Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Security

Adobe Security Team Accidentally Posts Private PGP Key On Blog (arstechnica.com) 60

A member of Adobe's Product Security Incident Response Team (PSIRT) accidentally posted the PGP keys for PSIRT's email account -- both the public and the private keys. According to Ars Technica, "the keys have since been taken down, and a new public key has been posted in its stead." From the report: The faux pas was spotted at 1:49pm ET by security researcher Juho Nurminen. Nurminen was able to confirm that the key was associated with the psirt@adobe.com e-mail account. To be fair to Adobe, PGP security is harder than it should be. What obviously happened is that a PSIRT team member exported a text file from PSIRT's shared webmail account using Mailvelope, the Chrome and Firefox browser extension, to add to the team's blog. But instead of clicking on the "public" button, the person responsible clicked on "all" and exported both keys into a text file. Then, without realizing the error, the text file was cut/pasted directly to Adobe's PSIRT blog.
United States

Aftermath From The Net Neutrality Vote: A Mass Movement To Protect The Open Internet? (mashable.com) 132

After Thursday's net neutrality vote, two security guards pinned a reporter against a wall until FCC Commissioner Michael O'Rielly had left the room, the Los Angeles Times reports. The Writers Guild of America calls the FCC's 2-to-1 vote to initiate a repeal of net neutrality rules a "war on the open internet," according to The Guardian. But the newspaper now predicts that online activists will continue their massive campaign "as the month's long process of reviewing the rules begins." The Hill points out that Mozilla is already hiring a high-profile tech lobbyist to press for both cybersecurity and an open internet, and in a blog post earlier this week the Mozilla Foundation's executive director sees a larger movement emerging from the engagement of millions of internet users. Today's support for net neutrality isn't the start of the Internet health movement. People have been standing up for an open web since its inception -- by advocating for browser choice, for open source practices, for mass surveillance reform. But net neutrality is an opportunity to propel this movement into the mainstream... If we make Internet health a mainstream issue, we can cement the web as a public resource. If we don't, mass surveillance, exclusion and insecurity can creep into every aspect of society. Hospitals held hostage by rogue hackers can become the status quo.
Meanwhile, The Guardian reports that it's not till the end of the FCC's review process that "a final FCC vote will decide the future of internet regulation," adding that however they vote, "court challenges are inevitable."

Submission + - Senator Paul stands for over ten hours in Senate over NSA bulk data collection. (aljazeera.com)

An anonymous reader writes: Sen. Rand Paul held up a vote on the Fast Track Authority for a eleven hour dissertation on the flaws of the Patriot Act, the replacement the USA Freedom Act, bulk data collection including credit card purchases, the DEA and IRS's use of NSA intel. for "parallel construction", warrant-less GPS bugs on vehicles, as well as the important distinction of a general warrant v a spacific one.

The memes that have been created are clever too, "I don't normally take over C-Span2, but when I do -people watch C-Span2." Of course, the expected #StandWithRand and posting selfies with people actually watching C-Span2.

Intel

US-CERT Discloses Security Flaw In 64-Bit Intel Chips 181

Fnord666 writes "The U.S. Computer Emergency Readiness Team (US-CERT) has disclosed a flaw in Intel chips that could allow hackers to gain control of Windows and other operating systems, security experts say. The flaw was disclosed the vulnerability in a security advisory released this week. Hackers could exploit the flaw to execute malicious code with kernel privileges, said a report in the Bitdefender blog. 'Some 64-bit operating systems and virtualization software running on Intel CPU hardware are vulnerable to a local privilege escalation attack,' the US-CERT advisory says. 'The vulnerability may be exploited for local privilege escalation or a guest-to-host virtual machine escape.'" According to the article, exposed OSes include "Windows 7, Windows Server 2008 R2, 64-bit versions of FreeBSD and NetBSD, as well as systems that include the Xen hypervisor."
China

China Telecom Companies Pledge To Stop Monopolistic Practices 68

hackingbear writes "China's two telecommunications giants, China Telecom and China Unicom, announced Friday they will substantially raise their broadband speeds while further lowering broadband costs by 35% over the next five years. They also acknowledge the existence of monopolistic practices in reply to a recently launched investigation, which is the first of its kind against major Chinese state-owned enterprises. Being state-owned companies, their profits supposedly belong to the nation, but they have also become 'golden rice bowls' for their management and employees, and their supervising departments and officials." If the Chinese government would like to investigate these companies' monopolistic behavior, I have a suggestion on where to start looking.
United States

Oil May Be Finite, But U.S. Production Is Ramping Up 745

Hugh Pickens writes "The WSJ reports that the discovery of the gigantic and prolific Bakken oil fields of Montana and North Dakota have already helped move the U.S. into third place among world oil producers, and according to Harold Hamm, CEO of Continental Resources, the 14th-largest oil company in America, if fully developed the field in Bakken contains 24 billion barrels, doubling America's proven oil reserves. One reason for America's abundant supply of oil and natural gas has been the development of new drilling techniques, including 'horizontal drilling,' which allows rigs to reach two miles into the ground and then spread horizontally by thousands of feet." Not surprisingly, Hamm considers some of the current administration's loans and subsidies for alternative energy ventures to be misplaced.
Government

German Government's Malware Analyzed 162

First time accepted submitter lennier1 writes "The German hacker group CCC (Chaos Computer Club) has analyzed a piece of malware the German government uses in criminal investigations to spy on a suspect's computer. I'm sure we're all surprised that it's opening security holes for third parties, and violates a related court verdict (and several laws in general)."

