Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Worms

First iPhone Worm Discovered, Rickrolls Jailbroken Phones 215

Unexpof writes "Users of jailbroken iPhones in Australia are reporting that their wallpapers have been changed by a worm to an image of '80s pop icon Rick Astley. This is the first time a worm has been reported in the wild for the Apple iPhone. According to a report by Sophos, the worm, which exploits users who have installed SSH and not changed the default password, hunts for other vulnerable iPhones and infects them. Users are advised to properly secure their jailbroken iPhones with a non-default password, and Sophos says the worm is not harmless, despite its graffiti-like payload: 'Accessing someone else's computing device and changing their data without permission is an offense in many countries — and just as with graffiti there is a cost involved in cleaning-up affected iPhones. ... Other inquisitive hackers may also be tempted to experiment once they read about the world's first iPhone worm. Furthermore, a more malicious hacker could take the code written by ikee and adapt it to have a more sinister payload.'"
Politics

Sequoia Voting Systems Source Code Released 406

Mokurai sends a heads-up about Sequoia Voting Systems, which seems to have inadvertently released the SQL code for its voting databases. The existence of such code appears to violate Federal voting law: "Sequoia blew it on a public records response. ... They appear... to have just vandalized the data as valid databases by stripping the MS-SQL header data off, assuming that would stop us cold. They were wrong. The Linux 'strings' command was able to peel it apart. Nedit was able to digest 800-MB text files. What was revealed was thousands of lines of MS-SQL source code that appears to control or at least influence the logical flow of the election, in violation of a bunch of clauses in the FEC voting system rulebook banning interpreted code, machine modified code and mandating hash checks of voting system code." The code is all available for study or download, "the first time the innards of a US voting system can be downloaded and discussed publicly with no NDAs or court-ordered secrecy," notes Jim March of the Election Defense Alliance. Dig in and analyze.

Comment Re:Guess who's security software I won't be buying (Score 2, Insightful) 537

google SLAPP, also look up whistle blower protections laws and see how well they protect people and keep their careers from being savaged.

history shows that revealing identity is is a surefire way to silence or discredit a critic.

one possible tool might be the use of pseudo-anonymity. A two-way untraceable path between you and the anonymous party. think of it as a disposable identity. The trick then becomes how do I remove any association between me and the pseudo-identity so it can't be traced back to me.

The reason I suggest this tool is because true anonymity is a one-way communications path. Useful for broadcasting information but not interacting with any investigative authority. For example, I was working at a major film producer company that went bankrupt and we were working on a imaging device for nuclear medicine. since it was used a diagnostic setting, it had to pass certain FDA compliance regulations before could be used in a diagnostic setting.

They shipped beta code to sites using the image printer for diagnostics with real patients. A few people complained including not one but two FDA compliance officers within the organization. these people, including the compliance officers are either marginalized or pushed out. If I had a good anonymous channel to the FDA, I would've handed them documentation in a heartbeat. Unfortunately, this company was really good at sniffing out leaks so I didn't dare.

So for lack of true anonymity, a bunch of criminal behavior, or at least unethical behavior went unpunished.

I am not so foolish as to extend a single case to the entire net but, it is a good example, and an extremely common example of not reporting corporate malfeasance because people are not willing to have their careers and financial well-being savaged. Good anonymity support could help that.

News

Mickos Urges EU To Approve Oracle's MySQL Takeover 67

mjasay writes "Former MySQL CEO Marten Mickos has written to EU Commissioner of Competition Neelie Kroes to urge speedy approval of Oracle's proposed purchase of Sun, including the open-source MySQL database. The EU has been worried that Oracle's acquisition of Sun could end up hurting competition by dampening or killing MySQL's momentum. But in his letter, Mickos separates MySQL-the-community from MySQL-the-company, arguing that Oracle's takeover cannot hurt the MySQL community: 'Those two meanings of the term "MySQL" stand in a close, mutually beneficial interaction with each other. But, most importantly, this interaction is voluntary and cannot be directly controlled by the vendor.' In a follow-up interview with CNET, Mickos indicated that he has no financial interest in the matter, but instead argues he 'couldn't live with the fact that [he's] not taking action,' and is 'motivated now by trying to help the employees still at MySQL and Sun, and by an urge to bring rational discussion to the matter.'"
Networking

