×
Google

Submission + - Google Implements DNSSEC Validation for Public DNS (securityweek.com)

Submitted by wiredmikey
wiredmikey writes: Google on Tuesday announced that it now fully supports DNSSEC (Domain Name System Security Extensions) validation on its Google Public DNS resolvers. Previously, the search giant accepted and forwarded DNSSEC-formatted messages but didn’t actually perform validation.

“With this new security feature, we can better protect people from DNS-based attacks and make DNS more secure overall by identifying and rejecting invalid responses from DNSSEC-protected domains,” Yunhong Gu, Team Lead, Google Public DNS, wrote in a blog post.

In a recent column, Ram Mohan explained that while DNSSEC does not solve every Internet-based security issue, it does offer a more advanced level of user security for directory look-ups than is currently in use. “For example, DNSSEC can ensure that a Web browser knows where to find the site you are trying to reach,” Mohan explained. “Browsers can employ this information to help protect users from phishing attacks and from being hijacked. Although browsers don't use DNSSEC in this way today, they easily could (and probably should).”

According to Gu, about 1/3 of top-level domains have been signed, but most second-level domains remain unsigned. According to NIST, there has been no progress in enabling DNSSEC on 98 percent of all 1,070 industry domains tested as of March 18, 2013.

“Overall, DNSSEC is still at an early stage and we hope that our support will help expedite its deployment,” Google’s Gu said.
Your Rights Online

Submission + - Stricter COPPA laws coming in July (foxnews.com)

Submitted by Velcroman1
Velcroman1 writes: The Children's Online Privacy Protection Act (COPPA) was enacted in 1998. In 2011, the FTC beefed up the measure, preventing sites from collecting personal information from kids such as name, location and date of birth without a parent's consent. This July, new amendments for kids under 13 will go into effect, approved by the FTC in December. The rules are targeted at sites that market specifically to kids. However, even a site like Facebook could be fined for allowing minors to post self-portraits, audio recordings of their voice, and images with geo-location data. There are also new restrictions on tracking data, with cookies or a unique identifier that follow registrants from one site to another. http://www.foxnews.com/tech/2013/03/19/coppa-stricter-rules-july-underage-kids-on-facebook/">About time, said Denise Tayloe, the CEO of PRIVO, a company that makes an age-verification system called PrivoLock."Somebody damn-well better do something to communicate with parents [so they] understand what their kids are doing," Tayloe said.

Submission + - Activity of whole fish brains mapped second to second (nature.com)

Submitted by
ananyo
ananyo writes: "Researchers have imaged an entire vertebrate brain at the level of single neurons for the first time. A team of scientists based at the Janelia Farm Research Campus in Ashburn, Virginia, were able to record activity across the whole brain of a fish embryo almost every second, detecting 80% of its 100,000 neurons. The work is a first step towards mapping the activity of a whole human brain/a — which contains about 85,000 times more neurons than the zebrafish brain.
The imaging system relies on a genetically engineered zebrafish (Danio rerio). The fish's neurons make a protein that fluoresces in response to fluctuations in the concentration of calcium ions, which occur when nerve cells fire. A microscope sends sheets of light rather than a conventional beam through the fish's brain, and a detector captures the signals like a viewer watching a cinema screen. The system records activity from the full brain every 1.3 seconds."
Your Rights Online

Submission + - Doing Hard Time for Hacking Doesn't Actually Require Any Hacking (vice.com)

Submitted by derekmead
derekmead writes: It's hard to know what to make of Andrew Auernheimer. The 27-year-old grey hat, known in the hacker community as "Weev," was sentenced to 41 months in prison and ordered to pay a $75,000 fine to AT&T on Monday morning for his involvement in a 2010 incident involving iPads on the carrier's network. However, as Weev himself points out and tech bloggers confirm, he is being punished as a hacker who never actually did any hacking — not technically speaking, anyways.

