katarn - Slashdot User

Submission + - How to Lock Down Firefox for Good (threatpost.com)

Submitted by Trailrunner7 on Thursday July 08, 2010 @01:29PM

Trailrunner7 writes: Firefox has gained a lot of ground on Internet Explorer in the last few years, thanks largely to its reputation as a more secure browser. But Firefox has more than its share of security and privacy issues, as well. Settings change all the time, and new versions break things constantly. So how do you lock the browser down without being a security expert? Here's a quick guide, developed with US-CERT, to locking down Firefox for secure surfing.

Submission + - Hack Exposes Pirate Bay User Data (krebsonsecurity.com)

Submitted by tsu doh nimh on Thursday July 08, 2010 @10:46AM

tsu doh nimh writes: Hackers from Argentina recently broke into the database for thepiratebay.org, the Internet's largest torrent search engine, exposing user names, Internet addresses, and (MD5) hashed password data on more than 4 million users, according to Brian Krebs. He interviewed the leader of the group, which is also marketing a new browser exploit kit called "Impassioned Framework," as saying they briefly considered what the information would be worth to the RIAA and MPAA, before going public with the breach. From the story: "Probably these groups would be very interested in this information, but we are not [trying] to sell it,” Russo told KrebsOnSecurity.com in a phone interview. “Instead we wanted to tell people that their information may not be so well protected.”

Submission + - Hotels the industry leader in credit card theft. (nytimes.com)

Submitted by katarn on Thursday July 08, 2010 @10:38AM

katarn writes: A study released this year found that 38 percent of the credit card hacking cases last year involved the hotel industry. At hotels with inadequate data security, the greatest amount of credit card information can be obtained using the most simplified methods. It doesn’t require brilliance on the part of the hacker. Most of the chronic security breaches in the hotel industry are the result of a failure to equip, or to properly store or transmit this kind of data, and that starts with the point-of-sale credit card swiping systems.

Submission + - Security hole in software used for school spying (wired.com)

Submitted by katarn on Tuesday May 25, 2010 @04:54PM

katarn writes: In yet another wrinkle in the case of the Pennsylvania school district accused of spying on students through their laptops, the software used by the school district has been demonstrated to have security vulnerabilities which could completely compromise any computer running the software. I can only guess the furor around incident has gained attention from security experts which wouldn't have ordinarily been received. Perhaps all publicity really isn't good publicity after all.

This story has been covered on Slashdot numerous times, as different aspects have been uncovered:
http://yro.slashdot.org/story/10/02/18/1846222/PA-School-Spied-On-Students-Via-School-Issued-Laptop-Webcams
http://yro.slashdot.org/story/10/02/20/1445216/FBI-Probing-PA-School-Webcam-Spy-Case
http://yro.slashdot.org/story/10/02/21/2010213/PA-School-Defends-Web-Cam-Spying-As-Security-Measure-Denies-Misuse?from=rss

Submission + - Hacker attacks disable cars (bbc.co.uk) 1

Submitted by katarn on Monday May 17, 2010 @10:35AM

katarn writes: In what probably isn't a great shock to us, main stream media realizes modern automobiles can be hacked in many ways. More of interest though, they were even able to disable the brakes (assumedly this was on a car with anti-lock breaks). Refreshingly, the article isn't fear mongering, and states "Cars benefit from the fact that they are (hopefully) not connected to the internet (yet) and currently are not able to be remotely accessed". One can only hope (perhaps in vain) that as cars become more connected they would be designed so that the electronics could not override the brakes. Of course once you have physical there are many ways an auto can be damaged or disabled even without being an electronics cracker. In my mind this type of attack could be much subtler and harder to detect; instead of physically cutting a brake line, the brakes could be programmed to only fail when needed the most, such as when anti-lock would normally be activated.
detect; instead of physically cutting a brake line, the brakes could be programmed to only fail when needed the most, such as when anti-lock would normally be activated.

Submission + - Pentagon hacker demands Government payback (thinq.co.uk)

Submitted by Anonymous Coward on Friday May 14, 2010 @04:19PM

An anonymous reader writes: Autistic hacker Gary McKinnon has called on the newly-elected British Government to put its money where its mouth is and tear up his extradition order.

Both David Cameron, the newly elected Prime Minister, and Nick Clegg, the Deputy Prime minister, voiced their support for McKinnon's campaign against extradition to the US on charges of hacking into US military and NASA computers, looking for evidence of UFOs.
,
Cameron's coalition partner, Clegg had even joined McKinnon's mother, Janis Sharp on a protest march.

