Stories
Slash Boxes
Comments
typodupeerror delete not in
  • Preferences

Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

Comments: 232 +-   Are You Using SPF Records? on Thursday December 17, @07:09PM

Posted by timothy on Thursday December 17, @07:09PM
from the spf-50-should-be-enough dept.
communications
gravyface writes "I've been setting up proper Sender Policy Framework records for all my clients for past year or so, hoping to either maintain or improve their 'reputation' in the email universe. However, there's a lot of IT admins I speak with who either haven't heard of SPF records or haven't bothered setting them up. How many of you are using SPF records for your mail domains? Does it help? How many anti-spam vendors out there use SPF records as part of their 'scorecard'?"
Read More... 232 comments story

Comments: 369 +-   DRM Flub Prevented 3D Showings of Avatar In Germany on Thursday December 17, @02:31PM

Posted by timothy on Thursday December 17, @02:31PM
from the token-of-our-appreciation dept.
movies
Fraggy_the_undead writes "According to German IT news site heise.de, yesterday several 3D showings of Avatar couldn't take place (German; Google translation to English), because the movies were DRM protected such that there had to be a key per copy of the film, per film projector, and per movie server in the theater. The key supplier, by the name Deluxe, was apparently unable to provide a sufficient number of valid keys in time. Moviegoers were offered to get a refund or view an analogue 2D showing instead."
Read More... 369 comments story

Comments: 150 +-   Autonomous Intelligent Botnets Bouncing Back on Thursday December 17, @09:21AM

Posted by CmdrTaco on Thursday December 17, @09:21AM
from the duck-and-cover dept.
security
coomaria writes "Thought that 2009 was the year botnets died? Well, think again: compromised computers were responsible for distributing 83.4% of the 107 billion spam messages sent around the world every single day this year, and it's going to get worse if intelligent and autonomous botnets arrive in 2010 as predicted."
Read More... 150 comments story

Comments: 56 +-   Doom-Like Video Surveillance For Ports In Development on Thursday December 17, @05:48AM

Posted by Soulskill on Thursday December 17, @05:48AM
from the hurt-me-plenty dept.
security
oranghutan writes "A research and development group down under is working to develop an advanced video surveillance system for ports around the world that uses video superimposed onto a 3D map. With 16-megapixel high-definition cameras on a distributed (cabled) network and a proprietary system written in a variety of languages (C++, Python, SQL, etc.), the group from NICTA is aiming to allow security teams at the Port of Brisbane — which is 110km long — to monitor shipping movements, cargo and people. By scrolling along a 3D map, the security teams can click on a location and then get a real-time video feed superimposed onto the map. Authorities from around the world with the right permissions can then access the same system. The main difference from regular surveillance systems is the ability to switch views without having to know camera numbers/locations and the one screen view."
Read More... 56 comments story

Comments: 284 +-   VMware Workstation vs. VirtualBox vs. Parallels on Wednesday December 16, @03:43PM

Posted by timothy on Wednesday December 16, @03:43PM
from the can't-you-be-content-with-the-actual-box? dept.
os
snydeq writes "InfoWorld's Randall Kennedy takes an in-depth look at VMware Workstation 7, VirtualBox 3.1, and Parallels Desktop 4, three technologies at the heart of 'the biggest shake-up for desktop virtualization in years.' The shake-up, which sees Microsoft's once promising Virtual PC off in the Windows 7 XP Mode weeds, has put VirtualBox — among the best free open source software available for Windows — out front as a general-purpose VM, filling the void left by VMware's move to make Workstation more appealing to developers and admins. Meanwhile, Parallels finally offers a Desktop for Windows on par with its Mac product, as well as Workstation 4 Extreme, which delivers near native performance for graphics, disk, and network I/O. 'There's some genuine innovation going on, especially in the areas of hardware support and application compatibility,' Kennedy writes. 'All support 32- and 64-bit Windows and Linux hosts and guests, and all have added compelling new VM management capabilities, ranging from automated snapshots to live VM migration.'"
Read More... 284 comments story

