http://it.slashdot.org/ News for nerds, stuff that matters en-us Copyright 1997-2008, SourceForge, Inc. All Rights Reserved. 2008-05-09T21:40:24+00:00 SourceForge, Inc. help@slashdot.org Technology hourly 1 1970-01-01T00:00+00:00 http://images.slashdot.org/topics/topicslashdot.gif http://it.slashdot.org/ http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/286970578/article.pl There are new developments in the case of the counterfeit Cisco routers, which we have been discussing for some time. The NYTimes updates the story after an FBI PowerPoint presentation made its way onto the Web. It seems that experts at Cisco have examined some of the counterfeit routers in detail and proclaimed that they contain no back doors. Others don't believe we can be so sure. "Last month, [DARPA] began distributing chips with hidden Trojan horse circuitry to military contractors who are participating in the agency's Trusted Integrated Circuits program. The goal is to test forensic techniques for finding hidden electronic trap doors, which can be maddeningly elusive... The threat was demonstrated in April when a team of computer scientists from the University of Illinois presented a paper at a technical conference in San Francisco detailing how they had modified a Sun Microsystems SPARC microprocessor... The researchers were able to create a stealth system that would allow them to automatically log in to a computer and steal passwords."<p><a href="http://it.slashdot.org/article.pl?sid=08/05/09/164201&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/09/164201"></a></p><p><a href="http://it.slashdot.org/article.pl?sid=08/05/09/164201&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=fnWkzQ"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=fnWkzQ" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/286970578" height="1" width="1"/> kdawson 2008-05-09T17:06:00+00:00 security who-do-you-trust it 123 123,119,95,74,28,22,14 http://it.slashdot.org/article.pl?sid=08/05/09/164201&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/286839670/article.pl ozmanjusri writes "According to Information Week, within hours of its wide availability Windows XP SP3 had drawn hundreds of complaints from users who claim the update is wreaking havoc on their computers. One user said in a Microsoft newsgroup: 'I downloaded and installed [the SP3] package for IT Professionals and Developers on one of my computers. Now I can't get the computer to boot. I don't think Microsoft should have made this a critical update.' Other sites including IT Wire are also reporting problems, which include include random reboots or the inability to boot at all." Note that XP3 won't install on systems running beta IE8; and after a successful SP3 install users will no longer be able to downgrade from IE7 to IE6.<p><a href="http://tech.slashdot.org/article.pl?sid=08/05/09/1258229&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/09/1258229"></a></p><p><a href="http://tech.slashdot.org/article.pl?sid=08/05/09/1258229&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=bamjSt"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=bamjSt" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/286839670" height="1" width="1"/> kdawson 2008-05-09T13:40:00+00:00 windows shun-the-frumious-bandersnatch tech 561 561,551,461,340,95,60,40 http://tech.slashdot.org/article.pl?sid=08/05/09/1258229&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/286414478/article.pl jcatcw points out a blog entry by Scott McPherson, CIO for the Florida House of Representatives. McPherson condemns the state of data sharing and data mining in law enforcement, saying that the US causes itself a great deal of trouble by focusing more on "antiterror armor and nuke-sniffing devices" than a useful information distribution network. He discusses a few such projects, and how they could have directly affected the events of 9/11. Quoting: "One of those ingenious things that actually worked, Seisint founder Hank Asher's brilliant MATRIX system, remains mired in controversy and politics. Hank showed me MATRIX just a few short weeks after the 9/11 attacks. Using law enforcement data and commercial data, all of the commercial data available in the public domain, Asher's query produced [hijacker Mohamed] Atta's photo -- and about 80 others, many of them fellow 9/11 hijackers, many of them associates of the 9/11 hijackers. It was simple data mining and algorithms, and none of the information was obtained illegally."