IPv6 Adoption Will Grow With Smart Grid Adoption, Hopes Cisco 169

darthcamaro writes "A lot of people in the US have not seen a use case for the use of IPv6 yet, since we've got plenty of IPv4 addresses. But what happens when the entire electrical grid gets smart? The so-called Smart Grid will need a networking transport mechanism that will connect potentially hundreds of millions of people and devices. Networking giant Cisco sees IP (internet protocol) as the right transport and IPv6 as the logical choice for addressing. 'Pv6 is an interesting discussion and one that occupies a lot of bandwidth at Cisco,' Marie Hattar, Cisco's vice president of network systems and security solutions marketing said. 'Some people say that for smaller deployments, we could get away with IPv4, but the smart grid has a number of parts. The point is that if you're looking to build this [smart grid] out, why not build it out on the scalable protocol from the get-go?'"
Security

Google Groups Used To Control Botnets 63

oDDmON oUT writes "'Maintaining a reliable command and control (C&C) structure is a priority for back door Trojan writers. ... Symantec has observed an interesting variation on this concept in the wild. A back door Trojan that we are calling Trojan.Grups has been using the Google Groups newsgroups to distribute commands,' writes Symantec employee Gavin O Gorman. He goes on to state that 'the Trojan itself is quite simple. It is distributed as a DLL,' and while the decrypted commands indicate it is used 'for reconnaissance and targeted attacks,' he does go on record as saying, 'It's worth noting that Google Groups is not at fault here; rather, it is a neutral party. The authors of this threat have chosen Google Groups simply for its bevy of features and versatility.'"
Robotics

Pogo-Style Robot Legs Allow 9-Foot Bounces 42

destinyland writes "A new pogo stick jumps nine feet using legs developed for running robots. (It replaces the stick's spring with a fiber-reinforced 'bow' that was developed at Carnegie Mellon's Robotics institute.) One scientist even suggests robots could use its 'BowGo' technology in the low-gravity environment of the moon. 'Hopping many meters above ground level, the robot would have an excellent view of the terrain.'"
Cellphones

Snow Leopard Drops Palm OS Sync 290

adeelarshad82 writes "It's been just a little over a month since Apple blocked iTunes sync with Palm Pre, and now Apple takes that strategy one step further by blocking Snow Leopard sync with Palm-OS powered smartphones. Even though Palm has officially retired Palm OS and is now focusing hard on its next-generation WebOS in the Palm Pre, the company is still selling Palm OS-powered smartphones; two current models are the Treo Pro on Sprint and the Centro."
Power

Watermelon Juice Makes Great Biofuel 160

Mike writes "Watermelons are more than just a tasty summer snack — researchers at the USDA have determined that the fruit constitutes a promising and economically viable source of biofuel. It turns out that the relatively high concentration of directly fermentable sugars in watermelon juice can be easily converted into ethanol. Rather than grow fields of the fruit for the purpose, the report suggests that farmers capitalize on the 20% of each annual watermelon crop that is left in the field because of surface blemishes or because they are misshapen."
Security

Twitter Used To Control Botnet Machines 127

DikSeaCup writes "Arbor Network's Jose Nazario, an expert on botnets, discovered what looks to be the first reported case of hackers using Twitter to control botnets. 'Hackers have long used IRC chat rooms to control botnets, and have continually used clever technologies, such as peer-to-peer strategies, to counter efforts to track, disrupt and sometimes decapitate the bots. Perhaps what's surprising then is that it's taken so long for hackers to take Twitter to the dark side.' The next step, of course, is to code the tweets in such a way that they aren't so suspicious."

Comment Re:Time, money, expertiese (Score 2, Interesting) 228

I tried going the route of having someone type for me. It would cost me, by the time agency fees are factored in, around $100-$200 per day. If I'm billing, I can afford that. If I'm not billing, I can't and that puts me right back in the place of looking for a solution. Unfortunately, even at the best of times, it was a very tough experience. The typist could not type fast enough to keep up with what I was saying. I would try to teach her macros (stored in her head) and I would say things about constructing loops and method references etc., she would freeze up, think for little bit, and then start again. I would correct what she just typed and then we would keep going. Effectively what I was doing was teaching her to program. then I would have to pay her more money and she wouldn't want to type for me. She would want to write her own code. Get another typist... As you can see, the agency fees would add up and nearly get really expensive if I expected the typist to hang around until two o'clock in the morning so I could finish some work. The same money could be applied to developing these tools if the money was free to be used in this way. That's the second problem with being disabled. Before disability, you're making enough money to build the tools, after disability, you don't have enough money to build the tools and you don't have the physical ability to build the tools. This stuff is not simple. It is complex and you need a team of people and guinea pigs to make something work right. Hell, right now I would be happy if I could get someone to make vr-mode work

