Please create an account to participate in the Slashdot moderation system


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - Clinton Defenders: Relax, 'Beyond Top Secret' Intel Was 'Innocuous' (

RoccamOccam writes: The classified material included in the latest batch of Hillary Clinton emails flagged by an internal watchdog involved discussions of CIA drone strikes, which are among the worst kept secrets in Washington, senior U.S. officials briefed on the matter tell NBC News.

As pointed out here, Mrs. Clinton at first stated that no classified material of any sort passed through her server, then wrongly claimed that she's never personally sent or received such information, then falsely asserted that none of the material was classified at the time. Now that the Inspector General has determined that Clinton's vulnerable bootleg server also contained beyond top secret intelligence, some of her defenders appear to be shifting tactics. Rather than denying the classification level or the existence of the emails, they're stating that the subject matter of the SAP-level emails in question was "innocuous".

Submission + - Why Linux is not quite ready for the Desktop (flame elsewhere)

gavron writes: Every year the list of features Linux distributions are lacking to be a great desktop OS are listed here:

Each year people like to growse and complain. However, the list is accurate, and the parts that are up to date point out specific and explicit things that can be fixed to help get Linux on par with the other available desktop options.

If you want to be helpful... read the article... see where you can help either by writing code to fix the problems OR by identifying more specifically what is wrong (or maybe it's fixed in some distro you can point to the others will soon copy).

The power of open-source compels you. Or not. Your chance to shine and help out.

Submission + - AT&T to Start Data Throttling, How Will It Aff (

greymond writes: "AT&T has announced that starting on Oct. 1 it will throttle the data speeds of users with unlimited data plans who exceed bandwidth thresholds on its 3G network. AT&T is following in the tracks Verizon and Virgin Mobile in reducing data throughput speeds of its heaviest mobile data users. With more data-intensive apps being published everyday, how will AT&T's data throttling affect users' mobile experience?"

Submission + - Pakistan Tries To Ban Encryption (

An anonymous reader writes: Pakistan has a new Telecoms Law going into effect, which requires widespread monitoring of internet usage. In response, new reports are saying that the country is banning encryption, including VPNs, because it would interfere with the ability of ISPs to monitor internet usage.

Submission + - Apple granted patent for theft-detection system (

An anonymous reader writes: Now Apple has come up with another method for detecting theft of mobile device for which it received a patent on July 26, 2011. The patent is US7986233, entitled "Acceleration-based theft detection system for portable electronic devices". The patent describes a theft prevention system which uses an accelerometer to detect theft. The accelerometer determines the frequencies characteristics of the movement of the mobile device to determined whether the mobile device is stolen or not.

Submission + - AES-256 based NIST-certified flash drives cracked (

suraj.sun writes: Security firm SySS ( ) has reportedly cracked the AES 256-bit hardware-based encryption used on flash drives manufactured by Kingston, SanDisk and Verbatim.

The crack relies on a weakness so astoundingly bone-headed that its almost hard to believe. While the data on the drive is indeed encrypted using 256-bit crypto, there's a huge failure in the authentication program. When the correct password is supplied by the user, the authentication program always send the same character string to the drive to decrypt the data no matter what the password used. What's also staggering is that this character string is the same for Kingston, SanDisk and Verbatim USB flash drives.

Cracking the drives is therefore quite an easy process. The folks at SySS wrote an application that always sent the appropriate string to the drive, irrespective of the password entered, and therefore gained immediate access to all the data on the drive.

These drives are sold as meeting security standards making them suitable for use with sensitive US Government data (unclassified rating) and have a FIPS 140-2 Level 2 certificate issued by the US National Institute of Standards and Technology (NIST).

Kingston has done the right thing and issued a recall. Verbatim and SanDisk has issued a statement and have updates available, but the threat is downplayed.

ZDNet :

Submission + - IPv4 Will Not Die in 2010 as Previously Forecast (

darthcamaro writes: A couple of years ago, the big shots at IANA (that's the people that handle internet addressing) issued a release stating that the IPv4 address space was likely to be gone by 2010. Here we are in 2010 and guess what, IPv4 with its 4.3 billion addresses will NOT be all used up this year. In fact there could be another two years worth of addresses still left at this point.

"We're at about 10.2 percent (IPv4 address space) remaining globally," John Curran, president and CEO of ARIN said. "At our current trend rate we've got about 625 days before we will not have new IPv4 addresses available. We're still handling IPv4 requests from ISPs, hosting companies and large users for IPv4 address space, but that's a very short time period."


Submission + - IP Address "privacy" and copyright enforcement 8

ilec_geek writes: I'm looking for constructive feedback from IT professionals working at small or large ISPs. When copyright infringement notifications come my way, the only identifying information they provide me with is an IP address and possibly source TCP port number. Because I work at a small ISP, I dynamically assign private (RFC 1918) IP addresses to my subscribers via DHCP. Then I use my sparingly assigned public IP addresses in overloaded NAT pools to translate those private addresses for outbound Internet traffic. This all works very well, except when a copyright infringement notice shows up. I do have the ability to grep my NAT tables which I archive 4 times a day (every 6 hours) which allows me to track down the alleged violating public IP and source port. Then I cross reference that with my DHCP leases to find the associated user account. However, the NAT tables in my router are so volatile and nebulous, even though I capture them every 6 hours, I find many translations in the router that simply are no longer there when I perform my regular archive. My question is, how many of you have encountered the same challenges, and how have you solved them? Sometimes these infringement notifications get to me several days after the fact. The only solution I see is to keep an exact image of my huge NAT tables archived for every minute of the day for several days. This would turn into an administrative nightmare and would quickly reach the level of absurdity in the amount of data I would have to store just for this purpose. The bottom line is, I don't believe an IP address alone is sufficient to identify a person in a copyright infringement issue. My own example illustrates how cumbersome and difficult it is (and sometimes impossible) to identify a person based solely on their IP address. I am not deliberately trying to hide my customer's identities. It is simply the most efficient way for me to design my network.
The Military

