Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - How Your Compiler Can Compromise Application Security (itworld.com)

jfruh writes: Most day-to-day programmers have only a general idea of how compilers transform human-readable code into the machine language that actually powers computers. In an attempt to streamline applications, many compilers actually remove code that it perceives to be undefined or unstable — and, as a research group at MIT has found, in doing so can make applications less secure.

Submission + - Microsoft tracks all local searches... (secure-bits.com)

An anonymous reader writes: I have seen little reporting on this but Microsoft has added the "Smart Search" to it's Windows 8.1 incarnation — which sends all it's search terms to Bing to create revenue from displaying web results and ads. That display can be disabled.
So all is ok you may think. But it's not, just look at the wording of the entry in the dialog, there it doesn't allow you to "disable Bing search", no you can only set "I don't want to see the Bing search results", implying that the search itself still is being sent to Microsoft. This is a big security breach and not a single business entity should therefore allow their employees to ever use the operating system... You have to monitor traffic and find out which servers are accessed to provide the Bing results to then disable access to them via an external firewall to get rid of this.


Submission + - 84 Million Stars in this 9 Gigapixel Image (vice.com)

Daniel_Stuckey writes: "Looking up into the dark autumn sky in New York City, I’m still dumbfounded on the nights that I’m able to spot more than a dozen stars. The city’s light pollution is actually so great here that when I visit rural places I’m kept up at night by a sort of analog version of the internet: stargazing. But now it seems a single photograph could contain more stars than a night in the countryside ever could.

At the European Southern Observatory’s Paranal Observatory in Chile, site of the VLT (Very Large Telescope) array, the VISTA telescope (Visible and Infrared Survey Telescope for Astronomy) has captured a picture of unprecedented properties. The beast of an image, weighing in at nine-gigapixels (9,000 megapixels, which would print to about 23 × 30 feet) is now available in an interactive, zoomable format via ESO’s website."

Submission + - Ask Slashdot: Alternatives for startups when domains are already registered 2

An anonymous reader writes: Recently we've been trying to start a small company in Argentina. When trying to acquire the domains we need (.com and .com.ar) we found that they were already registered but not in use. We contacted the owners, which are companies or individuals that buy and sell domains for a living.

They said that .com would be a six figure domain (!), which is pretty impressive given that it's not a recognized brand or anything, it's a simple english noun.

On the other hand, for the .com.ar (which is actually free!!) we were asked around 2000.

We think this is outrageous. There has to be some legal way for small enterpreneurs to be able to start their own business without having to pay to these people.

Maybe if we register the name then we can request to be given priority over the domain?

Has any of you ever had to deal with a situation like this?

Submission + - SSL Vulns Found in Critical Non-Browser Software (threatpost.com)

Gunkerty Jeb writes: The death knell for SSL is getting louder.

Researchers at the University of Texas at Austin and Stanford University have discovered that poorly designed APIs used in SSL implementations are to blame for vulnerabilities in many critical non-browser software packages.

Serious security vulnerabilities were found in programs such as Amazon’s EC2 Java library, Amazon’s and PayPal’s merchant SDKs, Trillian and AIM instant messaging software, popular integrated shopping cart software packages, Chase mobile banking software, and several Android applications and libraries. SSL connections from these programs and many others are vulnerable to a man in the middle attack.


Submission + - New NRC chair: It's 2050: Do you know where your nuclear waste is? (thebulletin.org)

__aaqpaq9254 writes: New NRC chair, Allison Macfarlane, is a PhD in geology and an expert on nuclear waste. In this article, she points out that the lack of planning in terms of what to do with the back end of the fuel cycle has to change now, or the public will ultimately reject nuclear power.

Slashdot Top Deals

Logic is the chastity belt of the mind!