Comment: Re:First, the process of elimination. (Score 1) 237
The connection between a female having an orgasm and the process of elimination is not clear to me, but I think I'd rather keep it that way, thanks.
+ - We're your government, and we know who you are.-> 3
Submitted
by
Doug Otto
Doug Otto writes "Buried deep in the bowels of a bi-partisan immigration reform bill is a "photo tool." The goal is to create a photo database consisting of every citizen. Of course the database would be used only for good, and never evil."
Link to Original Source
Link to Original Source
+ - Internet Explorer 0-day attacks on US nuke workers hit 9 other sites->
Submitted
by
SternisheFan
SternisheFan writes "Ars reports:
Attacks exploiting a previously unknown and currently unpatched vulnerability in Microsoft's Internet Explorer browser have spread to at least nine other websites, including those run by a big European company operating in the aerospace, defense, and security industries as well as non-profit groups and institutes, security researchers said.
The revelation, from a blog post published Sunday by security firm AlienVault, means an attack campaign that surreptitiously installed malware on the computers of federal government workers involved in nuclear weapons research was broader and more ambitious than previously thought. Earlier reports identified only a website belonging to the US Department of Labor as redirecting to servers that exploited the zero-day remote-code vulnerability in IE version 8.
A separate blog post from security firm CrowdStrike said its researchers unearthed evidence suggesting that the campaign began in mid-March. Their analysis of logs from the malicious infrastructure used in the attacks revealed the IP addresses of visitors to the compromised sites. The logs showed addresses from 37 different countries, with 71 percent of them in the US, 11 percent in South/Southeast Asia, and 10 percent in Europe. CrowdStrike's data showed IP addresses before exploit code was run against the visitors' machines. Not all those visitors were likely compromised since the exploit code worked only against people using IE8.
CrowdStrike researchers seemed to concur with their counterparts from Invincea, who—as Ars reported on Friday—said the attacks at least in part targeted people working on sensitive government programs. Malicious links embedded in the Department of Labor website focused on webpages that dealt with illnesses suffered by employees and contractors developing atomic weapons for the Department of Energy. But they went on to say the campaign could be much broader.
"The specific Department of Labor website that was compromised provides information on a compensation program for energy workers who were exposed to uranium," CrowdStrike said. "Likely targets of interest for this site include energy-related US government entities, energy companies, and possibly companies in the extractive sector. Based on the other compromised sites other targeted entities are likely to include those interested in labor, international health and political issues, as well as entities in the defense sector."
Such "watering hole" attacks—which plant malware exploits on websites that are frequented by specific groups or people—have become a common technique in targeted attacks. Once compromised by the IE zero-day, computers are infected with a version of Poison Ivy, a backdoor tool that has been widely used in past espionage campaigns. The command-and-control servers used to communicate with infected machines show signs that they were set up by a Chinese hacking crew known as DeepPanda.
Microsoft confirmed the remote code-execution vulnerability on Friday night. Versions 6, 7, 9, and 10 of the browser are immune to these attacks, so anyone who can upgrade to one of the latest two versions should do so immediately or switch to a different browser. For anyone who absolutely can not move away from IE 8, company researchers recommend the following precautions:
Set Internet and local intranet security zone settings to "High" to block ActiveX
Controls and Active Scripting in these zones
This will help prevent exploitation but may affect usability; therefore, trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption. Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones This will help prevent exploitation but can affect usability, so trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption.
Users can also install EMET—short for Enhanced Mitigation Experience Toolkit—which adds a variety of exploit mitigations and security defenses and is especially useful for users of older versions of Windows, such as XP.
Technical details about the "use after free" bug are available here from Rapid7. The security firm has already folded attack code exploiting the vulnerability into the Metasploit framework used by security professionals and hackers. Researchers at FireEye have also delved into the exploit circulating online. They found it uses "return oriented programming," a technique used to defeat data-execution prevention and other exploit mitigations. The FireEye researchers said they also verified the exploit works against IE8 on Windows 7.
Microsoft's advisory on Friday said researchers were still investigating the vulnerability. When the inquiry concludes, they will decide whether to release an unscheduled update or provide a fix as part of the company's regular patching cycle. Story updated to add details from FireEye in second-to-last paragraph"
Link to Original Source
Attacks exploiting a previously unknown and currently unpatched vulnerability in Microsoft's Internet Explorer browser have spread to at least nine other websites, including those run by a big European company operating in the aerospace, defense, and security industries as well as non-profit groups and institutes, security researchers said.
The revelation, from a blog post published Sunday by security firm AlienVault, means an attack campaign that surreptitiously installed malware on the computers of federal government workers involved in nuclear weapons research was broader and more ambitious than previously thought. Earlier reports identified only a website belonging to the US Department of Labor as redirecting to servers that exploited the zero-day remote-code vulnerability in IE version 8.
