Enterprise Security 2011: A Virtual Conference
Join experts and peers for discussions on what works �� and what you should
be wary of as you evolve your security plans. See the latest and greatest
solutions �� all without leaving the comfort of your office.
http://p.sf.net/sfu/vts-promo-sdnews
======================================================================
Slashdot Daily Newsletter
In this issue:
* Amazon Flaw Lets Password Variants Through
* New Critical Bug In All Current Windows Versions
* Ruby Dropped In Netbeans 7
* A Lego Replica of the Antikythera Mechanism
* UK ISPs Consider VPN To Avoid Piracy Crackdown
* Egypt Cuts the Net, Net Fights Back
* Who Unfriended You, and Why
* How Do You Protect Servers From a Rogue Admin?
* Golden Gate Bridge To Eliminate Tollbooths
* Apple Hints At Near-Field Payments System In Next-Gen iPhone, iPad
* EFL 1.0 Is Finally Released
* Using Search To Reconnect Refugees With Their Families
* New Android Exploit Discovered To Steal Data
* China Blocks 'Egypt' On Twitter-Like Site
* A Kinect Princess Leia Hologram In Realtime
* Model Says Religiosity Gene Will Dominate Society
+--------------------------------------------------------------------------------------------------------
| Amazon Flaw Lets Password Variants Through
| from the liberal-in-what-you-accept-but-not-here dept.
| posted by timothy on Friday January 28, @19:17 (Security)
| https://it.slashdot.org/story/11/01/28/2333206/Amazon-Flaw-Lets-Password-Variants-Through?from=newsletter
+--------------------------------------------------------------------------------------------------------
Wired reports that it has confirmed a [0]password flaw affecting some
Amazon accounts. If your password hasn't been changed in a while ("the
past several years"), it may be less secure than you'd like. As Wired
explains, for these older accounts, "[...] if your password is
���Password,��� Amazon.com will also let you log in with 'PASSWORD,'
'password,' 'passwordpassword,' and 'password1234.'" The article suggests
that Amazon's use of the Unix crypt() tool may be at fault. (Hat tip to
E. Maureen Foley for pointing this out.)
Discuss this story at:
https://it.slashdot.org/story/11/01/28/2333206/Amazon-Flaw-Lets-Password-Variants-Through?from=newsletter#commentlisting
Links:
0. http://www.wired.com/threatlevel/2011/01/amazon-password-problem/
+--------------------------------------------------------------------------------------------------------
| New Critical Bug In All Current Windows Versions
| from the innocent-whistling-sound dept.
| posted by timothy on Friday January 28, @20:02 (Bug)
| https://tech.slashdot.org/story/11/01/29/0050223/New-Critical-Bug-In-All-Current-Windows-Versions?from=newsletter
+--------------------------------------------------------------------------------------------------------
Trailrunner7 writes "Microsoft is warning its users about [0]a dangerous
flaw in the way that Windows handles certain MHTML operations, which
could allow an attacker to run code on vulnerable machines. The bug
affects all of the current versions of Windows, from XP up through
Windows 7 and Windows Server 2008. Microsoft issued an advisory about the
MHTML vulnerability, which has been discussed among security researchers
in recent days. There is some exploit code available for the bug, as
well. In addition to the advisory, Microsoft has released a FixIt tool,
which helps mitigate attacks against the vulnerability in Windows."
Discuss this story at:
https://tech.slashdot.org/story/11/01/29/0050223/New-Critical-Bug-In-All-Current-Windows-Versions?from=newsletter#commentlisting
Links:
0. https://threatpost.com/en_us/blogs/microsoft-warns-mhtml-bug-windows-012811
+--------------------------------------------------------------------------------------------------------
| Ruby Dropped In Netbeans 7
| from the other-shoe-dropping dept.
| posted by timothy on Friday January 28, @23:02 (Programming)
| https://developers.slashdot.org/story/11/01/29/0242253/Ruby-Dropped-In-Netbeans-7?from=newsletter
+--------------------------------------------------------------------------------------------------------
An anonymous reader writes "Ruby/RoR in NetBeans made headlines three
years ago, but after Sun was acquired by Oracle there where fears that
support for dynamic languages would suffer, as this IDE would be
downsized. This has become a reality, since as of version 7, [0]NetBeans
will no longer support Ruby."