Comment Re:Cite please (Score 2, Informative) 228

http://download.microsoft.com/documents/uk/hardware/Ergonomics_and_Repetitive_Strain_Injury.pdf http://www.thefreelibrary.com/Repetitive+strain+injuries+stretch+higher-a018341055 http://www.rsi-therapy.com/statistics.htm I think the UK stats are probably the best stats to go by. Most of the RSI injury rate information in the United States is based on the last clean census of injuries which was roughly 1994-1995. Unfortunately, since that time states with a large chicken processing workforce, have either stopped counting RSI statistics or have merge them into some other heading making difficult if not impossible to track down what the actual injury rates are. It's amazing the kind of government service you can purchase if your name is Tyson or Perdue. I know this sounds kind of conspiratorial but, up here in New England, the same thing happened with glass cutters and textile workers. Remember, programmers are nothing more than a clean form of blue-collar labor that can be replaced by cheaper labor in a heartbeat. As for the near 100% comment, well as we age, we lose ability. Since everybody ages, is a good chance you will spend decades being unable to use the tools and toys you use today. There's a better chance that the twentysomethings 30 years from now will be inventing all of these cool things that you will be excluded from.

Comment Re:When did you stop beating your wife? (Score 4, Insightful) 228

It was intended as a serious, albeit in your face, question. what I was hoping for was a serious answer. I don't expect you to drop anything

Let me introduce you to a term "TAB" Temporarily Able Bodied. It was created in recognition that physical ability is temporary, disability is the norm. I'm disabled because my hands don't work right. I'm also disabled because I need glasses. Minority or majority doesn't matter. My question was trying to provoke thought about what's going to happen to you when you become disabled. age-related ailments will steal your ability from you. But also do you want to leave the future to be a radical shift in career because your hands don't work or a shift in how you work?

As to the direction on what makes something accessible, there is a good 30 years worth of research on the subject in the library if people would only look. Is honestly simple concept of separation of functionality from presentation. If I need a word processor with a speech user interface, then I should be able to purchase a word processor and then purchase a user interface that does what I need. If a blind person needs a text-to-speech interface, then they should be able to purchase their own user interface. None of us should have to rely on adaptations or, as I like to call them, "brutal hacks" on the application.

Every two or three years we do hear about and disabilities. There was Nintendo thumb and now Blackberry thumb and other hand disorders from playing too many first-person shooter games. It's all right in front of us. we also have the issue of elderly, as you point out. I'm not worried as much about the elderly of today but, what happens when you hit 60 and you gradually discover you can't do anything. No texting, no video messages, no anything. Think about that future.

Also think about the implications of what our mobile devices are doing today. I've seen people advocate getting rid of voicemail because you can just send someone a text message. Or the only telephone you can use if you are blind is something that just makes calls and receives calls. These choices exclude people from the mainstream culture. If you are blind and cannot send a text message, you lose social connection. If you can't send a text message, you lose the ability to give someone a time delayed message the way of voicemail works. I do admit that it may be cheaper to warehouse disabled people but, it would be nice if we made a conscious decision.

And as a side note, I was not able to interleave my comments with your text because HTML is not friendly to the disabled.

Comment Re:Cold Truth (Score 1) 228

try instead, each person has their own UI device and that device talks to all other devices like phones, atm's, gas pumps etc. you want multi touch, buy a multi touch display brick. want text to speech, get a tts brick. own your own ui.

Comment Re:Cold Truth (Score 1) 228

what you describe is what we are doing today. looking at it from the IT viewpoint, if you assume each IT person contributes 50k value to the economy and you loose 50k people each year, that is 2.5 mil flushed. 10% of that would make it possible to solve the programming by voice problem in 2-3 years. rather cheap way to stem a multimillion resource loss. almost as cheap as telling the disabled to go sit on a street corner somewhere.

Slashdot Top Deals

/* Halley */ (Halley's comment.)

Working...