Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Government

Submission + - Australia ratifies Kyoto (bbc.co.uk)

An anonymous reader writes: From BBC news:

Australian Labor Party leader Kevin Rudd has been sworn in as prime minister, following a landslide victory in parliamentary elections last week. Immediately after the ceremony, he signed documents to ratify the Kyoto Protocol on climate change, reversing the previous administration's policy.
http://news.bbc.co.uk/2/hi/asia-pacific/7124236.stm

Security

Submission + - eBay Still Has Login Vulnerabilities?

Atario writes: "This morning I checked my email to find several apparent eBay-alike spam messages in my Inbox. This reminded me that I needed to leave feedback for something on the actual eBay. So I went there, only to find that I could no longer log in. Long story short, I realized that those "fake" eBay emails were the real thing — and were sent from my eBay account! Horrified, I contacted their help people and got my password reset, and some mass eBay emails following up to those who had been spammed, saying that I hadn't done it. Going to my account, I saw that the attackers had sent a "visit our happy and good-spirit Chinese web site and buy electronics" spam to 30 different people. (Only the first six came to me, because those used a general "contact an eBay-er" mechanism, whereas the rest used a "ask seller a question" one; apparently the latter doesn't automatically send you a copy in email automatically.) At any rate, whoever this was was able to change my password and send messages as me; this, to me, implies that they were able to crack my password and log in as me. This would mean either (1) inside job with DB access or (2) eBay is vulnerable to brute-force login-attempt attacks, which is something so easy to defeat (increasing attempt delays), they would need to be ashamed for about aleph-null years were this the case. So, what does Slashdot think: eBay is infested with Chinese spammers as employees, or they can't get security minimally right after all these years?"
Space

Submission + - NASA, Russia test sex in space (guardian.co.uk) 1

azuredrake writes: According to The Guardian, both NASA and the Russian space agency have tested the feasibility of sex in space with human astronauts as the so-called "guinea pigs". While the purpose behind this research was to ascertain whether families could be sent on colonization missions together in zero-g, it's still amusing to think that two humans were sent up into space with government funding to copulate repeatedly on video. Of course, leave it up to the American government to come up with a mission codename like "STS:XX".
Google

Submission + - Flaw in GMail message routing? 1

manoffoo writes: "I was signing up for a TV channel listing service to work with my pvr software and I incorrectly entered my garbage email address of manoffoo978@gmail.com when in fact it's actually man.of.foo978@gmail.com. Upon checking the account I saw that gmail had in fact routed the message. This is a repeatable behavior from other accounts. Makes you wonder if this could be exploited to receive messages intended for someone else."
Businesses

Submission + - An Insider's View of Apple Store Sales Training

Dekortage writes: "FastCompany has a report about the training that would-be Apple Store sales clerks undergo, with some insights as to the "magic" of low-key, high-volume sales movers. "Other workers... explained to customers that they had some questions to understand their needs, got permission to fire away, and then kept digging to ascertain which products would be best. Position, permission, probe. ... At an Apple Store, workers don't seem to be selling (or working) too hard, just hanging out and dispensing information. And that moves a ridiculous amount of goods: Apple employees help sell $4,000 worth of product per square foot per month." Note that Apple just beat analysts' quarterly profit estimates by around fifteen percent, and now has a market cap bigger than IBM's."
GameCube (Games)

Submission + - Setting up a wargame server

zeridon writes: "I am touting at the moment with setting up a Wargame server. The main idea being to educate users in risks and treats of security, research, reverse engineering and such.
Typical examples of wargame servers are the ones from Pullthe plug http://www.pulltheplug.org/wargames/

My questions are:

Can you advise on level of complexity? — i mainly intend to target medium to advanced users (but unfortunately i hardly make a distinction)
Can you advise on software to be used?
Which environment is better? virtual machines, real machines, some faked simulation?
What forensic tools to be deployed? tripwire and snort are good candidates
Should i record all the generated traffic for later analysis etc?
Have you ever stumbled on a tool/framework/general howto for realizing such service?
Ald finaly Can you propose some subject/theme? — I am kinda tempted to create something based on The Hitchikers Guide To The Galaxy but that's prety distant for the younger people (at least in my country)


