Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Clampi risk increases with new exploit

riskpundit writes: "The risk associated with Clampi, a three year old Trojan-type virus, has gone from low to extremely high due the exploits of an alleged Eastern European cyber-crime group. On July 29, 2009, right before Black Hat, SecureWorks published a summary of its research about how Clampi is being used. http://www.secureworks.com/research/threats/clampi-trojan/ The anti-virus vendors have rated the risk level of Clampi as Low. But it's the exploit process that makes the risk level high. In fact, it's really the process that's the issue, not the actual Trojan. Other Trojans could and have been used."
Classic Games (Games)

Submission + - Ethics of selling GPLed software for the iPhone 11

SeanCier writes: "We're a small (two-person) iPhone app developer whose first game has recently been released in the app store. In the process, we've inadvertently stepped in it, bringing up a question of the GPL and free software ethics that I'm hoping the Slashdot community can help us clear up, one way or the other.

XPilot, a unique and groundbreaking UNIX-based game from the early/mid nineties, was a classic in its day but was forgotten and has been dead for years, both in terms of use and development. My college roommate and I were addicted to it at the time, even running game servers and publishing custom maps. As it's fully open source (GPLv2), and the iPhone has well over twice the graphics power of the SGI workstations we'd used in college, we decided it was a moral imperative to port it to our cellphones. In the process, we hoped, we could breathe life back into this forgotten classic (not to mention turning a years-old joke into reality). So we did so, and the result was more playable than we'd hoped, despite the physical limitations of the phone. We priced it at $2.99 on the app store (we don't expect it to become the Next Big Thing, but hoped to recoup our costs — such as server charges and Apple's annual $99 developer fee), released the source on our web page, then enthusiastically tracked down every member of the original community we could find to let them know of the hoped-for renaissance.

Which is where things got muddy. After it hit the app store, one of the original developers of XPilot told us he feels adamantly that we're betraying the spirit of the GPL by charging for the app (hopefully he'll chime in with a comment below; I'll leave him anonymous for now to avoid further stepping on toes).

That left us in a terrible spot. We'd thought we were contributing to the community and legacy of this game by reviving it, not stealing from them by charging for it — and didn't think $2.99 was unreasonable (and, again, the source is available for free from our page). It never occurred to us that one of the original creators would feel that we were betraying their contribution. We've discussed the philosophical fine points of free-as-in-speech vs. free-as-in-freedom with him, and have suggested a number of remedies — such as reducing the price (it's now $1.99), profit-sharing with previous contributors, making the game free at some point in the future (once we'd at least recouped our costs), or going "freemium" (offering a fully-functional free version plus a paid version with enhancements we added ourselves, with both GPLed of course). But in each case, the bottom line is that this developer feels the app should be free-as-in-beer period, and anything less is a sleazy betrayal of anybody that made contributions under that license. Which is a shame, because we deeply respect his work on this game and would love for him to be on board with the port — but at the same time this was months' worth of work and we honestly believe we're going about this in a reasonable way.

Obviously one of us has a non-mainstream understanding of open source ethos, but it's become clear we can't come to a consensus on which of us it is, and whether the "spirit of the GPL" allows selling GPLed software (especially when one wasn't the original creator of the software but a more recent contributor). The only way to determine that, it seems, is to poll the open source community itself.

We're determined to do the right thing by the GPL and the community. So here's our plan: we'd like anybody with an opinion on this to vote, and if the community feels that ethically this should be free-as-in-beer, we'll fix it by making it free, end of story. In order to make the vote clear and transparent to all participants, we'll use twitter. Remember, we're not talking about whether it's practical to base a business on GPLed software, nor the best business model for doing so, and certainly not whether the source must be distributed for free (obviously it must be), but just whether charging the binary version of an enhanced/ported version of a GPLed app (while releasing the corresponding source for free) is an ethically defensible thing to do.

If you feel that, ethically, any GPLed app must be given away for $0, include "#xpilot #freeasinbeer" in a tweet.

If you believe a binary version of a GPLed app may be sold with a clear conscience (as long as the source is distributed free of charge), include "#xpilot #freeasinspeech" in a tweet.

We'll count the tweets from unique accounts in one week and behave accordingly."

Submission + - RSA Broken? (liveammo.com)

liveammo writes: "This is a factoring attack against RSA with an up to 80% reduction in the search candidates required for a conventional brute force key attack, and affects any cryptosystem that uses modular arithmetic including the RSA encryption algorithm, potentially symmetric ciphers such as DES which use modular multiplication and addition rounds for diffusion, and even reduction of entropy attacks against PRNG functions such as those that are used to seed TCP/IP Initial Sequence Numbers (ISNs) and DNS servers for example. Sample Erlang proof of concept factoring code is included at the end of this post, and implements the attack against the prime number multiplication process in RSA so that security enthusiasts and armchair cryptographers alike can experiment with and validate these findings. For lack of a more descriptive term and in keeping with the field of cryptanalysis' somewhat arcane nomenclature, I am referring to this attack method as a "Reduction Sieve"."

Submission + - Recovering cell phone video of police killing 2

belmolis writes: "Vancouver police recently shot and killed a man whom they claim was advancing aggressively. Bystander Adam Smolcic says that he recorded the incident on his cell phone and contradicts the police account. He reports that shortly after the incident, a police officer took his phone and examined it for several minutes. When he returned it, the video was gone. The British Columbia Civil Liberties Association reports that the three data recovery firms that it has had examine the phone have been unable to recover the video or to confirm or deny whether it was ever present.

How difficult is it to recover a freshly erased video from a cell phone? Should it be possible to tell whether it was present but erased?"

Submission + - Texas Zombies Fire Ants with Phorid Flies (yahoo.com)

eldavojohn writes: What do you do when a foreign species has been introduced to your land from another continent? Bring over the natural predator from the other continent. Scientists in Texas have introduced four kinds of phorid flies from South America to fight fire ants. These USDA approved flies dive bomb ants and lay an egg inside the ant. The maggot hatches and eats away juicy tender delicious ant brain until the ant is nothing more than a zombie that wanders around for two weeks before the head falls off and the ant dies. A couple of these flies will cause the ants to modify their behavior and this will be a very slow acting solution to curb the $1 billion in damage these ants do to Texas cattle ranches and--oddly enough--electrical equipment like circuit breakers. You may remember zombifying parasites hitting insects like cockroaches.
PC Games (Games)

Submission + - Amazon Freezes and Resets Spore Reviews, Ratings (amazon.com)

ya really writes: Since a few days ago, Amazon has put a freeze on all new reviews and ratings of Spore. At first, many were optimistic, believing it was just a glitch in Amazon's site. However, as time wore on, more doubts were cast. Today, the truth came out as Amazon customers found that reviews and overall rating had been wiped out and totally deleted. Ironically, under Amazon's review guidelines is this:

General Review Creation Guidelines

Amazon wants your opinions to be heard

I guess Amazon cares more about making a few extra dollars than allowing their customers to know the truth about the products they stock.

Slashdot Top Deals

Many people are unenthusiastic about their work.