alphadogg writes "U.S. Internet service providers should take new steps to protect subscribers against cyber attacks, including notifying customers when their computers are compromised, the chairman of the FCC said Wednesday. Julius Genachowski called on ISPs to notify subscribers whose computers are infected with malware and tied to a botnet and to develop a code of conduct to combat botnets. Genachowski also called on ISPs to adopt secure routing standards to protect against Internet Protocol hijacking and to implement DNSSEC, a suite of security tools for the Internet's Domain Name System."

First time accepted submitter benrothke writes "It is said that the song Wipe Out launched a generation of drummers. In the world of information security, the classic Applied Cryptography: Protocols, Algorithms, and Source Code in C by Bruce Schneier may have been the book that launched a generation of new cryptographers. Schneier's latest work of art is Liars and Outliers: Enabling the Trust that Society Needs to Thrive. For those that are looking for a follow-up to Applied Cryptography, this it is not. In fact, it is hard to classify this as an information security title and in fact the book is marked for the current affairs/sociology section. Whatever section this book ultimately falls in, the reader will find that Schneier is one of the most original thinkers around." Keep reading for the rest of Ben's review.

tsu doh nimh writes "Millions of computers infected with the stealthy and tenacious DNSChanger Trojan may be spared a planned disconnection from the Internet early next month if a New York court approves a new request by the U.S. government. Meanwhile, six men accused of managing and profiting from the huge collection of hacked PCs are expected to soon be extradited from their native Estonia to face charges in the United States."

itwbennett writes "Google's new privacy policy will consolidate all your data at google.com — unless you erase it first. And today is your last day to do it. The change goes into effect tomorrow. Which is why the helpful folks at EFF have posted some simple instructions showing how to delete your web history at Google."

OverTheGeicoE writes "The Electronic Privacy Information Center has been examining the White House's proposed budget for Department of Homeland Security for 2013, and they point out that it doesn't include any money for additional airport body scanners for TSA. Did the recent scandal involving TSA workers targeting women for scans make the White House realize that TSA is a national embarrassment? Does the executive branch finally understand the questionable safety and effectiveness of these devices? Or does DHS just think it has enough scanners once TSA installs the 250 new scanners in this year's budget?"

Zothecula writes "If you thought WikiLeaks was a disruptive idea, the transparency grenade is going to blow you away. This tiny bit of hardware hidden under the shell shaped like a classic Soviet F1 hand grenade allows you to leak information from anywhere just by pulling a pin. The device is essentially a small computer with a powerful wireless antenna and a microphone. Following 'detonation,' the grenade intercepts local network traffic and captures audio data, then makes the information immediately available online."

itwbennett writes "In response to Microsoft's claim that Google circumvented Internet Explorer privacy protections (following the discovery that Google also worked around Safari's privacy settings), Google on Monday said that IE's privacy protection, called P3P, is impractical to comply with."

mbstone writes "Arvind Narayana writes: What if authors can be identified based on nothing but a comparison of the content they publish to other web content they have previously authored? Naryanan has a new paper to be presented at the 33rd IEEE Symposium on Security & Privacy. Just as individual telegraphers could be identified by other telegraphers from their 'fists,' Naryanan posits that an author's habitual choices of words, such as, for example, the frequency with which the author uses 'since' as opposed to 'because,' can be processed through an algorithm to identify the author's writing. Fortunately, and for now, manually altering one's writing style is effective as a countermeasure." In this exploration the algorithm's first choice was correct 20% of the time, with the poster being in the top 20 guesses 35% of the time. Not amazing, but: "We find that we can improve precision from 20% to over 80% with only a halving of recall. In plain English, what these numbers mean is: the algorithm does not always attempt to identify an author, but when it does, it finds the right author 80% of the time. Overall, it identifies 10% (half of 20%) of authors correctly, i.e., 10,000 out of the 100,000 authors in our dataset. Strong as these numbers are, it is important to keep in mind that in a real-life deanonymization attack on a specific target, it is likely that confidence can be greatly improved through methods discussed above — topic, manual inspection, etc."

