×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

  • OpenSSL: the New Face of Technology Monoculture

    chicksdaddy writes: "In a now-famous 2003 essay, 'Cyberinsecurity: The Cost of Monopoly,' Dr. Dan Geer argued, persuasively, that Microsoft's operating system monopoly constituted a grave risk to the security of the United States and international security, as well. It was in the interest of the U.S. government and others to break Redmond's monopoly, or at least to lessen Microsoft's ability to 'lock in' customers and limit choice. The essay cost Geer his job at the security consulting firm AtStake, which then counted Microsoft as a major customer. These days Geer is the Chief Security Officer at In-Q-Tel, the CIA's venture capital arm. But he's no less vigilant of the dangers of software monocultures. In a post at the Lawfare blog, Geer is again warning about the dangers that come from an over-reliance on common platforms and code. His concern this time isn't proprietary software managed by Redmond, however, it's common, oft-reused hardware and software packages like the OpenSSL software at the heart (pun intended) of Heartbleed. 'The critical infrastructure's monoculture question was once centered on Microsoft Windows,' he writes. 'No more. The critical infrastructure's monoculture problem, and hence its exposure to common mode risk, is now small devices and the chips which run them.'"

    66 comments | 7 hours ago

  • The $5,600 Tablet

    An anonymous reader writes "Tablets have come a long way in the past few years, and it has become possible to find a capable device for under $200. But what about the tablets pushing toward the high end of the spectrum? Xplore Technologies sells a line of tablets that top out at $5,600. Who on earth would pay that much? The military, of course. 'The DMSR models both have handles and are encased in tough protective covers. They can be dropped more than 2 meters onto a plywood floor and 1.2 meters onto concrete, and can operate in temperatures between -30 and 140 degrees Fahrenheit (-34 to 60 degrees Celsius). They've been tested to the U.S. military's tough MIL-STD-810G standard for extreme conditions. The tablets run Windows and come with Intel's latest Core i5 or i7 Haswell processors. Solid-state drive options extend to 480GB. ... They display images at 1024 x 768 resolution. That's less than some cheaper Windows tablets, but Xplore claims to offer excellent LCD visibility in sunlight thanks to a display luminescence of 1,300 NITS. The tablets have internal fans but can still run for up to eight-and-a-half hours on a 10-cell battery, Xplore said. They weigh a hefty 2.4 kilograms.'"

    89 comments | yesterday

  • Ask Slashdot: System Administrator Vs Change Advisory Board

    thundergeek (808819) writes "I am the sole sysadmin for nearly 50 servers (win/linux) across several contracts. Now a Change Advisory Board (CAB) is wanting to manage every patch that will be installed on the OS and approve/disapprove for testing on the development network. Once tested and verified, all changes will then need to be approved for production. Windows servers aren't always the best for informing admin exactly what is being 'patched' on the OS, and the frequency of updates will make my efficiency take a nose dive. Now I'll have to track each KB, RHSA, directives and any other 3rd party updates, submit a lengthy report outlining each patch being applied, and then sit back and wait for approval. What should I use/do to track what I will be installing? Is there already a product out there that will make my life a little less stressful on the admin side? Does anyone else have to go toe-to-toe with a CAB? How do you handle your patch approval process?"

    293 comments | about a week ago

  • Microsoft Brings Office Online To Chrome OS; Ars Reviews Windows Phone 8.1

    SmartAboutThings (1951032) writes "While we are still waiting for the official Windows 8.1 touch-enabled apps to get launched on the Windows Store, Microsoft went and decided that it's time to finally bring the Office online apps to the Chrome Web Store, instead. Thus, Microsoft is making the Web versions of its Word, Excel, PowerPoint and OneNote apps available to users through the Chrome Web Store and also improving all of them with new features, along with several bug fixes and performance improvements." More on the Microsoft front: an anonymous reader wrote in with a link to Ars Technica's review of the upcoming Windows Phone 8.1 release: "It is a major platform update even if it is just a .1 release. Updates include the debut of Cortana, using the same kernel as Windows 8.1 and the Xbox One, a notebook reminder app, inner circle friend management, IE 11, Nokia's camera app by default, lock screen and background customizations, a much improved email client with calendar support, more general Windows 8.1 API inclusion for better portability, and a notification center. Ars rated it more of a Windows Phone 9 release than .1 update."

