Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - Orlando Entrepreneurs Seek to Partner with FAA for Certificate Film Flight (chatterbuzzmedia.com)

lucymartin12 writes: Hoverfly Technologies designs and builds groundbreaking aerial robot systems. The company’s film robots help photographers find innovative ways to produce aerial footage, and its industrial and public safety robots help protect people and property. Hoverfly’s commercial and public safety robots feature Hovercore, Hoverfly’s proprietary flight control system technology incorporating advanced concepts in aerial flight stability, communications, and safety intelligence
The Internet

Submission + - The Most Detailed Picture of the Internet Ever (vice.com)

Daniel_Stuckey writes: "Why would you need a map of the Internet? The Internet is not like the Grand Canyon. It is not a destination in a voyage that requires so many right turns and so many left turns. The Internet, as the name suggests and many of you already know, is nothing but the sum of decentralized connections between various interconnected computers that are speaking roughly the same language. To map out those connections and visualize the place where I spend so much of my time may not have any clear use, but it intrigues the pants off me.

An anonymous researcher with a lot of time on his hands apparently shares the sentiment. In a newly published research paper, this unnamed data junkie explains how he used some stupid simple hacking techniques to build a 420,000-node botnet that helped him draw the most detailed map of the Internet known to man. Not only does it show where people are logging in, it also shows changes in traffic patterns over time with an impressive amount of precision. This is all possible, of course, because the researcher hacked into nearly half a million computers so that he could ping each one, charting the resulting paths in order to make such a complex and detailed map. Along those lines, the project has as much to do with hacking as it does with mapping."


Submission + - Universe 100 million years older than previously thought (reuters.com)

skade88 writes: Reuters is reporting that scientists now say the universe is 100 million years older than previously thought after they took a closer look at leftover radiation from the Big Bang. This puts the age of the Universe at 13.8 billion years. The new findings are the direct results from analyzing data provided by the European Space Agency's Planck spacecraft. The spacecraft is providing the most detailed look to date at the remnant microwave radiation that permeates the universe.

"It's as if we've gone from a standard television to a high-definition television. New and important details have become crystal clear," Paul Hertz, NASA's director of astrophysics, told reporters on a conference call.


Submission + - Is PHP Insecure? (developer.com)

darthcamaro writes: Over 60 bugs were reported in PHP over the last 30 days, should PHP users and developers be worried? Most of the flaws however are ones that developers themselves can protect against with proper coding practices according to the Andi Gutmans CEO of commercial PHP vendor Zend. He argues that PHP security is a matter of setting expectations. In his view, PHP — like all development languages, is only as secure as the code people that write code with it.

"People should not expect PHP to be able to enforce security boundaries on a developer that has permissions to run custom PHP code," Gutmans said. "It's an inherently flawed scenario — and it's the wrong layer to protect in. People must rely on properly-configured OS-level permissions for securing against untrusted developers."


Submission + - Use of "A" accounts in large environments

fatboy77 writes: As part of a team that supports ~1600 servers I have been charged with a task to find a way to grant admin access to the environment to team members that are spread across the world. One item that we are considering is the use of "A" accounts, that is a seperate account that is used by each team member that has elevated access to the environment. Each team member would maintain a standard user account that would be used for email, internet, and general activities, but for activities that require admin access to the servers they would each have an "A" account wich would be the same as there standard account with an A at the end of it and a separate password that is changed on a shorter schedule than there standard account.

I am wondering how other companies are handleing this type of situation.

Submission + - Super Earths discovered orbiting 61 Virginis (sciencedaily.com) 1

likuidkewl writes: Two super Earths, 5 and 7.5 times the size of our home, were found to be orbiting 61 Virginis a mere 28 light years away.

"These detections indicate that low-mass planets are quite common around nearby stars. The discovery of potentially habitable nearby worlds may be just a few years away," said Vogt, a professor of astronomy and astrophysics at UCSC.

And yes, it was hard not to type virgins.


Submission + - The Coming Spam Pandemic (threatpost.com)

Trailrunner7 writes: Many spammers now have large staffs of people working on nothing but building out completely fake personas for non-existent users on social networking sites and blog networks. The spammers use these personas to create accounts on Twitter, Facebook, Blogspot and other sites that have high levels of user interaction. But these are not the easily identifiable spambots and fake profiles that have been cluttering these sites from the beginning. Instead, the personas have all of the attributes that one would expect in a real user, such as clearly defined interests, specific geographic locations, favorite bands and movies. "Their goal is to be right down the middle, not too high or too low on the radar," said Robert Hansen, a security researcher who discussed the new tactics during a webinar Wednesday put on by Black Hat and Dark Reading. Hansen, who has spoken with some of the spammers using these techniques, said that they can create as many as 500,000 to a million new personas in a single day.

