Archive

Posts Tagged ‘bug’

Whose Bug Is This Anyway?

December 18th, 2012 12:04 admin View Comments

Bug

An anonymous reader writes “Patrick Wyatt, one of the developers behind the original Warcraft and StarCraft games, as well as Diablo and Guild Wars, has a post about some of the bug hunting he’s done throughout his career. He covers familiar topics — crunch time leading to stupid mistakes and finding bugs in compilers rather than game code — and shares a story about finding a way to diagnose hardware failure for players of Guild Wars. Quoting: ‘[Mike O'Brien] wrote a module (“OsStress”) which would allocate a block of memory, perform calculations in that memory block, and then compare the results of the calculation to a table of known answers. He encoded this stress-test into the main game loop so that the computer would perform this verification step about 30-50 times per second. On a properly functioning computer this stress test should never fail, but surprisingly we discovered that on about 1% of the computers being used to play Guild Wars it did fail! One percent might not sound like a big deal, but when one million gamers play the game on any given day that means 10,000 would have at least one crash bug. Our programming team could spend weeks researching the bugs for just one day at that rate!’”

Source: Whose Bug Is This Anyway?

Maker of Hackable Hotel Locks Finally Agrees To Pay For Bug Fix

December 7th, 2012 12:04 admin View Comments

Privacy

Sparrowvsrevolution writes “Slashdot readers are no doubt familiar by now with the case of Onity, the company whose locks are found on 4 million hotel room doors worldwide and, as came to light over the summer, can be opened in seconds with a $50 Arduino device. Since that hacking technique was unveiled by Mozilla developer Cody Brocious at Black Hat, Onity first downplayed its security flaws and then tried to force its hotel customers to pay the cost of the necessary circuit board replacements to fix the bug. But now, after at least one series of burglaries exploiting the bug hit a series of hotel rooms in Texas, Onity has finally agreed to shoulder the cost of replacing the hardware itself–at least for its locks in major chain hotels in the U.S. installed after 2005. Score one point for full disclosure.”

Source: Maker of Hackable Hotel Locks Finally Agrees To Pay For Bug Fix

“Badass” Bug Infects and Kills Borderlands 2 Characters

October 30th, 2012 10:03 admin View Comments

Games

An anonymous reader writes “BBC News claims that a feature in Borderlands 2 that can only be activated in modded XBox 360s has a bug that can cause characters to be permanently deleted when they die- even if they weren’t the ones who activated the feature. ‘The hidden option within the game, known as “badass” or “hardcore”, is turned off by default but can be enabled by those that have modified or hacked their console. [..] When a player with an unmodded console joins a Borderlands 2 multiplayer game in which there is a character running in badass mode it too gets kicked into that mode. [..] Gamers who play alongside people who have modded their console “contract” the bug which deletes their character if they die during play.’”

Source: “Badass” Bug Infects and Kills Borderlands 2 Characters

EXT4 Data Corruption Bug Hits Linux Kernel

October 24th, 2012 10:22 admin View Comments

Data Storage

An anonymous reader writes “An EXT4 file-system data corruption issue has reached the stable Linux kernel. The latest Linux 3.4, 3.5, 3.6 stable kernels have an EXT4 file-system bug described as an apparent serious progressive ext4 data corruption bug. Kernel developers have found and bisected the kernel issue but are still working on a proper fix for the stable Linux kernel. The EXT4 file-system can experience data loss if the file-system is remounted (or the system rebooted) too often.”

Source: EXT4 Data Corruption Bug Hits Linux Kernel

Stubborn Intel Graphics Bug Haunts Ubuntu 12.04

September 20th, 2012 09:22 admin View Comments

Bug

jones_supa writes “The current long-term support version of Ubuntu (12.04) has been experiencing a remarkably tough-to-crack and widely affecting bug related to laptops using an Intel graphics solution. When the lid is closed, every now and then the desktop freezes and only the mouse cursor can be moved. Compiz is usually found hung in the process, switching to a VT afterwards works. The Freedesktop guys are also informed. Have Slashdotters been bitten by this bug and possibly could offer some detective work to help the OSS community find and apply the correct fix?”

