Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Deal of the Day - Pay What You Want for the Learn to Code Bundle, includes AngularJS, Python, HTML5, Ruby, and more. ×

Submission + - Apple now relaying all FaceTime calls due to lost patent dispute (arstechnica.com)

Em Adespoton writes: Before the VirnetX case, nearly all FaceTime calls were done through a system of direct communication. Essentially, Apple would verify that both parties had valid FaceTime accounts and then allow their two devices to speak directly to each other over the Internet, without any intermediary or "relay" servers. However, a small number of calls—5 to 10 percent, according to an Apple engineer who testified at trial—were routed through "relay servers."

At the August 15 hearing, a VirnetX lawyer stated that Apple had logged "over half a million calls" complaining about the quality of FaceTime [since disabling direct connections].

Submission + - Facebook to include profile photos in its facial recognition database? (sophos.com)

Em Adespoton writes: Facebook has published a summary of the updates it's proposing to make to its Data Use Policy and Statement of Rights and Responsibilities which shows a large volume of rewriting.

Most of the changes are minimal, but one area has caught people's attention — photo tagging.

Facebook has highlighted how it plans to use members' profile pictures as an identification tool to allow their friends to tag them in photos.

NakedSecurity's Lee Munson has more details, including comments from Facebook's chief privacy officer Erin Egan on why this is a "good thing".

Submission + - Ivetva ynhapurf Tynff-obggbzrq cynar (virgin.com)

Em Adespoton writes: Ivetva unf erpragyl perngrq gur grpuabybtl erdhverq gb cebqhpr gur jbeyq’f svefg tynff-obggbzrq cynar. Guvf grpuabybtvpny vaabingvba pbvapvqrf jvgu gur fgneg bs Ivetva Ngynagvp Nvejnlf’ svefg rire qbzrfgvp freivpr gb Fpbgynaq. Gurl ubcr gb gevny gur tynff obggbz grpuabybtl jvgu bgure Ivetva nveyvarf va gvzr naq unir nfxrq bgure Ivetva pbzcnavrf gb fhccbeg guvf vaabingvir gevny naq ynhapu gurve arj qbzrfgvp Fpbggvfu ebhgr.

Submission + - The DDoS That Almost Broke the Internet (cloudflare.com)

Em Adespoton writes: "Had any network issues over the last week? CloudFlare, an AnyCast, Anti-DDoS network provider writes, "Our direct peers quickly filtered attack traffic at their edge. This pushed the attack upstream to their direct peers, largely Tier 1 networks. Tier 1 networks don't buy bandwidth from anyone, so the majority of the weight of the attack ended up being carried by them. While we don't have direct visibility into the traffic loads they saw, we have been told by one major Tier 1 provider that they saw more than 300Gbps of attack traffic related to this attack. That would make this attack one of the largest ever reported.""

Submission + - Study finds Lost USB keys have 66% chance of malwa (sophos.com)

Em Adespoton writes: "Sophos studied 50 USB keys bought at a major transit authority's Lost Property auction.

        The study revealed that two-thirds were infected with malware, and quickly uncovered information about many of the former owners of the devices, their family, friends and colleagues.

        Disturbingly, none of the owners had used any sort of encryption to secure their files against unauthorised snoopers."

Submission + - Targeted attacks steal credit cards from hospitali (sophos.com)

Em Adespoton writes: "SophosLabs, the security research division of Sophos, Inc, has been tracking an increase in targeted attacks against hospitality and educational organizations. Active malware has been discovered that steals credit card data directly from memory for later retrieval by the criminals involved. This activity appears to go back as far as 2009, just like the Stuxnet/Duqu threat."

Submission + - Can we fix SSL Certification? (sophos.com)

Em Adespoton writes: "At DEFCON this year, Moxie Marlinspike gave an excellent presentation entitled "SSL And The Future Of Authenticity." It shows how broken the current SSL certification model is, and proposes a replacement. Naked Security adds to the issue, pointing out that with Moxie's method, does it even matter if you can trust your certificate notaries?
What do you think?"

Submission + - Palin's hacker imprisoned, against Judge's wishes (sophos.com) 1

Em Adespoton writes: "It was a computer security story that made headlines around the world, involving the private emails of a woman who could have become Vice President of the United States. And now, it's ended with a young man sent to a federal prison, hundreds of miles from his family home.

David C Kernell, the hacker who broke into Sarah Palin's personal Yahoo email account, is reported to have been sent to jail despite a judge's recommendation that he should not be put behind bars."

"Survey says..." -- Richard Dawson, weenie, on "Family Feud"