Software Glitch Caused 911 Outage For 11 Million People

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

HughPickens.com writes: Brian Fung reports at the Washington Post that earlier this year emergency services went dark for over six hours for more than 11 million people across seven states. “The outage may have gone unnoticed by some, yet for the more than 6,000 people trying to reach help, April 9 may well have been[...]

Windows 0-Day Exploited In Ongoing Attacks

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

An anonymous reader writes: Microsoft is warning users approximately a new Windows zero-day vulnerability that is being actively exploited in the wild & is primarily a risk to users on servers & workstations that open documents with embedded OLE objects. The vulnerability is currently being exploited via PowerPoint files. These specially crafted files contain a[...]

DHS Investigates 24 Potentially Lethal IoT Medical Devices

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

An anonymous reader writes: In the wake of the U.S. Food & Drug Administration’s recent recommendations to strengthen security on net-connected medical devices, the Department of Homeland Security is launching an investigation into 24 cases of potential cybersecurity vulnerabilities in hospital equipment & personal medical devices. Independent security researcher Billy Rios submitted proof-of-concept evidence to[...]

Hungary To Tax Internet Traffic

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

An anonymous reader writes: The Hungarian government has announced a new tax on internet traffic: 150 HUF ($0.62 USD) per gigabyte. In Hungary, a monthly internet subscription costs around 4,000-10,000 HUF ($17-$41), so it could really put a constraint on different service providers, especially for streaming media. This kind of tax could set back the[...]

Xerox Alto Source Code Released To Public

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

zonker writes: In 1970, the Xerox Corporation established the Palo Alto Research Center (PARC) with the goal to develop an “architecture of information” & lay the groundwork for future electronic office products. The pioneering Alto project that began in 1972 invented or refined many of the fundamental hardware & software ideas upon which our modern[...]

Ask Slashdot: Aging and Orphan Open Source Projects?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

osage writes: Several colleagues & I have worked on an open source project for over 20 years under a corporate aegis. Though nothing like Apache, we have a sizable user community & the software is considered one of the de facto standards for what it does. The problem is that we have never been able[...]

First Evidence of Extrasolar Planets Discovered In 1917

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

KentuckyFC writes: Earth’s closest white dwarf is called van Maanen 2 & sits 14 light-years from here. It was discovered by the Dutch astronomer Adriaan van Maanen in 1917, yet it was initially complex to classify. That’s because its spectra contains lots of heavy elements alongside hydrogen & helium, the usual components of a white[...]

Internet Broadband Through High-altitude Drones

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

mwagner writes: Skynet is coming. But not like in the movie: The future of communications is high-altitude solar-powered drones, flying 13 miles above the ground, running microwave wireless equipment, delivering broadband to the whole planet. The articles predicts this technology will replace satellites, fiber, & copper, & fundamentally alter the broadband industry. The author predicts[...]

Isaac Asimov: How Do People Get New Ideas?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

HughPickens.com writes: Arthur Obermayer, a friend of the Isaac Asimov, writes that he recently rediscovered an unpublished essay by Asimov written in 1959 while cleaning out some old files. Obermayer says it is “as broadly relevant today as when he wrote it. It describes not only the creative process & the nature of creative people[...]

Fiber Optics In Antarctica Will Monitor Ice Sheet Melting

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

sciencehabit writes: Earth is rapidly being wired with fiber-optic cables — inexpensive, flexible strands of silicon dioxide that have revolutionized telecommunications. They’ve already crisscrossed the planet’s oceans, linking every continent yet one: Antarctica. Now, fiber optics has arrived at the continent, yet to measure ice sheet temperatures rather than carry telecommunication signals. A team of[...]

Microsoft Introduces Build Cadence Selection With Windows 10

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

jones_supa writes: Microsoft has just released Windows 10 TP build 9860. Along with the new release, Microsoft is introducing an absorbing cadence option for how quickly you will receive new builds. The “ring progression” goes from development, to testing, to release. By being in the slow cadence, you will obtain more stable builds, yet they[...]