So if Weev isn't a hacker, is he another activist, like Aaron Swartz, who's been swept up by too strict hacking laws? Or is he more of a rabblerouser, like Matthew Keys, the Reuters employee who helped Anonymous deface the Los Angeles Times's website? Or is he really a regular old criminal like the court says he is? The ambiguity here places Weev in a growing line-up of digital usual suspects, from Swartz to Keys, boy-men whom the government wants to make examples of and whom the internet freedom community, for better or worse, is eager to embrace as heroes.

Submission + - Samsung is also reportedly developing a smartwatch (networkworld.com)

Submitted by anderzole
anderzole writes: It's been widely reported that Apple is working hard on an upcoming iWatch that may be released as early as this year. But Apple may not be the only company developing a wristwatch these days. It's now being reported that Samsung is also busying itself with developing a smartwatch of sorts.

During a recent interview in Seoul, Samsung executive VP Lee Youhg Hee explained, "We’ve been preparing the watch product for so long, We are working very hard to get ready for it. We are preparing products for the future, and the watch is definitely one of them.”

"The issue here is who will first commercialize it so consumers can use it meaningfully,” Lee added.

Samsung has of course released smartwatches before, but as you can see below, they all leave much to be desired.

Submission + - How to (or NOT to) Train Your Job Replacement? 3

Submitted by Anonymous Coward
An anonymous reader writes: I am a contract developer from a major U.S. city. My rate has never been the lowest, nonetheless very competitive considering the speed and quality of the work I have always delivered, as well as the positive feedbacks I've got from most clients. In the past ~3 years I have been working on a sizable project for a major client. For most part it has been a happy arrangement for both parties. However for various reasons (including the still ailing economy), starting this year they hired a fresh college graduate in-house, and asked me to teach him all "secrets" of my code, even though they have the source code by contract. The implicit (although never openly stated) goal is of course for him to take over the project and hopefully reduce cost, at least in the short-term. I say "hopefully" because I am pretty sure that, unfamiliar with the software industry, they underestimated what it takes to make quality, production-ready code. I am not afraid of losing this particular client as I have many others, but I want to ask Slashdot, how do you handle this type of situation — train someone who you know will eventually replace you at your job?
Encryption

Submission + - Internal Name SSL Certificates Could be Exploited (net-security.org)

Submitted by Anonymous Coward
An anonymous reader writes: The Certificate Authority practice of issuing “Internal Name” certificates for private domains which are currently non-resolvable by the Domain Name System could be misused by attackers once new generic top-level domains (gTLDs) are introduced this year, warns ICANN. An internal name is a domain or IP address that is part of a private network. These internal names are not allocated to any specific organization and therefore cannot be verified. The problem is that some of these domains might, in the near or more distant future, be used as new gTLDs, and any internal name certificate issued for a private domain that coincides with that of a gTLD can be exploited by attackers to set up a bogus website, redirect users from the legitimate one to that, and convince them that the bogus site is actually the legitimate one as the certificate will equip with the TLS/SSL lock icon.
Privacy

Submission + - Golf Channel Testing Out New Octo-copter Drone to Film Golfers This Weekend (businessinsider.com) 3

Submitted by Anonymous Coward
An anonymous reader writes: In a what seems like a surreal mixture of life imitating art, the Golf Channel has taken the wraps of a new camera drone. The hover camera appears to have 8 independent rotors supporting what looks like a gyro stabilized HD camera. Though it is far from silent, the new drone will be on the course this week at the PGA Tour event taking place at Arnold Palmer Invitational at Bay Hill in Florida. No word on whether or not Lord Vader will be using these to monitor rebel activity on Hoth.
Security

Submission + - anonymous researcher scans the internet using cheap unsecure devices (github.com)

Submitted by elmarlecher
elmarlecher writes: A anonymous researcher has done a Internet Census 2012 of the whole internet using 420.000 embedded devices which have insecure username — password combinations like admin/admin.

http://internetcensus2012.github.com/InternetCensus2012/paper.html

The page above contains some interesting numbers and graphics, for example how much of the internet seems to be used.

This story was posted on the http://seclists.org/fulldisclosure/2013/Mar/166 full disclosure mailinglist and then picked up by CNet.

