Slashdot is powered by your submissions, so send in your scoop


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Security Experts Rebut The Guardian's Report That Claimed WhatsApp Has a Backdoor ( 114

William Turton, writing for Gizmodo: This morning, the Guardian published a story with an alarming headline: "WhatsApp backdoor allows snooping on encrypted messages." If true, this would have massive implications for the security and privacy of WhatsApp's one-billion-plus users. Fortunately, there's no backdoor in WhatsApp, and according to Alec Muffett, an experienced security researcher who spoke to Gizmodo, the Guardian's story is a "major league fuckwittage." [...] Fredric Jacobs, who was the iOS developer at Open Whisper Systems, the collective that designed and maintains the Signal encryption protocol, and who most recently worked at Apple, said, "Nothing new. Of course, if you don't verify keys Signal/WhatsApp/... can man-in-the-middle your communications." "I characterize the threat posed by such reportage as being fear and uncertainty and doubt on an 'anti-vaccination' scale," Muffett, who previously worked on Facebook's engineering security infrastructure team, told Gizmodo. "It is not a bug, it is working as designed and someone is saying it's a 'flaw' and pretending it is earth shattering when in fact it is ignorable." The supposed "backdoor" the Guardian is describing is actually a feature working as intended, and it would require significant collaboration with Facebook to be able to snoop on and intercept someone's encrypted messages, something the company is extremely unlikely to do. "There's a feature in WhatsApp that -- when you swap phones, get a new phone, factory reset, whatever -- when you install WhatsApp freshly on the new phone and continue a conversation, the encryption keys get re-negotiated to accommodate the new phone," Muffett told Gizmodo. Other security experts and journalists have also criticized The Guardian's story.

Comment Re:How about offering a choice? (Score 1) 351

For as much as people love to rant about Iowa, we have exactly the situation you want here. I can go to almost any gas station and get regular unleaded without ethanol. It tends to run around 30-40 cents higher than the 10% ethanol blend. I use it for all my lawnmowers/snowblowers/etc. and occasionally put it in my cars when I'm going on a long trip and the better highway mileage might make it worth it.

The vast majority of the time, I do the same thing almost all consumers do which is buy the cheapest gas they can find. 90% of consumers don't give a shit about ethanol, they only see that it's cheap so that's what they use. Personally, when driving in the city I see less than a 1MPG difference so paying the premium for pure gas just isn't worth it.

Also, just to clear up the misconceptions about how much Iowans care about farming: 60% of Iowans live in urban areas, only 25% of Iowans have ever farmed anything at any point in their life, and only about 17% are currently employed directly or indirectly in agriculture. The vast majority of Iowans do not give a shit about farming or ethanol.

Comment Re:The US wants Instant Gratification (Score 1) 439

You can still custom order a car from any dealer. If you know exactly what you want, are willing to wait, and willing to pay for it then they will be more than happy to set it up for you. Several of my relatives still order trucks in exactly that manner.

Personally I'm more than happy to just search dealer inventories online.

Comment Re:Did they learn anything?? (Score 1) 278

Elementary schools teach neither hunting nor Spanish

When I was in elementary school, that was true. By the time I graduated high school, Spanish was being taught in 5th grade. The school I formerly went to was one of the first in the state to start an elementary foreign language program. I suppose it could just be a quirk of the area that I live in, but I was under the impression that now, many years later, it had become pretty widespread.

Comment Re:Benefits of LTE-U? (Score 2) 173

The companies that will use this already have frequencies dedicated exclusively to them. In fact they have a huge amount for their exclusive use. I as a consumer have a limited number of frequencies available for my purposes. I have to share them with every other person around me.

There is absolutely no need for cellular operators to start intruding on unlicensed spectrum. If this truly is about "fair sharing of a shared asset," then when can I expect an equivalent amount of spectrum to be opened in their bands for my uses? If I have to share with them it's only fair they share with me, right?

I realize that this is completely legal by current regulations. It's probably past time to review those regulations to keep commercial operators on the parts of the spectrum they already own. If you have dedicated frequencies allocated to you, then there is no reason to spread onto shared frequencies as well.

Comment Re:Not first (Score 1) 181

I've been using Mediacom for about 8 years, and while they aren't terrible, they aren't great either.

When doing a speed test, I generally get faster than expected results. I pay for 50/5, and usually test around 55/6. However, during peak times I frequently have issues with Netflix and Youtube videos. These issues don't exist with other websites I've tried, and speed tests still show faster than expected results.

After getting frustrated with poor performance in the evenings, I decided to set up a VPS running an HTTP proxy. When using the proxy, all issues with Netflix and Youtube go away and I get the maximum quality available with no stuttering.

So at least in my experience, Mediacom seems to be engaging in the same shenanigans as other providers. I've noticed that at least in my area, Mediacom seems to be using AT&T as an upstream provider so this could just be AT&T screwing with things. Either way, I'm not happy that I have to go out of my way just to get a usable connection for internet video.

Submission + - SourceForge MITM Projects ( 2

lister king of smeg writes: What happened?

SourceForge, once a trustworthy source code hosting site, started to place misleading ads (like fake download buttons) a few years ago. They are also bundling third-party adware/malware directly with their Windows installer.

Some project managers decided to leave SourceForge – partly because of this, partly just because there are better options today. SF staff hijacked some of these abandoned accounts, partly to bundle the crapware with their installers. It has become just another sleazy garbage site with downloads of fake antivirus programs and such.

How can I help?

If you agree that SourceForge is in fact distributing malicious software under the guise of open source projects, report them to google. Ideally this will help remove them from search results, prevent others from suffering their malware and provide them with incentive to change their behavior.

As this story has been submitted several times in the past several days, by various submitter and is going around various other tech forums( , , ,) this submitter wonders has our shared "glorious Dice Corporate overloads" been shooting this story down?

Slashdot Top Deals

Work smarter, not harder, and be careful of your speling.