Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security

Submission + - iTunes Flaw Allowed Spying on Dissidents 3

Submitted by
Hugh Pickens writes
Hugh Pickens writes writes: "Democracy and free speech activists worldwide have something new to worry about — cyberwarfare via iTunes — as the Telegraph reports that Gamma International sells computer hacking services to governments offering "zero day" security flaws, that allows access to target computers "with the ability to take control of the target systems functions to the point of capturing encrypted data and communications." FinFisher spyware, known to be used by British agencies and offered to Egypt’s feared secret police, takes advantage of an unencrypted HTTP request that is filed by iTunes when Apple Software Updater is inactive redirecting users' web browsers to a customized web page that pretends Flash is not installed on the user's computer then installing a sophisticated piece of spyware that sends info on a user's activities directly to foreign intelligence services. The latest iTunes software update, 10.5.1, released on November 14 appears to have fixed the exploit FinFisher used after a prominent security researcher warned Apple about this dangerous vulnerability in mid-2008, yet Apple "waited more than 1,200 days to fix the flaw,” writes security researcher Brian Krebs. "The disclosure raises questions about whether and when Apple knew about the Trojan offering, and its timing in choosing to sew up the security hole in this ubiquitous software title.""
Twitter

Submission + - KS Governor Sends Tweeting Teen to Principal's Off (kansas.com)

Submitted by
kstatefan40
kstatefan40 writes: "According to the Wichita Eagle, A Kansas teenager is in trouble after mocking Gov. Sam Brownback during a mock legislative assembly for high school students. During the session, in which Brownback addressed the group, Sullivan posted on her personal Twitter page: “Just made mean comments at gov brownback and told him he sucked, in person #heblowsalot” On Tuesday, Sullivan was called to her principal’s office and told that the tweet had been flagged by someone on Brownback’s staff and reported to organizers of the Youth in Government program. The principal “laid into me about how this was unacceptable and an embarrassment,” Sullivan said. “He said I had created this huge controversy and everyone was up in arms about it and now he had to do damage control.

This has a nice big brother feel to it."
Idle

Submission + - Kansas Governor Appoints CIO with Degree from Fake (cjonline.com)

Submitted by kstatefan40
kstatefan40 writes: The Topeka Capital-Journal is reporting that Kansas Governor Sam Brownback appointed Jim Mann as Chief Information Officer this week (with a salary of $155,000), and noticed that Mr. Mann listed his education B.S. in Business Administration from a degree mill called the University of Devonshire. "The school, according to a 2002 article by Wired, was owned by American residents in Romania, used mailing address in the United Kingdom, printed materials in Israel and banked in Cyprus. One estimate placed at 70,000 the number of degrees sold in the United States by their University Degree Program doing business as University of Devonshire and a series of other names." A spokeswoman for Governor Brownback said the decision by Brownback to hire Mann wasn't based on Mann's scholarly performance with the distance learning university.

A college degree isn't everything in IT, but this just seems like a really bad idea.

Comment Re:Stoll's "Cuckoo's Egg" has some great anecdotes (Score 1) 90

by kstatefan40 (#36630812) Attached to: Early UNIX Contributor Robert Morris Dead at 78
Cliff- I'm another person who has you to thank for getting me into the security field through your book. I'm 21 now, just getting ready to finish up my undergrad in Information Assurance. I was working as a web developer at an internet security firm in high school when my boss, an old Unix hacker, suggested your book to me. It got me hooked and I haven't ever looked back. Appreciate your insight into Mr. Morris's life. He laid the foundation for all of us. Thanks for jumping in. Tyler

Comment Fort Hays State University (Score 3, Informative) 428

by kstatefan40 (#33040284) Attached to: Your Online Education Experience?
Take a look at the Department of Informatics at Fort Hays State University - you can take all of the courses (at both undergrad and graduate level) online to complete a degree. It is not one of those curriculum sets you can just ace - it is a challenging set of courses which encompass internetworking, web development, media studies, and information assurance. You can pick your specific concentration, but you will still get to see a little bit of everything. This is one of the best programs in the country for updated networking and web curriculum. It is both a Cisco Networking Academy and an NSA Center of Academic Excellence in Information Assurance. You can work toward you CCNA/CCNP/CISSP if that is the direction you'd like to take, or you can work toward an advanced degree in web development. I know these classes are quality because I have taken them - the internetworking series of classes were the most difficult classes I have ever taken. I loved the challenge and the connections you gain with classmates from around the world are invaluable. http://www.fhsu.edu/informatics/ Thanks for posting and good luck!
Crime

Geologists Might Be Charged For Not Predicting Quake 375

Posted by timothy from the google-will-no-doubt-be-found-at-fault dept.
mmmscience writes "In 2009, a series of small earthquakes shook the region of L'Aquila, Italy. Seismologists investigated the tremors, but concluded that there was no direct indication of a big quake on the horizon. Less than a month later, a magnitude 6.3 earthquake killed more than 300 people. Now, the chief prosecutor of L'Aquila is looking to charge the scientists with gross negligent manslaughter for not predicting the quake."

