Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Russian Triumph of Tackiness- the Holocaust on Ice (thejewniverse.com)

Lew Lorton writes: For Saturday night's episode, the Russian celebrity competition show, Ice Age, will feature a Holocaust-themed ice-dancing performance. Although is is allegedly inspired by 'Life is Beautiful', there are some diversions from reality. The star, former Olympian Tatiana Navka, wears concentration-camp stripes and yellow stars (without the label Jood or Juif) but she wears a non-standard, by concentration camp rules, skirt — to make skating tricks easier, I imagine. And of course, 13 million Jews, gypsies, Poles and others don't die.

Comment Re:If you can touch it, you can own it (Score 1) 89

Which is of course not true if "own it" means "access data encrypted with a strong key and a non-trivial-to-brute-force password".

Not true. The kernel and initramfs itself need to be stored in cleartext (or else, how would the machine boot?). So, the exploiter would proceed as follows:
1. Use the vulnerability to get a root shell
2. Doctor a couple of scripts to log encryption password, or to inject a script into the root once encryption password has been entered.
3. Use cpio and bzip to build a new initramfs from the image in memory
4. Write that image to the appropriate part of the (cleartext) boot partition.
5. Log off, go away, and wait for a legitimate admin to log in, triggering the booby trap.

Comment Re:Known this for some time: with proof. (Score 1) 115

Blocking that /12 will unfortunately block hundreds of thousands of "perfectly legitimate" sites... essentially anyone deigning to use AWS. Kontera just happens to be one of the users.

Well, it's not as if this was any surprise. The WOT issue has been in the news for several days already, and apparently Amazon has not "deigned" to to do anything about it yet. Indeed both still reverse resolve to kontera.com... or did Amazon actually kick Kontera, but just forgot to update their name server?

When choosing a cloud provider, smart users also consider the provider's reactivity, and his willingness to protect his legitimate customers' reputation and Amazon indeed seems to be lacking in this area...

Comment Re:Known this for some time: with proof. (Score 1) 115

Just out of curiosity, I checked the web server logs for this user agent on 3 servers that I administer, and indeed I found a number of accesses using this user agent on all 3 of them (but in our case unfortunately none that are obviously not public knowledge). The most frequent IP (91 accesses) using this user agent was 52.71.155.178 and this is indeed nat-service.aws.kontera.com. This was followed ex aequo by 54.209.60.63 (also nat.aws.kontera.com) and 99.63.100.174 (99-63-100-174.lightspeed.bcvloh.sbcglobal.net)

All accesses were suspicious, as they are obvious bots (it only accesses isolated URLs, but never any pictures nor other dependent content such as CSS), yet they masquerade as a interactive user agent (Mozilla on Macintosh).

I promptly lodged a complaint at abuse@amazonaws.com.

I recommend other webmasters do the same (i.e. check your logs, and if you find any similar occurrences, complain loudly to Amazon)

Whois tells that the IP range is 52.64.0.0/12, in case anybody wants to firewall this.

Comment Re:Issue with batteries or with phone design? (Score 1) 110

Batteries have a higher energy density than explosives.

So does pizza.

... and the funny this is that according to Wikipedia it's actually true about pizza, but not about explosives...

Lithium batteries are just behind explosives (TNT, Gunpowder), but far behind foodstuffs (Carbohydrates, Protein, Fat). Look it up!

Comment Re:KEEP CALM (Score 1) 58

For traveling within Europe, the difference between the shitty "old" airlines and the shitty discount airlines is not worth talking about. It really is on long haul you feel the service mindedness or lack thereof. Hate to say it, but in my experience Lufthansa provides the least shitty long haul economy service among the European carriers.

Slashdot Top Deals

HELP!!!! I'm being held prisoner in /usr/games/lib!

Working...