Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Anti Geohack Patent? (blogspot.com)

Jesterace writes: Recently a new patent by a SONY employee was published on the patent site at faqs.org. It seems it is SONY's answer for Geohot's progress. Take a look here:

"A method, system, and computer-usable medium are disclosed for controlling unauthorized access to encrypted application program code. Predetermined program code is encrypted with a first key. The hash value of an application verification certificate associated with a second key is calculated by performing a one-way hash function. Binding operations are then performed with the first key and the calculated hash value to generate a third key, which is a binding key. The binding key is encrypted with a fourth key to generate an encrypted binding key, which is then embedded in the application. The application is digitally signed with a fifth key to generate an encrypted and signed program code image. To decrypt the encrypted program code, the application verification key certificate is verified and in turn is used to verify the authenticity of the encrypted and signed program code image. The encrypted binding key is then decrypted with a sixth key to extract the binding key. The hash value of the application verification certificate associated with the second key is then calculated and used with the extracted binding key to extract the first key. The extracted first key is then used to decrypt the encrypted application code."



Submission + - SPAM: How Wi-Fi attackers are poisoning Web browsers

alphadogg writes: Public Wi-Fi networks such as those in coffee shops and airports present a bigger security threat than ever to computer users because attackers can intercede over wireless to "poison" users' browser caches in order to present fake Web pages or even steal data at a later time.That's according to security researcher Mike Kershaw, developer of the Kismet wireless network detector and intrusion-detection system, who spoke at the Black Hat conference. He said it's simple for an attacker over an 802.11 wireless network to take control of a Web browser cache by hijacking a common JavaScript file, for example.

"Once you've left Starbucks, you're owned. I own your cache-control header," he said. "You're still loading the cache JavaScript when you go back to work."

Link to Original Source

Submission + - Parliament: Record companies "blackmail" users

Kijori writes: "Lord Lucas, a member of the UK House of Lords, has accused record companies of blackmailing internet users by accusing people of copyright infringement who have no way to defend themselves. "You can get away with asking for £500 or £1,000 and be paid on most occasions without any effort having to be made to really establish guilt. It is straightforward legal blackmail." The issue is that there is no way for people to prove their innocence, since the record company's data is held to be conclusive proof, and home networking equipment does not log who is downloading what. Hopefully, at the very least, the fact that parliament has realised this fact will mean that copyright laws will get a little more sane."

Slashdot Top Deals

I'm a Lisp variable -- bind me!