59191061
submission
angry tapir writes:
Australia is in the middle of a parliamentary inquiry examining telecommunications interception laws. Law enforcement organisations using this to resurrect the idea of a scheme for mandatory data retention by telcos and ISPs. In addition, an Australian peak law enforcement body is pushing for rules that would force telcos help with decryption of communications.
58794453
submission
angry tapir writes:
Akamai Technologies, whose network handles up to 30 percent of all Internet traffic, has admitted that a researcher found a fault in custom code that the company thought shielded most of its customers from the Heartbleed bug. As a result, Akamai is now reissuing all SSL (Secure Sockets Layer) certificates and security keys used to create encrypted connections between its customer's websites and visitors to those sites.
58506137
submission
angry tapir writes:
The Australian Securities and Investment Commission (ASIC), a government financial watchdog, is reportedly contemplating the idea of implementing a 500 millisecond delay on trades in an effort to put the brakes on high-frequency trading. ASIC last year knocked back the idea and stated that fears about HFT were overblown. However, in a government inquiry today representatives of the organisation said the idea of a 'pause' is still on the table.
57646677
submission
angry tapir writes:
Mt. Gox may have collected a large sum in trading fees in the weeks before its closure, even though it was already aware that a vast number of bitcoins had gone missing, its U.S. bankruptcy filing suggests. A sworn declaration in the filing from Robert Karpeles, Mt. Gox 's CEO, reveals that the Bitcoin exchange knew in early February that its situation was far graver than it had disclosed at the time.
57599611
submission
angry tapir writes:
Attackers have abused the WordPress pingback feature, which allows sites to cross-reference blog posts, to launch a large-scale, distributed denial-of-service (DDoS) attack, according to researchers from Web security firm Sucuri. The attack involved over 162,000 legitimate WordPress websites being forced to send hundreds of requests per second to a popular WordPress site, preventing access to it for many hours. The attack exploited an issue with the XML-RPC (XML remote procedure call) implementation in WordPress that's used for features like pingback, trackback, remote access from mobile devices and others, and brought back into the spotlight the denial-of-service risks associated with this functionality that have been known since 2007.
57326791
submission
angry tapir writes:
Drupal, an open source content management system, now powers more than 1 million websites, according to figures released today. As of 15 February, 1,005,489 websites were powered by the CMS, according to the Drupal Association, a non-profit organisation that stewards the project. It's heady stuff for an open source project born out of the desire of its creator, Dries Buytaert, to experiment with Web technologies.
57309981
submission
angry tapir writes:
In an interview given to the Australian media at RSA Conference this week, RSA Chairman Art Coviello said "It is against the law for the NSA to spy in the US and if they've done anything illegal, which, again, within US law, people might have commented that they have in the press, but no legal authority seems to be raising that as an issue." It's clear that Coviello has either not kept up with what's been going on, is in denial or deliberately attempting to mislead.
57132449
submission
angry tapir writes:
As the number of top-level domains undergoes explosive growth, the Internet Corporation for Assigned Names and Numbers (ICANN) is studying ways to reduce the risk of traffic intended for internal network destinations ending up on the Internet via the Domain Name System. Proposals in a report produced on behalf of ICANN include preventing .mail, .home and .corp ever being Internet TLDs; allowing the forcible de-delegation of some second-level domains in emergencies; and returning 127.0.53.53 as an IP address in the hopes that sysadmins will have a WTF moment and Google it.
56661343
submission
angry tapir writes:
Hackers are circulating credentials for thousands of FTP sites and appear to have compromised file transfer servers at The New York Times, UNICEF and other organizations, according to a security expert. The hackers obtained credentials for more than 7000 FTP sites and have been circulating the list in underground forums, said Alex Holden, chief information security officer for Hold Security, a Wisconsin-based company that monitors cyberattacks.
56624863
submission
angry tapir writes:
Police in the Australian state of Queensland will employ a handheld laser scanner that can be used to map crime scenes, including in areas where there is no GPS reception. The police will use the Australian developed Zebedee laser scanner: A LiDAR scanner that is mounted on a spring. As a user walks around, the spring moves and the scanner captures the surrounding area. Software processing then uses the data to construct a 3D model. Previously the technology has been used to capture areas of cultural significance, such as the interior of the Leaning Tower of Pisa. As an added bonus, the Zebedee looks ridiculous when in use.
56619323
submission
angry tapir writes:
VMware will offer virtual desktop services for Google's Chromebooks, allowing them to run Windows applications on the pared-down laptops based on the Chrome OS. Organizations could save as much as US$5,000 per computer by using a combination of Chromebooks and VMware managed services, Google has estimated.
56516919
submission
angry tapir writes:
LinkedIn is shutting down Intro, its recently launched mobile service for connecting people over email, that raised security concerns. Intro was launched last October and described at the time as a 'dream come true for hackers' The service was made for the iPhone, and was designed to grab LinkedIn profile information and insert it into emails received on phones. The service displayed that information to the recipient from the email's sender if the sender was also on LinkedIn.
56115395
submission
angry tapir writes:
Oracle is continuing its legal battle against third-party software support providers it alleges are performing such services in a manner that violates its intellectual property. Last week, Oracle sued StratisCom, a Georgia company that offers customers support for Oracle's Solaris OS, claiming it had "misappropriated and distributed copyright, proprietary software code, along with the login credentials necessary to download this code from Oracle's password-protected websites."
55856161
submission
angry tapir writes:
The Internet's name space continues to expand, with ICANN revealing that more than 100 generic top-level domains have been added to the root zone. Thirty four gTLDs have been delegated so far in January, including .club, .pics, .photo, .rich, .guitars, and .marketing.
55849913
submission
angry tapir writes:
At least three security companies have scrubbed information related to Target from the Web, highlighting the ongoing sensitivity around one of the largest-ever data breaches. How hackers broke into Target and installed malware on point-of-sale terminals that harvested up to 40 million payment card details is extremely sensitive. Now, details that give insight into the attack are being hastily removed or redacted by security companies.