<p><a href="http://news.slashdot.org/article.pl?sid=08/05/08/2222254&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/08/2222254"></a></p><p><a href="http://news.slashdot.org/article.pl?sid=08/05/08/2222254&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=RAfriJ"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=RAfriJ" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/286414478" height="1" width="1"/> Soulskill 2008-05-08T23:05:00+00:00 usa can't-they-just-google-it news 134 134,129,101,80,29,19,10 http://news.slashdot.org/article.pl?sid=08/05/08/2222254&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/286244574/article.pl Esther Schindler writes "CSO has an annotated, zoomable map of real botnet topologies showing the interconnections between the compromised computers and the command-and-control systems that direct them. The map is based on work by security researcher David Voreland; it has interactive controls so you can zoom in and explore botnets' inner workings. Hackers use botnets for spamming, DDoS attacks and identity theft. One recent example is the Storm botnet, which may have comprised 1 million or more zombie systems at its peak. As with any networking challenge, there are good (resilient) designs and some not-so-good ones. In some cases the topology may be indicative of a particular botnet's purpose, or of a herder on the run."<p><a href="http://it.slashdot.org/article.pl?sid=08/05/08/1632258&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/08/1632258"></a></p><p><a href="http://it.slashdot.org/article.pl?sid=08/05/08/1632258&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=ym7r4I"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=ym7r4I" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/286244574" height="1" width="1"/> timothy 2008-05-08T17:51:00+00:00 security when-jerks-are-smart it 121 121,115,82,61,24,15,10 http://it.slashdot.org/article.pl?sid=08/05/08/1632258&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/286079424/article.pl An anonymous reader writes "Wired.com is reporting that the Firefox browser has been unknowingly distributing a trojan with the Firefox Vietnamese language pack. Over 16,000 downloads of the pack occurred since being infected. This highlights a risk on relying on user-submitted Firefox extensions, or a lack of peer-review of the extensions, many of which receive frequent upgrades."<p><a href="http://tech.slashdot.org/article.pl?sid=08/05/08/1236229&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/08/1236229"></a></p><p><a href="http://tech.slashdot.org/article.pl?sid=08/05/08/1236229&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=YDEWuu"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=YDEWuu" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/286079424" height="1" width="1"/> timothy 2008-05-08T13:16:00+00:00 mozilla when-childhood-goes-wrong tech 199 199,191,149,113,42,23,11 http://tech.slashdot.org/article.pl?sid=08/05/08/1236229&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/285687427/article.pl SecureThroughObscure writes "ZDNet Zero-Day security blogger Nate McFeters got an exclusive look at the Microsoft Blue Hat conference. This is an invite-only conference that few media get to attend, but apparently McFeters was brought in with co-worker Rob Carter to talk about some vulnerabilities they had discovered with a few product security teams in attendence, and was also asked to do a guest blog posting about the conference at the Microsoft Blue Hat blog. McFeters also included several pictures of the conference and after conference events."<p><a href="http://it.slashdot.org/article.pl?sid=08/05/07/2150255&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/07/2150255"></a></p><p><a href="http://it.slashdot.org/article.pl?sid=08/05/07/2150255&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=KNWfKT"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=KNWfKT" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/285687427" height="1" width="1"/> samzenpus 2008-05-07T23:00:00+00:00 security protect-the-collective it 65 65,64,49,35,18,11,4 http://it.slashdot.org/article.pl?sid=08/05/07/2150255&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/285600870/article.pl Stony Stevenson writes "It has surfaced that the US State Department can't account for up to about 1,000 laptops, perhaps as many as 400 of which belonged to the department's Anti-Terrorism Assistance Program. Internal auditors found that the department lost track of $30 million worth of computer equipment, 'the vast majority of which... perhaps as much as 99 percent,' were laptops, according to one official. Another official calculated that the average State Department laptop costs US$3,000 and figured that meant as many as 1,000 laptops might be astray &mdash; not 10,000 laptops as the US$30 million figure suggests. They're obviously not very good at maths."