An anonymous reader writes with an excerpt from the USA Today tech column: "...But until a lone information-technology contractor named Edward Snowden leaked a trove of National Security Agency documents to the media this summer, we didn't know just how much we'd surrendered. Now that we do, our nation can have a healthy debate — out in the open, as a democracy should debate — about how good a bargain we got in that exchange. For facilitating that debate, at great risk to his own personal liberty, Snowden is this column's technology person of the year for 2013."

CowboyRobot writes "The incentives are high for many businesses and government agencies to not be too heavy handed in combating the global botnet pandemic. There's money to be had and, with each passing day, more interesting ways are being uncovered in how to package the data, and how to employ it. It used to be that the worlds of bug hunters and malware analysts were separate and far between. In the last couple of years the ability to analyze malware samples and identify exploitable vulnerabilities in them has become very important. Given that some botnets have a bigger pool of victims than many commercial software vendors have licensed customers, the value of an exploit that grants reliable remote control of a popular malware agent is rising in value. In many ways, botnets have become a golden goose to those charged with gathering intelligence on the populations of foreign entities. The bulk of the victim's data is useful for mapping populations, communication profiles, and as egress points for counter intelligence exercises. Then, given how many botnet victims there are, the probability that a few 'interesting' computers will have succumbed along the way is similarly high — providing direct insight in to a pool of high value targets."

Microsoft released the Xbox One today, putting the next-gen console war into full swing. A common theme throughout most of the reviews is that properly evaluating the system is going to take time. Not only are updates for the console continuing to roll out, but the usefulness of some of its technology will depend on what game-makers and other content producers can do with it. Digital Foundry says, "It is willing to make the trades on gaming power in order to potentially revolutionize the way we interact with entertainment in the living room." The Penny Arcade Report calls the hardware and UI a "confusing mess" — until you learn to use it, at which point the hands-free navigation is fast and convenient. Polygon's review is once again visually-oriented, providing a good look at the UI, comparing the controller with the Xbox 360's controller, and giving a demonstration of how Kinect recognizes users. Their conclusion is that while "Kinect isn't a fully realized product yet," "the Xbox One feels like it's from the future." iFixit has a full teardown of the Xbox One, giving it a repairability score of 8/10 (the Kinect sensor gets 6/10). HotHardware has more details about the console's internals, including power consumption and temperature readings. Eurogamer has a compilation of launch coverage, including launch title reviews.

cold fjord writes "It looks like no more spam, spam, spam for Norway's warriors... at least on Mondays. The Daily Caller reports, 'Norway's military is taking drastic steps to ramp up its war against global warming. The Scandinavian country announced its soldiers would be put on a vegetarian diet once a week to reduce the military's carbon footprint. "Meatless Monday's" has already been introduced at one of Norway's main military bases and will soon be rolled out to others, including overseas bases. It is estimated that the new vegetarian diet will cut meat consumption by 150 tons per year. "It's a step to protect our climate," military spokesman Eystein Kvarving told AFP. "The idea is to serve food that's respectful of the environment." ... The United Nations says that livestock farming is responsible for 18 percent of global greenhouse gas emissions. Cutting meat consumption, environmentalists argue, would help stem global warming and improve the environment." — The Manchester Journal reports, "The meatless Monday campaign launched in 2003 as a global non-profit initiative in collaboration with Johns Hopkins University to promote personal and environmental health by reducing meat consumption.'"

aitikin writes "The Federal Communications Commission is expected to propose allowing passengers to use their cellphones on airplanes. While phone use would still be restricted during takeoff and landing, the proposal would lift an FCC ban on airborne calls and cellular data use by passengers once a flight reaches 10,000 feet. From the article: 'The move would lift a regulatory hurdle, but any use of cellphones on planes would still have to be approved by the airlines, which have said they would approach the issue cautiously due to strong objections from their customers. Airlines would have to install equipment in their planes that would communicate with cellphone towers on the ground.'"

An anonymous reader writes "Version 2.7 of the Contiki operating system has been released. The open source Contiki OS is known for its minuscule IPv6 stack that allows the tiniest of Systems-on-a-Chips – microprocessors with built-in 2.4 GHz radios – to connect to the Internet. The 2.7 release improves the IPv6 mesh routing mechanism so that the Systems-on-a-Chip autonomously can form wireless networks."

