Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror

Comment Which Verizon proccess did he used ? (Score 1) 104

by mat (#38354582) Attached to: Verizon Tech Charged In $4.5M Equipment Scam
I'm working for Verizon (Business, not Wireless), but I would like to know which process did he used to order the devices. When I have to order legitimate devices or training, it's always a highly complex process that must be validated by up to ten people including one vice-president, checked by auditors in different countries and must be exactly filled otherwise will be rejected (in one of the last steps of course)... a nightmare and really time consuming ! So I'm really impressed by what he did !
Internet Explorer

Researchers Bypass IE Protected Mode 91

Posted by Soulskill from the locked-doors-open-windows dept.
Trailrunner7 writes "A new paper from researchers at Verizon Business identifies a method through which an attacker can bypass Internet Explorer Protected Mode and gain elevated privileges once he's successfully exploited a bug on the system. Protected Mode in Internet Explorer is one of a handful of key security mechanisms that Microsoft has added to Windows in the last few years. It is often described as a sandbox, in that it is designed to prevent exploitation of a vulnerability in the browser from leading to more persistent compromise of the underlying system. In their research, the Verizon Business team found a method that, when combined with an existing memory-corruption vulnerability in the browser, enables an attacker to bypass Protected Mode and elevate his privileges on the compromised machine (PDF). The technique enables the attacker to move from a relatively un-privileged level to one with higher privileges, giving him complete access to the logged-in user's account."
Patents

Nero Files Antitrust Complaint Against MPEG-LA 247

Posted by Soulskill from the hot-topics-getting-hotter dept.
hkmwbz writes "German technology company Nero AG has filed an antitrust complaint against the MPEG-LA, the company that manages the H.264 patent pool. Nero claims that the MPEG-LA has violated the law and achieved and abused 100% market share, by, among other things, using 'independent experts' that weren't independent after all, not weeding out non-essential patents from the pool (in fact, it has grown from the original 53 to more than 1,000), and retroactively changing previously-agreed-on license terms."
Networking

Proposed IPv6 Cutover By 2011-01-01 398

Posted by kdawson from the swatting-a-nat dept.
IO ERROR writes "An internet-draft published this month calls for an IPv6 transition plan which would require all Internet-facing servers to have IPv6 connectivity on or before January 1, 2011. 'Engineer and author John Curran proposes that migration to IPv6 happen in three stages. The first stage, which would happen between now and the end of 2008, would be a preparatory stage in which organizations would start to run IPv6 servers, though these servers would not be considered by outside parties as production servers. The second stage, which would take place in 2009 and 2010, would require organizations to offer IPv6 for Internet-facing servers, which could be used as production servers by outside parties. Finally, in the third stage, starting in 2011, IPv6 must be in use by public-facing servers.' Then IPv4 can go away."

Slashdot Top Deals

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (8) I'm on the committee and I *still* don't know what the hell #pragma is for.

Close