Windows

Buggy Win 95 Code Almost Wrecked Stuxnet Campaign 3

Posted by timothy
from the when-governments-attack dept.
mask.of.sanity writes: Super-worm Stuxnet could have blown its cover and failed its sabotage mission due to a bug that allowed it to spread to ancient Windows boxes, malware analysts say. Stuxnet was on the brink of failure thanks to buggy code allowing it to spread to PCs running older and unsupported versions of Windows, and probably causing them to crash as a result. Those blue screens of death would have raised suspicions at the Natanz nuclear lab.
Crime

Allegation: Philly Cops Leaned Suspect Over Balcony To Obtain Password 44

Posted by timothy
from the forget-it-jake-it's-the-city-of-brotherly-love dept.
An anonymous reader writes with this news from Ars Technica: If you want access to encrypted data on a drug dealer's digital device, you might try to break the crypto—or you might just try to break the man.

According to testimony from a police corruption trial currently roiling the city of Philadelphia, officers from an undercover drug squad took the latter route back in November 2007. After arresting their suspect, Michael Cascioli, in the hallway outside his 18th floor apartment, the officers took Cascioli back inside. Although they lacked a search warrant, the cops searched Cascioli's rooms anyway. According to a federal indictment (PDF), the officers 'repeatedly assaulted and threatened [Cascioli] during the search to obtain information about the location of money, drugs, and drug suppliers.'
That included, according to Cascioli, lifting him over the edge of his balcony to try to frighten out of him the password to his Palm Pilot. That sounds like a good time for a duress password.
Cellphones

Patents Show Google Fi Was Envisioned Before the iPhone Was Released 15

Posted by timothy
from the I-could-show-you-my-notes-from-7th-grade dept.
smaxp writes: Contrary to reports, Google didn't become a mobile carrier with the introduction of Google Fi. Google Fi was launched to prove that a network-of-networks serves smartphone users better than a single mobile carrier's network. Patents related to Google Fi, filed in early 2007, explain Google's vision – smartphones negotiate for and connect to the fastest network available. The patent and Google Fi share a common notion that the smartphone should connect to the fastest network available, not a single carrier's network that may not provide the best performance. It breaks the exclusive relationship between a smartphone and a single carrier. Meanwhile, a story at BostInno points out that Google's not the only one with a network-hopping hybrid approach to phone calls.
Earth

Bees Prefer Nectar Laced With Neonicotinoids 33

Posted by Soulskill
from the you-know-those-things'll-kill-ya dept.
Taco Cowboy writes: Neonicotinoids are a class of neuro-active insecticides chemically similar to nicotine. Neonicotinoids kill insects by overwhelming and short-circuiting their central nervous systems (PDF). Shell and Bayer started the development of neonicotinoids back in the 1980s and 1990s. Since this new group of pesticides came to market, the bee population has been devastated in regions where they have been widely used. Studies from 2012 linked neonicotinoid use to crashing bee populations.

New studies, however, have discovered that bees prefer nectar laced with neonicotinoids over nectar free of any trace of neonicotinoids. According to researchers at Newcastle University, the bees may "get a buzz" from the nicotine-like chemicals in the same way smokers crave cigarettes.
China

Github DDoS Attack As Seen By Google 23

Posted by Soulskill
from the i-can-see-my-house-from-here dept.
New submitter opensec writes: Last month GitHub was hit by a massive DDoS attack originating from China. On this occasion the public discovered that the NSA was not the only one with a QUANTUM-like capability. China has its own "Great Cannon" that can inject malicious JavaScript inside HTTP traffic. That weapon was used in the GitHub attack. People using Baidu services were unwitting participants in the denial of service, their bandwidth used to flood the website. But such a massive subversion of the Internet could not evade Google's watchful eye. Niels Provos, engineer at Google, tells us how it happened. Showing that such attacks cannot be made covertly, Provos hopes that the public shaming will act as a deterrent.
DRM

Microsoft, Chip Makers Working On Hardware DRM For Windows 10 PCs 147

Posted by Soulskill
from the just-what-users-wanted dept.
writertype writes: Last month, Microsoft began talking about PlayReady 3.0, which adds hardware DRM to secure 4K movies. Intel, AMD, Nvidia, and Qualcomm are all building it in, according to Microsoft. "Older generations of PCs used software-based DRM technology. The new hardware-based technology will know who you are, what rights your PC has, and won’t ever allow your PC to unlock the content so it can be ripped. ... Unfortunately, it looks like the advent of PlayReady 3.0 could leave older PCs in the lurch. Previous PlayReady technology secured content up to 1080p resolution using software DRM—and that could be the maximum resolution for older PCs without PlayReady 3.0." Years back, a number of people got upset when Hollywood talked about locking down "our content." It looks like we may be facing it again for 4K video.
Apple

