Ars Technica reports that security researcher Rob Graham of Errata Security, after analyzing nearly 23,000 Tor connections through an exit node that Graham controls, believes that the encryption used by a majority of Tor users could be vulnerable to NSA decryption: "About 76 percent of the 22,920 connections he polled used some form of 1024-bit Diffie-Hellman key," rather than stronger elliptic curve encryption. More from the article: "'Everyone seems to agree that if anything, the NSA can break 1024 RSA/DH keys,' Graham wrote in a blog post published Friday. 'Assuming no "breakthroughs," the NSA can spend $1 billion on custom chips that can break such a key in a few hours. We know the NSA builds custom chips, they've got fairly public deals with IBM foundries to build chips.' He went on to cite official Tor statistics to observe that only 10 percent of Tor servers are using version 2.4 of the software. That's the only Tor release that implements elliptical curve Diffie-Hellman crypto, which cryptographers believe is much harder to break. The remaining versions use keys that are presumed to be weaker."
Please create an account to participate in the Slashdot moderation system
Eloquence writes "Three years ago, Musopen raised nearly $70,000 to create public domain recordings of works by Beethoven, Brahms, Mozart, Schubert, and others. Now they're running a new campaign with a simple but ambitious objective: 'To preserve indefinitely and without question everything Chopin created. To release his music for free, both in 1080p video and 24 bit 192kHz audio. This is roughly 245 pieces.'" Adds project organizer aarondunn: "His music will be made available via an API powered by Musopen so anyone can come up with ways to explore and present Chopin's life."
Calibax writes "Parallels recently released version 9 of Parallels Desktop, their popular hypervisor application for Mac. They also released a new product named Parallels Access that offers access to Windows applications from an iPad for $80 per year. Access has received less than stellar reviews. When a user upgrades Parallels Desktop, he is asked if he wants a free six-month subscription to Parallels Access. Even if he says no, the product is installed on his system and the application is started each time the system is rebooted. It is installed with ancillary files scattered around several directories in the system and Parallels has not supplied an uninstaller or listed the steps to fully uninstall the application, despite a number of requests. In other words, Parallels has decided it's a good idea to silently install a difficult to remove daemon application on the system, even if the user has explicitly stated they do not want it. They have not provided an uninstaller or a list of files installed or instructions on how to remove the application files. These are scattered to at least four Mac OS X OS system level directories."
Beeftopia writes "Researchers discovered that inserting gut bacteria from obese people into mice without gut bacteria led to the mice becoming obese. Gut bacteria from slim people inserted into the same mice did not lead to mouse obesity. The researchers concluded (abstract) that gut bacteria from the slim people were more efficient at extracting nutrients from food than those of the obese."
cold fjord writes "Another NSA story? The Wall Street Journal reports, 'The U.S. has intercepted an order from Iran to militants in Iraq to attack the U.S. Embassy and other American interests in Baghdad in the event of a strike on Syria ... U.S. officials said they are on alert for Iran's fleet of small, fast boats in the Persian Gulf ... U.S. officials also fear Hezbollah could attack the U.S. Embassy in Beirut. While the U.S. has moved military resources in the region for a possible strike, it has other assets in the area that would be ready to respond to any reprisals by Syria, Iran or its allies. ... Israel has so far been the focus of concerns about retaliation from Iran and its Lebanese militant ally Hezbollah. The commander-in-chief of Iran's elite Revolutionary Guard Corps said last week that an attack on Syria would lead to the "destruction of Israel." ... The Iranian message, intercepted in recent days, came from Qasem Soleimani, the head of Revolutionary Guards' Qods Force, and went to Iranian-supported Shiite militia groups in Iraq, according to U.S. officials.' What's interesting is this Washington Post story from 2011: Iran's Quds Force was blamed for attacks on U.S. troops in Iraq."
jjslash writes "CPU cooling units are an often-overlooked but always important side of PC building, whether you're looking to overclock or you simply want a cool-running, silent system. It's also easy to get lost if you aren't an enthusiast who keeps tabs on the best options. TechSpot has rounded up 10 high-end CPU coolers (read: huge heatsinks) including top units from Noctua, Thermalright, Xigmatek, Silverstone and Thermaltake. If you're willing to spend the cash, they rate the Noctua NH-U14S as the best overall pick. For a tighter budget, the Thermalright offerings provide the best bang for your buck."
Zothecula writes "When offshore oil drilling rigs are being installed, serviced or dismantled, the workers typically stay in cabins located on adjacent floating platforms. These semi-submersible platforms are towed into place (or travel under their own power) and then their hulls are partially filled with water, allowing them to remain somewhat stable in the pitching seas. Now, a ship is being built to serve the same purpose, but that will be a much more mobile alternative. It will keep from rolling with the waves by generating its own waves, inside its hull."
