Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Speculation rife that Einstein's greatest prediction has been found

An anonymous reader writes: EINSTEIN’S greatest prediction may have been correct: The titanic forces unleashed by two colliding black holes has reportedly exposed the fabric of space-time itself through long-elusive gravitational waves.

The physics community has been abuzz with speculation ever since excited researchers affiliated with — but not directly involved in — the project spilt the beans on Twitter.

Submission + - OpenSSL to fix two security defects, one is high severity. (openssl.org)

An anonymous reader writes: Forthcoming OpenSSL releases
============================

The OpenSSL project team would like to announce the forthcoming release of
OpenSSL versions 1.0.2f, 1.0.1r.

These releases will be made available on 28th January between approx. 1pm and
5pm (UTC). They will fix two security defects, one of "high" severity affecting
1.0.2 releases, and one "low" severity affecting all releases.

Please see the following page for further details of severity levels:
https://www.openssl.org/polici...

Please also note that, as per our previous announcements, support for 1.0.0 and
0.9.8 releases ended on 31st December 2015 and are no longer receiving security
updates. Support for 1.0.1 will end on 31st December 2016.

Yours

The OpenSSL Project Team

Submission + - Apple patents phone where bending is a feature, not a flaw (zdnet.com)

An anonymous reader writes: Imagine if your phone didn't need a protective cover, and you could drop it from almost any height without breaking it? And what if, despite being as big as the iPhone 6 Plus, your phone could be folded up and stashed in your pocket?
That phone doesn't exist today, but Apple has now been granted a US patent for such a device that could see a future iPhone that moves more like a slice of silicon than metal or glass. All Apple needs to do now is figure out how to build it.

Submission + - W3 releases drafts: Webmention & Social Web Protocals (w3.org)

oztiks writes: The Social Web Working Group has published two First Public Working Drafts:

Webmention: Webmention is a simple way to notify any URL when you link to it on your site. From the receiver’s perspective, it’s a way to request notifications when other sites link to it.

Social Web Protocols: The Social Web Protocols are a collection of standards which enable various aspects of decentralized social interaction on the Web. This document describes the purposes of each, and how they fit together.

Submission + - Hong Kong Investor Buys 65% Of Russia's Yota, Maker Of Dual-Screen Android Phone (techcrunch.com)

An anonymous reader writes: Yota Devices, the Russian company that sells two-screened Android smartphones, has a new owner after shareholder Telconet Capital sold its majority 64.9 percent holding to Hong Kong-listed REX Global Entertainment for $100 million, according to a regulatory filing.

Yota caught the attention with a unique dual-screen smartphone which takes aim at the increasingly homogeneous design of phones by offering an e-ink screen on its reverse. Its first device — called simply the Yota Phone — emerged in December 2012 and was subsequently sold in 20 markets across Europe, Russia and Middle East. Yota didn’t disclose sales figures, but media reports suggest it didn’t fare well.

Submission + - SPAM: Apple Files New Patent For Intuitive iPhone

oztiks writes: Apple may further revolutionize the future of smartphones. The Cupertino-based company recently filed a patent application with the U.S. Patent and Trademark Office that suggests a smartphone with “situational awareness”.

This possible innovative feature would allow the device to automatically perform specific tasks in specific situations. For instance, the device could adjust the volume or light when it’s not in use.

Link to Original Source

Submission + - Google crashes Monster man's party (smh.com.au)

oztiks writes: http://forums.whirlpool.net.au/forum-replies.cfm?t=1910416&p=-1

Timothy Sabre, the convicted hacker and former party promoter who claimed to have unlocked the secrets of Google's algorithm, has been stripped of his Google accreditation.
The action follows numerous complaints that his firm Publicity Monster has failed to deliver on pledges to guarantee top 7 rankings on Google Local/Places.

Party boy ... Timothy Sabre. Photo: Facebook/Timmy Sabre
Despite the complaints, NSW Police say it's a consumer protection authority matter, while NSW Fair Trading and Consumer Affairs Victoria refuse to divulge what they are doing. Comment is being sought from the Australian Federal Police.
Advertisement
As details emerge of Sabre's criminal history, involving computer hacking, customers have discovered another of his sites called howtobuywebsitetraffic.com. It purports to offer 100,000 human visitors for $119.99.
Know more? bgrubb@smh.com.au

Timothy posing with plates at the Ivy Pool Club. Photo: Facebook/Timmy Sabre
Sabre was sentenced to 450 hours community service on a three-year good behaviour bond on April 27, 2001 after being found guilty of the offence "destroy/erase/alter data stored in computer". He had allegedly paid someone to hack into and wipe website designer Hollie Bell's PC and websites. She had worked for one of his businesses in 1999 and says the damage cost her $10,000 and jeopardised her career prospects.
Sabre then declared bankruptcy on December 10, 2001.
The police officer who charged him, Rick Giardini, told Fairfax Media that Sabre was one of the first to have been convicted of computer crimes in Australia.

