Comment Awesome! (Score 1) 101
Super cool to see this on /., I know one of the guys behind it from SF and seeing him around a few hack nights. Anything to get more people interested in codeing :)
Submission + - Type safety coming to DB queries
An anonymous reader writes: A new type-safe query language for the popular full-text search platform Solr, called Slashem (a Rogue-like), hash just been released. Slashem is implemented as a DSL in Scala providing compile time type-safety, allowing you do things like date range queries against date fields but keeping you from trying to do a date range query against a string field. Hopefully this trend catches on, resulting in less invalid queries exploding at runtime.
Submission + - Are Some CAs Too Big to Fail? (threatpost.com)
Trailrunner7 writes: In the wake of this weekend's revelations of the seriousness of the attack on certificate authority DigiNotar, security experts have renewed criticism of the Internet's digital certificate infrastructure, with some wondering if larger certificate authorities (CAs) might be too big to fail.
Would Mozilla and Microsoft and Google have revoked trust in root certificates from VeriSign or Thawte had they been compromised? Unlikely.
"It's not a simple matter of removing certificates from a database, because they're not in any databases," says researcher Moxie Marlinspike, who presented an alternative approach to the current SSL infrastructure last month at DEFCON. "We may never track them all down."
Would Mozilla and Microsoft and Google have revoked trust in root certificates from VeriSign or Thawte had they been compromised? Unlikely.
"It's not a simple matter of removing certificates from a database, because they're not in any databases," says researcher Moxie Marlinspike, who presented an alternative approach to the current SSL infrastructure last month at DEFCON. "We may never track them all down."
Submission + - Automatic spelling corrections on Github
An anonymous reader writes: Github projects may be seeing a different kind of contributor than normal, a small little bot is now crawling projects contribution spelling corrections. It builds on top the github API and existing documentation style checking code. Future directions for the project look beyond spelling mistakes and at automated bug fixing on a large scale.
Submission + - Microsoft attempts to censure bing vulnerability
An anonymous reader writes: Microsoft's bing search engine has a vulnerability with its cash-back promotion, which impacts both merchants and customers. In traditional Microsoft style, Microsoft responded to the author of the breaking bing cashback with a cease & desist letter, rather than fixing the security problems. It is possible for a malicous user to create fake bing cash-back requests, resulting in not only fake cash-back costs for the merchant, but also blocking legitimate customers from receiving there cash-back from bing. The original post is currently available in bing's cahce (although perhaps not for long). But no worries, the author makes it clear that the exploit should be painfully obvious to anyone that reads the bing cashback sdk.
Google's Launches 2nd Android Developer Contest 26
coffeeisclassy writes "Google's second Android Developer Contest (ADC2) has started, despite some confusion around how to submit applications. The prizes are different from the first ADC, with each category having prizes of 100k, 50k, and 25k and an overall best of 150k,50k and 25k, meaning the best Android application from ADC2 is eligible for ~250k. The rules seem to allow any application never published before August 1st to compete, and the contest is open through the end of August (so break out your keyboards!). The top prizes are certainly less than that of first ADC, but with the prizes broken down by category, Google may be hoping to inspire some love for less popular categories."
Comment shiney sauce (Score 1) 1
Best of luck to everyone planning on submitting applications for ADC2 :) As a future Android owner (once I move to America) I look forward to seeing what sort of applications come out of this.
Submission + - Google's 2nd Android Developer Contest kicksoff 1
coffeeisclassy writes: Google's second Android Developer Contest (ADC2) has started, despite some confusion around how to submit applications. The prizes are different from the first ADC, with each category having prizes of 100k, 50k, and 25k and an overall best of 150k,50k and 25k, meaning the best Android application from ADC2 is eligible for ~250k. The rules seem to allow any application never published before August 1st to compete and is open through the end of August (so break out your keyboards!). The top prizes are certainly less than that of first ADC, but with the prizes broken down by category Google may be hoping to inspire some love for less popular categories. While some other developers are waiting to find out to submit, one developer has moved ahead and released one of there entires Pigs Can Fly Site Monitor (also on Google Market for those with Androids). So if you've been waiting for an excuse to start a new side-project, here you have it :)
Submission + - Classified evidence of global warming revealed (thinkprogress.org)
An anonymous reader writes: The Obama administration has released more than a thousand intelligence images of Arctic ice, following a declassification request by the National Academy of Sciences. These high-resolution spy photos of rapid sea ice loss off the northern coast of Alaska, kept classified by the Bush administration, show the devastating impact of global warming in the Arctic. The newly-declassified images also reveal the retreat of glaciers in Washington and Alaska.
