Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission + - Worm steals more than 45,000 Facebook logins (cnet.com)

expo53d writes: A nasty bit of malware making the rounds on Facebook has reportedly made off with the usernames and passwords of more than 45,000 users. Most of those affected by the worm --called Ramnit-- are from France and the United Kingdom, according to a bulletin issued by security researchers at Securlet. It is capable of infecting Windows executables, Microsoft Office, and HTML files, according to McAfee.

Comment Re:Conflicted Issue (Score 1) 154

It might be a breach of privacy to take advantage of radio signals from cell phones, since you never gave the store permission to use the signals your own device generates, but that is a matter of popular opinion - does the store have a right to record or use signals produced by their customers for their own purposes?

It *might* be? I think not... Imagine you are at Starbucks drinking coffee, and surfing with your laptop. Does that give the Barista the right to use sslstrip and extract your credit card numbers? Not at all.

Comment Opt Out (Score 3, Interesting) 154

You can 'opt out' of this tracking service by turning off your mobile phone. But in this time and day, this solution seems akin to telling people to stop using email to 'opt out' from spam or to stop eating foods to 'opt out' of food poisoning. But even if the management wanted the costumers to be able to opt out, how would they do it? The only way is to tell the system to stop tracking the phones opted out, which means the system will need to start tracking the phones individually (to identify which phones are to be tracked and which are opted out), and by doing that, they enable the system to track *individual* users who have not opted out, making the issue worse for the average consumer who has no idea that these systems exist/how they work.

Submission + - PayPal Executive Named Chief of Yahoo (nytimes.com)

expo53d writes: Yahoo, the struggling consumer media company, announced on Wednesday that its new chief executive would be Scott Thompson, the president of PayPal, the online payment service. In a conference call on Wednesday morning, Roy J. Bostock, the chairman of Yahoo’s board, said that at PayPal Mr. Thompson had proved he could take a company with solid assets and build the business. That is the central challenge at Yahoo, Mr. Bostock said, noting that the company has a wealth of strong media and advertising assets, and an online audience of more than 700 million visitors a month.

Submission + - SCADA Vulnerabilities in Correctional Facilities (net-security.org)

Orome1 writes: Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publicly available exploits along with evaluating vulnerabilities in electronic and physical security designs, researchers discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to "open" or "locked closed" on cell doors and gates.

Comment Re:If even strong passwords can get leaked... (Score 1) 141

The advantage of "try and guess THIS one!" type password is not only are they hard to guess, but if they are long enough and hashed properly (SHA1 or similiar) they cannot be unercrypted. (Presuming that the decrpyting party does not have access to a super computer). This is due to the fact that these passwords go through a one-way type hash, thus the only way to crack them is having a list of every single possible hash and its key (or generating such a list). So if one has a password that is 27 characters long, an attacker will need to generate a hash for every password from 1 character long to 27 characters long. Example: 1,2 ... 001, 002 .... goalcar, goalcat, goalcau ... and so on.
The Internet

Submission + - GoDaddy accused of interfering with anti-SOPA exod (cnet.com)

expo53d writes: "An effort by GoDaddy customers to boycott the domain registrar over its support for Hollywood-backed copyright legislation has sparked allegations of foul play. NameCheap, whose chief executive last week likened SOPA to "detonating a nuclear bomb" on the Internet, said today that GoDaddy has intentionally thrown up technical barriers to prevent its customers from leaving. GoDady lost over 70,000 domains last week." Not something surprising from a company that supports SOPA (and acts like it does not to the media).

Submission + - HP Fixes Security Flaws in LaserJet Firmware (securityweek.com)

wiredmikey writes: In late November, news surfaced that researchers from Columbia University had discovered vulnerabilities in upgradeable firmware in HP laser printers that could be compromised and modified by an attacker, enabling them to do anything from overheating the printer, to compromising a network, with some saying that the devices could even be set up in flames.

While HP responded saying the reports of devices being able to be set on fire remotely were “sensational and inaccurate,” it did acknowledge existence of a security vulnerability related to the firmware in some its LaserJet printers and has now released a firmware update to mitigate the issues and is notifying customers and partners.

While HP provides software that enables admins to set configurations and security policies for devices, and provides IT infrastructure and filtering technology to help remove suspicious files and devices on a network, being able to monitor the health of the firmware on its printers is lacking, and has sparked concern by some.

The Internet

Submission + - Go Daddy Loses 21,000 Domains in One Day (cnet.com) 1

expo53d writes: Hats off to all those who transferred their domains off GoDady. CNET reports that yesterday 21,054 domains where pulled off Domaincontrol.com, a subsidiary of GoDady. While this maybe a coincidence, it is likely to be caused by GoDady's controversial support for SOPA. It seems that GoDady's attempts at remedying the problem were of no use.

Slashdot Top Deals

Have you reconsidered a computer career?