Apple Watch Launches 121

Posted by Soulskill
from the it's-all-in-the-wrist dept.
An anonymous reader writes: The Apple Watch's release date has arrived: retailers around the world have quietly begun putting them on their shelves, and customers are beginning to receive their shipments. Reviews have been out for a while, including thoughtful ones from John Gruber and Nilay Patel. Apple has published a full user guide for the software, and iFixit has put up a full teardown to take a look at the hardware. They give it a repairability score of 5 out of 10, saying that the screen and battery are easily replaced, but not much else is. Though Apple designated the watch "water-resistant" rather than "waterproof", early tests show it's able to withstand a shower and a swim in the pool without failing. Ars has an article about the difficulty of making games for the Apple Watch, and Wired has a piece detailing its creation.
Games

How and Why the U-Pick Game Marathon Raises Money With Non-Stop Gaming (Video) 26

Posted by timothy
from the don't-tase-me-bro-it's-only-a-game dept.
On June 12 through 14th of this year, the fourth (not "fourth annual," but close) iteration of the U-Pick Video Game Marathon for Charity --“UPickVG IV” for short --will be streaming on an Internet connection near you. The U-Pick crew's volunteers will be playing and broadcasting video games, non-stop, as a fundraiser for Charity Water, a cause they've supported since the beginning. I talked with organizers Stephanie and Grant Kibler from their video-game lounge of a living room about what it takes to broadcast an online gathering like this, and why they've adopted this as an annual event. Hint: some esoteric video-capture hardware helps, and so does a beefy network connection, for high-quality streaming of games that pre-date today's multiplayer, network-oriented options. That's significant, because U-Pick's stable of titles isn't limited to modern ones, and observers are encouraged to suggest appropriate games (hence "U-Pick").The remote viewers' choices and donations influence the event by deciding which games are represented on the Wheel of Destiny that the team spins to decide which games get played.The play itself, though,*is* limited to the players who'll be on hand at a Northern Virginia co-working space that will serve as this year's venue. It turns out to be easier to stream the output of old consoles than it is to control them from remote (never mind the latency that would mean), but maybe one day participants will be able to play as well as shoulder-surf and laugh at the players' running commentary. You can check out the Upick page on Facebook, too, and watch one of their practice runs each Sunday. (Note: Video #1 talks mostly about the game play and how you can join. Video #2 - below - talks more about hardware and behind-the-scenes work.)
Government

German Intelligence Helped NSA Spy On EU Politicians and Companies 45

Posted by Soulskill
from the der-rubberschtampen dept.
An anonymous reader writes: We've known for some time already that intelligence agencies operate beyond rules, laws, and regulations. Now, we learn that the NSA and the German intelligence service, BND, lied and withheld information about misuse from the German Chancellor's Office.

"The BND realized as early as 2008 that some of the selectors were not permitted according to its internal rules, or covered by a 2002 US-Germany anti-terrorism "Memorandum of Agreement" on intelligence cooperation. And yet it did nothing to check the NSA's requests systematically. It was only in the summer of 2013, after Edward Snowden's revelations of massive NSA and GCHQ surveillance, that the BND finally started an inquiry into all the selectors that had been processed. According to Der Spiegel, investigators found that the BND had provided information on around 2,000 selectors that were clearly against European and German interests. Not only were European businesses such as the giant aerospace and defense company EADS, best-known as the manufacturer of the Airbus planes, targeted, so were European politicians—including German ones.

However, the BND did not inform the German Chancellor's office, which only found out about the misuse of the selector request system in March 2015. Instead, the BND simply asked the NSA to make requests that were fully covered by the anti-terrorism agreement between the two countries. According to Die Zeit, this was because the BND was worried that the NSA might curtail the flow of its own intelligence data to the German secret services if the selector scheme became embroiled in controversy.
Space

Wormholes Untangle a Black Hole Paradox 98

Posted by Soulskill
from the answers-in-the-gamma-quadrant dept.
An anonymous reader writes: Like initials carved in a tree, ER = EPR, as the new idea is known, is a shorthand that joins two ideas proposed by Einstein in 1935. One involved the paradox implied by what he called "spooky action at a distance" between quantum particles (the EPR paradox, named for its authors, Einstein, Boris Podolsky and Nathan Rosen). The other showed how two black holes could be connected through far reaches of space through "wormholes" (ER, for Einstein-Rosen bridges). At the time that Einstein put forth these ideas — and for most of the eight decades since — they were thought to be entirely unrelated.

But if ER = EPR is correct, the ideas aren't disconnected — they're two manifestations of the same thing. And this underlying connectedness would form the foundation of all space-time. Quantum entanglement — the action at a distance that so troubled Einstein — could be creating the "spatial connectivity" that "sews space together," according to Leonard Susskind, a physicist at Stanford University and one of the idea's main architects. Without these connections, all of space would "atomize," according to Juan Maldacena, a physicist at the Institute for Advanced Study in Princeton, N.J., who developed the idea together with Susskind. "In other words, the solid and reliable structure of space-time is due to the ghostly features of entanglement," he said. What's more, ER = EPR has the potential to address how gravity fits together with quantum mechanics.
Cloud

Amazon's Profits Are Floating On a Cloud (Computing) 71

Posted by Soulskill
from the they're-hoping-the-weather-holds dept.
HughPickens.com writes: The NY Times reports that Amazon unveiled the financial performance of its powerful growth engine for the first time on Thursday, and the numbers looked good, energized primarily by renting processing power to start-ups and, increasingly, established businesses. Amazon said in its first-quarter earnings report that its cloud division, Amazon Web Services, had revenue of $1.57 billion during the first three months of the year. Even though the company often reports losses, the cloud business is generating substantial profits. The company said its operating income from AWS was $265 million.

