Forgot your password?
typodupeerror
Programming

+ - Students Learn to Write Viruses at Sonoma State

Submitted by
PCOL
PCOL writes "Newsweek has an interesting article on how George Ledin teaches his students how to write viruses in his computer-security class at Sonoma State University. "Unlike biological viruses, computer viruses are written by a programmer. We want to get into the mindset: how do people learn how to do this?" says Ledin. "Why should we shy away from learning something that is important to everyone?" Ledin insists that his students mean no harm, and can't cause any because they work in the computer equivalent of biohazard suits: closed networks from which viruses can't escape but he's trying to teach students to think like hackers so they can devise antidotes. "Computer science students should learn to recognize, analyze, disable, and remove malware," says Ledin. "To do so, they must study currently circulating viruses and worms, and program their own." Ledin's syllabus is partly a veiled attack on McAfee and Symantec, whose $100 consumer products he sees as mostly useless. If college students can beat these antivirus programs, he argues, what good are they for the people and businesses spending nearly $5 billion a year on them?"

Comment: Here's the blog post (Score 5, Informative) 426

by eddan (#23592613) Attached to: MediaDefender's BitTorrent-Based DOS Takes Down Revision3
I was able to grab the blog post:

As many of you know, Revision3's servers were brought down over the Memorial Day weekend by a denial of service attack. It's an all too common occurrence these days. But this one wasn't your normal cybercrime - there's a chilling twist at the end. Here's what happened, and why we're even more concerned today, after it's over, than we were on Saturday when it started.

It all started with just a simple "hi". Now "hi" can be the sweetest word in the world, breathlessly whispered into your ear by a long-lost lover, or squealed out by your bouncy toddler at the end of the day. But taken to excess - like by a cranky 3-year old-it gets downright annoying. Now imagine a room full of hyperactive toddlers, hot off of a three hour Juicy-Juice bender, incessantly shrieking "hi" over and over again, and you begin to understand what our poor servers went through this past weekend.

On the internet, computers say hi with a special type of packet, called "SYN". A conversation between devices typically requires just one short SYN packet exchange, before moving on to larger messages containing real data. And most of the traffic cops on the internet - routers, firewalls and load balancers - are designed to mostly handle those larger messages. So a flood of SYN packets, just like a room full of hyperactive screaming toddlers, can cause all sorts of problems.

For adults, it's typically an inability to cope, followed either by quickly fleeing the room, or orchestrating a massive Teletubbies intervention. Since they lack both legs and a ready supply of plushies, internet devices usually just shut down.

That's what happened to us. Another device on the internet flooded one of our servers with an overdose of SYN packets, and it shut down - bringing the rest of Revision3 with it. In webspeak it's called a Denial of Service attack - aka DoS - and it happens when one machine overwhelms another with too many packets, or messages, too quickly. The receiving machine attempts to deal with all that traffic, but in the end just gives up. (Note the photo of our server equipment responding to the DoS Attack)

In its coverage Tuesday CNet asked the question, "Now who would want to attack Revision3?" Who indeed? So we set out to find out. Internet attacks leave lots of evidence. In this case it was pretty easy to see exactly what our shadowy attacker was so upset about. It turns out that those zillions of SYN packets were addressed to one particular port, or doorway, on one of our web servers: 20000. Interestingly enough, that's the port we use for our Bittorrent tracking server. It seems that someone was trying to destroy our bittorrent distribution network.

Let me take a step back and describe how Revision3 uses Bittorrent, aka BT. The BT protocol is a peer to peer scheme for sharing large files like music, programs and video. By harnessing the peer power of many computers, we can easily and cheaply distribute our huge HD-quality video shows for a lot less money. To get started, the person sharing that large file first creates a small file called a "torrent", which contains metadata, along with which server will act as the conductor, coordinating the sharing. That server is called the tracking server, or "tracker". You can read much more about Bittorrent at Wikipedia, if you really want to understand how it works.

