Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security

Submission + - Is there a zero-day OpenSSH exploit in the wild? (dshield.org)

Submitted by eefsee
eefsee writes: sans.org reports 'Over the past 24 hours we've had a number of readers tell us that there is an OpenSSH exploit in active use.' It is not clear if this is a real exploit or sysadmin CYA masquerading as exploit, but some web hosts have already turned of SSH in response. On 7/5 HostGator shut down SSH on all its shared servers. Site5 did the same thing the next day. The loss of SSH, of course, kills SFTP on these hosts as well, forcing customers to fall back on FTP. Now that is security!
The Courts

Submission + - RIAA's Bid to Stop Jammie From Objecting Fails (blogspot.com)

Submitted by
NewYorkCountryLawyer
NewYorkCountryLawyer writes: "The RIAA's motion to prevent Jammie Thomas-Rasset from objecting to evidentiary problems with the RIAA's copyright registrations has been denied. The decision by Judge Michael J. Davis (PDF) held that 'The Court's Order granting a new trial in this matter granted an entirely new trial on all issues. The fact that Defendant did not object to Plaintiffs' evidence of registration in the First Trial does not preclude Defendant from putting Plaintiffs to their burden of proof on this issue in the retrial.' Judge Davis rejected the RIAA's contention that he could take 'judicial notice' of the validity of the registrations, since 'judicial notice' doctrine is only applicable to matters which are 'not subject to reasonable dispute'."
Medicine

Cola Consumption Can Lead To Muscle Problems 420

Posted by timothy from the but-your-lifting-arm's-doing-fine dept.
wjousts writes "As I'm sure many Slashdot readers live almost exclusively on cola drinks, a new warning from doctors: 'Doctors have issued a warning about excessive cola consumption after noticing an increase in the number of patients suffering from muscle problems, according to the June issue of IJCP, the International Journal of Clinical Practice. ... 'Evidence is increasing to suggest that excessive cola consumption can also lead to hypokalaemia, in which the blood potassium levels fall, causing an adverse effect on vital muscle functions.' And sorry, diet colas aren't any better."

Comment Re:economics as usual (Score 2, Informative) 266

by davburns (#27781415) Attached to: ARIN Letter Says Two More Years of IPv4
No, the problem is that we really do need more address space. IP addresses include identification information and network topology information. We really do have almost that many computers, and almost that complex of topology.

Forcing the holders of large legacy allocations to give them up would hurt more than moving to IPv6, and it'd only get us a few more years of IPv4 growth. Opening up the class-E space would also hurt more than moving to IPv6, and still only give us a few more years.

NAT effectively adds 16 more bits to the address, but does so on a per-connection basis, not a per-node basis. It requires the network to be stateful, instead of just passing packets while the end hosts carry all the state. (This means that the end hosts can't just route around problems.) NAT is messy, but it happens to work because it can steal some bits of TCP or UDP to make up for not having enough in the IP header.

IPv6 adds way more address space than anyone can think of a use for. So it can encode a lot of information about the node's position in the network, plus keep an address unique for (practically) ever.

Comment Re:Old Tech Costs? (Score 1) 204

by davburns (#27778185) Attached to: What Kind of Data Center Can You Build With $500M?

Was it cheaper when they did it all with paper files?

Yes, but mostly because there were a lot fewer people back then. (Remember, that even sorting is O(N log N) -- and you have to do that to get the right papers in the right files. I would guess that there needs to be lots of O(N^2) operations to catch fraud. 300,000 Americans is a big N.

Comment opt-in (Score 1) 233

by davburns (#27350705) Attached to: Google Engineers Say IPv6 Is Easy, Not Expensive

Google does publish ipv6.google.com. And if you have classic (not ig) selected, you get an extra-fancy dancing Google logo to let you know you made it to the IPv6 version of Google.

But if you want to use their regular services, they just redirect you to plain old boring www.google.com. So it's nice that Google spent 20% of a lot of time on this, but it's not available to ordinary IPv6 connected users. I guess that's better than slashdot. (ipv6.slashdot.org has an A, but no AAAA records!)

