Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Dropbox Password Goof Let Any Password Work For 4 Hours 185

tekgoblin writes "Dropbox confirmed today that for some time yesterday, any user's account was accessible without a password. The glitch was a programming error related to a code update and accounts were only vulnerable from around 1:54 pm PST to 5:46pm PST." "Only" is relative; as reader zonky puts it, "It took around 4 hours from deployment for Dropbox to notice they'd entirely broken their authentication scheme."
Data Storage

Why Mirroring Is Not a Backup Solution 711

Craig writes " has fallen and can't get up. The post on their site describes how their entire database was overwritten through either some inconceivable OS or application bug, or more likely a malicious act. Regardless of how the data was lost, their undoing appears to have been that they treated drive mirroring as a backup and have now paid the ultimate price for not having point-in-time backups of the data that was their business." The site had been in business since 2002 and had an Alexa page rank of 106,881. Quantcast said they had 14,000 monthly visitors recently. No word on how many thousands of bloggers' entire output has evaporated.

AVG Virus Scanner Removes Critical Windows File 440

secmartin writes "The popular virus scanner AVG released an update yesterday that caused their software to mark user32.dll as a virus. Since this is a rather critical file, AVG's suggestion to remove it caused problems for users around the world who are now advised to restore the file through the Windows Recovery Console. AVG just posted an update about this (FAQ item 1574) in the support section of their site. Their forums are full of complaints."

RHN Bind Update Brings Down RHEL Named 312

alexs writes "Red Hat's response to update bind through RHN, patching the DNS hole, made a fatal error which will revert all name servers to caching only servers. This meant that anyone running their own DNS service promptly lost all of their DNS records for which they were acting as primary or secondary name servers. Expect quite a few services provided by servers running RHEL to, errr, die until their system administrators can restore their named.conf. Instead of installing etc/named.conf to etc/named.rpmnew, Red Hat moved the current etc/named.conf to etc/named.conf.rpmsave and replaced etc/named.conf with the default caching only configuration. The fix is easy enough, but this is a schoolboy error which I am surprised Red Hat made. Unfortunately we were hit and our servers went down overnight while RHN dropped its bomb and I am frankly surprised there has not been more of an uproar about this."

California Court Posts SSNs, Medical Records 117

Lucas123 writes "California's Riverside County Superior Court's Web site is serving up document images containing SSNs and detailed medical records relating to civil cases, according to a couple of privacy advocates. All of the documents are free to anyone who knows where to look for them. 'Searches done on the court's Web site turned up various documents related to civil cases that contained sensitive information. Included were complete tax filings, medical reports pertaining to cases handled by the court, and images of checks complete with signatures as well as account and bank-routing numbers.'"
The Military

Nuclear Nose Cones Mistakenly Shipped to Taiwan 254

Reservoir Hill writes "The Pentagon announced that the United States had mistakenly shipped to Taiwan four electrical fuses designed for use on intercontinental ballistic missiles, but has since recovered them. The mistaken shipment to Taiwan did not include nuclear materials, although the fuses are linked to the triggering mechanism in the nose cone of a Minuteman nuclear missile. Taiwanese authorities notified U.S. officials of the mistake, but it was not clear when the notification was made. An examination of the site in Taiwan where the components had been stored after delivery indicated that they had not been tampered with. The fuses had been in four shipping containers sent in March 2005 from F.E. Warren Air Force Base, Wyo., to a Defense Logisitics Agency warehouse at Hill Air Force Base, Utah. It was then in the logistics agency's control and was shipped to Taiwan "on or around" August 2006, according to a memo from Defense Secretary Robert Gates ordering Navy Adm. Kirkland H. Donald to investigate the incident."
PC Games (Games)

EVE-Online Patch Makes XP Unbootable 572

Nobo writes "CCP's latest major patch to the EVE-Online client, Trinity, comes with an optional DX9-enhanced graphics patch that dramatically improves the visual quality of the in-game graphics through remade models, textures, and HDR. It also has an unfortunate bug: the incredibly stupid choice of boot.ini as a game configuration file, coupled with an errant extra backslash in the installer configuration. The result is that anyone who installs the enhanced graphics patch overwrites the windows XP c:\boot.ini file with the EVE client configuration file, bricking the machine on the next boot. Discussion in a couple of forums threads is becoming understandably heated."

Space Rope Trick Experiment Goes Awry 200

Tjeerd writes "An experiment that envisaged sending a parcel from space to Earth on a 30-kilometre tether fell short of its goal yesterday when the long fibre rope did not fully unwind, Russian Mission Control said. It was intended to deliver a spherical capsule, called Fotino, attached to the end of the tether back to Earth — a relatively simple and cheap technology that could be used in the future to retrieve bulkier cargoes from space.""

Slashdot Top Deals

"An idealist is one who, on noticing that a rose smells better than a cabbage, concludes that it will also make better soup." - H.L. Mencken