top Researchers Use Siri To Steal Data From iPhones
Jailbroken phone susceptible to data ex-filtration while on special malicious network?? Apple is dying.
top Apple Pushes First Automated OS X Security Update
Buffer overflow in ctl_putdata()
References: Sec 2668 / CVE - 2014 - 9295 / VU #852879
Versions: All NTP4 releases before 4.2.8
CVSS: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Base Score: 7.5
Date Resolved: Stable (4.2.8) 18 Dec 2014
Summary: A remote attacker can send a carefully crafted packet that can overflow a stack buffer and potentially allow malicious code to be executed with the privilege level of the ntpd process.
Mitigation - any of:
Upgrade to 4.2.8, or later, from the NTP Project Download Page or the NTP Public Services Project Download Page.
Put restrict ... noquery in your ntp.conf file, for non-trusted senders.
Credit: This vulnerability was discovered by Stephen Roettger of the Google Security Team. w
top Waze Causing Anger Among LA Residents
Those reversible lanes ("suicide lanes") have been around in Phoenix since a lot longer, starting in the 1970's.
Phoenix is one of the few U.S. cities in the that realizes a) Public transportation doesn't work well in low density, post-WW2 US cities (aka, the sunbelt and west coast) and b) Grid pattern streets and excellent freeways are the only reasonable, cost effective short term strategy. What is the long term strategy? Nobody knows, except maybe to completely get rid of shitty low density cities, which will never happen. American people want their trucks and backyards, and they especially don't want to have to sit next to some poor person on public transportation.
about a month and a half ago
top Banks Report Credit Card Breach At Home Depot
The problem is that these data compromises are going to happen and that the current magnetic strip technology is laughably obsolete and insecure. Chip + PIN effectively mitigates the weakness in magnetic strip data by embedding a chip (physical, something you have) and a pin (something you know) into the transaction process, plus many other security enhancements. Current magnetic strip cards are authenticated purely by a string of digits (something you know) and are easily copied and reproduced.
Read all about it here:
Chip + pin WILL be happening in America. http://blogs.wsj.com/corporate...
NFC-based payment system may have a chance to become popular in the mean time.
top Reported iCloud Hack Leaks Hundreds of Private Celebrity Photos
It could have just as easily been a packet sniffing engine on a local ISP, cellular network, data center etc. Maybe in front of Amazon? Were these all transferred through snapchat, dropbox or some other file sharing service that leverages AWS or some other cloud provider? Were any taken from those services by admins?
My point is, many of these images were *taken* with non-apple devices and *deleted* before photo stream was a thing. At this point it is likely someone got access to a darknet cache of images -- the sources are unlikely from one location, but from many many sources over many years.
LTDR; 1. Enable 2FA 2. If you upload something to the internet, assume someday someone will be able to see it and do whatever they want with it. Are you okay with that?
top Slashdot Asks: Do You Want a Smart Watch?
Slashdot: News for nerds, terrible at predicting anything that matters.
top Workaholism In America Is Hurting the Economy
Talent is usually worth paying extra for, so make your business a talent center and attract the top players. Then give them freedom to get things done and don't micro manage. Ask what isn't getting done (read: the small things, like documentation) and pay someone do to that. Grease the wheels. Allowing people to work from home *IS* a huge benefit for many people, and more importantly, lets people disconnect from the office. I tend to get way more done at home as the office is just pure interrupt driven non-sense most of the time. Technology work is difficult and frustrating, but on the bright side, can pay very well. Deal with it or don't play.
top Google Forks OpenSSL, Announces BoringSSL
For those having a hard time understanding the naming convention,
Not flashy, not exciting, not experimental, not sexy. Performs as expected.
In other words, exactly how I want my security libraries, my databases, and the other critical infrastructure that runs the planet to be described as. Boring is good. A choice between boring Plain Jane and Simple Sally? Even better. Thank you.
top Misogyny, Entitlement, and Nerds
Is this a direct offshoot of our "never a loser" upbringing? I'm afraid these kids who go out on a rampage, thinking the entire time *they* are the victim, may actually be a victim of the coddled upbringing that seems to be commonplace since the 90's. I'm talking about helicopter parents who refuse to let their children get Bs, get second place (or even, god forbid, last place) in any kind of competition. Then we see them unable to understand and cope with failure later in life and blame others instead of accepting defeat. Like most people, I blame the parents. I blame them for not letting them fail. Parents should provide positive influence and basic necessities for children, then get the hell out of the way and let children grow up on their own.
Children who grow up without siblings (ie compeition for parents time) seem to be particularly narrisistic and useless when combined with overbearing and coddling parents. Those
top Netcraft: Microsoft Closing In On Apache Web Server Lead
top Sony, Microsoft Squabble Over Console Features, But the Real Opponent Is Apple
Google Maps was included with the initial release of the iPhone, before Android. Try again.
about a year and a half ago
top Ask Slashdot: How Do You Sell an Algorithm To Venture Capitalists?
