Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×
Security

Submission + - Hacker Demos Easy Wireless Credit Card Fraud (forbes.com)

Submitted by Sparrowvsrevolution
Sparrowvsrevolution writes: At the Shmoocon hacker conference, security researcher Kristin Paget aimed to indisputably prove what hackers have long known and the payment card industry has repeatedly downplayed and denied: That RFID-enabled credit card data can be easily, cheaply, and undetectably stolen and used for fraudulent transactions. With a Vivotech RFID credit card reader she bought on eBay for $50, Paget wirelessly read a volunteer’s credit card onstage and obtained the card’s number and expiration date, along with the one-time CVV number used by contactless cards to authenticate payments. A second later, she used a $300 card-magnetizing tool to encode that data onto a blank card. And then, with a Square attachment for the iPhone that allows anyone to swipe a card and receive payments, she paid herself $15 of the volunteer’s money with the counterfeit card she’d just created. (She also handed the volunteer a twenty dollar bill, essentially selling the bill on stage for $15 to avoid any charges of illegal fraud.)

The payment industry often claims that contactless credit cards are more safe than traditional cards, and that any data a hacker could wirelessly read from them can't be used for fraud. But with 100 million of the RFID-enabled credit cards now in circulation, Paget wanted to undisputably show that's not the case. A stealthy attacker in a crowded public place could easily scan hundreds of cards through wallets or purses.

Comment What exactly is open-license technology? (Score 1) 182

by microphage (#38863939) Attached to: Gates Paying Murdoch For System To Track U.S. Kids' School Progress
“In addition to making instructional data more manageable and useful, this open-license technology, provisionally called the Shared Learning Infrastructure (SLI), will also support a large market for vendors of learning materials and application developers to deliver content and tools that meet the Common Core State Standards and are interoperable with each other and the most popular student information systems” link

Submission + - How to manage a commercial source-code sale for a (pldaniels.com) 2

Submitted by
inflex
inflex writes: "I have a software suite that has been running for well over a decade and sold to companies such as Nashua, VirginBlue and NationalFoods. Many components are now OpenSource. I want to focus on my wife's career (Independent novelist) and am considering selling the source/rights to my commercial software and letting someone else take the reins. I'm looking for advice on how best to approach the situation — should I go through the 250k LoC and clean it up a bit, or just hand it over as it's currently running. Would it be advisable to bring in an escrow/3rd-party? I have no heavy emotional attachment to it, tens of thousands of people use the OpenSource components,of which will naturally remain that way but obviously the commercial version will diverge over time."

Comment Page had personal knowledge of the operation? (Score 1) 287

by microphage (#38837831) Attached to: Top Google Executives Approved Illegal Drug Ads
"The government's case also contained potentially embarrassing allegations that top Google executives, including co-founder Larry Page, were told about legal problems with the drug ads.

Mr. Page, now Google's chief executive, knew about the illicit conduct, said Mr. Neronha, the U.S. attorney for Rhode Island .. Mr. Neronha declined to detail the evidence, which was presented in secret to a federal grand jury"
Linux

Submission + - Extremadura Moves 40,000 PCs to Linux (softpedia.com)

Submitted by microphage
microphage writes: Teodomiro Cayetano López, Extremadura's CIO (Chief Information Officer), confirmed on January 23rd that the administration of Spain’s autonomous region will move all their desktop PCs to Debian Linux.
Censorship

Submission + - BBC censoring Open Source (slated.org)

Submitted by microphage
microphage writes: Michael Gove: "An open-source curriculum"
BBC's first draft: "an "open source" curriculum
BBC's final copy: "a flexible curriculum"
--

Michael Gove's speech in full

"Instead of children bored out of their minds being taught how to use Word and Excel by bored teachers, we could have 11 year-olds able to write simple 2D computer animations using an MIT tool called Scratch"

"An open-source curriculum .. Advances in technology should also make us think about the broader school curriculum in a new way.

"In an open-source world, why should we accept that a curriculum is a single, static document? A statement of priorities frozen in time; a blunt instrument landing with a thunk on teachers' desks and updated only centrally and only infrequently?

