Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Comment Re:T-Mobile's tech support didn't get the memo. (Score 2, Funny) 361

by Krizdo4 (#27426807) Attached to: Google Bans Tethering App From Android Market

Oookay, if T-Mobile bans tethering their phones, why have they helped me and my mom seperately to configure their phones to tether over bluetooth to our laptops? Hell, I'm running Linux, that didn't even phase them, they still helped me find the command-strings I needed!

Tech support that helped with Linux settings? Wow, that's actually kind of cool.

Comment Re:Needs more detail (Score 2, Informative) 272

by Krizdo4 (#27306527) Attached to: Botnet Worm Targets DSL Modems and Routers

Ok, TFA states

Get a shell on the vulnerable device (methods vary).

How will this supposed worm manage to login to the box? Brute force? Properly configured Linux will block login attempts for quite a while after several failures. SSH? Can't be compromised within a reasonable time. Telnet? Not supported on all routers I know.

The article doesn't go into the essential details, so I call FUD until proven otherwise.

From the article:

any linux mipsel routing device that has the router administration interface or sshd or telnetd in a DMZ, which has weak username/passwords (including openwrt/dd-wrt devices).

Telnet is used at least on OpenWRT after you first flash it but before you set a root password.

No consumer router I've used blocked repeated failed password attempts be default.

A bug in the web interface for the default Linksys allowed people to load the OpenWrt by sending shell commands to turn on boot wait. Just do the same but insert malicious shell code instead with the default password.

Comment Re:Tomato (Score 4, Informative) 272

by Krizdo4 (#27306245) Attached to: Botnet Worm Targets DSL Modems and Routers

Glad I recently switched my router to Tomato. Works better than DD-WRT, too.

Why does this article make you glad you switched?
The same thing that makes OpenWRT/DD-WRT vulnerable seems to be part of Tomato.

FTFA
"any linux mipsel routing device that has the router administration interface or sshd or telnetd in a DMZ, which has weak username/passwords (including openwrt/dd-wrt devices)."

From Tomato Features list:
"CLI (using BusyBox) with access via TELNET or SSH (using Dropbear)"
Networking

Microsoft Working For Samba Interoperability 221

Posted by CmdrTaco from the this'll-end-well dept.
JP writes "Andrew Bartlett of Samba fame has written a document describing their recent collaboration with Microsoft's Active Directory team. In brief, it would seem that the sky is falling, as Microsoft's engineers seem to be really committed to making Samba fully interoperable with AD. They have organized interoperability fests and have knowledgeable engineers answering technical questions without legal or marketing drones getting in the way. However according to Andrew the Samba AD team is currently very short on manpower, so if you have network experience, now is the time to get coding."
Security

Submission + - Contractor Caught Red-Handed (livejournal.com) 1

Submitted by zifferent
zifferent writes: While at work I often have a ssh opened into my home computer so that I can check my email. On this day I had a contractor working on my floor while I was out. I also happened to be tunneling a VNC session when I noticed in my taskbar CPU monitoring tool was pegged. It turns out that firefox was chewing on 98% CPU resources. It's not odd that Firefox would be left running on my home desktop so I killed it, and went back to whatever else I happened to be doing. Well after a bit more of work. I notice firefox back at the top of my top list. So I thought to myself, maybe there is more than one window running. So I killed that process. And two more promptly took it's place. Eventually, I shut down X-Windows and called his home office. Unfortunately he denied everything making me look a bit like a fool. As it stands right now it's this guy's word against mine.
I know I have the shutdown log and the browser history, is there anything else I can do to pin my accusations to this creep? (I run Ubuntu.)
Security

Submission + - Hard drive snafu has NBA star suing, fuming

Submitted by
coondoggie
coondoggie writes: "All basketball player Bruce Bowen wanted was his hard drive fixed. What he got apparently is an invasion of privacy and a big mess. The Smoking Gun Website says the San Antonio Spurs forward hired a Texas company to fix but instead the repair company removed the machine's hard drive and sold the item — which contained confidential personal and financial information — to another customer. Bowen is now seeking over $2 million in damages from Computer Nerdz, the San Antonio company used to repair his Gateway computer. http://www.networkworld.com/community3/?q=node/147 53"
Microsoft

Submission + - Windows Genuine Adavantage hit me again!

