Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Submission Summary: 0 pending, 24 declined, 2 accepted (26 total, 7.69% accepted)

Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Submission + - Where do you host open source projects (for non-developer users)?

StealthHunter writes: I know that github is popular as is Google code, but where do you host open source projects when your primary user base just wants to read webpages and download software? As in, the average person that doesn't want to figure out how to use svn or navigate wiki pages. Google code used to have "downloads" but those have recently been abandoned and github's norm is an awkward "tarball commit" for releases. Is SourceForge really the only option?

Submission + - Do you ever wonder where video game characters go when they die? (continue9876543210.com)

StealthHunter writes: Recycled into another game! At least temporarily. That is the basis of continue?9876543210

"You are a dead, failed video game character wandering the recesses of the Random Access Memory, trying to find peace in the final moments of your existence before being deleted forever...."

This game is full of objects and scenarios that have deeper meanings. Can you identify the system bus, the creation of null pointers in the vimeo trailer?

Yes, it runs on Linux (and OSX, IOS, and Windows).

Submission + - Browser user-agent triggered backdoor found in D-Link home routers (devttys0.com)

StealthHunter writes: It turned out that just by setting a browsers user-agent to "xmlset_roodkcableoj28840ybtide" anyone can remotely bypass all authentication on D-Link routers. It seems that thttpd was modified by Alphanetworks who inserted the backdoor. Unfortunately, vulnerable routers can be easily identified by services like shodanHQ. At least these models may have vulnerable firmware: DIR-100, DI-524, DI-524UP, DI-604S, DI-604UP, DI-604+, TM-G5240.
Security

Submission + - QR code phishing study demonstrates viability of the attack - users ARE curious! (meiji.ac.jp)

StealthHunter writes: QR codes are starting to appear everywhere. The 2D barcode is an easy way to get unauthenticated data into a smartphone, and many apps automatically visit URLs found in QR codes without allowing the user to see the URL first. We attempt to teach users not to click on links, but what about QR codes? A new study shows that people scan QR codes primarily out of curiosity, and that the devices used to scan are unpatched against the latest exploits leaving users fundamentally unprotected.

The work from Carnegie Mellon will be presented at the Workshop on Usable Security in Japan next week. The data collection period strangely correlates with news and Slashdot posts observing such an attack.

Android

Submission + - Study says users (at least a set that thinks about security) prefer Android (pcmag.com)

StealthHunter writes: The survey, conducted by av-comparatives, asked 5000 users questions about browsers, mobile OS, etc. "The survey also asked about preferred mobile operating systems and preferred browsers. Android took 51 percent of mobile users, Symbian 17 percent, and iOS/Apple 17 percent. The report notes that the dominance of Android means it will remain the biggest target for malware."

This survey doesn't quite match recent market-share numbers by Neilson which shows 52% Android, 34% iOS, and 8% BlackBerry.

Security

Submission + - Breakthrough silicon scanning discovers hardware backdoor in military ASIC chip (cam.ac.uk) 3

StealthHunter writes: Cambridge researchers found a hardware backdoor after discovering additional functionality in the JTAG (hardware debugging / programming) interface. While such attacks have been theorized, this is thought to be the first real-world instance. The vulnerable product is the Actel ProASIC3, and, since the backdoor is in the hardware, there is no patch other than to physically replace the chip.
Security

Submission + - Linux update that looks like a redacted CIA doc (fedoraproject.org)

StealthHunter writes: When did updates start looking like recently unclassified and fully redacted documents? This recent update to the Fedora distribution leaves quite a bit to the imagination to the reader. Security folks may advise "apply security patches in a timely manner" while others may go a step further and say "read about what the patch does and consider the impact to the system before applying it." What is somebody supposed to do with this patch? Fav part: (See also _______)
Android

Submission + - Android SDK updates, GoogleTV Market on the way (blogspot.com)

StealthHunter writes: In a note to registered Developers Google reannounced Android Market is coming to Google TV. "With the update coming later this summer, we want to give you the tools to start building now using theGoogle TV add-on for the Android SDK." After a Honeycomb update (pending) "the add-on will let you emulate Google TV and build apps using the standard Android SDK tools. We're also releasing APIs for TV interaction. Currently, Google TV emulation is supported on Linux with KVM only.

Submission + - SANS sends readers to .ch site for US scholarships (sans.org)

StealthHunter writes: sans suggests sending folks to www.uscc.org in order to get info on cyber security talents and help get an inside track on the coolest jobs in cyber space, the funny part is that www.uscc.org directs browsers to uscc.ch!

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Do you know any college kids who are good at cyber security and go to
school in New York, Delaware, or California? If yes they can get an all
expenses paid scholarship to cyber camps this summer that could give
them an inside track to the coolest jobs in the coolest places in cyber
security. Send them to www.uscc.org. That's also where you will find
data on how cyber-security-talented high school kids all over the
country can qualify for full four year college scholarships (with summer
internships).

                                                                        Alan

Slashdot Top Deals

Help fight continental drift.

Working...