Forgot your password?
typodupeerror

Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

Image

30 Days Is Too Long: Animated Rant About Windows 8 1110

Posted by timothy
from the devil's-advocate dept.
First time accepted submitter Funksaw writes "Back in 2007, I wrote three articles on Ubuntu 6, Mac OS X 10.4, and Windows Vista, which were all featured on Slashdot. Now, with the release of Windows 8, I took a different tactic and produced an animated video. Those expecting me to bust out the performance tests and in-depth use of the OS are going to be disappointed. While that was my intention coming into the project, I couldn't even use Windows 8 long enough to get to the in-depth technical tests. In my opinion, Windows 8 is so horribly broken that it should be recalled."
Encryption

ElcomSoft Tool Cracks BitLocker, PGP, TrueCrypt In Real-Time 268

Posted by timothy
from the well-that-puts-a-spin-on-things dept.
An anonymous reader writes "Russian firm ElcomSoft on Thursday announced the release of Elcomsoft Forensic Disk Decryptor (EFDD), a new forensic tool that can reportedly access information stored in disks and volumes encrypted with desktop and portable versions of BitLocker, PGP, and TrueCrypt. EFDD runs on all 32-bit and 64-bit editions of Windows XP, Windows Vista, and Windows 7, as well as Windows 2003 and Windows Server 2008." All that for $300.
AI

VPN Providers Say China Blocks Encryption Using Machine Learning Algorithms 111

Posted by timothy
from the man-vs-state-with-a-cast-of-millions dept.
An anonymous reader writes "The internet control in China seems to have been tightened recently, according to the Guardian. Several VPN providers claimed that the censorship system can 'learn, discover and block' encrypted VPN protocols. Using machine learning algorithms in protocol classification is not exactly a new topic in the field. And given the fact that even the founding father of the 'Great Firewall,' Fan Bingxing himself, has also written a paper about utilizing machine learning algorithm in encrypted traffic analysis, it would be not surprising at all if they are now starting to identify suspicious encrypted traffic using numerically efficient classifiers. So the arm race between anti-censorship and surveillance technology goes on."
Government

Obama Releases National Strategy For Information Sharing 83

Posted by samzenpus
from the learning-to-share dept.
wiredmikey writes "President Obama on Wednesday released a national strategy designed to balance the sharing of information with those who need it to keep the country safe, while protecting the same data from those who would use it to cause harm. 'The National Strategy for Information Sharing and Safeguarding' outlines how the government will attempt to responsibly share and protect data that enhances national security and protects the American people. The national strategy will define how the federal government and its assorted departments and agencies share their data. Agencies can also share services and work towards data and network interoperability to be more efficient, the President said. The President aimed to address concerns over Privacy by noting, 'This strategy makes it clear that the individual privacy, civil rights and civil liberties of United States persons must be — and will be — protected.' The full document is available here in PDF format from the White House website."
Privacy

How Much Are You Worth To an Online Lead-Gen Site? 83

Posted by Soulskill
from the depends-on-how-gullible-you-are dept.
jfruh writes "You may remember the tale of the blogger who found that an infographic he'd put on his site was the front end of an SEO spam job. Well, he's since followed the money to figure out just who's behind this maneuver: the for-profit college industry. He discovered that the contact info of someone who expresses interest in online degree programs can be worth up to $250 to an industry with a particularly sleazy reputation."
Bug

Whose Bug Is This Anyway? 241

Posted by Soulskill
from the it's-nobody's-fault-and-everybody's-angry dept.
An anonymous reader writes "Patrick Wyatt, one of the developers behind the original Warcraft and StarCraft games, as well as Diablo and Guild Wars, has a post about some of the bug hunting he's done throughout his career. He covers familiar topics — crunch time leading to stupid mistakes and finding bugs in compilers rather than game code — and shares a story about finding a way to diagnose hardware failure for players of Guild Wars. Quoting: '[Mike O'Brien] wrote a module ("OsStress") which would allocate a block of memory, perform calculations in that memory block, and then compare the results of the calculation to a table of known answers. He encoded this stress-test into the main game loop so that the computer would perform this verification step about 30-50 times per second. On a properly functioning computer this stress test should never fail, but surprisingly we discovered that on about 1% of the computers being used to play Guild Wars it did fail! One percent might not sound like a big deal, but when one million gamers play the game on any given day that means 10,000 would have at least one crash bug. Our programming team could spend weeks researching the bugs for just one day at that rate!'"
Security

New Malware Wiping Data On Computers In Iran 95

Posted by Soulskill
from the cyberwar-continues dept.
L3sPau1 writes "Iran's computer emergency response team is reporting new malware targeting computers in the country that is wiping data from partitions D through I. It is set to launch on only particular dates. 'Clearly, the attacker was trying to think ahead. After trying to delete all the files on a particular partition the malware runs chkdsk on said partition. I assume the attacker is trying to make the loss of all files look like a software or hardware failure. Next to these BAT2EXE files there's also a 16-bit SLEEP file, which is not malicious. 16-bit files don't actually run on 64-bit versions of Windows. This immediately gives away the malware's presence on a x64 machine.' While there has been other data-wiping malware targeting Iran and other Middle East countries such as Wiper and Shamoon, researchers said there is no immediate connection."
Crime

