iComp writes: Sysadmin blog I contributed to the massive DDoS attack against Spamhaus. What flowed through my network wasn't huge — it averaged 500Kbit/sec – but it contributed. This occurred because I made a simple configuration error when setting up a DNS server; it's fixed now, so let's do an autopsy. The problem .
I should start off by apologizing to CloudFlare and Spamhaus; my lapse contributed to a DDoS against their infrastructure. More damning than merely having been an unwitting participant is that I knew enough about this sort of attack to have set up rudimentary protections against it and yet I still forgot the critical component: actually disabling recursive lookups.
The way a DNS amplification attack works is simple. DNS servers can be configured in one of two basic ways. In one possible configuration a DNS server serves only domains for which it is responsible (authoritative). In the other configuration the DNS server serve those domains and goes looking on the wider internet for any domains it isn't personally set up to manage (recursive).
iComp writes: "Facebook has sent out invitations to an event at its Menlo Park headquarters next week that many believe will see the launch of a new, Facebook-branded smartphone – and an Amazon phone may not be far behind.
Facebook's invites themselves were fairly cryptic. "Come See Our New Home on Android" was all they said, along with the date – Thursday, April 4 – time, and an email address for RSVPs.
But according to The New York Times, among others, the event will herald not just another Android app, but a phone running a brand-new fork of Android that places special emphasis on Facebook's social services rather than Google's.
If true, it would be a bold move for the social network. Investors have often criticized Facebook for being slow to adapt to the transition from desktop to mobile. An own-branded phone would serve to demonstrate that Facebook is pushing all its chips forward to become a mobile-first company.
This first Facebook phone will reportedly be built by HTC, which wouldn't be a surprise. The Taiwanese firm previously collaborated with Zuck & Co. on the HTC Status handset, which shipped with a dedicated Facebook button.
The interesting part will be what's going on inside the phone's case. According to the NYT, which cites sources inside Facebook and close partners, the device will boot directly into the user's Facebook home screen, instead of the familiar Android icons.
What's more, Facebook's messaging and camera apps will reportedly form the core functions of the phone, rather than the stock Android ones. The phone's primary contacts list will presumably be the user's Facebook friends, too."
iComp writes: "Anti-spam organisation Spamhaus has recovered from possibly the largest DDoS attack in history.
A massive 300Gbps was thrown against Spamhaus' website but the anti-spam organisation was able to recover from the attack and get its core services back up and running. CloudFlare, the content delivery firm hired by Spamhaus last week to guard against an earlier run of DDoS attacks, was also hit, forcing it into taking the highly unusual step of dropping London as a hub in its network — as a Twitter update by CloudFlare on Monday explained.
Our peering in London has been dropped due to a large attack. Modifying routes to avoid degradation. Affecting location: London, GB
Spamhaus supplies lists of IP addresses for servers and computers on the net linked to the distribution of spam. The blacklists supplied by the not-for-profit organisation are used by ISPs, large corporations and spam filtering vendors to block the worst sources of junk mail before other spam filtering measures are brought into play.
Spammers, of course, hate this practice so it's no big surprise that Spamhaus gets threatened, sued, and DDoSed regularly. Those affected by what they regard as incorrect listings also object about Spamhaus' alleged vigilante tactics.
The latest run of attacks began on 18 March with a 10Gbps packet flood that saturated Spamhaus' connection to the rest of the Internet and knocked its site offline. Spamhaus's blocklists are distributed via DNS and widely mirrored in order to ensure that it is resilient to attacks. The website, however, was unreachable and the blacklists weren't getting updated."
iComp writes: "Red-faced crypto and intercept intelligence agency GCHQ has admitted emailing plain text password reminders to people who register on its careers micro-site.
The issue came to light after prospective job applicant Dan Farrall blogged about his experience of receiving a plain text reminder of his GCHQ recruitment site password by email after filling out its forgotten password form. Farrall only got round to blogging about the issue this week, two months after the offending email.
Incredibly the signals intelligence agency had done nothing in the weeks in-between to address such well understood security bad practice on its careers site.
Website passwords should be stored by organisations only as encrypted and salted hashes. And password reminders shouldn't be sent in unencrypted emails. Instead it's far better to apply a password reset procedure. Password retrieval isn't even possible where login credentials are stored only as encrypted and salted hashes, so it's evident that in this case they weren't."
iComp writes: "Pix A Florida fisherman found an unpleasant-looking surprise in the belly of a bull shark he had just caught; a two-headed fetus ready to be born. Two-headed Bull Shark
Double the bite (credit: Journal of Fish Biology)
The specimen, described in the latest Journal of Fish Biology, has two heads side-by-side, each with its own gills, mouth, and teeth, fused onto a single body. The fisherman kept the fetus for further study, and released the remaining shark offspring, which were able to swim away.
