Forgot your password?
typodupeerror
The Military

Hackers Plundered Israeli Defense Firms That Built 'Iron Dome' Missile Defense 184

Posted by Soulskill
from the intercepting-missiles-is-easier-than-learning-not-to-click-on-attachments dept.
An anonymous reader writes: Brian Krebs reports on information from Columbia, Md.-based threat intelligence firm Cyber Engineering Services Inc. that attackers thought to be operating out of China hacked into the corporate networks of three top Israeli defense technology companies. The attackers were seeking technical documents related to Iron Dome, Israel's air defense system. "IAI was initially breached on April 16, 2012 by a series of specially crafted email phishing attacks. ... Once inside the IAI’s network, [the attackers] spent the next four months in 2012 using their access to install various tools and trojan horse programs on systems throughout company’s network and expanding their access to sensitive files, CyberESI said. The actors compromised privileged credentials, dumped password hashes, and gathered system, file, and network information for several systems. The actors also successfully used tools to dump Active Directory data from domain controllers on at least two different domains on the IAI’s network. All told, CyberESI was able to identify and acquire more than 700 files — totaling 762 MB total size — that were exfiltrated from IAI’s network during the compromise. The security firm said most of the data acquired was intellectual property and likely represented only a small portion of the entire data loss by IAI." Most of the stolen material pertained to Arrow III missiles, UAVs, and ballistic rockets.
Microsoft

Tired of Playing Cyber Cop, Microsoft Looks For Partners In Crime Fighting 113

Posted by Soulskill
from the every-batman-needs-a-robin dept.
chicksdaddy writes: When it comes to fighting cybercrime, few companies can claim to have done as much as Redmond, Washington-based Microsoft, which spent the last five years as the Internet's Dirty Harry: using its size, legal muscle and wealth to single-handedly take down cyber criminal networks from Citadel, to Zeus to the recent seizure of servers belonging to the (shady) managed DNS provider NO-IP. The company's aggressive posture towards cyber crime outfits and the companies that enable them has earned it praise, but also criticism. That was the case last week after legitimate customers of NO-IP alleged that Microsoft's unilateral action had disrupted their business. There's evidence that those criticisms are hitting home – and that Microsoft may be growing weary of its role as judge, jury and executioner of online scams. Microsoft Senior Program Manager Holly Stewart gave a sober assessment of the software industry's fight against cyber criminal groups and other malicious actors. Speaking to a gathering of cyber security experts and investigators at the 26th annual FIRST Conference in Boston, she said that the company has doubts about the long term effectiveness of its botnet and malware takedowns.
Security

Nasty Security Flaw In OAuth, OpenID 18

Posted by Soulskill
from the another-day-another-flaw dept.
jones_supa writes: "A notable security vulnerability has been discovered which impacts both OAuth and OpenID, which are software packages that provide a secure delegated access to websites. Wang Jing, a Ph.D student at the Nanyang Technological University in Singapore, discovered that the 'Covert Redirect' flaw can masquerade as a login popup based on an affected site's domain. Covert Redirect is based on a well-known exploit parameter. For example, someone clicking on a malicious phishing link will get a popup window in Facebook, asking them to authorize the app. Instead of using a fake domain name that's similar to trick users, the Covert Redirect flaw uses the real site address for authentication. If a user chooses to authorize the login, personal data will be released to the attacker instead of to the legitimate website. Wang did already warn a handful of tech giants about the vulnerability, but they mostly dodged the issue. In all honesty, it is not trivial to fix, and any effective remedies would negatively impact the user experience. Users who wish to avoid any potential loss of data should be careful about clicking links that immediately ask you to log in to Facebook or Google, and be aware of this redirection attack."
Television

The Ultimate Hopes For the New Cosmos Series 183

Posted by samzenpus
from the think-big dept.
StartsWithABang writes "So unless you've been living under a rock, you're aware that it's only a few short weeks until the premiere of the new Cosmos: A Space-Time Odyssey starring Neil de Grasse Tyson. Many have hopes (and fears) concerning what the series will (and won't) be, but this perspective — on what a 'successful' Cosmos series could mean for the future of humanity — is worth a read for anyone who hasn't given up on dreaming big."
Education

South Carolina Education Committee Removes Evolution From Standards 665

Posted by Soulskill
from the that's-just,-like,-your-opinion,-man dept.
Toe, The writes "The South Carolina Education Oversight Committee approved new science standards for students except for one clause: the one that involves the use of the phrase 'natural selection.' Sen. Mike Fair, R-Greenville, argued against teaching natural selection as fact, when he believes there are other theories students deserve to learn. Fair argued South Carolina's students are learning the philosophy of natural selection but teachers are not calling it such. He said the best way for students to learn is for the schools to teach the controversy. Hopefully they're going to teach the controversy of gravity and valence bonds too. After all, they're just theories."
Medicine

Big Pharma Presses US To Quash Cheap Drug Production In India 255

Posted by Soulskill
from the protecting-a-business-model dept.
An anonymous reader writes "Pharmaceutical Research and Manufacturers of America (PhRMA), are leaning on the United States government to discourage India from allowing the production and sale of affordable generic drugs to treat diseases such as cancer, diabetes, HIV/AIDS and hepatitis. India is currently on the U.S. government's Priority Watch List — countries whose practices on protecting intellectual property Washington believes should be monitored closely. Last year Novartis lost a six-year legal battle after the Indian Supreme court ruled that small changes and improvements to the drug Glivec did not amount to innovation deserving of a patent. Western drugmakers Pfizer, GlaxoSmithKline, Novartis, Roche Holding, Sanofi, and others have a bigger share of the fast-growing drug market in India. But they have been frustrated by a series of decisions on patents and pricing, as part of New Delhi's push to increase access to life-saving treatments in a place where only 15 percent of 1.2 billion people are covered by health insurance. One would certainly understand and probably agree with the need for for cheaper drugs. But don't forget that big pharma, for all its problems still is the number one creator of new drugs. In 2012 alone, the U.S. government and private companies spent a combined $130 billion (PDF) on medical research."
Power