Timothy at the Ivy Pool Club. Photo: Facebook/Timmy Sabre
"From memory he was one of those types that would have walked over any person that stood in his way which is evident when you look at the offence he was convicted of [in 2001]," he said.
For some time now there have been allegations that Sabre has been ripping off customers, and consumer protection authorities refuse to confirm whether they are investigating.
Complaints against Publicity Monster so far include that it:
Doesn't rank many clients' chosen keyword/s in a top 7 placement
Changes clients' chosen keyword/s to a far inferior one throughout contract
Doesn't make clear that refunds must be claimed between days 90 and 100
Refuses to pay refunds in many cases
Sends debt collector Dun and Bradstreet after clients' invalid debts
Hides terms and conditions via an obscure URL on its website
Threatens those who complain with legal action or suspension
Employs contractors to avoid paying entitlements
Removes Facebook posts on its official page that are negative

Timothy in a TV advertisement for Publicity Monster. Photo: Screenshot of YouTube ad
Computer hacking
Known also as Timothy Said, Sabre has previously been convicted for carrying an illegal firearm (uncovered by police when they seized his PC over the computer hacking matter), for which he was fined $200, and has had his driver's licence suspended for 12 months for driving an uninsured and unregistered car, which both attracted $200 fines.
ICQ chat logs recovered by NSW Police and submitted to the court from Sabre's PC after it was formatted (because he claimed it had been infected by a virus) show Sabre, known online in the late 90s as "The Designer", having conversations with another hacker. (Sabre told police in an interview that he called himself The Designer because he used to design kitchens and bathrooms.)

A screenshot from the Publicity Monster website.
He asked the hacker if they knew of a "good" hacking website, the chat records show. "I wanna f--- this chick over," Sabre said.
"I gave her money to do my website and she didn't finish it. f-- I trusted her but I wanna f--- her for good, she doesn't know I'm pissed I'm gonna take advantage of that."
Soon after Sabre spoke to them, ICQ logs recovered from Bell's computer show ICQ user "DJ Shockwave" sending a file to Bell, who opened it and was then told by the user that her computer would no longer work.

Timothy Sabre at the Ivy Pool Club in Sydney. Photo: Facebook/Timmy Sabre
The user, the logs show, asked if she knew a user named "The Designer". Telling him yes and then asking why, Hollie was told: "He has paid me to hack into your computer. I know it's sad, but it's my job."
NSW Police alleged in court documents that they also found conversations between Sabre and numerous other people where he "frequently speaks of hacking computers and brags about being a professional hacker".
Google accreditation stripped
Google acted quickly following Fairfax Media's report last week, announcing at the weekend that Publicity Monster had been suspended from its partner programme "... for violating one or more of the ... terms and conditions for qualification". The terms say partners are not allowed to "guarantee top placements in Google".
Negative web buzz gains momentum
Whirlpool, one of the only web forums left online for customers to talk about their experiences with the company, has more than doubled in size since last week, reaching 157 pages deep. It had taken just over 3 months to reach 77 pages without media attention, but reached 157 pages deep only one week after publication of Fairfax Media's original article exposing many of Publicity Monster's negative customer experiences and Sabre's past business ventures.
Sabre's response
Sabre said he was "happy to defend everything" that Publicity Monster did but refused to talk to this reporter for a response to this article. His lawyer failed to return calls and emails requesting comment.
Authorities dragging feet
NSW Fair Trading said it had received 113 complaints about Publicity Monster — 78 this year.
Consumer Affairs Victoria said it was conducting further inquiries after receiving less than 10 complaints.
It's understood many complainants are being sent by consumer protection authorities to state tribunals (28 have been listed in NSW, 6 in Victoria) as Publicity Monster has been unco-operative in mediating many customers' issues with the authorities and customers.
The consumer watchdog, the ACCC, declined to reveal the number of complaints it had received about the SEO firm because, it said, it "treats complaints confidentially".
It also declined to confirm or deny whether complaints had been received, although Fairfax Media has seen at least one made to it.
NSW Police said it was not a police matter but one for consumer protection authorities.
Shown a link to last week's story, the Australian Securities and Investments Commission said it did not appear Publicity Monster was selling or offering a financial product, in which case it "would have no jurisdiction to investigate".

Submission + - Lawyer demands pacemaker vendor to supply source c (zdnet.com.au)

oztiks writes: Lawyer Karen Sandler's heart condition means that she needs a pacemaker to ward off sudden death. Instead of trusting that the vendor will create a flawless platform for the device to operate Sandler has demanded to see the devices source code. Sandler's reasoning brings into question the devices reliably, stability, and oddly enough security.
Security

Submission + - Hole in Linux kernel provides root rights (h-online.com)

oztiks writes: A vulnerability in the 32-bit compatibility mode of the current Linux kernel (and previous versions) for 64-bit systems can be exploited to escalate privileges. For instance, attackers can break into a system and exploit a hole in the web server to get complete root (also known as superuser) rights or permissions for a victim's system.

According to a report, the problem occurs because the 32-bit call emulation layer does not check whether the call is truly in the Syscall table. Ben Hawkes, who discovered the problem, says the vulnerability can be exploited to execute arbitrary code with kernel rights. An exploit (direct download of source code) is already in circulation; in a test conducted by The H's associates at heise Security on 64-bit Ubuntu 10.04, it opened a shell with root rights.

The kernel developers have remedied the flaw in the repository, and Linux distributors will probably soon publish new kernels to close the hole. Until then, switching off 32-bit ELF support solves the problem if you can do without this function. For instructions, see: "Workaround for Ac1db1tch3z exploit".

Hawkes says the vulnerability was discovered and remedied back in 2007, but at some point in 2008 kernel developers apparently removed the patch, reintroducing the vulnerability. The older exploit apparently only needed slight modifications to work with the new hole.

 

Slashdot Top Deals

"Security is mostly a superstition. It does not exist in nature... Life is either a daring adventure or nothing." -- Helen Keller

Working...