Z00L00K - Slashdot User

Submission + - Fake Komodia root SSL certs in use by over +100 companies (forbes.com)

Submitted by Billly Gates on Sunday February 22, 2015 @02:52AM

Billly Gates writes: Lenovo and Superfish are not the only companies who used the fake root SSL certificates by Komodia to spy and decrypt network traffic. Komodia advertises its products including a SSL-digestor to rid the obtrusive thing we call encryption and security. So far game accelerators are mentioned as some have seen these certs installed with Asus lan accelerator drivers.

Submission + - Homeland Security Urges Lenovo Customers to Remove Superfish

Submitted by HughPickens.com on Friday February 20, 2015 @06:00PM

HughPickens.com writes: Reuters reports that the US Department of Homeland Security has advised Lenovo customers to remove "Superfish" software from their computers. According to an alert released through its National Cyber Awareness System the software makes users vulnerable to SSL spoofing and could allow a remote attacker to read encrypted web browser traffic, spoof websites and perform other attacks on Lenovo PCs with the software installed. Lenovo inititally said it stopped shipping the software because of complaints about features, not a security vulnerability. "We have thoroughly investigated this technology and do not find any evidence to substantiate security concerns," the company said in a statement to Reuters early on Thursday. On Friday, Lenovo spokesman Brion Tingler said the company's initial findings were flawed and that it was now advising customers to remove the software and providing instructions for uninstalling "Superfish". "We should have known about this sooner," Tingler said in an email. "And if we could go back, we never would have installed this software on our machines. But we can't, so we are dealing with this head on."

Submission + - Intel Employee here. Intel says it's for Net Neutrality, but isn't?

Submitted by whistlingtony on Thursday February 19, 2015 @03:18PM

whistlingtony writes: I work for Intel.

I'm not in a position of authority. I work in the Fab. This is NOT my area of expertise, although I care about the issue and try to be informed.

I was pretty bummed to find that Intel was on an letter with other companies against Title II regulation.

I also ran into a little piece on the company intranet about Net Neutrality, and emailed the author. It turns out he is, I believe, Intel's main lobbyist in Washington D.C.

He told me that Intel was FOR Net Neutrality. It seems everyone thinks that we're against it.

http://www.theverge.com/2014/1...

http://arstechnica.com/busines...

After speaking to him via phone and email, I got pretty discouraged. It really feels to me as if Intel is trying to say "Yay! We're for NN!" while doing everything it can to sink real regulation and oversight.

After talking to the guy for a while, It seems Intel believes that Title II regulation will slow growth. In addition, Intel thinks that the FCC has all the authority it needs under section 706, so the FCC shouldn't TRY for Title II regulation.

I think that's hogwash, to be polite. I hope it's the position of this one guy, and not the company? I doubt this though.

Frankly, I think that Intel will do well in a competitive environment. Without Net Neutrality, we WILL have a less competitive environment. I'm afraid of broadband companies strangling the next Google or Netflix because they don't want the competition for their own services. As a stockholder, I think this is a bad move.

I also don't think the Broadband companies will spend less under Title II. Oh, they SAY they will, but of course they do... What else would they say?

Frankly, I think broadband companies are simply afraid of unbundling. Back in the dial up days when most of us got our internet over the phone lines, there was Title II regulation and the ISPs had to lease their lines to competitors at sane prices. This gave us choice and competition. You could go get a mom and pop local company to be your ISP, and their service was AWESOME. I think the entire resistance to Title II is that the ISPs don't want those days again. Comcast has long been one of the worst companies in America in terms of customer service and satisfaction.

I don't know why Intel is following their lead. We should want MORE competition, not less. Why are we doing this?

I looked into section 706, and it seems to lack a LOT of teeth. Our main lobbyist said that the FCC could use section 706, but Title II would be tied up in the courts for a long time.

I read up on court cases from 2014, and the circuit court in D.C. said that the FCC gave up it's authority and that all it needed to do was reclassify to title II and it could have it back. The courts themselves seem to disagree with Intel's position. Section 706 is a mandate to report and vague permission to do something if broadband coverage isn't widely spread enough. It's very vague, and WILL be tied up in the courts.

From the court case...

“Even though section 706 grants the Commission authority to promote broadband deployment by regulating how broadband providers treat edge providers, the Commission may not utilize that power in a manner that contravenes any specific prohibition contained in the Communications Act. ... We think it obvious that the Commission would violate the Communications Act were it to regulate broadband providers as common carriers. Given the Commission’s still-binding decision to classify broadband providers not as providers of “telecommunications services” but instead as providers of “information services,” such treatment would run afoul of section 153(51).”

http://transition.fcc.gov/Dail...

I think it's pretty disingenious for Intel to say that we're for Net Neutrality while we try to sink it. I think Intel is lying to people, and I don't like it, as a customer, as an employee, and as a shareholder.

The FCC is voting to decide if we get Title II regulation BACK (We had it before and it was awesome) on the 26th of Feb, 2015. It's coming soon! I wish my company was on the right side here, but it seems they're not.

I wish I could change that, but it seems I can't.

Does anyone have any ideas? Should I be calling for boycott? Should I take to Twitter? Will that help?

I am also a little scared of being too effective. I LIKE my job, and Intel is good to me as an employee. I just wish we wouldn't be saying things are are demonstratively wrong, to ourselves and to the world.

For more information, please read up. This is IMPORTANT folks. The internet is our main communication channel now.

http://www.savetheinternet.com...

https://www.aclu.org/net-neutr...

https://www.eff.org/issues/net...

