Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Security

Submission + - SCADA Vulnerabilities in Correctional Facilities (net-security.org)

Orome1 writes: Many prisons and jails use SCADA systems with PLCs to open and close doors. Using original and publicly available exploits along with evaluating vulnerabilities in electronic and physical security designs, researchers discovered significant vulnerabilities in PLCs used in correctional facilities by being able to remotely flip the switches to "open" or "locked closed" on cell doors and gates.

Comment Re:If even strong passwords can get leaked... (Score 1) 141

The advantage of "try and guess THIS one!" type password is not only are they hard to guess, but if they are long enough and hashed properly (SHA1 or similiar) they cannot be unercrypted. (Presuming that the decrpyting party does not have access to a super computer). This is due to the fact that these passwords go through a one-way type hash, thus the only way to crack them is having a list of every single possible hash and its key (or generating such a list). So if one has a password that is 27 characters long, an attacker will need to generate a hash for every password from 1 character long to 27 characters long. Example: 1,2 ... 001, 002 .... goalcar, goalcat, goalcau ... and so on.
The Internet

Submission + - GoDaddy accused of interfering with anti-SOPA exod (cnet.com)

expo53d writes: "An effort by GoDaddy customers to boycott the domain registrar over its support for Hollywood-backed copyright legislation has sparked allegations of foul play. NameCheap, whose chief executive last week likened SOPA to "detonating a nuclear bomb" on the Internet, said today that GoDaddy has intentionally thrown up technical barriers to prevent its customers from leaving. GoDady lost over 70,000 domains last week." Not something surprising from a company that supports SOPA (and acts like it does not to the media).
HP

Submission + - HP Fixes Security Flaws in LaserJet Firmware (securityweek.com)

wiredmikey writes: In late November, news surfaced that researchers from Columbia University had discovered vulnerabilities in upgradeable firmware in HP laser printers that could be compromised and modified by an attacker, enabling them to do anything from overheating the printer, to compromising a network, with some saying that the devices could even be set up in flames.

While HP responded saying the reports of devices being able to be set on fire remotely were “sensational and inaccurate,” it did acknowledge existence of a security vulnerability related to the firmware in some its LaserJet printers and has now released a firmware update to mitigate the issues and is notifying customers and partners.

While HP provides software that enables admins to set configurations and security policies for devices, and provides IT infrastructure and filtering technology to help remove suspicious files and devices on a network, being able to monitor the health of the firmware on its printers is lacking, and has sparked concern by some.

The Internet

Submission + - Go Daddy Loses 21,000 Domains in One Day (cnet.com) 1

expo53d writes: Hats off to all those who transferred their domains off GoDady. CNET reports that yesterday 21,054 domains where pulled off Domaincontrol.com, a subsidiary of GoDady. While this maybe a coincidence, it is likely to be caused by GoDady's controversial support for SOPA. It seems that GoDady's attempts at remedying the problem were of no use.
AMD

Submission + - AMD announces Redeon HD 7970, "The World's Fastest (slashgear.com)

expo53d writes: A fresh contender for your blow-out 2012 Olympic gaming rig: AMD's first 28nm GPU, the Radeon HD 7970. It's scheduled to arrive on January 9th, priced at $549 — nearly $200 more than its direct ancestor, the 6970. Then again, this newcomer packs some supremely athletic specs, including a 925MHz engine clock that can be readily OC'd to 1.1GHz, 2,048 stream processors and an uncommonly muscular 384-bit memory bus serving 3GB of GDDR5. At the same time, AMD hopes to make the card more practical than the dual-processor 6990 by bringing the card's power consumption down to less than 300W under load and a mere 3W in 'long idle' mode, and promising quieter cooling thanks to improved airflow and a bigger fan.

Comment Security? (Score 1) 173

IHMO, any government/sensitive systems should be completely isolated from the internet. It surprises me that much of the US infrastructure is connected to the internet. Why does the US CoC need internet controlled thermostats? That just opens up vulnerabilities. On another note, why was the thermostat communicating with China? If these attacks were as professional as claimed and went undetected for a year, then you would suspect the "professional" hackers would use a proxy or some sort of onion routing. And the printer printing Chinese characters? Why would a hacker do that? And couldn't any "hacker" (not necessarily Chinese) have the printer print Chinese characters? The US will get its systems secured sooner to later, but if they don't secure it now by their will, they will be *forced* to secure it later.
Android

Submission + - Android Activations Reach 700,000 Per Day (google.com)

expo53d writes: Andy Rubin, Senior Vice President of Mobile at Google, announced on this Google+ page that Android now has 700,000 unique activations per day. This is an increase from the previous 500,000 activations per day. Discuss.

Slashdot Top Deals

Get hold of portable property. -- Charles Dickens, "Great Expectations"

Working...