Many politicians in the new Government rallied behind McKinnon, whose hobby-hacking from his girlfriend's flat in Wood Green, North London, attracted the attention of US military cyber intelligence agents in 2002. McKinnon was diagnosed with autism while fighting the extradition order in court.

The US extradition relied on its insistence that McKinnon had intentionally caused $700,000 of damage to their computers.

McKinnon's solicitor, Karen Todner, wrote to the Home Secretary yesterday, asking whether, the new Liberal Conservative government will act upon their previous public statements that it would be unjust to extradite Mr McKinnon.

Submission + - What Happened to Obama's Open Source Adviser (whitehouse.gov)

Submitted by gov_coder on Thursday April 29, 2010 @02:20PM

gov_coder writes: Back in January of 2009, various new articles announced that former SUN CEO, Scott McNealy was to become the Obama administration's Open Source Technology adviser. Currently, however, a search for Scott on the whitehouse.gov website yields zero results. Searching a bit more — I found that Scott is currently working on CurriWiki, a kind of wikipedia for school curriculum. So my question is what happened? Did some lobbyist block the appointment? Did Scott decide his other activities were more important? Scott, if you are out there — please tell us what happened. There are many people working in government IT, such as myself, who were really excited about the possibilities of an expanded role for open source software in government, and are now wondering what went wrong.

Submission + - The Future of Wind Power May be Underground 1

Submitted by

Hugh Pickens

on Wednesday March 10, 2010 @05:19PM

Hugh Pickens writes: "When the wind is blowing, it is usually the cheapest peaking power available, but utilities need consistent always-on power from large, cheap coal and nuclear power plants that are the backbone of the electric grid. Now Alexis Madrigal reports in Wired that operators are looking at Compressed Air Energy Storage (CAES) using abandoned mines and sandstones of the Midwest to store compressed-air that converts the intermittent motions of the air into the kind of steady power that could displace coal by taking power from a renewable energy and using it to run air compressors to pump air into an underground cave where it’s stored under pressure. When the air is released, it powers a turbine, creating electricity. “This is the first nonhydro renewables technology that can replace coal in the dispatch order,” says David Marcus, co-founder of General Compression, a new company that has received $16 million in funding from investors to build a full-scale prototype of their energy storage system which would be deployed with arrays of wind turbines. The first CAES plant in the United States actually went online in McIntosh, Alabama in 1991 where engineers created a geological pocket 900 feet long and up to 238 feet wide in a dome by pumping water into it to dissolve the rock salt. When the (briny) water was pumped back out, the salt resealed itself and they had an air-tight container. ‘We expect the CAES plant technology pioneered in Alabama to lead to widespread application in this country,” says Robert Schainker, the manager of the Electric Power Research Institute’s Energy Storage Program. ‘Three fourths of the United States has geology suitable for underground air storage. At present, more than a dozen utilities are evaluating sites for CAES application.”"

Submission + - Hackers Exploit Latest IE Zero-Day With Drive-By (computerworld.com)

Submitted by CWmike on Wednesday March 10, 2010 @04:19PM

CWmike writes: Hackers are exploiting the just-disclosed unpatched bug in Internet Explorer to launch drive-by attacks from malicious Web sites, security researchers said on Wednesday. 'This attack appears to be rather targeted at the moment, but as with other unpatched vulnerabilities in the past, this has the potential to explode now that the word is getting out,' Craig Schmugar, a threat researcher at McAfee, said in a blog post. Attacks are launched from Web sites in a classic drive-by fashion, said Schmugar and others. 'Visiting the page is enough to get infected,' Schmugar said.

Submission + - Rogue PDFs Behind 80% of Exploits in Q4 '09 (computerworld.com)

Submitted by CWmike on Tuesday February 16, 2010 @04:47PM

CWmike writes: Just hours before Adobe is slated to deliver the latest patches for its popular PDF viewer, ScanSafe announced that by its counting, malicious Adobe Reader documents made up 80% of all exploits at the end of 2009. In the first quarter of 2009, malicious PDF files made up 56% of all exploits tracked by ScanSafe. That figure climbed above 60% in the second quarter, over 70% in the third and finished at 80% in the fourth quarter. Mary Landesman, a ScanSafe senior security researcher, said, 'Attackers are choosing PDFs for a reason. It's not random. They're establishing a preference for Reader exploits." Exactly why hackers choose Adobe as their prime target is tougher to divine, however. 'Perhaps they are more successful,' she said. 'Or maybe it's because criminal attackers are human, too. We respond when we see a lot of people going after a particular product.... We all want to go after that product, too. In the attacker arena, they might be thinking, 'Gee, all these reports of Adobe Reader zero-days, maybe I should get in on them too.''