Revision3 runs a tracker expressly designed to coordinate the sharing and downloading of our shows. It's a completely legitimate business practice, similar to how ESPN puts out a guide that tells viewers how to tune into its network on DirecTV, Dish, Comcast and Time Warner, or a mall might publish a map of its stores.

But someone, or some company, apparently took offense to Revision3 using Bittorrent to distribute its own slate of shows. Who could that be?

Along with where it's bound, every internet packet has a return address. Often, particularly in cases like this, it's forged - or spoofed. But interestingly enough, whoever was sending these SYN packets wasn't shy. Far from it: it's as if they wanted us to know who they were.

A bit of address translation, and we'd discovered our nemesis. But instead of some shadowy underground criminal syndicate, the packets were coming from right in our home state of California. In fact, we traced the vast majority of those packets to a public company called Artistdirect (ARTD.OB). Once we were able to get their internet provider on the line, they verified that yes, indeed, that internet address belonged to a subsidiary of Artist Direct, called MediaDefender.

Now why would MediaDefender be trying to put Revision3 out of business? Heck, we're one of the biggest defenders of media around. So I stopped by their website and found that MediaDefender provides "anti-piracy solutions in the emerging Internet-Piracy-Prevention industry." The company aims to "stop the spread of illegally traded copyrighted material over the internet and peer-to-peer networks." Hmm. We use the internet and peer-to-peer networks to accelerate the spread of legally traded materials that we own. That's sort of directly opposite to what Media Defender is supposed to be doing.

Who pays MediaDefender to disrupt peer to peer networks? I don't know who's ponying up today, but in the past their clients have included Sony, Universal Music, and the central industry groups for both music and movies - the RIAA and MPAA. According to an article by Ars Technica, the company uses "its array of 2,000 servers and a 9GBps dedicated connection to propagate fake files and launch denial of service attacks against distributors." Another Ars Technica story claims that MediaDefender used a similar denial of service attack to bring down a group critical of its actions.

Hmm. Now this could have been just a huge misunderstanding. Someone could have incorrectly configured a server on Friday, and left it to flood us mercilessly with SYN packets over the long Memorial Day weekend. If so, luckily it was pointed at us, and not, say, at the intensive care unit at Northwest Hospital and Medical Center But Occam's razor leads to an entirely different conclusion.

So I picked up the phone and tried to get in touch with ArtistDirect interim CEO Dimitri Villard. I eventually had a fascinating phone call with both Dimitri Villard and Ben Grodsky, Vice President of Operations at Media Defender.

First, they willingly admitted to abusing Revision3's network, over a period of months, by injecting a broad array of torrents into our tracking server. They were able to do this because we configured the server to track hashes only - to improve performance and stability. That, in turn, opened up a back door which allowed their networking experts to exploit its capabilities for their own personal profit.

Second, and here's where the chain of events come into focus, although not the motive. We'd noticed some unauthorized use of our tracking server, and took steps to de-authorize torrents pointing to non-Revision3 files. That, as it turns out, was exactly the wrong thing to do. MediaDefender's servers, at that point, initiated a flood of SYN packets attempting to reconnect to the files stored on our server. And that torrential cascade of "Hi"s brought down our network.

Grodsky admits that his computers sent those SYN packets to Revision3, but claims that their servers were each only trying to contact us every three hours. Our own logs show upwards of 8,000 packets a second.

"Media Defender did not do anything specific, targeted at Revision3â, claims Grodsky. "We didn't do anything to increase the traffic" - beyond what they'd normally be sending us due to the fact that Revision3 was hosting thousands of MediaDefender torrents improperly injected into our corporate server. His claim: that once we turned off MediaDefender's back-door access to the server, "traffic piled up (to Revision3 from MediaDefender servers because) it didn't get any acknowledgment back."

Putting aside the company's outrageous use of our servers for their own profit, and the large difference between one connection every three hours and 8,000 packets a second, I'm still left to wonder why they didn't just tell us our basement window was unlocked. A quick call or email and we'd have locked it up tighter than a drum.