Discuss this story at:
https://developers.slashdot.org/story/11/01/29/0242253/Ruby-Dropped-In-Netbeans-7?from=newsletter#commentlisting
Links:
0. http://www.infoq.com/news/2011/01/ruby-dropped-in-netbeans-7
+--------------------------------------------------------------------------------------------------------
| A Lego Replica of the Antikythera Mechanism
| from the hard-to-get-enough-antikythera dept.
| posted by timothy on Saturday January 29, @02:07 (Space)
| https://science.slashdot.org/story/11/01/29/0336249/A-Lego-Replica-of-the-Antikythera-Mechanism?from=newsletter
+--------------------------------------------------------------------------------------------------------
vbraga writes "The [0]Antikythera Mechanism is the oldest known
scientific computer, built in Greece at around 100 BCE. Lost for 2000
years, it was recovered from a shipwreck in 1901. But not until a century
later was its purpose understood: an astronomical clock that determines
the positions of celestial bodies with extraordinary precision. In 2010,
a [1]fully-functional replica out of Lego (YouTube video) was built."
Discuss this story at:
https://science.slashdot.org/story/11/01/29/0336249/A-Lego-Replica-of-the-Antikythera-Mechanism?from=newsletter#commentlisting
Links:
0. http://www.nature.com/news/2010/101124/full/468496a.html
1. http://www.youtube.com/watch?v=RLPVCJjTNgk
+--------------------------------------------------------------------------------------------------------
| UK ISPs Consider VPN To Avoid Piracy Crackdown
| from the privacy-piracy-eh-what's-the-difference dept.
| posted by timothy on Saturday January 29, @04:58 (Privacy)
| https://yro.slashdot.org/story/11/01/29/0417208/UK-ISPs-Consider-VPN-To-Avoid-Piracy-Crackdown?from=newsletter
+--------------------------------------------------------------------------------------------------------
Mark.JUK writes "Broadband internet providers in the UK are
[0]considering whether or not to follow the [1]example of a Swedish ISP,
Bahnhof, which recently put all of its customers behind a secure Virtual
Private Network (VPN) in order to circumvent new European Data Retention
and Internet Copyright Infringement laws. By doing this is makes their
logs less useful to outside forces (e.g. rights holders) and allows
customers to use the internet anonymously. However several UK ISPs,
including business provider AAISP (Andrews and Arnold), have suggested
that there may be better solutions than sticking everybody behind a
costly VPN. AAISP's boss, Adrian Kennard, claims, 'something ISPs will be
doing anyway, carrier grade NAT, will create a similar anonymity as there
is no requirement to log NAT sessions.' Meanwhile, Timico's CTO, Trefor
Davies, warns, 'It would be a pretty costly project for all ISPs to
implement such a system. It would also bring with it risks ��� suddenly it
becomes a lot easier for governments to start monitoring all your traffic
because it all goes through a single point (or at least a few points) on
the network.'"
Discuss this story at:
https://yro.slashdot.org/story/11/01/29/0417208/UK-ISPs-Consider-VPN-To-Avoid-Piracy-Crackdown?from=newsletter#commentlisting
Links:
0. http://www.ispreview.co.uk/story/2011/01/28/uk-isps-moot-anonymous-internet-solutions-to-circumvent-new-data-and-piracy-laws.html
1. http://yro.slashdot.org/story/11/01/27/0320209/Swedish-ISPs-To-Thwart-EU-Data-Retention-Law
+--------------------------------------------------------------------------------------------------------
| Egypt Cuts the Net, Net Fights Back
| from the let's-use-big-metaphors dept.
