54829169
submission
Taco Cowboy writes:
A Russian foreign ministry statement said most of the 74 people onboard will be rescued by air after icebreakers failed due to poor visibility
It is hoped most of the 74 people on the Academician Shokalskiy will be picked up by the Chinese helicopter, leaving as few as possible onboard.
A Russian foreign ministry statement, cited in an AFP report, said: “A decision has been reached to evacuate 52 passengers and four crew members by helicopter from China’s Xue Long ship, should the weather allow.”
54828983
submission
Trailrunner7 writes:
Cryptographer, developer and activist Jacob Appelbaum took to the pages of Germany’s Der Speigel and the keynote dais of the 30th Chaos Communication Congress this weekend to deliver a damning expose of the catalog of backdoors, monitoring programs and products that potentially have and could be compromised by the National Security Agency.
Appelbaum’s hour-long keynote, culled from top-secret agency documents provided by Edward Snowden and written about in the German publication, described the scale of surveillance the NSA has and hopes to achieve worldwide.
“Their goal is to have total surveillance of everything they’re interested in. There really is no boundary to what they want to do,” Appelbaum said. “There is only sometimes a boundary of what they are funded to do and the amount of things they are able to do at scale. They seem to do [those things] without thinking too much about it. And there are specific tactical things where they have to target a group or individual, and those things seem limited either by budgets or simply by their time.”
54640651
submission
astroengine writes:
Through the technique of microlensing, a candidate exomoon has been discovered in orbit around a free-floating planet about 1,600 light-years away toward the galactic bulge. The microlensing event, MOA-2011-BLG-262, was detected by the MOA-II telescope at Mt. John University Observatory (MJUO) in New Zealand and it appears to have a mass of approximately half that of Earth. The host planet is around 4 times the mass of Jupiter. Unfortunately there cannot be further studies of his particular exoplanet-exomoon pair (as microlensing events are transient and random), so the astronomers who made the discovery are remaining cautious and point out that although the exoplanet-exomoon model fits the data the best, there's a possibility that the lensing object may have been a more distant star with a massive exoplanet in tow. Microlensing surveys are, however, sensitive to low mass exoplanets orbiting massive free-floating planets, so this is a tantalizing first-detection. The study's pre-print publication has been uploaded to the arXiv.
54639719
submission
Trailrunner7 writes:
One of the key tenets of the argument that the National Security Agency and some lawmakers have constructed to justify the agency’s collection of phone metadata is that the information it’s collecting, such as phone numbers and length of call, can’t be tied to the callers’ names. However, some quick investigation by some researchers at Stanford University who have been collecting information voluntarily from Android users found that they could correlate numbers to names with very little effort.
The Stanford researchers recently started a program called Metaphone that gathers data from volunteers with Android phones. They collect data such as recent phone calls and text messages and social network information. The goal of the project, which is the work of the Stanford Security Lab, is to draw some lines connecting metadata and surveillance. As part of the project, the researchers decided to select a random set of 5,000 numbers from their data and see whether they could connect any of them to subscriber names using just freely available Web tools.
The result: They found names for 27 percent of the numbers using just Google, Yelp, Facebook and Google Places. Using some other online tools, they connected 91 of 100 numbers with names.
54552841
submission
chicksdaddy writes:
In a great example of the cybercrime "chickens coming home to roost," credit card information stolen from box retailer Target have been linked to fraudulent purchases at large retail outlets, including Target itself, the web site Krebsonsecurity.com reports. (http://krebsonsecurity.com/2013/12/cards-stolen-in-target-breach-flood-underground-markets)
Writing on Friday, Brian Krebs said that millions of the stolen cards are "flooding" underground carder web sites. Working with a source at a small New England bank, Krebs was able to identify hundreds of stolen credit card accounts being offered for sale from that bank alone on a carder site, rescator(dot)la.(http://rescator.la) The cards were being uploaded daily in batches of 100,000 or more, branded as the "Tortuga base."