Comments: 918 +-   Israeli Border Police Shoot US Student's Laptop on Wednesday December 16, @05:37AM

Posted by kdawson on Wednesday December 16, @05:37AM
from the no-less-no-more dept.
security
zerothink writes "American student Lily Sussman, 21, upon entry into Israel from Taba (Egypt, Sinai) caught Israeli border police in grumpy mood — after two hours of questions and searching through her belongings they decided to put three bullets through her laptop. Explanation? 'I'm sorry but we had to blow up your laptop.' Haaretz also covered the story." All three bullets missed the hard disk.
Read More... 918 comments story

Comments: 359 +-   Are Complex Games Doomed To Have Buggy Releases? on Wednesday December 16, @04:40AM

Posted by Soulskill on Wednesday December 16, @04:40AM
from the where-did-my-face-go dept.
bug
An anonymous reader points out a recent article at Gamesradar discussing the frequency of major bugs and technical issues in freshly-released video games. While such issues are often fixed with updates, questions remain about the legality and ethics of rushing a game to launch. Quoting: "As angry as you may be about getting a buggy title, would you want the law to get involved? Meglena Kuneva, EU Consumer Affairs Commissioner, is putting forward legislation that would legally oblige digital game distributors to give refunds for games, putting games in the same category in consumer law as household appliances. ... This call to arms has been praised by tech expert Andy Tanenbaum, author of books like Operating Systems: Design and Implementation. 'I think the idea that commercial software be judged by the same standards as other commercial products is not so crazy,' he says. 'Cars, TVs, and telephones are all expected to work, and they are full of software. Why not standalone software? I think such legislation would put software makers under pressure to first make sure their software works, then worry about more bells and whistles.'"
Read More... 359 comments story

Comments: 169 +-   Gravatars Can Leak Users' Email Addresses on Wednesday December 16, @12:20AM

Posted by kdawson on Wednesday December 16, @12:20AM
from the chatty-little-things dept.
security
abell writes "Gravatar offers a global avatar service, using an MD5 hash of the user's email as avatar ID. This piece of information in some cases is enough to retrieve the original email address. Testing a simple attack on stackoverflow.com, I was able to determine the email addresses of more than 10% of the site's users."
Read More... 169 comments story

Comments: 151 +-   Hackers Counter Microsoft COFEE With Some DECAF on Tuesday December 15, @10:36PM

Posted by kdawson on Tuesday December 15, @10:36PM
from the please-mister-moto dept.
microsoft
An anonymous reader writes "Two developers have created 'Detect and Eliminate Computer Assisted Forensics' (DECAF). The tool tries to stop Microsoft's Computer Online Forensic Evidence Extractor (COFEE), which helps law enforcement officials grab data from password-protected or encrypted sources. After COFEE was leaked to the Web, Microsoft issued takedown notices to sites hosting the software." The article notes that DECAF is not open source, so you aren't really going to know for sure what it will do to your computer.
Read More... 151 comments story

Comments: 118 +-   Project Honey Pot Traps Billionth Spam on Tuesday December 15, @12:33PM

Posted by timothy on Tuesday December 15, @12:33PM
from the spam-sequestration dept.
spam
EastDakota writes "Project Honey Pot today announced that it had trapped its 1 billionth spammer. To celebrate, the team behind the largest community sourced project tracking online fraud and abuse released a full rundown of statistics on the last five years of spam. Findings include: spam drops 21% on Christmas Day and 32% of New Year's Day; the most spam is sent on Mondays, the least on Saturdays; spammers found at least 956 different ways to spell VIAGRA (e.g., VIAGRA, V1AGRA, V1@GR@, V!AGRA, VIA6RA, etc.) in mail received by the Project; and much more."
Read More... 118 comments story

Comments: 108 +-   What Is the State of Linux Security DVR Software? on Tuesday December 15, @11:51AM

