Forgot your password?
Close
typodupeerror

Submission + - Office 365, Amazon, others vulnerable to exploit Microsoft knew about in 2012

Submitted by colinneagle
colinneagle writes: Ethical hacking professor Sam Bowne recently put a cookie re-use method to test on several major web services, finding that Office 365, Yahoo mail, Twitter, LinkedIn, Amazon, eBay, and WordPress all failed the security test. Both Amazon and eBay can be tied directly to your money via the method of payment you have on record. And, just for kicks, we tried it with Netflix. And it worked.

Microsoft has apparently known that accounts can be hijacked since at least 2012 when The Hacker News reported the Hotmail and Outlook cookie-handling vulnerability, so Bowne was curious if Microsoft closed the hole or if stolen cookies could still be re-used. He claims he "easily reproduced it using Chrome and the Edit This Cookie extension."

Bowne is asking other people to test more services and tweet the results to him @sambowne.

Submission + - Piracy Rates Plummet as Legal Alternatives Find Norway

Submitted by jones_supa
jones_supa writes: Entertainment industry groups in Norway have spent years lobbying for tougher anti-piracy laws, finally getting their way earlier this month. But with fines and site blocking now on the agenda, an interesting trend has been developing. According to a new report published by Ipsos, between 2008 and 2012 piracy of movies and TV shows collapsed in Norway, along with music seeing a massive drop to less than one fifth of the original level. Olav Torvund, former law professor at the University of Oslo, attributes this to good legal alternatives which are available today. Of those questioned for the survey, 47% (representing around 1.7 million people) said they use a streaming music service such as Spotify. And of those, just over half said that they pay for the premium option.

Submission + - If A Network Is Broken, Break It More (insidescience.org)

Submitted by Aras Esor
Aras Esor writes: When a network is broken — an electrical grid, the World Wide Web, your neurological system — one math model created by a PhD student at Northwestern University suggests that the best way to fix it may be to break it a little more.

Submission + - Google Asks Government for More Visible National Security Requests (slashdot.org)

Submitted by Nerval's Lobster
Nerval's Lobster writes: In an open letter addressed to U.S. attorney general Eric Holder and FBI director Robert Mueller, Google chief legal officer David Drummond again insisted that reports of his company freely offering user data to the NSA and other agencies were untrue. “However,” he wrote, “government nondisclosure obligations regarding the number of FISA national security requests that Google receives, as well as the number of accounts covered by those requests, fuel that speculation.” In light of that, Drummond had a request of the two men: “We therefore ask you to help make it possible for Google to publish in our Transparency Report aggregate numbers of national security requests, including FISA disclosures—in terms of both the number we receive and their scope.” Apparently Google’s numbers would show “that our compliance with these requests falls far short of the claims being made.” Google, Drummond added, “has nothing to hide.” As part of its regularly updated Transparency Report, Google posts information about the National Security Letters (NSLs) it receives from the federal government; however, the government requires Google to report NSLs as a numerical range rather than an exact number. But even if Google does end up displaying more information about government requests, it doesn’t seem as if many Americans are dismayed about their privacy being invaded: according to a new survey by the Pew Research Center and The Washington Post (conducted after the Snowden story broke), concerns about terrorist threats outweigh the need for privacy. “Currently 62 [percent] say it is more important for the federal government to investigate possible terrorist threats, even if that intrudes on personal privacy,” read the survey’s summary. “Just 34 [percent] say it is more important for the government not to intrude on personal privacy, even if that limits its ability to investigate possible terrorist threats.”

Submission + - FAA wants all aircraft flying on unleaded fuel by 2018 (networkworld.com)

Submitted by coondoggie
coondoggie writes: The Federal Aviation Administration (FAA) this week put out a call to fuel producers to offer options that would safely let general aviation aircraft stop using leaded fuel by 2018. The FAA says there are approximately 167,000 aircraft in the United States and a total of 230,000 worldwide that rely on the current 100 octane, low lead fuel for safe operation. It is the only remaining transportation fuel in the United States that contains the addition of tetraethyl lead (TEL), a toxic substance, to create the very high octane levels needed for high-performance aircraft engines. Operations with inadequate octane can result in engine failures, the FAA noted.

Submission + - Pro-Nuclear Documentary Pandora's Promise and the Problem of "Solutionism" (thebulletin.org) 1

Submitted by Lasrick
Lasrick writes: Kennette Benedict of the Bulletin of the Atomic Scientists reviews "Pandora's Promise," a new documentary that focuses on environmental activists like Stewart Brand who have gone from vehemently anti-nuclear to vehemently pro-nuclear views. Good points brought up by Benedict that weren't really addressed in the film.

Feed Microsoft confirms Vista OEM hack (com.com)

From feed by cnetfeed
Hack may allow users to bypass antipiracy feature, but no action is planned yet, according to a post on the Windows Genuine Advantage blog.

Slashdot Top Deals

My sister opened a computer store in Hawaii. She sells C shells down by the seashore.

Close