writermike - Slashdot User

Submission + - SPAM: Chinese mistakenly released unpatched IE7 exploit

Submitted by alphadogg on Thursday December 11, 2008 @10:03AM

alphadogg writes: Chinese security researchers mistakenly released the code needed to hack a PC by exploiting an unpatched vulnerability in Microsoft's Internet Explorer 7 browser, potentially putting millions of computer users at risk — but it appears some hackers already knew how to exploit the flaw. At one point, the code was traded for as much as US$15,000 on the underground criminal markets, according to iDefense, the computer security branch of VeriSign, citing a blog post from the Chinese team.
Link to Original Source

Submission + - Chandler PIM reaches 1.0, loses financial support (chandlerproject.org)

Submitted by TuringTest on Tuesday December 09, 2008 @12:10PM

TuringTest writes: I was surprised to learn that Chandler, the open-source Personal Information Manager (covered on Slashdot after releasing some stable versions), has silently reached its 1.0 milestone this summer only to (or maybe because of) having its financial support removed at the end of 2008. Chandler inherits organization concepts from Lotus Agenda and is a brainchild of Mitch Kapor (of Firefox, EFF and Lotus fame). It shares an approach to unified information representation with recent PIMs like MIT's Haystack and KDE's Nepomuk. What happened to the persistent universal data storage that object-oriented desktops and metadata filesystems were never able to provide? Did it finally arrive as a userland application, and nobody cared?

Submission + - Diamond Giant Tries To Force Spoof Ad Offline (computerworld.com)

Submitted by

CWmike

on Friday December 05, 2008 @03:26PM

CWmike writes: "A provision in the Communications Decency Act protects domain name registrars and hosting providers from being held legally liable in most cases for the content clients post on their sites. But that hasn't stopped some companies from trying to pressure Internet intermediaries into disabling sites that contain what they consider to be objectionable material. The most recent example involves diamond conglomerate De Beers, which is trying to get registrar Joker.com to take down a spoof New York Times site that includes a satirical De Beers ad saying that diamond purchases would enable De Beers 'to donate a prosthetic for an African whose hand was lost in diamond conflicts.'"

PETA Using Games To Spread Its Message 477

Posted by Soulskill on Monday November 24, 2008 @10:45PM from the looking-for-a-new-audience-to-harass dept.

Cooking Mama is a series of games for the Wii and the DS in which players go through a number of steps to prepare meals using a variety of recipes. Last week, People for the Ethical Treatment of Animals (PETA) created their own Flash-based parody of the game, highlighting the use of meat products by having a more bloody-minded Mama do things like pull the internal organs from a Thanksgiving turkey. Cooking Mama's maker, Majesco, issued a light-hearted response, pointing out the vegetarian meals in the game. PETA then said they plan to continue making parody games as a way of "engaging the public."

Submission + - Hacker Could Keep Money from Insider Trading

Submitted by

Reservoir Hill

on Saturday February 16, 2008 @06:59PM

Reservoir Hill writes: "On Oct. 17, 2007, someone hacked into a computer system at IMS Health. A few minutes later Oleksandr Dorozhko, a Ukrainian resident, invested $41,671 in put options that would expire worthless three days later unless IMS shares plunged. The next morning IMS announced earnings and the share price did plunge, making $296,456 for Dorozhko by selling the puts. "Dorozhko's alleged 'stealing and trading' or 'hacking and trading' does not amount to a violation" of securities laws, Judge Naomi Reice Buchwald ruled last month. Although Dorozhko may have broken laws by stealing the information, "Dorozhko did not breach any fiduciary or similar duty 'in connection with' the purchase or sale of a security" and she ordered the SEC to let him have his profits. Through a strange anomaly in American securities laws a person who legally obtains insider information and trades on the basis of that information is breaking the law, while someone who illegally gets their hands on such information may not have violated the securities laws by trading on it. If her opinion stands, it will be very hard for the SEC to go after hackers in the future. The judge herself appreciated the absurdity of the situation, and expressed disappointment that the Justice Department had not brought criminal charges for computer hacking."

Submission + - Apple fails to deal with change to NZ DST

Submitted by NTDaley on Sunday September 30, 2007 @05:41PM

NTDaley writes: Debian may not have pushed their update for the NZ daylight savings change, but Apple has failed to deal with it at all. Their website instructs users to change the time manually, which is obviously inadequate for people who have to administer a large group of computers, or who need to have accurate times for other timezones. Fortunately a third party has created a fix for the problem.

Submission + - Sputnik at 50: An improvised triumph (yahoo.com)

Submitted by

caffiend666

on Sunday September 30, 2007 @02:39PM

caffiend666 writes: "According to an AP News article, "When Sputnik took off 50 years ago, the world gazed at the heavens in awe and apprehension, watching what seemed like the unveiling of a sustained Soviet effort to conquer space and score a stunning Cold War triumph. But 50 years later, it emerges that the momentous launch was far from being part of a well-planned strategy to demonstrate communist superiority over the West." "At that moment we couldn't fully understand what we had done," Chertok recalled. "We felt ecstatic about it only later, when the entire world ran amok. Only four or five days later did we realize that it was a turning point in the history of civilization." "And that winking light that crowds around the globe gathered to watch in the night sky? Not Sputnik at all, as it turns out, but just the second stage of its booster rocket...""