| posted by timothy on Saturday January 29, @08:01 (Censorship)
| https://yro.slashdot.org/story/11/01/29/0025210/Egypt-Cuts-the-Net-Net-Fights-Back?from=newsletter
+--------------------------------------------------------------------------------------------------------
GMGruman writes "Egypt's cutoff of the Net enrages the Netizenry, who are
finding a bunch of ways ��� high tech and low tech ��� to fight back, from
dial-up to ham radio, from mesh networks to Twitter. Robert X. Cringely
shows [0]how the Net war is being waged, and asks, Could it happen at
home, too?" [1]Sure, [2]it [3]could. On the same topic, reader dermiste
writes "In reaction to the Egyptian government crackdown on the Internet,
the French non-profit ISP French Data Network [4]set up a dial-up
Internet access. This way, anyone in Egypt who has access to a analog
phone line and can call France is able to connect to the network using
the following number: +33 1 72 89 01 50 (login: toto, password: toto)."
Discuss this story at:
https://yro.slashdot.org/story/11/01/29/0025210/Egypt-Cuts-the-Net-Net-Fights-Back?from=newsletter#commentlisting
Links:
0. http://www.infoworld.com/d/adventures-in-it/cairo-mania-egypt-cuts-the-net-807
1. http://yro.slashdot.org/story/10/09/01/1619225/Senate-Trying-To-Slip-Internet-Kill-Switch-Past-Us
2. http://news.slashdot.org/story/10/10/27/1849224/Most-Americans-Support-an-Internet-Kill-Switch?from=rss
3. http://politics.slashdot.org/story/10/06/27/1845255/Sen-Bond-Disses-Internet-Kill-Switch-Bill?from=rss
4. http://blog.fdn.fr/post/2011/01/28/Censure-de-l-internet-en-%C3%89gypte-%3A-une-humble-action-de-FDN
+--------------------------------------------------------------------------------------------------------
| Who Unfriended You, and Why
| from the look-to-your-left-look-to-your-right dept.
| posted by timothy on Saturday January 29, @09:03 (Facebook)
| https://tech.slashdot.org/story/11/01/29/1338223/Who-Unfriended-You-and-Why?from=newsletter
+--------------------------------------------------------------------------------------------------------
Barence writes "Given that social-networking sites like to put across a
happy-clappy image of friendship and joy, it's not surprising that
they're less keen to tell you when someone doesn't want to be as friendly
with you any more. PC Pro reveals how to find out [0]who really hates you
on social networks. It's possible to track who's quietly dropped you from
their Facebook friends list, for example, by installing Firefox's
Greasemonkey add-in and running a special script. Meanwhile, there are
sites that will reveal the exact tweet that turned people off your
Twitter account."
Discuss this story at:
https://tech.slashdot.org/story/11/01/29/1338223/Who-Unfriended-You-and-Why?from=newsletter#commentlisting
Links:
0. http://www.pcpro.co.uk/features/364777/find-out-who-hates-you-on-facebook-twitter-and-linkedin
+--------------------------------------------------------------------------------------------------------
| How Do You Protect Servers From a Rogue Admin?
| from the you-don't-make-them-angry dept.
| posted by timothy on Saturday January 29, @10:05 (Data Storage)
| https://ask.slashdot.org/story/11/01/29/1458240/How-Do-You-Protect-Servers-From-a-Rogue-Admin?from=newsletter
+--------------------------------------------------------------------------------------------------------
Treborto writes "I work with a non-profit that has an extensive
collection of photos and videos. These are used in publications and on
the web. We have several levels of privileges: read-only of small,
watermarked images; read-only of large, clean images; edit of the site;
and admins who can confer privileges. It has happened that people leave
the organization in anger. So far, no Admin has done so. Is there a
back-up, site mirroring, privilege, or other strategy you'd recommend so
we have protection from an Admin gone bad?"
