Comment Re:How about a novel idea... (Score 1) 372
I get the impression the in-laws died (or moved) and they are going to be living in their old house. Thus the remodeling.
Comment Re:Why can't they give us the MRI image instead? (Score 1) 66
There wasn't really much point in replying to the parent post. The guy clearly doesn't understand PET or MR, or imaging in general for that matter. Nice summary.
In conclusion, optical methods offer better resolution and specificity than tomographic methods. Also, Einstein rules.
Comment Re:Wrong affiliation (Score 1) 122
This is correct - Dr. Zha is an Associate Professor at the University of Miami.
http://www.mae.miami.edu/people/indextest.php?id=82
Comment Re:how about a library card? (Score 0) 415
Stole my reply. But +1. There's no need to buy a gadget to read more.
Comment Re:Aint no fool (Score 1) 110
Troll is also an English word...
Comment The IRS doesn't agree. (Score 2) 112
Right from the first page of the report:
"However, in view of its ongoing efforts to improve the detection of identity theft, the IRS did not agree with TIGTA’s estimate of $21 billion in potentially fraudulent refunds as a result of identity theft over the next five years."
So what DOES the IRS think?
Comment privilege escalation hole? (Score 1) 180
"privilege escalation hole" sounds like something after "friends with benefits". Just saying.
Comment Re:Brilliant PR move (Score 1) 225
The same universe where people are buying i7 laptops to browse facebook...
Comment Re:Not stupid at all (Score 2) 225
"No no, I was talking about ... uhhh..."
Comment Re:Holy funding, splatman! (Score 2) 270
Try Darkfall - an indie MMO with FPS style combat. A lot of TF2ers like it.
Comment Re:summed up in the summary (Score 5, Funny) 270
On the other hand, replying to the reply of the first poster is super cool.
Comment Re:If Poor Acquire Capital, If Not ... (Score 2) 335
More likely he's at $7/hr * 15 hrs/wk * 13 wks/summer = $1365, so now he makes something in the $47k range.
Or he just made something up off the top of his head. Kinda like we are doing now...
Submission + - Hackers Exploit Google Two-Factor Authentication Weakness (securityweek.com)
wiredmikey writes: Late last week, news broke that web security and performance startup CloudFlare was attacked, resulting in a hacker being able to successfully redirect web traffic of one of the company’s largest clients, 4Chan.org. While CloudFlare was the victim in this attack, the methods used, along with a flaw in Google’s platform, potentially exposed a large number of Google Apps for Business customers.
It turns out, the attackers utilized some crafty social engineering to gain access to CloudFlare CEO Matthew Prince's voicemail and gain access to his Gmail account. From there, the attackers exploited a weakness in Google's Two-Factor authentication security which essentially disabled the service and let the attacker in and to access CloudFlare.Com email. (His personal email was listed as an account recovery)
Once the attacker obtained access to CloudFlare email accounts, he/she able to access a password reset. After likely searching for “4Chan” the attacker was able to quickly do a password reset and gain access to 4Chan’s CloudFlare account. From there, the attacker was able to temporarily redirect traffic from 4Chan.org to the attacker’s handle on Twitter.
Late Sunday, and into Monday, Google confirmed with that an authentication flaw did exist related to its two-factor authentication process that was used in the attack.
“We fixed a flaw that, under very specific conditions, existed in the account recovery process for Google Apps for Business customers,” a Google spokesperson told SecurityWeek. “If an administrator account that was configured to send password reset instructions to a registered secondary email address was successfully recovered, 2-step verification would have been disabled in the process. This could have led to abuse if their secondary email account was compromised through some other means.”
While an authentication flaw, social engineering, and questionable account recovery methods all played a part in the attack, CloudFlare admits, in Prince’s own words, that they “did some dumb things” which enabled the attacker to login and modify some customer records to redirect traffic, leading to the attack’s success.
“One dumb thing that we did early on,” Prince said, “was that in order to make sure that emails we sent to customers were performing correctly and that nobody was abusing our email sending process, some administrators within CloudFlare were BCC’d on transactional emails that were sent to customer accounts.”
This incent leaves us with some important considerations, especially for users that have a phone number associated with a Google account. For many, it's important to realize that your Google account may only be as secure as your four-digital voicemail PIN, so even with these recent kinks, adding two-factor authentication is a good idea for an additional layer of security.
It turns out, the attackers utilized some crafty social engineering to gain access to CloudFlare CEO Matthew Prince's voicemail and gain access to his Gmail account. From there, the attackers exploited a weakness in Google's Two-Factor authentication security which essentially disabled the service and let the attacker in and to access CloudFlare.Com email. (His personal email was listed as an account recovery)
Once the attacker obtained access to CloudFlare email accounts, he/she able to access a password reset. After likely searching for “4Chan” the attacker was able to quickly do a password reset and gain access to 4Chan’s CloudFlare account. From there, the attacker was able to temporarily redirect traffic from 4Chan.org to the attacker’s handle on Twitter.
Late Sunday, and into Monday, Google confirmed with that an authentication flaw did exist related to its two-factor authentication process that was used in the attack.
“We fixed a flaw that, under very specific conditions, existed in the account recovery process for Google Apps for Business customers,” a Google spokesperson told SecurityWeek. “If an administrator account that was configured to send password reset instructions to a registered secondary email address was successfully recovered, 2-step verification would have been disabled in the process. This could have led to abuse if their secondary email account was compromised through some other means.”
While an authentication flaw, social engineering, and questionable account recovery methods all played a part in the attack, CloudFlare admits, in Prince’s own words, that they “did some dumb things” which enabled the attacker to login and modify some customer records to redirect traffic, leading to the attack’s success.
“One dumb thing that we did early on,” Prince said, “was that in order to make sure that emails we sent to customers were performing correctly and that nobody was abusing our email sending process, some administrators within CloudFlare were BCC’d on transactional emails that were sent to customer accounts.”
This incent leaves us with some important considerations, especially for users that have a phone number associated with a Google account. For many, it's important to realize that your Google account may only be as secure as your four-digital voicemail PIN, so even with these recent kinks, adding two-factor authentication is a good idea for an additional layer of security.
Submission + - Microsoft kills Zune (huffingtonpost.com) 4
Ziest writes: "According to the Huffington Post, Microsoft is killing off the Zune."
Submission + - America's Secret Space Plane To Land After A Year in Orbit (dailymail.co.uk)
SomePgmr writes: "The U.S Air Force's highly secret unmanned space plane will land in June — ending a year-long mission in orbit. The experimental Boeing X37-B has been circling Earth at 17,000 miles per hour and was due to land in California in December. It is now expected to land in mid to late June. And still, no one knows what the space drone has been doing up there all this time."
