Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - Latest victim of Gov't Shutdown: Bill Gates

Dr. Tom writes: The National Institutes of Health (NIH) Research Festival, an annual event scheduled to be held next week, has been canceled. Bill Gates was to have delivered the opening keynote speech tomorrow (Monday):

1:00 p.m. – 2:00 p.m.

David E. Barmes Global Health Lecture
Bill Gates, Co-chair and Trustee of the Bill and Melinda Gates Foundation
Masur Auditorium (Videocast Overflow in Lipsett Amphitheater)

Many of us at the NIH were looking forward to attending the lecture, which was to have been videocast across the NIH campus, and are also saddened that the actions of a small minority have been able to disrupt this celebration of medical science and research.

Submission + - How Assumptions Are Making Us All Insecure (

Trailrunner7 writes: In the space of a given year, untold thousands of vulnerabilities are found in operating systems, applications and plug-ins. In many cases, the affected vendors fix the flaws, either with a patch, a workaround or some other mitigation. But there's also a huge population of security bugs that vendors never fix because they're deemed unexploitable, an assumption that may be turning into a serious mistake for software makers. Microsoft made such a call earlier this year, after researchers at Core Security informed the company that they had found a vulnerability in the Microsoft Virtual PC software. The flaw, which affected the virtual machine monitor (VMM) in Virtual PC, could enable an attacker to use applications running in user-space on a guest OS to access portions of the Virtual PC memory that should be inaccessible to those applications. This gives the attacker the ability to bypass anti-exploitation technologies in the underlying operating system and exploit flaws in the OS that otherwise would not be exploitable.

The difference in this case, experts say, is that the Virtual PC vulnerability is the symptom of a larger problem lurking beneath the surface: assuming that protections such as ASLR, DEP and SafeSEH will always be around to save us. "We're less worried about this particular vulnerability than we are about the now-exposed (incorrect) assumption that various security mechanisms will always be in place. It's obvious that a complete re-calibration of exploit potential for uncategorized bugs will become necessary if vulnerabilities like the one described here remain in our fielded systems. Not so good for Windows 7," Gary McGraw of Cigital said.


Jetman Attempts Intercontinental Flight 140

Last year we ran the story of Yves Rossy and his DIY jetwings. Yves spent $190,000 and countless hours building a set of jet-powered wings which he used to cross the English Channel. Rossy's next goal is to cross the Strait of Gibraltar, from Tangier in Morocco and Tarifa on the southwestern tip of Spain. From the article: "Using a four-cylinder jet pack and carbon fibre wings spanning over 8ft, he will jump out of a plane at 6,500 ft and cruise at 130 mph until he reaches the Spanish coast, when he will parachute to earth." Update 18:57 GMT: mytrip writes: "Yves Rossy took off from Tangiers but five minutes into an expected 15-minute flight he was obliged to ditch into the wind-swept waters."

Slashdot Top Deals

Asynchronous inputs are at the root of our race problems. -- D. Winker and F. Prosser