Active Response

DotNetNuke User Account Security Bypass Vulnerability

Ponca City, We love you writes "For thousands of years, losing teeth has been a routine part of human aging. Now the Washington Post reports that researchers are close to growing important parts of teeth from stem cells, including creating a living root from scratch, perhaps within one year. According to Pamela Robey of the NIH. 'Dentists say, "Give me a root and I can put a crown on it."' In a few years dentists will treat periodontal disease with regeneration by using stem cells to create hard and soft tissue; they will take out a tooth that is about to fall, and reconnect it firmly to the regenerated tissue. Although nobody is predicting when it will be possible to grow teeth on demand, in adults, to replace missing ones, a common guess is five to ten years. Baby and wisdom teeth are sources of stem cells that could be 'banked' for future health needs, says Robey. 'When you think about it, the teeth children put under their pillows may end up being worth much more than the tooth fairy's going rate. Plus, if you still have your wisdom teeth, it's nice to know you're walking around with your own source of stem cells.'"

Read more of this story at Slashdot.

CWmike writes "Amazon.com has rolled out a new option for its Simple Storage Service (S3) that lets data owners shift the cost of accessing their information to users. Until now, individuals or businesses with information stored on S3 had to pay data-transfer costs to Amazon when others made use of the information. Amazon said the new Requester Pays option relieves data providers of that burden, leaving them to pay only the basic storage fees for the cloud computing service. The bigger question with the cloud is, who really pays? Mark Everett Hall argues that IT workers do."

Read more of this story at Slashdot.

Hugh Pickens writes "BBC has an interesting article on the long-standing issue of how to power the 'climber' that would ascend a space elevator into space. Previous ideas have included delivering microwave or laser power to the climber beamed from the Earth's surface, but now European Space Agency ground station engineer Age-Raymond Riise has demonstrated a device that could provide a "lift into space" for cheaper space missions along a 100,000-km long tether anchored to the Earth. Riise demonstrated sending power mechanically by providing carefully timed jerks of the cable at its base with a broomstick to represent the cable held in tension, an electric sander to provide a rhythmic vibration to the bottom of the stick, and three brushes representing the climber with their bristles pointing downwards allowing the climber assembly to slide upward along the broomstick as it moved slightly downward, but grip it as it moved slightly upward. 'It would be possible to make a suspension system that completely decouples the cabin where the passengers are,' says Riise. 'For them it would be a linear movement with very little disturbance.' Riise says that he has been approached by commercial elevator companies, who are researching new ideas for elevators in superscrapers where the simplicity of the approach makes it attractive when compared to other ideas for powering lifts, such as compressed air."

Read more of this story at Slashdot.

surely_you_cant_be_serious writes "A nationwide survey finds that most companies consider their systems vulnerable to attack. Historically, crime rates increase during recessions — and some believe that cybercrime may well follow suit, especially given massive layoffs and the dim prospects many laid-off employees face in finding a new job. 'One thing companies can start doing is monitoring their networks on an ongoing basis so that they understand the normal pattern of data flow and usage, Brill said. In many cases, companies may not have the internal capability to do this, but outsourcing options are available. Kroll Ontrack, for instance, will be rolling out a 24/7 monitoring service for its global clients manned from a US location by professionals in early 2009.'"

Read more of this story at Slashdot.

An anonymous reader writes "Wired has the inside story of Max Butler, a former white hat hacker who joined the underground following a jail stint for hacking the Pentagon. His most ambitious hack was a hostile takeover of the major underground carding boards where stolen credit card and identity data are bought and sold. The attack made his own site, CardersMarket, the largest crime forum in the world, with 6,000 users. But it also made the feds determined to catch him, since one of the sites he hacked, DarkMarket.ws, was secretly a sting operation run by the FBI."

Read more of this story at Slashdot.

thepacketmaster writes "The Star reports about a new power generation model using smaller distributed power generators located closer to the consumer. This saves money on power generation lines and creates an infrastructure that can be more easily expanded with smaller incremental steps, compared to bigger centralized power generation projects. The generators in line for this are green sources, but Hyperion Power Generation, NuScale, Adams Atomic Engines (and some other companies) are offering small nuclear reactors to plug into this type of infrastructure. The generator from Hyperion is about the size of a garden shed, and uses older technology that is not capable of creating nuclear warheads, and supposedly self-regulating so it won't go critical. They envision burying reactors near the consumers for 5-10 years, digging them back up and recycling them. Since they are so low maintenance and self-contained, they are calling them nuclear batteries."

Read more of this story at Slashdot.

phyr writes "The European Space Agency (ESA) has released its Next ESA SAR Toolbox (NEST) freely as GPL for Linux and Windows. It provides an integrated viewer for reading, calibrating, post-processing and analysis of ESA (ERS 1&2, ENVISAT) and 3rd party (Radarsat2, TerraSarX, Alos Palsar, JERS) SAR level 1 data and higher. ESA has chosen to distribute the software as fully open source to allow the remote sensing community to easily develop new readers/writers and post-processors for SAR data with their NEST Java API. The software provides both a command line interface and GUI for all features including data conversion, graph processing, coregistration, multilooking, filtering, and band arithmetic."

Read more of this story at Slashdot.

Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏

Walusoft TFTPServer2000 Version 3.6.1 Directory Traversal

Re: php 4.x php5.2.x all "show_source()" ,"highlight_file()" bypass‏

ANNOUNCE: RFIDIOt ver 01.v released - Jan 2009

News, Infocus, Columns, Vulnerabilities, Bugtraq ...

Time to Exclude Bad ISPs

Responding to a Brute Force SSH Attack

Standing on Other's Shoulders

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909

Just EnCase It's Not a Search

Microsoft's Stance on Piracy Affects Us All

Data Recovery on Linux and ext3

WiMax: Just Another Security Challenge?

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909