46844479
submission
hypnosec writes
"What is believed to be one of the six working Apple 1 computers has fetched a whopping $671,400 for its current owner at an auction in Germany. The Apple 1 system was built by Steve "The Woz" Wozniak back in 1976 at Steve Job’s parents’ garage and is probably either from the first lot of 50 systems ordered by Paul Terrell, the owner of Byte Shop chain of stores or part of the next lot of 150 systems that the Steve duo built to sell to friends and vendors. The retail price fixed for the Apple 1 at the time was $666.66 with a 33% markup."Link to Original Source
46838879
submission
hypnosec writes
"Xbox One and PlayStation 4 both come with 64-bit APUs from AMD but, the similarity ends there. Talking about Xbox One’s APU, it features eight cores clocked at 1.6GHz. Xbox One has only 768 stream processors in its Video chip and the memory is a quad-channel DDR3 clocked at 2133MHz – giving it a total bandwidth of 68.3 GByte/s. Sony PS 4 on the other hand also has an eight core APU clocked at 1.6GHz and has Radeon graphics card with a whopping 1152 stream processors and 8GB of DDR3 memory clocked at 5.5GHz linked to a 256 bit memory interface. This gives the PlayStation 4 a whopping bandwidth of 176 GByte/s. Xbox One lags a lot when it comes to this. Microsoft has integrated a 32 MB of SRAM-cache capable data processing at 102 GByte/s and claims that this gives Xbox One a memory bandwidth of 200 GByte/s."Link to Original Source
46812911
submission
hypnosec writes
"A security researcher has discovered a trivial design bug in Samsung’s secure bootloader concept, which when exploited allows booting of arbitrary operating system on the Galaxy S4. AT&T & Verizon in the US sell customized models of the Galaxy S4 that make use of the secure boot feature, which only allows kernels possessing company’s digital signature to boot. To this effect, the bootloader checks whether the system that is to be booted possesses a valid RSA-2048 signature or not. Dan Rosenberg didn’t need to attack the crypto as while analyzing the reverse engineered code he found that it is possible to determine the memory address where the bootloader will load the kernel to carry out the signature check. According to Rosenberg the memory address can be chosen in such a way that the bootloader's check_sig() function is overwritten before the loader actually calls that function thereby bypassing the signature check. Using memory manipulation, Rosenberg goes about tidying up the memory a little following which “everything is OK" get returned thus allowing even an unsigned OS to boot."Link to Original Source
46771417
submission
hypnosec writes
"Fedora 18 for the Raspberry Pi – Pidora 18 – which is an ARMv6 spinoff and optimized remix of Fedora 18 has been released. Pidora 18 comes with most of the Fedora 18 packages which are available via yum. The optimized OS has been compiled such that it takes advantage of the hardware built into the Raspberry Pi. Some of the features of Pidora 18 are support for various programming languages, headless mode along with the standard Linux desktop mode, auto-swap support, inclusion of easy-to-use text editors, and inclusion of libraries that support external hardware like motors and robotics, among others."Link to Original Source
46740795
submission
hypnosec writes
"Google, while signing the agreement with MPEG LA concerning VP8 codec, had assured that there would be a third party license agreement in place for the protection of those using the VP8/WebM. This however doesn’t seem to be the case as an open source advocate has ruled that the recently published draft VP8 patent cross-license agreement seems to be closing doors on software freedom. According to a Simon Phipps each user who is looking to make use of the cross-license has to enter into a contract with Google and as most of the open source projects either don’t have the required in-house legal expertise or lack funds to hire a legal personnel there might be no one who will sign such a contract with Google. Further the license cannot be sub-licensed which means that downstream users will not have the license automatically transferred to them."Link to Original Source
46710875
submission
hypnosec writes
"Open source implementation of Apache Hadoop — Hortonworks Data Platform (HDP) for Windows has just been released. The beta of HDP for Windows was released by Hortonworks on February 25 and at the time it was announced that the HDP is an extension of Hortonworks two-year-old Hadoop partnership with Microsoft. HDP for Windows, like its Linux counterpart, allows users to deploy Hadoop on Windows Server and offers an easy migration path to HDInsight."Link to Original Source
46673847
submission
hypnosec writes
"The Electronic Frontier Foundation (EFF) has started accepting donations in the form of Bitcoins again after two years of hiatus stating that the legal uncertainty, which was hovering over the digital currency, has all but disappeared. Announcing the latest development through a blog post the EFF noted that a report from U.S. Treasury Department's Financial Crimes Enforcement Network (FinCEN) on top of its own research findings "have confirmed that, as a user of Bitcoin or any virtual currency, EFF itself is likely not subject to regulation.""Link to Original Source