Comment Re:someone explain for the ignorant (Score 1) 449

by Z00L00K on Thursday February 19, 2015 @01:19AM (#49084883) Attached to: Credit Card Fraud Could Peak In 2015 As the US Moves To EMV

Cameras at ATMs.

Comment Re:someone explain for the ignorant (Score 1) 449

by Z00L00K on Thursday February 19, 2015 @01:18AM (#49084875) Attached to: Credit Card Fraud Could Peak In 2015 As the US Moves To EMV

I'm surprised that it's not the merchants that shall take full responsibility for fraud. That would raise the stakes on them to request photo ID or for online sales other means of supplementary identification.

Comment Re:someone explain for the ignorant (Score 2) 449

by Z00L00K on Thursday February 19, 2015 @01:15AM (#49084865) Attached to: Credit Card Fraud Could Peak In 2015 As the US Moves To EMV

It's still better than the magnetic stripe. But I agree - it's not as secure as it can be.

Compromised card readers are one item that can be used to spoof cards.

Comment Re:someone explain for the ignorant (Score 1) 449

by Z00L00K on Thursday February 19, 2015 @01:13AM (#49084851) Attached to: Credit Card Fraud Could Peak In 2015 As the US Moves To EMV

It's not the card that contains the PIN on the European solution, the PIN is validated by the bank.

The reason the US has opted for signature instead is because they think people will have problems remembering the PINs.

So this means that if you lose your wallet - tough luck because many shops don't check signature validity.

Add to it the stupidity that if someone matches the signature it's the signature on the card, not the signature on your photo ID.

Comment Re:someone explain for the ignorant (Score 1) 449

by Z00L00K on Thursday February 19, 2015 @01:08AM (#49084839) Attached to: Credit Card Fraud Could Peak In 2015 As the US Moves To EMV

According to some sources the US has opted for chip on the cards with a hand-written signature.

That leads me to believe that frauds in the US will continue to be high.

Comment Re:Theory vs Empericism (Score 1) 249

by Z00L00K on Tuesday February 17, 2015 @10:39AM (#49073405) Attached to: Game Theory Calls Cooperation Into Question

Is suffering always bad?

Suffering in the short term perspective may pay off as beneficial in the long term perspective.

Some people think outside the box, and maybe the group suffers because of this - until the group has reformulated itself. If there were nobody that challenged the system then no progress would be made.

Submission + - GCC 5 heads toward release and Fedora 22, with F23 introducing new C++11 ABI (redhat.com)

Submitted by rhmattn on Tuesday February 17, 2015 @07:38AM

rhmattn writes: Fedora 22 will ship with GCC 5, which brings a whole host of enhancements, among which is a new default C++ ABI. Fedora is going to transition to that ABI over two Fedora releases F22 and F23. This article, written by some of the key players in the GCC community, explains how that will work and what it means for developers, including some useful tips for application developers and packagers.

Submission + - Routing on OpenStreetMap.org (openstreetmap.org)

Submitted by Anonymous Coward on Monday February 16, 2015 @11:30PM

An anonymous reader writes: Good news for OpenStreetMap: the main website now has A-to-B routing (directions) built in to the homepage! The OSM website offers directions which are powered by third-parties using OSM data, providing car, bike, and foot routing. OpenStreetMap has a saying: “what gets rendered, gets mapped” – meaning that often you don’t notice a bit of data that needs tweaking unless it actually shows up on the map image. It will make OpenStreetMap’s data better by creating a virtuous feedback loop.

Comment Climate Change? (Score 1) 1

by Z00L00K on Monday February 16, 2015 @10:36AM (#49066369) Attached to: Oscar Mayer Wienermobile latest victim of Climate Change

What have the wiener mobile to do with climate change?

Submission + - Spamhaus under attack (in court this time) (spamhaus.org) 1

Submitted by stoatwblr on Monday February 16, 2015 @09:00AM

stoatwblr writes: Disclaimer: I am not spamhaus, but I respect their work. This is NOT linked off their website.

The following message has been circulated on several spamfighting lists.

"As folks may have noticed from Twitter, Spamhaus is currently the target of a lawsuit filed in the UK by a US bulk sender better known in the anti-spam world as 'Mamba Hosting' — an outfit which since 2008 has managed to rack up an impressive 184 SBL listings and get terminated by over 50 hosts.

As the case has been filed in the UK we intend to defend it vigorously. Our defence aims to reveal the extent of this outfit's spam activities over the last years. Our goal is to impress upon the court the scale and subterfuge used by this outfit with overwhelming evidence to counter any claims of sending only to opt-in lists.

To ensure the court views the bulk of evidence as unquestionably large, that the scope is global, and with many victims beyond just Spamhaus' trap network, Spamhaus will appreciate additional spam samples from folks here who have been on the receiving end of spam from this outfit under its many different names.

Thanks for your assistance!

Steve Linford
Chief Executive
The Spamhaus Project"

If you have any interest in helping Spamhaus, please respond to Matt@spamhaus and he will provide IP ranges, timeframes, and a submission address

Submission + - Stopping at red lights exposes you to higher levels of pollution: Study (drugtodayonline.com)

Submitted by Anonymous Coward on Monday February 16, 2015 @03:16AM

An anonymous reader writes: Motor vehicles square measure famed to secrete pollution nanoparticles inflicting metastasis and heart diseases. Now, a study has found that drivers square measure exposed to noticeably high levels of air pollutants whereas stopping at red lights.

Submission + - Heart rate variability analysis gives an insight into overall health (biocomtech.com)

Submitted by biocomtech15 on Monday February 16, 2015 @03:16AM

biocomtech15 writes: Heart rate variability analysis is a quantitative assessment of the autonomic nervous system function, isolated parasympathetic and sympathetic functions and more.

Slashdot Top Deals