Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Submission + - Windows Flaws Lead to Black Hat ATM Hack (internetnews.com)

An anonymous reader writes: Ever wonder what operating system most ATM's use? In a session at the Black Hat Las Vegas security conference, researcher Barnaby Jones hacked a pair of ATMs with cash literally flying out of them when he was done.

Jones explained that most ATM's run Microsoft Windows CE on ARM processors and they all tend to have remote updating capabilities. Jones wrote a remote exploitation program called Dilinger to remotely exploit the ATM. Then once the ATM is exploited he has another program called Scrooge which is a root kit for the ATM. With those tools, Jones — much to the delight of the massive Black Hat crowd that gathered to see him — he used his tools to exploit a pair of ATMs on stage — Live.


Science

Submission + - Adventures in Very Recent Evolution (nytimes.com)

Third Position writes: Ten thousand years ago, people in southern China began to cultivate rice and quickly made an all-too-tempting discovery — the cereal could be fermented into alcoholic liquors. Carousing and drunkenness must have started to pose a serious threat to survival because a variant gene that protects against alcohol became almost universal among southern Chinese and spread throughout the rest of China in the wake of rice cultivation.

The variant gene rapidly degrades alcohol to a chemical that is not intoxicating but makes people flush, leaving many people of Asian descent a legacy of turning red in the face when they drink alcohol.

Many have assumed that humans ceased to evolve in the distant past, perhaps when people first learned to protect themselves against cold, famine and other harsh agents of natural selection. But in the last few years, biologists peering into the human genome sequences now available from around the world have found increasing evidence of natural selection at work in the last few thousand years, leading many to assume that human evolution is still in progress.

Submission + - SCOTUS to hear appeal of CA Game Violance Ban (theeca.com)

powerlord writes: "For nearly two decades, elected officials have tried to regulate which video games you can buy, rent and play. Every single time they’ve passed a law, the federal courts have struck it down as unconstitutional. But this may change this fall.

The Supreme Court of the United States has agreed to hear the State of California’s infamous ‘violent video game case,’ Schwarzenegger v. EMA. That means that this year, or early next, the Court is going to decide whether to agree with the lower federal courts or not. Agreeing would mean that they believe that video games are, and should continue to be, First Amendment protected speech; just like books, movies and music. The court disagreeing would mean that they think video games should be treated differently. This could lead to new bills and laws curtailing video game access in states across the country."

Security

Submission + - Redmond Opens Source Code to KGB Successor

Hugh Pickens writes: "ZDNet reports that Microsoft has given access to source code for Windows Server 2008 R2, Microsoft Office 2010 and Microsoft SQL Server to the Russian Federal Security Service, the main successor agency of the Soviet-era Cheka, NKVD and KGB, with hopes of improving Microsoft sales to the Russian state in an agreement that will allow Russia to study the source code and develop cryptography for the Microsoft products through the Science-Technical Centre 'Atlas', a government body controlled by the Ministry of Communications and Press. "The purpose of the GSP (Government Security Program) is to increase trust with national governments," says Microsoft in a statement. "In the case of the Russian agreement, GSP participation will facilitate the development of the next generation of secured solutions for Russian government agencies based on the latest Microsoft technologies and Russian cryptography." The agreement is an extension to a deal Microsoft struck with the Russian government in 2002 to share source code for Windows XP, Windows 2000 and Windows Server 2000. Not everyone is pleased with the agreement. Cambridge University security expert Richard Clayton says that opening up source code could enable a government to find security holes that the state could use to launch attacks against other nations, adding that there are tens of thousands of bugs in Microsoft products, in part due to the sheer volume of source code and that an attacker only has to find one hole and exploit it successfully to gain access to other systems. "It's completely asymmetrical," says Clayton."
News

Submission + - NTP Sues Big IT Companies (techcrunch.com) 1

helix2301 writes: NTP who claims to be the founder and holds the patent for sending e-mail over wireless hand held devices is sewing Microsoft, Apple, Google, and other major players in the technology industry. They sewed RIM a few years ago and they settled out of court. The amount they are sewing for is unknown at this time.
Security

