Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Submission + - NSA Planned to Hijack Google App Store to Hack Smartphones (firstlook.org)

Submitted by Advocatus Diaboli
Advocatus Diaboli writes: "The National Security Agency and its closest allies planned to hijack data links to Google and Samsung app stores to infect smartphones with spyware, a top-secret document reveals. The surveillance project was launched by a joint electronic eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies from each of the countries in the “Five Eyes” alliance — the United States, Canada, the United Kingdom, New Zealand and Australia."

"The newly published document shows how the agencies wanted to “exploit” app store servers – using them to launch so-called “man-in-the-middle” attacks to infect phones with the implants. A man-in-the-middle attack is a technique in which hackers place themselves between computers as they are communicating with each other; it is a tactic sometimes used by criminal hackers to defraud people. In this instance, the method would have allowed the surveillance agencies to modify the content of data packets passing between targeted smartphones and the app servers while an app was being downloaded or updated, inserting spyware that would be covertly sent to the phones."

Submission + - Takata announces largest auto recall ever (cnn.com)

Submitted by The Grim Reefer
The Grim Reefer writes: Takata is nearly doubling the size of its already massive recall for faulty airbags, making it the largest auto recall in history.

The company has already recalled airbags used in about 18 million vehicles for the problem. This move will bring that number up to about 34 million autos. That is nearly one out of every seven cars on U.S. roads today.

The recall is one of the largest consumer product recalls ever.

At least five U.S. deaths and one in Malaysia have been tied to the faulty airbags. But Japanese auto parts maker Takata, the world's No 4 maker of airbags, has previously resisted demands by regulators to get all the affected airbags off the road.

here's a list of car models, and model years, already known to use the recalled Takata airbags.

Submission + - Open source is about more than cost savings (opensource.com)

Submitted by Anonymous Coward
An anonymous reader writes: I recently stumbled upon a piece discussing the cost of cloud, and it made me realize that people still seem to mistakenly believe that open source is just about cost savings. Often times, when asked to explain the reasons for going open source, rarely is cost at the top of the list—it’s perceived as a more long-term benefit, ultimately, but certainly not expected in the initial ramp up of open source projects.

The move to open source technology is a much more fundamental shift, and represents a trend that is starting to cross industries, even the most traditional ones, from financial services through telcos. It’s the shift from proprietary to open and intelligently crowd-sourced better code, and technology overall.

Submission + - Coffin remains tell life story of ancient sun-worshiping priestess (sciencemag.org)

Submitted by sciencehabit
sciencehabit writes: Once upon a time in the Bronze Age, a girl was born to a family of sun worshipers living in the Black Forest of what is today Germany. When she was young she became a priestess in the local sun cult, and soon attracted the eye of a tribal chief who lived far to the north. The girl’s family married her off, and she went to live with the chief in what is now Denmark. She often traveled back and forth between Denmark and her ancestral home and eventually gave birth to a child while she was away. Sometime before her 18th birthday, she and the child died. They were buried together in an oak coffin, the young woman wearing a bronze belt buckle in the shape of the sun.

How do we know? A new study of the 3400-year-old girl’s chemical isotopes, along with more conventional archaeological evidence, tells us so. At least, these are the conclusions of scientists who recently analyzed the teeth, fingernails, hair, and clothes of the Egtved Girl, so named for the Danish village where archaeologists first discovered her in 1921.

Submission + - US Proposes Tighter Export Rules for Computer Security Tools

Submitted by itwbennett
itwbennett writes: The U.S. Commerce Department has proposed tighter export rules for computer security tools and could prohibit the export of penetration testing tools without a license. The proposal would modify rules added to the Wassenaar Arrangement in 2013 that limit the export of technologies related to intrusion and traffic inspection. The definition of intrusion software would also encompass 'proprietary research on the vulnerabilities and exploitation of computers and network-capable devices,' the proposal said.