It's as if McGruff the Crime Dog snuck into our basement, enlisted an army of cellar rats to eat up all of our cheese, and then burned the house down when we finally locked him out - instead of just knocking on the front door to tell us the window was open.

In the end, here's what I know:

* A torrential flood of SYN packets rained down on Revision3's network over Memorial Day weekend.

* Those packets - up to 8,000 a second - came primarily from computers controlled by MediaDefender, who is in the business of shutting down illegal torrent sites.

* Revision3 suffered measurable harm to its business due to that flood of packets, as the attacks on our legitimate and legal Torrent Tracking server spilled over into our entire internet infrastructure. Thus we were unable to serve videos and advertising through much of the weekend, and into Tuesday - and even our internal email servers were brought down.

* Denial of service attacks are illegal in the US under 12 different statutes, including the Economic Espionage Act and the Computer Fraud and Abuse Act.

Although I can only guess, here's what I think really happened. Media Defender was abusing one of Revision3's servers for their own purposes - quite without our approval. When we closed off their backdoor access, MediaDefender's servers freaked out, and went into attack mode - much like how a petulant toddler will throw an epic tantrum if you take away an ill-gotten Oreo.

That tantrum threw upwards of 8,000 SYN packets a second at our servers. And that was enough to bring down both our public facing site, our RSS server, and even our internal corporate email - basically the entire Revision3 business. Smashing the cookie jar, as it were, so that no one else could have any Oreos either.

Was it malicious? Intentional? Negligent? Spoofed? I can't say. But what I do know is that the FBI is looking into the matter - and it's far more serious than toddlers squabbling over broken toys and lost cookies.

MediaDefender claims that they have taken steps to ensure this won't happen again. "We've added a policy that will investigate open public trackers to see if they are associated with other companies", promised Grodsky, "and first will make a communication that says, hey are you aware of this."

In the end, I don't think Media Defender deliberately targeted Revision3 specifically. However, the company has a history of using their servers to, as Ars Technica said, "launch denial of service attacks against distributors." They saw us as a "distributor" - even though we were using Bittorrent for legitimate reasons. Once we shut them out, their vast network of servers were automatically programmed to implement a scorched earth policy, and shut us down in turn. The long Memorial Day weekend holiday made it impossible for us to contact either Media Defender or their ISP, which only exacerbated the problem.

All I want, for Revision3, is to get our weekend back - both the countless hours spent by our heroic tech staff attempting to unravel the mess, and the revenue, traffic and entertainment that we didn't deliver.

If it can happen to Revision3, it could happen to your business too. We're simply in the business of delivering entertainment and information - that's not life or death stuff. But what if MediaDefender discovers a tracker inside a hospital, fire department or 911 center? If it happened to us, it could happen to them too. In my opinion, Media Defender practices risky business, and needs to overhaul how it operates. Because in this country, as far as I know, we're still innocent until proven guilty - not drawn, quartered and executed simply because someone thinks you're an outlaw.

- Jim Louderback CEO - Revision3
Intel

+ - SPAM: Intel's Core 2 Duo E7200, Eco-Friendly Performance

Submitted by
MojoKid
MojoKid writes "The Core 2 Duo E7200 is the latest Intel 45nm based dual-core design and while it's also the most inexpensive, it's also the most environmentally friendly Core 2 Duo chip to be released yet. Sporting a core design built on 45nm technology, a smaller amount of L2 cache (compared to previous generation Core 2's), and lower clock speed and front side bus speeds, its thermal and power consumption aspects aren't entirely surprising, although they're good to see. The chip runs at very low temperatures, even with minimal cooling, such that you could possibly build an exceptionally quiet system with the E7200 at its foundation. If you had a large enough passive cooler, it could even be possible to run this chip with no active cooling in a home theater environment."
Link to Original Source
Businesses