Comment Re:ya right (Score 1) 135

by kstatefan40 (#32530510) Attached to: New Declassification Process To Open 400 Million Pages of Records
I think you forget that the government just declassified portions of COMINT and SIGINT documents dating back to 1933. These documents were the precursor to the NSA run by the US Army Signal Corps. In the case of cryptographic information, 25 years is an awfully short period. I found many of the documents that were declassified from '33 to contain tons of extremely interesting and historically valuable information.
The Courts

Submission + - Seizure of MLB Players' Drug Tests Ruled Illegal (webhostingbuzz.com)

Submitted by
kstatefan40
kstatefan40 writes: "CNN is covering [CNN.com] a recent ruling by the 9th U.S. Circuit Court of Appeals against federal investigators who seized drug test records on 104 Major League Baseball players in 2004. From the article, "The appeals court's decision says such a standard for computer searches would be dangerous to everyone's privacy as protected by the Constitution's Fourth Amendment. 'Seizure of, for example, Google's e-mail servers to look for a few incriminating messages could jeopardize the privacy of millions,' wrote the 9th U.S. Circuit Court of Appeals judges. The judges noted that 'some players appear to have already suffered this very harm as a result of the government's seizure.'" The warrant was for 10 players records, but since 104 were in plain site, they took those too. This is good news for everyone who has information stored on servers around the world."
Image

A Unique Environmental Policy to Deal With Fraudulent Customers 7

Posted by samzenpus from the the-customer-is-sometimes-right dept.
kstatefan40 writes "Hosting company WebHostingBuzz introduced a unique environmental policy this weekend, calling for executives at the company to use fraudulent complaints as toilet paper and donating $100 to the International Tree Foundation to apologize for the abuse of such precious resources by customers who fraudulently file complaints against their company. The story goes back a few weeks, but it ended with WHB CEO Matt Russell telling a fraudulent customer who filed a complaint against with the BBB, 'Cool. I look forward to tearing it up and wiping my ass with the piece of paper.' Read and enjoy the entire exchange."
Idle

Submission + - Introducing Unique Environmental Policy for Fraud (webhostingbuzz.com)

Submitted by
kstatefan40
kstatefan40 writes: "Hosting company WebHostingBuzz introduced a unique environmental policy this weekend, calling for executives at the company to use fraudulent complaints as toilet paper and donating $100 to the International Tree Foundation to apologize for the abuse of such precious resources by customers who fraudulently file complaints against their company. The story goes back a few weeks, but it ended with WHB CEO Matt Russell telling a fraudulent customer who filed a complaint against with the BBB, "Cool. I look forward to tearing it up and wiping my ass with the piece of paper." Read and enjoy the entire exchange."

Comment Take the Cash - NOT Stock Options (Score 1) 412

by kstatefan40 (#27885509) Attached to: What To Do When a Megacorp Wants To Buy You?
Whatever you do, do not accept stock options. Take the cold hard cash - it has real value. I've seen too many small startups get screwed when their genius product was bought out and then the company that bought it went under. Suddenly, they sold the rights to their product for... nothing. Take cash. Upfront.
Security

Submission + - WebHostingTalk Data Breach: Lessons Learned

Submitted by
kstatefan40
kstatefan40 writes: "WebHostingTalk's data breach situation just keeps getting worse. First, over 50,000 user names and encrypted passwords were stolen from a backup server and the parent company iNET assured their clients that absolutely no credit card information was taken. Unfortunately for iNET, Tuesday of this week it was reported that nearly 10,000 credit card numbers were posted in plain text, including their corresponding CVV2 numbers, expiration date, and the full name of the owner of the card. The response from WHT has been all over the board and has really angered some of their clients. I wrote an analysis of what went wrong in WHT's response and lessons that can be learned from the incident."
Security

Submission + - WebHostingTalk Hacked Again, Credit Cards Stolen 3

Submitted by kstatefan40
kstatefan40 writes: WebHostingTalk was hacked about three weeks ago and was discussed here on Slashdot due to the unique nature of the attack, targeting the company's backup systems. Today, it seems they have been hacked again and this time the stolen data includes decrypted credit card information. If you have used them for advertising or bought a premier membership through them, it is time for you to cancel the credit card you used and consider purchasing credit monitoring services. The speculation can now begin: what the hell went wrong this time?

Comment Re:Star Wars (Score 1) 1419

by kstatefan40 (#24112295) Attached to: Sci-Fi Books For Pre-Teens?
As an 18 year old, I can recommend the Jedi Apprentice series by Jude Watson. They are absolutely fantastic books to start with and can really get thought patterns down. Once they are comfortable reading that, and if they enjoy it, move them into Mathew Stover's writing. It is absolutely dark and political, but it is also amazing at getting someone to understand themselves and controlling their emotions. Although it is fiction, Stover really gets down to the fundamental level of human nature, and they will be valuable lessons to know growing up.

Slashdot Top Deals

UNIX is hot. It's more than hot. It's steaming. It's quicksilver lightning with a laserbeam kicker. -- Michael Jay Tucker

Close