"Initiatives like the Raspberry Pi scheme will give children the opportunity to learn the fundamentals of programming with their own credit card sized, single-board computers"

Raspberry Pi | An ARM GNU/Linux box

Comment Linux refused for browser testing? (Score 1) 57

"Its sad that they nowadays refuse Linux as a platform for browser testing. I can agree its pretty boring to have one platform that wont be broken so easily, but its a good benchmark against Windows and its abundance of security issues".

Where does it say you can't use Linux for browser testing?

Comment Railway computers hacked froom the Internet (Score 1) 116

by microphage (#38803513) Attached to: Hackers Manipulated Railway Computers, TSA Memo Says
"Investigators discovered two Internet access locations, or IP addresses, for the intruders on Dec. 1 and a third on Dec. 2, the document noted, but it does not say in which country they were located".

Who in their right minds connect a railway signals control system directly to the Internet?

Comment Sounds like a rehash of the 'fragmentation` issue (Score 1) 197

by microphage (#38771286) Attached to: The Headaches of Cross-Platform Mobile Development
This sounds like a rehash of the 'fragmentation` issue. There are only so many ways you can configure the look and feel of the platform itself. Besides the real money is not in the handsets but in the apps and online services.

"Because Metro-style apps are written using .. .Net-managed code, it may even be possible to run the exact same apps on any Microsoft-powered device".

As I suspected this is a disguised advert for the Microsoft mobile platform.

"yet another way in which the mobile development market is becoming increasingly fragmented"

Yep, without even reading this far I could even see 'fragmented` coming ..
Security

Submission + - Researchers Find Slew of Flaws in SCADA Hardware, (threatpost.com)

Submitted by Trailrunner7
Trailrunner7 writes: At the S4 security conference this week, "Project Basecamp," a volunteer-led security audit of leading programmable logic controllers (PLCs), performed by a team of top researchers found that decrepit hardware, buggy software and pitiful or nonexistent security features make thousands of PLCs vulnerable to trivial attacks by external hackers that could cause PLC devices to crash or run malicious code.

"We were looking for a firesheep moment in PLC security," Peterson told the audience of ICS security experts.

They got one. "It's a blood bath mostly," said Wightman of Digital Bond. "Many of these devices lack basic security features."

While the results of analysis of the various PLCs varied, the researchers found significant security issues with every system they tested, with some PLCs too brittle and insecure to even tolerate security scans and probing.
Your Rights Online

Submission + - Internet: Assange responsible for 2/3 of all rape. (rollingstone.com)

Submitted by
owenferguson
owenferguson writes: "Rolling stone is reporting that Wikileaks founder Julian Assange has cornered the market on internet searches for the word rape. From the article: "Back when we last did a survey, in February, there were a total of 33 million references on the Internet to the word "rape" in any context, from Helen of Troy to the Congo. If you search for "rape" and my name, there were just over 20 million. In other words, perceptively, two-thirds of all rapes that have ever happened anywhere in the world, ever, have something to do with me." ...I dunno. Maybe you're just getting extra hits from partial successes on "Ass Rape""
Your Rights Online

Submission + - Wikipedia to Protest SOPA (wikimediafoundation.org) 2

Submitted by Techmeology
Techmeology writes: In an unprecedented move, the English Wikipedia has announced that it will protest SOPA and PIPA with a 24 hour blackout on the 18th of January. Wikipedia administrators conveyed the community's support for a blackout in spite of apparent setbacks for SOPA, noting that PIPA is still very much alive. They added that a majority of participants in the discussion supported a global blackout in protest of similar legislation in other countries rather than a US only blackout.
The Internet

Submission + - Murdoch squares off with Obama over online piracy (guardian.co.uk)

Submitted by microphage
microphage writes: "The gathering storm over online piracy legislation being debated in the US Congress has sucked two more heavy hitters into the fray, with the Obama administration and Rupert Murdoch lining up on opposite sides of the argument.

'We will not support legislation that reduces freedom of expression, increases cybersecurity risk, or undermines the dynamic, innovative global internet," said three of Obama's top technology advisers in a statement. The authors said manipulating the DNS by forcing service providers to block access to pirating sites could damage cybersecurity by driving users to much more unscrupulous servers`.

Slashdot Top Deals

This restaurant was advertising breakfast any time. So I ordered french toast in the renaissance. - Steven Wright, comedian

Close