gschwim - Slashdot User

SSLStrip Now In the Wild 208

Posted by CmdrTaco on Monday February 23, 2009 @10:51AM from the not-the-marisa-tomei-kind dept.

An anonymous reader writes "Moxie Marlinspike, who last week presented his controversial SSL stripping attacks at Black Hat Federal, appears to have released his much-anticipated demonstration tool for performing MITM attacks against would-be SSL connections. This vulnerability has been met with everything from calls for more widespread EV certificate deployment to an even more fervent push for DNSSEC."

Comment Re:Spanning Tree (Score 1) 388

by gschwim on Tuesday February 10, 2009 @12:49AM (#26793717) Attached to: Slashdot.org Self-Slashdotted

That's where I'd put my money. I've seen this too many times to not cringe at the thought. There are ways to prevent this of course, depending on the equipment.

Comment Risk/Reward, other options (Score 1) 134

by gschwim on Thursday November 20, 2008 @08:30PM (#25840199) Attached to: Kaminsky Bug Options Include "Do Nothing," Says IETF

Risk/reward also needs to be considered as part of this. The move to DNSSEC may itself be straightforward (emphasis on "may), but it does stand to increase overall DNS bandwidth and use of other resources throughout the global DNS infrastructures. Service providers are sure to look at this and wonder what they're getting out of the deal for their added costs.

One thing to consider as well is that DNS is not intended to be an authentication of a site you are visiting. It seems to me there are other methods of site validation (SSL/Certs).

Comment Who cares what Stallman thinks? (Score 1) 905

by gschwim on Monday November 17, 2008 @11:20AM (#25786119) Attached to: Stallman Unsure Whether Firefox Is Truly Free

I really don't get it. He's ideologies are extremist and not realistic for what most of us call the "real world". Said real world is most definitely both free and not free. Air, for example, is free. The home in which you live, is not, although I'm sure RMS would argue that THAT should be free too.

What a flipping wacko.

And anyway, what does he exactly mean by "free" and how does it affect me? Why should I care what he thinks?

We need to get this communistic line of thinking out of our software development, people.

Objective-J and Cappuccino Released 56

Posted by kdawson on Friday September 05, 2008 @11:08AM from the hot-bits dept.

Wizard Drongo writes "280 North, who earlier this year released 280 Slides, a revolutionary new type of web-app written in Objective-J using the Cappuccino framework (both of which they also wrote), have today made good on their promise to open-source the language and framework. From their about page: 'Cappuccino is an open source application framework for developing applications that look and feel like the desktop software users are familiar with. Cappuccino was implemented using a new programming language called Objective-J, which is modeled after Objective-C and built entirely on top of JavaScript. Programs written in Objective-J are interpreted in the client, so no compilation or plugins are required. Objective-J is released alongside Cappuccino in this project and under the LGPL.' You can download the framework, tools, documentation and more on their website."

Four SSDs Compared — OCZ, Super Talent, Mtron 206

Posted by kdawson on Friday September 05, 2008 @10:44AM from the be-vewwy-vewwy-quiet dept.

MojoKid writes "Solid State Drive technology is set to turn the storage industry on its ear — eventually. It's just a matter of time. When you consider the intrinsic benefits of anything built on solid-state technology versus anything mechanical, it doesn't take a degree in physics to understand the obvious advantages. However, as with any new technology, things take time to mature and the current batch of SSDs on the market do have some caveats and shortcomings, especially when it comes to write performance. This full performance review and showcase of four different Solid State Disks, two MLC-based and two SLC-based, gives a good perspective of where SSDs currently are strong and where they're not. OCZ, Mtron and Super Talent drives are tested here but Intel's much anticipated offering hasn't arrived to market just yet."

UK ISPs To Hand Over Thousands of File Sharers' Data 180

Posted by kdawson on Friday September 05, 2008 @09:57AM from the so-ordered dept.

Death Metal Maniac sends along a link from TorrentFreak on the latest development in game developer Topwear's battle against file sharers in the UK. "US game developer Topware Interactive, the people behind the now infamous Dream Pinball affair, are about to turn up the heat. Operating through London lawyers Davenport Lyons, they have managed to convince the High Court to send out an order demanding that ISPs in the UK start to hand over the details of several thousand alleged pirates ... BT, one of the UK's largest ISPs ..., confirmed it had been ordered to hand over details of alleged copyright infringing file-sharers ... Virgin Media was a little more slippery in its response but reading between the lines it seems obvious they are involved too."

Every Satellite Tracked In Realtime Via Google Earth 196

Posted by kdawson on Friday September 05, 2008 @09:12AM from the bejeweled-coterie dept.

Matt Amato writes "With the recent discussion of the ISS having to dodge some space junk, many people's attention has once again focused on the amount of stuff in orbit around our planet. What many people don't know is that USSTRATCOM tracks and publishes a list of over 13,000 objects that they currently monitor, including active/retired satellites and debris. This data is meaningless to most people, but thanks to Analytical Graphics, it has now been made accessible free of charge to anyone with a copy of Google Earth. By grabbing the KMZ, you can not only view all objects tracked in real-time, but you can also click on them to get more information on the specific satellite, including viewing its orbit trajectory. It's an excellent educational tool for the space-curious. Disclaimer: I not only work for Analytical Graphics, but I'm the one that wrote this tool as a demo."

Slashdot Top Deals