today update channels










>
August
    •  
    •  
    •  
    •  
    •  
    • 1
    • 2
    • 3
    • 4
    • 5
    • 6
    • 7
    • 8
    • 9
    • 10
    • 11
    • 12
    • 13
    • 14
    • 15
    • 16
    • 17
    • 18
    • 19
    • 20
    • 21
    • 22
    • 23
    • 24
    • 25
    • 26
    • 27
    • 28
    • 29
    • 30
    • 31
     



     
    Users
    reade
    riko4
    NicoCanali
    reader
    irodgers
    bluronline
    chaolong34
    jtanderson
    alicia4live
    bizman
     
     slashdot.org 
     
    +Paypal Advises Users To Stop Using Safari
      eldavojohn writes "Over concerns for lack of an anti-phishing mechanism for Safari, Paypal is telling its Mac users to use another browser. An author from Ars Technica reveals that he has been using Camino and has fallen victim to a Paypal related phishing scam via e-mail so this story must hit home for him. 'Currently the Apple browser does not alert users to sites that could be phishing for your info, and it lacks support for Extended Validation. PayPal is, of course, a popular site among phishers in their neverending search for personal information, user IDs, and passwords. While it's not entirely fair singling out Safari (other Mac browsers like Camino also lack this support), it is perhaps at least a helpful reminder of the threat.'"Read more of this storyat Slashdot.

    +New "Mebroot" MBR-Modifying Rootkit Analyzed
      I Don't Believe in Imaginary Property writes "F-Secure has a writeup on a highly obfuscated, advanced new rootkit they recently discovered which uses a number of old techniques like MBR modification in new ways. It modifies the MBR, starts up its downloader with an ntoskrnl.exe hook set to nt!Phase1Initialization (which conveniently removes it from memory afterwards), and hooks IRP_MJ_READ and IRP_MJ_WRITE in disk.sys to hide itself in empty sectors. It also bypasses software firewalls by calling the NDIS API directly, using a 'code pullout' technique to load just the parts of ndis.sys that it needs. F-Secure believes it was written by professionals who are after financial information."Read more of this storyat Slashdot.

    +Identity Theft Rates Among Top Banks
      Hugh Pickens writes "Consumers, regulators, and businesses lack objective tools to compare the incidence of identity theft across financial institutions and without such tools, consumers cannot 'vote with their feet' and choose safer institutions. Now a study by Chris Hoofnagle has analyzed 88,000 complaints submitted by victims to the FTC over a three month period in 2006 and found that Bank of America ranked highest of all firms in the study, with an average of 1,117 incidents over a three-month period. AT&T had 763 incidents, followed by Sprint Nextel, JP Morgan, Chase and its Chase and Bank One, and Capital One. When the estimated events are divided by the total deposits, the data show that HSBC, Washington Mutual, and Bank of America have the highest rates of identity theft. Hoofnagle said lending institutions should publicly report information about identity theft events such as the rate of identity theft; the form of identity theft attempted; whether it was a mortgage loan or credit card; and the amount of loss suffered as a result. would help consumers choose safer financial institutions. The full study(PDF) is available from the Berkeley Center for Law and Technology."Read more of this storyat Slashdot.

    +Sun Hires Two Key Python Developers
      sspringer writes to let us know about Sun's continuing push to support scripting languages other than Java on its Java virtual machine. Sun just hired two key Python developers: Ted Leung, a long-time Python developer at the Open Source Applications Foundation, and Frank Wierzbicki, who is lead implementer of the Jython project. They will both work on Jython, which enables Python to run on the JVM. Last month Sun's CEO said the company wants to "take the J off the JVM and just make it a VM."Read more of this storyat Slashdot.

    +Aging Security Vulnerability Still Allows PC Takeover
      Jackson writes "Adam Boileau, a security consultant based in New Zealand has released a tool that can unlock Windows computers in seconds without the need for a password. By connecting a Linux machine to a Firewire port on the target machine, the tool can then modify Windows' password protection code and render it ineffective. Boileau said he did not release the tool publicly in 2006 because 'Microsoft was a little cagey about exactly whether Firewire memory access was a real security issue or not and we didn't want to cause any real trouble'. But now that a couple of years have passed and the issue has not resolved, Boileau decided to release the tool on his website."Read more of this storyat Slashdot.

    +PHP Optimized for Windows Server 2008
      Stony Stevenson writes "It used to be that popular PHP applications would run more poorly on Windows Server than on a Linux or Unix servers, for which PHP had been optimized. Specialist in the PHP language Zend Technologies now says that's no longer the case. The Zend Core commercially supported form of PHP has been certified by Microsoft as ready to run 'with performance and stability' on Windows Server 2008, said Andi Gutmans, co-founder and CTO of Zend. Previously, PHP 'didn't run as well as it should on Windows,' said Gutmans, despite the fact that 75% to 80% of PHP users were developing on Windows workstations."Read more of this storyat Slashdot.

    +Hackers Target MySpace and Facebook
      Stony Stevenson writes "The security firm Fortify Software has warned against a series of attacks against Facebook and MySpace. Buffer overflows that enabled hackers to exploit the Aurigma ActiveX image uploading software used by social networking sites were at the heart of the assault. 'Criminal hackers now view social networking sites as their best target for attacks ... [partially because] such sites are designed to be usable by "unsophisticated" consumers, meaning that the barrier to entry for attacks is potentially lower as users are more likely to click on a link that leads to malware.'"Read more of this storyat Slashdot.

