Catch up on stories from the past week (and beyond) at the Slashdot story archive


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Most pay-for WiFi networks vulnerable to tunneling out via DNS requests (

sega01 writes: "A couple years ago, perhaps against common wisdom, I flew up to Ohio to meet a girl I met off of Craigslist and had only spoken with once on the phone. The details are not relevant, aside from a Cisco -Guest network broadcasted off of a water tower. Enough time without Internet and I started to get desperate. The router would process TCP SYNs to all IPv4 addresses on port 80, and force you to login via a simple web form over HTTP. I could not find any default passwords for the router. No obvious trickery defeated it, either. Any sort of SSHing out was dropped and I had no way of freeing myself. Of course, in those few days without Internet I relaxed and probably became a better person. But, I did find a plausible way around the cruel restrictions on the router. The one thing it passed through was DNS traffic. I confirmed I could even send traffic directly to my own name server. I realized then that one should be able to tunnel/VPN out solely via DNS traffic.

I was right. I went home and found out about some software called Iodine:

I was already using port 53 for authorative DNS on my VPS, so I spun up another server. I launched iodined. Then, iodine from the laptop. And, with some tweaking, it worked! I used this setup with the occasional option change for a couple years. There's numerous Starbucks, airport, and -Guest networks which this works on. I even found a case where it would have worked on a free wireless network, where somehow the router did not route properly, except to the resolvers.

I'd always wanted to offer this as a service and finally had the chance to wrap it up. It's currently 398 lines of C and Bash to handle registration, payment via Bitcoin, and authentication all over SSH.

I would really appreciate it if you guys played around with it. It hasn't seen a single user yet, and even if it doesn't take off it'd mean a lot to me to see it in action.

Let me know if you have any questions about the site or tunneling via DNS/raw UDP traffic. I haven't jumped into all of the specifics that much, but have a decent grasp of what's going. I know there are some better explanations of DNS tunneling out there and there's also a Perl daemon that does it, and probably more. And apologies for the ugly site. I'm dating a girl with a graphics design background, so perhaps that will change some time :-)."

Submission + - Meet the Man Who Changed Open Source Software :) (

An anonymous reader writes: the moment Bill Gates stood up was the moment Microsoft turned the corner on its approach to free software. “He was given little to no credit by the open source community — or anyone in the tech industry — for really understanding open source and why it can be important, how it can be a competitive advantage, and why when your competitors start to use it, you have to too. He really got it, and in that moment, he taught us all.”

How an Android Phone and Facebook Helped Route Haiti Rescuers 114

One intrepid Android fan is extolling the virtues of the open smartphone platform that helped him to route SOS messages in the recent Haiti disaster. "Well, when you are in such a situation, you don't really think about going to Facebook, but it happens that I have a Facebook widget on my Android home screen that regularly displays status updates from my friends. All of a sudden, an SOS message appeared on my home screen as a status update of a friend on my network. Not all smartphones allow you to customize your home screen, let alone letting you put widgets on it. So, I texted Steven about it. As Steven had already been working with the US State Department on Internet development activities in Haiti, he quickly called a senior staff member at the State Department and asked how to get help to the people requesting it from Haiti. State Department personnel requested a short description and a physical street address or GPS coordinates. Via email and text messaging, I was able to relay this information from Port-au-Prince to Steven in Oregon, who relayed it to the State Department in Washington DC, and it was quickly forwarded to the US military at the Port-au-Prince airport and dispatched to the search-and-rescue (SAR) teams being assembled. So the data went from my Android phone to Oregon to Washington DC and then back to the US military command center at the Port-au-Prince airport. I was at first a little skeptical about their reaction: there was so much destruction; they probably already had their hands full. Unexpectedly, they replied back saying: 'We found them, and they are alive! Keep it coming.'"

Comment Nice idea, but... (Score 1) 458

This is a nice idea, but it seems lacking. No DVI port? That one is pretty important to me. Also is highly priced, although maybe not for being mini ITX.

I would have been a lot more impressed if the specifications page was more in depth and it actually came with Coreboot and a DVI port. I've heard lots of bad things about Atom processors, too.

Nice job to them though.

Comment Dumb (Score 1) 360

This is just dumb. Obviously, different headphones have different impedance levels and different dB to power ratio, so your tinny and tiny Ipod junkphones may be around 90dB when your cans are around 70dB.

The thing is, why can't governments let people think for themselves anymore? At most, make a public disclaimer, just always let people do what they want since it isn't their responsibility.

In general most regulations are fail.

Comment Not surprised... (Score 1) 99

Mod me down, but seriously, SSL, DNSSEC, and so many things for "security" are just junkware, introducing their own bugs and problems while making things excessively bloaty. Noticed how many vulnerabilities there have been in SSL alone lately? It's scary and this really needs to be rethought.

Comment Why? Because calorie restriction is stupid (Score 1) 978

Yes, calorie restriction *works*, but everyone who promotes it is putting a million issues into the bubble of dietary restriction. Why are some competitive eaters so darn thin?

Sonya Thomas *lost* weight eating tons of food, she's tiny!:

I'd reference more, but I won't spend too much time on this. Yes, overeating in many cases will cause you to gain weight. Ever noticed why some people can eat 1k Calories per day and never have their weight change, even with lots of exercise? It's because their metabolism slows down to that rate. Diabetics of a certain kind (I think type 1, but I don't recall exactly) can't gain weight no matter what, strictly because they've got little ability with insulin.

You can lose weight restricting calories, but all you do in the long run is put up hormonal and physiological red flags saying that the body is in starvation mode. There have been studies with prison subjects being force fed 10,000 Calories a day of I think mostly fructose. They gained weight, (no wonder, since it was mostly fructose) but many peaked around 4 pounds, even after weeks! This should be a weight gain of 2lbs a day, even if their basal rate burns 3k Calories. Something's up.

Some people can eat themselves over and lose weight without exercise, while feeling a huge desire to exercise but fighting it. Some people gain weight with a few green peas. Why? It's far more complex than I can answer here, or even know myself. I will say that the body, when eating good healthy food, will have it's metabolism "unlocked" at a certain point. For some people, it takes eating a lot. They gain weight initially, have a number of health problems taken away, plateau, and then lose weight super easily. Some need thyroid supplementation. Some people don't gain weight at all. In the end, you feel better, you have tons of energy, and can eat as much butter and mashed potatoes as you've ever seen, without gaining weight. Now, that doesn't work for everyone. Some people will have gluten intolerance, hiatal hernia, and so much in the way. Just, Calories in - Calories out = Weight change is a nice formula for you /.'ers, but it's downright stupid. It may work 70% of the time, but it's not meant to be that way, and it's missing 99.99% of the picture.

The best answers I've seen to this are on , where I learned about most of this. I had suspected it for a while myself, but this guy really puts it into perspective.


Slashdot Top Deals

The means-and-ends moralists, or non-doers, always end up on their ends without any means. -- Saul Alinsky