Journal Journal: Twitter Trends
Some clown send a funny #Kim Possible tweet and it trends based on retweets I guess. Some new pasttime?
Submission + - Software cracks Microsoft,eBay,Yahoo audiocaptchas (networkworld.com)
coondoggie writes: "Researchers have figured out how to to crack captchas, making it possible to launch automated attacks against sites such as Microsoft, eBay and Digg where opening phony accounts could be turned into cash.
Software written by researchers at Stanford University and Tulane University can interpret human speech well enough to crack audio captchas between 1.5% and 89% of the time — often enough to make sites that use them vulnerable to setting up false user accounts, the researchers say."
Software written by researchers at Stanford University and Tulane University can interpret human speech well enough to crack audio captchas between 1.5% and 89% of the time — often enough to make sites that use them vulnerable to setting up false user accounts, the researchers say."
Submission + - Android security practices? 1
Soft writes: Smartphone security recommendations seem to boil down to Windows-like practices: install an antivirus, run updates, and don't execute apps from untrusted sources. On my own computers, running Linux, I choose to only install (signed) packages from the distribution's or well-known repositories, or programs I can check and compile myself, or run them as a dedicated user--and I don't bother with an antivirus.
What rules should I adopt on my soon-to-be-bought Android device? Can I use it purely with open-source apps and still make the most of it? Are Android's fine-grained permissions (accessing the network, contacts...) reliable? Can apps be trusted not to scan your files and keyboard for passwords and emails? What precautions do security-conscious Slashdotters take to keep control of their phones?
What rules should I adopt on my soon-to-be-bought Android device? Can I use it purely with open-source apps and still make the most of it? Are Android's fine-grained permissions (accessing the network, contacts...) reliable? Can apps be trusted not to scan your files and keyboard for passwords and emails? What precautions do security-conscious Slashdotters take to keep control of their phones?
Submission + - Netflix Isn't Swamping the Internet (itworld.com)
itwbennett writes: "Remember the Sandvine report from earlier this week that said that Netflix gobbles up 30% of Internet traffic during peak hours? It needs clarification on a couple of important points, says blogger Kevin Fogarty. First, yes, Netflix traffic spikes during prime time, but only across the last mile. Second, ISPs underestimate what a 'normal' level of Internet use really is. 'When AT&T announced its data caps – 150GB per month for DSL users and 250GB for broadband – it called the data levels generous and said limits would only affect 2 percent of its customers. It turns out Netflix users take up an average of 40GB per month just from streaming media, according to a different Sandvine report (PDF),' says Fogarty."
Submission + - Patriot Act to receive four-year extension (google.com)
airfoobar writes: A four-year extension to the highly controversial Patriot Act is set to be rushed through in the coming week. Both parties are in agreement that this is the best way forward.
Submission + - CDC Wants You to be Ready for a Zombie Apolcalypse (cdc.gov)
Digz writes: The Centers for Disease Control take all threats seriously and want to help people through all emergencies that may occur — including a zombie apocalypse. You can see their instructions here.
This might be helpful to get around in those trying times.
This might be helpful to get around in those trying times.
Comment Re:Kinda useless link. (Score 2) 45
Quote from the first link if you didn't RTFA:
Helpful Hints:
Check out Seas0npass for an easy way to jailbreak the Apple TV
- SSH in and change the root password
- Use apt-cache and apt-get to find and install lighttpd
- Use SFTP to upload a /etc/lighttpd.conf config file for lighttpd
- Within /usr/sbin/ run lighttpd-angel -f /etc/lighttpd.conf to start lighttpd
- Write a plist file in /Library/LaunchDaemons to launch lighttpd on boot
Helpful Hints:
Check out Seas0npass for an easy way to jailbreak the Apple TV
- SSH in and change the root password
- Use apt-cache and apt-get to find and install lighttpd
- Use SFTP to upload a
- Within
- Write a plist file in
Journal Journal: Binspam
What's the point of binspam given how quickly it's deleted?
