+ - 159 Chinese appliances spying and injecting malware into Wifi->

Submitted by bricko
bricko writes: Seems Russians find Chinese appliances have chips to get into Wi/Fi and inject malware......

Russian investigators claim to have found household appliances imported from China which contain hidden microchips that pump spam data and malware into wi-fi networks.

Authorities in St Petersburg allegedly discovered 20 to 30 kettles and irons with 'spy microchips that send some data to the foreign server', according to Russian media.

http://www.dailymail.co.uk/news/article-2480900/China-spying-KETTLE-Bugs-scan-wi-fi-devices-imported-kitchen-gadgets.html#ixzz2jMVNpbF8

Link to Original Source

+ - 204 Smartphone sales: Apple squeezed, Blackberry squashed, Android 81.3%

Submitted by mrspoonsi
mrspoonsi writes: Engadget reports: Smartphone market share for the third quarter...as you'd imagine, the world is still Android's oyster. Strategy Analytics estimates that the OS has crossed the symbolic 80 percent mark, reaching 81.3 percent of smartphone shipments by the end of September. Not that Google was the only company doing well — Nokia's strong US sales helped Windows Phone grow to 4.1 percent of the market, or nearly double what it had a year ago.

+ - 203 Computing inside a living cell->

Submitted by Rozanne
Rozanne writes: The new issue of Stanford Medicine magazine (which I edit) has a story on Stanford professor Drew Endy's creation of microscopic computers out of biological components for use inside living cells. His work is a mash-up of molecular biology and computer engineering: Instead of a computer made of silicon, metal and plastic, it’s a computer made of DNA, RNA and enzymes. Endy says biologists are typically confounded at first when he explains how the computers work and how they could be used. In our story, writer Andy Myers explains in terms a biology nerd or computer nerd can understand.
Link to Original Source

+ - 173 The Mile Markers of Moore's Law Are Meaningless

Submitted by szotz
szotz writes: Keeping up the pace of Moore's Law is hard, but you wouldn't know it from the way chipmakers name their technology. The semiconductor industry's names for chip generations (Intel's 22nm, TSMC's 28nm, etc) have very little to do with actual physical sizes, says IEEE Spectrum. And the disconnect is only getting bigger. For the first time, the "pay us to make your chip" foundries are offering a new process (with a smaller-sounding name) that will produce chips that are no denser than their forbears. The move is not a popular one.

+ - 209 Twitter Marks Clean Sites as Harmful, Breaks Links

Submitted by starglider29a
starglider29a writes: This morning, a website (which I maintain) that has a Twitter presence encountered an "unsafe" warning when clicking on the tweets. "This link has been flagged as potentially harmful." After scanning the site, its database, checking with Google, and 3rd party site scanners, I found no evidence of harm. At noon, The Atlantic posted this article which describes the same issue with the Philadelphia City Paper.

If they are incorrect, how does Twitter justify this slander/libel (IANAL)? Has Twitter become the "credit score" for sites in that they are now guilty until proven innocent?

+ - 212 Cross OS malware communicates over audio waves

Submitted by Anonymous Coward
An anonymous reader writes: Do you think an airgap can protect your computer? Maybe not. According to this story at Ars Technica, security consultant Dragos Ruiu is battling malware that communicates with infected computers using computer microphones and speakers.

+ - 194 The Mysterious Malware that Jumps Airgaps

Submitted by Hugh Pickens DOT Com
Hugh Pickens DOT Com writes: Dan Goodwin writes at Ars Technica about a rootkit that seems straight out of a science-fiction thriller. According to security consultant Dragos Ruiu one day his MacBook Air, on which he had just installed a fresh copy of OS X, spontaneously updated the firmware that helps it boot. Stranger still, when Ruiu then tried to boot the machine off a CD ROM, it refused and he also found that the machine could delete data and undo configuration changes with no prompting. Next a computer running the Open BSD operating system also began to modify its settings and delete its data without explanation or prompting and further investigation showed that multiple variants of Windows and Linux were also affected. But the story gets stranger still. Ruiu began observing encrypted data packets being sent to and from an infected laptop that had no obvious network connection with—but was in close proximity to—another badBIOS-infected computer. The packets were transmitted even when the laptop had its Wi-Fi and Bluetooth cards removed. Ruiu also disconnected the machine's power cord so it ran only on battery to rule out the possibility it was receiving signals over the electrical connection. Even then, forensic tools showed the packets continued to flow over the airgapped machine. Then, when Ruiu removed internal speaker and microphone connected to the airgapped machine, the packets suddenly stopped. With the speakers and mic intact, Ruiu said, the isolated computer seemed to be using the high-frequency connection to maintain the integrity of the badBIOS infection as he worked to dismantle software components the malware relied on. It's too early to say with confidence that what Ruiu has been observing is a USB-transmitted rootkit that can burrow into a computer's lowest levels and use it as a jumping off point to infect a variety of operating systems with malware that can't be detected. It's even harder to know for sure that infected systems are using high-frequency sounds to communicate with isolated machines. But after almost two weeks of online discussion, no one has been able to rule out these troubling scenarios, either. "It looks like the state of the art in intrusion stuff is a lot more advanced than we assumed it was," says Ruiu. "The take-away from this is a lot of our forensic procedures are weak when faced with challenges like this. A lot of companies have to take a lot more care when they use forensic data if they're faced with sophisticated attackers."