A "point of purchase" analysis on 20 of stolen accounts belonging to the bank and purchased from four of the "Tortuga" dumps confirmed Target as a common reference point for the cards. Even worse: “Some of these already have confirmed fraud on them, and a few of them were actually just issued recently and have only been used at Target,” Krebs source at the bank informed him. A number of the cards were flagged for fraud after they were used to make unauthorized purchases at big box retailers, including Target, itself, he said.
After reports by Krebs about a major theft of credit cards, Target acknowledged the breach on Thursday, admitting that data on up to 40 million consumers may have been taken. (https://securityledger.com/2013/12/target-confirms-massive-breach-40-million-credit-cards-affected/)
54513173
submission
cartechboy writes:
Two guys have made a life-sized Lego car that runs on air. That's right, the 256-piston, air-powered Lego working vehicle built with half a million black and yellow Lego pieces can actually be driven up to 18 mph. It was designed and built by 20-year-old Romanian Raul Oaida in 20 months after he and his partner, Australia-based Steve Sammartino raised "tens of thousands" of crowdfunded dollars with their prospectus entitled quite simply: "Super Awesome Micro Project." The car was built in Romania and then moved to Melbourne, Australia (presumably not brick-by-brick.) In the video, the only visible non-Lego components are the gauges, wheel rims, and tires (though the wheels have Lego faces--literally.)
54444233
submission
Trailrunner7 writes:
Citizen Lab at the University of Toronto has been doing some of the most important investigations into cyber espionage and government surveillance and intrusion technologies for more than a decade. The group has revealed the GhostNet attacks as well as the extent of the government surveillance and human rights abuses in Syria, China and elsewhere. In a new interview with Threatpost, Ron Deibert, the head of Citizen Lab, talks about how deep the surveillance problem is, why the sale of intrusion technology is so dangerous and the effects of the NSA's activities.
54404479
submission
globaljustin writes:
"According to Pando , Nas and partners have invested in Coinbase, a company that lets you buy and store Bitcoin.
CBS Local reports that Childish Gambino (otherwise known as Donald Glover from Community) are believers. Glover seems to think we're still on the gold standard and that it should be replaced with Bitcoins..."
So...is this good for Bitcoin?
54300809
submission
Trailrunner7 writes:
The NSA surveillance scandal has created ripples all across the Internet, and the latest one is a new effort from the IETF to change the way that encryption is used in a variety of critical application protocols, including HTTP and SMTP.
The new TLS application working group was formed to help developers and the people who deploy their applications incorporate the encryption protocol correctly. TLS is the successor to SSL and is used to encrypt information in a variety of applications, but is most often encountered by users in their Web browsers. Sites use it to secure their communications with users, and in the wake of the revelations about the ways that the NSA is eavesdropping on email and Web traffic its use has become much more important. The IETF is trying to help ensure that it’s deployed properly, reducing the errors that could make surveillance and other attacks easier.
53992219
submission
Trailrunner7 writes:
If you’re still wondering when the future will get here, stop looking to the skies for flying cars and look down at your iPhone the next time you walk into an Apple store. The company has just kicked off a new in-store tracking initiative that uses Bluetooth to push offers and notifications to customers as they wander through the aisles looking at Beats headphones and One Direction phone cases.
Known as iBeacon, the system uses Bluetooth Low Energy (BLE) to push notifications to users in the store who are carrying iOS 7 devices with the Apple Store app installed. Users must allow the app to track them in order to receive the notifications, but once that option is enabled, a user might find herself receiving offers for a short-term discount on a particular product or an upgrade to a new iPhone.
53988713
submission
tsu doh nimh writes:
In early October, news leaked out of Russia that authorities there had arrested and charged the malware kingpin known as "Paunch," the alleged creator and distributor of the Blackhole exploit kit. Today, Russian police and computer security experts released additional details about this individual, revealing a much more vivid picture of the cybercrime underworld today. According to pictures of the guy published by Brian Krebs, if the Russian authorities are correct then his nickname is quite appropriate. Paunch allegedly made $50,000 a month selling his exploit kit, and worked with another guy to buy zero-day browser exploits. As of October 2013, the pair had budgeted $450,000 to purchase zero-days. From the story: "The MVD estimates that Paunch and his gang earned more than 70 million rubles, or roughly USD $2.3 million. But this estimate is misleading because Blackhole was used as a means to perpetrate a vast array of cybercrimes. I would argue that Blackhole was perhaps the most important driving force behind an explosion of cyber fraud over the past three years. A majority of Paunchâ(TM)s customers were using the kit to grow botnets powered by Zeus and Citadel, banking Trojans that are typically used in cyberheists targeting consumers and small businesses."
