Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - Month of PHP Bugs has started

An anonymous reader writes: The previously announced Month of PHP Bugs has started three days ago here and already lists 8 security vulnerabilities in PHP and PHP related software.

"This initiative is an effort to improve the security of PHP. However we will not concentrate on problems in the PHP language that might result in insecure PHP applications, but on security vulnerabilities in the PHP core. During March 2007 old and new security vulnerabilities in the Zend Engine, the PHP core and the PHP extensions will be disclosed on a day by day basis. We will also point out necessary changes in the current vulnerability managment process used by the PHP Security Response Team."

Submission + - Underwater Tank

pipingguy writes: "XK2, South Korea's latest "home-grown" battle tank was unveiled recently. With only 3 crewmembers, it looks like it depends on an autoloader system as the Russian designs typically do (the American Abrams, British Challenger 2 and German Leopard have a dedicated loader crewmember) and the "active defence system" sounds a lot like the Black Eagle."

Submission + - Saudi oil production in trouble

IamTheRealMike writes: As one of the worlds most prolific producers of oil, Saudi Arabian production is of vital importance to maintaining our standard of living in the west. A new analysis from Stuart Staniford appears to show large, fast declines in production throughout 2006 that are uncorrelated with price, world events or OPECs own announced production cuts (in fact, no evidence for those cuts occurring is found at all). Given that the apparent steep decline (8%/year) matches the rates seen in other areas where horizontal drilling and water injection were used, and high prices give the Kingdom every incentive to produce, is this the beginning of the end for Saudi oil?
It's funny.  Laugh.

Submission + - The simple pleasure of breaking things.

rlandmann writes: When my mobile phone "failed me for the last time", I smashed it to pieces and have offered the remains on eBay as my way of making a public mockery of the hapless device.

The phone was still under warranty, but to tell the truth, I really couldn't be bothered arguing about it with my phone company, and preferred the visceral satisfaction of the violent destruction of the offending hardware.

The comments and questions other eBayers have been leaving suggest to me that I may have touched on something here. What's the most satisfying way that you've destroyed a technological menace?

Submission + - Microsoft kills off J# language

twofish writes: "Microsoft have announced that J#, its Java clone for .NET, and the Java Language Conversion Assistant will be discontinued and will not appear in the next version of Visual Studio. At the same time they have announced pans for a 64-bit version of the J# Redistributable this year."
The Internet

Submission + - Proposed Internet Censorship Law in Israel

Shlomi Fish writes: "Gal Mor reports on on a new proposal for an Israeli Internet censorship law, which will require ISPs to implement censorship at the ISP level, and the surfers to identify themselves using bio-metric means and passwords to prevent minors from viewing sites with unsuitable content. Also see a discussion on the Israeli Linux mailing list.

This law is very bad and should better be stopped so please help spread the word."
Operating Systems

Submission + - Making NetBSD Multiboot-Compatible

jmmv writes: "The Multiboot Specification defines a protocol between boot loaders and operating systems' kernels with the basic aim to allow any compliant boot loader to launch any compliant OS. This simplifies the boot loader's tasks by reducing the amount of knowledge it must have of foreign OSes and, as a side effect, it also removes the burden of writing a custom boot loader for each OS. A while ago I modified the NetBSD's kernel to support this specification, which means that the upcoming 4.0 release will be easier to boot on any dual-boot system with Linux installed (assuming it uses GRUB). I've written an article, titled Making NetBSD Multiboot-Compatible, that provides an introduction to The Multiboot Specification and outlines the steps I took to adapt the NetBSD's kernel to follow it. This can give you enough interest and clues to modify your favourite operating system to also support this protocol."
PC Games (Games)

Submission + - OSS Strategy Game running AI Coding Competition

Semi Anonymous Coward writes: "Thousand Parsec, a project to create a framework for building 4x space empire building games, is running an AI Coding Competition. The AI can be coded in any language and there are separate sections for the best designed AI and the one which wins the most games. To top it all off there are a bunch of cool prizes and swag to be won.

The lack of a decent AI has long been one of the major complaints about strategy games (and being specifically poignant with Open Source Games). So why not come out and help fix the problem? With only a month left before entries must be submit everyone better get cracking!

Disclaimer: I'm one of the judges for the competition."

Submission + - Analog TV cards banned by FCC as of yesterday

Anonymous Coward writes: "Beginning yesterday, the FCC requirement went in to effect that 'All TV receiving devices sold must possess the capability of supporting digital television signals.' NVidia has already discontinued their fairly new and very popular DualTV MCE ( card, and soon all Non-ATSC cards will be gone from shelves and available only on Ebay."

Submission + - RSAkey revealed in few sec w/o Quantum Computer

QuantumCrypto writes: "IRISA is reporting that Branch Prediction is NOT good for Security. Branch predictors allow processors to execute the next instructions without waiting for the previous ones to be resolved, which in turn allows the RSA key to be spied.
Old news. Right? Well André Seznec at IRISA has independently verified the claims. "I've tried to validate the principle. It works! Beautiful case study by the way!" said André Seznec. Onur Aciçmez and his colleagues managed to grab 508 bits out of a 512-bit key on RSA encryption , at first shot, in just a few thousandths of a second. Quite a feat when compared to the endless three months and the line-up of 80-some 2.2 GHz CPU computers that the German Federal Office for Information Security (BSI) once poured in to crack a SSL 640-bit key (3).

Background from the Artikle:
Until not so long ago,processors were executing threads in a time shared mode: T0 was executing during a time slice, then T1 was executing during the next time slice, then T0 again, ..."Each of these time slices lasts far longer than the processor execution cycle. Say a thread lasts around10 milliseconds, representing about 20 to 30 million processor cycles. As long as a spy thread and a cryptographic thread are not executed simultaneously, there is no way the former can grab very precise information on the latter." The impervious architecture keeps threads peep proof. But things have changed with the arrival of Pentium 4 HT processor generation (7), a SMT processor in PCs and servers. These CPUs run two threads at the same time: on the very same cycle, instructions from the two threads are executed on the CPU. Why? "Mainly to squeeze performance from the processor, Seznec answers. The processor can execute several instructions per cycle, but generally a significant part of the resource is lost if a single thread executes. When two threads execute at the same time, the hardware is significantly better utilized." Unfortunately, running two threads in parallel on the same hardware CPU can lead to some information leakage. "One can manage to grab an indirect view on a thread execution from a spying thread that is executed simultaneously. This indirect information about its execution can allow to recover critical information such an encryption key.""

Reflectivity Reaches a New Low 166

sporkme writes "A new nanocoating material developed by a team of researchers from Rensselaer Polytechnic Institute has the lowest level of reflectivity ever seen ... or not seen in this case. The amount of light reflected by the composite of silica nanorods and aluminum nitride is almost the same amount reflected by air. From the article: 'Schubert and his coworkers have created a material with a refractive index of 1.05, which is extremely close to the refractive index of air and the lowest ever reported. Window glass, for comparison, has a refractive index of about 1.45. Using a technique called oblique angle deposition, the researchers deposited silica nanorods at an angle of precisely 45 degrees on top of a thin film of aluminum nitride, which is a semiconducting material used in advanced light-emitting diodes (LEDs). From the side, the films look much like the cross section of a piece of lawn turf with the blades slightly flattened.' Suggested applications include increased efficiency in solar cells, more energy-efficient lighting and advances in quantum mechanics."

Slashdot Top Deals

panic: kernel trap (ignored)