Superguns Helped Defeat the Spanish Armada 501

Hugh Pickens writes "With the discovery last year of the first wreck of an Elizabethan fighting ship off Alderney in the Channel Islands, thought to date from around 1592, marine archaeologists are revising their ideas on how the English defeated the Spanish Armada. Replicas of two cannon recovered from the Alderney wreck were recreated in a modern foundry, and tests carried out showed that the Elizabethans were throwing shot at almost the speed of sound. Elizabeth's 'supergun,' although relatively small, could hit a target a mile away. At a ship-to-ship fighting distance of about 100 yards, the ball would have sufficient punch to penetrate the oak planks of a galleon, travel across the deck, and emerge out the other side. Tests on cannon recovered from the Alderney wreck also suggest that the ship carried guns of uniform size, firing standard ammunition. 'Elizabeth's navy created the first ever set of uniform cannon, capable of firing the same size shot in a deadly barrage,' says marine archaeologist Mensun Bound from Oxford University, adding that that navy had worked out that a lot of small guns, all the same, all firing at once, were more effective than a few big guns. '[Elizabeth's] navy made a giant leap forward in the way men fought at sea, years ahead of England's enemies, and which was still being used to devastating effect by Nelson 200 years later.'"
The Courts

Terry Childs Case Puts All Admins In Danger 498

snydeq writes "Paul Venezia analyzes the four counts San Francisco has levied against Terry Childs, a case that curiously omits the charge of computer tampering, the very allegation that has kept Childs in jail for seven months and now appears too weak to present in court. Count 1 — 'disrupting or denying computer services' — is moot, according to Venezia, as the city's FiberWAN did not go down due to Childs' actions. Venezia writes, 'Childs' refusal to give up the passwords for several days in no way caused a disruption of the normal operation of the FiberWAN. In fact, it could be argued that his refusal actually prevented the disruption of normal network operation.' Counts 2 through 4 pertain to modems Childs had under his control, 'providing a means of accessing a computer, computer system, or computer network in violation of section 502,' according to case documents. As Venezia sees it, these counts too are spurious, as such devices are essential to the fulfillment of admin job requirements. 'If Childs is convicted on the modem charges, then just about every network administrator in the world could be charged with the same "crime,"' Venezia writes. All the authorities would have to do is 'point out that you have a modem or two, and suddenly you're wearing pinstripes of the jailhouse variety.'"

Followup To "When Teachers Are Obstacles To Linux" 626

An couple of anonymous readers wrote in to let us know about a followup to last Wednesday's story of the teacher who didn't believe in free software. The Linux advocate who posted the original piece has cooled off and graciously apologized for going off half-cocked (even though the teacher had done the same), and provided a little more background which, while not excusing the teacher's ignorance, does make her actions somewhat more understandable. Ken Starks has talked with the teacher, who has received a crash education in technology over the last few days — Starks is installing Linux on her computer tomorrow. He retracts his insinuations about Microsoft money and the NEA. All in all he demonstrates what a little honest communication can do, a lesson that all of us who advocate for free software can take to heart. "The student did get his Linux disks back after the class. The lad was being disruptive, but that wasn't mentioned. Neither was the obvious fact that when she saw a gaggle of giggling 8th grade boys gathered around a laptop, the last thing she expected to see on that screen was a spinning cube. She didn't know what was on those disks he was handing out. It could have been porn, viral .exe's...any number of things for all she knew. When she heard that an adult had given him some of the disks to hand out, her spidey-senses started tingling. Coupled with the fact that she truly was ignorant of honest-to-goodness free software, and you have some fairly impressive conclusion-jumping. In a couple of ways, I am guilty of it too."
The Courts

Groklaw's PJ Says SCO's Demise Greatly Exaggerated 152

blackbearnh writes "Last week, the net was all abuzz with speculation that SCO was finally gone and done for. With the final judgment in SCO v. Novell in, and SCO millions of dollars in the hole to Novell, it seemed like the fat lady had finally sung. But like most things in the legal system, it isn't nearly that simple. O'Reilly Media sought out Groklaw's Pamela Jones, and got a rundown of what's still alive, and why a final end to the madness may be many years away. 'Summing up, it looks bleak for SCO at the moment, but let's enter the alternate realm of SCO's best-case scenario in its dreams: in that realm, SCO wins on appeal, which one of SCO's lawyers indicated might take a year and a half or five years, and the case is sent back to Utah for trial by jury, which is what SCO wanted (as opposed to trial by judge, which is what it got), then everything listed above (except for the IPO class action) comes alive again, presumably, depending on what the appellate court decides. Then SCO is in position once again to go after Linux end users, as well as IBM, et al.'"

UK Court Rejects Encryption Key Disclosure Defense 708

truthsearch writes "Defendants can't deny police an encryption key because of fears the data it unlocks will incriminate them, a British appeals court has ruled. The case marked an interesting challenge to the UK's Regulation of Investigatory Powers Act (RIPA), which in part compels someone served under the act to divulge an encryption key used to scramble data on a PC's hard drive. The appeals court heard a case in which two suspects refused to give up encryption keys, arguing that disclosure was incompatible with the privilege against self incrimination. In its ruling, the appeals court said an encryption key is no different than a physical key and exists separately from a person's will."

Slashdot Top Deals

Asynchronous inputs are at the root of our race problems. -- D. Winker and F. Prosser