Submission + - Disorderly conduct online (triblocal.com)
Submission + - How intercept calls on new Cisco phones (scmagazine.com.au)
mask.of.sanity writes: Researchers have demonstrated a series of exploits that turn Cisco IP phones into listening bugs, and could allow a denial of service attack capable of silencing a call centre.
It allows internal staff and competitors with a little publicly-available information to hijack the phones, wiretap calls and eavesdrop on confidential meetings.
The attacks work through a sequence of exploits against the latest Cisco phones enabled to run off the shelf.
Most people are vunerable, the researchers say, because they do not harden their systems in line with recommended security requirements.
It allows internal staff and competitors with a little publicly-available information to hijack the phones, wiretap calls and eavesdrop on confidential meetings.
The attacks work through a sequence of exploits against the latest Cisco phones enabled to run off the shelf.
Most people are vunerable, the researchers say, because they do not harden their systems in line with recommended security requirements.
Comment Addicts (Score 1) 1
Is COD the gaming equivalent of crack?
Submission + - PlayStation Network Down, Xbox 360 Up (ibtimes.com) 1
Daniel_Lee writes: The Sony PlayStation Network (PSN) outage has angered and frustrated Sony fans into rushing to retail stores and trading in their PlayStation3 (PS3) consoles for rival Microsoft Xbox 360 systems. Reports from retail stores indicated that more customers have been trading in their entire PlayStation3 set including both console and games for the Xbox 360, mostly for Call of Duty online gamers.
Submission + - Flash 10.3 Update Puts Users In Charge Of Privacy (computerworld.com)
CWmike writes: "Adobe has released an important update to its Flash Player software that fixes critical security flaws and gives users a better way of controlling whether they are being tracked on the Web. The Flash Player 10.3 update, released Thursday, lets users manage Flash cookies using their browser's privacy settings or through a new control panel. Flash cookies, also called 'Local Stored Objects,' have been a sore spot for Adobe users since 2009, when researchers showed they were being used extensively to track Web surfers. The problem is that Flash cookies historically have been hard to remove, unlike traditional cookies, and some sites have used them to track users who have wanted to block cookies. Seth Schoen, a senior staff technologist with the Electronic Frontier Foundation who has followed the Flash cookie problem, said: 'I'm glad Adobe is addressing this in a comprehensive way,' he said by email. 'It's a shame that it's taken such a long time, but it's good that it's finally happened.'"
Submission + - Comcast Helps Fix TPB's Connectivity Issues (torrentfreak.com)
MagusSlurpy writes: "Far from blocking The Pirate Bay, Comcast was just one of several ISPs on which TPB was unreachable today. Comcast reached out to the torrent site, and its engineers provided technical support, eventually determining that the connectivity issues stemmed from a reverse path filtering issue at an intermediate ISP, Serious Tubes Networks."
Submission + - Google Engineers Deny Hack Exploited Chrome (computerworld.com)
CWmike writes: "Several Google security engineers have countered claims that a French security company, Vupen, found a vulnerability in Chrome that could let attackers hijack Windows PCs running the company's browser. Instead, those engineers said the bug Vupen exploited to hack Chrome was in Adobe's Flash, which Google has bundled with the browser for over a year. Google's official position, however, has not changed since Vupen said it had sidestepped not only the browser's built-in 'sandbox' but also by evading Windows 7's integrated anti-exploit technologies. But others who work for Google were certain that at least one of the flaws Vupen exploited was in Flash's code, not Chrome's. 'As usual, security journalists don't bother to fact check,' said Tavis Ormandy, a Google security engineer, in a tweet earlier Wednesday. 'Vupen misunderstood how sandboxing worked in Chrome, and only had a Flash bug.' Chris Evans, a Google security engineer and Chrome team lead, tweeted, 'It's a legit pwn, but if it requires Flash, it's not a Chrome pwn.'"