Funny side note: CNet falsely claimed it was Fyodor because nmap was used. He corrected that on the slashdot mailinglist.
Security

Submission + - Journalist Identifies 20-year-old Hacker Who Sent SWAT Team to his House (ibtimes.co.uk)

Submitted by
DavidGilbert99
DavidGilbert99 writes: "Carrying out a cyber attack against a renowned security reporter and investigator and sending a SWAT team to their house, is probably not the best idea. The idea is an even bigger mistake when your are already known to a big selection of the security industry for having carried out an attack on a Wired journalist recently with all your personal details (name address and telephone number) available freely online.
Then again, some people will just never learn."

Submission + - JPMorgan Chase customers see zero balances after technical glitch (infoworld.com)

Submitted by Dainsanefh
Dainsanefh writes: March 19, 2013
JPMorgan Chase customers see zero balances after technical glitch
Customers speculated on Twitter that the bank's systems had been hacked
By John Ribeiro | IDG News Service
Print|
.

Customers of JPMorgan Chase reported seeing zero balances in their accounts both online and on mobile, and speculated that the bank's systems had been hacked into.

The bank however clarified late Monday that it was having a technology problem regarding customers' balance information that it was working to resolve.

The speculation on social networks like Twitter that the bank was hacked was probably based on DDoS (distributed denial of service) attacks that U.S. banks have faced in recent months. A group calling itself "Izz ad-Din al-Qassam Cyber Fighters," for example, launched DDoS attacks on the websites of several U.S. banks during September and October, disrupting online and mobile banking services for long periods.
Network

Submission + - Five Internet Founders Share first £1 Million Engineering 'Nobel' Prize (techweekeurope.co.uk)

Submitted by
judgecorp
judgecorp writes: "The first Queen Elizabeth Prize for Engineering, worth £1 million, has been shared by five founders of the Internet and the World Wide Web. As well as Sir Tim Berners Lee and Vint Cerf, the other recpients are Cerf's colleague Bob Kahn, creator of the Mosaic browser Marc Andreeseen, and a much less well known Frenchman, Louis Pouzin, aged 82. Working at Bell Labs, Pouzin invented the datagram protocols on which Cerf and Kahn based the TCP/IP protocols. The judges originally planned the prize for a maximum of three winners, but that had to change, thanks to the collaborative nature of the Internet. All the recipients praised their colleagues and pointed out that engineering is always a team effort “Fortunately we are still alive," joked Pouzin. “It is forty years since we did the things for which we are being honoured.” Awarded in the UK, the prize is an international effort to create an engineering counterpart to the Nobels. The judgesconsidered entries from 65 countries."
Software

Submission + - Miguel de Icaza Helps Windows Developers Go iOS (xconomy.com)

Submitted by Anonymous Coward
An anonymous reader writes: Miguel de Icaza is at it again. The open source guru who led the Gnome and Mono projects is now talking about the mobile platform wars. De Icaza, who has a history of being anti-Apple, says he originally “dismissed” the iPhone as marketing fluff, but has come around to its charms. And he sees Microsoft remaining a distant third in what he calls the “two-horse race” in mobile between Apple and Google. His latest startup, Xamarin, helps Windows developers write iOS and Android apps in C#, which de Icaza argues makes for more creative and less buggy software. (Xamarin’s most recent release lets developers do this all in Visual Studio.) Is this the death knell for Windows Phone?
Medicine

Submission + - 1 in 3 Seniors Now Dies with Dementia

Submitted by
Hugh Pickens writes
Hugh Pickens writes writes: "Serena Gordon reports that new report finds that one in every three seniors now dies while suffering from Alzheimer's or another form of dementia. Even more concerning is that the Alzheimer's Association estimates that by 2050, nearly 14 million people will have Alzheimer's disease up from 5 million today. "Alzheimer's disease is a public health crisis that is here," says Beth Kallmyer. "One in three seniors is dying with Alzheimer's or another dementia. For other major diseases, the death rate is going down because the federal government funds and invests in research. We have not seen that same commitment for Alzheimer's disease." The US government currently funds about $500 million in Alzheimer's research, according to Kallmyer. In comparison, heart disease receives about $4 billion in research funding and cancer gets about $6 billion (PDF). Dr. Brian Appleby says while current treatments won't cure or reverse the disease, they can increase the amount of time until someone needs nursing home care. Right now, he says, the focus is on trying to prevent Alzheimer's disease from occurring. Alzheimer's disease is really a chronic illness. It starts decades before we see the symptoms," Appleby says. The best advice to potentially prevent Alzheimer's disease is to keep your heart healthy. That means quitting smoking, eating healthy, maintaining a healthy weight and getting regular exercise. It also means staying active mentally, Appleby added."

