Mercury - Slashdot User

Submission + - News Key Recovery Attacks on RC4/WEP (events.ccc.de)

Submitted by

yuhong

on Saturday January 01, 2011 @03:16AM

yuhong writes: "From the abstract: "In this paper, we present several weaknesses in the stream cipher RC4. First, we present a technique to automatically reveal linear correlations in the PRGA of RC4. With this method, 48 new exploitable correlations have been discovered. Then we bind these new biases in the PRGA with known KSA weaknesses to provide practical key recovery attacks. Henceforth, we apply a similar technique on RC4 as a black box, i.e. the secret key words as input and the keystream words as output. Our objective is to exhaustively find linear correlations between these elements. Thanks to this technique, 9 new exploitable correlations have been revealed. Finally, we exploit these weaknesses on RC4 to some practical examples, such as the WEP protocol. We show that these correlations lead to a key recovery attack on WEP with only 9,800 encrypted packets (less than 20 seconds), instead of 24,200 for the best previous attack.""

Submission + - Man hits teenager on airplane for using iPhone (blorge.com) 1

Submitted by Charlotte Web on Friday December 31, 2010 @08:32PM

Charlotte Web writes: A 68-year-old man was arrested in Idaho after punching a teenager who refused to switch off their iPhone on an airplane. "The unnamed boy ignored the flight crew's request to switch off electronic devices and instead continued playing games and listening to music," after which, the teenager says, the man went "ballastic." After their scuffle, the 68-year-old man now faces a six month jail term or a $1,000 fine. But the iPhone-using teenager "did not require medical attention and did not face any police action."

Submission + - Four IT Consultants Charged with $80MM NYC Rip-Off

Submitted by theodp on Friday December 31, 2010 @01:32PM

theodp writes: It's I-told-you-so time for Slashdot commenter frnic, who smelled a crime last March after reading that New York City had dropped $722 million on its still-under-development CityTime Attendance System. Nine months later, US Attorney Preet Bharara charged "four consultants to the New York City Office of Payroll Administration...for operating a fraudulent scheme that led to the misappropriation of more than $80 million in New York City funds allocated for an information technology project known as 'CityTime.'" Three of the four consultants were also charged — along with a consultant's wife and mother — with using a network of friends-and-family shell corporations to launder the proceeds of the fraud. Dept. of Investigations Commissioner Rose Gill Hearn called it a shame that 'supposed experts hired and paid well to protect the city's interests were exposed as the fox guarding the hen house.'

Submission + - School fundraiser bans textbooks (weberbooks.com)

Submitted by Steve1960 on Thursday December 30, 2010 @08:31PM

Steve1960 writes: Oh, the irony is killing me! Westy Self-Storage of New Jersey is holding a fundraiser for the American Association of University Women. They want people to come in and donate their used books. For your trouble, they'll give you a tax receipt. But the first rule is, no stinkin' National Geographics OR TEXTBOOKS!!! (Or, as Westy calls them, "text books.") Huh? No textbooks at a SCHOLARSHIP fundraiser? I am taking this personally. I've got a soft spot in my heart for the AAUW because I've bought lots of great textbooks (and a few doorstops) at their used book sales here in Virginia. Do they realize that some corporation has banned textbooks from their fundraisers??? No text books?? That's just a dumb rule. OK, I will concede this: most of the time, school was boring. For me, just about ALL the time. But banning textbooks for the rest of your life? That's a little extreme, I think. Maybe Westy is getting tired of people showing up with crap they don't want anymore. But, seriously, banning textbooks?

Submission + - Solar cells integrated in microchips (gizmag.com)

Submitted by cylonlover on Thursday December 30, 2010 @08:18PM

cylonlover writes: In a new, more efficient approach to solar powered microelectronics, researchers have produced a microchip which directly integrates photovoltaic cells. While harnessing sunlight to power microelectronics isn't new, conventional set-ups use a separate solar cell and battery. What sets this device apart from is that high-efficiency solar cells are placed straight onto the electronics, producing self-sufficient, low-power devices which are highly suitable for industrial serial production and can even operate indoors.

