Slashdot is powered by your submissions, so send in your scoop

 


Forgot your password?
Close
typodupeerror
×

Submission + - A Mercenary Approach to Botnets (darkreading.com)

Submitted by CowboyRobot
CowboyRobot writes: The incentives are high for many businesses and government agencies to not be too heavy handed in combating the global botnet pandemic. There's money to be had and, with each passing day, more interesting ways are being uncovered in how to package the data, and how to employ it. It used to be that the worlds of bug hunters and malware analysts were separate and far between. In the last couple of years the ability to analyze malware samples and identify exploitable vulnerabilities in them has become very important. Given that some botnets have a bigger pool of victims than many commercial software vendors have licensed customers, the value of an exploit that grants reliable remote control of a popular malware agent is rising in value. In many ways, botnets have become a golden goose to those charged with gathering intelligence on the populations of foreign entities. The bulk of the victim's data is useful for mapping populations, communication profiles, and as egress points for counter intelligence exercises. Then, given how many botnet victims there are, the probability that a few "interesting" computers will have succumbed along the way is similarly high — providing direct insight in to a pool of high value targets.

Submission + - New Windows XP Zero-Day Under Attack (securityweek.com) 1

Submitted by wiredmikey
wiredmikey writes: A new Windows kernel zero-day vulnerability is being exploited in targeted attacks against Windows XP users. Microsoft confirmed the issue and published a security advisory to acknowledge the flaw after anti-malware vendor FireEye warned that the Windows bug is being used in conjunction with an Adobe Reader exploit to infect Windows machines with malware.

Microsoft described the issue as an elevation of privilege vulnerability that allows an attacker to run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full administrative rights.

Submission + - Google Is Building A Way To Launch Chrome Apps Without Installation

Submitted by Anonymous Coward
An anonymous reader writes: Google really wants Chrome apps to take off. Not only has the company added rich notifications, in-app payments, and an app launcher into its browser, but now it’s developing ephemeral apps that launch by just clicking a link. There are two separate components here. Ephemeral apps (you can enable this under the chrome://flags/#enable-ephemeral-apps flag) let you try a Chrome app before installing it. Linkable ephemeral apps (under the chrome://flags/#enable-linkable-ephemeral-apps flag) meanwhile allow you to launch said apps from hyperlinks.

Submission + - ScareMail Tries to Disrupt NSA Email Surveillance (hackaday.com)

Submitted by Okian Warrior
Okian Warrior writes: "Are you on the NSA’s email watchlist? Do you want to be? The ScareMail project is designed to mess with the NSA’s email surveillance programs.

Benjamin Grosser has written a plugin for many popular web browsers that uses an algorithm to generate a clever but ultimately useless narrative in the signature of your email using as many probable NSA search terms as possible. The idea behind this is if enough people use it, it will overload the NSA’s search results, ultimately making their email keyword tracking useless.

Ben has a video describing the project."

Comment Re:Really? (Score 1) 104

by Grisstle (#45549851) Attached to: Free Software Foundation Announces 2013 Holiday Giving Guide
Is that it? Really? Throwing a string of vulgarities together does not a troll make. Try again. The vulgarities could work if you could redo that post as a Haiku. Can you handle a haiku? (http://en.wikipedia.org/wiki/Haiku). Or a Jeopardy post! This act entails taking a dick up the ass and allowing the person ramming your butt to ejaculate in your arse. What is an anal creampie? Honestly, it's like you're new at trolling or don't understand the concept of trolling as an art.

Submission + - MS handing NSA access to encrypted chat & email (guardian.co.uk)

Submitted by kaptink
kaptink writes: Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal. The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail. The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide. Microsoft also worked with the FBI's Data Intercept Unit to "understand" potential issues with a feature in Outlook.com that allows users to create email aliases. Skype, which was bought by Microsoft in October 2011, worked with intelligence agencies last year to allow Prism to collect video of conversations as well as audio. Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a "team sport".

Submission + - The Steve Jobs video that sealed Apple's fate in the DOJ case (tuaw.com)

Submitted by Anonymous Coward
An anonymous reader writes: Apple yesterday came up on the losing end of a decision from US District Judge Denise Cote who ruled that Apple did, in fact, collude to artificially raise the price of e-books.

In looking over the decision, I found it interesting that statements made by Steve Jobs were construed as compelling evidence in the eyes of Cote.

The damning video, which was shot by Kara Swisher on her Flipcam, shows Mossberg curiously asking Jobs why someone would buy an e-book for $14.99 from Apple when they can get it for $9.99 from Amazon.