Ebola Does Not Require an "Ebola Czar," Nor Calling Up the National Guard

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Lasrick writes: David Ropeik explores risk-perception psychology & Ebola in the U.S. “[O]fficials are up against the inherently emotional & instinctive nature of risk-perception psychology. Pioneering research on this subject by Paul Slovic, Baruch Fischhoff, & others, vast research on human cognition by Daniel Kahneman & colleagues, & research on the brain’s fear response by[...]

Google Leads $542m Funding Round For Augmented Reality Wearables Company

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

An anonymous reader writes: After rumors broke last week, Magic Leap has officially closed the deal on a $542 million Series B investment led by Google. The company has been extremely tight-lipped approximately what they’re working on, yet some digging reveals it is most likely an augmented reality wearable that uses a lightfield display. “Using[...]

TOR Virtual Network Tunneling Tool 0.2.4.25

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Tor is a network of virtual tunnels that allows people & groups to improve their privacy & security on the Internet. It moreover enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations & individuals to share information over public networks[...]

Red Hat Security Advisory 2014-1677-01

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Red Hat Security Advisory 2014-1677-01 – Wireshark is a network protocol analyzer. It is used to capture & browse the traffic running on a computer network. Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code[...]

Red Hat Security Advisory 2014-1676-01

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Red Hat Security Advisory 2014-1676-01 – Wireshark is a network protocol analyzer. It is used to capture & browse the traffic running on a computer network. Multiple flaws were found in Wireshark. If Wireshark read a malformed packet off a network or opened a malicious dump file, it could crash or, possibly, execute arbitrary code[...]

FileBug 1.5.1 Directory Traversal

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

FileBug version 1.5.1 suffers from a directory traversal vulnerability. View Source

Files Document And PDF 2.0.2 Command Execution / Local File Inclusion

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Files Document & PDF version 2.0.2 suffers from a local file inclusion & multiple command execution vulnerabilities. View Source

The Future of Stamps

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

New submitter Kkloe writes: Wired is running a profile of a gadget called Signet, which is trying to bring postage stamps into the age of high technology. Quoting: “At its core, it is a digital stamp & an app. If you want to send a parcel, you’d simply stamp it with a device that uses[...]

WordPress Database Manager 2.7.1 Command Injection / Credential Leak

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

WordPress Database Manager plugin version 2.7.1 suffers from remote command injection & credential leakage vulnerabilities. View Source

The Bogus Batoid Submarine is Wooden, not Yellow (Video)

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

This is a “wet” submarine. It doesn’t try to keep water out. You wear SCUBA gear while pedaling it. And yes, it is powered by a person pushing pedals. That motion, through a drive train, makes manta-style wings flap. This explains the name, since rays are Batoids, & this sub is a fake Batoid, not[...]

Incredible PBX 11 2.0.6.5.0 Remote Command Execution

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Incredible PBX 11 version 2.0.6.5.0 suffers from a remote command execution vulnerability. View Source

HP Security Bulletin HPSBUX03150 SSRT101681

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

HP Security Bulletin HPSBUX03150 SSRT101681 – Potential security vulnerabilities have been identified with the HP-UX Apache Web Server Suite, Tomcat Servlet Engine, & PHP. These could be exploited remotely to create a Denial of Service (DoS) & other vulnerabilities. Revision 1 of this advisory. View Source

Mandriva Linux Security Advisory 2014-199

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Mandriva Linux Security Advisory 2014-199 – Updated perl & perl-Data-Dumper packages fixes security The Dumper method in Data::Dumper before 2.154, allows context-dependent attackers to cause a denial of service (stack consumption & crash) via an Array-Reference with many nested Array-References, which triggers a large number of recursive calls to the DD_dump function. The Data::Dumper module[...]

