Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - UN Estimates Earth Population to Hit 11 Billion By 2100 (nationalpost.com) 1

iONiUM writes: From the article: "The world is expected to add another billion people within the next 15 years, bringing the total global population from 7.3 billion in mid-2015 to 8.5 billion in 2030, 9.7 billion in 2050, and 11.2 billion by 2100, according to new estimates from the UN."

Some interesting points include: Africa's population expected to grow from 16.2% of the world's population to 39.2% with Nigeria expected to overtake the US' population by 2050. India expected to overtake China by 2030.

The estimates don't appear to take into consideration war, famine, and food shortages that may hamper such extreme growth in third world countries, not to mention the mass-immigration and cultural shifts that would occur due to this scenario in places like Europe and North America.

Submission + - Multiple Vulnerabilities in Pocket

vivaoporto writes: Clint Ruoho reports on gnu.gl blog the process of discovery, exploitation and reporting of multiple vulnerabilities in Pocket, the third party web-based service chosen by Mozilla (with some backslash) as the default way to save articles for future reading in Firefox.

The vulnerabilities, exploitable by an attacker with only a browser, the Pocket mobile app and access to a server in Amazon EC2 costing 2 cents an hour, would give an attacker unrestricted root access to the server hosting the application.

The entry point was exploiting the service's main functionality itself — adding a server internal address in the "read it later" user list — to retrieve sensitive server information like the /etc/passwd file, its internal IP and the ssh private key needed to connect to it without a password. With this information it would be possible to SSH into the machine from another instance purchased in the same cloud service giving the security researcher unrestricted access.

All the vulnerabilities were reported by the researcher to Pocket, and the disclosure was voluntarily delayed for 21 days from the initial report to allow Pocket time to remediate the issues identified. Pocket does not provide monetary compensation for any identified or possible vulnerability.

Submission + - EU may bar Microsoft from government procurement (arstechnica.com)

PotBelly writes: The EU's antitrust findings against Microsoft may result in the software giant's being frozen out of procurement contracts. If Parliament decides that the 2004 antitrust finding confirmed last fall by the Court of First Instance is precedent setting, Microsoft might have a hard time selling its software to the EU and its member institutions. 'According to the body of rules that govern EU public procurement procedures, "Candidates or tenderers shall be excluded from participation in a procurement procedure if" they either "(b) they have been convicted of an offence concerning their professional conduct by a judgment which has the force of res judicata" or "(c) they have been guilty of grave professional misconduct proven by any means which the contracting authority can justify."'

Slashdot Top Deals

Have you reconsidered a computer career?