Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror

Feed ISP Kicks Out User Who Exposed Vulnerability; Doesn't Fix Vulnerability (techdirt.com)

Over the past few years, there have been plenty of examples of companies with security vulnerabilities blaming the messenger when the vulnerabilities are pointed out, often threatening them with time in jail. The end result, of course, is that many security researchers are afraid to report vulnerabilities, as they may be blamed for them. Of course, that doesn't mean that others haven't found the same vulnerabilities and started using them for malicious purposes. The latest such case is pointed out by Broadband Reports and involves an ISP in the UK called BeThere. Apparently, a college student discovered and published a pretty major vulnerability found in the routers the company uses, allowing anyone to access the routers remotely. Rather than thank the customer for finding and highlighting a pretty serious vulnerability, the company has cut off his service and threatened him with lawsuits. Oh yeah, they also haven't bothered to fix the vulnerability -- despite it being published 7 weeks ago. The reasoning from the ISP is astounding. They claim that since they can't find any evidence that anyone ever used the vulnerability, he must have discovered it by "illegal" means. Who knew that simply probing for security vulnerabilities was illegal? And, of course, the ISP told the guy he's not allowed to talk about its legal threat to him -- which isn't actually legally binding. It's not clear if the ISP doesn't understand what it's done or simply doesn't want to fix the vulnerability -- but the fact that it seems to think it's ok to leave the vulnerability there and just cut off the guy who pointed it out should make other customers of BeThere wonder about how the ISP treats their security.
The Internet

Submission + - Principal who banned MySpace has a page of her own

Anonymous Coward writes: "You've probably heard by now about how the principal of St. Hugo of the Hills school in Bloomfield Hills, Michigan has banned all students at her school from having a MySpace account... even if they're using MySpace from their own homes. Now it looks as if the principal has been something of a hypocrite: here's Sister Margaret Van Velzen's MySpace page!"
Education

Submission + - How the BBC Micro Educated Britain

Gammu writes: Unlike the North American computer market in the late seventies and early eighties, Britain was largely dominated by domestic companies. Beginning with the early eighties, the BBC selected a computer that schools schools would use for more than a decade, not unlike the Apple II, the BBC Micro. The computer was the BBC Micro and was the subject of a massive computer literacy program in Britain and the Commonwealth.
Censorship

Submission + - YouTube banned nationwide in Turkey

unity100 writes: "As of 07.03.2007, access to YouTube.com has been banned nationwide in Turkey through the nations' one and only internet backbone provider, Turkish Telecom, in accordance with decision no: 2007/384 dated 06.03.2007 of Istanbul First Criminal Peace Court.

The reason for this court's decision is a recent video that has been published on YouTube.com recently which is said to be insulting Turkish Republic's founder, Mustafa Kemal.

Curiously, this follows on the heels of a 3-4 month long campaign by the ruling party and the media supporting them against the freedom in the internet, citing "internet needs to be 'straightened up'".

All internet users nationwide are met with the below message that apparently emanates from Turkish Telecom DNS server or access filters :

"Bu siteye eriim mahkeme kararyla engellenmitir !...

www.youtube.com sitesine eriim stanbul 1. Sulh Ceza Mahkemesi'nin 2007/384 say ve 06.03.2007 tarihli karar gerei engellenmitir.

Access to www.youtube.com site has been suspended in accordance with decision no: 2007/384 dated 06.03.2007 of Istanbul First Criminal Peace Court.""
Security

Submission + - ISS founder's next act: 3D world for average Joes

BobB writes: "Chris Klaus, the brains behind ISS, the security company IBM bought out last year for more than $1 billion, is now heading up a virtual world web site he says is for the average Joe. He's already got 100K registered users, mostly women, and it's still in beta. "We have created an environment for people to come in and have fun. They can create their characters, visit theaters, go to the mall, hang out at coffee shops — anything that you can do in the modern-day world." http://www.networkworld.com/news/2007/022707-iss-3 d-ibm-buyout.html"
Upgrades

Submission + - Swiftness of Dow Drop Due to Computers

An anonymous reader writes: Sorry I dont know where to file this but "A computer glitch triggered a sudden plunge in the Dow Jones industrial average at mid-afternoon Tuesday, turning an already bad day in stocks into a head-turning spectacle. Dow Jones & Co., the media company that manages the well-known index of 30 blue chip stocks, said it discovered shortly before 2 p.m. that its computers weren't properly handling the day's huge volume in trades at the New York Stock Exchange. It switched to a backup computer, and the result was a massive swoon in the index as the secondary system took over processing shortly before 3 p.m. " Interesting how NAsdaq, which uses Microsoft SQL didnt have any issues http://www.ibtimes.com/articles/20070228/dow-jones -computers.htm
Announcements