Comment Re:Alternatives? (Score 1) 501

by jlechem (#45124627) Attached to: Lessons From the Healthcare.gov Fiasco
How many homeless file a tax return to begin with? I bet most of them don't have a drivers license or know their SSN number. You have to some kind of mailing address or permanent residence for these things. The people I think it would hit hardest by being online are the elderly and working poor. But they can always call the toll free number and talk to a person.
Mars

4-Billion-Pixel Panorama View From Curiosity Rover 101

Posted by samzenpus from the take-a-look dept.
A reader points out that there is a great new panorama made from shots from the Curiosity Rover. "Sweep your gaze around Gale Crater on Mars, where NASA's Curiosity rover is currently exploring, with this 4-billion-pixel panorama stitched together from 295 images. ...The entire image stretches 90,000 by 45,000 pixels and uses pictures taken by the rover's two MastCams. The best way to enjoy it is to go into fullscreen mode and slowly soak up the scenery — from the distant high edges of the crater to the enormous and looming Mount Sharp, the rover's eventual destination."
GNOME

GNOME 3.8 Released Featuring New "Classic" Mode 267

Posted by Unknown Lamer from the extend-freely dept.
Hot on the heels of the Gtk+ 3.8 release comes GNOME 3.8. There are a few general UI improvements, but the highlight for many is the new Classic mode that replaces fallback. Instead of using code based on the old GNOME panel, Classic emulates the feel of GNOME 2 through Shell extensions (just like Linux Mint's Cinnamon interface). From the release notes: "Classic mode is a new feature for those people who prefer a more traditional desktop experience. Built entirely from GNOME 3 technologies, it adds a number of features such as an application menu, a places menu and a window switcher along the bottom of the screen. Each of these features can be used individually or in combination with other GNOME extensions."
Electronic Frontier Foundation

DOJ Often Used Cell Tower Impersonating Devices Without Explicit Warrants 146

Posted by Unknown Lamer from the bending-the-rules dept.
Via the EFF comes news that, during a case involving the use of a Stingray device, the DOJ revealed that it was standard practice to use the devices without explicitly requesting permission in warrants. "When Rigmaiden filed a motion to suppress the Stingray evidence as a warrantless search in violation of the Fourth Amendment, the government responded that this order was a search warrant that authorized the government to use the Stingray. Together with the ACLU of Northern California and the ACLU, we filed an amicus brief in support of Rigmaiden, noting that this 'order' wasn't a search warrant because it was directed towards Verizon, made no mention of an IMSI catcher or Stingray and didn't authorize the government — rather than Verizon — to do anything. Plus to the extent it captured loads of information from other people not suspected of criminal activity it was a 'general warrant,' the precise evil the Fourth Amendment was designed to prevent. ... The emails make clear that U.S. Attorneys in the Northern California were using Stingrays but not informing magistrates of what exactly they were doing. And once the judges got wind of what was actually going on, they were none too pleased:"
Networking

Misconfigured Open DNS Resolvers Key To Massive DDoS Attacks 179

Posted by Unknown Lamer from the check-your-sources dept.
msm1267 writes with an excerpt From Threat Post: "While the big traffic numbers and the spat between Spamhaus and illicit webhost Cyberbunker are grabbing big headlines, the underlying and percolating issue at play here has to do with the open DNS resolvers being used to DDoS the spam-fighters from Switzerland. Open resolvers do not authenticate a packet-sender's IP address before a DNS reply is sent back. Therefore, an attacker that is able to spoof a victim's IP address can have a DNS request bombard the victim with a 100-to-1 ratio of traffic coming back to them versus what was requested. DNS amplification attacks such as these have been used lately by hacktivists, extortionists and blacklisted webhosts to great success." Running an open DNS resolver isn't itself always a problem, but it looks like people are enabling neither source address verification nor rate limiting.

Slashdot Top Deals

And it should be the law: If you use the word `paradigm' without knowing what the dictionary says it means, you go to jail. No exceptions. -- David Jones

Close