Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Most Tor Keys May Be Vulnerable To NSA Cracking

hypnosec Guess who is funding Tor? (236 comments)

According to consolidated financial statements and reports of the Tor Project for the year ending December 2012, US Federal agencies are responsible for nearly sixty percent of funds received by the project. Tor has taken a defensive stand against this, but who knows?

about a year ago
top

Oracle To Stop Developing Sun Virtualization Technologies

hypnosec Oracle makes it official (145 comments)

For those who don't have an Oracle support login here is the official announcement through a blog post.

about a year ago
top

Wii U Won't Run Battlefield 4 Engine Frostbite 3

hypnosec Vicious circle (1 comments)

It seems that Nintendo is stuck between convincing developers to build titles for the Wii U and wooing customers to buy the console even if famous titles r missing. Up until the company manages to get gaming companies port their famous titles onto Wii U gamers wouldn't be interested to buy the console and on the other hand up until the company manages to sell a descent amount of consoles it won't probably be able to convince game developers to develop games for the Wii U.

about a year ago
top

Dice Holdings buys Slashdot and other Geeknet websites for $20M

hypnosec The /. way (3 comments)

Hope this doesn't change the way /. functions!!! Dice Holdings is best known for its career sites. I don't know if they would be able to maintain the way /. functions!! Fingers crossed!

about 2 years ago
top

Windows 8 tells Microsoft about every application that you install.

hypnosec Exposing the OS to hackers? Well not really (2 comments)

It seems that the Nadim Kobeissi, the researcher behind this particular discovery, has gone a little too far in assuming that every tom, dick and harry is able to crack his way through SSLv2 and intercept the communication between the SmartScreen Server and Windows 8 laptop or desktop. The issue is probably not of exposing the OS to hackers as much as it is about the privacy of users. Microsoft does give the option of not installing the SmartScreen feature but, it actually doesn't disclose the privacy implication if this feature is not turned off.

about 2 years ago
top

Do blind people use smartphones?

hypnosec Usage of Smartphones as alternative increasing (5 comments)

Feature phones or the button based phones are used because of the simple reason that they provide a means for identifying the keys through embossed markings. But, many have been working towards and with the advent in voice controlled smartphones and touch phones designed with special interfaces like bigger buttons with high color contrasts may have accelerated the use touch phones as well.

about 2 years ago
top

Russia, CIS Coutries Hit by 'Lurid' Attacks

hypnosec Apologies for the typo in the title (1 comments)

Sorry for the typo in the title guys! Posted the story in a hurry I guess.

more than 2 years ago
top

Google Voice Goes Live Globally

hypnosec The service will start gradually... (3 comments)

Just saw this on the official blog, "We’re rolling out this feature over the next few days, so if it’s available in your country you’ll see a little green phone icon show up at the top of your chat list and you’ll be ready to make calls"

about 3 years ago
top

Google Voice Goes Live Globally

hypnosec Re:Except it doesn't (3 comments)

Yeah seems that they have goofed up on this. Highly surprising that they have released a post but haven't actually made the service live for non-us users.

about 3 years ago
top

Sony Confirms Pass System Implementation

hypnosec Sony finally learning now... I guess (1 comments)

Sony, I guess, has learnt the lesson out of the security breach. Walking on the footsteps of EA and HTQ might help them to recover a bit from the disastrous consequences of the security breach. May be a little though. Let us wait and watch what happens here. :)

more than 3 years ago
top

Student suspended for posting on YouTube

hypnosec Reaction to video not appropriate (2 comments)

I guess, now even students are now allowed to express their minds. Having such an extreme reaction to something I would deem as creative is not the way to go. Education teaches students to express and when harsh actions like these are taken, it doesn't go down well. Hope the authorities in the developed world too doesn't follow the footsteps of the middle-eastern countries.