An anonymous reader writes "Fed up with piracy and the availability of cracked versions of his software, Cobalt Strike developer Raphael Mudge wrote a blog post telling people how to crack his software. Some gifts are poisoned, and Raphael goes into deep detail about how to backdoor his software and use it to distribute malware. Will this increase piracy of his software, or will it discourage would-be pirates from downloading cracked versions?"
itwbennett writes "The federal judge presiding over the U.S. electronic books case against Apple has barred the company from striking deals that would ensure that it could undercut prices of other retailers in the e-book market and also prohibited Apple from letting any one publisher know what deals the company is striking up with other publishers. For its part, Apple said it plans to appeal the ruling (PDF), denying that it conspired to fix ebook pricing. Meanwhile, Amazon is alerting customers of their potential payout, which could be as much as $3.82 for every eligible Kindle book."
KentuckyFC writes "The study of social networks has long shown that people tend to pick friends who are similar to them — birds of a feather stick together (PDF). Now a study of the genomes of almost 2000 Americans has found that those who are friends also share remarkable genetic similarities. 'Pairs of friends are, on average, as genetically similar to one another as fourth cousins,' the study concludes. By contrast, strangers share few genetic similarities. The result seems to confirm a 30-year-old theory that a person's genes causes them to seek out circumstances that are compatible with their phenotype. If that's the case, then people with similar genes should end up in similar environments and so be more likely to become friends."
An anonymous reader writes "U.S. military researchers are asking industry for ideas on a futuristic uniform for Special Operations warfighters that involves agile air-conditioned armor with embedded computers, sensors, communications radios and antennas, signal processors, wearable displays, and health-monitoring systems. Among the technologies Special Operations Command officials are interested in most (PDF) are advanced armor to protect warfighters from bullets, shrapnel, and other battlefield threats, while preserving their mobility. The suit also may involve powered or unpowered robotic exoskeletons to improve warfighter performance and endurance, while enabling the warfighter to operate silently and unseen."
sciencehabit writes "2012 was a year of extreme weather: Superstorm Sandy, drought and heat waves in the United States; record rainfall in the United Kingdom; unusually heavy rains in Kenya, Somalia, Japan, and Australia; drought in Spain; floods in China. One of the first questions asked in the wake of such extreme weather is: 'Could this due to climate change?' In a report (huge PDF) published online today, NOAA scientists tackled this question head-on. The overall message of the report: It varies. 'About half of the events reveal compelling evidence that human-caused change was a [contributing] factor,' said NOAA National Climatic Data Center Director Thomas Karl. In addition, climate scientist Peter Stott of the U.K. Met Office noted that these studies show that in many cases, human influence on climate has increased the risks associated with extreme events."
CowboyRobot writes "A Tripwire survey of 1,320 IT personnel from the U.S. and U.K. showed that most staff 'don't communicate security risk with senior executives or only communicate when a serious security risk is revealed.' The reason is that staff have resigned themselves to staying mum due to an environment in which 'collaboration between security risk management and business is poor, nonexistent or adversarial,' or at best, just isn't effective at getting risk concerns up to senior management."
An anonymous reader sends this news from the Wall Street Journal: "A 19-year-old model helicopter enthusiast was killed Thursday when a toy helicopter he was flying struck him in the head, a law-enforcement official said. Victim Roman Pirozek 'was known to be aggressive in his flying and often executed tricks. He was executing a trick when he was struck,' the official said. Mr. Pirozek – depicted in [this YouTube video] he posted in July — was flying a remote-controlled helicopter worth about $2,000 when it struck him, cutting off the top of his head, the official said. The Woodhaven, Queens, resident was pronounced dead at the scene. His father was with him at the time of the accident, the official said."
Rob @CmdrTaco Malda writes "I've been advising Epic Browser, a startup building a privacy-focused, Chrome-based browser that starts where incognito mode ends. Epic employs a host of tactics designed to make what happens inside your browser stay there, to the tune of a thousand blocks in a typical hour of browsing. They also provide a built-in proxy service. If the corporations and governments are going to watch us, there's no reason to make it any easier for them. Epic has Mac and Windows builds for now. Their site goes into far greater detail about how they block tracking methods most browsers don't."
hypnosec writes "Quantum computers are currently available in very few labs, usually bankrolled by major organizations like Google and NASA. However, a new project called 'Qcloud' aims to break those barriers by making quantum computing available to everyone. The University of Bristol announced the launch of Qcloud today at the British Science Festival 2013, with the goal of making quantum computing resources available to researchers across the globe. Claimed to be the first open-access system of its kind, the quantum chip is located at the Center for Quantum Photonics at the University of Bristol. Researchers can remotely access the processor over the internet for their computational needs. Those looking to test their ideas on the processor would be required to first practice and hone their skills using an online simulator. The university has made tutorials available to researchers so they can learn how to tune the processor and change its output as required. Once they are confident in their skills, researchers can ask for permission to access the real quantum photonic chip."
