Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?

Submission Summary: 0 pending, 8 declined, 5 accepted (13 total, 38.46% accepted)

Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Submission + - Scientiifc study details should not published per

Morty writes: The NSABB (National Science Advisory Board for Biosecurity) has recommended that details of two research papers involving Avian Flu not be published because of security concerns. At least one of the research groups says that their work should be logically reproducible. The NSABB's censorship recommendations do not (currently) have the force of law, but Science and Nature voluntarily delayed publication.

Submission + - DNS rebinding attacks: multi-pin variant

Morty writes: DNS rebinding attacks can be used by hostile websites to get browsers to attack behind firewalls, or to attack third parties. Browsers use "pinning" to prevent this, but a paper describes so-called multi-pin vulnerabilities that bypass the existing protections. Note that, from a DNS perspective, this is a "feature" rather than an implementation bug, although it's possible that DNS servers could be modified to prevent external sources from being able to point at internal resources. Also note that use of noscript to block javascript, java, and flash should also work around this.

Slashdot Top Deals

It is not for me to attempt to fathom the inscrutable workings of Providence. -- The Earl of Birkenhead