Follow Slashdot stories on Twitter


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×
The Internet

Submission + - The Pirate Bay Moving All Traffic To North Korea ( 1

casac8 writes: "The Pirate Bay torrent site has been booted from Norway and is moving its traffic to North Korea, where it has been granted virtual asylum.
"Today we can reveal that we have been invited by the leader of the republic of Korea, to fight our battles from their network," an official TPB press release issued Sunday from Pyonyang, the capital of the North Korea, stated.
"This is truly an ironic situation. We have been fighting for a free world, and our opponents are mostly huge corporations from the United States of America, a place where freedom and freedom of speech is said to be held high.""


Submission + - 50 Million Potentially Vulnerable to UPnP Flaws (

Gunkerty Jeb writes: In a project that found more than 80 million unique IP addresses responding to Universal Plug and Play (UPnP) discovery requests, researchers at Rapid7 were shocked to find that somewhere between 40 and 50 million of those are vulnerable to at least one of three known attacks.

A Rapid7 white paper enumerated UPnP-exposed systems connected to the Internet and identified the number of vulnerabilities present in common configurations. Researchers found that more than 6,900 product models produced by 1,500 different vendors contained at least one known vulnerability, with 23 million systems housing the same remote code execution flaw.

"This research was primarily focused on vulnerabilities in the SSDP processor across embedded devices," Rapid7' CSO HD Moore told Threatpost. "The general process was to identify what was out there, make a list of the most commonly used software stacks, and then audit those stacks for vulnerabilities. The results were much worse than we anticipated, with the most commonly used software stack (libupnp) also being the most vulnerable."


Submission + - UPnP Security Flaws Put Millions of Devices at Risk (

wiredmikey writes: Security researchers from Rapid7 have uncovered that roughly 40-50 million network-enabled devices are at risk due to vulnerabilities in the Universal Plug and Play (UPnP) protocol.

Universal Plug and Play (UPnP) is a set of networking protocols that allows communication between computers and network-enabled devices. It is enabled by default on millions of devices, from routers to printers to IP cameras and network storage servers. UPnP support is also enabled by default on Microsoft Windows, Mac OS X and many distributions of Linux.

In its research, Rapid7 declares (PDF) that the UPnP protocol "suffers from a number of basic security problems" ranging from a lack of authentication implemented by device manufacturers to privileged common programming flaws plague common UPnP software implementations. These issues, the report notes, are endemic across UPnP-enabled applications and network devices.

According to Rapid7's HD Moore, the two most commonly used UPnP software libraries both contained remotely exploitable vulnerabilities. "In the case of the Portable UPnP SDK, over 23 million IPs are vulnerable to remote code execution through a single UDP packet," Moore noted. "All told, we were able to identify over 6,900 product versions that were vulnerable through UPnP. This list encompasses over 1,500 vendors and only took into account devices that exposed the UPnP SOAP service to the internet, a serious vulnerability in of itself."

Moore suggested organizations take immediate action to identify and disable any Internet-exposed UPnP endpoints in their environments.


Submission + - Iran photo gaffe reveals Stuxnet perfect match (

mask.of.sanity writes: Photographs of computer screens within Iran's Natanz nuclear facility have revealed Stuxnet was a perfect match to the systems it crippled.

The revelations stemmed from a seemingly benign photograph of Iranian President 's Mahmoud Ahmadinejad's tour of the facility captured as a PR stunt and posted on website.

But the photo, still live on the site, captured a string of neon green lights on a SCADA controller that to the trained eye revealed secretive information on the plant's schematics.


Submission + - Solaris 11 Released (

villew writes: Today, Solaris 11 was released. This might ease fears that Oracle would drop the Solaris OS.
Solaris 11 is specifically aimed at the "Cloud" market, featuring many new "cloud" perks.

The Military

Osama Bin Laden Reported Dead, Body In US Hands 1855

Reader Tom Hudson, and now several others, have submitted the news that Osama Bin Laden is reportedly dead, and that his body is in the hands of the US military. A statement from President Obama is expected shortly. Watch this space for more details. Update: 05/02 04:01 GMT by T : More coverage at ABC News, at CNN, and at Al Jazeera. The reports say that Bin Laden was actually killed about a week ago by a bomb in Pakistan, and the time taken to confirm his identity via DNA testing helped delay the news. In downtown Austin, Texas, in the time since the story broke I've heard what sound like numerous celebratory gunshots.

Slashdot Top Deals

The aim of science is to seek the simplest explanations of complex facts. Seek simplicity and distrust it. -- Whitehead.