Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Submission + - How do you prove software testing saves money?

Submitted by cdman52
cdman52 writes: I work at a small software development company. We have one app that is used by a few hundred clients and was initially developed by a few undergrads about 10 years ago. The app is collection of about 25 developers preferences and ideas. Testing wasn't an initial concern since it was created as an internal application, I guess. Anyway, the app is now large and used frequently. Part of my duties are to fix bugs users find, I'm on a team with a few other people and at least once every 2-3 months I see some bug I fixed come back, and I can only assume it's because we don't have a formal test suite. The owner doesn't want to invest time or money in getting one set up, but I'm sure that in the long run it would save time and money.
Can anyone offer suggestions for how to convince the owner that setting up a test suite is in his own best interest?
Security

Twitter Suffers Web Interface Exploit 165

Posted by CmdrTaco from the they-meant-to-tweet-that dept.
HaloZero writes "We're seeing lots of re-tweets on Twitter.com right now, all containing a fragment of JavaScript, which re-tweets itself when moused-over on the Twitter web interface. This could easily be muted into a more sinister attack, so it is recommended that you use a third party client application, or refrain from social media altogether until the problem is resolved."
Bug

Linux X.org Critical Security Flaw Silently Patched 259

Posted by CmdrTaco from the pay-no-attention dept.
eldavojohn writes "On June 17th, the X.org team was notified by Invisible Things Lab of a critical security flaw (PDF) that affected both x86_32 and x86_64 platforms. The flaw deals with escalated privileges of a user process that has access to the X server. The founder of ITL said of the flaw, 'The attack allows a (unpriviliged) user process that has access to the X server (so, any GUI application) to unconditionally escalate to root (but again, it doesn't take advantage of any bug in the X server!). In other words: any GUI application (think e.g. sandboxed PDF viewer), if compromised (e.g. via malicious PDF document) can bypass all the Linux fancy security mechanisms, and escalate to root, and compromise the whole system.' This has apparently been a security flaw since kernel 2.6 was released. From the article, 'On 13 August, Linus Torvalds committed an initial fix, but several patches were added afterward for various reasons. The problem has been addressed in versions 2.6.27.52, 2.6.32.19, 2.6.34.4 and 2.6.35.2 of the kernel.'"

Comment Different kinds of goals (Score 1) 428

by gutoandreollo (#33040232) Attached to: Your Online Education Experience?
If you're paying to get a diploma, then it's going to be boring... even more if you're focusing on the skills you already have, and only need to get the diploma for, say, a work promotion.. That's going to be the same wherever you go, online or brick-and-mortar colleges.. But, if you're goal is to learn more about your field, then you're certainly paying for the wrong thing, and you should look for some training instead of learning..
Privacy

Submission + - Privacy Flaws in Chatroulette Expose Users (itworld.com) 3

Submitted by itwbennett
itwbennett writes: In a paper posted online this week, researchers from the University of Colorado at Boulder and McGill University outline three different types of attacks that could be launched against Chatroulette users. While the new research doesn't expose any gaping privacy holes, it does show how the service could be misused by determined criminals. For example, the researchers were able to use IP-mapping services to get a general idea of user's location (a public Web site, called Chatroulettemap.com already does this). Then by searching Facebook using information obtained in chats and comparing pictures, researchers were able to identify chatters. 'Even in a city as big as Chicago, you can drill down and find the person you're actually talking to,' said Richard Han, an associate professor with the University of Colorado who co-authored the paper.
Security

Submission + - Distributed SSH Brute Force Attack Underway (threatpost.com)

Submitted by Trailrunner7
Trailrunner7 writes: Security experts are warning about a fresh round of attacks against SSH implementations. The attacks are brute-force attempts to authenticate to remote SSH servers, a tactic that has been used quite often in the past in distributed attacks. However, this series of attacks isn't using the password authentication method. Instead, the attackers are attempting to connect to the SSH servers by using the alternative keyboard-interactive authentication method. In the past, many of the large, distributed SSH attacks have used the simpler password authentication method and just run through a given set of potential passwords on a target server hoping to get lucky.
Science

Submission + - US experiment hints at 'multiple God particles' (bbc.co.uk) 1

Submitted by krou
krou writes: Recent results from the Dzero experiment at the Tevatron particle accelerator suggest that those looking for a single Higgs boson particle should, in fact, be looking for five particles, and the data gathered may point to new laws beyond the Standard Model. 'The DZero results showed much more significant "asymmetry" of matter and anti-matter — beyond what could be explained by the Standard Model. Bogdan Dobrescu, Adam Martin and Patrick J Fox from Fermilab say this large asymmetry effect can be accounted for by the existence of multiple Higgs bosons. They say the data point to five Higgs bosons with similar masses but different electric charges. Three would have a neutral charge and one each would have a negative and positive electric charge. This is known as the two-Higgs doublet model.'