A separate blog post from security firm CrowdStrike said its researchers unearthed evidence suggesting that the campaign began in mid-March. Their analysis of logs from the malicious infrastructure used in the attacks revealed the IP addresses of visitors to the compromised sites. The logs showed addresses from 37 different countries, with 71 percent of them in the US, 11 percent in South/Southeast Asia, and 10 percent in Europe. CrowdStrike's data showed IP addresses before exploit code was run against the visitors' machines. Not all those visitors were likely compromised since the exploit code worked only against people using IE8.
CrowdStrike researchers seemed to concur with their counterparts from Invincea, who—as Ars reported on Friday—said the attacks at least in part targeted people working on sensitive government programs. Malicious links embedded in the Department of Labor website focused on webpages that dealt with illnesses suffered by employees and contractors developing atomic weapons for the Department of Energy. But they went on to say the campaign could be much broader.
"The specific Department of Labor website that was compromised provides information on a compensation program for energy workers who were exposed to uranium," CrowdStrike said. "Likely targets of interest for this site include energy-related US government entities, energy companies, and possibly companies in the extractive sector. Based on the other compromised sites other targeted entities are likely to include those interested in labor, international health and political issues, as well as entities in the defense sector."
Such "watering hole" attacks—which plant malware exploits on websites that are frequented by specific groups or people—have become a common technique in targeted attacks. Once compromised by the IE zero-day, computers are infected with a version of Poison Ivy, a backdoor tool that has been widely used in past espionage campaigns. The command-and-control servers used to communicate with infected machines show signs that they were set up by a Chinese hacking crew known as DeepPanda.
Microsoft confirmed the remote code-execution vulnerability on Friday night. Versions 6, 7, 9, and 10 of the browser are immune to these attacks, so anyone who can upgrade to one of the latest two versions should do so immediately or switch to a different browser. For anyone who absolutely can not move away from IE 8, company researchers recommend the following precautions:
Set Internet and local intranet security zone settings to "High" to block ActiveX
Controls and Active Scripting in these zones
This will help prevent exploitation but may affect usability; therefore, trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption. Configure Internet Explorer to prompt before running Active Scripting or to disable Active Scripting in the Internet and local intranet security zones This will help prevent exploitation but can affect usability, so trusted sites should be added to the Internet Explorer Trusted Sites zone to minimize disruption.
Users can also install EMET—short for Enhanced Mitigation Experience Toolkit—which adds a variety of exploit mitigations and security defenses and is especially useful for users of older versions of Windows, such as XP.
Technical details about the "use after free" bug are available here from Rapid7. The security firm has already folded attack code exploiting the vulnerability into the Metasploit framework used by security professionals and hackers. Researchers at FireEye have also delved into the exploit circulating online. They found it uses "return oriented programming," a technique used to defeat data-execution prevention and other exploit mitigations. The FireEye researchers said they also verified the exploit works against IE8 on Windows 7.
Microsoft's advisory on Friday said researchers were still investigating the vulnerability. When the inquiry concludes, they will decide whether to release an unscheduled update or provide a fix as part of the company's regular patching cycle. Story updated to add details from FireEye in second-to-last paragraph"
Link to Original Source
Comment: Eat them (Score 1) 1
Jeez. Dandelion greens are delicious - you have to get them young; the old ones can get bitter. *Very* young ones can be eaten raw, but usually they're blanched. One traditional dressing is (hot) bacon fat (can be mixed with crispy bacon bits), vinegar, and sugar. There are lots of recipes for dandelion greens around.
The unopend buds are also good; just saute them in a little butter. They taste sort of like a cross between mushrooms and asparagus.
Some people roast the (very long) tap root and mix it with their coffee. I've never tried this.
You can also make dandelion wine.
Comment: If they're drafting separate bills ... (Score 4, Insightful) 76
... to implement the provisions, the thing may not be dead. It may be metastisizing.
+ - AMI Firmware Source Code, Private Key Leaked 1
Submitted
by
Trailrunner7
Trailrunner7 writes "Source code and a private signing key for firmware manufactured by a popular PC hardware maker American Megatrends Inc. (AMI) have been found on an open FTP server hosted in Taiwan.
Researcher Brandan Wilson found the company’s data hosted on an unnamed vendor’s FTP server. Among the vendor’s internal emails, system images, high-resolution PCB images and private Excel spreadsheets was the source code for different versions of AMI firmware, code that was current as of February 2012, along with the private signing key for the Ivy Bridge firmware architecture.