Discuss this story at:
https://ask.slashdot.org/story/11/01/29/1458240/How-Do-You-Protect-Servers-From-a-Rogue-Admin?from=newsletter#commentlisting
+--------------------------------------------------------------------------------------------------------
| Golden Gate Bridge To Eliminate Tollbooths
| from the your-check-is-in-the-email dept.
| posted by timothy on Saturday January 29, @11:01 (Businesses)
| https://news.slashdot.org/story/11/01/29/1518255/Golden-Gate-Bridge-To-Eliminate-Tollbooths?from=newsletter
+--------------------------------------------------------------------------------------------------------
Hugh Pickens writes writes "The San Francisco Chronicle reports that
tollbooths and toll collectors, a fixture at the Golden Gate Bridge since
it opened in 1937, will be eliminated starting in 2012 as [0]the bridge
moves to an all-electronic system, cutting 34 jobs and saving $19.2
million over the first eight years. The bridge will move to a toll
collection strategy that combines the existing FasTrak system with one
that photographs the license plates of cars going through the toll plaza
and mails a bill to the registered owners. Other structures and bridges
have successfully gone to all-electronic tolls, including the Sydney
Harbor Bridge in Australia and the Leeville Bridge in Louisiana, but
[1]not everyone is happy with the change. 'This is a world-famous bridge,
and you need a human face,' says Philip Hynes. 'You need people in those
toll booths to greet people.'"
Discuss this story at:
https://news.slashdot.org/story/11/01/29/1518255/Golden-Gate-Bridge-To-Eliminate-Tollbooths?from=newsletter#commentlisting
Links:
0. http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2011/01/28/BANV1HFE3N.DTL
1. http://www.mercurynews.com/ci_17227872?nclick_check=1
+--------------------------------------------------------------------------------------------------------
| Apple Hints At Near-Field Payments System In Next-Gen iPhone, iPad
| from the please-swipe-this-spot-on-your-screen dept.
| posted by timothy on Saturday January 29, @11:57 (Iphone)
| https://apple.slashdot.org/story/11/01/29/1534259/Apple-Hints-At-Near-Field-Payments-System-In-Next-Gen-iPhone-iPad?from=newsletter
+--------------------------------------------------------------------------------------------------------
An anonymous reader writes "The smartphone seems to be well on its way to
becoming the next wallet; and Apple could be pushing that movement along.
Reports from several outlets suggest the Cupertino, Calif.-based
electronics giant has plans to put a [0]near-field communications chip in
the next versions of the iPhone and iPad for contactless payments
technology. The latest report, from blog Apple Insider, says Apple's has
put up two job postings for two global payment platforms managers."
Discuss this story at:
https://apple.slashdot.org/story/11/01/29/1534259/Apple-Hints-At-Near-Field-Payments-System-In-Next-Gen-iPhone-iPad?from=newsletter#commentlisting
+--------------------------------------------------------------------------------------------------------
| EFL 1.0 Is Finally Released
| from the just-when-you-least-expect-it dept.
| posted by timothy on Saturday January 29, @13:02 (Enlightenment)
| https://tech.slashdot.org/story/11/01/29/1659253/EFL-10-Is-Finally-Released?from=newsletter
+--------------------------------------------------------------------------------------------------------
Lisandro writes "The [0]Enlightenment crew has [1]finally released the
[2]first version of the Enlightenment Foundation Libraries, which the E17
desktop is built on." Adds reader mu22le: "Among the Enlightenment
libraries hitting version 1.0 are Eina (core data structure), Eet (data
encode/decode and storage), Evas (canvas and scenegraph rendering ),
Ecore (core mainloop, display abstraction and utility), Embryo (small
virtual machine and compiler), Edie (GUI layout and animation), E_Dbus,
Efreet (handling of freedesktop.org standards), and Eeze (udev
wrapping)." Getting it right can take a while -- a preview of the EFL
libraries [3]first appeared in 2004. Enlightenment has never stopped
looking cool.