Submission + - Geek wedding ring? 13

Submitted by RoadNotTaken
RoadNotTaken writes: Dear Slashdot,
I finally bit the bullet and decided to get married. My fiance and I are looking for wedding rings and I find myself disappointed that they have so-few features. Are there any geeky rings out there that can do something useful? I'm thinking USB or RFID but am open to suggestions. There has to be SOMETHING good you can do with a chunk of metal on your finger...
Desktops (Apple)

Submission + - Mac OS X Left Out of New Gaming Releases No More? (neosmart.net) 1

Submitted by
An anonymous reader writes: NeoSmart Technologies has drafted up a list of the top upcoming games for OS X over the course of the next year or so. Topping the list are some releases from big names in the gaming industry, such as Blizzard, id Software, and Valve. Perhaps most interesting is the fact that these games are being slated for simultaneous release on both Windows and Mac — something that almost never happens.
Science

Submission + - 7.7 earthquake hits Indian Ocean (usgs.gov)

Submitted by Cyberherbalist
Cyberherbalist writes: A strong earthquake, initially reported of magnitude 7.7, has hit the Indian Ocean near the Nicobar Islands. Local time of the quake was about 1:26 AM. No word as yet as to any tsunamis generated by the quake. The epicenter is 150km or 95mi west of Mohean in the Nicobar Islands. The quake depth is 35km. No word as to casualties or damage.
The Internet

Submission + - When will the Automotive Internet arrive? (mobilesynergetics.com)

Submitted by __aajbyc7391
__aajbyc7391 writes: European researchers are developing a cooperative traffic system, known CVIS (Cooperative Vehicle-Infrastructure Systems), comprised of vehicle-, roadside-, and central infrastructure-based communications hardware and software, including vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) wireless. Among other capabilities, cars communicate with each other and with 'smart traffic signals' to smooth the flow of traffic and avoid accidents, or with 'smart traffic signs' to avoid dangerous driving conditions. The CVIS project is in the midst of undergoing field trials in Europe, and Audio has recently deployed 15 test vehicles in a similar project. The ambitious vision of intelligent transportation systems (ITS) includes goals such as reduced traffic congestion and fuel consumption, enhanced safety, and improved driver and passenger comfort. Ultimately, the developers envision a sort of Automotive Internet.
Media

Submission + - Goodbye, freshmeat, we're going to miss you (devx.com)

Submitted by Roblimo
Roblimo writes: Geek.net, the parent company of SourceForge.net, Slashdot.org, ThinkGeek.com, Geek.com, freshmeat.net, and ohloh.net, has told employees that it will be closing freshmeat.net and ohloh.net. This information has not yet been released to the public, but we've heard it from more than one Geek.net employee. The company also reportedly laid off 25% of its staff this week. After the story was posted at devx.com, a Geek.net Vice President emailed this response to its author: 'If you're asking whether or not the sites are for sale, the answer is no. However, we are looking to create better ways for our community to interact with the information on these sites, likely through SourceForge.'
Robotics

Submission + - Bionic-Eyed Man Wants To Stream Eye Video Online (ieee.org)

Submitted by Anonymous Coward
An anonymous reader writes: According to this IEEE article (http://spectrum.ieee.org/automaton/biomedical/bionics/061110-eyeborg-bionic-eye), Canadian filmmaker Rob Spence, who calls himself Eyeborg because he replaced his false right eye with a bionic one (http://hardware.slashdot.org/article.pl?sid=09/03/06/2344220), is showing off his latest prototype. The new bionic eye contains a battery-powered, wireless video camera that can transmit low-res feed to a nearby receiver. Now Spence plans to share his 'vision' online, literally. According to the IEEE article, "soon people will be able to log on to his video feed and view the world through his right eye."

Slashdot Top Deals

"A car is just a big purse on wheels." -- Johanna Reynolds

Close