    69 comments | about a week ago

  • Microsoft Confirms It Is Dropping Windows 8.1 Support

    snydeq (1272828) writes "Microsoft TechNet blog makes clear that Windows 8.1 will not be patched, and that users must get Windows 8.1 Update if they want security patches, InfoWorld's Woody Leonhard reports. 'In what is surely the most customer-antagonistic move of the new Windows regime, Steve Thomas at Microsoft posted a TechNet article on Saturday stating categorically that Microsoft will no longer issue security patches for Windows 8.1, starting in May,' Leonhard writes. 'Never mind that Windows 8.1 customers are still having multiple problems with errors when trying to install the Update. At this point, there are 300 posts on the Microsoft Answers forum thread 'Windows 8.1 Update 1 Failing to Install with errors 0x80070020, 80073712 and 800F081F.' The Answers forum is peppered with similar complaints and a wide range of errors, from 800F0092 to 80070003, for which there are no solutions from Microsoft. Never mind that Microsoft itself yanked Windows 8.1 Update from the corporate WSUS update server chute almost a week ago and still hasn't offered a replacement.'"

    575 comments | about two weeks ago

  • First Phase of TrueCrypt Audit Turns Up No Backdoors

    msm1267 (2804139) writes "A initial audit of the popular open source encryption software TrueCrypt turned up fewer than a dozen vulnerabilities, none of which so far point toward a backdoor surreptitiously inserted into the codebase. A report on the first phase of the audit was released today (PDF) by iSEC Partners, which was contracted by the Open Crypto Audit Project (OCAP), a grassroots effort that not only conducted a successful fundraising effort to initiate the audit, but raised important questions about the integrity of the software.

    The first phase of the audit focused on the TrueCrypt bootloader and Windows kernel driver; architecture and code reviews were performed, as well as penetration tests including fuzzing interfaces, said Kenneth White, senior security engineer at Social & Scientific Systems. The second phase of the audit will look at whether the various encryption cipher suites, random number generators and critical key algorithms have been implemented correctly."

    171 comments | about two weeks ago

  • IRS Misses XP Deadline, Pays Microsoft Millions For Patches

    An anonymous reader writes "When Microsoft terminated official support for Windows XP on April 8th, many organizations had taken the six years of warnings to heart and migrated to another operating system. But not the U.S. Internal Revenue Service. Only 52,000 of their 110,000 Windows-powered computers have been upgraded to Windows 7. They'll now be forced to pay Microsoft for Custom Support. How much? Using Microsoft's standard rate of $200 per PC, it'll be $11.6 million for one year. That leaves $18.4 million of their $30 million budget to finish the upgrades themselves, which works out to $317 per computer."

    322 comments | about two weeks ago

  • The New 'One Microsoft' Is Finally Poised For the Future

    redletterdave writes: "The stodgy old enterprise company whose former CEO once called open source Linux a 'cancer' is gone. So is its notorious tendency to keep developers and consumers within its walled gardens. The 'One Microsoft' goal that looked like more gaseous corporate rhetoric upon its debut last summer now is instead much closer to actual reality. No longer are there different kernels for Windows 8, Windows Phone or Windows RT it's now all just One Windows. As goes the Windows kernel, so goes the entire company. Microsoft finally appears to have aimed all its guns outside the company rather than at internal rivals. Now it needs to rebuild its empire upon this new reality."

    270 comments | about two weeks ago

  • Ask Slashdot: How To Start With Linux In the Workplace?

