Forgot your password?
typodupeerror

Submission Summary: 0 pending, 74 declined, 16 accepted (90 total, 17.78% accepted)

+ - Private keys stolen within hours from heartbleed OpenSSL site->

Submitted by Billly Gates
Billly Gates (198444) writes "It was reported when heartbleed was discovered that only passwords would be at risk and private keys were still safe. Not anymore. Cloudfare launched the heartbleed challenge on a new server with the openSSL vulnerability and offered a prize to whoever could gain the private keys. Within hours several researchers and a hacker got in and got the private signing keys.

Expect many forged certificates and other login attempts to banks and other popular websites in the coming weeks unless the browser makers and CA's revoke all the old keys and certificates."

Link to Original Source

+ - Ubuntu to re-add menu's to gnome-shell->

Submitted by Billly Gates
Billly Gates (198444) writes "Arstechnica reviewed one of the 14.4 pre-releases and found menu's returning to its version of Gnome 3 (gnome-shell). With rumors of Windows 9 reversing course with its mobile UI already evident in Windows 8.1 update 1 and now Gnome-shell could this mean the mobile phase of focusing just on minimalism and viewing content is coming to an end?"
Link to Original Source

+ - Dangerous 0-day in the wild for IE 10->

Submitted by Billly Gates
Billly Gates (198444) writes "The new patches released just a few days ago does not cover this one. Arstechnica who reported this did not mention if earlier versions of IE were vulnerable outright as only IE 10 was mentioned.

Arstechnica advised users to not use IE 10 meanwhile and upgrade to IE 11 or use Firefox or Chrome. One of the comments to the story mentioned ESPN's ad-network already being infected. Also Adblock plus for IE is available too if you are stuck with IE 10 which will block malicious ad networks."

Link to Original Source

+ - LibreOffice 4.2 with GPU mantle support is out-> 4

Submitted by Billly Gates
Billly Gates (198444) writes "A basic summary of the new features are listed here. In catching up with MS Office the new LibreOffice 4.2 now has full Windows 7/8 integration including aero peak, thumbnails, jumplists, and recent documents all from the taskbar. In addition one weak area for LibreOffice has been enterprise network support and the lack of active directory tools. LibreOffice now has GPO and active directory support for system administrators to deploy and manage Libreoffice over corporate networks. Libreoffice also includes an expert configuration Window to assist power users and system administrators when deploying to hundreds of workstation at a time as well.

Also of particular interest is AMD/ATI is expecting to finally release Mantle in the next coming hours for games like Battlefield 4. Surprisingly LibreOffice also supports mantle as well according to the release notes. However you will need the 14.1 driver which is being compiled and uploaded at the time of this writing to utilize this feature. Mantle will accelerate lower end cpus by up to 300% in some tasks while having modest improvements for those with more recent powerful CPUs. A real niceties for those like myself on AMD phenom II's with the later 7000 series cards.

The only issue (some on slashdot may say benefit ) is the lack of a ribbon UI. However, for recent articles about governments considering openoffice this release addresses shortcomings with the new active directory and GPO support."

Link to Original Source

+ - +147 more exploits found in latest Java-> 1

Submitted by Billly Gates
Billly Gates (198444) writes "Out of the 147 vulnerabilities around 85 are remote executions with no authentication whatsoever. Oracle plans to have a patch which addresses most of them for Java 7 next Tuesday. Unfortunately for many corporations or those who have the Android SDK you are stuck without a patch with Java 6 without a very expensive Oracle support contract."
Link to Original Source

+ - Old browsers preventing HTML 5 are growing (not just IE)->

Submitted by Billly Gates
Billly Gates (198444) writes "The monthly totals from g.statcounter.com and netmarketshare.com came out with the latest December statistics which sometimes cause flamewars as both sides companies report different results on the most popular browser/OS (Netmarketshare favors IE, while statcounter.com favors Chrome).

However, ZDNet noticed something interesting from both statistics. Obsolete browsers are gaining traction even with auto updates for all them. Typically we hear of old browsers we think of corporations running old versions of IE like IE 6 in which any intranet developer will say is a must for support until last year. But Safari now beats IE in terms of users who do not wish to upgrade as 50% run obsolete versions!

Firefox too has its obsolete versions kicking and screaming with 1 out of 5 more than 2 versions old. IE has its old versions as well but this is expected in corps where they use apps which write to MSHTML and MS CSS with MS Jscript for their intranet apps as IE 11 is too modern and standards compliant.