+ - 202 Google Chrome Is Getting Automatic Blocking Of Malicious Downloads

Submitted by Anonymous Coward
An anonymous reader writes: Google today announced Chrome is getting an automatic download blocking feature for malware. Google has already added the new functionality to the latest build of Chrome Canary. All versions of Chrome will soon automatically block downloads and let you know in a message at the bottom of your screen. You will be able to “Dismiss” the message, although it’s not clear if you will be able to stop or revert the block.

+ - 173 Pen Testers Break Into Gov't Agency With Fake Social Media ID->

Submitted by itwbennett
itwbennett writes: Security experts used fake Facebook and LinkedIn profiles to penetrate the defenses of an (unnamed) U.S. government agency with a high level of cybersecurity awareness. The attack was part of a sanctioned penetration test performed in 2012 and its results were presented Wednesday at the RSA Europe security conference in Amsterdam. The testers built a credible online identity for a fictional woman named Emily Williams and used that identity to pose as a new hire at the targeted organization. The attackers managed to launch sophisticated attacks against the agency's employees, including an IT security manager who didn't even have a social media presence. Within the first 15 hours, Emily Williams had 60 Facebook connections and 55 LinkedIn connections with employees from the targeted organization and its contractors. After 24 hours she had 3 job offers from other companies.
Link to Original Source

+ - 141 Fundraiser for Neo900 open smartphone-> 1

Submitted by JoSch1337
JoSch1337 writes: Golden Delicious Computers (creators of OpenPhoenux / GTA04 openmoko replacement board) is announcing a fundraiser to produce first prototypes and kickstart mass production of the Neo900 open smartphone. Based on the electronics of the GTA04 open smartphone platform, the Neo900 will reuse the Nokia N900 case but contain a motherboard with a faster CPU, more RAM, an LTE modem and other additions when compared to the original Nokia N900 smartphone. In the Openmoko spirit the device will be fully hackable, supporting QtMoko, SHR, Debian, Replicant and any other operating system ported to it like Maemo, Ubuntu or Firefox OS. Visit http://neo900.org/specs for more detailed specifications or http://neo900.org/faq for a general FAQ.
Here is a video presenting the idea: http://youtu.be/EJHMXQ3nSt0
If your donation is above 100 eur, then that amount will be deducted from your purchase of the final version of the Neo900. The final motherboard is expected to be in the range of 500-700 eur depending on the amount of orders and availability of components.

Link to Original Source

+ - 140 Syria Completes Destruction of Chemical Weapon producing Equipments

Submitted by rtoz
rtoz writes: Chemical weapons watchdog OPCW has declared that Syria has completed the Destruction Activities to Render Inoperable Chemical Weapons Production Facilities and Mixing/Filling Plants. This operation has been completed just one day before the deadline (1 November 2013) set by the OPCW Executive Council. The Joint OPCW-UN Mission has inspected 21 of the 23 sites declared by Syria, and 39 of the 41 facilities located at those sites. The two remaining sites were not visited due to safety and security concerns. But Syria declared those sites as abandoned and that the chemical weapons programme items they contained were moved to other declared sites, which were inspected.

+ - 139 Sony issues detailed PS4 FAQ ahead of launch

Submitted by Sockatume
Sockatume writes: Sony has released a detailed FAQ for the PS4 system, which launches in coming weeks. Of particular note: although Bluetooth headsets will not be compatible, generic 3.5mm and USB audio devices will work; the console will require activation via the internet or a special disk before it will play Blu-ray or DVDs; media servers, MP3s, and audio CDs are not supported. The console's "suspend/resume" and remote assistance features are listed as unavailable for the North American launch, implying that they will be patched in before the console launches in Europe later in November.

+ - 162 RHEL 7 will be a KDE Desktop

Submitted by Anonymous Coward
An anonymous reader writes: At the 2013 linux Kernel summit Redhat spokesperson Lisa Truman revealed that the upcoming RHEL 7 will be based on the KDE Software Compilation desktop environment. "As you know we have been working on implementing Gnome 3 classic mode for RHEL 7. But after early feedback from our customers we have decided to switch to a KDE/QT based desktop for our flagship product". On what feedback Redhat received from their customers, Ms. Truman responded: "We at Redhat appreciate that many of our customers use non accelerated or legacy hardware for their workstations, and software rendering with llvmpipe may not fit the bill for them". "Also gnome-classic-mode is an emulation of a classic desktop and is lacking many important areas". When Ms. Truman was asked if the switch to KDE is the reason for the delay in the release of RHEL 7 she stated: "We are still on track to release RHEL 7 by the end of 2013".