Forgot your password?
typodupeerror

+ - Anonymous breaks Booz Allen Hamilton's security->

Submitted by Anonymous Coward
An anonymous reader writes "from TFA: Today we want to turn our attention to Booz Allen Hamilton, whose core business
is contractual work completed on behalf of the US federal government, foremost
on defense and homeland security matters, and limited engagements of foreign
governments specific to U.S. military assistance programs.

So in this line of work you'd expect them to sail the seven proxseas with a
state- of-the-art battleship, right? Well you may be as surprised as we were
when we found their vessel being a puny wooden barge.

We infiltrated a server on their network that basically had no security
measures in place. We were able to run our own application, which turned out to
be a shell and began plundering some booty. Most shiny is probably a list of
roughly 90,000 military emails and password hashes (md5, non-salted of course!).
We also added the complete sqldump, compressed ~50mb, for a good measure.

We also were able to access their svn, grabbing 4gb of source code. But this
was deemed insignificant and a waste of valuable space, so we merely grabbed
it, and wiped it from their system.

Additionally we found some related datas on different servers we got access to
after finding credentials in the Booz Allen System. We added anything which
could be interesting.

And last but not least we found maps and keys for various other treasure chests
buried on the islands of government agencies, federal contractors and shady
whitehat companies. This material surely will keep our blackhat friends busy
for a while."

Link to Original Source
Security

+ - Anonymous Releases 90,000 Military E-Mail Accounts->

Submitted by jjp9999
jjp9999 (2180664) writes "Anonymous Operations posted 90,000 military email addresses and passwords to Pirate Bay on July 11, in what they're calling "Military Meltdown Monday." They obtained the emails while hacking government contracting and consulting firm Booz Allen Hamilton. They hinted at other information obtained during the breach, which they describe as "maps and keys for various other treasure chests buried on the islands of government agencies, federal contractors and shady whitehat companies." The breach comes just days after Anonymous hacked government contractor IRC Federal. Both breaches are linked to the new AntiSec movement, which LulzSec joined forces with shortly before disbanding."
Link to Original Source
Politics

+ - Congressmen pusshing to reopen Yucca Mountain->

Submitted by Bob the Super Hamste
Bob the Super Hamste (1152367) writes "A story over at CNN Money is reporting that a group of congressmen who are backed by the nuclear industry are pushing to reopen the Yucca Mountain nuclear waste site. Currently the site sits closed and uncompleted since the Obama administration scrapped the project. The article goes into the pros and cons of the Yucca Mountain site for storage and also brings up some interesting political issues with it. Also of note is that there as been a fee on electric bills since 1983 for the building of the site."
Link to Original Source

Comment: Re:Hosted Alternatives (Score 1) 482

by Ludedude (#36465948) Attached to: Open Source Alternative To Dropbox?
Spideroak sucks. The software is buggy as hell, their bandwidth must be purchased by the strawful as the transfer speeds are comparable to what I was getting on dialup in the 90s, syncing is hit or miss at best and it's a gigantic resource hog. It cost my company $90 to beta test this POS and the company insists that all sales are final so too bad for me. Stay away from Spideroak! As to the rest, Sparkleshare shows promise so far. I'm also intrigued by Aero FS (http://www.aerofs.com/) but they're still in closed beta and I haven't been able to score an invite.
Government

+ - U.S. Underwrites Internet Detour Around Censors-> 1

Submitted by snydeq
snydeq (1272828) writes "The Obama administration is leading a global effort to deploy “shadow” Internet and mobile phone systems that dissidents can use to undermine repressive governments that seek to silence them by censoring or shutting down telecommunications networks, according to a report from The New York Times. 'Some projects involve technology that the United States is developing; others pull together tools that have already been created by hackers in a so-called liberation-technology movement sweeping the globe. The State Department, for example, is financing the creation of stealth wireless networks that would enable activists to communicate outside the reach of governments in countries like Iran, Syria and Libya, according to participants in the projects.'"
Link to Original Source

Comment: Dr's are tech idiots (Score 5, Interesting) 162

by Ludedude (#35238624) Attached to: Americans Trust Docs, But Not Computerized Records

I work for a large regional provider of EMR hardware and software and I can tell you first hand that you should be afraid, very afraid, of anything your Dr. does with health records that involve a computer. Anti-virus is the tip of the iceberg. You install it for them and their brother in law who's a burger flipper helpfully uninstalls it to "speed things up." Hilarity ensues. Entire offices are implementing EMR that refuse separate usernames and passwords because it's "just too damn hard to remember all that" so everyone logs in as user with some simple password; that's if they even bother to log in or off at all. Of course they have to have admin rights because it's their hardware and they know what's best.

Since most of the offices that are being force-fed EMR because of the lure of up to $44,000 in "stimulus" funds are smaller practices, they don't have domains that can be used to enforce universal security policies.

The larger ones, sure, but most of them already use EMR and have on site servers etc. along with the requisite firewalls and VPNs. The vast majority of the new ones though are being sold "cloud" based systems with no local servers at all, so it's a friggin' free for all in terms of security (or lack thereof). They're just lining up for a swipe at the stimulus golden ring but half of them shouldn't even be entrusted with anything as complicated as a TV remote, let alone computer systems.

Image

Denver Bomb Squad Takes Out Toy Robot 225 Screenshot-sm

Posted by samzenpus
from the I-feel-safer-already dept.
An anonymous reader writes "A robot met its end near Coors Field tonight when the Denver Police Department Bomb Squad detonated the 'suspicious object,' bringing to an end the hours-long standoff between police and the approximately eight-inch tall toy. From the article: "'Are you serious?' asked Denver resident Justin Kent, 26, when police stopped him from proceeding down 20th Street. Kent said that he lived just past the closed area, but was told he would have to go around via Park Avenue.'"
Government

Race On To Fingerprint Phones, PCs 139

Posted by CmdrTaco
from the i-see-what-you-did-there dept.
theodp writes "Advertisers no longer want to just buy ads, reports the WSJ. They want to buy access to specific people. In response, the race is on develop digital fingerprint technology to identify how we use our computers, mobile devices and TV set-top boxes. Start-up BlueCava, an anti-piracy company spinoff, is building a 'credit bureau for devices' in which every computer or cellphone will have a 'reputation' based on its user's online behavior, shopping habits and demographics. By the end of next year, BlueCava says it expects to have cataloged one billion of the world's estimated 10 billion devices, and plans to sell this information to advertisers willing to pay top dollar for granular data about people's interests and activities. It's 'the next generation of online advertising,' said Blue Cava's David Norris. As controversy grows over intrusive online tracking, regulators are looking to rein it in — the FTC is expected to release a privacy report Wednesday calling for a 'do-not-track' tool for Web browsers."

Real Users never know what they want, but they always know when your program doesn't deliver it.

Working...