Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Pushing Pixel via Individually Addressable Strips via Ethernet

su-geek writes: I ran across a reasonably priced LED controller The PixelPusher running on a 32-bit, 96 MHz processor, and boasting an open source client API with a Processing Integration. Not your ordinary strip only supporting basic color changes video walls, signs or your NOC Alerts can be scripted *Danger Will Robinson*. As it happens to compatible with Android, Mac, Windows and Linux it shares the love (and can provide the mood lighting). They just happen to be hosting a kickstarter and could be a better solutions than the $50 wireless RGB led bulb...
Windows

Submission + - Irony: China rejects Vista as too risky

surfingmarmot writes: China has rejected Vista as too risky for the some 12,000 Lenovo systems to be used at the Olympic Games. Lenovo is loading the PCs with XP instead. Wireless will still be turned off to further reduce risk. I wonder why they aren't using Red Flag Linux which is an option on the Lenovo systems.
Businesses

Submission + - How not to migrate a data center

alee writes: Over the last several weeks, Valueweb has been sending email reminders of a pending data center migration (moving the Valueweb servers to Hostway's Tampa data center). The data center migration plan emailed to customers indicated:

"The 12-15 hour outage will take place beginning this Friday July 27th at 8 PM EDT. The outage time will be incremental for customers. Therefore, if your server is taken off line at 8 PM EDT, you should expect your server to be back on line between 8 AM and 11 AM on Saturday July 28th."

That downtime has now exceeded 36 hours. Of the 5000+ servers being moved, Hostway has admitted that currently only 50% of them have been brought online, with no ETA. Support hold times according to their phone queue system show hold times exceeding 3 hrs to talk to a CSR. There are thousands of legitimate businesses hosted at Valueweb that are at the mercy of some of the worst data center migration planning I've ever seen.

While there is no worthwhile SLA to mention as part of the hosting contract, is an email indicating that downtime won't exceed 12-15 hrs considered an addendum to an SLA?
Windows

Submission + - Hacking kiosks and ATMs with Windows sticky keys

pestilence669 writes: "An alarming number of kiosks and ATMs (like the V-Com units in 7-11) run Windows XP. I've recently made it a hobby to play minesweeper and surf the web on these units. Most, if not all, are connected to the Internet. BitTorrent from an ATM? It's easier than you think! Gaining control is as simple as five keystrokes.

The companies that build ATMs and kiosks seem to know nothing about keyboard shortcuts. If there's a keyboard attached, you can bet that they removed the TAB key to prevent ALT+TAB abuses. Little do they know, ALT+TAB is not the only way to lose focus for an application.

If you're a fast typer like me, you've probably been greeted with the Microsoft sticky keys dialog. It asks you if you want to enable "sticky keys." It's a usability feature that helps disabled individuals type with one hand. Sadly, it's pseudo-enabled by default since this dialog box appears. Most people don't know it, so it's ready to be abused on just about every production XP-based kiosk or ATM (with keyboard).

All that needs to be done: hit the SHIFT key five times. SHIFT is guaranteed to be included in even the most restrictive keyboard layouts. In almost every instance, the sticky keys dialogs appears. As the kiosk or ATM application looses focus, you'll be presented with the XP start menu in the background. Many of these machines use a complete install with Minesweeper, Hearts, Internet Explorer and Outlook Express. Fun!!!

I've made it a regular habit to browse Slashdot, send email, and surf blogs from just about any kiosk that I find. Whenever my wife uses the bathroom at Dave & Busters, I'm reading blogs in the lobby. Whenever I'm at 7-11, I'm surfing with the ATM.

What's really scary about all of this is how easy it is to install executable code onto these devices. They're on the Internet and they have local storage. As far as I can tell, in my own experience, there are no restrictions in place. What's to stop someone from installing their own COM/ActiveX "helper" object and intercepting all HTTP/bank traffic?"

Slashdot Top Deals

"Why should we subsidize intellectual curiosity?" -Ronald Reagan

Working...