Mandriva Linux Security Advisory 2014-198

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Mandriva Linux Security Advisory 2014-198 – MediaWiki before 1.23.4 is vulnerable to cross-site scripting due to JavaScript injection via CSS in uploaded SVG files. MediaWiki before 1.23.5 is vulnerable to cross-site scripting due to JavaScript injection via user-specificed CSS in certain special pages. View Source

Mandriva Linux Security Advisory 2014-197

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Mandriva Linux Security Advisory 2014-197 – Python before 2.7.8 is vulnerable to an integer overflow in the buffer type. View Source

Mandriva Linux Security Advisory 2014-196

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Mandriva Linux Security Advisory 2014-196 – Rainer Gerhards, the rsyslog project leader, reported a vulnerability in Rsyslog. As a consequence of this vulnerability an attacker can send malformed messages to a server, if this one accepts data from untrusted sources, & trigger a denial of service attack. View Source

Slackware Security Advisory – openssh Updates

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Slackware Security Advisory – New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, & -current to fix a security issue. View Source

Mandriva Linux Security Advisory 2014-201

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Mandriva Linux Security Advisory 2014-201 – Multiple vulnerabilities has been found & corrected in the Linux kernel. These include stack-based buffer overflows & denial of service issues. View Source

Mandriva Linux Security Advisory 2014-200

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Mandriva Linux Security Advisory 2014-200 – If a new comment was marked private to the insider group, & a flag was set in the same transaction, the comment would be visible to flag recipients even if they were not in the insider group. An attacker creating a new Bugzilla account can override certain parameters when[...]

Samsung Acknowledges and Fixes Bug On 840 EVO SSDs

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Lucas123 writes: Samsung has issued a firmware fix for a bug on its popular 840 EVO triple-level cell SSD. The bug apparently slows read performance tremendously for any data more than a month old that has not been moved around on the NAND. Samsung said in a statement that the read problems occurred on its[...]

NPR: ’80s Ads Are Responsible For the Lack of Women Coders

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

gollum123 writes: Back in the day, computer science was as legitimate a career path for women as medicine, law, or science. But in 1984, the number of women majoring in computing-related subjects began to fall, & the percentage of women is now significantly lower in CS than in those other fields. NPR’s Planet Money sought[...]

Cell Transplant Allows Paralyzed Man To Walk

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

New submitter tiberus sends word of a breakthrough medical treatment that has restored the ability to walk to a man who was paralyzed from the chest down after his spinal cord was severed in a knife attack. A research team from the UK, led by Professor Geoff Raisman, transplanted cells from the patient’s nose, along[...]

Ask Slashdot: Event Sign-Up Software Options For a Non-Profit?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

New submitter don_e_b writes I have been asked by a non-profit to assist them gather a team of volunteer developers, who they wish to have write an online volunteer sign-up site. This organization has a one large event per year with roughly 1400 volunteers total.I have advised them to investigate existing online volunteer offerings, &[...]

Google Adds USB Security Keys To 2-Factor Authentication Options

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

An anonymous reader writes with this excerpt from VentureBeat: Google today announced it is beefing up its two-step verification feature with Security Key, a physical USB second factor that only works after verifying the login site is truly a Google website. The feature is available in Chrome: Instead of typing in a code, you can[...]

Your Online TV Watching Can Now Be Tracked Across Devices

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

itwbennett (1594911) writes A partnership between TV measurement company Nielsen & analytics provider Adobe, announced today, will let broadcasters see (in aggregate & anonymized) how people interact with digital video between devices — for example if you commence watching a show on Netflix on your laptop, then switch to a Roku set-top box to complete[...]

‘Microsoft Lumia’ Will Replace the Nokia Brand

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

jones_supa writes The last emblems of Nokia are being removed from Microsoft products. “Microsoft Lumia” is the new brand name that takes their place. The name alter follows a slow transition from Nokia.com over to Microsoft’s new mobile site, & Nokia France will be the first of many countries that adopt “Microsoft Lumia” for its[...]