<p><a href="http://it.slashdot.org/article.pl?sid=08/05/07/1857210&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/07/1857210"></a></p><p><a href="http://it.slashdot.org/article.pl?sid=08/05/07/1857210&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=tV4fnS"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=tV4fnS" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/285600870" height="1" width="1"/> timothy 2008-05-07T19:51:00+00:00 security around-here-someplace-gimme-a-minute it 222 222,220,169,133,44,24,17 http://it.slashdot.org/article.pl?sid=08/05/07/1857210&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/285568338/article.pl perlow writes "Using the free System Rescue CD you can perform bare-metal backups and restores of many types of computer systems. In this article, ZDNet columnist Jason Perlow explains the multi-step procedure in detail on an LVM-based system."<p><a href="http://tech.slashdot.org/article.pl?sid=08/05/07/1831206&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/07/1831206"></a></p><p><a href="http://tech.slashdot.org/article.pl?sid=08/05/07/1831206&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=iE6ebm"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=iE6ebm" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/285568338" height="1" width="1"/> timothy 2008-05-07T19:00:00+00:00 os you-may-touch-only-the-heavy-atoms tech 34 34,34,27,25,11,4,0 http://tech.slashdot.org/article.pl?sid=08/05/07/1831206&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/285559337/article.pl Ben Rothke writes "There are two types of writers about terrorism, experts such as Daniel Pipes and Steven Emerson who write from a distance and others that write graphic tales of first-hand from the trenches war stories. Terrorist Recognition Handbook: A Practitioner's Manual for Predicting and Identifying Terrorist Activities, is unique in that author Malcolm Nance is a 20-year veteran of the U.S. intelligence community and writes from a first hand-perspective, but with the organization and methodology of writers such as Pipes and Emerson. Those combined traits make the book extraordinarily valuable and perhaps the definitive text on terrorist recognition." Read below for the rest of Ben's review<p><a href="http://books.slashdot.org/article.pl?sid=08/05/07/139243&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/07/139243"></a></p><p><a href="http://books.slashdot.org/article.pl?sid=08/05/07/139243&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=rnmLM2"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=rnmLM2" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/285559337" height="1" width="1"/> samzenpus 2008-05-07T18:36:00+00:00 security get-em-up-against-the-wall books 335 335,328,251,168,51,28,21 http://books.slashdot.org/article.pl?sid=08/05/07/139243&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/285514163/article.pl Sean0michael writes "OpenOffice.org has announced their 3.0 Beta is ready for testing. The new version includes some great enhancements, including MS Office 2007 import filters, an improved notes feature, a built-in Solver component, and an Aqua interface for Macs. The site has a complete list of Beta features. Download your beta release from their site."<p><a href="http://tech.slashdot.org/article.pl?sid=08/05/07/1710202&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/07/1710202"></a></p><p><a href="http://tech.slashdot.org/article.pl?sid=08/05/07/1710202&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=uM8jXg"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=uM8jXg" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/285514163" height="1" width="1"/> timothy 2008-05-07T17:11:00+00:00 software better-each-time-mostly tech 387 387,382,331,261,88,47,27 http://tech.slashdot.org/article.pl?sid=08/05/07/1710202&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/284974959/article.pl Presto Vivace sends news of a server found by security firm Finjan that contained a 1.4-GB cache of stolen data, accumulated over a period of less than a month from compromised PCs around the world. The "crimeserver," as Finjan dubs it, "provided command and control functions for malware attacks in addition to being a drop site for data harvested from compromised computers. ... The stolen data consisted of 5,388 unique log files including 1,037 from Turkey, 621 from Germany, 571 from the United States, 322 from France, 308 from India and 232 from Britain." Oddly enough, the data was stored in the open, with not even basic auth to protect it. Finjan notes in their press release that this huge trove of data gathered over a short period of time indicates that the crimeware problem is far larger than most observers have been assuming. Update: 05/08 12:29 GMT by T : Note, the security firm involved is spelled "Finjan," not "Finjin" as originally shown.