    An anonymous reader writes "Recently my boss has asked me about the advantages of Linux as a desktop operating system and if it would be a good idea to install it instead of upgrading to Windows 7 or 8. About ten boxes here are still running Windows XP and would be too old to upgrade to any newer version of Windows. He knows that i am using Linux at work on quite outdated hardware (would have gotten a new PC but never requested new hardware — Linux Mint x64 runs quite well on it) and i always managed to get my stuff done with it. I explained to him that there are no licensing issues with Linux, there is no anti-virus software to deal with and that Linux is generally a bit more efficient on old hardware than operating systems from Microsoft. The boss seems interested." But that's not quite the end; read on for this reader's question.

    451 comments | about two weeks ago

  • Stung By File-Encrypting Malware, Researchers Fight Back

    itwbennett (1594911) writes "When Jose Vildoza's father became the victim of ransomware, he launched his own investigation. Diving into CryptoDefense's code, he found its developers had made a crucial mistake: CryptoDefense used Microsoft's Data Protection API (application programming interface), a tool in the Windows operating system to encrypt a user's data, which stored a copy of the encryption keys on the affected computer. Vildoza and researcher Fabian Wosar of the Austrian security company Emsisoft collaborated on a utility called the Emsisoft Decrypter that could recover the encrypted keys. In mid-March Vildoza had launched a blog chronicling his investigation, purposely not revealing the mistake CryptoDefense's authors had made. But Symantec then published a blog post on March 31 detailing the error."

    84 comments | about two weeks ago

  • Google Chrome 34 Is Out: Responsive Images, Supervised Users

    An anonymous reader writes "Google today released Chrome version 34 for Windows, Mac, and Linux. The new version includes support for responsive images, an unprefixed version of the Web Audio API, and importing supervised users. You can update to the latest release now using the browser's built-in silent updater, or download it directly from google.com/chrome."

    115 comments | about two weeks ago

  • China Approves Microsoft-Nokia Deal, Gets Patent Concessions In Return

    itwbennett writes: "On Tuesday, China's Ministry of Commerce gave conditional regulatory approval to Microsoft's purchase of Nokia's Devices & Services business. The $7.2 billion deal means that Microsoft could very soon produce its own smartphones using the Windows Phone operating system. In return, China is requiring Microsoft and Nokia to make promises on fair patent use, fearing that the proposed acquisition between the two companies could spell trouble for the nation's Android device makers."

    26 comments | about two weeks ago

  • Windows 8.1 Update Released, With Improvements For Non-Touch Hardware

    DroidJason1 (3589319) writes "Microsoft has released the highly anticipated Windows 8.1 Update, adding numerous improvements for non-touch consumers based on feedback. It is also a required update for Windows 8.1, otherwise consumers will no get any future security updates after May 2014. Most of the changes in the update are designed to appease non-touch users, with options to show apps on the desktop taskbar, the ability to see show the taskbar above apps, and a new title bar at the top of apps with options to minimize, close, or snap apps."

    294 comments | about two weeks ago

  • Meet the Diehards Who Refuse To Move On From Windows XP

    Hugh Pickens DOT Com (2995471) writes "Nearly every longtime Windows user looks back on Windows XP with a certain fondness, but the party's over according to Microsoft. 'It's time to move on,' says Tom Murphy, Microsoft's director of communications for Windows. 'XP was designed for a different era.' But Ian Paul writes in PC World that many people around the world refuse to give up on XP. But why? What's so great about an operating system that was invented before the age of Dropbox and Facebook, an OS that's almost as old as the original Google search engine? Bob Appel, a retiree based in Toronto, says he uses 12 PCs in a personal Dropbox-like network—10 of which are running XP. 'I use a third-party firewall, a free virus checker, and run Housecall periodically,' says Appel. 'My Firefox browser uses Keyscrambler, HTTPS Anywhere, Ghostery, and Disconnect. I also have a VPN account (PIA) when traveling. For suspicious email attachments, I deploy private proprietary bioware (me!) to analyze before opening. All the "experts" say I am crazy. Thing is, I stopped the security updates in XP years ago after a bad update trashed my system, and yet I have never been infected, although online for hours each day. So, crazy though I be, I am sticking with XP.'" (Read more, below.)