Amazon helped popularize the field starting in 2006 and largely had commercial cloud computing to itself for years, an enormous advantage in an industry where rivals usually watch one another closely. At the moment, there is no contest: Amazon is dominant and might even be extending its lead. Microsoft ranks a distant No. 2 in cloud computing but hopes to pick up the slack with infrastructure-related services it sells through Azure, the name of its cloud service. Amazon executives have said they expect AWS to eventually rival the company's other businesses in size. The cloud business has been growing at about 40 percent a year, more than twice the rate of the overall company and many Wall Street analysts have been hoping for a spinoff.

As for Google, the cloud was barely mentioned in Google's earnings call. Nor did the search giant offer any cloud numbers, making it impossible to gauge how well it is doing. But the enthusiasm of Eric Schmidt, Google's executive chairman, was manifest when he spoke at an event for cloud software developers this week. "The entire world will be defined by smartphones, Android or Apple, a very fast network, and cloud computing," said Schmidt. "The space is very large, very vast, and no one is covering all of it."
Security

Pentagon Discloses Network Breach By Russian Hackers 54

Posted by Soulskill
from the digital-diplomatic-incident dept.
An anonymous reader writes: The Pentagon has disclosed that Russian hackers were able to breach one of its secure networks earlier this year, and referred to the attack as a "worrisome" incident. "Earlier this year, the sensors that guard DOD's unclassified networks detected Russian hackers accessing one of our networks," said defense secretary Ash Carter yesterday during a speech at Stanford University. Carter warned Russia that the U.S. Department of Defense would retaliate with cyber campaigns should it see fit. "Adversaries should know that our preference for deterrence and our defensive posture don't diminish our willingness to use cyber options if necessary," said Carter. He added in a prepared statement that the Russian hackers had been able to gain access to an "unclassified network" but had been "quickly identified" by a team of cyberattack experts who managed to block the hackers "within 24 hours." The cybersecurity response team had quickly analyzed the hack patterns and code and identified the intruders as Russian, before "kicking them off the network."
Medicine

Surgeon Swears Human Head Transplant Isn't a 'Metal Gear Solid' Publicity Stunt 99

Posted by Soulskill
from the life-imitates-viral-marketing dept.
Jason Koebler writes: Dr. Sergio Canavero wants to become the first surgeon to perform a human head transplant. But some discerning gamers noticed that a doctor shown in the trailer for Metal Gear Solid V looks almost exactly like Canavero, leading some to speculate that it's all a viral marketing campaign for the upcoming game. Canavero, however, filed a sworn affidavit with Italian police in which he said Konami illegally stole his likeness, and that he has nothing to do with the game.
Censorship

Irish Legislator Proposes Law That Would Make Annoying People Online a Crime 97

Posted by Soulskill
from the turn-yourselves-in-at-the-local-pub dept.
An anonymous reader sends this report from TechDirt: Is Ireland looking to pass a law that would "outlaw ebooks and jail people for annoying others?" Well, no, not really, but that's the sort of unintended consequences that follow when laws are updated for the 21st century using little more than a word swap. Ireland has had long-standing laws against harassment via snail mail, telephones and (as of 2007) SMS messages. A 2014 report by the government's somewhat troublingly-named "Internet Content Governance Advisory Group" recommended updating this section of the law to cover email, social media and other internet-related transmissions. ... The broad language -- if read literally -- could make emailing an ebook to someone a criminal offense. Works of fiction are, by definition, false. ... It's the vestigial language from previous iterations of the law -- words meant to target scam artists and aggressive telemarketers -- that is problematic. Simply appending the words "electronic communications" to an old law doesn't address the perceived problem (cyberbullying is cited in the governance group's report). It just creates new problems.
Ubuntu

Ubuntu 15.04 Released, First Version To Feature systemd 344

Posted by Soulskill
from the onward-and-upward dept.
jones_supa writes: The final release of Ubuntu 15.04 is now available. A modest set of improvements are rolling out with this spring's Ubuntu. While this means the OS can't rival the heavy changelogs of releases past, the adage "don't fix what isn't broken" is clearly one 15.04 plays to. The headline change is systemd being featured first time in a stable Ubuntu release, which replaces the inhouse UpStart init system. The Unity desktop version 7.3 receives a handful of small refinements, most of which aim to either fix bugs or correct earlier missteps (for example, application menus can now be set to be always visible). The Linux version is 3.19.3 further patched by Canonical. As usual, the distro comes with fresh versions of various familiar applications.