Bismillah - Slashdot User

Submission + - British government willing to block EU net neutrality deal (buzzfeed.com)

Submitted by Anonymous Coward on Wednesday May 14, 2014 @09:01AM

An anonymous reader writes: The British government has said it will block the EU's recently signed net neutrality deal if it stops it censoring the internet. The European Parliament passed net neutrality legislation last month, but member state governments have to sign off the plan before it can become law.

Submission + - New Zealand spy agency to vet network builds, provider staff. (itnews.com.au)

Submitted by Bismillah on Monday May 12, 2014 @05:11PM

Bismillah writes: The new Telecommunications (Interception Capability and Security) Act of 2013 is in effect in New Zealand and brings in several drastic changes for ISPs, telcos and service providers.

One of the country's spy agencies, the GCSB, gets to decide on network equipment procurement and design decisions, plus operators have to register with the police and obtain security clearance for some staff.

Somewhat illogically, the NZ government pushed through the law combining mandated communications interception capabilities for law enforcement, with undefined network security requirements as decided by the GCSB.

All network operators are subject to the new law, including local providers as well as the likes of Facebook, Google, Microsoft, who have opposed it, saying the new statutes clash with overseas privacy legislation.

Submission + - OpenSSH no longer has to depend on OpenSSL (gmane.org)

Submitted by ConstantineM on Wednesday April 30, 2014 @12:51PM

ConstantineM writes: What has been planned for a long time now, prior to the infamous heartbleed fiasco of OpenSSL (which does not affect SSH at all), is now officially a reality — with the help of some recently adopted crypto from DJ Bernstein, OpenSSH now finally has a compile-time option to no longer depend on OpenSSL — `make OPENSSL=no` has now been introduced for a reduced configuration OpenSSH to be built without OpenSSL, which would leave you with no legacy SSH-1 baggage at all, and on the SSH-2 front with only AES-CTR and chacha20+poly1305 ciphers, ECDH/curve25519 key exchange and Ed25519 public keys.

Submission + - Critical Infrastructure Initiative panic reaction to Heartbleed: ESR (itnews.com.au)

Submitted by Bismillah on Sunday April 27, 2014 @06:27PM

Bismillah writes: "They have backers with money, but no plan and no staff. We need to work out a way to either merge or not to step on each other," ESR believes.

ICEI being the Internet Civil Engineering Institute [site locked currently] that Eric S Raymond and others were about to launch soon, but then Heartbleed came along.

Submission + - Next-Gen Intel "Alpine Ridge" Thunderbolt Controller Detailed (techpowerup.com)

Submitted by Anonymous Coward on Monday April 21, 2014 @11:12AM

An anonymous reader writes: The controller leverages PCI-Express gen 3.0 to double bandwidth of the interface. It will launch around the same time as Intel's next-generation Core "Skylake" processors (some time in 2015), and in a typical implementation, will be wired to the CPU's root-complex, and not that of the PCH. With PCIe 3.0 x4 or PCIe 3.0 x2 links at its disposal, the controller can push data at a staggering 40 Gbps. The link can also ferry DisplayPort, HDMI 2.0, and USB 3.0 data through its link layer. That bandwidth should enable you to plug in up to two Ultra HD displays, apart from your storage array.

Submission + - OpenSSL bug allows attackers to read memory in 64k chunks (itnews.com.au)

Submitted by Bismillah on Monday April 07, 2014 @06:48PM

Bismillah writes: A potentially very serious bug in OpenSSL 1.0.1 and 1.0.2 beta has been discovered that can leak just about any information, from keys to content.

Better yet, it appears to have been introduced in 2011, and known since March 2012.

Submission + - Teenage hacker generates fake boarding passes with Apple Passbook (itnews.com.au)

Submitted by Anonymous Coward on Thursday April 03, 2014 @10:37PM

An anonymous reader writes: Teenage hacker claims to have developed a method to score free flights across Europe by generating fake boarding passes designed for Apple's Passbook app.

Submission + - AWS admits it scans Android apps to find secret keys (itnews.com.au)

Submitted by AlbanX on Monday March 31, 2014 @11:40PM

AlbanX writes: Amazon Web Services admitted it decompiles Android apps to find out if its secret keys have been accidentally hard-coded within.

An Android app developer was contacted by AWS and told his credentials had been found within an app he developed. He was asked to remove them and use temporary creds within apps in the future.

Submission + - Routing and DNS security ignored by ISPs

Submitted by Bismillah on Wednesday March 19, 2014 @01:15AM

Bismillah writes: The re-routing of Google's public DNS servers last weekend was yet another example of how easy it is to "steal the Internet" by abusing today's trust-based networks.

Problem is, ISPs don't seem to care about that, or securing DNS which is another attack vector that doesn't require compromising endusers' systems.

Why isn't more done to secure routing and DNS then?

Submission + - Aussie A-G wants enforced decryption of govt intercepted user data

Submitted by Bismillah on Sunday March 16, 2014 @07:58PM

Bismillah writes: If Attorney-General Brandis gets his way in the process of revising Australia's Telecommunications Interception Act, users and providers of VPNs and other encrypted services will by law be required to decrypt government intercepted data. Because, "sophisticated criminals and terrorists."

Across the Tasman, New Zealand already has a similar law, the Telecommunications Interception and Computer Security Act. Apparently, large Internet service providers such as Microsoft and Facebook won't be exempt from the TICSA and must facilitate interception of traffic.

Submission + - US drops link sharing charges against Barrett Brown (itnews.com.au)

Submitted by Bismillah on Wednesday March 05, 2014 @03:52PM

Bismillah writes: It seems US prosecutors agree that just publishing a link doesn't amount to transmitting actual files. Besides, publishing hyperlinks is probably protected by the First Amendment.

Brown is not out of the legal woods yet though, and still faces further charges.

Submission + - Cellsite in a backpack for emergencies launched (itnews.com.au)

Submitted by Bismillah on Thursday February 27, 2014 @07:01PM

Bismillah writes: Vodafone Foundation's Mini Instant Network cellular access site is deployable in ten minutes and can be carried on as hand luggage on commercial airliners. It's only 2G but hey...

Submission + - Making software development contracts Agile (itnews.com.au)

Submitted by Bismillah on Thursday February 27, 2014 @06:50PM

Bismillah writes: Advice from a law firm on how to structure those Agile software development contracts.

Submission + - World's largest DDoS strikes US, Europe (itnews.com.au)

Submitted by mask.of.sanity on Monday February 10, 2014 @11:36PM

mask.of.sanity writes: CloudFlare has been hit by what appears to be the world's largest denial of service attack, in an assault that exploits an emerging and frightening threat vector. The Network Time Protocol Reflection attack exploits a timing mechanism that underpins a way the internet works to greatly amplify the power of what would otherwise be a small and ineffective assault. CloudFlare said the attack tipped 400Gbps, 100Gbps larger than the previous record DDoS attack which used DNS reflective amplification.

Submission + - Is this the biggest rip-off ever built on open source? (itnews.com.au) 2

Submitted by littlekorea on Thursday February 06, 2014 @04:50PM

littlekorea writes: Australia's weather bureau has racked up bills of $38 million for a water data system, based on Red Hat Linux, MySQL and Java, that was originally scheduled to cost somewhere between $2 million and $5 million. The Bureau's supplier, an ASX-listed IT services provider SMS Management and Technology, did a good job of embedding itself in the bureau, with all changes having to be made by the original consultant that built it. Smells fishy?

Slashdot Top Deals