Know your audience, that's for sure. As far as how much detail to let them in on, send me the copy of the details and I'll get back to you.
about a year and a half ago
top Doctors Bypass Biometric Scanners With Fake Fingers
Iris scanners have lower false positive rejection rates and are more accurate than Retina scanners, which do exist. Retinas can become damaged and change with time, unlike the human iris which does not under normal circumstances change during lifetimes.
Iris scanners considered the best biometric authentication, they are also typically the most expensive (look up the LG scanner pricing).
http://web2.utc.edu/~Li-Yang/cpsc4600/6-Iris-DNA/IRIS-Retina.ppt has some good info on the differences.
top Why Microsoft Office For iOS Will Likely Never See the Light of Day
Slashdot is quickly losing any clout it had gathered in the last 10 years thanks to these new editors in the past few years. I'm all for providing a critical analysis of companies, such as Apple or Microsoft, but this summary was just stupid. Microsoft has been making Office for Mac for YEARS prior to the investment they made in Apple in the late 90's, which was a token gesture to show good faith to the Justice Department because MS was under *criminal* review. They made a significant investment in Apple and brought IE to Mac (and they abandoned both as soon as they could).
Apple has been consistent about charging *everyone* the same percentage to host Apps on the App Store. Microsoft is _leaving_ _money_ on the table by being stubborn and not porting to IOS and playing nicely. Why is this Apples fault? Oh right, this is slashdot.
What happened with MSFT in the 90's and what is happening now are barely even remotely related and not some how ironic.
top 5 More Google Fiberhoods Coming To Kansas City
Is it any indication of how bad regulation and costs are that this sort of thing isn't a reality yet in SV, despite it being most densely populated area of nerds in the country?
Does anyone know of any other "official" reason why even Verizon FIOS isn't in santa clara valley? It just amazes me how shitty communication bandwidth is (wireless and otherwise) in the valley compared to podunk idaho or kansas city. What in the world is going on here?
top New 25-GPU Monster Devours Strong Passwords In Minutes
Can anyone find what type of server/motherboard combo they used to get what appears to be a 9-slot PCI-e motherboard with 3x PSUs? They have 8 cards in one box and a infiniband card.. I can't seem to find what this is (or how I can buy it)
top Hello, I'm a Mac. And I'm a $248 Win8 PC.
I've had more blue screens with Windows 7 then any other Windows OS. Finally started replacing hardware and ran memtest86 for a week and found 1, ONE, memory fault in millions and millions of operations. Replaced the memory (corsair brand to start with and bought another pair) and have had zero issues since. The reality of computing today is that any bluescreen/grey screen/kernel panic is largely irrespective of operating system, it's nearly always a subtle hardware issue. Which, much to the shagrin of microsoft, means alot of finger pointing. Apple people (like myself) just take our equipment into the Apple store and say "fix it" and they do (with Applecare, without a fee). Microsoft doesn't have that luxury and gets a black eye every time there is a bluescreen (which is also why they have gone to great lengths to certify vendors and hardware since the days of yesteryear).
Microsoft has great products, especially in the office environment (I can't function without Office). Self-described Apple person here, I still use Windows 7 often and tried the MS Surface, looks alright, but I like my ipad mini better. I will concede the Maps on surface/windows8 are WAY better, but that is a given.
top Amazon EBS Failure Brings Down Reddit, Imgur, Others
This too shall pass
top Samsung Terminates LCD Contract With Apple
People bought the iPhone because it was a ipod, phone, mobile communicator, and did all of those things very well. It is a gross oversimplification to say other devices had the features there was no need for the iPhone and the users are just dumb lemmings who buy anything Apple throws at them. Most people who don't "get" iPhones or Apple will never, for the same reason "there are only 10 times of people in the world, those who understand binary and those who don't". You don't get Apple because you can work around huge problems and shortcomings and only typically focus only on the
amount of features instead of the quality of a few. People who buy Apple products do so because they "just work". They don't have 50 different ports on them for every competing standard, they don't have a covers, Apple focuses on making a few great ideas work really well, which is why they are successful. Engineers and nerdtypes don't get this, which is why they aren't the visionaries running the companies, they are instead slogging through the ranks doing what they are told.
top Samsung Terminates LCD Contract With Apple
Yes, they steal ideas here and there and make a great product. Sure, they sue companies that steal their whole product. And yes, they make the best American consumer electronic products, ever.
Remember "smartphones" before the iPhone? It took years for any company to remotely match what the iPhone had when it LAUNCHED. To summarize, every slashdot thread about Apple: Haters going to hate.
ctime hasn't submitted any stories.
ctime has no journal entries.