53949793
submission
Trailrunner7 writes:
In response to the growing set of revelations about the NSA’s surveillance methods and alleged compromise of some large technology vendors’ services, Microsoft is taking a number of steps to try and reassure customers about the integrity of the company’s offerings and to greatly expand the use of encryption across its services.
Microsoft said that in the next few months it will be improving and expanding its use of encryption, specifically in its cloud services such as Azure, Outlook.com and Office 365. The company recently announced that it would be improving the encryption services on Office 365, but this new initiative goes well beyond that effort. Microsoft will be implementing Perfect Forward Secrecy on its cloud service and also will be moving to 2048-bit keys. This applies to data in transit between customers and Microsoft’s servers, but it also will be applied to information moving among the company’s data centers.
“Bing still doesn’t offer SSL as an option. So will they finally change that? One of the things they said in this announcement is that they’ll be using best-in-class encryption, but that means more than just an algorithm. It means things like HSTS [HTTP Strict Transport Security] and certificate pinning,” Chris Soghoian of the ACLU said. “Is Microsoft going to use certificate pinning in Internet Explorer?”
53850031
submission
SandmanWAIX writes:
A 40 billion dollar treaty between Australia and East Timor is going to the courts in The Hague this week with East Timor accusing the Australian spy agency ASIS of spying during the negotiations.
A former spy has turned whistleblower in the case and subsequently had his passport cancelled and his lawyers office raided. The unnamed spy (former director of technical operations) decided to come forward as the then foreign minister overseeing the treaty is now an advisor to Woodside Petroleum, Australia's largest oil and gas company.
53849545
submission
vinces99 writes:
Quantum entanglement, a perplexing phenomenon of quantum mechanics that Albert Einstein once referred to as “spooky action at a distance,” could be even spookier than Einstein perceived. Now, some physicists believe the phenomenon might be intrinsically linked with wormholes, hypothetical features of space-time that in popular science fiction can provide a much-faster-than-light shortcut from one part of the universe to another. But here’s the catch: One couldn’t actually travel, or even communicate, through these wormholes, said Andreas Karch, a University of Washington physics professor who is co-author of a paper on the research in Physical Review Letters. Quantum entanglement occurs when a pair or a group of particles interact in ways that dictate that each particle’s behavior is relative to the behavior of the others. In a pair of entangled particles, if one particle is observed to have a specific spin, for example, the other particle observed at the same time will have the opposite spin. The “spooky” part is that, as previous research has confirmed, the relationship holds true no matter how far apart the particles are – across the room or across several galaxies. If the behavior of one particle changes, the behavior of both entangled particles changes simultaneously, no matter how far away they are. Recent findings indicate that the characteristics of a wormhole are the same as if two black holes were entangled, then pulled apart. Even if the black holes were on opposite sides of the universe, the wormhole would connect them.
53848933
submission
Trailrunner7 writes:
The skies may soon be full of drones–some run by law enforcement agencies, others run by intelligence agencies and still others delivering novels and cases of diapers from Amazon. But a new project by a well-known hacker Samy Kamkar may give control of those drones to anyone with $400 and an hour of free time.
Small drones, like the ones that Amazon is planning to use to deliver small packages in short timeframes in a few years, are quite inexpensive and easy to use. They can be controlled from an iPhone, tablet or Android device and can be modified fairly easily, as well. Kamkar, a veteran security researcher and hacker, has taken advantage of these properties and put together his own drone platform, called Skyjack. The drone has the ability to forcibly disconnect another drone from its controller and then force the target to accept commands from the Skyjack drone. All of this is done wirelessly and doesn’t require the use of any exploit or security vulnerability.
