Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Submission + - UEFI 0-day "ThinkPwn" expands to affect HP and Gigabyte in addition to Lenovo (threatpost.com)

Submission + - Researcher releases 0day for Lenovo BIOSes

BIOS4breakfast writes: Researcher Dmytro Oleksiuk recently found a vulnerability that allows for compromise of System Management Mode (SMM) on Lenovo Thinkpad laptops. As SMM is the most privileged execution mode on x86 processors, this attack also allows for bypassing SecureBoot, as well as BIOS flash protections. Which means it's possible to insert a persistent backdoor (like the one HackingTeam was previously shown to be selling) into affected systems. He also discovered that the vulnerability existed in the open source UEFI reference code, but was patched at some point. This means an unknown number of other vendors likely have this same vulnerable reference code in their BIOSes. Rather than reporting this to the UEFI Security Response Team for coordination however, he decided to just drop a 0day exploit on github, and let the situation resolve itself.

Comment Re:cost reduction (Score 1) 595

It looks like the OS doesn't suck, but the hardware does...

http://www.digitaltrends.com/c...
"The Marshall London looks fantastic, and its musical ability lives up to expectations, but it's a terribly mediocre, overpriced smartphone."

http://www.androidauthority.co...
"What the Marshall London does have going for it is its near-stock Android experience. Marshall didn't try too hard to make Google's OS different, something that might have helped keep the phone snappier. Just keep in mind you would be getting a mid-to-low tier performance out of this phone. That's really the important part....
With that said, we also have to mention casual smartphone users will have to cut too many corners to live with superior sound. That's the main issue here, Marshall took a generic phone and put its name on it. Cool apps and a good design won't be enough to put this phone in the hands of people outside the target niche. Especially when considering that price."

http://www.alphr.com/mobile-ph...
"A distinct lack of imagination continues throughout the handset."

Comment We definitely won't do that! (Score 4, Informative) 157

iMessage will never be coming to Android

Isn't that what they say everytime before they do the thing?

* MP3 players are junk and just get left in drawers... http://www.bit-tech.net/news/h...
* Macs will never run on Intel http://www.theinquirer.net/inq...
* Ipods will never do video. http://www.macobserver.com/tmo...

* We are not working on a phone. http://www.macobserver.com/tmo...
* People want keyboards, tablets are going to fail http://www.wired.com/2010/02/s...
* Information about a tablet is incorrect http://www.googl8.com/85998192...

Comment Re:Amazing such a thing would be trusted (Score 3, Informative) 54

A random private citizen who is know for pointing a video camera at the relevant section of street every day. Like, say, some business that operates a surveillance security camera where the field of view includes the crime scene. Evidence like that is routinely gathered and used in court.

Archive.org operates a similar video camera pointing at many web servers.

Comment Re:Except that evidence can and has been destroyed (Score 2) 54

I was under the impression thst it stops saving new pages, and stops *displaying* old pages, but does not nuke the old pages from storage. If your robots.txt goes away in the future, the old pages come back.... Ay least, that was my understanding from long ago...

Submission + - Detecting USB Power Adapters That Don't Meet Certification (hackaday.com)

szczys writes: The USB to mains adapter is an important part of electronics. It's the last line of defense between the device and line voltage. But it also defends the user against shock and guards against accidental fire. Bob recently took on the challenge of finding safe and reliable USB power adapters to ship with a product his company has developed.

USB power supplies are super cheap and omnipresent. They are the Tribble of my household. But they're not all created equal, and some of them may even be dangerous. I had to source USB power supplies for a product, and it wasn't easy. But the upside is that I got to tear them all apart and check out their designs.


Comment Re:Wow, really? (Score 1) 388

Yeah, I'm assuming employees handling cash - if you're any larger than a micro business, then you'll have employees doing a significant portion of that (even if the owner is the one who runs to the bank). And, yeah, there's time value even if it is the owner.

I agree, if you're a business where a non-trivial portion of your sales are small (below $20, say), then the per transaction fees are a much bigger concern. So yes, I agree that for small tickets, the costs are more onerous. (Interestingly, especially in that scenario, the costs of handling large amounts of small-denomination cash go up significantly. Counting $10k in $5 and $10 bills takes longer than counting $10k in $50s.)

Comment Re:Wow, really? (Score 1) 388

Agreed - the price of the service is completely out of line with its costs, but that is true of many service industries. I'm not arguing that the Visa/Mastercard oligopoly is fair, just that the cash alternative costs too.

Unfortunately the cash costs scale closer to linear with the transaction size and transaction volume, which is why Visa gets away with having a percentage cost structure.

Comment Re:Wow, really? (Score 1) 388

When I run the calculations for a couple of small businesses that I frequent (where I know the business well enough to estimate the numbers involved), they come out between 0.8%-1.5%. So yes, you are paying more for cards, but not enormously more.

Which ties in with a lot of the larger businesses (my phone and electricty providers) where they do charge a CC surcharge, it's often around 0.65%, which would approximate the difference in cost between handling CC and other forms of payment.

Slashdot Top Deals

Lend money to a bad debtor and he will hate you.

Working...