Forgot your password?
typodupeerror

Comment: misleading & likely incorrect (Score 5, Interesting) 85

by jgaynor (#45504077) Attached to: Route-Injection Attacks Detouring Internet Traffic

This whole article smacks of some CISSP pouring over BGP looking glass router logs and having a sophomore Eureka moment. BGP MITM is not practically possible because of the return path problem: the last router that dumped you the traffic believes you are the legitimate endpoint for that traffic and therefore is not going to forward it to the ACTUAL target once you're done doing nefarious things to it. The article tries to explain this away with the following:

"The traffic was likely examined and then returned on a “clean path” to its destination—all of this happening in the blink of an eye."

If the 'clean path' of the internet thinks Mallory is Bob, Mallory's theoretical egress 'Clean Path' will make the same assumption. Perhaps Alice's first hop AS was compromised? If so this is an isolated vendor network problem, not an 'internet at large' problem. Maybe Mallory's 'clean path' is a point to point to Bob? If so Bob's an idiot for signing a peering agreement with a known Hooligan.

This was likely a misconfigured customer router connected to an irresponsible ISP that doesn't filter the routes it accepts, just like the Pakistan/Youtube Incident. The author either doesn't understand the technical impossibility of the attack they're dreaming about or does and is willing to lose credibility in exchange for ad traffic.

The Almighty Buck

White House Proposes "Wealthy Tax" 2115

Posted by samzenpus
from the ante-up dept.
President Obama is proposing a new tax rate for people making over $1m a year. The new rate is part of a larger plan which seeks to bring in $1.5 trillion in new tax revenue and is sure to meet opposition in congress. From the article: "The core of the president's plan totals just more than $2 trillion in deficit reduction over 10 years. It combines the new taxes with $580 billion in cuts to mandatory benefit programs, including $248 billion from Medicare." GOP Rep. Paul Ryan of Wisconsin said, "Class warfare may make for really good politics but it makes for rotten economics."
Crime

Wardrivers Target Seattle Businesses 138

Posted by timothy
from the as-a-movie-plot-it's-too-obvious dept.
angry tapir writes "Seattle police are investigating a group of criminals who they say have been cruising around town in a black Mercedes stealing credit card data by tapping into wireless networks belonging to area businesses. The group has been at it for about five years, according to an affidavit signed by Detective Chris Hansen, a fraud investigator with the Seattle Police Department."
Music

Astronaut Sues Dido For Album Cover 264

Posted by samzenpus
from the get-me-off-that-thing dept.
An anonymous reader writes "Astronaut Bruce McCandless is suing Dido for her album cover that uses a famous NASA photograph of a tiny, tiny, tiny McCandless floating in space. McCandless doesn't own the copyright on the photo, so he's claiming it's a violation of his publicity rights ... except that he's so tiny in the photo, it's not like anyone's going to recognize him."
Classic Games (Games)

GOG.com Not Really Gone 276

Posted by samzenpus
from the stepped-out-for-a-minute dept.
gspr writes "On Sunday, Slashdot and many others reported that DRM-free games site GOG.com was shutting down. Now the site is back, revealing that it was all a hoax. According to the site: 'Now it's time we put an end to all the speculations once and for all. It's true that we decided that we couldn't keep GOG.com the way it was so we won't. As you probably know by now, GOG.com is entering its new era with an end of the two-years beta stage and we're launching a brand new GOG.com with new, huge releases.' So it was all an advertising stunt."
Cellphones

Apple Patents Remotely Disabling Jailbroken Phones 381

Posted by Soulskill
from the trying-to-put-the-break-in-jailbreak dept.
An anonymous reader writes "Apple yesterday applied for a patent to allow remotely disabling electronic devices when 'unauthorized usage' is detected. The patent application covers using the camera to take pictures of the unauthorized user and using GPS to determine location, and it involves ascertaining whether the phone has been hacked or jailbroken, using those as criteria for detecting 'suspicious behavior.' The patent would allow the carrier or any other 'authorized' party to disable or restrict the functionality of the device. Is this Apple's latest tool to thwart jailbreaking?"
Image

