Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Microsoft

Submission + - Chrome browser and Microsoft's website

Submitted by gksmith
gksmith writes: I've been using the Chrome browser for a week, with Microsoft's site as my home page. This morning I fired up Chrome and my hard disk started going crazy. If I navigated to other sites, the hard drive continued thrashing, but closing Chrome altogether instantly silenced the hard drive. If I go to www.microsoft.com using IE or Firefox, the hard drive remains idle. I've opened Chrome several times over the last few hours and hard drive thrashing is now predictable. Anyone else see this happening? Anyone know why it would?
Windows

Submission + - How secure is Windows XP limited user account?

Submitted by
TheDarkMaster
TheDarkMaster writes: "I need to grant user access to my pc for parents. Of course I can't say what a hell my little sister (or others) can download from net, and I need to use a limited user account for her. But, how secure is this account? They can survive a "OMG, CLICK HERE NOW!!!!" "insuspect" file or something else?"
Sci-Fi

Submission + - Robert Heinlein's Fan Mail Solution

Submitted by
Hugh Pickens
Hugh Pickens writes: "Kevin Kelly has an interesting post about a letter he found from Robert Heinlein from Kelly's days editing the Whole Earth Catalog with Heinlein's own nerdy solution to a problem common to famous authors: how to deal with fan mail. In the days before the internet, Heinlein's solution was to create a one page FAQ answer sheet — minus the questions. Then he, or rather his wife Ginny, checked off the appropriate answer and mailed it back. Some of the entries in Heinlein's answer sheet are quite illuminating and amusing. Our personal favorite: "You say that you have enjoyed my stories for years. Why did you wait until you disliked one story before writing to me?""
Privacy

Submission + - Non-Random DL #s Making Identity Theft Easier?

Submitted by
jazzduck
jazzduck writes: "My father recently was contacted by an anonymous caller who claimed that he was doing a survey on identity theft. The caller claimed to have found my father's SSN online and was calling to "notify" him and ask if he knew it was available. But the interesting part is when the caller said, "Oh, and I also have your driver's license number. It's ####-####-####... but I can't make out the last two digits on the picture, what are they?" This caught my attention because we live in Wisconsin. In Wisconsin, all but the last two digits of your Driver's License number can be calculated from your last name, first and middle initials, gender, and date of birth. The final two digits are a random or maybe sequential code that eliminates duplicates. Back in high school I reverse-engineered the algorithm for kicks, which is why my father was smart enough to know to not give out his last two digits. So was this guy legitimate? It seems to me that he was likely some kind of scammer who had calculated the first twelve digits and was trying to trick my father into revealing the two non-calculable digits. But what would he want someone's driver's license number for? Very few things use your driver's license number. More importantly, do states that use driver's license numbers like this, which can be determined from commonly available information, put their citizens at greater risk of identity theft? I know that Illinois uses a similar algorithm and I believe at least one other state does too. What does Slashdot think?"
Security

Submission + - The CookieMonster Demands Satisfaction (fscked.org)

Submitted by
mikepery
mikepery writes: "------ Begin Cut Here —
Note to slashdot editors: Hey guys, I was wondering if you could help me out a bit to correct for the fairly inaccurate article you featured about my HTTPS hijacking work being a Gmail-specific attack tool. I want to make sure the record is set straight, and people realize that a lot more sites are potentially affected than just Gmail, so that they can ensure they are fixed properly.
------------ End Cut Here —

I figure the slashdot readership is the best place to reach a large number of slacking admins and developers, so I want to announce that it's been 30 days since my DEFCON presentation on HTTPS cookie hijacking, and as such, it's now time to release the tool to a much wider group. Despite what was initially reported, neither the attack nor the tool are gmail-specific, and many other websites are vulnerable. So, if you maintain any sort of reasonable looking website secured by any SSL certificate (Sorry Rupert, you lose on both counts), even if it is just self-signed, you can contact me and I will provide you with a copy of the tool. Be sure to put "CookieMonster" in the subject, without a space.

I'd also like to encourage security professionals and consultants to request a copy of the tool for use in encouraging their clients to adopt SSL properly for their websites. There's no possible way for me to reach every site, but if convincing demonstrations can be given of the vulnerability on an individual basis, perhaps that will drive the issue home much more than the press alone has done. Heck, the tool might even land you a few new clients."
Google

Submission + - Google Chrome privacy worse than you think (wordpress.com)

Submitted by
coderrr
coderrr writes: "Google Chrome's location bar auto suggestion feature (Omnibox) is one of the biggest privacy breaches in web browser history. The feature allows Google to know almost every URL, partial URL, phrase, word, and character you type into the location bar even before you press enter. More than that, all this information can be linked with your main Google account, because Google sends your cookie along with every automatic search it performs from the location bar. A representative from Google said they plan to store about 2 percent of that data along with the IP address of the computer that typed it. The feature can be turned off, but is on by default."
Media