more than 3 years ago

Submissions

top

GTA Online mod lets you rape other players

hypnosec hypnosec writes  |  about two weeks ago

hypnosec (2231454) writes "Modding isn’t a new thing in the world of gaming, but the latest one in Grand Theft Auto Online is one of the worst mods we have seen so far as it allows users to not only select naked characters but also rape other players. The mod allows users to do ‘naughty stuff’ and ‘very naughty stuff’ among other things which includes actions such as kidnapping, prostitution, make players attach to others and even ‘f*** the air’. First reported by a redditor, videos of such shenanigans have emerged only whereby these so-called ‘trolls’ are performing these acts. Using the mod, players can change their character to a fully naked man, grab their opponents, and lock them into a sexual animation. The character is shown thrust his or her pelvis into their rear of the other player’s character as if they were raping them. If you think the worst was over – well it’s not as the player being ‘raped’ can’t escape until the modder chooses to release him / her."
Link to Original Source
top

PayPal's two-factor authentication can be bypassed easily, researcher says

hypnosec hypnosec writes  |  about three weeks ago

hypnosec (2231454) writes "PayPal’s two-factor authentication can easily be defeated and account accessed without requiring an elaborate set of steps, a security researcher has claimed while publicly disclosing the vulnerability as PayPal has failed to resolve the issue for two months now. Joshua Rogers, an Australian security researcher, discovered the vulnerability on June 5 and reported it to PayPal the same day. However, according to Rogers, PayPal hasn’t patched the vulnerability even after two months and he is disclosing the loop-hole publicly “due to the simplicity of it” and because he believes he gave “Paypal long enough to fix it.”"
Link to Original Source
top

Evan Blass aka @evleaks retires; says monetizing Twitter feed isn't easy

hypnosec hypnosec writes  |  about three weeks ago

hypnosec (2231454) writes "Over a hundred and eighty thousand followers of the popular leaker @evleaks, with their insatiable thirst to know what’s coming, will now have to find another source, as Evan Blass has called it quits after just 2 years. Although there have been a few leaks which were not very genuine, most of his leaks about smartphones and tablets have proved to be true which helped him get almost 187,000 followers on Twitter including several big names in the tech world. Blass has announced his retirement through a tweet that read, “All good things must come to an end. Thank you for an amazing two years. [RETIREMENT],” which was re-tweeted by his thousands of followers."
Link to Original Source
top

Lionsgate sues Limetorrents, Played.to, and four others over Expendables 3 leak

hypnosec hypnosec writes  |  about a month ago

hypnosec (2231454) writes "Lionsgate, the film company in charge of distribution of Expendables 3, has filed a lawsuit against unknown individuals who shared a DVD-level copy of Expendables 3 and six file-sharing sites known to have the links through which copies of the movies are being downloaded illegally. Advanced copy of Expendables 3 was leaked online in July and the pirated copy of the movie saw as many as 180,000 downloads in just 24 hours. The movie, which is releasing on August 15, is said to have crossed two million downloads already."
Link to Original Source
top

Austrian law student takes Facebook to court; asks others to join in

hypnosec hypnosec writes  |  about a month ago

hypnosec (2231454) writes "Max Schrems, an Austrian law student, on Friday called out billions of Facebook users to support him by joining a class-action lawsuit against Facebook for violating users’ privacy laws. Schrems has filed a law suit at Vienna's commercial court and has also invited others to join the action at www.fbclaim.com using their Facebook login. According to Europe-V-Facebook.org campaign, the Austrian law allows for a group of people to assign their claims to a single person in this case, Schrems, who can sue on their behalf and redistribute any damages awarded. In such a case, legal proceedings are then run as a class action. Schrems is claiming 500 Euros ($670) per user from Facebook in damages for allegedly violating data privacy policies, including its participation in the US National Security Agency’s Prism surveillance programme aimed at accessing the personal data of Facebook and other web services users, its graph search feature, use of “big data” systems for spying on users as well as company’s non-compliance with EU privacy law."
Link to Original Source
top

Google's mapping service under scanner in India

hypnosec hypnosec writes  |  about a month ago

hypnosec (2231454) writes "The Central Bureau of Investigation (CBI), India has ordered for a preliminary enquiry (PE) against Google for violating Indian laws by mapping sensitive areas and defence installations in the country. As per the PE, registered on the basis of a complaint made by Surveyor General of India’s office to the Union Home Ministry, Google has been accused of organizing a mapping competition dubbed ‘Mapathon’ in February-March 2013 without taking prior permission from Survey of India, country’s official mapping agency. The mapping competition required citizens to map their neighbourhoods, especially details related to hospitals and restaurants. The Survey of India (SoI), alarmed by the event, asked the company to share its event details. While going through the details the watch dog found that there were several coordinates having details of sensitive defence installations which are out of the public domain."
Link to Original Source
top