Of course, if you want to add some entries to your ipnodes table, you can get the rest of the Google services to work for you over IPv6 and then your gmail will be extra-cool like mine.
Space

Tickets On Sale In Sweden For Space Tourism, Starting In 2012 66

Posted by timothy from the would-rather-have-a-condo-and-the-dvd dept.
think_nix writes "The local.se is reporting that, for around 200,000 USD, tickets for eager space tourists looking for that outer space adventure will be purchasable from the Sweden's Ice Hotel in Kiruna. The flights are planned to be run by Virgin Galactic, also allowing flights to be taken from New Mexico. The article further states that already around 300 tickets have been purchased."

Comment Re:So... (Score 1) 217

by davburns (#27250425) Attached to: Google's Information On DMCA Takedown Abuse

The DMCA notices I've seen only swear to be authorized to act on the copyright owner's behalf, and/or that there is an exclusive license which the alleged file sharer doesn't have. The details about IP addresses, protocols, and timestamps are (at best) represented as a "good faith belief." It's never been clear to me if those sending the notices are making any claim that the

Do you have a reference for your claim that the entire notice must be filed under penalty of perjury? I have some that are completely implausible, and others that for which I have some doubt. If this were indeed perjury, that would probably be interesting to lawyers defending clients from similar evidence.
Google

EPIC Urges FTC To Investigate Google Services 111

Posted by Soulskill from the might-as-well-set-up-shop-at-the-googleplex dept.
snydeq writes "The Electronic Privacy Information Center filed a 15-page complaint asking the FTC to force Google to stop offering online services that collect data until the presence of adequate privacy safeguards is verified. The EPIC also wants Google to disclose all data loss or breach incidents, citing several incidents where data held by Google was at risk, the most recent of which occurred earlier this month with its Google Docs. The EPIC complaint [PDF] also listed other security flaws in Gmail and Google Desktop, a desktop indexing program, and urged Google to donate $5 million to a public fund that will support research into technologies such as encryption, data anonymization and mobile location privacy." EPIC has raised privacy concerns about Google before, and about Windows XP as well.
Image

Robot Love Goes Bad Screenshot-sm 101

Posted by samzenpus from the become-my-robot-bride dept.
hundredrabh writes "Ever had a super needy girlfriend that demanded all your love and attention and would freak whenever you would leave her alone? Irritating, right? Now imagine the same situation, only with an asexual third-generation humanoid robot with 100kg arms. Such was the torture subjected upon Japanese researchers recently when their most advanced robot, capable of simulating human emotions, ditched its puppy love programming and switched over into stalker mode. Eventually the researchers had to decommission the robot, with a hope of bringing it back to life again."

Comment Whatever window is open... (Score 1) 776

by davburns (#27124285) Attached to: Favorite on-screen calculator?

I use whatever window is open, and that's generally a lot of them. pgsl is very good at dates, but one can select almost anything you really need, too. bc -l works from almost any shell. google is smart enough for easy stuff.

Of course, someone will probably say they just PM CowboyNeal in IRC, but I actually prefer to do the easier calculations myself.

Comment Re:hydrogen cars (Score 1) 769

by davburns (#27096463) Attached to: GM Cornered Into Defending the Volt

Since hydrogen has, at a theoretical best, a 1.0 eROI, it should never be considered an energy source.

Modern batteries (or even flywheels) are better at storing energy than stored hydrogen. The electric grids transmit energy more efficiently than hydrogen can be transported (except to exotic places where installing power lines is difficult. Like on a launching space shuttle.)
Security

Google NativeClient Security Contest 175

Posted by kdawson from the insert-favorite-salt-pun-here dept.
An anonymous reader writes "You may remember Google's NativeClient project, discussed here last December. Don't be fooled into calling this ActiveX 2.0 — rather than a model of trust and authentication, NaCl is designed to make dangerous code impossible by enforcing a set of a rules at load time that guarantee hostile code simply cannot execute (PDF). NaCl is still in heavy development, but the developers want to encourage low-level security experts to take a look at their design and code. To this end Google has opened the NativeClient Security Contest, and will award prizes topping out at $2^13 to top bug submitters. If you're familiar with low level security, memory segmentation, accurate disassembly of hostile code, code alignment, and related topics, do take a look. Mac, Linux, and Windows are all supported."

Slashdot Top Deals

8 Catfish = 1 Octo-puss

Close