Ars Technica reports that security researcher Rob Graham of Errata Security, after analyzing nearly 23,000 Tor connections through an exit node that Graham controls, believes that the encryption used by a majority of Tor users could be vulnerable to NSA decryption: "About 76 percent of the 22,920 connections he polled used some form of 1024-bit Diffie-Hellman key," rather than stronger elliptic curve encryption. More from the article: "'Everyone seems to agree that if anything, the NSA can break 1024 RSA/DH keys,' Graham wrote in a blog post published Friday. 'Assuming no "breakthroughs," the NSA can spend $1 billion on custom chips that can break such a key in a few hours. We know the NSA builds custom chips, they've got fairly public deals with IBM foundries to build chips.' He went on to cite official Tor statistics to observe that only 10 percent of Tor servers are using version 2.4 of the software. That's the only Tor release that implements elliptical curve Diffie-Hellman crypto, which cryptographers believe is much harder to break. The remaining versions use keys that are presumed to be weaker."
Catch up on stories from the past week (and beyond) at the Slashdot story archive
Eloquence writes "Three years ago, Musopen raised nearly $70,000 to create public domain recordings of works by Beethoven, Brahms, Mozart, Schubert, and others. Now they're running a new campaign with a simple but ambitious objective: 'To preserve indefinitely and without question everything Chopin created. To release his music for free, both in 1080p video and 24 bit 192kHz audio. This is roughly 245 pieces.'" Adds project organizer aarondunn: "His music will be made available via an API powered by Musopen so anyone can come up with ways to explore and present Chopin's life."
Calibax writes "Parallels recently released version 9 of Parallels Desktop, their popular hypervisor application for Mac. They also released a new product named Parallels Access that offers access to Windows applications from an iPad for $80 per year. Access has received less than stellar reviews. When a user upgrades Parallels Desktop, he is asked if he wants a free six-month subscription to Parallels Access. Even if he says no, the product is installed on his system and the application is started each time the system is rebooted. It is installed with ancillary files scattered around several directories in the system and Parallels has not supplied an uninstaller or listed the steps to fully uninstall the application, despite a number of requests. In other words, Parallels has decided it's a good idea to silently install a difficult to remove daemon application on the system, even if the user has explicitly stated they do not want it. They have not provided an uninstaller or a list of files installed or instructions on how to remove the application files. These are scattered to at least four Mac OS X OS system level directories."
Beeftopia writes "Researchers discovered that inserting gut bacteria from obese people into mice without gut bacteria led to the mice becoming obese. Gut bacteria from slim people inserted into the same mice did not lead to mouse obesity. The researchers concluded (abstract) that gut bacteria from the slim people were more efficient at extracting nutrients from food than those of the obese."
cold fjord writes "Another NSA story? The Wall Street Journal reports, 'The U.S. has intercepted an order from Iran to militants in Iraq to attack the U.S. Embassy and other American interests in Baghdad in the event of a strike on Syria ... U.S. officials said they are on alert for Iran's fleet of small, fast boats in the Persian Gulf ... U.S. officials also fear Hezbollah could attack the U.S. Embassy in Beirut. While the U.S. has moved military resources in the region for a possible strike, it has other assets in the area that would be ready to respond to any reprisals by Syria, Iran or its allies. ... Israel has so far been the focus of concerns about retaliation from Iran and its Lebanese militant ally Hezbollah. The commander-in-chief of Iran's elite Revolutionary Guard Corps said last week that an attack on Syria would lead to the "destruction of Israel." ... The Iranian message, intercepted in recent days, came from Qasem Soleimani, the head of Revolutionary Guards' Qods Force, and went to Iranian-supported Shiite militia groups in Iraq, according to U.S. officials.' What's interesting is this Washington Post story from 2011: Iran's Quds Force was blamed for attacks on U.S. troops in Iraq."
jjslash writes "CPU cooling units are an often-overlooked but always important side of PC building, whether you're looking to overclock or you simply want a cool-running, silent system. It's also easy to get lost if you aren't an enthusiast who keeps tabs on the best options. TechSpot has rounded up 10 high-end CPU coolers (read: huge heatsinks) including top units from Noctua, Thermalright, Xigmatek, Silverstone and Thermaltake. If you're willing to spend the cash, they rate the Noctua NH-U14S as the best overall pick. For a tighter budget, the Thermalright offerings provide the best bang for your buck."
