Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Comment Re:Come on Sony! (Score 1) 508

I never said that. I said that this one attack vector, which is rather easy to defend against, is so far only present in the PS3. Sony screwed up with their encryption implementation, in such a way that the private key used to digitally sign official software was able to be reverse engineered. This means that anyone can now create software that the PS3 thinks is legitimate, and the only way to fix this is to change the keys used, invalidating each and every single game sold for the PS3 to date. And no jailbreaking is necessary for a PS3 to be open to this attack, since with the private key, anyone can make software for the PS3 that is indistinguishable from a trusted, Sony-approved game.

No other company I know has screwed up this badly, or even just let their private key be leaked, and Microsoft is certainly not one of them. The XBox, Windows, Linux, the Wii, etc. and even the PS3 are attackable in a lot more ways, but they'll be trickier, and almost certainly involve jailbreaking.

Comment Re:Mike (Score 1) 508

"Produce this for money" What? Are you saying that GeoHot is somehow benefiting financially from this purely software crack that is both released by them for free, and doesn't require any modification to the PS3 itself, software or hardware? "What he does with his PS3 is his right, when he releases that to others it is no longer within his legal rights." So one can hack and pirate and cheat at all the games one wants, so long as one doesn't tell anyone else how one did it? Even Sony disagrees with you on both parts, there.

Comment Re:Poorly Defended? (Score 1) 508

As is repeated in many other posts here, it lasted so long because the people who actually had the skills necessary to crack the system weren't trying to until Sony got rid of OtherOS. Even if you don't agree with that premise, the group that found and released the private keys have themselves stated that they didn't start any real efforts to crack the PS3 until OtherOS was removed via firmware update.

Comment Re:Come on Sony! (Score 1) 508

Sadly, in all likelihood, no-one will ever be able to do this to the Xbox360 - get the private key for signing software, that is. The only reason they got it on the PS3 was because the Sony developers responsible for the encryption implementation screwed up royally, rendering the PS3's software signing system not much more effective than security by obscurity. And now they're trying to use the law to make up for their monumental failure in implementing a relatively simple system that all their competitors had no problems with...

Comment Re:What? (Score 1) 257

Search for 'GOOG'. Top of the page is the finance service result for GOOG, with links to Google Finance, Yahoo, MSN, and etc., with the fancy graph underneath. The first search result is the Yahoo Finance page for GOOG, and the second is the Google Finance page for GOOG, both of which were linked in the list of sites in the finance service result at the top of the page.

Fedora Project Drops SQLNinja 'Hacker' Tool 159

simonb writes, "In what can only be described as a fit of insanity, the Fedora Board have declared a 'hacker tool' not fit for entry into their software repositories. Today your SQL injection tools, tomorrow your nmap?" The Register links the Fedora board's meeting minutes. From the story: "The move came on Monday in a unanimous vote by the Fedora Project's board of directors rejecting a request that SQLNinja be added to the archive of open-source applications. It came even as a long list of other hacker tools are included in the bundle and was harshly criticized by some security watchers. 'It seems incredibly short sighted to reject software based on perceived legal usage,' said Jacob Appelbaum, a full-time programmer for the Tor Project. 'They have decided to become judges of likely usage based on their own experience. That is a path of madness.' ... [T]he board unanimously decided to add a new statement to Fedora's legal guidelines concerning the inclusion of hacking tools. ... Smith said the language is intended to clarify its stance on a class of software that can be used both to secure and penetrate protected networks."

Comment Re:Not quite (Score 2, Interesting) 203

I myself have gotten it working under Ubuntu 9.04 and 10.04 with minimal hassle. Worked straight out of the box aside from sound, but I honestly just experimented with audio output selections in Wine config for a few minutes, and it worked after that. Performance was comparable to that on my Windows machine, to boot. And I'm confident that any students using Linux on their school laptop are comfortable enough with it to figure out most issues they may come across.

Attacking Game Consoles On Corporate Networks 79

A pair of security researchers speaking at DefCon demonstrated how video game consoles, which are becoming increasingly common break room or team-building toys, can open vulnerabilities in corporate networks. "[They] found that many companies install Nintendo Wii devices in their work places, even though they don’t let you walk into the company with smartphones or laptops. (Factories and other sensitive work locations don’t allow any devices with cameras). By poisoning the Wii, they could spread a virus over the corporate network. People have a false sense of security about the safety of these game devices, but they can log into computer networks like most other computer devices now. In the demos, the researchers showed they could take compromised code and inject it into the main game file that runs on either a DS or a game console. They could take over the network and pretty much spread malware across it and thereby compromise an entire corporation. The researchers said they can do this with just about any embedded device, from iPhones to internet TVs."
Social Networks

Cow Clicker Boils Down Facebook Games 237

mjn writes "Game designer and academic Ian Bogost announces Cow Clicker, a Facebook game implementing the mechanics of the Facebook-games genre stripped to their core. You get a cow, which you can click on every six hours. You earn additional clicks if your friends in your pasture also click. You can buy premium cows with 'mooney,' and also use your mooney to buy more clicks. You can buy mooney with real dollars, or earn some free bonus mooney if you spam up your feed with Cow Clicker activity. A satire of Facebook games, but actually as genuine a game as the non-satirical games are. And people actually play it, perhaps confirming Bogost's view that the genre of games is largely just 'brain hacks that exploit human psychology in order to make money,' which continue to work even when the users are openly told what's going on."

Comment Re:Just in case you were wondering why... (Score 1) 414

And I suppose you'd also recommend against getting Half-Life 2 for the same reasons? It's three games because Starcraft II has three games worth of campaign content. ~30 missions in each case, just like the original SC+BW. It's also been noted that Heart of the Swarm and Legacy of the Void will be priced as expansions, not full games. I'd also suspect that since all three are being developed at once, playing SC2 on Battle.net won't be segregated into groups based on which expansions you have, as compared to the original SC+BW, so if you're only interested in multiplayer, you won't have to ever buy the expansions.

Slashdot Top Deals

"All the people are so happy now, their heads are caving in. I'm glad they are a snowman with protective rubber skin" -- They Might Be Giants