alphatel - Slashdot User

Comment Re:We need hardware write-protect for firmware (Score 4, Informative) 324

by alphatel on Sunday March 01, 2015 @08:30AM (#49157979) Attached to: Ask Slashdot: How Does One Verify Hard Drive Firmware?

What good will physical switches do if a virus is waiting for you to flip that switch to write-enable so that it can now infect the HDD firmware? Switches would be useful if you never update the firmware. In which case, eliminate the switch and make the firmware permanently read-only. My point is, we need a more secure way to update firmware.

Unless the virus is resident in Bios, (which can also be protected in the same manner), it would be impossible to be infected if you are in a power off state, then enable your switch/jumper, power on, flash your firmware, then disable the switch/jumper after completion before booting into your OS.

In the old floppy days things were pretty much this way. Time to go back.

Submission + - Snowden Film 'Citizenfour' Wins Oscar for Best Documentary (nationaljournal.com)

Submitted by schwit1 on Monday February 23, 2015 @12:35AM

schwit1 writes: Citizenfour, a film chronicling the living history of Edward Snowden's unprecedented heist of U.S. government secrets, won the Academy Award for best documentary Sunday night—an unusual feat for a movie so critical of a sitting president's policies.

Directed by Laura Poitras, the political thriller captures Snowden in a claustrophobic Hong Kong hotel room in the days leading up to and after the release of the first of batch of classified documents that publicly revealed the sweeping scope of the National Security Agency's mass surveillance of phone and Internet communications.

Submission + - Superfish Added to Windows Defender Database (neowin.net)

Submitted by jones_supa on Friday February 20, 2015 @12:59PM

jones_supa writes: Lenovo's Superfish adware placed its own security certificate on the machine and created a local man-in-the-middle attack by intercepting encrypted traffic to inject advertisements. By nature such actions are a security threat to Windows, and this is where Microsoft has stepped in. A new definition update for Windows Defender will make it detect Superfish as potentially unwanted software and cause a security alert, with the recommended action being to remove the software immediately. This will also help to protect those who were not aware of issue or did not know how to remove the certificate. It has been noted that from Firefox the certificate has to be removed separately.

Submission + - Online black market 'Darkleaks' lets you trade secrets for bitcoin (thestack.com)

Submitted by Anonymous Coward on Thursday February 19, 2015 @01:26PM

An anonymous reader writes: An anonymous online black market site, Darkleaks, has been discovered which facilitates whistleblowing and helps blackmailers make money from selling confidential and valuable data in exchange for Bitcoin. The decentralized black marketplace is built on blockchain technology and is available to download as a free software package, with its source code published openly on code-sharing site Github. According to a blog post introducing the site, “there is no identity, no central operator and no interaction between leaker and buyers.” This anonymity is assured through blockchain which encrypts the files released when the payment is taken by the ‘leaker’, says developer Zozan Cudi. The developers say that Darkleaks will help “stop corruption and challenge power”, but there seems to be no limit to the files sellers and buyers can trade in, freely and anonymously – “government secrets”, “celebrity sex pictures” and “military intelligence”, among other critical and highly sensitive information.

Submission + - Lenovo pre-installs malware injecting ads and spoofing SSL certs (ibtimes.co.uk)

Submitted by janoc on Thursday February 19, 2015 @09:22AM

janoc writes: Lenovo is pre-installing adware/malware called Superfish on their laptops which serves ads for products you may be browsing/shopping for, "but cheaper". Unfortunately it also breaks into SSL sessions by installing a false root certificate, allowing for potential snooping on secure sessions.

Submission + - Spyware Developed By NSA Resides In HDD Firmware

Submitted by Anonymous Coward on Tuesday February 17, 2015 @06:39AM

An anonymous reader writes: The Russian computer security firm Kaspersky has uncovered spyware code buried in the firmware of common hard disk drives. The spyware kit has been customized to support all major HDD brands. Most of the infections have occurred in countries that are frequent US spying targets, such as China, Iran, Pakistan and Russia. Kaspersky declined to publicly name the country behind the spying campaign, but said it was closely linked to Stuxnet, the NSA-led cyberweapon that was used to attack Iran's uranium enrichment facility. A former NSA employee told Reuters that Kaspersky's analysis was correct, and that people still in the intelligence agency valued these spying programs as highly as Stuxnet. Another former intelligence operative confirmed that the NSA had developed the prized technique of concealing spyware in hard drives, but said he did not know which spy efforts relied on it. Kaspersky published the technical details of its research on Monday, which should help infected institutions detect the spying programs, some of which trace back as far as 2001.