As 2014 starts the web is becoming more and more important as new sites like salesforce.com, LinkedIn, and a million cloud providers all really benefit from HTML 5 features not to mention the security risk associated with"

Link to Original Source

+ - Both Firefox and Chrome will EOL on XP shortly after April->

Submitted by Billly Gates
Billly Gates (198444) writes "While Windows XP is still going strong the sun is rapidly setting on this old platform fast. Firefox plans to end support for XP which means no security fixes or improvements. Chrome is being discontinued a little later as well for Windows XP. Windows XP has its die hard users refusing to upgrade as they prefer the operating system or feel there is no need to change. Many of them also have been on slashdot proudly proclaiming to still use it when not running MacOSX or Linux. The story would not be as big of a deal if it were not for the feared XPopacalypse with a major Virus/worm/trojan taking down millions of systems with no patches to ever fix them and software not being patched to protect them. Does this also mean webmasters will need to write seperate versions of CSS and javascript for older versions of Chrome and Firefox like they did with IE 6 if the user base refuses to leave Windows XP?

It is time to move on whether you are a fan of Windows XP still or not. As fellow geeks how is the best way to move these people off this old platform?"

Link to Original Source

+ - ATI takes crown away from Nvidia for almost half the price as fastest GPU->

Submitted by Billly Gates
Billly Gates (198444) writes "AMD may have trouble in their CPU department with Intel having superior fabrication plants. However, in the graphics market with GPU chips AMD is on fire! AMD earned a very rare Elite reward from Tomshardware as the fastest GPU available with its fastest r9 for as little as $550 each. NVidia has its top end GPU cards going for $1,000 as it had little competition to worry about. Maximum PC also included some benchmarks and crowned ATI as the fastest and best value card available. AMD/ATI also has introduced MANTLE Api for lower level access than DirectX which is cross platform. This may turn into a very important API as AMD/ATI have their GPUs in the next generation Sony and Xbox consoles as well with a large marketshare for game developers to target"
Link to Original Source

+ - AMD/ATI's takes crown from Nvida for almost half the price!-> 1

Submitted by Billly Gates
Billly Gates (198444) writes "AMD may have trouble in their CPU department with Intel having superior fabrication plants. However, in the graphics market with GPU chips AMD is on fire! AMD earned a very rare Elite reward from Tomshardware as the fastest GPU available with its fastest r9 for as little as $550 each. NVidia has its top end GPU cards going for $1,000 as it had little competition to worry about. Maximum PC also included some benchmarks and crowned ATI as the fastest and best value card available. AMD/ATI also has introduced MANTLE Api for lower level access than DirectX which is cross platform. This may turn into a very important API as AMD/ATI have their GPUs in the next generation Sony and Xbox consoles as well with a large marketshare for game developers to target."
Link to Original Source

+ - New ransomeware CryptoLocker virus encrypts all your files->

Submitted by Billly Gates
Billly Gates (198444) writes "Slashdot covered the FBI scareware malware which scares users into paying a fake FBI fine before. This one does something even more mischievous. It scans your whole hard disk for photos, .odts, .docx, xls, and other important files and locks them with a 2048-bit RSA key and then demands $300 or you will never see your data again! The name of it is called cyptolocker and only the author has the private key to unlock it and using any anti virus product will remove all your data forever as the public key is randomly generated during each new infection making it impossible to unlock without a supercomputer and a few millennium of time. Cryptolocker also has a time bomb of 72 hours before it closes out. However, some users have reversed the time on their computers to get the session back up again."
Link to Original Source

+ - Windows Server 2012 R2 the other MS OS also was released->

Submitted by Billly Gates
Billly Gates (198444) writes "Windows 8.1 isn't the only update that came out yesterday. Windows Server 2012 R2 offers numerous improvements over R1 even if it is not mentioned in the news as much as its tablet friendly cousin.

Windows Server OS will be updated on an agile schedule as well which is different unlike past versions. The Modern (formerly known as METRO) haters will be pleasantly surprised that the GUI is not installed by default. A CLI Powershell 4.0 with new desired state configuration comes standard as a preferred way to administer the systems locally. The gui is an optional install. Improvements over Windows Server 2012 R1 include better Tier Storage Space support where requests for certain files will automatically be selected by the quickest SAN or other storage location, faster VM deployments (about 50%), UEFI VM hyperV support, replacement of driver emulators to native ones for more virtual hardware in HyperV, Faster SMB performance and compression, event logging with SMB events, live SMB HypverV migration support, Group Policy caching which will make booting clients off the network much quicker, WDS Windows deployment can be done in powershell making upgrades much easier, IIS 8.5 which now includes (Windows Process Out) which pages out a process out an idle process after 20 minutes to prevent memory leaks, Windows Defender for live virus and malware scanning on file shares, IP management can now be imported/exported to SQL ServerTLS is more standards compliant and now supports RFC5077.