Largest US Power Storing Solar Array Goes Live 377

Posted by samzenpus
from the here-somes-the-sun dept.
Lucas123 writes "A solar power array that covers three square miles with 3,200 mirrored parabolic collectors went live this week, creating enough energy to power 70,000 homes in Arizona. The Solana Solar Power Plant, located 70 miles southwest of Phoenix, was built at a cost of $2 billion, and financed in large part by a U.S. Department of Energy loan guarantee. The array is the world's largest parabolic trough plant, meaning it uses parabolic shaped mirrors mounted on moving structures that track the sun and concentrate its heat. A first: a thermal energy storage system at the plant can provide electricity for six hours without the concurrent use of the solar field. Because it can store electricity, the plant can continue to provide power during the night and inclement weather."
Science

Scientists Describe Internal Clocks That Don't Follow Day and Night Cycles 91

Posted by samzenpus
from the up-all-night dept.
sciencehabit writes "Almost all organisms, from bacteria to mammals, have a circadian clock—a mechanism in their cells which keeps them in sync with Earth's day-and-night cycle. But many organisms follow other rhythms as well. Now, new research provides the first evidence that animals have molecular cycles independent of the circadian rhythm. They include a sea louse whose swimming patterns sync up with the tides, and a marine worm that matures and spawns in concert with the phases of the moon. The discoveries suggest that noncircadian clocks might be common and could explain a variety of biological rhythms."
Patents

Group Attacks Bad Software Patents Before They're Approved 82

Posted by samzenpus
from the not-on-our-watch dept.
Curupira writes "Ars Technica discusses how the Linux Defenders group are exercising the rights granted by the America Invents Act to identify and fight the patents that potentially threaten Linux and open source software. From the article: 'In a session at LinuxCon today, Linux Defenders director Andrea Casillas explained how the group is using rights granted by the new law to fight patent applications. A project of the Open Invention Network, Software Freedom Law Center, and Linux Foundation, Linux Defenders examines the 6,000 new patent applications published each week, attempting to identify those that are potentially threatening to Linux and open source. Then, the group looks for prior art that would invalidate at least some of the claims in the patents.'"
Apple

+ - Samsung's legal fillings show pre-IPhone designs

Submitted by parallel_prankster
parallel_prankster (1455313) writes "In it's legal fillings for the case against Apple Corp. Samsung has shown that it was considering putting to market in the summer of 2006, six months before the unveiling of the iPhone, a number of phone designs that have been claimed by Apple as stolen from the Iphone. It extends to more than just the hardware — Samsung was also working on interfaces that looks remarkably like iOS (actually, that look remarkably like PalmOS) — in the summer and fall of 2006. Again, before the iPhone was released. Samsung is being accused of stealing, even thought the company was clearly working on what it supposedly stole before the iPhone was even released. Samsung's phones bear more resemblance to its own pre-iPhone designs than to the iPhone, yet Apple and its supporters still insist Samsung is a thief. Another article on this is available here ."
Technology

+ - 'Huge Spike' in US Viewers Using Proxy Servers to Watch BBC Olympic coverage-> 2

Submitted by
DavidGilbert99
DavidGilbert99 writes "NBC is the sole broadcaster of the London 2012n Olympics in the US, having paid $1.1bn for the privilege.

However the Twitter hastag #NBCfails quickly started trending last Friday, when it was revealed that NBC would only be showing delayed coverage of most events on TV, including Danny Boyle's opening ceremony.

While NBC is providing live streaming through its website, you need to have a valid cable subscription in order to view the events.

This has seen many tech savvy US viewers turning to proxy servers to view the BBC's Olympic coverage, which doesn't need any sign-in to view — once your IP address looks like it is coming from the UK.

One provider of VPN services, HideMyAss.com has seen a ten-fold increase in new customers signing up for their services since last Friday."

Link to Original Source

Comment: Re:implied future GPL violation? (Score 1) 342

by devoid42 (#33245254) Attached to: The Future of OpenSolaris Revealed

Only to those they distribute the binaries too, if they ask for it. It doesn't mean they have to put it on the open internet.

Actually it does (well putting it on the open internet would be the cheapest way to) as per section 3.b.

b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or,

Essentially if they distribute binary code containing GPL derivative they must provide source to 3rd parties that request it.

Comment: Re:implied future GPL violation? (Score 1) 342

by devoid42 (#33244686) Attached to: The Future of OpenSolaris Revealed
And that case is exactly what I was talking about. The GPL'ed sections that they are using, use of those parts mandates that any changes they make to them are released along with binary release.

And thanks for the compliment, yea I know the parts under CDDL we might not see for a long time. I'm just concerned with the community contributed GPL portions that exist. The memo indicated that a portion of the desktop environment uses these.

Comment: implied future GPL violation? (Score 1) 342

by devoid42 (#33244472) Attached to: The Future of OpenSolaris Revealed

We will distribute updates to approved CDDL or other open source- licensed code following full releases of our enterprise Solaris operating system.

Would be hard to chastise them though as they should have released the code before any actions could be taken. Though it bothers me that the intent is to delay source release for a market edge.

FORTUNE'S FUN FACTS TO KNOW AND TELL: A cucumber is not a vegetable but a fruit.

Working...