Submission + - Tutankhamun died from broken leg and malaria (dailymail.co.uk)

Submitted by arnodf on Tuesday February 16, 2010 @03:08PM

arnodf writes: Scientists have finally discovered how King Tutankhamun died, nearly a century after the boy-pharaoh's tomb was unearthed in Egypt.

A DNA study revealed today the 19-year-old died from complications from a broken leg that was exacerbated by malaria.

It also found the famous king suffered from a cleft palate and club foot and was a 'frail king who needed canes to walk.'

Submission + - Researchers Create Gold Aluminum, Black Platinum, (rochester.edu)

Submitted by O111000001100100 on Monday December 28, 2009 @05:01PM

O111000001100100 writes: Optical Scientist Chunlei Guo says transformation of any metal to any color now possible. By blasting the metal with an ultra-brief/ultra-intense femtosecond laser. During its brief burst, the laser unleashes as much power as the entire electric grid of North America does, all focused onto a spot the size of a needlepoint. This causes the metal's surface to reform with nano sized pits, globules, and strands that react to incoming light in different ways depending on the way the laser pulse sculpted the structures.

Submission + - Insurgent Attacks Follow Mathematical Pattern 6

Submitted by

Hugh Pickens

on Friday December 18, 2009 @04:42PM

Hugh Pickens writes: "Nature reports that data collected on the timing of attacks and number of casualties from more than 54,000 events across nine insurgent wars, including those fought in Iraq between 2003 and 2008 and in Sierra Leone between 1994 and 2003 suggests that insurgencies have a common underlying pattern that may allow the timing of attacks and the number of casualties to be predicted. By plotting the distribution of the frequency and size of events, the team found that insurgent wars follow an approximate power law, in which the frequency of attacks decreases with increasing attack size to the power of 2.5. That means that for any insurgent war, an attack with 10 casualties is 316 times more likely to occur than one with 100 casualties (316 is 10 to the power of 2.5). "We found that the way in which humans do insurgent wars — that is, the number of casualties and the timing of events — is universal," says team leader Neil Johnson, a physicist at the University of Miami in Florida. "This changes the way we think insurgency works." To explain what was driving this common pattern, the researchers created a mathematical model that assumes that insurgent groups form and fragment when they sense danger, and strike in well-timed bursts to maximize their media exposure. Johnson is now working to predict how the insurgency in Afghanistan might respond to the influx of foreign troops recently announced by US President Barack Obama. "We do observe a complicated pattern that has to do with the way humans do violence in some collective way," adds Johnson."

Submission + - Amanda Congdon Weighs in on Bill Gates' Tax Dodge (sometimesdaily.com) 1

Submitted by newscloud on Wednesday December 09, 2009 @07:53PM

newscloud writes: Former Rocketboom host, Amanda Congdon throws down the gavel today in Sometimesdaily's Internet Justice report on Microsoft's $1.24 billion Washington State tax dodge. Earlier today, Wa. Gov. Gregoire proposed a budget to close the state's $2.6 billion deficit which "gut[s] core services to the poor...[including] a sharp reduction in financial aid for college students and eliminating state-subsidized insurance for thousands of low-income workers, as well as aid to people who can't work because of disabilities." Local coverage of Microsoft's tax practices has increased with the launch of MicrosoftTaxDodge.com and its challenge to CEO Ballmer to open up the company's tax records. Slashdot recently reported on Microsoft's use of Washington courts to defend it's Nevada subsidiary.

Submission + - Self-Destructing Bacteria Create Better Biofuels (inhabitat.com)

Submitted by MikeChino on Wednesday December 09, 2009 @01:42PM

MikeChino writes: Researchers at Arizona State University have genetically engineered cyanobacteria to dissolve from the inside out, making it easy to access the high-energy fats and biofuel byproducts located within. To do this they combined the bacteria's genes with genes from the bacteriaphage — a so-called “mortal enemy” of bacteria that cause it to explode. Cyanobacteria have a higher yield potential than most biofuels currently being used, and this new strain eliminates the need for costly and energy intensive processing steps.

Slashdot Top Deals