Linus Torvalds: "GCC 4.9.0 seems to be terminally broken"

hypnosec hypnosec writes  |  about a month ago

hypnosec (2231454) writes "Linus Torvalds has called GCC 4.9.0 compiler ‘pure and utter sh*t’ and 'terminally broken' after a random panic was discovered in a load balance function in Linux 3.16-rc6. “Ok, so I'm looking at the code generation and your compiler is pure and utter *shit*”, in one of the mails on Linux kernel mailing list. “gcc-4.9.0 seems to be terminally broken”, he added further. The issue that invited such comments from Torvalds is to do with the compiler apparently spilled a constant and incorrect stack red-zoning on x86-64 code generation."
Link to Original Source
top

Russia goes after TOR's privacy; announces 4 million Roubles bounty

hypnosec hypnosec writes  |  about a month ago

hypnosec (2231454) writes "Government of Russia has announced a 4 million Roubles (~£65,000) bounty to anyone who develops a technology to identify users of TOR – an anonymising network capable of encrypting user data and hiding the identity of its users. The bounty has been announced by Russian Ministry of Internal Affairs (MVD) in the form of a tender titled “Perform research, code ‘TOR’ (Navy)”. The public description of the project has been removed now and it only reads "cipher 'TOR' (Navy)". The ministry has said in the tender that it is looking for experts and researchers to “study the possibility of obtaining technical information about users and users equipment on the Tor anonymous network.”"
Link to Original Source
top

Top 10 worst reasons Brits gave for stopping on a hard shoulder on motoway

hypnosec hypnosec writes  |  about a month ago

hypnosec (2231454) writes "Motorists stop on hard shoulders mainly for either of the following two reasons: breakdowns or crashes – however, these are not the only two reasons as Highway Agency has revealed that motorists give out a range of bizarre reasons for stopping on hard shoulders.
  • One motorist pulled over because they saw fire” on their dashboard display, it later turned out it was the name of the Adele track they were listening to.
  • One motorist parked up and fell asleep on the M6.
  • People stopping to read a map or check their sat-navs.
  • Traffic officers stopped with two cars on the hard shoulder – the owners were half way through the selling and buying process for one of the cars.
  • One driver realised their car insurance policy was up for renewal – they were ringing around for quotes to renew.
  • Parents feeding children.
  • Taxi drivers waiting on the hard shoulder around Heathrow airport for their client’s flights to arrive.
  • A mobile phone operator, stopping at regular intervals in their private car carrying out signal tests on the hard shoulder.
  • A driver who stopped to pick flowers.
  • Have you broken down Sir? No, came the reply, we are taking pictures of our new born grandchild (in their open top sports car) as it is a lovely day.
"

Link to Original Source
top

Young Chinese couple sells 2 newborns to buy in-game items

hypnosec hypnosec writes  |  about a month and a half ago

hypnosec (2231454) writes "With several controversies arising about in-app purchases, a Chinese couple has done the most unthinkable by selling their sons to buy in-app items. An unmarried couple, A Hui and A Mei, severely addicted to online games were accused of selling their sons and were arrested. In an interview to the Guangdong TV, they revealed that they chose to sell their sons to child traffickers to be relieved of the financial burden of supporting their children. A Hui said A Mei is fond of playing online games and likes to buy game items. As he could not give up his in-app purchases, he was not able to support his first son and they sold him to Fujian-based child traffickers. When the wife A Mei bore another son, they felt they would not be able to support their second child too. As they were both more interested in buying in-app items, they again sold him to the traffickers."
Link to Original Source
top

