Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Comment Re:Blackhole (Score 5, Informative) 49

Symantec says that Blackhole affects "various Windows platforms". Does Cryptome run on Windows?

Whether or not cryptome runs in windows is not for me to say, however I do believe that cryptome was compromised and made to distribute the blackhole exploit. The following is found on TFA:

Although I'm not a full fledged security researcher, I could shed some light on the script that you found on your server. The basic program flow goes like this when a client loads the script (in your case every time anyone visits one of your pages):

  • the client IP address is compared against a list (net_match(...)) and if it falls within the range of the list it is in scope
  • the client OS is determined and if it is a windows machine, it is in scope
  • the client browser is determined and if it is a internet explorer (6.0 until 8.0) it is in scope
  • if the client is in scope (i.e. all three of the previous are true), a file is created on your webserver (empty text file), the filename is the IP address of the client (probably for later retrieval)
  • an iFrame is loaded in the browser of the client that will be impossible to see (width and height of 1 pixel) and that iframe points to the webpage of ''

After step 5 probably the browser is under attack and it will probably be a successful attack since the attackers knows the client to be a windows machine running an internet explorer browser, my guess would be that the client is now infected and part of a botnet to be used in other attacks. The IP address of the attacker is a webserver for the domain http://absolutely-free-meeting.com/ I'm not sure they have anything to do with this attack, probably they are a comprimised server like your webserver was compromised. The WHOIS information for this domain is registered by godady and I include their data and the registrants data below, it would be best to contact both so that they can clean up their server also. Conclusion:

  • your webserver was compromised and a file was uploaded (the attacking script)
  • the attacker was only interested in certain IP address (probably only a certain location)
  • the clients that are infected are infected from another web server (no idea why since that attack script could have been put on your webserver also)

PS: I tried to format that as best I could but slashdot was having none of it

Comment Re:Inevitable. (Score 1) 511

True enough. There are many advanced features you find in NoScript but not NotScripts, and I can see how one would miss them. But if all you're looking for is to block flash and ad network/tracking scripts, it gets the job done.

It mostly gets the job done. The inline javascript is huge. On the developers own site he admits he cannot currently block inline javascript. Which means a simple <script>while(1){alert('trolololol')}</script> would defeat it. I know Chrome detects this and will not allow an infinite number of alerts but my point is inline scripting is used a lot and NotScripts cannot protect against that.

Comment Re:Inevitable. (Score 1) 511

See my post above, I've used NoScript, I use NotScripts on Chrome now, and I don't miss any functionality.

While an average user might not miss any functionality with NotScripts the overwhelming truth is that there are limitations to what NotScripts can do with the limited Chrome API. Let me list some features I use daily:

  • Clickjacking protection
  • inline script blocking
  • Script Surrogates
  • XSS Filtering
  • Application Boundary Enforcement
  • HTTPS Enforcement
  • Secure Cookie Enforcement

I could go on but lets discuss ABE for a moment. Singularly the most awesome part of NoScript. Lets say you allow Facebook.com scripts to run since you have a facebook account. Now lets say you allow slashdot.org scripts to run because you are a masochist. Facebook inclusions will run on slashdot.org because you trust both facebook and slashdot. But not with ABE:
# Facebook XSS
Site .facebook.com .fbcdn.net .facebook.net
Accept from .facebook.com .fbcdn.net .facebook.net

I could still go on but you get the point right?

The Media

Submission + - Panopticon Society and the Moral Power of an Image

Hugh Pickens writes writes: "James Fallows writes that you don't have to idealize everything about the Occupy movement to recognize the stoic resolve of the protesters at UC Davis being pepper sprayed as a moral drama that the protesters clearly won. "The self-control they show, while being assaulted, reminds me of grainy TV footage I saw as a kid, of black civil rights protestors being fire-hosed by Bull Connor's policemen in Alabama. Or of course the Tank Man in Tiananmen Square," writes Fallows. "Such images can have tremendous, lasting power." We can't imagine all the effects of the panopticon society but one benefit to the modern protest movement is the omnipresence of cameras as police officials, protestors, and nearly all onlookers are recording whatever goes on bringing greater accountability and a reality-test for police claims that they "had" to use excessive force. "What's new is that now the perception war occurs simultaneously with the physical struggle. There's almost parity," writes Andrew Sprung. "You have a truncheon or gun, I have a camera. You inflict pain, I inflict infamy.""

Submission + - A Bottom-up Labeling System for Organizations (goteo.org)

anarresti writes: "We all know people willing to help and contribute in an initiative but simply not been able to find where. Besides, plenty of small charities and startups, even ones with enormous potential, remain in the shadows because they cannot be easily located. The webtool Move Commons (MC) aims to help these to reach critical mass in their fields, connecting them with contributors, and clustering similar initiatives. The mechanics are similar to how Creative Commons (CC) “labels” cultural works. In fact, MC builds on top of CC, as CC built on top of the GPL. In MC, initiatives can "label" themselves using keywords and icons representing the principles they are committed to. Initiatives generate their badges to embed them, and its icons answer several questions: Is this a nonprofit? Is it transparent? Can I use part of their contents for my blog? How are they organized internally? Badges include semantic code which allows search engine queries such as “initiatives in Springfield that are grassroots, non-profit, delivering CC content, and related to 'IT' and 'alternative education'?” (Think of your own topics, keywords and places). The idea is to let projects locate and collaborate with like-minded initiatives and to allow potential contributors to find easily small local initiatives. Move Commons just launched a crowdfunding campaign to fund the project needs and attract collaborators. It uses the Goteo crowdfunding platform, which only aids free/libre projects that return to the Commons."

Submission + - Android sees exponential growth in malware (winbeta.org)

BogenDorpher writes: According to research conducted by Juniper Networks, Google's Android mobile operating system exploded in malware in just the past few months. In fact, Android saw an increase by 472% in malware since July of 2011. And it seems that Google is doing nothing about it, yet.

Slashdot Top Deals

"You need tender loving care once a week - so that I can slap you into shape." - Ellyn Mustard