An anonymous reader writes "The former chief designer of Nokia explains how the company's success and its corporate culture stopped it from taking risks and left it open to being beaten by Apple. He now sees the same warning signs emerging at Apple. Quoting: 'I look back and I think Nokia was just a very big company that started to maintain its position more than innovate for new opportunities. All of the opportunities were in front of them and Nokia was working on them, but the key word is a sense of urgency. While things were in play there was a real sense of saying "we will get to that eventually."' He worries Apple is now in a similar place: 'Nokia became more of a maintainer, more of an iterator, whereas innovation only comes in re-invention and Nokia waited too long to make the next big bold move ... that is now Apple’s challenge. Apple has arrived at a very safe place, it is responsible for something everybody loves, so it feels it has to keep it going.'" Oddly enough, this comes alongside news that a different former insider, Thomas Zilliacus (who was Nokia’s former Asia-Pacific CEO), has founded a company called "Newkia" in the wake of Microsoft's acquisition of Nokia. His goal is to take on former Nokia engineers and set them to building phones again — this time, running Android.
RocketAcademy writes "The race to develop low-cost, suborbital spaceflight is heating up. On Thursday, Virgin Galactic's SpaceShip Two successfully completed its second powered test flight, reaching a speed of Mach 1.4 and an altitude of 69,000 feet. Meanwhile, XCOR Aerospace has begun posting daily reports on the progress of its Lynx spaceplane, which is expected to begin flight tests sometime around the end of this year. This means one of both companies are likely to begin commercial service by the end of next year. XCOR still plans to move its headquarters to Midland, Texas later this year, but Midland may not be the only suborbital spaceport in the Lone Star state. On Wednesday, the Houston Airport System revealed renderings of its proposed spaceport at Ellington Airport, near Johnson Space Center just south of Houston. Citizens in Space (also based in Texas) has begun training five citizen astronauts to fly as payload operators on the XCOR Lynx and evaluating biomedical sensors for use on the flights. Details of those astronaut activities were also released this week."
sciencehabit writes "In a few years, all new parents may go home from the hospital with not just a bundle of joy, but with something else—the complete sequence of their baby's DNA. A new research program funded at $25 million over 5 years by the National Institutes of Health (NIH) will explore the promise—and ethical challenges—of sequencing every newborn's genome."
wabrandsma writes "Quoting Bruce Schneier in the Guardian: 'The NSA has undermined a fundamental social contract. We engineers built the internet – and now we have to fix it. Government and industry have betrayed the internet, and us. This is not the internet the world needs, or the internet its creators envisioned. We need to take it back. And by we, I mean the engineering community. Yes, this is primarily a political problem, a policy matter that requires political intervention. But this is also an engineering problem, and there are several things engineers can – and should – do."
An anonymous reader writes "If you're a fan of gigantic volcanoes you'll be happy to know that the biggest volcano on Earth, and one of the biggest in the solar system, has just been discovered under the Pacific Ocean, about 1,000 miles east of Japan. From the article: 'Called Tamu Massif, the giant shield volcano had been thought to be a composite of smaller structures, but now scientists say they must rethink long-held beliefs about marine geology. "This finding goes against what we thought, because we found that it's one huge volcano," said William Sager, a geology professor at the University of Houston in Texas. Sager is lead author in a study about the find that was published this week in the peer-reviewed journal Nature Geoscience. "It is in the same league as Olympus Mons on Mars, which had been considered to be the largest volcano in the solar system," Sager told National Geographic.'"
coolnumbr12 writes "The U.S. government has had enough of the Syrian Electronic Army's hacks of Western media and government outlets. A week after the SEA shut down the New York Times, the FBI Cyber Division unit has officially added the pro-Assad hacker collective to its wanted list. The FBI issued an advisory that included information about the SEA, its capabilities, and some of its more heinous attacks. The advisory also warns networks to be on the lookout for attacks, and that anyone found to be aiding the SEA will be seen as terrorists actively aiding attacks against the U.S. websites."