Submission + - Australia Outlaws Incandescent Lightbulb

passthecrackpipe writes: "The Australian Government is planning on making the incandescent ligtbulb a thing of the past. In three years time, standard lightbulbs will no longer be available for sale in the shops in Australia (expect a roaring grey market) and everybody will be forced to switch to more energy efficient Fluorescent bulbs. In this move to try and curb emissions, the incandescent bulb — which converts the majority of used energy to heat rather then light — will be phased out. Environmental groups have given this plan a lukewarm reception. They feel Australia should sign on to the Kyoto protocol first. (Article in Dutch). A similar plan was created together with Phillips, one of the worlds largest lighting manufacturers. What do other slashdotters think? Is this a move in the right direction? Will this boost the development of better fluorescent bulbs? Improve the design and lower the costs of LED lightbulbs? Will this plan make a big difference to the environment at all?"
Spam

Submission + - Fight Image Spam With FuzzyOCR And SpamAssassin

hausmasta writes: "This tutorial describes how to scan emails for image spam with FuzzyOCR. FuzzyOCR is a plugin for SpamAssassin which is aimed at unsolicited bulk mail containing images as the main content carrier. Using different methods, it analyzes the content and properties of images to distinguish between normal mails (ham) and spam mails. FuzzyOCR tries to keep the system load low by scanning only mails that have not already been categorized as spam by SpamAssassin, thus avoiding unnecessary work.

http://www.howtoforge.com/fight_image_spam_with_fu zzyocr_spamassassin"
Software

Submission + - Apple's Open Calendar Server vs Microsoft Exchange

DECS writes: Apple is leveraging the power of open source development in a new effort to directly target Microsoft Exchange Server. The new standards based, open source Calendar Server will debut this year with Leopard Server; the source itself is already available at MacOSForge.org under the Apache 2.0 license. Rather than trying to copy Microsoft's tools, Apple is building its own vision of collaborative workgroup services. Why Apple is offering a calendar server might come as a surprise. Apple's Open Calendar Server vs Exchange Server puts Apple's efforts in the context of existing collaboration software, from IBM's Lotus Notes, to Novell's GroupWise, Microsoft's Exchange, MeetingMaker and others.
The Almighty Buck

Submission + - Amazon asserts right to adjust prices after sale

An anonymous reader writes: On December 23, Amazon advertised a "buy one get one free" sale on DVD boxsets, but did not test the promotion before going live. When anyone placed two boxsets in their cart, the website gave a double discount — so the "grand total" shown (before order submission) was $0.00 or something very small. Despite terms stating that Amazon checks order prices before shipping, Amazon shipped the vast majority of orders. Five days later (December 28), after orders had been received and presumably opened, Amazon emailed customers advising them to return the boxsets unopened or customers' credit cards would be charged an additional amount. (You can read more threads about this here and here.) Starting yesterday, Amazon has been (re)charging credit cards, often without authorization. On Amazon's side, they didn't advertise any double discount, and the free or nearly-free boxsets must have cost them a mint. But with Amazon continually giving unadvertised discounts that seem to be errors, is "return the merchandise or be charged" the new way that price glitches will be handled?
Security

Submission + - Security Researchers Targeted by DDoS Malware

httptech writes: "Recently I was targeted for a DDoS attack by a custom-compiled DDoS trojan. During the course of my investigation into the attack, I not only learned which malware author was behind the attack, but that similar attacks have been taking place targeting anti-rootkit developers and anti-spam researchers- particularly those involved in exposing pump-and-dump stock spam. Though similar in nature, the attack patterns are different, meaning there seems to be a growing trend among a few virus authors/stock spammers to try and silence those who stand in the way of their profits."
User Journal

Journal Journal: Captain Copyright Expires 114

The Canadian superhero Captain Copyright has finally expired, not due to pirates, but because "the current climate around copyright issues will not allow a project like this one to be successful." The cartoon was intended to provide an education in copyright law for children, but it became a focus for criticism when even the Canadian Library Association condemned it for lacking of balance in how it ignored issues like Fair Dealing (Canada's v

Privacy

Submission + - Congressman calls for email and IM monitoring

An anonymous reader writes: vnunet.com covers a story on a bill introduced to the US House of Representatives that would require ISPs to record all users' surfing activity, IM conversations and email traffic indefinitely. ynot.com has the same story.
IBM

Submission + - IBM launching an open desktop solution

DJ_Maiko writes: "IBM just announced their intent to release an open desktop solution which they're calling "Open Client Offering." The new offering will make it possible for big businesses to present their employees with a choice of running Linux, Macintosh or Windows software on desktop PCs, using the same underlying software code, which will cut the cost of managing Linux or Apple relative to Windows. If this project succeeds, it will make it unnecessary for companies to pay Microsoft for licenses for items that don't rely on Windows-based software. IBM plans to also roll this out in-house to 5% of their 320,000 employees worldwide. This sure seems like a promising endeavor.

From the article:
  "We worked with the open source community and found a way to write software once that will work regardless of operating system. It will run on Windows, Macintosh or Linux," said Scott Handy, IBM's vice president of Linux and open source.

So what do you guys think, will this (finally) displace Windows as the flavor du jour in the business marketplace?"

Slashdot Top Deals

grep me no patterns and I'll tell you no lines.

Working...