Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Microsoft to drop support for older versions of Internet Explorer (msdn.com)

An anonymous reader writes: After January 12, 2016, only the most recent version of Internet Explorer available for a supported operating system will receive technical support and security updates. For example, customers using Internet Explorer 8, Internet Explorer 9, or Internet Explorer 10 on Windows 7 SP1 should migrate to Internet Explorer 11 to continue receiving security updates and technical support.

Submission + - Synolocker 0 Day Ransomware puts NAS files at risk.

Deathlizard writes: Have a Synology NAS? Is it accessible to the internet? If it is, You might want to take it offline for awile. Synolocker is a 0 day ransomware that once installed, will encrypt all of the NAS's files and hold them for ransom just like Cryptolocker does for windows PC's. The Virus is currently exploiting an unknown vulnerability to spread. Synology is investagating the issue.

Submission + - Chrome's Insane Password Security Strategy

jones_supa writes: One day web developer Elliott Kember decided to switch from Safari to Chrome and in the process, discovered possibly a serious weakness with local password management in Chrome. The settings import tool forced the passwords to be always imported, which lead Kember to further investigate how the data can be accessed. For those who actually bother to look at the 'Saved passwords' page, it turns out that anyone with physical access can peek all the passwords in clear text very easily with a couple of mouse clicks. This spurred a lenghty discussion featuring Justin Schuh, the head of Chrome security, who says Kember is wrong and that this behavior of Chrome has been evaluated for years and is not going to change.

Submission + - Doug Engelbart passes away

lpress writes: If you use a mouse, hyperlinks, video conferencing, WYSIWYG word processor, multi-window user interface, shared documents, shared database, documents with images & text, keyword search, instant messaging, synchronous collaboration, asynchronous collaboration, you can thank Doug Engelbart, who passed away today.
Microsoft

Submission + - Microsoft announces Surface tablet, with kickstand and fold-out keyboard (extremetech.com) 7

MrSeb writes: "At its much-discussed “big unveil” this evening, Microsoft did indeed launch a tablet — but rumors that the device would showcase a Barnes & Noble partnership were misplaced. Instead, Microsoft showed a vision for a next-gen PC that combines the portability of a tablet with a minimalistic fold-out keyboard and integrated kickstand. Microsoft’s idea for the tablet (confusingly called Surface) is a device that integrates a better keyboard option than typing on the screen without adding size or weight. That’s where the new keyboard — which doubles as a screen cover — kicks in. At 3mm thick, it adds virtually nothing to the device’s size, but it opens up a world of inputs. There are two covers available — the Touch Cover (very thin) and the Type Cover (with proper, tactile keys). Microsoft is touting the device’s magnesium body, vapor-deposited construction, full PC functionality, and additional features like being the first tablet to showcase a 2×2 MIMO wireless antenna. Windows RT (ARM) and x86 versions are both in the works, with the x86 version apparently having a higher quality screen. No word on hardware specs yet; Microsoft is claiming it “rivals the best ultrabooks” and uses less power than the Core i5. I'm a little bit dubious on that front — and also dubious about how Microsoft's hardware partners will receive this new, rather competitive offering..."
AMD

Submission + - AMD gives up its share in GlobalFoundries (extremetech.com) 1

MrSeb writes: "Three years ago today, AMD spun off its fab division, in a move the company claimed would allow it to more effectively leverage its assets, inject new capital into the foundry side of the business, and make it more competitive vis-à-vis Chipzilla. Today, that dream is dead. AMD announced today that it would give up its 8.8% equity stake in the company. When AMD created GlobalFoundries in 2009, the company held a 34.2% share in the foundry. The main thing that AMD gains from this deal is manufacturing flexibility. Previously, Sunnyvale had agreed to manufacture 28nm APUs solely with GlobalFoundries. This new agreement voids that arrangement, freeing AMD to work with TSMC and other foundries.. It’s not an agreement that came cheap, though — not only is AMD giving up its 8.8% equity share of GF, it’s agreed to pay the manufacturer some $425 million by the end of Q1 2013. AMD will take a $703M charge against the transaction. It's unclear how this move will pan out. We know AMD killed Krishna/Wichita due to manufacturing problems, Llano limped along for most of 2011, and GF’s problems at 32nm impacted AMD’s ability to sell 45nm chips into the channel. From a macroeconomic perspective, AMD is simply transferring its business to a foundry partner that’s more able to meet its needs. One could argue that AMD’s decision to get out of the foundry business is a logical extension of new-CEO Rory Read’s plan to de-emphasize cutting-edge silicon in favor of SoCs. Time will tell."
Security

Submission + - Stuxnet Analysis Backs Iran-Israel Connection (threatpost.com)

Trailrunner7 writes: Liam O'Murchu of Symantec, speaking at the Virus Bulletin Conference here, provided the first detailed public analysis of the worm's inner workings to an audience of some of the world's top computer virus experts. O'Murchu described a sophisticated and highly targeted virus and demonstrated a proof of concept exploit that showed how the virus could cause machines using infected PLCs to run out of control.

Though most of the conversation about Stuxnet is still based on conjecture, O'Murchu said that Symantec's analysis of Stuxnet's code for manipulating PLCs on industrial control systems by Siemens backs up both the speculation that Iran was the intended target and that Israel was the possible source of the virus. As for Iran, O' Murcho merely pointed to Symantec data that show the country was the source of the most Stuxnet infections. Iran has since blocked communications to Stuxnet's command and control infrastructure, he said.