Safercar.gov Overwhelmed By Recall For Deadly Airbags

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

darylb writes “The NHTSA’s safercar.gov website appears to be suffering under the load of recent vehicle recalls, including the latest recall of some 4.7 million vehicles using airbags made by Takata. Searching recalls by VIN is non-responsive at present. Searching by year, make, & model hangs after selecting the year. What can sites serving an[...]

Delivering Malicious Android Apps Hidden In Image Files

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

An anonymous reader writes “Researchers have found a way to deliver a malicious app to Android users by hiding it into what seems to be an encrypted image file, which is then delivered via a legitimate, seemingly innocuous wrapper app. Fortinet malware researcher Axelle Apvrille & reverse engineer Ange Albertini created a custom tool they[...]

Speed Cameras In Chicago Earn $50M Less Than Expected

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

countach44 writes that (in the words of the below-linked article) “Chicagoans are costing the city tens of millions of dollars — through satisfactory behavior.” The City of Chicago recently installed speed cameras near parks & schools as part of the “Children’s Safety Zone Program,” claiming a desire to decrease traffic-related incidents in those area. The[...]

Mars Orbiter Beams Back Images of Comet’s Surprisingly Tiny Nucleus

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

astroengine writes The High-Resolution Imaging Science Experiment (HiRISE) camera on board NASA’s Mars Reconnaissance Orbiter (MRO) has become the first instrument orbiting Mars to beam back images of comet Siding Spring’s nucleus & coma. And by default, it has moreover become the first ever mission to photograph a long-period comet’s pristine nucleus on its first[...]

Facebook To DEA: Stop Using Phony Profiles To Nab Criminals

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

HughPickens.com writes: CNNMoney reports that Facebook has sent a letter to the U.S. Drug Enforcement Administration demanding that agents stop impersonating users on the social network. “The DEA’s deceptive actions… threaten the integrity of our community,” Facebook chief security officer Joe Sullivan wrote to DEA head Michele Leonhart. “Using Facebook to impersonate others abuses that[...]

3D-Printed Gun Earns Man Two Years In Japanese Prison

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

jfruh writes: Japan has some of the strictest anti-gun laws in the world, & the authorities there aim to make sure new technologies don’t open any loopholes. 28-year-old engineer Yoshitomo Imura has been sentenced to two years in jail after making guns with a 3D printer in his home in Kawasaki. Read more of this[...]

Australian Physicists Build Reversible Tractor Beam

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

An anonymous reader writes: Physicists at Australian National University have developed a tiny tractor beam that improves in several ways upon previous attempts. First, it operates on scales which, while still tiny, are higher than in earlier experiments. The beam can move particles up to 200 microns in diameter, & it can do so over[...]

Doctor Who To Teach Kids To Code

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

DCFC writes: The BBC is releasing a game to assist 8- to 11-year-old kids obtain into coding. Based on Doctor Who, it alternates between a standard platform game & programming puzzles that introduce the ideas of sequence, loops, if..then, variables & a touch of event-driven programming. Kids will obtain to program a Dalek to make[...]

[remote exploits] – HP Data Protector EXEC_INTEGUTIL Remote Code Execution Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

View Source

[remote exploits] – Joomla Akeeba Kickstart Unserialize Remote Code Execution Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

View Source

[remote exploits] – Numara / BMC Track-It! FileStorageService Arbitrary File Upload Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

View Source

Security Company Tries To Hide Flaws By Threatening Infringement Suit

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

An anonymous reader writes: An RFID-based access control system called IClass is used across the globe to provide physical access controls. This system relies on cryptography to secure communications between a tag & a reader. Since 2010, several academic papers have been released which expose the cryptographic insecurity of the IClass system. Based on these[...]

A Look At Orion’s Launch Abort System

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

An anonymous reader writes: With the construction of Orion, NASA’s new manned spacecraft, comes the creation of a new Launch Abort System — the part of the vehicle that will obtain future astronauts back to Earth safely if there’s a problem at launch. The Planetary Society’s Jason Davis describes it: “When Orion reaches the apex[...]