Posted by timothy on Tuesday December 15, @11:51AM
from the peer-out-of-the-basement dept.
security
StonyCreekBare writes "I am wondering what slashdotters have to offer on the idea of Linux based security systems, especially DVR software. I am aware of Zoneminder, but wonder what else is out there? Are there applications that will not only monitor video cameras, but motion sensors and contact closure alarms? What is state of the art in this area, and how do the various Linux platforms stack up in comparison to dedicated embedded solutions? Will these 'play nice' with other software, such as Asterisk, and Misterhouse? Can one server host three or four services applications of this nature, assuming CPU/memory/disk resources are sufficient?"
Read More... 108 comments story

Comments: 195 +-   Adobe Warns of Reader, Acrobat Attack on Tuesday December 15, @11:03AM

Posted by timothy on Tuesday December 15, @11:03AM
from the gnome's-reader's-pretty-good-y'know dept.
security
itwbennett writes "Monday afternoon, Adobe 'received reports of a vulnerability in Adobe Reader and Acrobat 9.2 and earlier versions being exploited in the wild,' the company said in a post to the company's Product Security Incident Response Team blog. According to malware tracking group Shadowserver, the vulnerability is due to a bug in the way Reader processes JavaScript code. Several 'tests have confirmed this is a 0-day vulnerability affecting several versions of Adobe Acrobat [Reader] to include the most recent versions of 8.x and 9.x. We have not tested on 7.x, but it may also be vulnerable,' Shadowserver said in a post on its Web site. The group recommends that concerned users disable JavaScript within Adobe's software as a work-around for this problem. (This can be done by un-checking the 'Enable Acrobat JavaScript' in the Edit -> Preferences -> JavaScript window). 'This is legit and is very bad,' Shadowserver added."
Read More... 195 comments story

Comments: 499 +-   The Trial of Terry Childs Begins on Tuesday December 15, @08:07AM

Posted by kdawson on Tuesday December 15, @08:07AM
from the there-but-for-luck-and-precedent-go-we-all dept.
government
snydeq writes "Opening arguments were heard today in the trial against IT admin Terry Childs, who was arrested 18 months ago for refusing to hand over passwords to the San Francisco city network. InfoWorld's Paul Venezia, who has been following the case from the start, speculates that the 18-month wait is due to the fact that 'the DA has done no homework on the technical issues in play here and is instead more than willing to use the Frankenstein offense: It's different, so it must be killed.' On the other hand, the city — which has held Childs on $5 million bail despite having already dropped three of the four charges against him — may have finally figured out 'just how ridiculous the whole scenario is but is too far down the line to pull back the reins and is continuing with the prosecution just to save face,' Venezia writes. The trial is expected to last until mid-March. San Francisco Mayor Gavin Newsom, to whom Childs eventually gave the city's network passwords, will be included in the roster of those who will testify in the case — one that could put all admins in danger should Childs be found guilty of tampering."
Read More... 499 comments story

Comments: 104 +-   Cybersecurity Czar Job Is Useless, Says Spafford on Monday December 14, @03:46PM

Posted by Soulskill on Monday December 14, @03:46PM
from the federal-whipping-czar dept.
security
Trailrunner7 writes "It's been about seven months since Obama announced his plan to hire a cybersecurity coordinator, and the job is still vacant. Several prominent security experts have turned the position down, and in an interview on Threatpost, Purdue professor Gene Spafford says that the position is pointless. 'It won't have any statutory authority. It won't have any budgetary authority. That does not give it much authority of any kind. So when I hear that there are supposedly people who have been interviewed for this cyber coordinator job and didn't take it, I'm not surprised. It's not a winning position. I'm not at all surprised by the fact that it's empty. That position is a blame-taking position,' Spafford said."
Read More... 104 comments story

Comments: 155 +-   Building a Global Cyber Police Force on Monday December 14, @10:20AM

Posted by CmdrTaco on Monday December 14, @10:20AM
from the i-recommend-team-america dept.
security
dasButcher writes "One of the biggest obstacles to fighting hackers and cyber-criminals is that many operate in the safe harbors of their home countries, insulated from prosecution by authorities in foreign countries where their targets reside. As Larry Walsh writes in his blog, several security vendors and a growing number of countries are now beginning to consider the creation of a global police force that would have trans-border jurisdiction to investigate and arrest suspected hackers."
Read More... 155 comments story

