Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Submission + - FSF petitions against closed implementation of UEF (fsf.org) 2

GameboyRMH writes: The Free Software Foundation is currently holding a petition urging hardware manufacturers to implement UEFI Secure Boot in a way that allows alternative operating systems to be installed by users. Currently it has about 13,000 signatures — Slashdot polls regularly rack up more votes. If you run a non-Windows operating system or wish to support the right to do so, sign the petition here.
Security

Submission + - XML Encryption Broken, Need to Fix W3C Standard (ruhr-uni-bochum.de)

gzipped_tar writes: Researchers from Ruhr University Bochum demonstrated the insecurity of XML encryption standard at ACM Conference on Computer and Communications Security in Chicago this week. "Everything is insecure", is the uncomfortable message from Bochum.

As pointed out by the Ars Technica article, XML Encryption is used widely as part of server-to-server Web services connections to transmit secure information mixed with non-sensitive data, based on cipher-block chaining. But it is apparently too weak, as demonstrated by Juraj Somorovsky and Tibor Jager. They were able to decrypt data by sending modified ciphertexts to the serve by gathering information from the received error messages. The attack was tested against a popular open source implementation of XML Encrytion, and against the implementations of companies that responded to the responsible disclosure — in all cases the result was the same: the attack worked.

Fixing the vulnerability will require a revision of the W3C XML encryption standard, Somorovsky said. The researchers informed all possibly affected companies through the mailing list of W3C, following a clear responsible disclosure process.

Space

Submission + - DARPA working on grave-robbing Frankenstein satell (extremetech.com) 1

MrSeb writes: "Just in time for Halloween, DARPA has published details of a new satellite that will allow scientists to create Frankensteinian satellites out of dead communications equipment currently orbiting the Earth. Right now there are about 19,000 different pieces of space debris in both low and high orbit around the planet, creating a dangerous scenario for both space flight and expensive items like the Hubble space telescope. Aptly named Phoenix, the idea is simple with a complex implementation. Using re-purposed robot arms from assembly lines and surgery units to create the scavenger bot, Phoenix will be shot into space and placed in the “graveyard” orbit that all the dead satellites are on as well. From there, it will attach to these units, and cut away different components to be used to create new, working units to be placed back into useful service. Phoenix is slated to launch in 2015 for testing, but there are some hurdles to its success, namely the Outer Space Treaty that states that an object launched into orbit remains the property of the country that put it there."
Privacy

Submission + - Researchers ID Skype, BitTorrent Users (itworld.com) 1

itwbennett writes: "Researchers have figured out a way to link online Skype users to their activity on peer-to-peer networks like BitTorrent. The team was able to sift out the nodes through which Skype calls are routed and determine the user's real IP address by sniffing the packets. To correlate the identified Skype users with files shared on BitTorrent, the researchers built tools to collect BitTorrent file identifiers, a BitTorrent crawler to collect IP addresses on the network and a verifier to match an online Skype user with an online BitTorrent user. 'As soon as the BitTorrent crawler detects a matching IP address, it signals the verifier, which immediately calls the corresponding Skype user and, at the same time, initiates a handshake with the BitTorrent client,' they wrote."
Operating Systems

Submission + - Early Speed Tests For Windows 8

adeelarshad82 writes: You often hear in the software industry that performance optimization is one of the last steps in the software development process. That bodes well for Windows 8, considering at the early stage of Developer Preview—even before we've seen an actual beta—the nascent operating system is getting widespread praise for its performance, particularly in startup times. Anecdotal evidence is always encouraging, but PCMag decided to run some very early tests on the OS to see if the reports were wishful thinking or if there was a real, measurable boost in speed. Along with startup and shutdown times, they used several standard industry benchmarks to compare Windows 8 performance with that of Windows 7 running on the same machine.
Android

Submission + - Android 4.0 Source Code Coming 'Soon' (itworld.com)

itwbennett writes: "Good news today for those of you who have been waiting for news about whether Google would be opening up the ICS source and for those of you who thought it was gone for good. Android engineer Dan Morrill revealed new information in the Android Building Google group yesterday evening, saying that Google plans 'to release the source for the recently-announced Ice Cream Sandwich soon, once it's available on devices.'"

Submission + - Hijacking authenticated open wifi sessions (datavirtue.com)

datavirtue writes: "Still in early testing, but I have successfully hijacked an authenticated user session on a managed Cisco wifi network by spoofing the MAC of an authenticated user. The MAC was easily obtainable by scanning with Cain, followed by a simple and well documented registry mod in Windows to change my MAC to that of the victim. Interested to see if anyone has a solution for this problem. Disclaimer: This was performed as a test on two of my laptops in the course of my job as a researcher."

Submission + - CCP to lay off 20% of its staff, refocus on EVE (eveonline.com)

zergl writes: CCP games just announced that 20% of its staff will be laid off due to their overextension on developing three titles at the same time while bleeding subscribers on their flagship title EVE Online. The World Of Darkness MMO will be put on the back burner while remaining resources will be put towards EVE and getting Dust 514 launched successfully.
This comes as not much of a surprise considering the financial situation CCP was in with liquid assets about to run out well before the Dust launch next year which was discovered when the 2010 financial report was analyzed on a community forum.

Bitcoin

Submission + - bitcoin value implodes (arstechnica.com)

An anonymous reader writes: Apparently unbeknownst to slashdot's editors and in spite of their relentless promotion of bitcoin a few months ago, bitcoin value has completely tanked in the few short months since June. Is it still too late to return those mining GPUs we've bought to Best Buy?
Microsoft

Submission + - Ballmer: We're lucky Microsoft didn't buy Yahoo in (networkworld.com)

alphadogg writes: Microsoft CEO Steve Ballmer feels intensely fortunate that his company's $44 billion bid for Yahoo back in 2008 never materialized. "Sometimes you're lucky," he said with a smile at Web 2.0 Summit, responding to a question from conference co-chair John Battelle. Careful not to offend his search market partner, Ballmer put his comment in context, saying that any CEO would feel grateful for not making a major acquisition in the months prior to the global financial collapse that started in the second half of 2008.
Biotech

Submission + - New Vaccine Halves Malaria Risk (reuters.com)

An anonymous reader writes: According to a report in Reuters, scientists are celebrating the end of a clinical trial which found a malaria vaccine reduces infection risk by half in children. From the article: 'While scientists say it is no "silver bullet" and will not end the mosquito-borne infection on its own, it is being hailed as a crucial weapon in the fight against malaria and one that could speed the path to eventual worldwide eradication. Malaria is caused by a parasite carried in the saliva of mosquitoes. It kills more than 780,000 people per year, most of them babies or very young children in Africa. Cohen's vaccine goes to work at the point when the parasite enters the human bloodstream after a mosquito bite. By stimulating an immune response, it can prevent the parasite from maturing and multiplying in the liver. ... Cohen said that if all goes to plan, RTS,S could be licensed and rolled out by 2015.'

Slashdot Top Deals

CChheecckk yyoouurr dduupplleexx sswwiittcchh..

Working...