Numara / BMC Track-It! FileStorageService Arbitrary File Upload

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

This Metasploit module exploits an arbitrary file upload vulnerability in Numara / BMC Track-It! v8 to v11.X. The application exposes the FileStorageService .NET remoting service on port 9010 (9004 for version 8) which accepts unauthenticated uploads. This can be abused by a malicious user to upload a ASP or ASPX file to the web root[...]

Joomla Akeeba Kickstart Unserialize Remote Code Execution

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

This Metasploit module exploits a vulnerability found in Joomla! through 2.5.25, 3.2.5 & earlier 3.x versions & 3.3.0 through 3.3.4 versions. The vulnerability affects the Akeeba component, which is responsible for Joomla! updates. Nevertheless it is worth to note that this vulnerability is only exploitable during the update of the Joomla! CMS. View Source

HP Data Protector EXEC_INTEGUTIL Remote Code Execution

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

This exploit abuses a vulnerability in the HP Data Protector. The vulnerability exists in the Backup client service, which listens by default on TCP/5555. The EXEC_INTEGUTIL request allows to execute arbitrary commands from a restricted directory. Since it includes a perl executable, it’s possible to use an EXEC_INTEGUTIL packet to execute arbitrary code. On linux[...]

Windows OLE Package Manager SandWorm Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Proof of concept exploit builder for the OLE flaw in packager.dll. View Source

32 Cities Want To Challenge Big Telecom, Build Their Own Gigabit Networks

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Jason Koebler writes: More than two dozen cities in 19 states announced today that they’re sick of huge telecom skipping them over for internet infrastructure upgrades & would like to build gigabit fiber networks themselves & assist other cities follow their lead. The Next Century Cities coalition, which includes a couple cities that already have[...]

Asterisk Project Security Advisory – AST-2014-011

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Asterisk Project Security Advisory – Asterisk suffered from the SSL POODLE vulnerability. View Source

Apple Security Advisory 2014-10-20-2

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Apple Security Advisory 2014-10-20-2 – Apple TV 7.0.1 is now available & addresses bluetooth & SSL 3.0 related security vulnerabilities. View Source

Apple Security Advisory 2014-10-20-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Apple Security Advisory 2014-10-20-1 – iOS 8.1 is now available & addresses bluetooth, insufficient cryptographic protection, & various other vulnerabilities. View Source

LiteCart 1.1.2.1 Cross Site Scripting

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

LiteCart version 1.1.2.1 suffers from cross site scripting vulnerabilities. View Source

Debian Security Advisory 3054-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Debian Linux Security Advisory 3054-1 – Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.40. View Source

Red Hat Security Advisory 2014-1671-01

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Red Hat Security Advisory 2014-1671-01 – The rsyslog packages provide an enhanced, multi-threaded syslog daemon that supports writing to relational databases, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, & fine grained output format control. A flaw was found in the way rsyslog handled invalid log message priority values. In certain configurations,[...]

Red Hat Security Advisory 2014-1670-01

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Red Hat Security Advisory 2014-1670-01 – KVM is a full virtualization solution for Linux on AMD64 & Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM in environments managed by Red Hat Enterprise Virtualization Manager. An information leak flaw was found in the way QEMU’s VGA emulator accessed[...]

Red Hat Security Advisory 2014-1669-02

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

Red Hat Security Advisory 2014-1669-02 – KVM is a full virtualization solution for Linux on AMD64 & Intel 64 systems. The qemu-kvm package provides the user-space component for running virtual machines using KVM. An information leak flaw was found in the way QEMU’s VGA emulator accessed frame buffer memory for high resolution displays. A privileged[...]

