Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×

Submission + - Ask Slashdot: Would you wear a "vibrating tattoo?" (wsj.com)

Submitted by
EliSowash
EliSowash writes: "Nokia is proposing “a material attachable to skin, the material capable of detecting a magnetic field and transferring a perceivable stimulus to the skin, wherein the perceivable stimulus relates to the magnetic field.” The material would react to magnetic signals emitted by a nearby electronic device, such as a smartphone, and that magnetic field would interact with the tattoo, causing it to vibrate.

Sounds to me like more of a 'patch' than a 'tattoo' but that's the language they used in the patent and not really the point.

So...would you? Are you so connected that you'd attach a notifier directly to you? And (dare I ask) just where would you put it??"
Microsoft

Submission + - Web SSO contains big flaws, reseach says (darkreading.com)

Submitted by
EliSowash
EliSowash writes: "As more and more organizations tap into single sign-on (SSO) schemes through Web services providers such as Google and Facebook, new research suggests that they must better plan how they implement SSO APIs lest they leave users open to attack. New findings by Microsoft Research found troubling logic flaws in SSO for
Facebook , Google , PayPal , and other Web services that threaten a large number of users online.

According to the report (PDF), many of the problems associated with spotting flaws in Web services SSO implementations are a result of individual developer's idiosyncratic methods of integrating the APIs, SDKs, and sample code offered up by identity providers. In particular, the report noted that developers of today's Web SSO systems fail to fully lock down the process of token exchange in order to protect and verify the token from malicious adversaries."

Comment Re:How important is this? (Score 5, Informative) 128

by EliSowash (#39378129) Attached to: RDP Proof-of-Concept Exploit Triggers Blue Screen of Death

That really mitigates that risk.

I question your definition of 'mitigates' sir. You are describing systems that are not vulnerable to this particular exploit. If you're infrastucture runs on Linux or Mac or oranges with electrodes sticking out of them, you havn't mitigated dick. You just aren't vulnerable.
Security

Submission + - Wordpress Malware Injection affecting 200,000 web pages (websense.com)

Submitted by
EliSowash
EliSowash writes: "Researchers at Websense have detected a widespread rogue antivirus campaign targeting more than 200,000 Webpages and close to 30,000 unique Web hosts. The attack uses HTML injection to infect a massive number of Websites with various versions of WordPress installed. When a victim visits one of the infected sites, he or she is redirected to a site hosting rogue antivirus. After a three-level redirection chain, victims land on a fake AV site, which executes a variant of FakeAlert."

Comment Re:The Worlds Most Valuable Company (Score 1) 307

by EliSowash (#39235059) Attached to: How Steve Jobs Patent-Trolled Bill Gates
But makes so many products [you] WANT. A laptop's a laptop, and an MP3 player's an MP3 player, and a smartphone's a smartphone, but the macbook and ipod and iphone are sexy. I will say, I appreciate apple's whole approach. 'Windows' is a platform, on which to assemble the tool you want for the job. Be it gaming, productivity, etc. It's utilitarian. Linux is a development environment, where the capable user 'builds' the tool they want. Kinda lump Droid into this catagory. MacOS, is ... enclosed. Not closed like closed-source, neccessarily - but the box is well defined. This you can do, this you can't do. Can't change the hardware. Can't modify much of the OS. The entire user experience is controlled. iphone apps work the same way. Unless you break into your phone, you get the programs we say are OK, from our appstore. I don't know that I agree with it, but I don't know that I disagree either. I appreciate it, though.

Comment Re:Don't be a dick, dick (Score 1) 290

by EliSowash (#39195995) Attached to: Ask Slashdot: Best Practices For Leaving an IT Admin Position?
Damn skippy. I left a job three months ago, after 8 1/2 years with the firm. I've forgotten more tribal knowledge than most of the remaining staff knows, and on average, I've gotten at least one phone call a week since then. I think I was pretty well documented (again, I'm in agreement with you) but there's just some stuff that never got written down. If I'm a reliable repository, why shouldn't I be tapped for a question?
Security

Submission + - Anonymous Partners With WikiLeaks, Then Turns On Stratfor (informationweek.com)

Submitted by
EliSowash
EliSowash writes: "Stratfor appears to have run afoul of Anonymous and WikiLeaks on account of its intelligence-gathering activities. A blog post published Sunday accused Stratfor of being "a company that fronts as an intelligence publisher, but provides confidential intelligence services to large corporations." The two have announced a partnership, followed by the release of 5 million emails from the Texas "subscription-based provider of geopolicital analysis."

The new leak represents a homecoming for WikiLeaks, which has released few documents after publishing a massive trove of sensitive, unredacted government cables."

Comment Re:It's easy for men (Score 2) 502

by EliSowash (#39146517) Attached to: The correct number of shoes to own:

If you alternate your shoes you'll just slowly ruin a bigger number of shoes. No gain when compared to fastly ruining a smaller number of shoes, unless you buy them in batches and are accounting the buying time.

That's why I don't have my tires rotated. I only want to replace two at a time. Move the back ones to the front, and put the new ones on the back.

Submission + - Remote web interface of (WIFI) routers often still have default login.

Submitted by Anonymous Coward
An anonymous reader writes: Consenzo ICT, Netherlands.

Most people have learned to protect their WIFI networks with a decent password en encryption. I was wondering how it would look if I took a peek at those routers from the internet side. Most routers have to option of remote access and I was interested to know how many would actually use this remote access option. A quick scan produced about 9,000 Linksys routers in the Netherlands alone. A few other scans produced heaps of D-link, Cisco and many more routers.

First thing to try is always the default administrator login and password of the remote access web interface and.. then I nearly dropped of my chair.
Loads of those routers turned out to still have the default password set and are therefore at great risk. If you login to such a router its child’s play to obtain the key to the WIFI network and if MAC filtering is used to prevent access, its easy to add your own MAC address (or use one from the filter list for spoofing). Taking control of the router is also very simple since you’re admin and have therefore god-like access to the complete configuration.

One thing that also struck me was that on some routers remote access wasn’t even enabled.
So these routers must be attached to a private network and accessible from the internet through another router.

A very bad thing indeed.

Slashdot Top Deals

Doubt is not a pleasant condition, but certainty is absurd. - Voltaire

Close