As for suggestions that Israeli intelligence may have authored the virus, O'Murchu noted that researchers had uncovered the reference to an obscure date in the worm's code, May 9, 1979, which, he noted, was the date on which a prominent Iranian Jew, Habib Elghanian, who was executed by the new Islamic government shortly after the revolution. Anti virus experts said O'Murchu's hypothesis about the origins of the virus were plausible, though some continue to wonder how the authors of such a sophisticated piece of malware allowed it to break into the wild and attract attention.

AMD

Submission + - Oracle looks for more chipmakers to acquire (sfgate.com)

Deathlizard writes: It's looking like the hardware acquisitions aren't over for Oracle. The Second Largest Software company announced at their latest annual meeting that they are looking for another chip manufacture to acquire. Names being thrown around by analysts include AMD, Nvidia, and IBM's Chip division.
Security

Submission + - Second major hole in Linux being exploited in wild

quartertime writes: CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel has been quite a doozy! The bug affects all 64-bit kernels going back to 2.6.26 (and was also backported into RHEL 5's 2.6.18 kernel) and wasn't fixed until last week — shortly before "Ac1db1tch3z" published code to let any local user become root. The exploit works on most versions of Red Hat, Debian and Ubuntu. Several vendors, including Ubuntu and Debian but not Red Hat, have rushed out new kernels to address this bug over the last 2 days. Red Hat's recommended workaround, it turns out, didn't actually close the hole — it just makes the published exploit not work. And Ac1db1tch3z's exploit is more malicious than your typical demo exploit: it leaves a backdoor behind for itself to exploit later even if the hole is patched. Hot-updates vendor Ksplice wrote a tool to see if your system has the backdoor installed (meaning you've been exploited) and has rushed out a "rebootless" patch to plug the hole in advance of Red Hat's own fix.

(Today's earlier article on the H-Online on CVE-2010-3301 incorrectly refers to the workaround Red Hat has recommended for CVE-2010-3081 as a workaround for CVE-2010-3301. The workaround is not effective for either vulnerability.)
Caldera

Submission + - Proof that UNIX code was copied into Linux 6

walterbyrd writes: SCO's ex-CEO's brother, a lawyer named Kevin McBride, has finally revealed the UNIX code that was copied into Linux. Scroll down to the part that reads: "SCO submitted a very material amount of literal copying from UNIX to Linux in the SCO v. IBM case. For example, see the following excerpts from SCO’s evidence submission in Dec. 2005 in the SCO v. IBM case:" There are several links to PDF files that reveal the UNIX code that was copied into Linux.
Space

Submission + - Senators Demand NASA Continue Spending On Ares (orlandosentinel.com)

FleaPlus writes: Senators Richard Shelby (R-AL and ranking member of the appropriations subcommittee handling NASA funding) and Robert Bennett (R-UT) have added an amendment onto an emergency spending bill for military operations in Afghanistan, reiterating that NASA must continue spending its funds on the Constellation program, particularly the medium-lift Ares I rocket. Alabama and Utah have strong ties to Ares/Constellation contractors and both senators are opposed to the new direction for NASA, with Shelby describing it as a 'death march' for US spaceflight and criticizing the emphasis on commercial rockets.

Submission + - HP buys Palm for 1.2 billion (boygeniusreport.com)

philipborlin writes: BGR reports Hewlett Packard today announced that it is acquiring Palm for a cool $1.2 billion, or $5.70 per share of common stock. The acquisition has been approved by the boards of both Palm and HP, but is subject to regulatory approval. All of the regulatory wrangling is expected to be completed by the end of HP’s third quarter which ends July 31, 2010. Palm CEO John Rubinstein is expected to remain at the company in an undisclosed capacity. From the wording within the press release, it appears as if webOS may live on.
Security

Submission + - Detecting critical Apple vulnerability with Nmap (cqure.net) 1

iago-vL writes: Patrik Karlsson, an Nmap developer, released a script today to detect a vulnerability in the Apple Filing Protocol (afp), CVS-2010-0533. This vulnerability is trivial to exploit and allows users to view files outside of public shares. He describes this vulnerability, which he discovered inadvertently while working on the Nmap Scripting Engine (NSE), as "strikingly similar to the famous Windows SMB filesharing vulnerability from 1995." Instructions on how to detect vulnerable systems using Nmap can be found in the post linked above.
Spam

Submission + - New Facebook Attack Tricks Users Into Creating App

adeelarshad82 writes: Websense Security Labs has identified a new malicious Facebook app that takes the art to a new level. Conventional malicious apps can be taken down by Facebook as soon as they know about them. In order to get past that ability, this social engineering trick talks users through the process of building new app themselves. If you run the app and allow it to access your profile and then grant it extended permissions to post messages (because it asks you to), your friends all get spammed with the app too.

Submission + - Obama Plan Privatizes Astronaut Launchings (nytimes.com)

couchslug writes: President Obama will end NASA’s return mission to the moon and turn to private companies to launch astronauts into space when he unveils his budget request to Congress next week, an administration official said Thursday.The shift would “put NASA on a more sustainable and ambitious path to the future,” said the official, who spoke on condition of anonymity. But the changes have angered some members of Congress, particularly from Texas, the location of the Johnson Space Center, and Florida, the location of the Kennedy Space Center.
“My biggest fear is that this amounts to a slow death of our nation’s human space flight program,” Representative Bill Posey, Republican of Florida, said in a statement.

Slashdot Top Deals

The most important early product on the way to developing a good product is an imperfect version.

Working...