Rumor: Lenovo In Talks To Buy BlackBerry

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 21, 2014

BarbaraHudson writes: The CBC, the Financial Post, & The Toronto Sun are all reporting a possible sale of BlackBerry to Lenovo. From the Sun: “BlackBerry shares rose more than 3% on Monday after a news website said Chinese computer maker Lenovo Group might offer to buy the Canadian technology company. Rumors of a Lenovo bid[...]

Which Android Devices Sacrifice Battery-Life For Performance?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

MojoKid writes: A couple of weeks ago, Futuremark began handing out copies of PCMark for Android to members of the press, in an effort to obtain its leaderboards filled while the finishing touches were being put on the app. That might donate you pause in that the results, generated today, are not going to be[...]

China Staging a Nationwide Attack On iCloud and Microsoft Accounts

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

New submitter DemonOnIce writes: According to The Verge & original report the site that monitor’s China’s Great Firewall activity, China is conducting a large-scale attack on iCloud & Microsoft accounts using its government firewall software. Chinese users may be facing an unpleasant surprise as they are directed to a dummy site designed to like an[...]

GNU Emacs 24.4 Released Today

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

New submitter Shade writes Well over one & a half years in the works, the latest & greatest release of GNU Emacs was made officially available today. Highlights of this release include a built-in web browser, improved multi-monitor & fullscreen support, “electric” indentation enabled by default, support for saving & restoring the state of frames[...]

[local exploits] – Windows OLE Package Manager SandWorm Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

View Source

More Eye Candy Coming To Windows 10

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

jones_supa writes Microsoft is expected to release a new build of the Windows 10 Technical Preview in the very near future, according to their own words. The only build so far to be released to the public is 9841 yet the next iteration will likely be in the 9860 class of releases. With this new[...]

Help ESR Stamp Out CVS and SVN In Our Lifetime

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

mtaht writes ESR is collecting specifications & donations towards getting a new high end machine to be used for massive CVS & SVN repository conversions, after encountering problems with converting the whole of netbsd over to git. What he’s doing now sort of reminds me of holding a bake sale to build a bomber, yet[...]

NASA’s HI-SEAS Project Results Suggests a Women-Only Mars Crew

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

globaljustin writes “Alan Drysdale, a systems analyst in advanced life support & a contractor with NASA concluded, “Small women haven’t been demonstrated to be appreciably dumber than huge women or huge men, so there’s no reason to select larger people for a flight crew when it’s brain power you want,” says Drysdale. “The logical thing[...]

Debian’s Systemd Adoption Inspires Threat of Fork

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

New submitter Tsolias writes It appears that systemd is still a hot topic in the Debian community. As seen earlier today, there is a new movement shaping up against the adoption of systemd for the upcoming stable release [of Debian], Jessie. They claim that “systemd betrays the UNIX philosophy”; it makes things more complex, thus[...]

Manga Images Depicting Children Lead to Conviction in UK

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

An anonymous reader writes with this news from the UK, as reported by Ars Technica: A 39-year-old UK man has been convicted of possessing illegal cartoon drawings of young girls exposing themselves in school uniforms & engaging in sex acts. The case is believed to be the UK’s first prosecution of illegal manga & anime[...]

AIEngine 0.10

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

AIEngine is a packet inspection engine with capabilities of learning without any human intervention. It helps network/security professionals to identify traffic & develop signatures for use them on NIDS, Firewalls, Traffic classifiers & so on. View Source

HP Security Bulletin HPSBMU03126 2

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HP Security Bulletin HPSBMU03126 2 – Potential security vulnerabilities have been identified with HP Operations Agent. This moreover has an impact on the HP Operations Manager, where the HP Operations Agent is installed. The vulnerabilities could be exploited resulting in remote cross-site scripting (XSS). Revision 2 of this advisory. View Source

HP Security Bulletin HPSBHF03146

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HP Security Bulletin HPSBHF03146 – A potential security vulnerability has been identified with HP Integrity SD2 CB900s i4 & i2. This is the Bash Shell vulnerability known as “Shellshock” which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege[...]