Discuss this story at:
https://tech.slashdot.org/story/11/01/29/1659253/EFL-10-Is-Finally-Released?from=newsletter#commentlisting
Links:
0. http://www.enlightenment.org/
1. http://www.phoronix.com/scan.php?page=news_item&px=OTA1Nw
2. http://www.enlightenment.org/?p=news/show&l=en&news_id=28
3. http://tech.slashdot.org/story/04/07/31/117246/EFL-Preview-Release-Asparagus
+--------------------------------------------------------------------------------------------------------
| Using Search To Reconnect Refugees With Their Families
| from the we-haven't-located-us-yet dept.
| posted by timothy on Saturday January 29, @14:07 (Social Networks)
| https://search.slashdot.org/story/11/01/29/183232/Using-Search-To-Reconnect-Refugees-With-Their-Families?from=newsletter
+--------------------------------------------------------------------------------------------------------
Lanxon writes "A lengthy and emotional feature on Wired this week goes
behind the scenes of Refugees United (RU) ��� a US-registered non-profit,
founded in 2006 by two Danish brothers, Christopher and David Mikkelsen,
that [0]aims to be a Google for refugee search: an easy, accessible
platform that enables the displaced to find their families. On a grey
July day in the RU office in Copenhagen ��� typical tech-company open-plan
��� Christopher and David, and Tomas Krag, chief technology officer,
explain how the project came about, and the impact it has had on the
world."
Discuss this story at:
https://search.slashdot.org/story/11/01/29/183232/Using-Search-To-Reconnect-Refugees-With-Their-Families?from=newsletter#commentlisting
+--------------------------------------------------------------------------------------------------------
| New Android Exploit Discovered To Steal Data
| from the damn-androids-have-no-consciences dept.
| posted by timothy on Saturday January 29, @15:04 (Android)
| https://it.slashdot.org/story/11/01/29/1946202/New-Android-Exploit-Discovered-To-Steal-Data?from=newsletter
+--------------------------------------------------------------------------------------------------------
mimd writes "A researcher at North Carolina State University has
discovered yet another [0]Android Browser exploit that affects the new
Android 2.3 (Gingerbread) and previous versions. Slashdot recently
covered a [1]previous browser exploit that affected all versions of the
Android Browser, but was patched in 2.3. [2]Xuxian Jiang writes 'our
finding here is that the patch contained in Android 2.3 is not an
ultimate fix and can still be bypassed. We have a proof-of-concept
exploit with a stock Nexus S phone and are able to successfully exploit
the vulnerability to steal potentially personal information from the
phone.' The exploit is capable of reading and writing files from an
Android's sdcard or system partition as well as uploading user data over
the internet."
Discuss this story at:
https://it.slashdot.org/story/11/01/29/1946202/New-Android-Exploit-Discovered-To-Steal-Data?from=newsletter#commentlisting
Links:
0. https://login.techweb.com/cas/login?service=http://www.darkreading.com/insider-threat/167801100/security/vulnerabilities/229200006/data-leak-flaw-found-in-newest-version-of-google-android.html&gateway=true
1. http://mobile.slashdot.org/story/10/11/27/213219/Security-Expert-Warns-of-Android-Browser-Flaw?from=rss
2. http://www.csc.ncsu.edu/faculty/jiang/nexuss.html
+--------------------------------------------------------------------------------------------------------
| China Blocks 'Egypt' On Twitter-Like Site
| from the jumping-the-gun-just-a-bit dept.
| posted by timothy on Saturday January 29, @16:11 (Censorship)
| https://yro.slashdot.org/story/11/01/29/2110227/China-Blocks-Egypt-On-Twitter-Like-Site?from=newsletter
+--------------------------------------------------------------------------------------------------------
Suki I writes with this excerpt from news.com.au: "China has [0]blocked
the word 'Egypt' from the country's wildly popular Twitter-like service,
while coverage of the political turmoil has been tightly restricted in
state media. China's ruling Communist Party is sensitive to any potential
source of social unrest. A search for 'Egypt'' on the Sina microblogging
service brings up a message saying, 'According to relevant laws,
regulations and policies, the search results are not shown.' The service
has more than 50 million users. News on the Egypt protests has been
limited to a few paragraphs and photos buried inside major news websites,
but China Central Television had a report on its midday broadcast.