Submission + - One tip enough to put name on terrorist watch list (washingtonpost.com) 1

Submitted by Frosty Piss on Thursday December 30, 2010 @05:13PM

Frosty Piss writes: As a result of the US Government’s complete failure to investigate credible warnings about "Underwear Bomber" Umar Farouk Abdulmutallab from none other than Abdulmutallab’s father, senior American counterterrorism officials say they have altered their criteria so that a single-source tip can lead to a name being placed on the watch list. But civil liberties groups warn that it is now even more likely that individuals who pose no threat will be swept up in the America’s security apparatus, leading to potential violations of their privacy and making it difficult for them to travel. 'They are secret lists with no way for people to petition to get off or even to know if they're on,' said Chris Calabrese, legislative counsel for the American Civil Liberties Union.

Submission + - microUSB cellphone charger becomes EU standard (blogtechnical.com)

Submitted by Anonymous Coward on Thursday December 30, 2010 @04:10PM

An anonymous reader writes: The European Commission has put into effect a June 2009 agreement stating that major cellphone manufacturers should standardize their charging/data connection ports to the popular microUSB format. CEN-CENELEC and ETSI provided the standards by which these 14 companies will abide by to make cell phone recharging and data transfer easy.

Submission + - A List of the Top 10 Security Top 10 Lists :-) (threatpost.com)

Submitted by chicksdaddy on Thursday December 30, 2010 @03:43PM

chicksdaddy writes: Top 10 lists are really like editorial Happy Meals — conceptual packages that say to the reader "You don't have to do anything — we've got everything you need behind this one link!" The problem is that Top 10 lists, like most other things, are subject to abuse and over use. These days, Web publishers use them throughout the year to attract attention to a particular idea, but they really rain down on readers with the advent of the New Year and our (natural) tendency to want to look back and imagine the future, simultaneously. The IT security space is no different. Even though computer security is just one slim branch on the vast oak tree that is Web publishing, there are still Top 10-, Best Of and prediction lists flying at readers from all quarters. What you really need is for someone to read them through them all, then mash together --err..."curate" — a list of the best. That's what the editors at Threatpost have done with their Top 10 Security Top 10 Lists...list?! Among the selections: lists from zScaler and Websense, two lists of security screw ups, and the sexiest IT security geeks. Enjoy!

Submission + - The XM-25: How Can We Lose with Such Cool Stuff?

Submitted by

Pickens

on Thursday December 30, 2010 @03:29PM

Pickens writes: "Gary Brecher, the "War Nerd," writes that XM-25, an Individual Air Burst Weapon with a range of roughly 2,300 feet that shoots 25mm fragmentation grenades that explode at a pre-set distance, is being hyped as a “game-changing” weapon that will literally blow the Taliban out of their hiding places and turn the tide in Afghanistan. The XM-25’s laser sight measures the distance to the target and lets the soldier set his rounds to explode before, on, or behind the target so, if you’re trying to kill a sniper in an Iraqi house, you set the shells to explode one meter inside the window. "But even if it [works], it won’t be a “game-changer” in either of our wars, because irregular wars like Iraq and Afghanistan aren’t decided by superior weaponry," writes Brecher. What it will do is force an accelerated evolution in the same direction guerrilla war’s been evolving for more than 100 years: away from trying to fight the invading army on its own terms and toward assassination, bombs, and betrayal. According to the US Army’s own newspaper, IEDs now account for 75 percent of American casualties in Afghanistan. "And unfortunately, the only effect a gee-whiz weapon like the XM25 is likely to have is raising that figure closer to 100 percent.""

Submission + - Democrats Crowdsourcing to Vote Palin in Primaries (primariesforpalin.com) 1

Submitted by SharpieMarker on Thursday December 30, 2010 @02:25PM

SharpieMarker writes: In what could be the most extreme and influential crowdsourcing project ever, Democrats are beginning to organize to purposely vote for Palin in the 2012 Republican primaries. Their theory is by having Palin as an opponent, Obama will have the best odds at winning reelection. Recent polls have shown that Obama comfortably leads Palin by 10-20 points, but Obama is statistically tied with Romney and barely ahead of Huckabee. They even have a state-by-state primary voting guide to help Democrats navigate various states' rules for voting Palin in Republican primaries.