Comments: 168 +-   ID Thief Tries To Get Witnesses Whacked on Monday December 14, @05:13AM

Posted by kdawson on Monday December 14, @05:13AM
from the palpable-escalation dept.
security
adeelarshad82 writes "Pavel Valkovich of Sherman Oaks, CA has pleaded guilty to solicitation of murder, admitting that he attempted to hire hit-men to kill witnesses working with Federal authorities in their investigation of Valkovich's ID theft activities and subsequent crimes. According to the Justice Department: '...Valkovich and others had stolen personal identifying information and used that information to transfer funds from victims' bank accounts to PayPal accounts.'"
Read More... 168 comments story

Comments: 247 +-   Office 2003 Bug Locks Owners Out on Monday December 14, @02:20AM

Posted by kdawson on Monday December 14, @02:20AM
from the file-available-but-not-to-you dept.
bug
I Don't Believe in Imaginary Property writes "A Microsoft Office 2003 bug is locking people out of their own files, specifically those protected with Microsoft's Rights Management Service. Microsoft has a TechNet bulletin on the issue with a fix. It looks like they screwed up and let a certificate expire. There's no information on when the replacement certificate will expire, though, or what will happen when it does."
Read More... 247 comments story

Comments: 80 +-   US and Russia Open Talks On Limits To Cyberwar on Saturday December 12, @11:26PM

Posted by kdawson on Saturday December 12, @11:26PM
from the you-put-down-yours-first dept.
government
andy1307 passes on this from the NY Times: "The United States has begun talks with Russia and a United Nations arms control committee about strengthening Internet security and limiting military use of cyberspace. American and Russian officials have different interpretations of the talks so far, but the mere fact that the United States is participating represents a significant policy shift after years of rejecting Russia's overtures. Officials familiar with the talks said the Obama administration realized that more nations were developing cyberweapons and that a new approach was needed to blunt an international arms race ... While the Russians have continued to focus on treaties that may restrict weapons development, the United States is hoping to use the talks to increase international cooperation in opposing Internet crime. Strengthening defenses against Internet criminals would also strengthen defenses against any military-directed cyberattacks, the United States maintains."
Read More... 80 comments story

Comments: 89 +-   Hackers Find Home In Amazon EC2 Cloud on Thursday December 10, @12:27PM

Posted by CmdrTaco on Thursday December 10, @12:27PM
from the don't-mind-us dept.
security
snydeq writes "Security researchers have spotted the Zeus botnet running an unauthorized command and control center on Amazon's EC2 cloud computing infrastructure. This marks the first time Amazon Web Services' cloud infrastructure has been used for this type of illegal activity, according to threat researcher Don DeBolt. The hackers got onto Amazon's infrastructure by hacking into a Web site hosted on Amazon's servers and then secretly installing their command and control infrastructure."
Read More... 89 comments story

Comments: 186 +-   SQL Injection Attack Claims 132,000+ on Thursday December 10, @09:23AM

Posted by CmdrTaco on Thursday December 10, @09:23AM
from the check-yer-code-people dept.
security
An anonymous reader writes "A large scale SQL injection attack has injected a malicious iframe on tens of thousands of susceptible websites. ScanSafe reports that the injected iframe loads malicious content from 318x.com, which eventually leads to the installation of a rootkit-enabled variant of the Buzus backdoor trojan. A Google search on the iframe resulted in over 132,000 hits as of December 10, 2009."
Read More... 186 comments story
Recent reviews from Slashdot readers:

Submitting a review for consideration is easy; please first read Slashdot's book review guidelines. Updated: 2008114 by samzenpus

Slashdot Login

Log In

Create Account  |  Retrieve Password

Search
Twenty years of romance make a woman look like a ruin; but twenty years of marriage make her something like a public building. -- Oscar Wilde

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.