And yes, please excuse me for my many questions *WINK*"
The Courts

Submission + - Possession of the Anarchist's Cookbook==Terrorist

Anonymous Terrorist writes: Back in the midsts of time, when I was a lad and gopher was the height of information retrieval I read The Anarchist's Cookbook in one huge text file. Now it appears the UK government considers possession of the book an offence under the Terrorism Act 2000 and is prosecuting a 17 year old boy, in part, for having a copy of the book.
Windows

Windows XP SP3 Build 3205 Released w/ New Features 286

jBubba writes "Windows XP SP3 build 3205 is the first official & authorized release of the next Windows XP service pack; and has been made available to testers as a part of the Windows Server 2008/Windows Vista SP1 beta program. NeoSmart Technologies has the run-down on the included 1,073 patches/hotfixes including security updates. Contrary to popular belief, Windows XP SP3 does ship with new features/components, most of which have been backported from Windows Vista. Some included features: 'New Windows Product Activation model: no need to enter product key during setup. Network Access Protection modules and policies have been brought to XP after being one of the more-well-received features in Windows Vista. New Microsoft Kernel Mode Cryptographic Module - the Windows XP SP3 kernel now includes an entire module that provides easy access to multiple cryptographic algorithms and is available for use in kernel-mode drivers and services. New "Black Hole Router" detection - Windows XP SP3 can detect and protect against rogue routers that are discarding data.'"
Wireless Networking

Submission + - Corporate Encouragement for Sharing Your WiFi

anagama writes: "BT to UK customers: Share your WiFi... please! Conventional wisdom is that one should lockdown wifi, your ISP doesn't want you to share your connection, that person checking email outside the coffee shop ought to be arrested. Here is an alternative model: "BT will encourage its three million broadband users to pick up a FON router and start sharing signals. The router provides two channels: one for public access, and one for access by the owner. The public channel is bandwidth-limited so as not to disrupt the user's own connection. Other "Foneros" can access the public channel for free, while non-Foneros can pay a few dollars a day to use the access points.""
Power

Submission + - GAO report says Energy Star deficient (canada.com) 1

walterbays writes: "The credibility of blue Energy Star labels that consumers use to identify energy efficient TVs and other home electronics could be damaged because many products are tested in standby mode rather than when turned on, while other tests could have been manipulated using computer controls"
Mozilla

Submission + - Thunderbird in crisis?

Elektroschock writes: "The two core developers of Thunderbird leave Mozilla. Scott McGregor made a brief statement: "I wanted to let the Thunderbird community know that Friday October 12th will be my last day as an employee of the Mozilla Corporation." and David blogged "Just wanted to let everyone know that my last day at The Mozilla Corporation will be Oct. 12. I intend to stay involved with Thunderbird... I've enjoyed working at Mozilla a lot, and I wish Mozilla Co and the new Mail Co all the best." I am scared. A few month ago Mozilla management considered to abandon their second product and set up a special corporation just for the mail client. Scott was more or less supportive. David joined in. While Sunbird just released a new version no appropriate resources were dedicated to the missing component. And while Thunderbird became the most used Linux mail client it is abandoned by Mozilla for 'popularity reasons'. Both messages from David and Scott do not sound if they as founders will play any role in the Thunderbird Mail Corporation. What happened to Mozilla? Is it a case of pauperization through donations?"
Security

Submission + - The Race to Secure Citrix Gateways (beskerming.com)

SkiifGeek writes: "After recent posts to the GNUCitizen blog, it seems that some in the Information Security industry have started to pay attention to the inadvertent risks posed by poorly secured and managed CITRIX gateway systems.

While some of the techniques in use are nothing new, it is disturbing that they are still functional after such a long period of time (going on 5 years) and so many systems offer up information so easily. With a number of .mil, .edu, and .gov sites identified as highly likely candidates for successful attack, the race will be on to secure them before the hackers start knocking."

Slashdot Top Deals

Why won't sharks eat lawyers? Professional courtesy.

Working...