Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Submission + - Apple Offers Two-Factor Authentication on iCloud (techweekeurope.co.uk)

judgecorp writes: "Apple has promised two-factor authentication for its online services following an embarrassing incident where it gave out writer Matt Honan's credentials to an imposter over the phone — and all his devices were wiped. Apple is proposing standard 2FA, with unique codes sent for every purchase, and a 14-digit recovery key to gain access to accounts which have been hacked, or whose passwords have been forgotten."

Submission + - British Spooks Hope To Automate Vulnerability Finding (techweekeurope.co.uk)

judgecorp writes: "The UK intelligence agency GCHQ has announced a Cyber Research Institute whose job is to find better ways to uncover security flaws. The unit, based at Imperial College London, has a £4.5 million grant to work on automatic detection techniques which will find flaws in software before they can be exposed and exploited."

Submission + - Imprisoned AT&T Hacker Weev Plans To Run For Congress (techweekeurope.co.uk)

judgecorp writes: "Weev, the hacker who exposed an AT&T database says he plans to run for Congress on his release from jail. Real name Andrew Auernheimer, Weev was sentenced to 41 months in jail today. Despite saying the government is made up of "seditious thugs", he told TechWeekEurope that he plans to run for Congress, and has a congressional committee assembled. He also spoke of his Mormonism and his trolling activities."

Submission + - Bromium Proposes Virtualising Every Task To Secure Laptops (techweekeurope.co.uk)

judgecorp writes: "Start-up Bromium thinks it has solved the problem of endpoint security — keeping the rapidly changing zoo of malware off PCs. Its idea: micro-virtualisation which puts every single task into its own virtual machine. The idea comes from the creators of the Xen hypervisor and relies on the fact that VMs do not interact with each other. For every browser tab or document, the user effectively unwraps a new PC which is thrown away after use. The firm has some customers for its still-somewhat-pricey idea (which relies on Intel's hardware support for virtualisation and is only available for Windows 7 right now). It also has to make sure it convinces on issues such as the transfer of files between possibly infected VMs."

Submission + - Activists Shame Spyware Sellers Who Deal With Dictators (techweekeurope.co.uk)

judgecorp writes: "Reporters Without Borders has named and shamed the surveillance software vendors who sell to repressive regimes, including Syria, China and Iran. Their software is used to track activists, and has been instrumental in delivering some dissidents over for torture, says RWB. The offending companies include US-based Bluecoat, Germany's Trovicor, France's Amesys, the UK's Gamma International, as well as HackingTeam, based in the US and Italy. HackingTeam is unusual in that it turned up at the recent RSA show to defend its reputation, arguing that it avoided selling to countries on international blacklists."

Submission + - Michelle Obama And Other Leading Figures Hit By Hackers (techweekeurope.co.uk)

judgecorp writes: "Michelle Obama, Joe Biden, Hilary Clinton and Mel Gibson are among the politicians and celebrities whose personal data has been stolen and posted online by a hacking group. Credit card details and social security numbers were posted on a .su domain, although there appears to be no connection with the former Soviet Union."

Submission + - Hacking Team Defends Selling Spy Software to Morocco And UAE (techweekeurope.co.uk)

judgecorp writes: "Hacking Team, the firm whose surveillance software was apparently used to spy on activist citizens in Morocco and the United Arab Emirates has defended its activities. The company takes "stern action" in such cases and can remotely reduce the power of the software, which is basically weaponised malware, the company's legal counsel told the RSA 2013 show in San Francisco. It also won't sell to countries that are on official blacklists — but other security professionals say that leaves the company plenty of scope to work with repressive regimes."

Submission + - Vint Cerf Warns On Security of The Internet Of Things (techweekeurope.co.uk)

judgecorp writes: "The Internet of Things needs securing Vint Cerf told the RSA conference this week. The father of the Internet believes that public key cryptography at a very granular level will be required for the host of devices joining the Internet over the next while. He also spoke in defence of "psudonymity", the means by which the likes of Google say they can make use of Web traffic information, without infringing privacy."

Submission + - Google: Microsoft's 'Scroogled' Attack On Gmail Privacy Is Dishonest (techweekeurope.co.uk)

judgecorp writes: "Google has responded forcefully to a Microsoft-backed campaign which says Gmail users are being "Scroogled — ie, having their privacy infringed by Google. The Scroogled campaign is dishonest and misuided, Google privacy counsel Keith Enright said at the RSA security show. He also denied reports that Google is being unco-operative with European privacy regulators, saying that on the contrary, the French body CNIL was dragging its heels in answering Google queries."

Submission + - Stuxnet May Have Been Active In 2005 (techweekeurope.co.uk)

judgecorp writes: "The Stuxnet cyber-weapon is older than previously thought, and may have been first used in 2005, long before 2010 when it was revealed to have hit Iran's uranium centrifuges. Symantec has shown. Stuxnet 0.5 was definitely in action in 2007, with an earlier version apparently in use in 2005, according to a presentation at the RSA 2013 show in San Francisco"

Submission + - China's Army Accused Of Running Hacking Group APT1 (techweekeurope.co.uk)

judgecorp writes: "The Chinese government has been accused of backing the APT1 hacking group, which appears to be part of the Chinese People's Liberation Army (PLA), according to the security firm which worked with the New York Times when it fell victim to an attack. The firm, Mandiant, says that APT1 is government sponsored, and seems to operate from the same location as PLA Unit 61398."

Submission + - Burger King Twitter Account Hacked, Rebranded As McDonald's (techweekeurope.co.uk)

judgecorp writes: "Burger King's Twitter account was hacked yesterday, by pranksters who rebranded the feed, tweeting nonsense under the name of Mcdonald's. Today, the account is back under Burger King's control, and McDonald's tweeted a denial that it had anything to do with the incident. Although this sort of event is (we presume) down to slack security by the account holder, it could harm Twitter, as big brands lose trust in the service."

Submission + - Britain Leads In Phishing - Because Of Strong Pound? (techweekeurope.co.uk)

judgecorp writes: "Apparently Britain is a world capital of phishing, and it may be because of our marvellous currency. Britain is a worthwhile target because its currency is strong, and a soft one because its people spend a long time online. A lot of the attacks are led from abroad, but many have local accomplices with a British accent, to do the social engineering and get past two-factor authentication"

Submission + - EU Proposes Mandatory Cyber Attack Reporting (techweekeurope.co.uk)

judgecorp writes: "The European Unioin has proposed a law which would require banks and organisations in "critical industries" to report cyber attacks. Companies will resent this requirement to expose what happened when they fell victim to an attack — but the EU has promised local authorities will consider whether exposure is in the public interest. This is a different measure from the requirement to reveal data breaches, which is part of European privacy proposals."

I was playing poker the other night... with Tarot cards. I got a full house and 4 people died. -- Steven Wright