Informative) 160

by TSHTF on Monday January 09, 2012 @08:23PM (#38644914) Attached to: Inside the Great Firewall of China's Tor Blocking

Tor has changed since you read last... "Bridges" were added to Tor and are not listed in any central directory.

Tor bridges

Comment Half-assed apology (Score 1, Flamebait) 231

by TSHTF on Thursday December 08, 2011 @08:08PM (#38310030) Attached to: Cnet Apologizes For Nmap Adware Mess

What a half assed apology. They didn't apologize for fucking up, but instead the unrest they caused.

The bundling of this software was a mistake on our part and we apologize to the user and developer communities for the unrest it caused.

Comment Easy fix below (Score 1) 58

by TSHTF on Saturday October 29, 2011 @02:35PM (#37880602) Attached to: AWS Load Balancer Sends 2 Million Netflix API Reqs To Wrong Customer

Use rewrite rules to do a 301 redirect to goatse.cx when the host is api.netflix.com!

Submission + - PBS Web Sites and Databases Hacked (securityweek.com)

Submitted by wiredmikey on Monday May 30, 2011 @04:13PM

wiredmikey writes: Late Sunday night, hackers gained access to several areas of PBS Web servers and were able publish a fake news story on a PBS news blog. The group also published PBS internal user login information that they wer able to siphon out of PBS databases. The fake story was about rapper Tupac Shakur, who died in 1996 after being shot in Las Vegas, being been found alive and well in a small resort in New Zealand.

PBS News Blog Hacked by LulzSec group going by the name of “LulzSec” claimed responsibility for the hack, saying the attack was a protest against a PBS FRONTLINE broadcast last week about WikiLeaks.

Submission + - Apple's XCode IDE Is No Longer Free (apple.com) 1

Submitted by GlobalEcho on Wednesday March 09, 2011 @05:07PM

GlobalEcho writes: Apple has historically made its development tools available free to anyone willing to register on their website and wait for a 1GB download. Starting with XCode 4, the software will cost $4.99 for anyone not already a paid member of their Registered Developer program ($99/year). The new version will now come as an App Store download.

Submission + - AT&T Sued for Systematic iPhone Overbilling

Submitted by Hugh Pickens writes on Tuesday February 01, 2011 @05:58PM

Hugh Pickens writes writes: UPI reports that AT&T is facing a lawsuit that says AT&T routinely bills for 7 percent to 14 percent more data transactions than normally takes place that could blossom into a costly class-action case. Court papers claim that attorneys set up a test account for an iPhone, then closed all of its apps and left the device unused for 10 days. AT&T still billed the account for 2,292 KB of usage. "A significant portion of the data revenues were inflated by AT&T's rigged billing system for data transactions," say court papers filed on behalf of AT&T customer Patrick Hendricks. "This is like the rigged gas pump charging you when you never even pulled your car into the station." Attorneys say they would file to have the case moved to class-action status, which makes the outcome relevant to all of AT&T's iPhone accounts.

Submission + - Apple to end free case program for iPhone 4 (marketwatch.com)

Submitted by TSHTF on Friday September 10, 2010 @05:19PM

TSHTF writes: Apple has just announced their intention to end the free case program for the iPhone 4. According to Apple, "we now know that the iPhone 4 antenna attenuation issue is even smaller than we originally thought". The official page for the program confirmed the announcement.

Submission + - Geolocation in Firefox vulnerable to theft

Submitted by Anonymous Coward on Tuesday August 17, 2010 @10:12PM

An anonymous reader writes: In a recent post to the BugTraq mailing list, noted Google security researcher Michael Zalewski brings up the topic of designing secure user interfaces to take human cognitive deficiencies into account. More interestingly, the same post also provides an example of a simple attack that apparently exploits the HTML5 geolocation feature in Firefox to pinpoint your location without your consent. According to the researcher, other browsers are also vulnerable to the same trick. A bit scary, especially coming on the heels of the bug covered earlier today.