For those who want some gui support, but not the modern UI can use RSAT to manage it from a desktop. RSAT also is available for the Iphone and Android phones and tablets with R2! You might want to check your organizations security policy before enabling this though :-)

  Server 2012 R1 still is a big improvement over Windows Server 2008 with SMB and AD compression (nice for WAN links), smart caching by picking the fastest SAN or RAID for read/writes, and a now type 1 hyper-visor which makes it competitive with VMWare ESX, as well as VM friendly domain controllers that can be moved easily on the network. More detailed improvements including R2 are listed here. Since R2 is considered the first service pack many organizations who use Windows this maybe the first upgrade in quite some time since Server 2008 SP 1 was released many years ago."

Link to Original Source

+ - VMWare updates VMWare Fusion, VMPlayer, and VMWare Workstation lines->

Submitted by Billly Gates
Billly Gates (198444) writes "Virtualization is criticial for anyone in I.T. or runs Linux and needs to run some Windows program. In just a year's span VMWare has its next generation of client software releases using a Microsoft like release schedule. The information and features is here as well as here . Both the Mac oriented Fusion, and PC oriented Workstation include support for Windows 8.1, MacOSX Maverick (fusion/player on Mac), SATA drivers, integration with tablet features such as light controls and sensors, 64 GBs of ram support, 16 virtual CPU support, USB 3, and better SSD support. However, VMWare crippled its fusion product for the Mac and offers are more expensive VMWare Professional Fuse that offers the same features such as creating restricted or expired VMs as well as the VMWare Player. For those who do not want to pay $299 for the retail price or $250 there is always the FOSS Oracle Virtualbox which offers many of its features and is also cross platform for all major host and guest platforms."
Link to Original Source

+ - Linux based Hand of Thief banking trojan hits the streets->

Submitted by Billly Gates
Billly Gates (198444) writes "Arstechnica has a story on a new Linux based trojan that steals banking data. The catch is it does not run on Windows. Targeting Linux and MacOSX is new but some are beginning to target these platforms as most users refuse to run any AV software and feel they are immune and do not need it unlike Windows users who know better.

The malware kit is available for $2,000 which makes it much more expensive than most exploit kits sold on the blackmarket."

Link to Original Source

+ - US cloud companies see immediately decline in business thanks to NSA Prism->

Submitted by Billly Gates
Billly Gates (198444) writes "Well here comes the economic cost for the Snowden leaks. EU companies immediately cancel up to 10% of their current contracts over security concerns with the NSA spying on their data and 56% of EU companies plan to re-examine or be less likely to choose an American cloud based provider as a result. Likely they will chose a Canadian, European, or Chinese cloud company instead in their future projects. Since the politicians do not care about the US privacy will business losses invigorate an re-examination instead?"
Link to Original Source

+ - Microsoft releases IE 11 preview for Windows 7 and 8.1 (not 8.0)->

Submitted by Billly Gates
Billly Gates (198444) writes "Microsoft who is desperately trying to stay relevant in the web browser market as competitors with fast releases and W3C compliant rendering engines and JIT javascript have eaten away at the once unstoppable IE, is having annual releases in playing catch-up. The download for web developers and anyone here who actually cares is here which now includes WebGL, better CSS 3, HTML 5, and touch support, and even a faster javascript interpreter. Also the developer tools have been overhauled and include support for response time testing and touch testing to go head to head against firebird.

Despite MS doing a turnaround starting with IE 9 and IE 10 there are drawbacks to this release. As previously mentioned this browser does not identify as IE to webservers by default as MS feels it is W3C compliant enough to not require special MS CSS hacks anymore. In addition, users report the new enhanced developer tools no longer support IE 7, 8, 9, or 10 emulation! Both of these changes will break many business intranet apps written for IE 6 — 8. As IE 7 and IE 8 emulation is commonly pushed through group policy to corporate desktop for these apps.

Web developers who want to test both will have to use a virtual machine for now on. Hopefully, this will break the reliance on web developers creating code for just one version of one browser and virtualization can be a thing of the past if Microsoft gets its act together and makes IE behave like other modern browsers."

Link to Original Source

"There is no distinctly American criminal class except Congress." -- Mark Twain

Working...