Hacker Behind Leaked Nude Celebrity Photos Gets 10 Years 346

Posted by timothy
from the what-would-justice-be? dept.
wiredmikey writes "A U.S. judge sentenced a computer hacker to 10 years in prison on Monday for breaking into the email accounts of celebrities and stealing private photos. The hacker accessed the personal email accounts and devices of stars including Scarlett Johansson, Christina Aguilera and Renee Olstead, among dozens of other people he hacked. The hackers arrest in October 2011 stemmed from an 11-month investigation into the hacking of over 50 entertainment industry names, many of them young female stars. Hacked pictures of Johansson showed her in a state of undress in a domestic setting. Aguilera's computer was hacked in December 2010, when racy photos of her also hit the Internet. Mila Kunis' cell phone was hacked in September that year with photos of her, including one in a bathtub, spread online. According to the FBI, the hacker used open-source, public information to try to guess a celebrity's email password, and then would breach the account."
Open Source

Pentaho and Jaspersoft: Good Alternatives To Bigger-Name Software? 57

Posted by timothy
from the how-much-lemonade-did-you-sell? dept.
Nerval's Lobster writes "Jeff Cogswell, the developer who recently offered a 'gentle' rant about the current state of software development and installers, returns with a comparison of two players in the open-source BI space, Pentaho and Jaspersoft. 'If you believe the hype, the business-intelligence tools offered by some of the world's largest software companies also pack a substantial punch,' he writes. 'But these systems are often difficult to install and maintain, not to mention downright expensive. Small and medium-sized businesses typically can't afford software platforms that cost upwards of several hundred thousand dollars, but that doesn't mean they're cut off from BI tools in general. In fact, there are some decent open-source options.'"
Government

TSA (Finally) Studying Health Effects of Body Scanners 225

Posted by timothy
from the different-kind-of-transparency dept.
An anonymous reader writes "A 2011 ProPublica series found that the TSA had glossed over the small cancer risk posed by its X-ray body scanners at airports across the country. While countries in Europe have long prohibited the scanners, the TSA is just now getting around to studying the health effects." I'm not worried; the posters and recorded announcements at the airport say these scanners raise no health concerns.
Google

Gmail Drops Support for Connecting To Pop3 Servers With Self -Signed Certs 299

Posted by Unknown Lamer
from the security-through-redefinition dept.
DECula writes "In a move not communicated to its users beforehand, Google's Gmail servers were reconfigured to not connect to remote pop3 servers that have self-signed certificates, leaving folks with unencrypted connections, or no service when getting email from other services. Not good for the small folks. One suggestion was to allow placing the public keys on Google's side in the user configuration. That would be a heck of a lot better than just dropping users into never never land." Apparently, "valid" now means "paid someone Google approves to sign the certificate." It's not like commercial CAs have the best security track record either.
Electronic Frontier Foundation

EFF Spinoff Pools Donor Dollars To Prevent WikiLeaks-Style Payment Blockades 95

Posted by timothy
from the follow-the-monkey dept.
nonprofiteer writes "Two years ago, Visa, MasterCard, PayPal, Western Union and Bank of America cut off all funding to WikiLeaks. A group of free information advocates wants to prevent a similar financial blockade on information from happening again. Daniel Ellsberg, John Perry Barlow, and EFF staffers are founding the Freedom of the Press Foundation, an org that will raise money and channel it to edgy media groups that might suffer from a WikiLeaks-style embargo. When donors give to the Foundation, they can choose to have their funding passed on to any media group under the Foundation's umbrella (currently WikiLeaks, Muckrock, The National Security Archives and UpTake). That strategy aims to make it harder to cut funding to any of those organizations, or any added in the future. And because the site is encrypted, donors who worry about being identified as giving to any particularly controversial group can do so without being identified. It's like Tor for charitable giving."
Security

Researchers Convert Phones Into Secret Listening Devices 59

Posted by timothy
from the what's-that-you-say? dept.
CowboyRobot writes "Columbia University grad student Ang Cui demonstrated how networked printers and phones can be abused by attackers. 'The attack I demonstrated is caused by the multiple vulnerabilities within the syscall interface of the CNU [Cisco Native Unix] kernel,' Cui tells Dark Reading. 'It is caused by the lack of input validation at the syscall interface, which allows arbitrary modification of kernel memory from userland, as well as arbitrary code execution within the kernel. This, in turn, allows the attacker to become root, gain control over the DSP [Digital Signal Processor], buttons, and LEDs on the phone. The attack I demonstrated patches the existing kernel and DSP in order to carry out stealthy mic exfiltration.'"
Android

Huge Security Hole In Recent Samsung Devices 153

Posted by timothy
from the it's-like-they-handed-you-the-phone dept.
An anonymous reader writes "A huge security hole has been discovered in recent Samsung devices including phones like the Galaxy S2 and S3. It is possible for every user to obtain root due to a custom faulty memory device created by Samsung." The problem affects phones with the Exynos System-on-Chip.

"The eleventh commandment was `Thou Shalt Compute' or `Thou Shalt Not Compute' -- I forget which." -- Epigrams in Programming, ACM SIGPLAN Sept. 1982

Working...