+ - SPAM: Mutual fund enforces restrictive "linking poli 2

Submitted by
destinyland
destinyland writes "The Vanguard group manages $1.3 trillion in mutual funds — and you're not allowed to link to their site unless you meet their "Linking conditions." The right to link is "revocable," granted only if you use a pre-approved text, for a pre-approved subset of pages, and don't say anything "derogatory" about them. (Click on sign up for access to read the license yourself.) Their services can't even be described in an offensive manner, which also violates their "linking conditions." You have been warned."
Link to Original Source
Software

+ - Orrin Hatch - Software copyright violater-> 2

Submitted by
fudreporter
fudreporter writes "Wired.com has an article referring to comments Senator Orrin Hatch(R-Utah) made about downloading copyrighted material from the Internet... Sen. Orrin Hatch (R-Utah) suggested Tuesday that people who download copyright materials from the Internet should have their computers automatically destroyed. But Hatch himself is using unlicensed software on his official website, which presumably would qualify his computer to be smoked by the system he proposes. The senator's site makes extensive use of a JavaScript menu system developed by Milonic Solutions, a software company based in the United Kingdom. The copyright-protected code has not been licensed for use on Hatch's website. "It's an unlicensed copy," said Andy Woolley, who runs Milonic. "It's very unfortunate for him because of those comments he made.""
Link to Original Source
Security

+ - SPAM: IC3 issues FBI fraud warning

Submitted by
coondoggie
coondoggie writes "The Internet Crime Complaint Center (IC3) today issued a warning that it has receieved reports of fraudulent schemes misrepresenting FBI agents, officials and/or FBI Director Robert S. Mueller III. The fraudulent e-mails give the appearance of legitimacy due to the usage of pictures of the FBI Director, seal, letterhead, and/or banners. The types of schemes utilizing the names of FBI agents, officials, or the Director's name are typically lottery endorsements and inheritance notifications.Some observers think 2008 is going to be nasty year for security-related problems. Look for a rising number of compromised Web sites that quietly attack unsuspecting visitors, "parasitic" malware that eats desktop files, and a stream of exploits targeting high-profile events such as the 2008 Olympics and the U.S. presidential elections, experts warn. [spam URL stripped]"
Link to Original Source
Books

+ - SPAM: Online cartoonist breaks publishing record?

Submitted by
destinyland
destinyland writes "The first collection of "Perry Bible Fellowship" comics racked up pre-sales of $300,000 due to its huge online following, and within seven weeks required a third printing. Ironically, the 25-year-old cartoonist speculates people would rather read his arty comics in a book than on a computer screen, and warns that "There's something wonderful, and soon-to-be mythic, about the printed page..." He also explains the strange anti-censorship crusade in high school that earned him an FBI record!"
Link to Original Source
United States

+ - California sues US over emissions

Submitted by
gollum123
gollum123 writes "California is suing the US federal government, in an attempt to force car makers to conform to tougher cuts in greenhouse gas emissions ( http://news.bbc.co.uk/2/hi/americas/7169200.stm ). The lawsuit comes after the federal Environmental Protection Agency denied California a waiver from US law needed to enact its own efficiency targets. Fifteen other states or state agencies are set to join the action. It challenged the Epa's denial of California's request to implement its own emissions law — which would require a 30% reduction in motor vehicle greenhouse gas emissions by 2016 by improving fuel efficiency standards. For years, California has been allowed to set its own environmental targets in recognition of the "compelling and extraordinary conditions" the state faces — and the Epa has never before denied California a waiver request. The other states joining the fight are: Massachusetts, Arizona, Connecticut, Delaware, Illinois, Maine, Maryland, New Jersey, New Mexico, New York, Oregon, Pennsylvania Department of Environmental Protection, Rhode Island, Vermont and Washington."
Sci-Fi

+ - Deckard is a Replicant

Submitted by
MufasaZX
MufasaZX writes "While endless debate over weather Rick Deckard in Blade Runner is himself a replicant may be entertaining, on today's Fresh Air on NPR a new interview with Ridley Scott was aired, and the second question out of Terry Gross's mouth was 'is Deckard a replicant?' which RS replied with an absolute affirmative. There, done, end of debate. The audio stream of the interview is already online here."
Music