Submitted by
An anonymous reader writes: I have been hit again by the Windows Genuine Advantage telling a customer that "I pirated Microsoft's software and sold it to them". Regardless of what the WGA actually tells them, This is how the phone calls start off when someone is told that by Microsoft's applet. Unlike all the other times were calling the WGA support line fixed the problem with an issue of a $85 per hour support call I had to eat, this last time was different. It was a computer built two and a half years ago which is well out of warranty and it hasn't had one problem with WGA until a few weeks ago.

After talking to the support people, they just told me because it was an OEM version they wouldn't do anything. They told me to goto the OEM and when I said I was the OEM they directly told me I should have used legit software. I got the customer on the phone who is the director of a county government department and they told him his only options were to spend $149.00 for the WGA fix it kit. He said I have the CD in hand with all the holograms, the sticker with the product key and even the cellophane that wraps around it with the Microsoft logos and all, they told him he should have bought it from a reputable dealer and went back to the "you can purchase the copy from Microsoft for $149" but this time talking about a Vista upgrade and a government contract.

The strange thing is that I cannot find the link to the webpage with the little letters saying your copy of XP failed validation and and big letters saying "fix this problem buy buying a legit copy of windows for $149" with links to various Vista upgrades that the WGA failure thing takes us to. When I copy the address and open it on another computer, it seems to fail to load. Without the computer Microsoft claims it pirated pushing you there in the first place, It cannot seem to find it. But there is little information outside how to buy a new copy of windows. You cannot even find a support number to call from this same page, You have to search around the pages to find it.

But you see, I got out of the Microsoft OEM program and purchase all my software from another OEM provider listed from Microsoft's website. I have talked to them and they claim if they can find their invoice for it, they will replace the product key. My beef isn't with them, they are bending over backward trying to help. The beef is with Microsoft and after 2 and a half years of flawless operation, flat out telling my customer that I was selling pirated software to them and they should look at for a more reputable vendor. Everything from the start was insulting My integrity and they ever recommended going with a dell or HP because these problems can be resolved easier with them.

I'm in Ohio, I have already spoke unofficially with one of the county prosecutors, My question is, has this happened to others? Were your customers left thinking they made a mistake by using you and buying your equipment instead of going with Dell and some large Microsoft approved consulting company? Isn't the way they are presenting this as stolen software with no way to make it correct slandering our good names? and shouldn't it be considered as unfair or deceptive business practices? After all, it isn't the operating system saying it is pirated, it is some addon program Microsoft installs under the guise of a security update. It does call into question your integrity and them offers to allow the customer to buy a legit copy directly from them afterwards.

I have noticed that people are already have lawsuits over the spyware issues associated with WGA. What do you think about the merits of a slander and liable claim for the damage the WGA does when incorrectly identifying software? How about the way Microsoft tells people their copy is fake and then offers a place to buy the software directly from them after making some statements about how you already obtained fake software. I see some issues here and hope to either get other motivated to starting a class action lawsuit as well as seeing what other standing can be gained from this. I'm a little pissed about the situation and I'm sick of having to reassure people they received a legal copy of windows, even when they come to me talking about one of the other mom and pop shops in town were I know that they sell legit software with their computers too. Microsoft already gives a huge discount to big OEMs and now they are trying to ruin the integrity and reputation of anyone competing with them. Something needs to be done and public pressure doesn't seem to be working with Microsoft.

Slashdot Top Deals

The optimum committee has no members. -- Norman Augustine

Close