    641 comments | about two weeks ago

  • Judge (Tech) Advice By Results

    Bennett Haselton writes "What advice would you give someone who just bought a new laptop? What would you tell someone about how to secure their webserver against attacks? For that matter, how would you tell someone to prepare for their first year at Burning Man? I submit that the metric by which we usually judge tech advice, and advice in general, is fundamentally flawed, and has bred much of the unhelpful tech advice out there." Read below to see what Bennett has to say.

    162 comments | about two weeks ago

  • Should Microsoft Be Required To Extend Support For Windows XP?

    An anonymous reader writes "If Windows XP were a photocopier, Microsoft would have a duty to deal with competitors who sought to provide aftermarket support. A new article in the Michigan Law Review argues that Microsoft should be held to the same duty, and should be legally obligated to help competitors who wish to continue to provide security updates for the aging operating system, even if that means allowing them to access and use Windows XP's sourcecode."

    650 comments | about two weeks ago

  • Slashdot Asks: Will You Need the Windows XP Black Market?

    NicknamesAreStupid (1040118) writes "As Whoever57 pointed out, there are some who will still get support for Microsoft Windows XP — the 'haves'. However, most will be the 'have nots.' Anytime you have such market imbalance, there is opportunity. Since Microsoft clearly intends to create a disparity, there will certainly be those who defy it. What will Microsoft do to prevent bootleg patches of XP from being sold to the unwashed masses? How will they stop China from supporting 100 million bootleg XP users? And how easily will it be to crack Microsoft's controls? How big will the Windows XP patch market be?" There are a lot of businesses still on Windows XP; if you work for one of them, will the official end of life spur actually cause you to upgrade? (And if so, to what?)

    245 comments | about two weeks ago

  • Ask Slashdot: User-Friendly Firewall For a Brand-New Linux User?

    An anonymous reader writes "I am a new Linux user; I'm on 2nd day now. Currently I am trying out Ubuntu, but that could change. I am looking for a user friendly firewall that I can set up that lets me do these things:1) set up a default deny rule 2) carve out exceptions for these programs: browser, email client, chat client, yum and/or apt. 3) carve out exceptions to the exceptions in requirement 2 — i.e. I want to be able to then block off IPs and IP ranges known to be used by malware, marketers, etc., and all protocols which aren't needed for requirement 2. It also needs to have good enough documentation that a beginner like me can figure it out. Previously, I had done all of the above in AVG Firewall on Windows, and it was very easy to do. So far, I have tried these things:1) IPTABLES — it looked really easy to screw it up and then not notice that it's screwed up and/or not be able to fix it even if I did notice, so I tried other things at that point... 2) searched the internet and found various free firewalls such as Firestarter, GUFW, etc., which I weren't able to make meet my requirements. Can someone either point me to a firewall that meets my needs or else give me some hints on how to make firestarter or GUFW do what I need?"

    187 comments | about three weeks ago

  • Microsoft's Security Products Will Block Adware By Default Starting On July 1

    An anonymous reader writes "Microsoft [Thursday] announced a change to how it handles adware, a form of malware that pushes unwanted advertisements to the user. As of July 1, the company's security products will immediately stop any adware they detect and notify the user, who can then restore the program if they wish. Currently, when any of Microsoft's security products (including Microsoft Security Essentials and Microsoft Forefront) detects a program as adware, it will alert the user and offer them a recommended action. If the user doesn't do anything, the security product will let the program continue to run until the user makes a decision." If adware is malware, why wait until July?

    177 comments | about three weeks ago

  • UK Government Pays Microsoft £5.5M For Extended Support of Windows XP

    whoever57 (658626) writes "The UK Government has signed a contract worth £5.5M (almost $9M) for extended support and security updates for Windows XP for 12 months after April 8. The deal covers XP, Exchange 2003 and Office 2003 for users in central and local government, schools and the National Health Service. The NHS is in need of this deal because it was estimated last September that 85% of the NHS's 800,000 computers were running XP."

    341 comments | about three weeks ago

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...