Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission Summary: 0 pending, 6 declined, 3 accepted (9 total, 33.33% accepted)

Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Bug in libvirt allows unauthenticated VNC sessions

gavron writes: A bug in the libvirt virtualization library allows attackers to connect to VNC servers that have no password set (that are using a non simple-password authentication) but instead of denying access... no authentication will be tried and the user will be connected.

The US National Vulnerability Database rates this a 9.8 on the CVSS severity level.


Submission + - Why Linux is not quite ready for the Desktop (flame elsewhere)

gavron writes: Every year the list of features Linux distributions are lacking to be a great desktop OS are listed here: http://linuxfonts.narod.ru/why...

Each year people like to growse and complain. However, the list is accurate, and the parts that are up to date point out specific and explicit things that can be fixed to help get Linux on par with the other available desktop options.

If you want to be helpful... read the article... see where you can help either by writing code to fix the problems OR by identifying more specifically what is wrong (or maybe it's fixed in some distro you can point to the others will soon copy).

The power of open-source compels you. Or not. Your chance to shine and help out.

Submission + - Time Warner Parting Itself Out

gavron writes: We all know about TW Cable being acquired by Comcast (subject to regulatory approval) http://corporate.comcast.com/t... but news from today is that their non-cable business is being purchased by Level3 for almost 6 BILLION dollars. http://dealbook.nytimes.com/20... .

What used to be the former "largest media and distribution company ever" (AOL Time Waner) is now nothing more than a garage of pieces being parceled off to the first available bidder. This might be good for consumers, but recently Time Warner (and Comcast) won awards for consumer hatred. http://time.com/106016/comcast...

Submission + - MIT's report on Aaron Swartz is out - MIT claims neutrality

gavron writes: Mit has released their report on the Aaron Swartz incident. They also include an MD5 fingerprint. Sadly for MIT's great cryptography genius, having the signature on the same page as its reference and the same site as the file means nothing. More on MD5 hashes here. Noted crypto researched Bruce Schneier said MD5 had to go almost ten years ago.

Submission + - Nortel Patent Sale gets DoJ Review (wsj.com)

gavron writes: "The US Department of Justice will review the Nortel patent sale to the entity formed by Apple, Microsoft, and others.

This is the same sale that the Canadian authorities declined to review because the $4+BN deal was valued by them at less than $750M.

The patents were originally bid $900M by stalking-horse google. It is believed they are to be use against Android and open-source."


Submission + - ACLU sues DHS over unlawful searches and detention

gavron writes: The ACLU has filed suit against DHS for TSA conducting illegal searches and detention. In the instant case it was a Ron Paul staffer with campaign dollars. The suit seeks to address TSA searching anything that has nothing to with increasing security on aircraft and instead doing unlawful 4th amendment violating searches (such as those of laptops, thumbdrives, etc.)

As TSA has more and more work to meet its mandate of only screening half the luggage... the suit suggests the best of use of its resources is to focus on its mandate, not harassing innocent travelers.

Submission + - SPRINT tracks its users movements, convo and data

gavron writes: SPRINT has a series of commercials where they indicate clearly the contents of the phone and data conversations their customers are having. Here are quotes from one:

"Welcome to the Now network. Right now 379 couples are splitting up, 253 by phone, 42 by email, and 84 by text message. 13,000 people are streaming Pandora on a bus[so they're tracking user too?], 3700 people just found all their friends on Loot. 92 just realized they were in the exact same place. That's happening now..." Etc.

A common carrier has a duty not to snoop on its users' data without a warrant and even more so not to disclose the nature of the contents, even if in aggregate. I know SPRINT wants to pretend that they have a 4G network (whatever _that_ is) but the way to do it is not to disclose the nature of the use of their current network. This is a perfect example of a carrier using confidential data for marketing purposes (or lying and making it up — take your pick, this isn't a Lesley Smith Ethical Problem, it's simple ethics.)

P.S. A sample of such commercial is found on youtube at http://www.youtube.com/watch?v=NlwBO36OeUQ&feature=PlayList&p=C6266A165E8490AE&playnext=1&playnext_from=PL&index=44

Submission + - UK government offical wants "ratings" for

Ehud Gavron writes: The UK's Culture Secretary wants all English-language websites to have a rating to "police the Internet" and "protect the children." The story at http://uk.reuters.com/article/UKNews1/idUKTRE4BQ0KN20081228 starts off:

"LONDON (Reuters) — The kind of ratings used for films could be applied to websites in a bid to better police the Internet and protect children from harmful and offensive material, Culture Secretary Andy Burnham has said.

Burnham told The Daily Telegraph newspaper, published on Saturday, that the government was planning to negotiate with the administration of U.S. President-elect Barack Obama to draw up new international rules for English language websites.

"The more we seek international solutions to this stuff — the UK and the U.S. working together — the more that an international norm will set an industry norm," the newspaper reports the Culture Secretary as saying in an interview."

Submission + - Dell Mini 9 GPS "Hack" is a fraud

gavron writes: There are plenty of stories on the net about hacking a Dell Mini 9 to have a built in GPS. All of the stories in http://tinyurl.com/3nw3gz reference the same original story at http://tinyurl.com/64doqq .

Having thought this was a great idea, two of us bought the same exact GPS USB dongle, and did the same exact mod to our Mini 9's. Both of our receivers were unable to pick up any satellites. When taken back outside the case and the USB connector put back on, on the outside of the case it works fine. The moral of the story is it does not work inside the Dell Mini 9, and the original story is a put-up job.

Before you read the methodology please note we did this with two different Dell Mini 9's and two different USB dongles (of the same type) with 100% repeatability of the steps below. I encourage any doubters to do the same.

1. Buy the same USB dongle (GT730F). (Done)
2. Hook it up on a USB port and see it work amazingly well. (It does).
3. Connect it as per the instructions in the MyDellMini article above. (Done)
4. Receive... receive... receive... (Narry a satellite to be found).

1. Verify connection. USB has 4 pins. We know that it's responding so +5V and GND are right. That just leaves TX and RX. We know it enumerates on the USB so that validates it for us, but just for those of you who don't know USB handshakes... we're able to see it communicate with us (and tell us no satellites) so TX is good. We tell it to change its baud rate and it does. RX good. Just for good measure we do a bidirectional communication by doing a new ephemeris dump. All is good.
2. Verify that the top of the case has direct access to the sky.
3. Run gpsd -N -D 4 and look for anything strange. Um. It's not seeing any satellites.

1. Unsoldered the wires, removed the device.
2. Re-attached the USB connector to the board (that was not fun — nice job ScottH!)
3. Connected it to an external USB port

1. Satellites? (Green blinking light says yes have a fix)
2. Software? (Yes, both gpsd+xgps and SkyTraq's GPS Viewer.EXE+wine see birds all around)

False Positive:
A false positive would occur if we THOUGHT there was a problem but there really isn't. In this case it works outside, works inside but does not receive satellites, and works outside the case afterward. The only change is the physical location and USB bus (not relevant under Linux).

This is therefore NOT a false positive.

False Negative:
A false negative would occur if we thought there was NO problem, but there really was. In this case we think there's a problem, and we duplicated it, and we removed all other factors other than physical location and USB bus (again not relevant under Linux).

This is therefore NOT a false negative.

The original author must have a Dell Mini 9 made up of an incredibly different substance than the ones we have, as ours did not allow satellite signals through. Either that or his fu is stronger than any of ours. Don't even ask me how his "video" works.


Slashdot Top Deals

The meat is rotten, but the booze is holding out. Computer translation of "The spirit is willing, but the flesh is weak."