‘Endrun’ Networks: Help In Danger Zones

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

kierny writes Drawing on networking protocols designed to support NASA’s interplanetary missions, two information security researchers have created a networking system that’s designed to transmit information securely & reliably in even the worst conditions. Dubbed Endrun, & debuted at Black Hat Europe, its creators hope the delay-tolerant & disruption-tolerant system — which runs on Raspberry[...]

HP Security Bulletin HPSBHF03145

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HP Security Bulletin HPSBHF03145 – A potential security vulnerability has been identified with HP Integrity Superdome X & HP ConvergedSystem 900 for SAP HANA. This is the Bash Shell vulnerability known as “Shellshock” which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell[...]

HP Security Bulletin HPSBGN03141

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HP Security Bulletin HPSBGN03141 – A potential security vulnerability has been identified with HP Automation Insight. This is the Bash Shell vulnerability known as “Shellshock” which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege & execute unrestricted commands[...]

HP Security Bulletin HPSBGN03142

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HP Security Bulletin HPSBGN03142 – A potential security vulnerability has been identified with HP Business Service Automation Essentials. This is the Bash Shell vulnerability known as “Shellshock” which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege & execute[...]

Barometers In iPhones Mean More Crowdsourcing In Weather Forecasts

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

cryptoz (878581) writes Apple is now adding barometers to its mobile devices: both new iPhones have valuable atmospheric pressure sensors being used for HealthKit (step counting). Since many Android devices have been carrying barometers for years, scientists like Cliff Mass have been using the sensor data to improve weather forecasts. Open source data collection projects[...]

HP Security Bulletin HPSBST03097

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HP Security Bulletin HPSBST03097 – A potential security vulnerability has been identified with HP Command View for Tape Libraries (CVTL) running OpenSSL with SMI-S client when retrieving information from legacy tape libraries. The OpenSSL vulnerability could be exploited remotely resulting in unauthorized access or disclosure of information. Revision 1 of this advisory. View Source

HP Security Bulletin HPSBST03129

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HP Security Bulletin HPSBST03129 – A potential security vulnerability has been identified with HP StoreFabric B-series switches running Bash Shell. This is the Bash Shell vulnerability known as “ShellShock” which could be exploited remotely to allow execution of code. Revision 1 of this advisory. View Source

An Algorithm to End the Lines for Ice at Burning Man

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

Any gathering of 65,000 people in the dessert is going to require some major infrastructure to maintain health & sanity. At Burning Man, some of that infrastructure is devoted to a supply chain for ice. Writes Bennett Haselton, The lines for ice bags at Burning Man could be cut from an hour long at peak[...]

Newtelligence dasBlog 2.3 Open Redirect

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

Newtelligence dasBlog versions 2.1 through 2.3 suffer from an open redirection vulnerability. View Source

OpenMRS 2.1 Access Bypass / XSS / CSRF

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

OpenMRS version 2.1 suffers from access bypass, cross site request forgery, & cross site scripting vulnerabilities. View Source

Developers, IT Still Racking Up (Mostly) High Salaries

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

Nerval’s Lobster (2598977) writes Software development & IT remain usual jobs among those in the higher brackets, although not the topmost one, according to a new study (with graph) commissioned by NPR. Among those earning between $58,000 & $72,000, IT was the sixth-most-popular job, while software developers came in tenth place. In the next bracket[...]

Debian Security Advisory 3050-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

Debian Linux Security Advisory 3050-1 – Multiple security issues have been found in Iceweasel, Debian’s version overflows, use-after-frees & other implementation errors may lead to the execution of arbitrary code, denial of service, the bypass of the same-origin policy or a loss of privacy. View Source

Google Changes ‘To Fight Piracy’ By Highlighting Legal Sites

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

mrspoonsi writes Google has announced changes to its search engine in an attempt to curb online piracy. The company has long been criticised for enabling people to find sites to download entertainment illegally. The entertainment industry has argued that illegal sites should be “demoted” in search results. The new measures, mostly welcomed by music trade[...]