Submission + - Do Sleepy Surgeons Have a Right to Operate?

Submitted by

Hugh Pickens

on Thursday December 30, 2010 @01:13PM

Hugh Pickens writes: "BusinessWeek reports that a commentary from the New England Journal of Medicine calls on doctors to disclose when they're deprived of sleep and not perform surgery unless a patient gives written consent after being informed of their surgeon's status. "We think that institutions have a responsibility to minimize the chances that patients are going to be cared for by sleep-deprived clinicians," writes Dr. Michael Nurok, an anesthesiologist and intensive care physician. Research suggests that sleep deprivation impairs a person's psychomotor skills — those that require coordination and precision — as much as alcohol consumption and increases the risk of complications in patients whose surgeons failed to get much shuteye. Unlike other practice areas, elective surgery is potentially amenable to rescheduling, although many competing interests influence that possibility, even when all parties stand to gain by avoiding errors and complications and improving outcomes. Some hospitals try to reduce the likelihood that physicians will lose sleep due to their work schedules. However, "a lot of institutions are not going to be able to take that leap immediately, so as an interim step, we believe that patients need to be informed," Nurok said. "Sleep deprivation affects clinical performance. It increases the risks of complications. And it is clear from survey data that patients would want to be informed if their physician was sleep-deprived and that most patients would request a different provider.""

Submission + - 'Zombie' Satellite Returns to Life (space.com) 4

Submitted by realperseus on Thursday December 30, 2010 @01:04PM

realperseus writes: The American telecommunication satellite, Galaxy 15, has been brought under control after spending most of the year traversing the sky, reeking havoc upon its neighbors. The satellite is currently at 98.5 west (from 133 west). An emergency patch was successfully uploaded, insuring that the conditions which caused it to "go rouge" will not occur again. Once diagnosis and testing have been completed, Intelsat plans to move the satellite back to 133 west.

Submission + - Sophisticated New Android Trojan Discovered (securityweek.com) 1

Submitted by wiredmikey on Thursday December 30, 2010 @01:30AM

wiredmikey writes: Security researchers have discovered a new sophisticated Trojan that has emerged in China that is affecting Android devices which can compromise a significant amount of personal data on a user’s phone and send it to remote servers.

Researchers from Lookout Mobile which discovered the Trojan, say the mobile malware is “The most sophisticated Android malware we’ve seen to date, Geinimi is also the first Android malware in the wild that displays botnet-like capabilities. Once the malware is installed on a user’s phone, it has the potential to receive commands from a remote server that allow the owner of that server to control the phone.”

What makes the Trojan different than most “standard” mobile malware is that Geinimi is being “grafted” onto repackaged versions of legitimate applications, primarily games, and distributed in third-party Chinese Android app markets...

Submission + - VOIP now technically illegal in China (people.com.cn)

Submitted by ironfrost on Thursday December 30, 2010 @12:37AM

ironfrost writes: A recent ruling by China's Ministry of Industry and Information Technology (MIIT) has declared that VOIP services are illegal, except for the ones operated by state-owned telecom operators China Telecom and China Unicom. According to the article, "the decision is expected to make Skype, UUCall and other similar services unavailable in China", and is widely seen as a way to protect the traditional telecom operators' profits. Here's a more in-depth story in Chinese (Google Translate version).

Submission + - "The Angry Aughts" 1

Submitted by ImWithBrilliant on Wednesday December 29, 2010 @10:11PM

ImWithBrilliant writes: This decade is winding down with an editorial calling it the Angry Decade as 9/11, wars, etc. converge with social media for instantly expressing anger or instantly angering multitudes. I recall netiquette of the '80's and the 24-hour cool-off rule in the '90's, and this certainly won't be the decade of decorum. Slashdot discussions don't even cycle through most time zones, yet moderates anonymous/voluminous postings into a usable format. Care to comment quickly or emotionally?

Slashdot Top Deals