Catch up on stories from the past week (and beyond) at the Slashdot story archive

 


Forgot your password?
Close
typodupeerror
×
Security

Submission + - Malicious Websites Can Subvert Personal Routers

Submitted by Apro+im
Apro+im writes: PCWorld is reporting: "If you haven't changed the default password on your home router, do so now. That's what researchers at Symantec and Indiana University are saying, after publishing the results of tests that show how attackers could take over your home router using malicious JavaScript code."

The root of the problem seems to stem from routers allowing GET requests to have side-effects, allowing attackers to change settings and then perform man-in-the middle attacks. Though the story and the linked paper (PDF) claim that routers with changed passwords are immune, a quick experiment shows that routers which use HTTP Authentication can be compromised the same way, if the user has logged into their router earlier in the browser session. Also, though the article says this is a Javascript exploit, it can actually be executed by any tag which allows the inclusion of a "src" element from another domain (e.g., "img").
Google

Submission + - Getting Google's Attention is the American Dream

Submitted by KeepingOnEye
KeepingOnEye writes: It's the American Dream, and I had share it. Kid does something that takes some guts, and Google pays attention. From his blog CanGoogleHearMe.com: "On February 11th, 2007 I'm getting on a plane to fly to Mountain View, California, headquarters of Google, Inc. Once there, I'm going to try to pitch an idea; catch is, I don't have an appointment, they don't know I'm coming, and I'm literally going to be showing up at their door and hoping they give me a meeting.

And if they don't give me one? Then I'm going to sit in their lobby like a spoiled child in hopes that they'll change their mind. :) Every once in a while you have to give an idea a shot, or you spend your entire life passing up ideas that seem just beyond your reach."

Best part? After three days, they talked to him! Gave him a meeting — he's down in Cali. right putting together stuff for a second presentation. Makes you wonder how it'll turn out, but more power to him, in my opinion. Makes reality TV look inconsequential.
Links

Submission + - Free Linux Course for Beginners

Submitted by
Stefan Waidele
Stefan Waidele writes: "Free Linux Course for Beginners
===============================
Feb, 22nd, 2007

LinuxBasics.org, The community that helps people to run Linux, offers
their third free Linux class, An Introduction to Linux Basics.

This course is designed to give a foundation of understanding of Linux
to a beginner who wants to know a little more about the system. More
advanced Linux users will find an opportunity to dig deeper into some
areas they always wanted to know more about or discover gaps in their
knowledge that they didn't know existed.

The study guide used will be LBook, an edited version of Introduction to
Linux: A Hands on Guide by Machtelt Garrels which is distributed under
the GNU FDL. You will need to join the LBo-course mailing list in order
to participate in the course
(http://linuxbasics.org/cgi-bin/mailman/listinfo/l bo-course/).

The class is set to begin on Febuary 22nd. You can also join after that
starting date.

For more information, visit http://www.linuxbasics.org/course/start.

About LinuxBasics.org
=====================
Feb, 15th 2007

LinuxBasic.org (short: LBo) is a community project with the goal to help
people to install and run the Linux^(TM) operating system. It was founded in
May 2004 and is growing ever since.

LBo offers a free Linux Course for beginners, which runs about 6 months
as well as tutorials and links to sites that offer information needed to
install and use Linux. They also run a friendly mailing-list for
Questions that arise when people start using Linux. An IRC-channel
completes the list of things you can find at LinuxBasics.org.

As a community, LBo offers the possibility to get involved. There are
many ways to contribute: You can answer questions on the mailing-list,
you can write a complete tutorial or just a step-by-step documentation
on how you completed a specific task using linux."
Portables

1 Million OLPCs Already On Order 158

Posted by Zonk from the lots-of-happy-kids dept.
alphadogg writes "Quanta Computer has confirmed orders for 1 million notebook PCs for the One Laptop Per Child (OLPC) project. The article goes into some background on the project, and lays out the enthusiastic adoption that the project is seeing overseas. The company estimates they'll ship somewhere between 5 and 10 Million units this year, with 7 countries already signed up to receive units. The machines currently cost $130, but with that kind of volume the original goal of $100 a machine may be viable. Even with the low cost, Quanta expects to make a small profit on each machine, making charity work that much easier."
Privacy

MySpace Not Guilty in Child Assault Case 228

Posted by Zonk from the sanity-in-the-courtroom dept.
An anonymous reader writes "The Washington Post reports that a Texas judge dismissed a $30 million case against MySpace for their role in a child assault case. 19-year old Peter Solis lied about his age on MySpace to gain the confidence of a 13-year old girl. The judge ruled, 'To impose a duty under these circumstances for MySpace to confirm or determine the age of each applicant, with liability resulting from negligence in performing or not performing duty, would of course stop MySpace's business in its tracks and close this avenue of communication.'" What do you think? Good call?
Businesses

Submission + - Nation-wide IT Contractor?