Submission + - ScienceBlogs.com Facing Writer Mutiny over PepsiCo (guardian.co.uk) 2

Submitted by History's Coming To on Thursday July 08, 2010 @04:59PM

History's Coming To writes: Several writers for the ScienceBlogs.com collective have Publicly resigned from the site, and many more have voiced concerns over parent company Seed's decision to include a paid blog under the nutrition category from PepsiCo. The blog is written by PepsiCo food scientists, detailing their work. The UK's Guardian newspaper has picked up on the story, and includes a letter from Seed editor Adam Bly which covers the company's rationale. Troy McClure has been quoted as saying "Now, turn to the next problem. If you have three Pepsis and drink one, how much more refreshed are you? You, the redhead in the Chicago school system?".

Submission + - Skype Encryption Revealed (h-online.com)

Submitted by TSHTF on Thursday July 08, 2010 @04:26PM

TSHTF writes: Just weeks after Skype unveiled a public API for the service, a group of cryptographers led by Sean O'Neill have successfully reverse engineered the encryption used by the Skype protocol. Source code is available under a non-commercial license which details Skype's implementation of the RC4 cipher. Is it just a matter of time now until there is a true open-source Skype client?

Submission + - Open Source Music Fingerprinter C&D'd (google.com)

Submitted by Nushio on Thursday July 08, 2010 @01:59PM

Nushio writes: The code wasn't even released, and yet Roy van Rijn, a Music & Free Software enthusiast received a C&D from Landmark Digital Services, owners of Shazam, an Android application that allows you to find a song, by listening to a part of it. And if that wasn't enough, they want him to take down his blog post (Google Cache) explaining how he did it because it "may be viewed internationally. As a result, [it] may contribute to someone infringing our patents in any part of the world".

Comment What to do when a vulnerability is found? (Score 3, Informative) 105

by TSHTF on Sunday June 27, 2010 @02:55PM (#32710298) Attached to: Security For Open Source Web Projects?

I highly recommend you read the announcing security vulnerabilities section of Producing Open Source Software book. You'll probably want to read the whole thing, however!

Submission + - Do cyber vigilantes make computing world safer? (infoworld.com) 1

Submitted by tsamsoniw on Tuesday June 15, 2010 @06:06PM

tsamsoniw writes: Fed up with companies failing to address security holes fast enough, white hats are turning up the pressure by quickly making the vulnerabilities public. First Goatse Security made public thousands of email addresses of iPad users that it swiped from AT&T's Web site — after AT&T failed to disclose the data theft fast enough. Next a Google security engineer publicized an exploit for Windows XP — which is now being used widely — after deciding Microsoft was moving to slowly to fix the problem. In both cases, the Goatse and the security engineer are claiming they did what they did for the greater good: Though their actions put users at risk, it forces the offending companies to worker faster to fix the problem. Do the ends justify the means?

Submission + - Hackers Exploit Google-Outed Windows XP Zero-Day (computerworld.com)

Submitted by CWmike on Tuesday June 15, 2010 @05:15PM

CWmike writes: A compromised Web site is serving an exploit of the bug in Windows' Help and Support Center, identified by a Google engineer last week, to hijack PCs running Windows XP, said Graham Cluley, a senior technology consultant at antivirus vendor Sophos. Cluley declined to identify the site, saying only that it was dedicated to open-source software. 'It's a classic drive-by attack,' said Cluley. The tactic was one of two that Microsoft said last week were the likely attack avenues. The other: Convincing users to open malicious e-mail messages. The vulnerability was disclosed last Thursday by Google security engineer Tavis Ormandy. Ormandy, who also posted proof-of-concept attack code, defended his decision to reveal the flaw only five days after reporting it to Microsoft — a move that Microsoft and other researchers questioned. Cluley called Ormandy's action 'utterly irresponsible,' and in a blog post asked, 'Tavis Ormandy — are you pleased with yourself?'

Slashdot Top Deals