Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Mozilla

Submission + - Mozilla patches Firefox 4, fixes coding bungle (computerworld.com)

Submitted by
CWmike
CWmike writes: "Mozilla patched Firefox 4 for the first time on Thursday, fixing eight flaws, including a major programming oversight that left the browser as vulnerable to attack on Windows 7 as on the 10-year-old Windows XP.The company also plugged 15 holes in the still-supported Firefox 3.6, and issued its last security update for Firefox 3, which debuted in mid-2008. The most important of the bugs: a programming lapse that left Firefox 4 open to less-sophisticated attacks. 'The WebGLES libraries in the Windows version of Firefox were compiled without ASLR protection,' stated the advisory labeled MSFA 2011-17. 'An attacker who found an exploitable memory corruption flaw could then use these libraries to bypass ASLR on Windows Vista and Windows 7, making the flaw as exploitable on those platforms as it would be on Windows XP or other platforms.'"
AI

Submission + - Ball catching robot,80% accuracy in 5 milliseconds (physorg.com)

Submitted by
fysdt
fysdt writes: "DLR, an aerospace agency based in German, has modified its flagship robot, known as the Rollin’ Justin, in order to make it into a lean, mean, catching machine. The Rollin’ Justin's modifications allow the machine to catch balls that are thrown in its direction with an accuracy rate of about 80%. The Rollin’ Justin's robots accuracy rating is better than the average uncoordinated human. It is certainly better than this reporters accuracy rate. It is not as good as say, a Major League Baseball player, but then again most of us cannot say that we are as good as the pros either. Considering they also have near unlimited stamina, at least until the battery runs out, it may be a great partner for the standard game of catch, or for the position behind the batter."
Encryption

Submission + - PGP WDE issue with Sandy Bridge IGP

Submitted by Anonymous Coward
An anonymous reader writes: Symantec PGP Whole Disk Encryption (WDE) appears to be incompatible with the Intel Sandy Bridge IGP.

Those systems with IGP & discrete video have a workaround if the IGP can be disabled.

The issue presents itself after encryption and a reboot afterward. The bootloader starts to come up but has video corruption and then when it tries to load the passphrase prompt the system hangs. Disabling the IGP (e.g., in a Dell Latitude E6520 one turns off Optimus in the BIOS so it runs solely on the Nvidia discrete card).

Symantec is completely silent on the issue.

Here are 2 Symantec forum threads with many users fruitlessly discussing the issue (note that the first one discusses 2 issues — the other being an apparent incompatibility with AF drives and/or SSDs):

https://www-secure.symantec.com/connect/forums/sandy-bridge-macs-unable-boot-after-encrypting-pgp-1011#comment-5502001

https://www-secure.symantec.com/connect/forums/pgp-wde-boot-screen-bypassed-and-cannot-authenticate-windows-7-pro#comment-form

ps — I tried to tag this up but it only has "it" on it :-(
Crime

Submission + - Hackers Tried To Sell Credit Card Data To Sony (ibtimes.com)

Submitted by RedEaredSlider
RedEaredSlider writes: Several media outlets reported today that the PSN hackers have begun advertising their exploits on online forums. Looking to sell the information, which also includes customer names, passwords, and addresses, the hackers have priced the credit card database at $100,000 for 2.2 million credit card numbers, or about 4.5 cents for each one. There is even some evidence the hackers tried selling the credit card numbers back to Sony, though a company spokesperson denies it.
Microsoft

Submission + - Binary Compatibility and versioning

Submitted by Wolfling1
Wolfling1 writes: Binary compatibility is a common problem when there are multiple versions of a library. This is particularly topical given the mess Microsoft made of ADO with the recent release of Win7SP1. I have some opinions about how version numbering should be used to ensure consistent interfaces, but I am curious to read /.'s opinion on how libraries should be deployed to prevent unwanted backwards/forwards compatibility issues.

Comment Re:Retaliation? (Score 4, Interesting) 132

by Ancantus (#35957204) Attached to: Does China's Cyber Offense Obscure Woeful Defense?

TFA answers your question:

A lot of what is running in China is developed in-house by Chinese firms. They're not using Western products or open source platforms, because they don't trust them or they're worried that someone might put a back door into them.

So they are rebuilding from the ground up without taking advice from other people who have tried it. Eliminates back doors (unless your own coders are putting them in) but it seems the front door is wide open...

Comment Re:Questions. (Score 1) 481

by Ancantus (#35793358) Attached to: FBI Releases Document Confirming Roswell UFO

...but I was still frequently shocked at the level of ignorance and near complete lack of intellectual curiosity some people displayed after years in the US educational system.

I am usually surprised that intellectual curiosity survives after years in the US educational system.

Comment Re:What do the kids get out of it? (Score 1) 56

by Ancantus (#35761722) Attached to: 92,000 LEGO Robots To Take Over Peruvian Schools Alongside OLPC

I can vouch that these programs will help. I started programming the old RCX Lego Robots back when I was in elementary(ish) school. They are a great tool for introducing many beginning engineering concepts for mechanical and programming. There is a program in the USA(and other countries) called FLL or FIRST which puts on competitions with these robots for elementary/junior high school kids, and it was really one of the reasons I got into computer programming. I would love to see more of these educational engineering introduction programs, they make engineering a whole lot more fun than sitting in a classroom.

Will any of these kids use the programming language when their adults? No. But they will use loops, if statements, variables. And the earlier people are exposed to these simple programing concepts, the easier time they will have with learning more conventional languages.

Comment Re:Oh, Sir. Branson (Score 1) 122

by Ancantus (#35749880) Attached to: Richard Branson Announces Virgin Oceanic Submarine

I sent a bug report to them the on the slashcode site although I don't know if it took.

It seems the problem (which I think started a month ago) happens when your comment is replying to a comment that is 'minimized'. To click on links (or highlight text) within these buggy comments you have to keep clicking repeatedly on the persons comment, which maximizes each of its parent comments. Only when all parent comments are maximized does the Score show, and you can click/highlight the comment text with ease.

If your know of a place to submit a bug report that the slashdot people will listen, please tell cause I have been fed up with that bug for too long.

Comment Re:Oh joy (Score 2) 104

by Ancantus (#35688020) Attached to: Google Gmail Motion Beta

Ahh, lighten up. Its one day that the whole world decides to be a little more silly. People are being creative, corny, and just having a good laugh. If anything its a nice stress release!

Slashdot Top Deals

The only possible interpretation of any research whatever in the `social sciences' is: some do, some don't. -- Ernest Rutherford

Close