Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

 



Forgot your password?
typodupeerror

+ - Microsoft to open source cloud framework behind Halo 4 services->

Submitted by angry tapir
angry tapir (1463043) writes "Microsoft plans to open-source the framework that helps developers of cloud services like those behind Halo 4. Project Orleans is a framework built by the eXtreme Computing Group at Microsoft Research using .NET, designed so developers who aren't distributed systems experts can build cloud services that scale to cope with high demand and still keep high performance. The Orleans framework was used to build several services on Azure, including services that are part of Halo 4. The code will be released under an MIT license on GitHub early next year."
Link to Original Source

+ - Australia pushes ahead with website blocking in piracy fight->

Submitted by angry tapir
angry tapir (1463043) writes "As part of its crackdown on unauthorised downloading of copyright material, the Australian government will push ahead with the introduction of a scheme that will allow rights holders to apply for court orders to force ISPs to block websites. (Previously Slashdot noted that the Australian government had raised such a scheme as a possibility)"
Link to Original Source

+ - POODLE flaw returns, this time hitting TLS security protocol->

Submitted by angry tapir
angry tapir (1463043) writes "If you patched your sites against a serious SSL flaw discovered in October you will have to check them again. Researchers have discovered that the POODLE vulnerability also affects implementations of the newer TLS protocol. The POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability allows attackers who manage to intercept traffic between a user's browser and an HTTPS (HTTP Secure) website to decrypt sensitive information, like the user's authentication cookies."
Link to Original Source

+ - North Korea denies involvement in 'righteous' Sony hack->

Submitted by angry tapir
angry tapir (1463043) writes "North Korea's government has denied any involvement in the attack on Sony Pictures, but in a statement indicated that it's not necessarily unhappy that it happened. In a statement, the country's powerful National Defence Commission, which controls North Korea's armed forces, said it had no knowledge of the attack."
Link to Original Source

+ - MasterCard rails against Bitcoin's (semi-)anonymity->

Submitted by angry tapir
angry tapir (1463043) writes "MasterCard has used a submission to an Australian Senate inquiry to argue for financial regulators to move against the pseudonymity of digital currencies such as Bitcoin. "Any regulation adopted in Australia should address the anonymity that digital currency provides to each party in a transaction," the company's told the inquiry into digital currencies. MasterCard believes that "all participants in the payments system that provide similar services to consumers should be regulated in the same way to achieve a level playing field for all.""
Link to Original Source

+ - BlackBerry clears hurdle for voice crypto acquisition->

Submitted by angry tapir
angry tapir (1463043) writes "BlackBerry is now free to integrate German security vendor Secusmart's voice encryption technology in its smartphones and software, after the German government approved its acquisition of the company. BlackBerry CEO John Chen still wants his company to be the first choice of CIOs that want nothing but the best security as he works to turn around the company's fortunes."
Link to Original Source

+ - Intel planning thumb-sized PCs for next year->

Submitted by angry tapir
angry tapir (1463043) writes "Intel is shrinking PCs to thumb-sized "compute sticks" that will be out next year. The stick will plug into the back of a smart TV or monitor "and bring intelligence to that," said Kirk Skaugen, senior vice president and general manager of the PC Client Group at Intel, during the Intel investor conference in Santa Clara, California."
Link to Original Source

+ - Android botnet evolves, could pose threat to corporate networks->

Submitted by angry tapir
angry tapir (1463043) writes "An Android Trojan program that's behind one of the longest running multipurpose mobile botnets has been updated to become stealthier and more resilient. The botnet is mainly used for instant message spam and rogue ticket purchases, but it could be used to launch targeted attacks against corporate networks because the malware allows attackers to use the infected devices as proxies, according to security researchers."
Link to Original Source

+ - Informational Wi-Fi traffic as a covert communication channel for malware->

Submitted by angry tapir
angry tapir (1463043) writes "A security researcher has developed a tool to demonstrate how the unauthenticated data packets in the 802.11 wireless LAN protocol can be used as a covert channel to control malware on an infected computer. The protocol relies on clients and access points exchanging informational data packets before they authenticate or associate with each other, and this traffic is not typically monitored by network security devices."
Link to Original Source

+ - 'Dridex' malware revives Microsoft Word macro attacks->

Submitted by angry tapir
angry tapir (1463043) writes "A recent piece of malware that aims to steal your online banking credentials revives a decade-old technique to install itself on your PC.

Called Dridex, the malware tries to steal your data when you log into an online bank account by creating HTML fields that ask you to enter additional information like your social security number. Thats not unusual in itself: Dridex is the successor to a similar piece of malware called Cridex which also targets your bank account. Whats different is how Dridex tries to infect your computer in the first place. It's delivered in the form of a macro, buried in a Microsoft Word document in a spam email message."

Link to Original Source

+ - Icaros, the Amiga-like desktop OS for x86, hits 2.0->

Submitted by angry tapir
angry tapir (1463043) writes "The team behind Icaros Desktop, a distribution of the open source Amiga-inspired AROS operating system, have reached a new milestone, releasing version 2.0 at the end of October. I caught up with Icaros' creator to talk about what's new in 2.0, including under-the-hood changes, the addition of a BitTorrent client and a new GUI."
Link to Original Source

+ - Why hackers may be stealing your credit card numbers for years->

Submitted by angry tapir
angry tapir (1463043) writes "The PCI Security Standards Council, which develops PCI-DSS, has recommended that merchants switch to using point-to-point encryption to prevent the largescale siphoning of credit card details from point of sale terminals (think Target, Neiman Marcus, Michaels, UPS Store and others). However, retailers often have long technology refresh cycles, so it could be five to seven years before most move to it — not to mention that the fact that PCI-DSS version 3.0 doesn't even mandate the use of point-to-point encryption."
Link to Original Source

+ - Australian consumer watchdog takes Valve to court->

Submitted by angry tapir
angry tapir (1463043) writes "The Australian Competition and Consumer Commission, a government funded watchdog organisation, is taking Valve to court. The court action relates to Valve's Steam distribution service. According to ACCC allegations, Valve misled Australian consumers about their rights under Australian law by saying that customers were not entitled to refunds for games under any circumstances."
Link to Original Source

+ - The biggest iPhone security risk could be connecting one to a computer->

Submitted by angry tapir
angry tapir (1463043) writes "Apple has done well to insulate its iOS mobile operating system from many security issues, but a forthcoming demonstration shows it's far from perfect. Next Wednesday at the Usenix Security Symposium in San Diego, researchers with the Georgia Institute of Technology will show how iOS's Achilles' heel is exposed when devices are connected over USB to a computer or have Wi-Fi synching enabled. The beauty of their attack is that it doesn't rely on iOS software vulnerabilities, the customary way that hackers commandeer computers. It simply takes advantage of design issues in iOS, working around Apple's layered protections to accomplish a sinister goal."
Link to Original Source

Our policy is, when in doubt, do the right thing. -- Roy L. Ash, ex-president, Litton Industries

Working...