Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Submission + - 81% of Tor users can be de-anonymized by analysing router information (thestack.com)

Submitted by Anonymous Coward
An anonymous reader writes: A former researcher at Columbia University’s Network Security Lab has conducted research since 2008 indicating that traffic flow software included in network routers, notably Cisco's 'Netflow' package, can be exploited to deanonymize 81.4% of Tor clients.

Professor Sambuddho Chakravarty, currently researching Network Anonymity and Privacy at the Indraprastha Institute of Information Technology, uses a technique which injects a repeating traffic pattern into the TCP connection associated with an exit node, and then compares subsequent aberrations in network timing with the traffic flow records generated by Netflow (or equivalent packages from other router manufacturers) to individuate the 'victim' client. In laboratory conditions the success rate of this traffic analysis attack is 100%, with network noise and variations reducing efficiency to 81% in a live Tor environment.

Chakravarty says: “it is not even essential to be a global adversary to launch such traffic analysis attacks. A powerful, yet non- global adversary could use traffic analysis methods [] to determine the various relays participating in a Tor circuit and directly monitor the traffic entering the entry node of the victim connection.”

Submission + - Patent troll hits major pharma company (seekingalpha.com)

Submitted by walterbyrd
walterbyrd writes: We often hear of patent trolls in the tech industry, but rarely see this from major pharma companies. However, the term applies perfectly to AbbVie's strategy to either prevent Gilead from selling Harvoni or compelling royalties. . .

AbbVie cannot commercialize Harvoni since they do not own any patents to the individual drugs that make up the combination, sofosbuvir and ledipasvir. However, it is perfectly legal to apply for and obtain "method of use" and "utility" patents for products that a company does not own and this is what ABBV has accomplished with its five patents.

Submission + - Windows Gets Patch for Ancient Flaw

Submitted by jones_supa
jones_supa writes: Via last Patch Tuesday, Microsoft patched a critical flaw in Windows that has existed in every version since the introduction of Windows 95 more than 19 years ago. IBM security researchers discovered the flaw earlier this year and notified the software giant privately in May. The rare bug allows attackers to remotely execute code on an affected system. Internet Explorer 3.0 onwards can be used as an attack vector by convincing users to visit an URL. The actual vulnerability lies in the OLE Automation library (OLEAUT32.DLL).

Comment Close, but no cookie - crowdsource it! (Score 1) 698

by LeadSongDog (#48369643) Attached to: US School Installs 'Shooter Detection' System
Thousands of dollars per school would mean a system just won't be provided to poor schools, a simply unconscionable form of economic discrimination. Fortunately there's a way better answer.
Put an app on many of those smart phones, enabled by the reverse 911 lockdown message. By the time the cops show up on scene, each such phone can have responded to report its GPS position and a half-second timestamped audio clip of the sound of (presumed) shots as heard through each classroom door. Centrally process those clips to determine the time offsets as the sound goes down the hall from one classroom to the next. You don't need to put any special hardware in the school, though having a floorplan on record would improve accuracy. Once the approach works, it can be rolled out for nearly no cost, practically overnight, everywhere that reverse 911 is in place.
I'm happy to release this idea into the public domain for anyone who'll code it as free (Libre and beer) software. Who wants to put together a quick little project?

Comment Re:Perversion of the Law (Score 1) 251

by LeadSongDog (#48325729) Attached to: Undersized Grouper Case Lands In Supreme Court

This is like charging hookers with tax evasion for not filing. If prosecutors can't come up with a real charge then they need to be asking for a change in the law instead of this kind of bullshit.

Not all fishermen are hookers, many are found with fishnets. Besides, "honest judge, that fish was thiiiss big!!!"

Comment Built in Quality Assurance (Score 2) 1

It's not necessary to take the logs' accuracy entirely on faith. A sloppy or less-than-competent navigator's work showed up when he made landfall in the wrong place. The logs will show the error corrections that had to be made at those times. Checking these corrections should be enough to validate the balance of his work.

Submission + - Time to "get knotted" (sciencedirect.com)

Submitted by LeadSongDog
LeadSongDog writes: In a long-sought analysis in Phys Lett B, Itzhak Bars and Dmitry Rychkov have shown that the basic assumptions that underly Quantum Mechanics can actually be derived from M-theoretic explanations of string interactions. It all comes down to some rules on how strings are joined and split.
For those who just want the simple version: http://www.futurity.org/string...

Slashdot Top Deals

"More software projects have gone awry for lack of calendar time than for all other causes combined." -- Fred Brooks, Jr., _The Mythical Man Month_

Close