"The prices will be the same," Jobs explained, before adding that "publishers are actually withholding" books from Amazon because they aren't happy with the terms of their contract.

Submission + - Nanoparticle Drug Patches Will Deliver Cancer Treatment Without Needles (vice.com)

Submitted by Daniel_Stuckey
Daniel_Stuckey writes: Atif Sayed and Zakareya Hussein, both with backgrounds in electronics and nanotechnology, are developing Nanject, a "pharmaceutical nano patch" that can "be applied to the skin and will deliver specific amounts of target drugs where necessary." The two are crowd-funding the project on Microryza.

Two years ago Sayed was doing research into swarm robotics and artificial immune systems, and found inspiration in biological species—specifically, birds. "I was always obsessed with artificial intelligence and wanted to automate a lot of things which are kind of repetitive (like people working in factories, McDonalds, etc.)," wrote Sayed in an email. "At the same time, I was fascinated with nanorobotics or nanobots and wanted to do more research into this. Having people in my own family and friends who passed away due to cancer, I wanted to use nanobots to tackle and destroy cancer cells with little or no pain."

From there he came up with the idea of a nano patch. In place of needles and syringes, he would use magnetic nanoparticles that are small enough to pass through a hair follicle. He then wrote his thesis on "the synthesis of magnetic nanoparticles for its use in bio-medicine and targeted drug delivery." Sayed said he is now "at the point of realizing and connecting the tiny dots into one single product—Nanject."

Submission + - Math and Science Popular with College Students Until They Realize They're Hard

Submitted by HonorPoncaCityDotCom
HonorPoncaCityDotCom writes: Khadeeja Safdar reports in the WSJ that researchers who surveyed 655 incoming college students found that while math and science majors drew the most interest initially, not many students finished with degrees in those subjects. Students who dropped out didn’t do so because they discovered an unexpected amount of the work and because they were dissatisfied with their grades. “Students knew science was hard to begin with, but for a lot of them it turned out to be much worse than what they expected,” says Todd R. Stinebrickner, one of the paper’s authors. “What they didn’t expect is that even if they work hard, they still won’t do well.” The authors add that the substantial overoptimism about completing a degree in science can be attributed largely to students beginning school with misperceptions about their ability to perform well academically in science. "“If more science graduates are desired, the findings suggest the importance of policies at younger ages that lead students to enter college better prepared (PDF) to study science."

Submission + - $250k Human Powered Helicopter prize has been won after 33 years

Submitted by daltec
daltec writes: While many aerospace engineers thought it could not be done, the AHS Igor I. Sikorsky Human Powered Helicopter competition has been won, after 33 years of trying. Canada's AeroVelo has claimed the $250,000 prize, having successfully met the contest requirements for an aircraft using only human power to fly for at least 60 seconds, reach an altitude of at least 3 meters (9.8 feet) and remain hovering over a 10 by 10 meter (32.8 by 32.8 foot) area.

"Atlas," AeroVelo's winning design, is said to be larger than any operational helicopter ever constructed, based on its overall width of 58 meters (190 feet), even though it weighs only 52 kilograms (115 pounds). It has four 20.4 meter (67 foot) diameter rotors that are powered by the pilot pedaling a Cervelo carbon-fiber bicycle. The Atlas project was begun in January 2012 and made its first flight in August 2012.

AeroVelo is one of three teams recently flying as part of the AHS competition. The others are the University of Maryland in College Park, Maryland with its Gamera II helicopter, and California Polytechnic State University in San Luis Obispo, California with its Upturn II aircraft.

There is a video of the winning flight here. Congratulations to AeroVelo on this landmark achievement!

Submission + - Searchable IRS Database Exposes Applicant SSNs (threatpost.com)

Submitted by Gunkerty Jeb
Gunkerty Jeb writes: The Social Security Numbers of tens of thousands of Americans ended up in a searchable public database that provides access to the tax filing applications of tax-exempt Section 527 political organizations on the Internal Revenue Service’s website. None of the application forms in question explicitly or directly ask for Social Security Numbers. However, applicants often attach other tax forms to their Section 527 applications that do include Social Security Numbers in an apparent attempt to more concretely prove the legitimacy and accuracy of the information they are providing as part of their 527 filings. They attach these other documents despite the fact that there is no need to do so and, furthermore, the IRS urges applicants not to do so. The IRS has since taken the forms offline, but finds itself in something of a catch-22, because they are not legally allowed to alter federal documents and they are legally bound to publish public filings for tax-exempt status.

Slashdot Top Deals

Real Programmers don't eat quiche. They eat Twinkies and Szechwan food.

Close