Submission + - REMNux: The Malware Analysis Linux OS (threatpost.com)

Trailrunner7 writes: A security expert has released a stripped-down Ubuntu distribution designed specifically for reverse-engineering malware. The OS, called REMnux, includes a slew of popular malware-analysis, network monitoring and memory forensics tools the comprise a very powerful environment for taking apart malicious code. REMnux is the creation of Lenny Zeltser, an expert on malware reverse engineering who teaches a popular course on the topic at SANS conferences. He said that he put the operating system together after years of having students ask him which tools to use and what works best. He originally used Red Hat Linux but recently decided that Ubuntu was a better fit.

The OS includes a virtual treasue chest of reverse-engineering and malware-analysis tools. REMNux has three separate tools for analyzinf Flash-specific malware, including SWFtools, Flasm and Flare, as well as several applications for analyzing malicious PDFs, including Didier Stevens' analysis tools.REMNux also has a number of tools for de-obfuscating JavaScript, including Rhino debugger, a version of Firefox with NoScript, JavaScript Deobfuscator and Firebug installed, and Windows Script Decoder.

Bug

Submission + - Nmap cripples a whole corporate network (h-online.com)

rfelsburg writes: An nmap scan with certain parameters is apparently sufficient to temporarily cripple a whole corporate network. On the Full Disclosure mailing list, a network admin reported that he used the following command to establish the SNMP versions of his routers and servers:

nmap -sU -sV -p 161-162 -iL target_file.txt

where target_file.txt contained his systems' IP addresses. However, the scan caused most of his network devices to crash and reboot, including several Cisco routers. There were very varied responses to his question on the list whether this problem was caused by a DoS vulnerability within the devices or by a flawed configuration.

Government

Submission + - New Broadband Projects Get $795 Million in Funding (infoworld.com)

snydeq writes: "Obama's administration will announce nearly $795 million in grants and loans to 66 new broadband projects across the nation. The subsidies — to be doled out by the U.S. NTIA and the U.S. Rural Utilities Service — will bring broadband service to 685,000 businesses, 900 health-care facilities, and 2,400 schools, according to officials. The NTIA will award $404 million to 29 projects Friday, and the grants will finance 6,000 miles of new fiber-optic lines. Most of the money will finance middle-mile broadband network projects. The RUS will award $390.9 million on Friday, with $163 million in loans and the rest in grants. Most of the RUS money is focused on last-mile broadband projects."

Submission + - Which continent do you live on?

An anonymous reader writes: Which continent do you live on?
a. North America
b. Europe
c. Asia
d. Australia
e. South America.
f. Africa
g. I'm an insensitive clod.
Microsoft

Submission + - SPAM: The Hidden Costs Behind the Big 3's Coolest Device

retrovertigo76 writes: Microsoft, Nintendo, and Sony all showed off some really cool technology coming out through the next year. However, how much is this new technology going to actually cost you? GoozerNation is here to break down some of the details of what you might really be required to pay... to play.
Link to Original Source
Security

Dot-Org TLD Signed For DNSSEC 58

graychase writes "A major milestone is reached as the first major top-level domain (.org) is now secured with DNSSEC. The expense to .org for implementing DNSSEC on its infrastructure and operations has not been a small one. While specific figures as to the cost of DNSSEC implementation haven't been released, Afilias, which is the technical operator of the .org registry, told InternetNews.com in 2009 that the DNSSEC implementation would be a multi-million-dollar effort. The cost isn't going to be passed on by .org to domain registrars. The move toward securing the .org registry with DNS security started in September 2008, following the Kaminsky DNS flaw disclosure."
Censorship

Submission + - Official Microsoft Spyware? (techarp.com)

An anonymous reader writes: I don't know what to think about this story, It's just another reason to keep on using Linux!

Slashdot Top Deals

There can be no twisted thought without a twisted molecule. -- R. W. Gerard

Working...