Submission + - ACLU loses largest donor

conspirator57 writes: For those of you who are big fans of civil liberties, e.g. supporters of the Electronic Frontier Foundation (EFF) eff.org, it may come as a downer to know that the American Civil Liberties Union (ACLU) aclu.org has lost it's single largest donor to the financial crisis and burgeoning depression. This person was responsible for about 25% of ACLU's annual budget. Please support them as you are able.

Full story from Glenn Greenwald:
Data Storage

FreeBSD Begins Switch to Subversion 120

An anonymous reader writes "The FreeBSD Project has begun the switch of its source code management system from CVS to Subversion. At this point in time, FreeBSD's developers are making changes to the base system in the Subversion repository. We have a replication system in place that exports our work to the legacy CVS tree on a continuous basis. People who are using our extensive CVS based distribution network (including anoncvs, CVSup, cvsweb, ftp) will not be interrupted by our work-in-progress. We are committed to maintaining the existing CVS based distribution system for at least the support lifetime of all existing 'stable' branches. Security and errata patches will continue to be made available in their usual CVS locations."

Delving Into Google Health's Privacy Concerns 121

SecureThroughObscure writes "Security researcher Robert 'RSnake' Hansen discusses numerous concerns with Google's new Google Health application, which aims to integrate user's medical records online. We discussed Google Health's opening to the public earlier this week. RSnake mentions that Google has found a loophole allowing them to provide this service without having to follow HIPAA regulations, which, combined with Google's track record of having numerous flaws leading to private information disclosure, draws serious concern. Security researcher Nate McFeters of ZDNet's Zero-Day Security Blog also commented on the article, mentioning several past vulnerabilities: ownership of content issues, Google Docs theft, a cross-domain hole, Google XSS, and a Google Picasa protocol handler issue leading to the theft of user images. He and fellow researcher Billy Rios disclosed these issues to Google, including the ability to steal GMail contact list information. McFeters says it's likely that similar unpatched bugs would allow an attacker to view medical records if a user was also using Google Health. Both McFeters and Hansen tend to agree that Google's vulnerability disclosure/notification is non-existent and really needs to be improved. Currently, Google does not report vulnerabilities it has fixed to its user base, for the obvious reason of trying to hide the fact that user data could have been stolen."
The Courts

LifeLock Spokesperson's Stolen ID Inspires Lawsuits 217

OrochimaruVoldemort writes "It seems as though LifeLock isn't as secure as Todd Davis makes it out. According to a LifeLock spokesman, his identity has been stolen. For two years, Davis has been daring hackers to steal his ID. Looks like he got what he wanted. CNN reports: 'Now, LifeLock customers in Maryland, New Jersey and West Virginia are suing Davis, claiming his service didn't work as promised and he knew it wouldn't, because the service had failed even him.'"

Submission + - Office 2007 fails OOXML conformance test. (slashdot.org)

hullabalucination writes: "CNET is reporting that Alex Brown, "leader of the International Organization for Standardization (ISO) group in charge of maintaining the Office Open XML (OOXML) standard," has stated that Microsoft Office 2007-generated documents do not conform to ISO/IEC 29500, the OOXML standard.

Brown is said to be hopeful that Microsoft will eventually bring Office 2007 up to snuff, but goes on to ask, "The question behind the question, for a lot of the current OOXML debate, seems to be: can Microsoft really be trusted to behave?""


Submission + - Windows XP SP3 Releases One Week Early (pcmag.com)

mikemuch writes: Microsoft today announced that Windows XP Service Pack 3 has been released to manufacturing, right in line with the company's timeline. PC Magazine got a download with some pictures of the installation. There's not much that wasn't in the beta already, it's just a rollup of the past three years' worth of security, stability, and performance updates. The only actual feature adds include Network Access Protection (NAP) to help organizations that use Windows XP to take advantage of new features in the Windows Server 2008. The update will be available at the Microsoft Download Center next Monday, and pushed to Windows Automatic updates in June.

Slashdot Top Deals

All science is either physics or stamp collecting. -- Ernest Rutherford