Orome1 writes "After creating the 'Decaptcha' software to solve audio CAPTCHAs, Stanford University's researchers modified it and turned it against text and, quite recently, video CAPTCHAs with considerable success. Video CAPTCHAs have been touted by their developer, NuCaptcha, as the best and most secure method of spotting bots trying to pass themselves off as human users. Unfortunately for the company, researchers have managed to prove that over 90 percent of the company's video CAPTCHAs can be decoded by using their Decaptcha software in conjunction with optical flow algorithms created by researchers in the computer vision field of study."

judgecorp writes "The UK government is proposing a law that would require phone and Internet companies to store information on all communications, and hand it to the security services when required. The Communications Capabilities Development Programme (CCDP) abandoned by the last government is back on the table, proposed as a means to increase security, and likely to be pushed through before the Olympics in London, according to reports."

Hugh Pickens writes "As you weave through interstate traffic, you're unlikely to notice a plain-looking Peterbilt tractor-trailer or have any idea that inside the cab an armed federal agent operates a host of electronic countermeasures to keep outsiders from accessing his heavily armored cargo: a nuclear warhead. Adam Weinstein writes that the Office of Secure Transportation (OST) employs nearly 600 couriers to move bombs, weapon components, radioactive metals for research, and fuel for Navy ships and submarines between a variety of labs, reactors and military bases. Hiding nukes in plain sight and rolling them through major metropolitan centers raises a slew of security and environmental concerns, from theft to terrorist attack to radioactive spills. 'Any time you put nuclear weapons and materials on the highway, you create security risks,' says Tom Clements, a nuclear security watchdog for Friends of the Earth. For security, cabs are fitted with custom composite armor and lightweight armored glass, a redundant communications system that links the convoys to a monitoring center in Albuquerque, and the driver has the ability to disable the truck so it can't be moved or opened. The OST hires military veterans, particularly ex-special-operations forces (PDF), who are trained in close-quarters battle, tactical shooting, physical fitness, and shifting smoothly through the gears of a tractor-trailer. But accidents happen. In 1996, a driver flipped his trailer on a two-lane Nebraska hill road after a freak ice storm, sending authorities scrambling to secure its payload of two nuclear bombs; and in 2003, two trucks operated by private contractors had rollover accidents in Montana and Tennessee while hauling uranium hexafluoride, a compound used to enrich reactor and bomb fuel."

alphadogg writes "GSM cellular networks leak enough location data to give third-parties secret access to cellphone users' whereabouts, according to new University of Minnesota research. 'We have shown that there is enough information leaking from the lower layers of the GSM communication stack to enable an attacker to perform location tests on a victim's device. We have shown that those tests can be performed silently without a user being aware by aborting PSTN calls before they complete,' write the authors, from the College of Science and Engineering, in a paper titled 'Location Leaks on the GSM Air Interface' (Pdf). The researchers are working with carriers and equipment makers, including AT&T and Nokia, to address the security issues."

wiredmikey writes "The popular free security tool HijackThis has been open sourced by its owner, Trend Micro. The tool scans systems to find settings that may have been modified by spyware, malware or other programs that have wiggled their way onto a system and caused problems. Downloaded over 10 million times, HijackThis generates reports to help users analyze and fix an infected or problem computer. But the tool is not designed for novices – and doesn't actually determine what's good or bad. That's up to you, but it is a good way to keep an eye on things and possibly locate anomalies that may have been missed by other security products. Trend Micro warns that if you don't know what you're doing, it's probably not a good idea to make any changes to your computer settings and system files. Trend Micro acquired the tool from creator Merijn Bellekom in 2007, and has offered it for free ever since, but now is making the code available to the public. The code, originally written in Visual Basic, is now officially available at Sourceforge here."

Wowsers writes "In vogue with other countries cracking down on freedom and democracy on the internet as discussed in Slashdot recently, the UK is joining in with plans to track all phone calls, text messages, email traffic and websites visited online, all to be stored in vast databases under new government anti-terror plans. As reported in The Telegraph, security services will have access to information about who has been communicating with each other on social networking sites such as Facebook, direct messages between subscribers on Twitter would also be stored, as well as communications between players in online video games. The scheme is a revised version of a plan drawn up by the ex-Labour government which would have created a central database of all the information. The idea was later dropped in favor of requiring communications providers to store the details at the taxpayers' expense."