<p><a href="http://it.slashdot.org/article.pl?sid=08/05/06/2239221&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/06/2239221"></a></p><p><a href="http://it.slashdot.org/article.pl?sid=08/05/06/2239221&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=WYhToA"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=WYhToA" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/284974959" height="1" width="1"/> Presto Vivace (posted by kdawson) 2008-05-06T23:12:00+00:00 security gotta-store-it-somewhere it 114 114,108,95,70,26,18,14 http://it.slashdot.org/article.pl?sid=08/05/06/2239221&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/284953410/article.pl QtPi writes "Trolltech has announced the availability of Qt 4.4, the cross-platform software development framework. Ars Technica has an in-depth look at the release, which include an integrated WebKit-based HTML rendering engine, the new Phonon multimedia framework, support for Windows CE, and significant improvements to the QGraphicsView system. 'Qt 4.4 brings a lot of rich new capabilities to the toolkit that are sure to please open source and commercial software developers. It sounds like Trolltech already has some nice plans for Qt 4.5, and we will hopefully get to hear more about the long-term roadmap after Nokia completes its acquisition.'"<p><a href="http://tech.slashdot.org/article.pl?sid=08/05/06/2142252&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/06/2142252"></a></p><p><a href="http://tech.slashdot.org/article.pl?sid=08/05/06/2142252&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=0tAeHY"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=0tAeHY" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/284953410" height="1" width="1"/> kdawson 2008-05-06T22:26:00+00:00 programming cute-and-brainy-with-it tech 248 248,240,200,160,48,26,15 http://tech.slashdot.org/article.pl?sid=08/05/06/2142252&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/284811851/article.pl LinucksGirl writes "Ext4 is the latest in a long line of Linux file systems, and it's likely to be as important and popular as its predecessors. As a Linux system administrator, you should be aware of the advantages, disadvantages, and basic steps for migrating to ext4. This article explains when to adopt ext4, how to adapt traditional file system maintenance tool usage to ext4, and how to get the most out of the file system."<p><a href="http://linux.slashdot.org/article.pl?sid=08/05/06/1650257&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/06/1650257"></a></p><p><a href="http://linux.slashdot.org/article.pl?sid=08/05/06/1650257&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=xUBtQt"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=xUBtQt" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/284811851" height="1" width="1"/> timothy 2008-05-06T17:32:00+00:00 storage or-you-could-guess linux 302 302,301,258,211,70,42,30 http://linux.slashdot.org/article.pl?sid=08/05/06/1650257&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/284764700/article.pl jcatcw writes "Steven J. Vaughan-Nichols considers the dissimilarities between malware of yore and current infiltrations as we approach the 20th anniversary of the Robert Morris worm. Modern malware apps curl up and make themselves at home in your system, where they wait for a chance to snatch an important password or a credit card number. Welcome to the era of capitalist hacking. Any self-respecting malware program today is polymorphic, making signature-based antivirus approaches difficult. Heuristics and virtual sandboxes offer alternatives, but all such methods are reactive. Unfortunately, monitoring lists and networks is about the only current alternative."<p><a href="http://it.slashdot.org/article.pl?sid=08/05/06/168256&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/06/168256"></a></p><p><a href="http://it.slashdot.org/article.pl?sid=08/05/06/168256&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=hwq2hl"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=hwq2hl" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/284764700" height="1" width="1"/> timothy 2008-05-06T16:33:00+00:00 security might-as-well-enjoy-it it 62 62,62,55,42,12,6,1 http://it.slashdot.org/article.pl?sid=08/05/06/168256&from=rss http://rss.slashdot.org/~r/Slashdot/slashdotIt/~3/284736819/article.pl StarEmperor writes "Gamasutra has a good feature about four grad students who created 50 games in one semester. The article presents their insights about game design, evaluating gameplay, and generally what makes for a fun game."<p><a href="http://developers.slashdot.org/article.pl?sid=08/05/06/1516228&amp;from=rss"><img src="http://it.slashdot.org/slashdot-it.pl?from=rss&amp;op=image&amp;style=h0&amp;sid=08/05/06/1516228"></a></p><p><a href="http://developers.slashdot.org/article.pl?sid=08/05/06/1516228&amp;from=rss">Read more of this story</a> at Slashdot.</p> <p><a href="http://rss.slashdot.org/~a/Slashdot/slashdotIt?a=AYFasm"><img src="http://rss.slashdot.org/~a/Slashdot/slashdotIt?i=AYFasm" border="0"></img></a></p><img src="http://rss.slashdot.org/~r/Slashdot/slashdotIt/~4/284736819" height="1" width="1"/> timothy 2008-05-06T15:53:00+00:00 programming espresso-subscription developers 71 71,69,52,32,14,10,7 http://developers.slashdot.org/article.pl?sid=08/05/06/1516228&from=rss Search Slashdot stories query http://it.slashdot.org/search.pl