An anonymous reader writes "Users of Silverlight, Microsoft's answer to Adobe Flash, are in danger of having malware installed on their computers and being none the wiser, as an exploit for a critical vulnerability (CVE-2013-0634) in the app framework has been added to the Angler exploit kit. The vulnerability could allow remote code execution if an attacker hosts a website that contains a specially crafted Silverlight application that could exploit this vulnerability and then convinces a user to view the website. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements." You'd think something like Silverlight would automatically upgrade itself.

An anonymous reader writes "Ars Technica reports how a Snowden leak shows British spy agency GCHQ spoofed LinkedIn and Slashdot so as to serve malware to targeted employees. From the article: 'Der Spiegel suggests that the Government Communications Headquarters (GCHQ), the British sister agency to the NSA, used spoofed versions of LinkedIn and Slashdot pages to serve malware to targets. This type of attack was also used to target “nine salaried employees” of the Organization of Petroleum Exporting Countries (OPEC), the global oil cartel.'"

An anonymous reader writes "While he acknowledged that technology needs to keep going forward, LeVar Burton didn't seem comfortable with the idea of using Google Glass. '"It disturbed me. I was skeptical... [and] I'm a person that's very open to technology." That's the reaction LeVar Burton, the man best known from Reading Rainbow and Star Trek: The Next Generation, first had when encountering Google Glass backstage at Engadget Expand. Burton, a self-described edutainment pioneer, acknowledges the disruptive power new technologies can have on media and culture — after all, he did help transform television into a worthy educational tool/babysitter with his PBS program. But even with that storied success, and his company's current inroads into digital with an iPad Reading Rainbow application, Burton still had a "knee-jerk" response when confronted with Glass. Although his celebrity status and the resulting paranoia could have something to do with it.'"

An anonymous reader writes "I've recently been charged with updating our existing serial console access tools. We have 12 racks of servers each with a console server in it (OpenGear, ACS, and a few others). Several of these systems host virtual machines which are also configured to have 'serial' management (KVM, virt serial). In total it comes to about 600 'systems.' All the systems also have remote power management (various vendors). Right now our team has a set of home grown scripts and a cobbled together database for keeping this all together. Today any admin can simply ssh into the master, run 'manage hostname console' and automatically get a serial console or run 'manage hostname power off' to cut the power to a system. I'd rather use some tools with more of a community than just the 4 of us. What tool(s) should I move my group onto for remote serial/power management?"

Hugh Pickens DOT Com writes "Dan Goodwin writes at Ars Technica about a rootkit that seems straight out of a science-fiction thriller. According to security consultant Dragos Ruiu one day his MacBook Air, on which he had just installed a fresh copy of OS X, spontaneously updated the firmware that helps it boot. Stranger still, when Ruiu then tried to boot the machine off a CD ROM, it refused and he also found that the machine could delete data and undo configuration changes with no prompting. Next a computer running the Open BSD operating system also began to modify its settings and delete its data without explanation or prompting and further investigation showed that multiple variants of Windows and Linux were also affected. But the story gets stranger still. Ruiu began observing encrypted data packets being sent to and from an infected laptop that had no obvious network connection with—but was in close proximity to—another badBIOS-infected computer. The packets were transmitted even when the laptop had its Wi-Fi and Bluetooth cards removed. Ruiu also disconnected the machine's power cord so it ran only on battery to rule out the possibility it was receiving signals over the electrical connection. Even then, forensic tools showed the packets continued to flow over the airgapped machine. Then, when Ruiu removed internal speaker and microphone connected to the airgapped machine, the packets suddenly stopped. With the speakers and mic intact, Ruiu said, the isolated computer seemed to be using the high-frequency connection to maintain the integrity of the badBIOS infection as he worked to dismantle software components the malware relied on. It's too early to say with confidence that what Ruiu has been observing is a USB-transmitted rootkit that can burrow into a computer's lowest levels and use it as a jumping off point to infect a variety of operating systems with malware that can't be detected. It's even harder to know for sure that infected systems are using high-frequency sounds to communicate with isolated machines. But after almost two weeks of online discussion, no one has been able to rule out these troubling scenarios, either. 'It looks like the state of the art in intrusion stuff is a lot more advanced than we assumed it was,' says Ruiu. 'The take-away from this is a lot of our forensic procedures are weak when faced with challenges like this. A lot of companies have to take a lot more care when they use forensic data if they're faced with sophisticated attackers.'"