Source: Stubborn Intel Graphics Bug Haunts Ubuntu 12.04

Recent Apple Java Update Doesn’t Fix Critical Java Flaw Claims Researcher

September 6th, 2012 09:14 admin View Comments

Java

hypnosec writes “Just yesterday Apple released updates to fix Java vulnerabilities but, it seems that the patch doesn’t actually target the recently discovered high-profile Java bug that have been that talk of the web town during the last two weeks. The two updates – Java for OS X 2012-005 for OS X Lion and Java for Mac OS X 10.6 Update 10 for Mountain Lion are meant to tackle the vulnerability described in CVE-2012-0547. But, according to KerbsOnSecurity, it seems that Cupertino hasn’t addressed the recent mega-vulnerabilities of Java as described in CVE-2012-4681.”

Source: Recent Apple Java Update Doesn’t Fix Critical Java Flaw Claims Researcher

iPhone Bug Allows SMS Spoofing

August 17th, 2012 08:10 admin View Comments

Bug

Trailrunner7 writes “The iPhone SMS app contains a quirky bug that could allow someone to send a user a text message that appears to come from any number that the sender specifies. The researcher who discovered the bug said it could be used by attackers to spoof messages from a bank or credit card company and send the victim to a target site controlled by the attacker. The issue lies in the way iOS implements a section of the SMS message called User Data Header, which has a number of options, one of which allows the user to change the phone number that the text message appears to come from. The advent of mobile banking apps, some of which use SMS messages for out-of-band authentication, makes this kind of attack vector perhaps more worrisome and useful for attackers than it would seem at first blush.”

Source: iPhone Bug Allows SMS Spoofing

Algorithmic Trading Glitch Costs Firm $440 Million

August 2nd, 2012 08:48 admin View Comments

Bug

alstor writes “Yesterday an update to Knight Capital Group’s algorithmic trading software caused >massive volume buys and sells, resulting in large price swings on the New York Stock Exchange. As a result, the NYSE canceled some of the trades, but today the loss to Knight has been calculated at $440 million. Ignoring adjustments for inflation, this makes the cost of this glitch almost as much as the $475 million charge Intel took for the Pentium FDIV Bug, which might warrant adding this bug to the list of worst bugs. In light of this loss and the May 6, 2010 Flash Crash, perhaps investors will demand changes from firms using algorithmic trading, since the SEC is apparently too antiquated to do anything about it (PDF).”

Source: Algorithmic Trading Glitch Costs Firm $440 Million

Proprietary Nvidia Linux Driver Contains Privilege Escalation Hole

August 1st, 2012 08:31 admin View Comments

Security

An anonymous reader writes “The Nvidia binary driver has been exploited by an anonymous hacker, who reported it to nvidia months ago and it was never fixed. Now the exploit was made public.” The one releasing the exploit (relayed to him anonymously) is David Arlie, well known X hacker. The bug lets the attacker write to any part of memory on the system by shifting the VGA window; the attached exploit uses this to attain superuser privileges. It appears that this has been known to Nvidia for at least a month.

Source: Proprietary Nvidia Linux Driver Contains Privilege Escalation Hole

Facebook Invites Hackers To Attack Its Network

July 28th, 2012 07:35 admin View Comments

Facebook

An anonymous reader writes “Nearly a year ago, Facebook introduced its bug bounty program, inviting security researchers to poke around the site, discover vulnerabilities that could compromise the integrity or privacy of Facebook user data, and then responsibly disclose them to the company. Still, when the social network’s security team received a tip from a researcher about a vulnerability in the company’s own network which would allow attackers to eavesdrop on internal communications, they made an unprecedented choice by broadened the scope of the bug bounty program and inviting researchers to search for other holes in the corporate network. Nobody expects malicious attackers to have a change of heart and hand over information about a vulnerability for a few thousand dollars when they could sell the stole information for much more. It should, therefore, come as no surprise that Ryan McGeehan, the manager of Facebook’s security-incident response unit, stated that if there’s a million-dollar bug, they will pay it out.”

Source: Facebook Invites Hackers To Attack Its Network

YOYOYOOYOYOYO