Comment Re:VAC (Score 2, Interesting) 203

They decided to use VAC instead of Punkbuster on the PC. Like many of their decisions, this one wasn't well thought out.

I personally feel that the only system I have seen so far with a reasonable rate of success is dedicated servers with some sort of permaban of accounts caught cheating. While by no means a perfect system; my personal experience (with TF2 as that is the only FPS game besides MW2 I have played over the last few years) was that I found a gaming site that ran servers for a variety of games. An extended group of people frequented those servers, creating a community of sorts, and I personally never had much problems with cheaters (that I can recall). Either they were banned/kicked swiftly and effectively, or they never logged on that particular set of servers; or possible a combination of the two. Though it should be mentioned that over the last two weeks, or so, of playing Modern Warfare 2 I haven't really seen a lot of players that I could confidently claim were cheating; though I have seen a few that were ridiculously good. Perhaps that is just me not really paying attention.

Cheating or no cheating, sales or no sales, I personally feel that despite Modern Warfare 2 being a really great game at its core, I won't be playing much more than I have; as it really feels impersonal when all the other players are random. And there is no forum for me to hang around talking some trash between matches and evenings. This of course isn't helped by the fact that Iwnet seem to have about a 30% (number I pulled out of my behind but it is how I have experienced it so far) failrate; disconnects, game closings, kicked from a lobby before you have connected to it, random ping, and people leaving games because a map comes up that they don't want to play (Highrise and Estate seem to see half the "group" leave when they come into rotation) leading to lobby's closing most of the time.

Comment Re:Maximum jobs for citizens breaks capitalism (Score 1) 23

Capitalism cannot work with maximum jobs for citizens, because the "maximum jobs for citizens" means 100% employment, which means that a company cannot just simple fire you and hire someone else...
 
Exactly my point- which is the economy as the slave to mankind, not mankind as slave to the economy.
 
  The problem is that people model the economy under various assumptions, and those assumptions may be entirely false. So, both capitalism and communism look great on paper, because of the assumptions made by the modeler.
 
It's not just the assumptions, it's the ethics. Put the profit motive above ethics, and just about anything evil becomes inevitable.
 
  However, real life sucks. In truth, people work in an economy because they pretty much have to. If that economy is designed, or based on the principles that its citizens serve the economy then it will begin to exploit the "captive market" of workers. This can be true of any system, capitalism or communism.
 
That is true. Thus, the definition one needs to change, is real life.

Comment Re:Ugggh (Score 1) 219

Hear, hear. I saw this when I was stationed at Tinker AFB.

Military hanger(s): spotless, orderly, tools and equipment in good working order, work mostly done by E-3s with (light) non-commissioned supervision.

Contractor hanger: dirty, bird-shit infested, disorderly, with most work done by guys making $60k who sat on their asses as much as possible. Both sides used and maintained the exact same class of aerospace ground equipment.

Needless to say, when the boys in suits (whom we grunts referred to as "office fairies" back then) start talking about "public-private partnerships" and "contracts," it's time to duck for cover.

Space

Submission + - White House Panel Seeks Input On Spaceflight Plans (nasa.gov)

Neil H. writes: The Augustine Commission, commissioned by the White House and NASA to provide an independent review of the current US human spaceflight program and potential new directions, is seeking public input on a document describing the preliminary beyond-LEO (Low Earth Orbit) exploration scenarios they're analyzing. The destination-based scenarios, designed with NASA's current budget in mind, range from a Lunar Base (essentially NASA's current plan), to "Mars First" (human exploration of Mars ASAP), to "Flexible Path" (initially focused on several destinations in shallow gravity wells, such as Lagrange points, near-Earth asteroids, and the Martian moon Phobos). The Commission is also seeking input on the issues of engaging commercial spaceflight, in-space refueling, and coordinating human and robotic exploration.

Comment Re:The Definition of "Design" (Score 1) 434

I'll concede that point. After doing some research (avoiding MSM sites, thanks), it's pretty clear that the people in charge of the city and state failed in their duties. Perhaps they were skeptical of "whitey" from the federal government, or perhaps they just didn't care as long as their own families and friends were OK.

As for the death of the girl in the SuperDome, and the conditions there generally, I can only trust the eyewitness account of a good friend.

That doesn't negate the responsibility of people to take care of themselves, however.

Comment Re:The Definition of "Design" (Score 1) 434

I had friends in the Superdome during Katrina. There was no water or food. A young girl was raped and killed in a bathroom; her neck was snapped. My friends, who were from England and New Zealand, had to get together with other white people to form a small circle where they could huddle without being harassed. There was a lot of anger against whites in that place, which is understandable considering that the wealthier (presumably white) parts of the city had left these people behind without the consideration you would show a dog.

Thousands of people were huddled together in the Superdome like animals for days with no food, water or law enforcement. You clearly have no idea what you're talking about.

Slashdot Top Deals

Many people are unenthusiastic about their work.

Working...