"They're hardy little critters," the paper's coauthor Dr. Michael Wagner, assistant professor at Michigan State University department of fisheries and wildlife, told The Register.
"But despite this, the two-headed specimen probably would have died after birth. It was near-to-term, but should have been a lot larger – the body looks to have invested so much energy in growing a separate head that the rest of the body was foreshortened." Two-headed Bull Shark fetus
Two heads are decidedly not better than one (credit: Journal of Fish Biology)
This is the first time that a two-headed bull shark has been recovered, although the phenomenon has been recorded in a handful of other shark breeds. Wagner said that there's no way of knowing how common this form of defect is, since such sharks typically give birth in open water and are seldom kept in aquaria (Bond villains notwithstanding.)
There are numerous examples of twin-headed animals, particularly among reptiles, he said, and there is a small but dedicated market for curios of this type. Wagner said it was important to study such examples to get clues as to how this type of abnormality comes about and its implications for biology.
Wagner said that the fetus was most likely an ill-formed twin that had started to bifurcate and then stopped once the mid-spine had formed into one unit. While some might say that the fetus is a the result of pollution, especially considering the 2010 BP Deepwater Horizon oil spill, but Wagner said there was no way the cause can be determined based on one sample."
iComp writes: "I was allowed to write this piece because in November I wrote to our glorious editor after a London Quant's Group seminar to say that the price of Apple shares would tank sooner rather than later.
As you all know, that’s just what happened — from just shy of $800 to the mid $400s. The reason I don’t make all that much money out of that is the economics were inevitable but the timing was viciously hard to call. The Free Cash Problem
It tells you something about economists that this is what it’s called.
Both history and game theory tell us that cash piles will inevitably be squandered, often doing more harm than good. But if the Powerpoints that senior people at your firm confuse with actually managing are saying “We can do more with less”, you’ll be rightly sceptical of the idea that more money will make you less efficient.
Imagine for a second that Apple is the best tech firm on the planet. Certainly that is what some people tell me. Why would you think that is good for the share price ?
It’s no secret that fondleslabs are selling well and by the time you read this the wrist Jobs may be on offer. Shares only outperform the market if there’s good news, not olds. The share price reflects the expectations of future earnings and so being the best is not good enough when you come to deal with the dangers of success."
iComp writes: "A mobile software developer has turned an popular third party Android mobile keyboard called SwiftKey into a counterfeit package loaded with a trojan as a warning about the perils of using pirated or cracked apps from back-street app stores.
Georgie Casey, who runs a popular Android app-development blog in Ireland, created a modified (backdoored) version of SwiftKey using a tool called apktool combined with basic knowledge of Java and Android. The end result was a backdoored app called Keylogger SwiftKey APK, which Casey made available from his website (along with explicit warnings that it was to be used by interested parties and only to validate the problem).
"Apktool isn't keylogging software, it's an Android app dissassembler," Casey told El Reg.
"You dissassemble a Swiftkey keyboard, code your keylogger code that sends keylogs to my server, re-assemble with Apktool and now you've a keylogger. You still have to convince people to install it though.""
hackingbear writes: The suspected cyberattack that struck South Korean banks and media companies this week didn't originate from a Chinese IP address, South Korean officials said Friday, contradicting their previous claim. The Korea Communications Commission said that after "detailed analysis," the IP address used in the attack is the bank's internal IP address which is coincidentally identical a Chinese ISP's address, among the 2^32 address space available.
hypnosec writes: UEFI guru Matthew Garrett who cleared the Linux kernel in Samsung laptop bricking issues has come to rescue beleaguered users by offering a survival guide enabling them to avoid similar issues in the future. According to Garrett, storage space constraints in UEFI storage variables is the reason Samsung laptops end up bricking themselves. Garrett said that if the storage space utilized by the UEFI firmware is more than 50 per cent full the laptop will refuse to start and end up being bricked. To prevent this from happening he has provided a Kernel patch that would ensure that Linux does not fill up more than 50 per cent of UEFI firmware's storage space.
iComp writes: "eBay has confessed to The Register that a software bug destroyed the listings of 10,000 merchants in Britain, the US, Germany and Australia.
The online tat bazaar said it was restoring the listings, but it was unable to tell us if traders would be able to recover their sales histories — an important component for eBay sellers, who build trust with customers by showing how they had previously sold items on the site.
The company gave El Reg this statement:
Due to a software issue which has been resolved, a small percentage of seller listings in global markets including the United States, United Kingdom, Germany and Australia were inadvertently removed from our platform, impacting approximately 10,000 sellers.
We continue to make progress in restoring these listings, a process that is rolling out in stages and is expected to be completed for the majority of listings within 24 hours of the incident.
Separately, we are reaching out to eBay sellers most impacted and assisting them directly in their recovery efforts. We will keep our sellers apprised of our progress and apologise for any inconvenience resulting from this issue."
iComp writes: "Ubuntu is going to become the reference architecture for a Linux distribution, backed and developed by the Chinese government.
