Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - 5-Year-Old Critical Linux Vulnerability Patched (threatpost.com)

msm1267 writes: A critical, local code-execution vulnerability in the Linux kernel was patched more than a week ago, continuing a run a serious security issues in the operating system, most of which have been hiding in the code for years.

Details on the vulnerability were published Tuesday by researcher Philip Pettersson, who said the vulnerable code was introduced in August 2011. A patch was pushed to the mainline Linux kernel Dec. 2, four days after it was privately disclosed. Pettersson has developed a proof-of-concept exploit specifically for Ubuntu distributions, but told Threatpost his attack could be ported to other distros with some changes.

The vulnerability is a race condition that was discovered in the af_packet implementation in the Linux kernel, and Pettersson said that a local attacker could exploit the bug to gain kernel code execution from unprivileged processes. He said the bug cannot be exploited remotely.

Comment Re:Great System (Score 1) 211

This is for two days. It's not likely even the ultra rich are going to buy a new Mercedes specifically to bypass this rule when the maximum in fines they'll suffer will be EUR35. Not unless Europe has seen some significant deflation lately and EUR34 is the cost of a brand new Mercedes.

Comment Re:Banish cars from the city center (Score 2) 211

I used to walk half way across Reading, in the UK, from Sainsburys in the city center to my flat, carrying four or more bags of groceries. Older people had little carts, resembling carry on bags (the type with a slide out handle and two wheels) you'd see in an airport, to do the job.

And in the event I really had too much weight in those bags to contemplate walking that distance, I'd take a bus.

Why would you think you'd need a magical transportation device for more than one grocery bag?

Comment Re:Way ahead of you (Score 1) 211

One issue with public transportation in the US (not so much in the EU) is that everyone assumes that the primary incentive to get people to use it must be cost. As a result, it's usually run on an absurdly low budget, given revenues are only a fraction of costs, and inevitably it ends up not being terribly useful. Which means few people ride it, at any cost.

If you want public transportation to be popular, you need to make it useful. Make it useful enough, and people will use it, even if the prices are similar to, or even higher than, other forms of transportation.

One Parisian above claims that it takes an hour and a half to cross the city to get from one suburb to another, while it takes 20 minutes by car. That, to me, is a sign that there aren't enough buses filling in the gaps. Here in Martin County, Florida the "bus system" appears to be designed to turn tax money into jobs, rather than provide a useful service, with buses spaced an hour apart, taking an inordinate length of time to cross the county, only offered during daylight hours, and providing no effective county to county service. If they ran every ten minutes, with express buses linking to nearby county systems, I'd probably use it, because I hate driving.

On a wider scale (yes, I know this isn't directly comparable, it's to demonstrate the point about usefulness vs price), Amtrak's Acela Express charges passengers orders of magnitude more per mile than, say, the Silver Meteor. It also carries 10-20x as many passengers. Why? Because it's useful. It links major population centers with an hourly service, rather than linking minor towns and cities with a once-a-day service. So people are willing to pay big money to travel on it. Which is why it makes double what it costs, as opposed to the Meteor which makes half of what it costs.

Build a useful service and they will come. You don't need to make it free. In fact, making it free is probably the worst possible thing you can do.

Cellphones

NSA, GCHQ Have Been Intercepting In-Flight Mobile Calls For Years (reuters.com) 95

An anonymous reader quotes a report from Reuters: American and British spies have since 2005 been working on intercepting phone calls and data transfers made from aircraft, France's Le Monde newspaper reported on Wednesday, citing documents from former U.S. spy agency contractor Edward Snowden. According to the report, also carried by the investigative website The Intercept, Air France was targeted early on in the projects undertaken by the U.S. National Security Agency (NSA) and its British counterpart, GCHQ, after the airline conducted a test of phone communication based on the second-generation GSM standard in 2007. That test was done before the ability to use phones aboard aircraft became widespread. "What do the President of Pakistan, a cigar smuggler, an arms dealer, a counterterrorism target, and a combatting proliferation target have in common? They all used their everyday GSM phone during a flight," the reports cited one NSA document from 2010 as saying. In a separate internal document from a year earlier, the NSA reported that 100,000 people had already used their mobile phones in flight as of February 2009, a doubling in the space of two months. According to Le Monde, the NSA attributed the increase to "more planes equipped with in-flight GSM capability, less fear that a plane will crash due to making/receiving a call, not as expensive as people thought." Le Monde and The Intercept also said that, in an internal presentation in 2012, GCHQ had disclosed a program called "Southwinds," which was used to gather all the cellular activity, voice communication, data, metadata and content of calls made on board commercial aircraft.
Businesses

T-Mobile's 'Digits' Solution Lets You Use One Phone Number Across All Your Devices (theverge.com) 45

An anonymous reader quotes a report from The Verge: T-Mobile just revealed its answer to ATT's NumberSync technology, which lets customers use one phone number across all their connected devices. T-Mobile's version is called Digits and it will launch in a limited, opt-in customer beta beginning today before rolling out to everyone early next year. "You can make and take calls and texts on whatever device is most convenient," the company said in its press release. "Just log in and, bam, your call history, messages and even voicemail are all there. And it's always your same number, so when you call or text from another device, it shows up as you." When it leaves beta, Digits will cost an extra monthly fee, but T-Mobile isn't revealing pricing today. "This is not going to be treated as adding another line to your account," said COO Mike Sievert. "Expect us to be disruptive here." And while its main feature is one number for everything, Digits does offer T-Mobile customers another big perk: multiple numbers on the same device. This will let you swap between personal and work numbers without having to maintain separate lines and accounts. You can also give out an "extra set" of Digits in situations where you might be hesitant to give someone your primary number; this temporary number forwards to your devices like any other call. You can have multiple numbers for whatever purposes you want, based on T-Mobile's promotional video.

Comment Re:Bluetooth Headphones (Score 1) 328

Plus Bluetooth on Android (may be true of iOS too, no idea) is fairly bug ridden and crappy. I've seen three relatively recent Android phones that crash if they try to connect to our minivan's BT system. Googling for "bluetooth share has stopped" (the error message the phones give) show this is a common problem and has been for some years. Looks like the 4.x series was the last version of Android that had remotely stable Bluetooth support.

You'd think, at the very least, Samsung would hold off until Google can put out a half way stable Bluetooth stack.

Comment Re:Fitbit is next (Score 4, Funny) 180


Who on their right mind is going to spend hundreds of dollars for some minor functionality?

Back in the 1980s, I remember thinking "If only there was a way to have my girlfriend (at the time) send me her pulse so I could feel her love on my own wrist in real-time. Of course the technology wasn't there, and wouldn't be for some time, so I had to settle for her bloody heart in a jar and 25 years in a psychiatric hospital.

Slashdot Top Deals

Once it hits the fan, the only rational choice is to sweep it up, package it, and sell it as fertilizer.

Working...