Submitted by
merreborn
merreborn writes: "I work for a small (10 employee) company providing a point-of-sale solution to a chain of a few dozen retailers in the eastern half of the US. We're shipping a server to every store (built in the office from wholesale parts to minimize costs), pre-installed with our software; however, our installation process has grown more complex than the stores (who have no IT staff, nor enough IT work to justify such a position) can handle on their own.

Fedex frequently delivers these servers fairly shaken up — SATA cables rarely stay connected through shipment, and we recently had one show up in Florida with the RAM module knocked completely out of the socket. Sometimes, servers show up unbootable, in ways that are undiagnosable over the phone. We don't have any existing relationships with IT professionals in the areas our stores operate, and they're all hundreds of miles apart from each other, so anyone capable of serving one store is out of range of any others. Most stores "have a guy" in town who handles repairs for them once or twice a year, but they've proven unprofessional and slow, with systems ending up "in the shop" for two months or more for simple issues.

We're looking for some sort of national IT contractor with employees in nearly every state, that we can hold accountable for checking these computers for issues upon arrival, and insuring they're properly installed within a reasonable timeframe — for example, if geeksquad had a better reputation, they might be a candidate.

Does such an organization exist? Or have you developed a better strategy for hardware deployment on a shoestring budget?"
Education

Submission + - Substitute teacher gets 40 years for porn popups

Submitted by alphamugwump
alphamugwump writes: Substitute teacher Julie Amero faces up to 40 years in prison for exposing kids to porn using a classroom computer.
From the Arstechnica article:

Amero was substituting for a middle-school English class and asked the regular teacher permission to use the computer to e-mail her husband. The teacher granted her permission, and asked her not to log him out of the computer. Amero, the self-professed techno-noob, then left the room to use the restroom, and upon her return says that she found several students gathered around the machine looking at a web site. A series of unfortunate events occurred from this point on, resulting in a slew of pornographic pop-ups appearing on the screen. The onslaught continued despite Amero's attempts to close the windows.

According to The Register

When the students told their parents what had happened, they told the administration, who vowed that Julie would never work in the classroom again. But they went further. The 40-year-old substitute teacher was arrested, indicted, tried and here is the kicker on January 5, 2007, she was convicted of four counts of risk of injury to a minor, or impairing the morals of a child (Conn. Gen. Stat. 53-21). Indeed, she was originally charged with exposing 10 children in the seventh grade class to the materials on the internet, but six of the charges were dropped.

I guess "Ambush Porn" really is dangerous.
Announcements

Submission + - Disability groups on OpenDocument Format v1.1

Submitted by
peterkorn
peterkorn writes: "In the person of Curtis Chong, president of the National Federation of the Blind in Computer Science, the "Voice of Nation's Blind" have spoken: "OpenDocument is no longer a thing to be feared." With the release of OpenDocument v1.1 as an OASIS standard, the accessibility issues raised by the members of the OASIS ODF accessibility subcommittee have been fully addressed. See my blog entry for the details, and lots of other quotes about the release of OpenDocument v1.1. (full disclosure: I'm co-chair of the OASIS ODF accessibility subcommittee, and have been involved in Sun's ODF and StarOffice/OpenOffice.org accessibility work, among other things)"
Microsoft

Submission + - Microsoft Outlaws 3rd Party IM Clients

Submitted by Anonymous Coward
An anonymous reader writes: With the latest update to the MSN Instant Messenger client, now called Windows Live Messenger, Microsoft has required all users to sign a new contract which among other things forbids the use of 3rd party instant messenger clients to connect to the MSN messenger service, such as the AJAX Meebo client, Gaim, and Trillian among others. Worth noting, they do provide a list of authorized 3rd party clients, such as Yahoo Messenger, that are allowed access to the service.

Excerpt: "In using the service, you may not use any unauthorized third party software or service to access the Microsoft instant messaging network currently known as the .NET Messenger service."
HP

Submission + - 14 HP Company Secrets from a former employee

Submitted by rob101
rob101 writes: A former Hewlett-Packard worker could barely wait for their non-disclosure-agreement to end so they could spill 14 company secrets to The Consumerist. Full article at the Consumerist. This article details secrets about HP printers, how to get past the voice prompt system, HP cartridges and warranty information.
Databases

Submission + - Master Boot Record Guided Tour

Submitted by IdaAshley
IdaAshley writes: This article explores the Linux boot process from the initial bootstrap to the start of the first user-space application. Along the way, learn about other boot-related topics such as the boot loaders, kernel decompression, and the initial RAM disk. Also take a look at a scheduled chat about the Linux desktop and how it is evolving, including improvements in application interoperability, and desktop graphics.

Slashdot Top Deals

Without life, Biology itself would be impossible.

Close