Comment Re:Oh Shit! (Score 1) 188

by alphatel on Friday February 13, 2015 @04:30PM (#49050191) Attached to: MegaUpload Programmer Pleads Guilty, Gets a Year In Prison

There goes my business plan for "GigaUpload"!

If I implemented it, I'd get a thousand times his sentence.

You and the TeraUpload guy are screwed.

Comment Re:This sounds vaguely familiar ... (Score 1) 215

by alphatel on Thursday February 12, 2015 @09:08AM (#49037271) Attached to: Russia Seeking To Ban Tor, VPNs and Other Anonymizing Tools

Obama believes Silicon Valley companies also want to solve the problem. “They’re patriots.” ...

A patriot is "a person who vigorously supports their country and is prepared to defend it against enemies or detractors." Corporations run to whatever country will shelter them. They have no allegiance unless it empowers them financially or otherwise.

Snowden would qualify as a better patriot than any corporation since he is 1) a person (and not in the deluded SCOTUS sense either), and 2) he is prepared to defend it against ITSELF. The setback for him is his country will not let him back without sitting in a jail cell for the remainder of his life.

Comment Re:Conflict of interest (Score 1) 98

by alphatel on Tuesday February 03, 2015 @10:57AM (#48968849) Attached to: Google To Compete With Uber, Uber To Explore Autonomous Transportation

Blatant conflict of interest with Uber's minority shareholders. Watching Google tapdance around this one will be loads of fun.

Shouldn't be an issue. Google's been pretty consistent about stealing from its partners without retribution.
What monopoly?

Comment Re:Naive to say the least. (Score 3, Funny) 258

by alphatel on Thursday January 29, 2015 @11:51AM (#48931701) Attached to: Proposed Disk Array With 99.999% Availablity For 4 Years, Sans Maintenance

100,000 hours = 273 years. Does anyone believe that?

Everyone except you apparently.

Comment Re:How is this news? (Score 1) 139

by alphatel on Thursday January 29, 2015 @11:50AM (#48931683) Attached to: The Quantum Experiment That Simulates a Time Machine

This isn't news. They already did the same experiment in January 2015.

Stop reposting that.

Comment Re:Nobody should trust these scammers (Score 1) 80

by alphatel on Saturday January 24, 2015 @03:22PM (#48894135) Attached to: Winklevoss Twins Plan Regulated Bitcoin Exchange

This major change in the investment possibilities has sent shockwaves through the BTC community. The price change in the past month has been so dramatic as to herald a new world order for those who depend on it for their fidelity and fu...

Oh wait, I was looking at an oil chart. n/m

Comment Re:Nobody should trust these scammers (Score 1) 80

by alphatel on Saturday January 24, 2015 @02:11PM (#48893707) Attached to: Winklevoss Twins Plan Regulated Bitcoin Exchange

They should have just called their new product "Facecoin"

Comment Don't apply compression gently (Score 1) 304

by alphatel on Saturday January 24, 2015 @10:44AM (#48892463) Attached to: Government Recommends Cars With Smarter Brakes

a third of ... accidents were the rear-end crashes and a "large number" of the drivers either didn't apply the brakes at all (what?!) ... before impact.

Because Russian

Comment Re:USPS (Score 4, Informative) 385

by alphatel on Tuesday January 20, 2015 @01:04PM (#48857057) Attached to: FBI Seeks To Legally Hack You If You're Connected To TOR Or a VPN

So the Postal service is still the most secure legally protected method for sending data. Just mail CDs.

The USPS scans all mail
The USPS monitors mail on behalf of the feds without any authorization.
What's to stop them from opening it without a warrant? Sorry but the whole system is controlled and abused by your favorite government officials.

Sidenote: CDs were replaced by DVDs and now Blu Rays. Just fyi if you want to send more than 700mb of crap.

Slashdot Top Deals