46678377
submission
hypnosec writes
"Google is busy replacing its Talk chat client with the recently announced Hangouts, which was introduced last week at the Google I/O 2013 conference and will bring an end to Talk, Google+ Messenger and the original Google+ Hangouts. The new app, available as a Chrome extension as well as for Android, iOS, and Windows, has a serious disadvantage to the previous Talk client – it doesn’t support the XMPP open source chat protocol aka Jabber. Support for XMPP allowed Talk to communicate to XMPP accounts that were not registered with Google servers thereby allowing users to communicate with their contacts outside of Google."Link to Original Source
46648325
submission
hypnosec writes
"IBM is taking its COBOL server platform to the next level by updating the mainframe platform in a bid to extend and enable its mainframes to host cloud based applications and services. The latest update is looking to add XMLS Server as well as Java 7 capabilities to the System/z COBOL platform and this update would extend the overall lifespan of COBOL by taking it up a notch and gearing it towards the cloud computing arena."Link to Original Source
46632707
submission
hypnosec writes
"Unauthorized access attempt of Yahoo! Japan portal may have led to theft of up to 22 million user IDs, Yahoo has revealed. There has been no information about leaks of such a massive database of user IDs as yet and according to Yahoo, the information that was stolen didn’t have passwords or any other information that would allow unauthorized users to carry out user identity verification. Yahoo hasn’t ruled out the possibility of a leak though considering the volume of traffic it noticed flowing from its servers to external entities."Link to Original Source
46588469
submission
hypnosec writes
"Mozilla is not going ahead with its plans of blocking third-party cookies by default in the Beta version of its upcoming Firefox 22 for now as it needs more time to analyze the outcome of blocking these cookies. The non-profit organization released Firefox Aurora on April 5 with a patch by Jonathan Mayer built into it which would only allow cookies from those websites which the user has visited and would block the ones from sites which haven’t been visited yet. The reason for change in plans is that as of Mozilla is currently looking into "false positives," which would result into blocking of cookies from sites which may be part of the same group of sites that the user had visited and blocking of cookies from these sites may adversely affect the browsing experience of users. Looking on the other side of the coin, there are “false negatives” whereby a user may have visited a particular site but he/she is not comfortable with the idea of being tracked across the Internet – even on sites which are not related to the ones they have visited in the first place."Link to Original Source
46567529
submission
hypnosec writes
"The French government is pondering over introduction of new tax on technology in tune of 1 to 4% specifically on products like smartphone, tablets and laptops generating as much as 86m euros per year which would be used to support and protect French music, film, and the arts. The recommendations have been given through a report which is a result of a nine months of research into ways to strengthen “cultural exception”."Link to Original Source
46501567
submission
hypnosec writes
"Raspberry Pi’s camera module is out of the tuning phase and is available for order from Premier Farnell/Element14 whereas RS Components will be having it on sale soon enough. Announced late last year the camera entered its tuning phase this February and the Raspberry Pi foundation was working on drivers at the time. The camera module has a 5MP sensor is capable of recording 1080p, 720p and 640x480p video format and is available for $25."Link to Original Source
46461879
submission
hypnosec writes
"Linus Torvalds has released the Linux 3.10-rc1 kernel marking the closure of the 3.10 merge window. The Linux 3.10-rc1 is the second biggest rc release in years and the closure of the merge windows means that the features expected out of the Linux 3.9 successor are chalked out. “So this is the biggest -rc1 in the last several years (perhaps ever) at least as far as counting commits go,” Linus notes in the release announcement. Only the one before Linux 3.8 had the highest number of commits notes Stephen Rothwell."Link to Original Source
46438287
submission
hypnosec writes
"Users in the US are reporting that Google has allegedly shut down its SMS Search service without any official announcement or notification. According to initial reports users are getting a “SMS search has been shutdown” message when they are trying to carry out SMS search by sending out a message to 466453 in the US. Navigating to the official Google Mobile website and clicking on SMS Search yields nothing but 404 – Page not found error."Link to Original Source