China's Foreign Ministry did not respond to a request for comment on the
events in Egypt."
Discuss this story at:
https://yro.slashdot.org/story/11/01/29/2110227/China-Blocks-Egypt-On-Twitter-Like-Site?from=newsletter#commentlisting
+--------------------------------------------------------------------------------------------------------
| A Kinect Princess Leia Hologram In Realtime
| from the recreation-opportunities dept.
| posted by timothy on Saturday January 29, @17:24 (Input Devices)
| https://hardware.slashdot.org/story/11/01/29/2222246/A-Kinect-Princess-Leia-Hologram-In-Realtime?from=newsletter
+--------------------------------------------------------------------------------------------------------
mikejuk writes with this snippet from I, Programer: "True 3D realtime
holography is not only possible ��� it makes use of a Kinect as its input
device. A team at MIT has [0]recreated the famous 3D Princess Leia scene
from the original Star Wars ��� but as a live video feed! It's a great
stunt but don't miss the importance ��� this is realtime 3D holography and
that means you can view it without any glasses or other gadgets and you
can move around and see behind objects in the scene. This is more than
the flat 3D you get in movies."
Discuss this story at:
https://hardware.slashdot.org/story/11/01/29/2222246/A-Kinect-Princess-Leia-Hologram-In-Realtime?from=newsletter#commentlisting
+--------------------------------------------------------------------------------------------------------
| Model Says Religiosity Gene Will Dominate Society
| from the getchyer-broad-brushes-n'-start-paintin' dept.
| posted by timothy on Saturday January 29, @18:42 (Earth)
| https://news.slashdot.org/story/11/01/29/2350217/Model-Says-Religiosity-Gene-Will-Dominate-Society?from=newsletter
+--------------------------------------------------------------------------------------------------------
Hugh Pickens writes writes "PhysOrg reports on a study by Robert
Rowthorn, emeritus professor at Cambridge University, that predicts that
the genetic components that predispose a person toward religion are
currently "hitchhiking" on the back of the religious cultural practice of
high fertility rates and that provided the fertility of religious people
remains on average higher than that of secular people, the [0]genes that
predispose people towards religion will spread. For example, in the past
20 years, the [1]Amish population in the US has doubled, increasing from
123,000 in 1991 to 249,000 in 2010. The huge growth stems almost entirely
from the religious culture's high fertility rate, which is about 6
children per woman, on average. Rowthorn says that while fertility is
determined by culture, an individual's predisposition toward religion is
likely to be influenced by genetics, in addition to their upbringing. In
the model, Rowthorn uses a "religiosity gene" to represent the various
genetic factors that combine to genetically predispose a person toward
religion, whether remaining religious from youth or converting to
religion from a secular upbringing. Rowthorn's model predicts that the
religious fraction of the population will eventually stabilize at less
than 100%, and there will remain a possibly large percentage of secular
individuals. But [2]nearly all of the secular population will still carry
the religious allele, since high defection rates will spread the
religious allele to secular society when defectors have children with a
secular partner."
Discuss this story at:
https://news.slashdot.org/story/11/01/29/2350217/Model-Says-Religiosity-Gene-Will-Dominate-Society?from=newsletter#commentlisting
Links:
0. http://www.physorg.com/news/2011-01-religiosity-gene-dominate-society.html
1. http://amishamerica.com/how-fast-are-the-amish-growing/
2. http://rspb.royalsocietypublishing.org/content/early/2011/01/07/rspb.2010.2504.full
Copyright 1997-2010, Geeknet, Inc. All Rights Reserved.
======================================================================
You have received this message because you subscribed to it
on Slashdot. To stop receiving this and other
messages from Slashdot, or to add more messages
or change your preferences, please go to your user page.
http://slashdot.org/prefs/messages
You can log in and change your preferences from there.
Hiç yorum yok:
Yorum Gönder