How Lobby Groups Rejected the Canadian Government’s Plan To Combat Patent Trolls

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

An anonymous reader writes Michael Geist reports that according to documents recently obtained under the Access to Information Act, the Canadian government quietly proposed a series of reforms to combat patent trolls including new prohibitions on demand letters, powers to the courts to stop patent forum shopping, & giving competition authorities the ability to deal[...]

Ubuntu Turns 10

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

Scott James Remnant, now Technical Lead on ChromeOS, was a Debian developer before that. That’s how he became involved from the beginning (becoming Developer Manager, & then serving on the Technical Board) on the little derivative distribution that Mark Shuttleworth decided to make of Debian Unstable, & for which the name Ubuntu was eventually chosen.[...]

HP Security Bulletin HPSBST03131

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HP Security Bulletin HPSBST03131 – A potential security vulnerability has been identified with certain HP StoreOnce Backup systems running Bash Shell. This is the Bash Shell vulnerability known as “Shellshock” which could be exploited remotely to allow execution of code. NOTE: Versions of HP StoreOnce Backup software prior to 3.11.4 contain the vulnerable version of[...]

HP Security Bulletin HPSBMU03144

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HP Security Bulletin HPSBMU03144 – A potential security vulnerability has been identified with HP Operation Agent Virtual Appliance. This is the Bash Shell vulnerability known as “Shellshock” which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege & execute[...]

Microsoft Gearing Up To Release a Smartwatch of Its Own

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

SmartAboutThings writes The smartwatch market is still in its nascent form, yet with Apple releasing its AppleWatch in early 2015, things are going to change. And Microsoft wants to make sure it’s not late to the party, as it has been so many times in the past. That’s why it plans on releasing its own[...]

HP Security Bulletin HPSBMU03143

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HP Security Bulletin HPSBMU03143 – A potential security vulnerability has been identified with HP Virtualization Performance Viewer. This is the Bash Shell vulnerability known as “Shellshock” which could be exploited remotely to allow execution of code. This vulnerability allows users that have been granted access to a shell script to escalate privilege & execute unrestricted[...]

HP Security Bulletin HPSBHF03084 2

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HP Security Bulletin HPSBHF03084 2 – Potential security vulnerabilities have been identified with certain HP consumer notebook PCs, HP commercial notebook PCs, HP consumer desktop PCs, HP commercial workstation PCs, Retail Solutions & Thin Clients with UEFI Firmware. The vulnerabilities could be exploited to allow execution of arbitrary code. Revision 2 of this advisory. View[...]

IBM Pays GlobalFoundries $1.5 Billion To Shed Its Chip Division

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

helix2301 writes with word that Big Blue has become slightly smaller: IBM will pay $1.5 billion to GlobalFoundries in order to shed its costly chip division. IBM will make payments to the chipmaker over three years, yet it took a $4.7 billion charge for the third quarter when it reported earnings Monday. The company fell[...]

Mozilla.org Cross Site Scripting

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

Multiple mozilla.org subdomains suffer from cross site scripting vulnerabilities. View Source

The Largest Ship In the World Is Being Built In Korea

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

HughPickens.com writes Alastair Philip Wiper writes that at 194 feet wide & 1,312 feet long, the Matz Maersk Triple E is the largest ship ever built, capable of carrying 18,000 20-foot containers. Its propellers weigh 70 tons apiece & it is too huge for the Panama Canal, though it can shimmy through the Suez. A[...]

Ask Slashdot: LTE Hotspot As Sole Cellular Connection?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 20, 2014

New submitter iamacat writes I am thinking of canceling my regular voice plan & using an LTE hotspot for all my voice & data needs. One huge draw is ability to easily use multiple devices without expensive additional lines or constantly swapping SIMs. So I can have an ultra compact Android phone & an iPod[...]

Tags
Online Now
Welcome , today is Wednesday, October 22, 2014