+ - Congress considers bill to make radio "pay to ->

Submitted by
devjj
devjj writes "Ars Technica is reporting that Congress is considering two bills that will remove the exemption terrestrial radio broadcasters currently enjoy that allows them to broadcast music without compensating the artists or labels for it. Songwriters are paid, but that is it. The National Association of Broadcasters is furious at the RIAA, a vocal supporter of repealing the exemptions, and has responded by agreeing that artists need better compensation. As a result, it is pointing its collective finger at the labels, asking Congress to investigate modern recording contracts.

What do you think? With the NAB up against the RIAA, what do consumers stand to gain or lose?"

Link to Original Source
Data Storage

+ - Top six hard drives for speed and capacity-> 1

Submitted by
Lucas123
Lucas123 writes "Computerworld has reviewed the latest in six hard disk drives, from the solid state models to terabyte-size spinning disks. Samsung comes in as the fastest with a 64GB flash drive with a read speed of 100MB/sec and write speed of 80 MB/sec, compared to 59MB/sec and 60MB/sec for a traditional 2.5" hard drive. Seagate's 1TB Barracuda drive had a 85.5MB/sec average read speed, while for power consumption, Western Digital's 1TB RE2-GP use of only 7.4 watts, makes it between 22% and 33% more efficient than its three primary traditional hard drive competitors, but it still can't beat SSD."
Link to Original Source
Space

+ - Does Active SETI Put Earth in Danger? 3

Submitted by
Ponca City, We Love You
Ponca City, We Love You writes "There is an interesting story in Seed Magazine on active SETI — sending out signals to try to contact other civilizations in nearby star systems. Alexander Zaitsev, Chief Scientist at the Russian Academy of Sciences' Institute of Radio Engineering and Electronics, has access to one of the most powerful radio transmitters on Earth and has already sent several messages to nearby, sun-like stars. But some scientists think that Zaitsev is not only acting out of turn by independently speaking for everyone on the entire planet but believe there are possible dangers we may unleash by announcing ourselves to the unknown darkness. "We're talking about initiating communication with other civilizations, but we know nothing of their goals, capabilities, or intent," says SETI researcher John Billingham. This ground has been explored before in countless works of science fiction most notably "The Killing Star," a 1995 novel that paints a frightening picture of interstellar civilizations exterminating their neighbors with relativistic bombardments, not from malice, but simply because it is the most logical action. Billingham urges a broad, interdisciplinary discussion of Active SETI. "At the very least we ought to talk about it first, and not just SETI people. We have a responsibility to the future well-being and survival of humankind.""
Communications

+ - Why wireless in the U.S. isn't wide open

Submitted by Geoffery B
Geoffery B (666) writes "Even as the wireless industry chants a new gospel about opening mobile phone networks to outside devices and applications, some of the biggest U.S. carriers are quietly blocking new services that would compete with their own. Would-be mobile-service providers, ranging from startups to major banks to eBay's PayPal have encountered these roadblocks, erected by the likes of AT&T and Verizon Wireless. In some cases, cellular carriers have backed down, but only after inflicting costly delays on the new services."
Media

+ - A&E beaming adverts directly into your head. 2

Submitted by Fantastic Lad
Fantastic Lad (198284) writes "Hear Voices? It May Be an Ad. New Yorker Alison Wilson was walking down Prince Street in SoHo last week when she heard a woman's voice right in her ear asking, "Who's there? Who's there?" She looked around to find no one in her immediate surroundings. Then the voice said, "It's not your imagination." Indeed it isn't. It's an ad for "Paranormal State," a ghost-themed series premiering on A&E this week. The billboard uses technology manufactured by Holosonic that transmits an "audio spotlight" from a rooftop speaker so that the sound is contained within your cranium."

1 + 1 = 3, for large values of 1.

Working...