Submission + - Photonovelists Start Running Into Each Other

Submitted by TechnicolourSquirrel
TechnicolourSquirrel writes: In a kind of fan convention replay of Man Bites Dog, one camera-wielding photo comic creator encounters another at Fan Expo 2008 in Toronto, resulting in some amusingly self-reflexive photoblogging that may demonstrate the value of the network effect in the field of photonovels. The blogger also has this to say about convention culture: "Far more this year than last year, the gamers were segregated from the rest of the convention-goers. Nonlinear geeks are not like linear geeks. The clustering vibe is as different as between a clan of badgers and a herd of buffalo. It shouldn't really be necessary to separate them — that takes care of itself. I would have preferred it if the organisers had used their floor plan to force a little more mixing".

[Note for Eds: This is a corrected version of the story I submitted earlier, in which I believe I mistakenly wrote 'Man Bites Bog' where I intended to write 'Man Bites Dog'. This is the corrected copy — you may post it or use it as a guide to correct the original timestamped version, or just reject both as you wish. Apologise for doing it this way — it was the only way I knew to be sure the same people would see it.]
Moon

Submission + - MythBusters to Debunk Moon Conspiracies Tonight (popularmechanics.com)

Submitted by mattnyc99
mattnyc99 writes: A couple years back, we got Jamie Hyneman and Adam Savage to open up on Slashdot about so-called moon myths. Tonight, the MythBusters go all-out to finally put to rest all the conspiracy theorists who say NASA never landed on the lunar surface. From Popular Mechanics' in-depth look behind the scenes of the episode: "NASA has been incredibly open-source about the missions to the moon, about every scrap of information down to the material in the astronaut's socks," Savage says. "So you have a tremendous amount of material to choose from to make sure that your replication is entirely accurate. We had probably a greater breadth of information than we usually have to achieve the replication. But that also means that you've got to be a little bit more picky, and choose carefully so that you're not overwhelming yourself with details that aren't actually germane to the myth you're doing."
Math

Submission + - Ten-million-digit prime discovered? (mersenne.org)

Submitted by Anonymous Coward
An anonymous reader writes: The Great Internet Mersenne Prime Search (GIMPS) has apparently discovered a new world-record prime number. A GIMPS client computer reported the number on August 23rd, and verification is currently under way. The verification could take up to two weeks to complete. The last Mersenne prime discovered was over 9.8 million digits long, strongly suggesting that the new value may break the 10 million digit barrier — qualifying for the EFF's $100000 prize!
Programming

Submission + - Ratio of IT department to overall employees 1

Submitted by Anonymous Coward
An anonymous reader writes: I recently was talking to a friend about the fortune 100 company she works for and IT. She informed me the company has 35,000 employees and over 5,000 IT employees (and its not a web firm). Plus numerous consultants doing work as well. To me (from a background where my last job had 50 IT employees and 1000 total, 1 IT per 20 people, yet were considered very responsive) a 1 to 7 ratio of IT employees seems crazy high. Yet she mentioned even simple changes to systems/software take over six months.

So what ratio does your company have and what is reasonable? And how much does this differ by industry?

Comment Re:They can't hold their talk now, can they? (Score 3, Insightful) 160

by PopeRatzo (#24664057) Attached to: MIT Students' Gag Order Lifted

Litigation tends to be the last refuge of the incompetent.

Here is evidence that a low UID does not insure a clear mind.

Maybe you should have said "frivolous" litigation is the last refuge of the incompetent"?

Litigation is one of pillars which holds up a Rule of Law and provides some path to fairness and justice in a free society. Considering the startling consolidation of social power in the hands of corporate ownership and authoritarian fanatics, you may yet see what it's like to live in a society without litigation. I guarantee you're not gonna like it, Ukab.
Operating Systems

Submission + - How do I break the curse of helpdesk jobs? 1

Submitted by
An anonymous reader writes: I have server experience building and repairing them including Dell, IBM and HP servers. I've completed the Microsoft Windows 2000 MSCA Exam and currently hold that certification. I have spent time studying VMware, Altiris, Linux, Backup and recovery applications, and even programmed a few Cisco routers but even with all this experience no matter how much I try to highlight all my non helpdesk experience my name never comes up to companies or recruiting firms other then to fill some pointless and dead end desktop support job. It has been four years since I started in the IT field and I cannot take working in help desk or desktop support jobs any longer.

I'm willing to relocate anywhere in the United States to get out of desktop support, but what is the best way of taking a job in another state if I can actually find one? I ask this because the job market in Cleveland Ohio is completely dead and I feel I'd have a better chance moving out of Ohio in general.

What tips for my resume should I take to downplay the desktop support as much as possible and highlight what little administration tasks I have had during the 4 years I have had in desktop support?

Any suggestions I'd greatly appreciate.

Slashdot Top Deals

Make sure your code does nothing gracefully.

Close