Scottish Snake Venom is world's strongest beer with 68% proof

hypnosec hypnosec writes  |  about 2 months ago

hypnosec (2231454) writes "With a staggering 68% proof, a Scottish concoction that costs just £50 a 275ml bottle, has been named as the world’s strongest beer by the Trading Standards officials. Snake Venom from the Brewmeister Brewery in Keith Scotland is produced using special ingredients like smoked peat malt and two different yeast strains – champagne and beer – and is freeze-concentrated to boost its alcohol content."
Link to Original Source
top

UK Data Protection watchdog reminds Brits about Google Glass & privacy

hypnosec hypnosec writes  |  about 2 months ago

hypnosec (2231454) writes "The ICO has issued a mildly toned reminder about how people and organisations need to be mindful about privacy laws in the UK while they are using Google Glass. Andrew Paterson, Senior Technology Officer at ICO notes that the primary issue with Google Glass is whether people have been given notice if they are filmed. Citing instances of Google Glass bans in some bars in the US, Paterson notes that companies in the UK will also be considering their own responses and we anticipate that there will be quite a few businesses which may ban Google Glass. Paterson reminds users that use of such wearable devices should be in compliance with the law and that they should be operated in line with the requirements with the country’s Data Protection Act."
Link to Original Source
top

Cisco's FNR cipher claims to protect protect privacy in cloud

hypnosec hypnosec writes  |  about 2 months ago

hypnosec (2231454) writes "Cisco has released a new experimental block cipher dubbed FNR or Flexible Naor and Reingold, which it claims is suitable for data with less than 128 bits or where preservation of input length is a must. Sashank Dara, software engineer at Cisco, explains that traditional block ciphers including AES work well with data of sizes greater than 128, 192 or 256 bits, but in cases wherein data transmission involves small chunks of data like IP addresses and MAC addresses and AES is used, the small blocks of data get bloated because of the padding requirement. This is where FNR comes in handy as it proposes “invertible matrices to provide a neat and generic way to achieve pair-wise independence for any arbitrary length”. Cisco has offered the code at github under the LPGLv2 and has also provided an application demoing IPV4 address encryption."
Link to Original Source
top

EFF to unveil Open Wireless Router for Open Wireless Movement

hypnosec hypnosec writes  |  about 2 months ago

hypnosec (2231454) writes "A new movement dubbed the Open Wireless Movement is asking users to open up their private Wi-Fi networks for total strangers – a random act of kindness – with an aim of better securing networks and facilitating better use of finite broadband resources. The movement is supported by non-profit and pro-internet rights organisations like the Electronic Frontier Foundation (EFF), Mozilla, Open Rights Group, and Free Press among others. EFF is planning to unveil one such innovation – Open Wireless Router – at the Hackers on Planet Earth (HOPE X) conference to be held next month on New York. This firmware will allow individuals to share their private Wi-Fi to total strangers to anyone without a password."
Link to Original Source
top

Google forks OpenSSL to create its own BoringSSL

hypnosec hypnosec writes  |  about 2 months ago

hypnosec (2231454) writes "Google has forked OpenSSL to create its own cryptography library dubbed BoringSSL – something that Mountain View reveals was done because maintaining the different patches Google created over years was getting difficult to manage over different code bases. Adam Langley, a widely respected cryptography engineer and Google employee, revealed that he started tidying up the OpenSSL code long before Heartbleed was discovered. Google had been busy applying a series of patches on top of OpenSSL, few of which have already been into main OpenSSL repository, but as multiple Google products including Chrome and Android have been dependent on the patches they had built, it was becoming complex to handle these patches “across multiple code bases is getting to be too much”. For this reason they decided to switch to a model where they import changes from OpenSSL instead of the other way around."
Link to Original Source
top

Thousands of servers with Supermicro motherboards store admin passwords in clear

hypnosec hypnosec writes  |  about 2 months ago

hypnosec (2231454) writes "Security researcher over at CARI.net has revealed that thousands of servers fitted with Supermicro motherboards are just waiting there, storing admin passwords in clear text, to be probed by hackers and attackers. The plain text password threat is to do with the baseboard management controller (BMC) – a motherboard component – using which administrators can monitor physical status of servers including their temperatures, disk and memory performance, and fan speeds. Wikholm notes that it’s not just the password file that you download via the port, but the entire /nv directory is up for grabs and anyone can download “server.pem file, the wsman admin password and the netconfig files”."
Link to Original Source
top