Submission + - Your browser history is showing
tiffanydanica writes: For a lot of us our browser history is something we consider private, or at least not something we want to expose to every website we visit.Web2.0collage is showing just how easy it is (with code!)for sites to determine what sites you visit. When you visit the site it sniffs your browser history, and creates a collage of the (safe for work) sites that you visit. It is an interesting application of potentially scary technology (imagine a job application site using this to screen candidates). You can jump right into having your history sniffed if you so desire. While the collages are cool on their own merit, they also serve as an illustration of the privacy implications of browser history sniffing.
The Economist Suggests Linux For Netbooks 445
Trepidity writes "In its roundup of how to choose a netbook, The Economist suggests that users 'avoid the temptation' to go for a Windows-based netbook, and in particular to treat them as mini laptops on which you'll install a range of apps. In their view, by the time you add the specs needed to run Windows and Windows apps effectively, you might as well have just bought a smallish laptop. Instead, they suggest the sweet spot is ultra-lite, Linux-based netbooks, with a focus on pre-installed software that caters to common tasks. They particularly like OpenOffice, which they rate as easier to use than MS Word and having 'no compatibility problems,' as well as various photo-management software." Besides which, does Windows offer spinning cubes for coffee-shop demos?
Amazon Kindle Endorsed By Oprah 197
Oprah Winfrey enthused about the Amazon Kindle on her show today — it's her "new favorite thing" — and had Jeff Bezos on to announce a $50-off offer good till Nov. 1. A plug on Oprah is ordinarily a sign that a product has crossed over into the mainstream. But her show's audience has been slipping lately, and it's unclear how many cash-strapped citizens will be willing to part with $309 (after the special offer) for a new techno-gadget, for which they then have to shell out more money for DRM-encrusted content.
Submission + - Security flaw in Yahoo mail exposes plaintext auth
holdenkarau writes: "Yahoo!'s acquisition of opensource mail client Zimbra has apparently brought some baggage to the mail team. The new Yahoo! desktop program transmits the authentication information in plain text. Ironically enough, the flaw was discovered during a Yahoo "hacku" day at the University of Waterloo (the only Canadian school part of the trip). Compared to the recent hoopla about gmail exposing the names associated with accounts, this seems down right scary. So if you have friends or relatives who might have installed Yahoo! desktop and value their e-mail accounts, now would be a good time to get them to change the password and switch back to the oh so retro web interface."
Submission + - Protecting IM from the NSA, a Canadian's view 3
holden writes: "Ian Goldberg, leading security researcher, professor at the university of waterloo, cypherpunk and co-creator of the Off-the-Record Messaging (OTR) protocol recently gave a talk on protecting your IM conversations. He discusses OTR and its importance in today's world with warrant-less wire tapping and all that bad stuff. With OTR users benefit from being able to have truly private conversations over IM, by using encryption to obtain authentication, deniability, and perfect forward secrecy, while working within their existing IM infrastructure. With the recent NSA wiretapping activities and increasing Big Brother presence, security and OTR are increasingly important. An avi of the talk is available by http as well as by bittorrent and a bunch of other formats."
Submission + - Designing software with Privacy in mind 6
dalektcalum writes: Dr. Ann Cavoukian, Canada's Information and Privacy Commissioner, recently gave a talk entitled Privacy by Design. The talk starts of by covering the basics of privacy, and privacy law, and then moves onto the important component, how to design software that properly protects users privacy. The majourity of the time is spent on design principles, but also examines specific technologies (such as Elliptical Curve Cryptography).
Slashdot Top Deals
If this is a service economy, why is the service so bad?