Military Develops "Green" Cleaners For Terrorist Attack Sites 97 Screenshot-sm

Posted by samzenpus
from the ultra-concentrated dept.
An anonymous reader writes "Chemists with the US military have developed a set of ultra-strength cleaners to be used in the aftermath of a terrorist attack. The formulas are reportedly tough enough to get rid of nerve gas, mustard gas, radioactive isotopes, and anthrax. But they are also non-toxic, based on ingredients found in foods, cosmetics, and other consumer products."
Image

Decency Group Says "$#*!" Is Indecent 821 Screenshot-sm

Posted by samzenpus
from the dirty-minds dept.
The Parents Television Council says the "$#*!" in the title of the upcoming CBS show $#*! my dad says is indecent. From the article: "'CBS intentionally chose to insert an expletive into the actual name of a show, and, despite its claim that the word will be bleeped, it is just CBS's latest demonstration of its contempt for families and the public,' declared PTC President Tim Winter. 'There are an infinite number of alternatives that CBS could have chosen, but its desire to shock and offend is crystal clear in this decision.'" By this logic Qbert was the filthiest game ever made.
First Person Shooters (Games)

Tremulous Switching To Xbox Live, Exclusively 43

Posted by timothy
from the console-yourself dept.
An anonymous reader writes "Darklegion Development and Microsoft have apparently been working on a new version of Tremulous for the Xbox 360. Timbor, project founder and a main developer of Tremulous, said this in a recent announcement: 'What does this mean for you? You will now be able to play Tremulous on Xbox Live with thousands of other gamers, earning achievements and showing off your gaming skill. In the best interest of maintaining a steady and secure Tremulous playerbase, Tremulous is going to be exclusively available for Xbox Live. Existing infrastructure will no longer receive official support. Players who have already been playing for at least three months can apply for a €5/$7 coupon as a show of our appreciation of your enthusiasm so far! What does this mean for the community? Hopefully nothing! While the production of Tremulous switches from its current open source development to a closed source environment handled by the very capable and experienced Microsoft engineers, the efforts of the community will still be valued. In this collaboration we have made it very clear that the Tremulous community is very important to the game, and Microsoft agrees with us on this point. We are confident that this move will not stifle the creative output of the community.'"
The Internet

The Cybersecurity Act of 2009 Passes Senate Panel 367

Posted by CmdrTaco
from the this-won't-end-well dept.
An anonymous reader writes "The Cybersecurity Act of 2009 passed a Senate panel, giving the president unprecedented power to issue a nation-wide blackout or restriction on websites without congressional approval. The bill, written by Sen. Jay Rockefeller [D-WV] and revised by Sen. Olympia Snow [R-ME], was drafted in an attempt to thwart internet-based terrorist threats, and gives the president this 'kill switch' without oversight or explanation. The bill is up for Senate vote."
Image

Disputed Island Disappears Into Sea 460 Screenshot-sm

Posted by samzenpus
from the say-hi-to-atlantis dept.
RawJoe writes "India and Bangladesh have argued for almost 30 years over control of a tiny island in the Bay of Bengal. Now rising sea levels have ended the argument for them: the island's gone. From the article: 'New Moore Island, in the Sunderbans, has been completely submerged, said oceanographer Sugata Hazra, a professor at Jadavpur University in Calcutta. Its disappearance has been confirmed by satellite imagery and sea patrols, he said. "What these two countries could not achieve from years of talking, has been resolved by global warming," said Hazra.'"
The Internet

Europe To Block ACTA Disconnect Provisions 194

Posted by kdawson
from the swing-and-a-miss dept.
superglaze writes "The European Commission is 'not supporting and will not accept' any attempt to have ACTA (the Anti-Counterfeiting Trade Agreement) force countries to disconnect people for downloading copyrighted material, a spokesman for the new EU trade commissioner has said. All the signs are that the new commission, which took office earlier this month, intends to take a hard-line stance against US proposals for a filesharing-related disconnection system. 'Three strikes' is allowed in EU countries, but not mandated by the European government itself, and it looks like the new administration wants to keep it that way. From trade commission spokesman John Clancy, quoted in ZDNet UK's article: '[Ac ta] has never been about pursuing infringements by an individual who has a couple of pirated songs on their music player. For several years, the debate has been about what is "commercial scale" [piracy]. EU legislation has left it to each country to define what a commercial scale is and this flexibility should be kept in ACTA.'"

If you think nobody cares if you're alive, try missing a couple of car payments. -- Earl Wilson

Working...