Submission + - CA Sec of State Decertifies Voting Machines (ca.gov)

Submitted by Anonymous Coward on Saturday August 04, 2007 @09:29AM

An anonymous reader writes: Check it — the California Secretary of State has withdrawn certification of four types of voting machines in the state. http://sos.ca.gov/elections/elections_vsr.htm

Submission + - Anyone still in the "just use root not sudo

Submitted by Anonymous Coward on Saturday August 04, 2007 @08:37AM

An anonymous reader writes: Some time ago, I saw some decent arguments in favor of just using a root account only on certain machines, not going for sudo and individual admin accounts. It may have been on an old OpenBSD mailing list. I can't find it now but it made me wonder, given the current landscape of SOX, ITIL, etc and the continuing misdirection by upper management, politician and consulting firms that the answer to corporate malfeasance and poor performance is in CCTV and keystroke monitoring of low level employees, is anyone still using and/or willing to admit to using root only? sudosh seems to be an interesting option, I've tried it and if it was a little more up to date, it appears to have some better logging features than other FOSS options for root level task logging.

Anonymous because I don't want to be torn to shreds by enthusiastic sudoers.

Submission + - Microsoft can evade GPL 3 ..

Submitted by

rs232

on Saturday August 04, 2007 @08:31AM

rs232 writes: ""Microsoft should be able to extricate itself from the implications of the new GPL 3, according to a leading Australian intellectual property lawyer"

"Unless there is something more specific in the certificate or the collaboration agreement between Novell and Microsoft, I would be very surprised to see this upheld. It was a nice try on the part of (the FSF), but at this stage, I'd say it's not going to be an effective strategy. It will be tough to hold up in court."

'In this case, she said, Microsoft never acted — never 'entered' into the agreement, and the terms and conditions can only apply to new actions by Microsoft, not older ones. She said: "Their actions so far are not enough to say that they are bound."'

http://software.silicon.com/os/0,39024651,39167957 ,00.htm"

Submission + - Wi-Fi network and GIS prove critical in coping wit

Submitted by

e5rebel

on Saturday August 04, 2007 @08:22AM

e5rebel writes: "A partially completed, two-month old Wi-Fi network in Minneapolis has proved vital in the city's response to this week's collapse of its most important bridge.... Nice to see the work that IT professionals do really making a difference for a change. http://www.computerworlduk.com/management/security /disaster-recovery/news/index.cfm?newsid=4397"

Submission + - Judge Lets RIAA Subpoena Defendant's Employer

Submitted by

NewYorkCountryLawyer

on Saturday August 04, 2007 @08:19AM

NewYorkCountryLawyer writes: "A judge has ruled that the RIAA can subpoena the defendant's employer in a case pending in Manhattan federal court, Atlantic v. Shutovsky. The judge's order (pdf) contained eight (8) separate rulings deciding 19 pages of discovery disputes (pdf), resolving virtually all of them in favor of the RIAA."

Submission + - Automatix Activly Dangerous to Ubuntu

Submitted by exeme on Saturday August 04, 2007 @06:21AM

exeme writes: Ubuntu developer Matthew Garrett has recently analysed famed Ubuntu illegal software installer Automatix and found it to be actively dangerous to Ubuntu desktop systems. In a detailed report which only took Garrett a couple of hours he found many serious, show-stopper bugs and concluded that Ubuntu could not officially support Automatix in its current state. Garrett also goes on to say that simple Debian packages could provide all of the functionality of Automatix without any of the problems it exhibits.

Submission + - cluster of dsPIC microcontrollers

Submitted by

Peter Jansen

on Monday March 12, 2007 @04:12PM

Peter Jansen writes: "I'm not sure if this is the type of story you usually cover, but I thought I'd mention a project I'm working on — a cluster of dsPIC microcontrollers. The prototype board is complete and I'm currently working on the software component. The board has space for up to 10 dsPIC microcontrollers which include hardware multipliers and can run at speeds up to 30 MIPS. The processors communicate using an I2C bus connected to an Imsys SNAP small Java-powered board computer, which also provides storage and a 10/100mbit ethernet interface."

Submission + - Top 5 open source security tools in the enterprise

Submitted by Anonymous Coward on Monday March 12, 2007 @04:02PM

An anonymous reader writes: From LinuxWorld: "With thousands of open source security packages available, choices can be confusing. Here's the short list of tools that are getting real-world successful deployments...". According to their list, the best tools are OSSEC, Snort, Bro, Nagios and Nessus.

Slashdot Top Deals