71230447
submission
itwbennett writes:
Facebook has released as open source an application, called Augmented Traffic Control (ATC), that can simulate the connectivity of a portable telephone accessing an app over 2G, Edge, 3G, or LTE network. It can also simulate weak and erratic WiFi connections. The simulations can give engineers an estimate of how long it would take a user to download a file, for instance, given varying network connections. It can help engineers re-create problems that crop up only on very slow networks.
71220211
submission
itwbennett writes:
You don’t need to be the NSA to tap calls on Cisco’s SPA 300 and 500 IP phones: An authentication flaw allows potential attackers to do that by default.
71219981
submission
itwbennett writes:
For years, U.S. businesses and government agencies have complained about attacks originating from China, while the Chinese government persisted in denying attacking U.S. targets. Then last week the Chinese government noted the existence of the country’s cyberwarfare unit in “The Science of Military Strategy,” a publication put out by a research institute of the People’s Liberation Army, according to news reports.
71210139
submission
jfruh writes:
Nothing confronts you with how addicted you are to your phone than constantly taking it out of your pocket and entering and re-entering your passcode over and over again to unlock. But without fanfare, Google is releasing an Android update that might solve the problem: a "smart lock" that can figure out if your phone has been set down since the last time you unlocked it. As long as it stays on your person, you won't need to re-enter your password.
71142853
submission
itwbennett writes:
On Tuesday, Steve Ragan's GoDaddy account was compromised. He knew it was coming, but considering the layered account protections used by the world's largest domain registrar, he didn't think the attacker would be successful. He was wrong. Within days, the attacker gained control over Steve's account just by speaking to customer support and submitting a Photoshopped ID.
71142107
submission
itwbennett writes:
The report, which was mistakenly provided to the Wall Street Journal as part of a public records request, reveals that FTC staff concluded in 2012 that Google’s business tactics had caused 'real harm to consumers and to innovation,' and the staff recommended a lawsuit against the company. Among the findings: Google inflated rankings for its own services and scraped other companies' content, while threatening to remove those sites from its search listing if they objected.
71141623
submission
itwbennett writes:
Security researchers who participated in the Pwn2Own hacking contest this week demonstrated remote code execution exploits against the top four browsers, and also hacked the widely used Adobe Reader and Flash Player plug-ins. On Thursday, South Korean security researcher and serial browser hacker JungHoon Lee, known online as lokihardt, single-handedly popped Internet Explorer 11 and Google Chrome on Microsoft Windows, as well as Apple Safari on Mac OS X. He walked away $225,000 in prize money.
71121689
submission
itwbennett writes:
More than 700,000 ADSL routers provided to customers by ISPs around the world contain serious flaws that allow remote hackers to take control of them. Most of the routers have a 'directory traversal' flaw in a firmware component called webproc.cgi that allows hackers to extract sensitive configuration data, including administrative credentials. The flaw isn’t new and has been reported by multiple researchers since 2011 in various router models.
71121387
submission
itwbennett writes:
Over the past four years, Albert Pastrana, Head of Engineering at a U.K. company, has interviewed many candidates for developer positions. As part of the interview process, he’s asked each one the same question: How would you define good code? Recently, he looked at the answers given by 65 developer candidates who were interviewed over the course of 2014; all were programmers with knowledge of Java or Scala and had five or more years of experience. Seventy-eight percent of interviewees said readability was the number one quality of good code. Of course, these folks were all trying to land jobs, so that might have influenced their answers. Without a job on the line, how would you answer that question?
71120785
submission
itwbennett writes:
More than 400 cities and 55 counties in California allow residents to rent out part or all of their homes and levy a transit occupancy tax on those rentals. But payment is sporadic and municipalities often have no way of knowing who in their community should be paying the tax. Senate Bill 593 would require operators of vacation rental services like AirBnB to report to local authorities the location of the residences, the number of nights they were occupied by visitors and the amount paid for the rentals.
71112625
submission
jfruh writes:
In the wake of the FCC passing net neutrality rules, the federal agency now has the authority to keep an eye on ISPs 'future conduct,' to prevent them from even starting to implement traffic-shaping plans that would violate net neutrality. Naturally, this has a lot of ISPs feeling nervous.
71112547
submission
jfruh writes:
A group of California taxi operators are suing Uber, claiming the ridehailing service is guilty of false advertising when it comes to rider safety. The taxi companies claim that Uber doesn't use a Live Scan fingerprint ID for drivers like they do, and that the $1 "safe rides" fee on every fare doesn't specifically go towards boosing safety.
71111759
submission
itwbennett writes:
Target has agreed to pay $10 million in a proposed settlement to a class-action lawsuit stemming from its massive 2013 data breach, which affected as many as 110 million people. Individual victims could receive up to $10,000. The proposed settlement also includes measures to better protect the customer data that Target collects, according to documents filed with the U.S. District Court, District of Minnesota.
71085201
submission
itwbennett writes:
The U.S. Federal Communications Commission has fined Verizon $3.4 million over its failure to notify police and fire departments during a 911 service outage last year. Under the commission’s rules, Verizon and other carriers were required to notify emergency call centers of a six-hour outage that occurred in April. The outage involved multiple carriers and affected over 11 million people in seven states.
71084625
submission
itwbennett writes:
After a security enthusiast, a Finnish man who works as an IT manager for a company in the industrial sector, discovered a loophole that allowed him to register a valid SSL certificate for Microsoft’s live.fi domain, he tried to responsibly disclose the issue. But instead of thanks he got locked out of his email, phone, Xbox and online storage accounts. 'Through our own investigations, independent from the researcher, we identified and have fixed the misconfiguration that was allowing people to create accounts reserved for Microsoft’s use,' a Microsoft representative told the IDG New Service via email Wednesday.