The news means Ubuntu-stewards Canonical will work with China's National University of Defense Technology, and The China Software and Integrated Chip Promotions Center, to develop a Chinese-flavored version of the popular Linux distribution. .
This software will help China provide "a flexible, open, widely-used and standardized operating system," Canonical said on Thursday.
"This collaboration will bring local investment and participation to ensure that the platform is relevant for the Chinese market, and close coordination with the global Ubuntu project ensures that it is familiar to software and hardware vendors, and useful for export products made by Chinese companies as well," Canonical chief executive Jane Silber said in a statement."
iComp writes: "PayPal, Google Wallet and other online payment systems face higher transaction fees from MasterCard in retaliation for their refusal to share data on what people are spending. Visa is likely to follow suit.
The amount that PayPal has to pay MasterCard for every transaction will go up as the latter introduces new charges for intermediated payment processors. This change is on the grounds that such processors don't share transaction details, which the card giants would love to get hold of as it can be used to research buying patterns and the like.
Companies such as PayPal allow payments between users, so the party (perhaps a merchant) receiving the money doesn't need to be registered with the credit-card company. PayPal collects the dosh from the payer's card, and deducts a processing fee before passing the cash on to the receiving party. MasterCard would prefer the receiver to be registered directly so will apply the new fee from June to any payment that is staged in this way.
The fee will only apply within the US, initially at least, and Visa hasn't said it will follow suit. But Reuters tells us that Visa's CEO described the new fee as "totally appropriate", and it is already impacting PayPal's owner eBay according to financial blogger Tom Noyes.
PayPal exploded in use because registering to receive credit-card payments was a tortuous process best left to large retailers. But companies such as Square and Sailpay have simplified that process enormously and MasterCard clearly feels the PayPal's raison d'etre has been largely eliminated — so the time has come for the killer punch."
iComp writes: "Microsoft has joined the list of companies opening up about its cooperation with THE MAN with its own report on how often it helped out the police last year, and says it'll issue updates on the situation every six months.
Redmond came in for some stick in January when a coalition of activists, privacy organizations, and journalists called for it to follow the example of Google (and more recently Twitter) in being more open about what information it hands over the police. Of particular concern is the data on Skype, whose privacy or lack of it is worrying many users.
"In recent months, there has been broadening public interest in how often law enforcement agencies request customer data from technology companies and how our industry responds to these requests," said Microsoft general counsel Brad Smith in a blog post. "We seek to build further on the industry's commitment to transparency by releasing our own data today."
In 2012 Microsoft received 75,378 law enforcement requests for customer information, spread over 137,424 accounts. Of these Microsoft agreed to help uncover user content in 2.1 per cent of cases, but this data only covers Hotmail/Outlook.com, SkyDrive, Xbox LIVE, Microsoft Account, Messenger and Office 365 – with a separate data set for Skype."
iComp writes: "Top international boffins poring over a newly-produced sky map of the microwaves released when the entire universe exploded into being out of soup have confessed themselves baffled by a mysterious "cold spot" on the chart whose existence today's science cannot explain.
The map in question has been produced by taking the first 15 months' worth of data from the European Space Agency's Planck probe-scope positioned at the L2 Earth/Sun Lagrange point 1.5 million km away in the vasty deeps of space. Planck has scanned the entire sky, and advanced boffinry has been used to purge its imagery of light emitted by such stuff as stars, galaxies etc.
What is left is the ancient light emitted as the universe was formed, from soup. According to the ESA:
The young Universe was filled with a hot dense soup of interacting protons, electrons and photons at about 2700C. When the protons and electrons joined to form hydrogen atoms, the light was set free. As the Universe has expanded, this light today has been stretched out to microwave wavelengths, equivalent to a temperature of just 2.7 degrees above absolute zero.
But what's really set the cat among the cosmological pigeons is that the map has things on it that can't be explained."
iComp writes: "The European Commission is under fresh pressure to stop Google from allegedly stifling rivals by favouring its own products in its search engine results.
Almost a dozen web companies want Brussels to issue a Statement of Objections, which would be a first step in bringing charges against the advertising giant.
In a joint letter to competition commissioner Joaquin Almunia, online firms Foundem, Expedia, Euro-Cities AG, Hot Maps Medien, Streetmap EU, TripAdvisor, Twenga, Visual Meta and three German publishing groups criticised Europe's ongoing probe into claims of Google's "abuse of dominance".
The group stated:
The Commission opened proceedings more than two years ago, and we are becoming increasingly concerned that effective and future-proof remedies might not emerge through settlement discussions alone.
Last year, Almunia said he had four areas of concern about Google's operations; these ranged from the company offering restaurant and news searches, to "copying original material from the websites of its competitors, such as user reviews"."