    +Psychologist Beating Math Nerds in Race to Netflix Prize
      s1d writes "An almost-anonymous British psychologist named Gavin Potter has suddenly risen to the top of the Netflix prize charts. With his very first attempt, he got a score which took the BellKor team seven months to reach. Currently at a score of 8.07, he has only five teams ahead of him now in the race for the ultimate Netflix algorithm. 'Potter says his anonymity is mostly accidental. He started that way and didn't come out into the open until after Wired found him. "I guess I didn't think it was worth putting up a link until I had got somewhere," he says, adding that he'd been seriously posting under the name of his venture capital and consulting firm, Mathematical Capital, for two months before launching "Just a guy." When he started competing, he posted to his blog: "Decided to take the Netflix Prize seriously. Looks kind of fun. Not sure where I will get to as I am not an academic or a mathematician. However, being an unemployed psychologist I do have a bit of time."'"Read more of this storyat Slashdot.

    +Security Holes In Google's Android SDK
      Redon Buckeye writes "Google's Android software development kit is using several outdated and vulnerable open-source image processing libraries, some of which can be exploited to take complete control of mobile devices running the Android platform. From the article: 'Several vulnerabilities have been found in Android's core libraries for processing graphic content in some of the most used image formats (PNG, GIF, and BMP). While some of these vulnerabilities stem from the use of outdated and vulnerable open source image-processing libraries, other were introduced by native Android code that uses them or that implements new functionality.'"Read more of this storyat Slashdot.

    +UN Makes Its Statistical Data Free and Searchable
      NorseWolf writes "Since its foundation, the United Nations system has been collecting statistical information from member states on a variety of topics. The information thus collected constitutes a considerable information asset of the organization. However, these statistical data are often stored in proprietary databases, each with unique dissemination and access policies. As a result, users are often unaware of the full array of statistical information that the UN system has in its data libraries. The current arrangement also means that users are required to move from one database to another to access different types of information. UNdata addresses this problem by datapooling major UN databases and those of several other international organizations into one single Internet environment. The innovative design allows a user to access a large number of UN databases either by browsing the data series or through a keyword search."Read more of this storyat Slashdot.

    +Air Force Emails Sensitive Information to Tourism Site
      Khuffie writes "The US Air Force has been sending sensitive information, including flight plans for Air Force One, to a website promoting the town of Mildenhall in Suffolk. When told of the error by the site's owner, the Air Force did not attempt to fix it at first. When reminded at a later time, instead of fixing the issue, they advised the owner to 'block unrecognizable addresses from his domain and have an auto-reply sent reminding people of the official Mildenhall domain and blocked his website from access on base.'"Read more of this storyat Slashdot.

    +Internet Explorer 8 Beta Features Revealed
      Admodieus writes "It seems as though the veil has been lifted on the Internet Explorer 8 beta. Microsoft has revealed a list of the new features in IE8, including two interesting new additions called Activities and WebSlices. From the site: 'Activities are contextual services to quickly access a service from any webpage. Users typically copy and paste from one webpage to another. Internet Explorer 8 Activities make this common pattern easier to do ... WebSlices is a new feature for websites to connect to their users by subscribing to content directly within a webpage. WebSlices behave just like feeds where clients can subscribe to get updates and notify the user of changes.' Also aboard the upgrade train is automatic crash recovery, a favorites toolbar, and improved phishing filter protection. Microsoft has also posted links to download the beta, but none of them are working right now."Read more of this storyat Slashdot.

    +Acid3 Test Released
      An anonymous reader writes ""The Web Standards Project has announced the release of Acid3, the latest test designed to expose flaws in the implementation of mature Web standards in browsers. 'By making sure their software adheres to the test, the creators of these products can be more confident that their software will display and function with Web pages correctly both now and with Web pages of the future. The Acid3 Test is designed to test specifications for Web 2.0, and exposes potential flaws in implementations of the public ECMAScript 262 and W3C Document Object Model 2 standards.' Screenshots at the Drunken Fist site show the success of Safari 3 (which originally scored 31, but is now Scoring 87/100) IE6, and IE7 (massive fail, of course)'." There are additional discussions of the new test happening around the web.Read more of this storyat Slashdot.

    +CS Degrees Low in 2007 But Bouncing Back
      An anonymous reader writes "The number of undergraduate computer science degrees awarded last year hit a new low with the Class of 2007. The degrees awarded, 8,000, as tracked by the Computing Research Association, is only half of what it was five years ago. In 2003-04 — the high point of this decade — 14,185 students were awarded bachelors degrees in computer science from the 170 PhD granting universities tracked by the CRA. That said, after a decade of severe declines, the number of students at top universities declaring themselves as computer science majors is finally seeing an increase. Though it's only a small increase, it's an increase nonetheless. Experts attribute the shift to changes in job market, and also to changes in curriculum and the marketing of comp sci programs."Read more of this storyat Slashdot.

    Archive: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146


    © 2008 Pagerss. All rights reserved to their owners.