Submission + - Where Can You Find An Electric Vehicle Charging Network? In Estonia (txchnologist.com)

Submitted by
MatthewVD
MatthewVD writes: "How hard can it be to find an electric car charger? So hard that New York Times reporter David Broder had to drive in circles and drain his Tesla's battery. Charging infrastructure has been ultimate chicken or egg problem for electric cars adoption but finally, there's a good test case. In Estonia, drivers need to travel only 37 miles to reach a CHAdeMO quick charger. There are 165 of the direct current plug-in chargers, that can charge a car’s lithium battery in 30 minutes for an average cost of $3.25. The question now is, will the electric vehicles follow?"
EU

Submission + - EU Study: Piracy Doesn't Hurt Online Music Sales (itworld.com) 1

Submitted by
jfruh
jfruh writes: "Many Slashdotters have long contended that pirated music isn't really biting into artists' revenues because people who illegally download music would not have bought it if piracy weren't an option. Now a study by the European Commission's Joint Research Centre, examining the habits of 16,000 European citizens, has come to the same conclusion."
Censorship

Submission + - Bloggers could face fines for Libel under new UK legislation (guardian.co.uk)

Submitted by Diamonddavej
Diamonddavej writes: The Guardian newspaper warns that Bloggers in the UK could face costly fines for libel with exemplary damages imposed if they do not sign up with a new press regulator under legislation (Clause 21A — Awards of exemplary damages) recommended by The Leveson Inquiry into press behaviour and ethics. Kirsty Hughes, the chief executive of Index on Censorship, said this a "sad day" for British democracy, “This will undoubtedly have a chilling effect on everyday people's web use". Exemplary damages, imposed by a court to penalise publishers who remain outside regulation, could run into hundreds of thousands of pounds, easily enough to close down smaller publishers such as Private Eye and local newspapers. Harry Cole, who contributes to the Guido Fawkes blog says he does not want to join a regulator, he hopes his blog will remain as irreverent and rude as ever, and continue to hold public officials to account; it's servers are located in the US. Members of Parliament voted on Clause 21A late last night, it passed 530 to 13.
Government

Submission + - FinSpy C&C Servers Found in 25 Countries Including Canada, Australia, India, (paritynews.com)

Submitted by hypnosec
hypnosec writes: FinFisher spyware a.k.a. FinSpy has been updated to evade detection techniques over the last few months and has managed to increase its foothold in as many as 25 countries warn security researchers over at Toronto University’s Munk School of Global Affairs. The team of researchers has been tracking the spyware for over a year now and have found traces of the ‘lawful interception’ tool in as many as 25 courtiers with a total of 36 command and control servers. According to the researchers FinSpy has been changing tactics and behavior over the last few months, since October to be precise, in a bid to evade detection. The new countries that showed up on the list were Bangladesh, Canada, India, Malaysia, Mexico, Serbia and Vietnam. Previous studies pinpointed the spyware in 10 countries.

Submission + - Supreme Court Upholds First Sale Doctrine (salon.com) 1

Submitted by
langelgjm
langelgjm writes: "In a closely-watched case, the U.S. Supreme Court today vindicated the first-sale doctrine, declaring that it "applies to copies of a copyrighted work lawfully made abroad." The case involved a Thai graduate student in the U.S. who sold cheap foreign versions of textbooks on eBay without the publisher’s permission. The 6-3 decision has important implications for goods sold online and in discount stores. Justice Stephen Breyer said in his opinion (PDF) that the publisher lost any ability to control what happens to its books after their first sale abroad."

Slashdot Top Deals