Britain gets national .uk web address

hypnosec hypnosec writes  |  about 3 months ago

hypnosec (2231454) writes "Starting today businesses and individuals in the UK will be able to register a new national web address ‘.uk’ and drop their existing ‘.co.uk’ or ‘.com’ suffix in favour of a shorter and snappier domain name. The entire process along with the transition is being overseen by private yet not-for-profit organisation Nominet, which has already started notifying existing customers with a ‘.co.uk’ domain of their chance to adopt a ‘.uk’ domain. Nominet will reserve all ‘.uk’ domain names, which already have a ‘.co.uk’ counterparts, for the next five years offering registrants the chance to adopt the new domain and to keep cyber squatters at bay."
Link to Original Source
top

Google dragged to court over AdSense account bans

hypnosec hypnosec writes  |  about 3 months ago

hypnosec (2231454) writes "A consumer rights firm, Hagens Berman, has filed a national class-action lawsuit against Google on behalf of Free Range Content, the California-based owner of Repost.us, claiming that the search engine giant unlawfully denies payments to thousands of website owners and operators under its AdSense programme.

The lawsuit partly relies on the recent accusations that Google is engaged in AdSense fraud and through a scheme developed in 2009 denies payments to thousands of publishers just close to the payout dates without providing a valid reason.

Further the lawsuit also cites the case of Free Range Content whose account was also disabled. In February 2014, Free Range Content noticed an unusual spike in their AdSense earnings – something in tune of $40,000.

Free Range Content scheduled a call with a Google AdSense representative on March 6, but just two days before the call Google disabled its account. Google refused to talk with Free Range Content after this, claims the lawsuit."

Link to Original Source
top

Mozilla ditches Firefox's new-tab monetization plans

hypnosec hypnosec writes  |  about 4 months ago

hypnosec (2231454) writes "Mozilla has ditched its Firefox’s new-tab monetization plans as they ‘didn’t go over well’ with the community finding it hard to understand the scheme. Johnathan Nightingale, Mozilla’s VP of Firefox said that a lot of Firefox’s community was worried that Mozilla was “going to turn Firefox into a mess of logos sold to the highest bidder” and that users wouldn’t have either control over this or any actual benefit. “That’s not going to happen. That’s not who we are at Mozilla.”"
Link to Original Source
top

Mozilla announces $10K bug bounty for certificate verification in Firefox 31

hypnosec hypnosec writes  |  about 4 months ago

hypnosec (2231454) writes "Mozilla has announced a special $10,000 bug bounty for anyone who breaks its certification verification in upcoming Firefox 31 slated for a July 31 launch. Mozilla revealed its work on a new certification verification library for its products which it claims is more robust and maintainable. To ensure that its new code doesn’t meet with the same fate as Heartbleed and Apple’s #gotofail bug, Mozilla announced the special bug bounty to “make sure this code is rock solid before it ships to millions of Firefox users”. The non-profit organisation is interested in bugs through which the browser accepts fake untrustworthy certificate chains which otherwise should be rejected or something in the code that may lead to exploitable memory corruption. Mozilla also adds that a bug that causes Firefox to accept forged signed OCSP responses would also qualify as a bounty worthy bug under this program."
Link to Original Source

Journals

top

How To Upgrade Your iPhone 4 or iPad 2 To iOS 5 Now

hypnosec hypnosec writes  |  more than 3 years ago

What could well be the simplest ever way of upgrading your iOS device to a new beta firmware has been published by a reader from Gizmodo, the website which attracted much attention when it published pictures of the iPhone 4 last year.

Apple is likely to be unappreciative of the publication of this article as well, given that it has already attracted more than 150,000 views since its publication a few hours ago.

Kudos first to Mert Erdir who wants to be a pro developer and says that he just wants to get the attention of Apple, the company he's in love with.

The method he published exploits a security vulnerability related to the Voice Over System, and while it might just be a rather straight forward process, be warned that users will be proceeding at their own risk. http://www.itproportal.com/2011/06/08/how-upgrade-your-iphone-4-or-ipad-2-ios-5-now/#ixzz1Ogf9rh1r

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>