Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
The Internet

Today's WikiLeaks News 312

In today's episode of As WikiLeaks Turns we learn that WikiLeaks's main web site is back up less than 10 days after EveryDNS terminated the domain name over stability concerns. A 16-year-old Dutch boy suspected of being involved in the pro-WikiLeaks attacks on MasterCard and Visa has been arrested. But Dutch teenagers aren't the only Assange fans in the news. Many top journalists in Australia have sent a letter(PDF) to Prime Minister Julia Gillard today to express their support of WikiLeaks. The Sydney Police have written their own letter however to organizers of a pro-WikiLeaks rally saying that the police oppose a planned demonstration. Finally, special correspondent for The Times, Alexi Mostrous and freelance reporter Heather Brooke were given permission by the judge in the Julian Assange trial to post Twitter updates about the proceedings.

Bethesda Criticized Over Buggy Releases 397

SSDNINJA writes "This editorial discusses the habit of Bethesda Softworks to release broken and buggy games with plans to just fix the problems later. Following a trend of similar issues coming up in their games, the author begs gamers to stop supporting buggy games and to spread the idea that games should be finished and quality controlled before release – not weeks after."
The Internet

The Cybersecurity Act of 2009 Passes Senate Panel 367

An anonymous reader writes "The Cybersecurity Act of 2009 passed a Senate panel, giving the president unprecedented power to issue a nation-wide blackout or restriction on websites without congressional approval. The bill, written by Sen. Jay Rockefeller [D-WV] and revised by Sen. Olympia Snow [R-ME], was drafted in an attempt to thwart internet-based terrorist threats, and gives the president this 'kill switch' without oversight or explanation. The bill is up for Senate vote."

ASCAP Starts To Act Like the RIAA 272

Scott Lockwood writes "Below Average Dave, a Dr. Demento style parody artist, has been shut down by the ASCAP. This collective, acting as badly as the RIAA, is now attempting to ignore the 2 Live Crew Supreme Court decision that parodies are new derivative works. Just like the RIAA, ASCAP seems intent on misrepresents the law. If you know anyone who can help BA Dave in his plight, please contact him." This artist doesn't have the resources to fight the ASCAP, even though the law is pretty clearly on his side. Anyone at the EFF or the ACLU interested?
The Internet

Dealing With ISPs That Use NXDomain Redirection? 264

Vrtigo1 writes "I work for a small company that has about 50 staff on the road relying on VPN back to our office at any given time. Many ISPs have implemented NXDomain redirection services that hijack DNS traffic to show you sponsored links and other related ads when you mistype a domain name. These services are incompatible with most VPN software, since they prevent the computer from resolving internal hostnames. Large ISPs typically provide an opt-out on their sponsored links page that immediately opts you out of the DNS redirection, but I've noticed that some smaller ISPs and CLECs have opt-out links that don't actually appear to do anything. I don't have a good solution for employees using these ISPs, and our employees are getting frustrated because the problem is becoming more prevalent and we can't fix it for them. I've tried calling a few of these smaller ISPs for help, but it's been like talking to a wall. Manually changing DNS servers works temporarily, but the user can't resolve internal hostnames when they connect to the office LAN again. Have you had to deal with ISPs using non-standard DNS servers? What is your solution?"

Hackers Broke Into FAA Air Traffic Control Systems 124

PL/SQL Guy writes "Hackers have repeatedly broken into the air traffic control mission-support systems of the US Federal Aviation Administration, according to an Inspector General report sent to the FAA this week, and the FAA's increasing use of commercial software and Internet Protocol-based technologies as part of an effort to modernize the air traffic control systems poses a higher security risk to the systems than when they relied primarily on proprietary software, the report said. Intrusion detection systems (IDS) are deployed at only 11 of hundreds of air traffic control facilities. In 2008, more than 870 cyber incident alerts were issued to the organization responsible for air traffic control operations and by the end of the year 17 percent (more than 150 incidents) had not been remediated, 'including critical incidents in which hackers may have taken over control' of operations computers, the report said."
Data Storage

Tru64 Unix Advanced File System (AdvFS) Now GPL 226

melios writes "In a move that could help boost the scalability of Linux for grids and other advanced 64-bit multiprocessor applications, HP has released its Tru64 Unix Advanced File System (AdvFS) source code to the open source community. Source code, design documentation, and test suites for AdvFS are available on SourceForge."

Submission + - To find DMCA violations you must violate the DMCA (ucsd.edu)

meese writes: staple is a tool that cryptographically binds data using an All-or-nothing transform. Why might that be interesting? Because it might allow for this scenario: to check for DMCA violations, a content owner would have to violate the DMCA themselves.

The basic transformation is keyless, but all the data is required to reverse it. The tool can also throw away part of its internal key, making the data decipherable only with the key or via brute force attack. If a content publisher, Alice, wants to check for copyright violations by another party, Bob, she could be thwarted: Bob could staple Alice's file with one of his own and discard part of the key. To check for copyright violation, Alice must brute force the stapled file (possibly violating the DMCA), which protects Bob's file. The FAQ has some more detail.

User Journal

Submission + - Makezine's Open Source Christmas

gigne writes: Makezine have produced a nice lineup of Open Source and hackable gadgets for Christmas:
"There are hundreds of gift guides this holiday season filled with junk you can buy - but a lot of time you actually don't own it, you can't improve upon it, you can't share it or make it better, you certainly can't post the plans, schematics and source code either. We want to change that, we've put together our picks of interesting open source hardware projects, open source software, services and things that have the Maker-spirit of open source."

So when considering that Christmas gift, make sure it is hackable!

Submission + - Researcher planning week of Oracle 0days

uniquebydegrees writes: "InfoWorld's TechWatch blog is reporting that security researcher Cesar Cerrudo is planning a week of Oracle 0days, in keeping with MetaSploit's Month of Browser Bugs (http://metasploit.blogspot.com/2006/07/month-of-b rowser-bugs.html) and LMH's Month of Kernel Bugs (http://projects.info-pull.com/mokb). Cerrudo's company, Argeniss, will publish one new Oracle DB 0day each day for a week in December — probably starting on 12/4 — to highlight the company's lack of progress on fixing security bugs, some of which have persisted in Oracle's products for years, even after being discovered, Cerrudo told InfoWorld (http://weblog.infoworld.com/techwatch/archives/00 8988.html). As for the week vs. month thing — Cerrudo claims it's not for any lack of 0days — Argeniss knows of +/- 75 such holes in Oracle's DB and they're not hard to find if you know where to look, he says."

Slashdot Top Deals

PL/I -- "the fatal disease" -- belongs more to the problem set than to the solution set. -- Edsger W. Dijkstra, SIGPLAN Notices, Volume 17, Number 5