We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!
danomac (1032160) writes "If you are using systemd you may want to disable resolved. Reported yesterday on seclists, resolved doesn't appear to adhere to rfc5452 and thus is subject to a cache poisoning bug.
At its simplest, an attacker triggers a query to a domain he controls
via SMTP or SSH-login. Upon receipt of the question, he can just add
any answer he wants to have cached to the legit answer he provides
for the query, e.g. providing two anser RR's: One for the question asked
and one for a question that has never been asked — even if the DNS server
is not authoritative for this domain.
danomac (1032160) writes "It appears the Canadian carriers are seeking to overturn the proposed CRTC code that will take effect in December of this year. This code was previously discussed here at slashdot and had things like caps on contracts, reasonable roaming rates, and mandatory cell unlocking. The major sticking point is that this code is to be retroactive, and the big telcos are worried that this will set a bad precedent if customers can effectively cancel their existing three year contracts. However, it sounds like they're not happy that they are no longer the only ones that can arbitrarily change a contract. Some carriers may even defy this new code as they fight through the courts." top
Canipre caught using images without permission from copyright holders
It says right on their website "they all know it's wrong, and they're still doing it" overlaid on top of the image used without permission. There apparently are multiple photos from different authors used, and none gave permission for Canipre to use on their website.
This, of course, creates all sorts of issues with privacy online. The police themselves say they have concerns with Section 34. Apparently the way it is worded it is not just police that can request the information, but any government agent. Would you trust the government with this kind of power?" Link to Original Source top
Early iPad prototype appears in litigation against Samsung
danomac (1032160) writes "The litigation against Samsung has now turned up an early prototype of the iPad, from 2002. This prototype is shown against the article against the iPad 2 and Samsung's Tab 10.1, and it dwarfs both in size and thickness. It's almost as thick as a notebook.
Samsung is saying the early design isn't even close to what the Tab 10.1 is now. It does, however, feature the same rounded corners as the current generation iPad." Link to Original Source top
danomac (1032160) writes "In the spring of 2008, Sons of Maxwell were traveling to Nebraska for a one-week tour and witnessed one of their Taylor guitars being thrown by United Airlines baggage handlers in Chicago. It was discovered later that the $3500 guitar was severely damaged. Long story short: United refused to repair the guitar, so the artist promised to write and produce three songs about his experience with United Airlines. The first song has now been released and uploaded to YouTube where it currently has over a half a million views.
danomac (1032160) writes "Everyone knows the Xbox franchise started out losing a lot of money. Recently, they have started making money, at least for the last two quarters. It looks like Microsoft's gamble is slowly paying off: Possibly by end of June this year the franchise will be in the black.
From the article: "All operators have been keen to point out however that such an attack would be illegal. The GSMA warning that "if this were demonstrated in the UK it would be a serious criminal offense, which could be prosecuted under the Regulation of Investigatory Powers Act 2000 for over the air interception"." Sure, it may be illegal, but since when has this stopped hackers in the first place?
Who would have thought that devices that are remotely programmable would not authenticate the sender of the request?"