Zothecula writes "When offshore oil drilling rigs are being installed, serviced or dismantled, the workers typically stay in cabins located on adjacent floating platforms. These semi-submersible platforms are towed into place (or travel under their own power) and then their hulls are partially filled with water, allowing them to remain somewhat stable in the pitching seas. Now, a ship is being built to serve the same purpose, but that will be a much more mobile alternative. It will keep from rolling with the waves by generating its own waves, inside its hull."
An anonymous reader writes "Fed up with piracy and the availability of cracked versions of his software, Cobalt Strike developer Raphael Mudge wrote a blog post telling people how to crack his software. Some gifts are poisoned, and Raphael goes into deep detail about how to backdoor his software and use it to distribute malware. Will this increase piracy of his software, or will it discourage would-be pirates from downloading cracked versions?"
itwbennett writes "The federal judge presiding over the U.S. electronic books case against Apple has barred the company from striking deals that would ensure that it could undercut prices of other retailers in the e-book market and also prohibited Apple from letting any one publisher know what deals the company is striking up with other publishers. For its part, Apple said it plans to appeal the ruling (PDF), denying that it conspired to fix ebook pricing. Meanwhile, Amazon is alerting customers of their potential payout, which could be as much as $3.82 for every eligible Kindle book."
KentuckyFC writes "The study of social networks has long shown that people tend to pick friends who are similar to them — birds of a feather stick together (PDF). Now a study of the genomes of almost 2000 Americans has found that those who are friends also share remarkable genetic similarities. 'Pairs of friends are, on average, as genetically similar to one another as fourth cousins,' the study concludes. By contrast, strangers share few genetic similarities. The result seems to confirm a 30-year-old theory that a person's genes causes them to seek out circumstances that are compatible with their phenotype. If that's the case, then people with similar genes should end up in similar environments and so be more likely to become friends."
An anonymous reader writes "U.S. military researchers are asking industry for ideas on a futuristic uniform for Special Operations warfighters that involves agile air-conditioned armor with embedded computers, sensors, communications radios and antennas, signal processors, wearable displays, and health-monitoring systems. Among the technologies Special Operations Command officials are interested in most (PDF) are advanced armor to protect warfighters from bullets, shrapnel, and other battlefield threats, while preserving their mobility. The suit also may involve powered or unpowered robotic exoskeletons to improve warfighter performance and endurance, while enabling the warfighter to operate silently and unseen."
sciencehabit writes "2012 was a year of extreme weather: Superstorm Sandy, drought and heat waves in the United States; record rainfall in the United Kingdom; unusually heavy rains in Kenya, Somalia, Japan, and Australia; drought in Spain; floods in China. One of the first questions asked in the wake of such extreme weather is: 'Could this due to climate change?' In a report (huge PDF) published online today, NOAA scientists tackled this question head-on. The overall message of the report: It varies. 'About half of the events reveal compelling evidence that human-caused change was a [contributing] factor,' said NOAA National Climatic Data Center Director Thomas Karl. In addition, climate scientist Peter Stott of the U.K. Met Office noted that these studies show that in many cases, human influence on climate has increased the risks associated with extreme events."
CowboyRobot writes "A Tripwire survey of 1,320 IT personnel from the U.S. and U.K. showed that most staff 'don't communicate security risk with senior executives or only communicate when a serious security risk is revealed.' The reason is that staff have resigned themselves to staying mum due to an environment in which 'collaboration between security risk management and business is poor, nonexistent or adversarial,' or at best, just isn't effective at getting risk concerns up to senior management."
An anonymous reader sends this news from the Wall Street Journal: "A 19-year-old model helicopter enthusiast was killed Thursday when a toy helicopter he was flying struck him in the head, a law-enforcement official said. Victim Roman Pirozek 'was known to be aggressive in his flying and often executed tricks. He was executing a trick when he was struck,' the official said. Mr. Pirozek – depicted in [this YouTube video] he posted in July — was flying a remote-controlled helicopter worth about $2,000 when it struck him, cutting off the top of his head, the official said. The Woodhaven, Queens, resident was pronounced dead at the scene. His father was with him at the time of the accident, the official said."
Rob @CmdrTaco Malda writes "I've been advising Epic Browser, a startup building a privacy-focused, Chrome-based browser that starts where incognito mode ends. Epic employs a host of tactics designed to make what happens inside your browser stay there, to the tune of a thousand blocks in a typical hour of browsing. They also provide a built-in proxy service. If the corporations and governments are going to watch us, there's no reason to make it any easier for them. Epic has Mac and Windows builds for now. Their site goes into far greater detail about how they block tracking methods most browsers don't."