AMI builds the AMIBIOS BIOS firmware based on the UEFI specification for PC and server motherboards built by AMI and other manufacturers. The company started out as a motherboard maker, and also built storage controllers and remote management cards found in many Dell and HP computers.
“The worst case is the creation of a persistent, Trojanized update that would allow remote access to the system at the lowest possible level,” researcher Adam Caudill said. “Another possibility would be the creation of an update that would render the system unbootable, requiring replacement of the mainboard.”"
Researcher Brandan Wilson found the company’s data hosted on an unnamed vendor’s FTP server. Among the vendor’s internal emails, system images, high-resolution PCB images and private Excel spreadsheets was the source code for different versions of AMI firmware, code that was current as of February 2012, along with the private signing key for the Ivy Bridge firmware architecture.
AMI builds the AMIBIOS BIOS firmware based on the UEFI specification for PC and server motherboards built by AMI and other manufacturers. The company started out as a motherboard maker, and also built storage controllers and remote management cards found in many Dell and HP computers.
“The worst case is the creation of a persistent, Trojanized update that would allow remote access to the system at the lowest possible level,” researcher Adam Caudill said. “Another possibility would be the creation of an update that would render the system unbootable, requiring replacement of the mainboard.”"
+ - After attack on Spamhaus almost brings web to its knees, shadowy figure emerges->
Submitted
by
RougeFemme
RougeFemme writes "Sven Olaf Kamphius, self-described "Internet freedome fighter", is reportedly at the center of the investigation into this week's alleged cyber-attack against Spamhaus, a group that fights Internet spam. Mr. Kamphius became incensed when Spamhaus blacklisted two companies that he runs, including Cyberbunker, a company that, earlier this week, claimed be under attack from Dutch swat teams. Though he initially solicited support for a DDoS against Spamhaus, he now disavows any direct role in the cyberattack, which threatened to slow some web traffic to a crawl."
Link to Original Source
Link to Original Source
Comment: Re:The big question (Score 1) 217
You ask for a do-over.
Comment: Re:How is this possible? (Score 1) 161
"You?" I'm not Scandinavian at all (short and dark, in fact). Did spend a winter in Stockholm, and definitely wouldn't recommend it for the weather. Also have to add, in case it's not obvious from your message, that the Danes have a much better sense of humor than the Swedes, and better beer as well.
Comment: How is this possible? (Score 5, Funny) 161
The Swedes are such a cold people. Even the Danes consider them distant and formal (not to mention a bit condescending).
Comment: Re:Can A Charity Give Away Its Money? (Score 5, Informative) 95
I'm the treasurer for a small 501(c)3 (ITT4AS501(c)3), not a lawyer, but here's what our legal counsel has told us in the past: we can give money to whomever we want provided that the "regrant" is to further the goals of the corporation, as set forth in the corporate charter that was approved by the state. Depending on how the charter was drawn up, that can be either pretty broad or really, really, really broad. There are a few limits - if you start embezzling large amounts, or if most of the proceeds of the organization wind up in the pockets of one person, then the IRS will come sniffing around. But regrants in general are absolutely permissible.
Comment: Re:Happens in teh Wiki, too. (Score 1) 185
I remember a few years ago that some comments in a electronics blog were censored; they referred to Panasonic's parent company Matsushita.
Comment: Happens in teh Wiki, too. (Score 1) 185
From (my contribution on) the talk page of the article on Romance Languages:
Can anything be done about the automated censorship of the Dante quotation in footnote 12, which now ends: "nam domus nova et dominus meus lo**censored**ur"? The censored part is a "c" followed by a "u" followed by an "n" followed by a "t"; the original can be found, for example, here: http://www.greatdante.net/texts/vulgari/vulgari.html (chapter XI, paragraph 7).
Apparantly, their Automated Puritan can pull lady parts out of the middle of a Latin word.
Supervolcano Drilling Plan Gets Go-Ahead 109
Posted
by
Soulskill
from the what-could-possibly-go-wrong dept.
from the what-could-possibly-go-wrong dept.
sciencehabit writes "A project to drill deep into the heart of a 'supervolcano' in southern Italy has finally received the green light, despite claims that the drilling would put the population of Naples at risk of small earthquakes or an explosion. Yesterday, Italian news agency ANSA quoted project coordinator Giuseppe De Natale of Italy's National Institute of Geophysics and Volcanology as saying that the office of Naples mayor Luigi de Magistris has approved the drilling of a pilot hole 500 meters deep. The project’s organizers originally intended to bore a 4-kilometer-deep well in the area of the caldera late in 2009, but the plan was put on hold by then-mayor Rosa Russo Iervolino after scientists expressed concerns about the risks."
Comment: Re:the problem... (Score 1) 23
I'm breaking this off; not interested in communicating with someone who keeps calling me names.