writes: The Japanese Fukishama crisis took a turn for the worse this week as it was found a barrier built to contain contaminated water has been breached; a leak defined by 20 trillion to 40 trillion becquerels of radioactive tritium. This is yet another problem on top of a spate of errors plauging the 2011 nuclear disaster site. Nuclear regulatory official Shinji Kinjo has cited Tokyo Electric Power Company as having a "Weak sense of crisis" as well as hinted at previous bunglings by TEPCO as the reason one cannot "just leave it up to Tepco alone". If Nuclear energy is ever to move forward, these types of disasters need to be eliminated. Is the ongoing saga of Fukishama a problem which can be cured with appropriate technology, or are disasters like this simply the element of cost vs. risk in the business of nuclear energy?
writes: A serious attack against ciphertext secrets buried inside HTTPS responses has prompted an advisory from Homeland Security. The BREACH attack is an offshoot of CRIME, which was thought dead and buried after it was disclosed in September. Released at last week’s Black Hat USA 2013, BREACH enables an attacker to read encrypted messages over the Web by injecting plaintext into an HTTPS request and measuring compression changes.
Researchers Angelo Prado, Neal Harris and Yoel Gluck demonstrated the attack against Outlook Web Access (OWA) at Black Hat. Once the Web application was opened and the Breach attack was launched, within 30 seconds the attackers had extracted the secret.
“We are currently unaware of a practical solution to this problem,” said the CERT advisory, released one day after the Black Hat presentation.Link to Original Source
writes: A top secret National Security Agency program allows analysts to search with no prior authorization through vast databases containing emails, online chats, social media activities and the internet browsing histories of millions of individuals, according to documents provided by whistleblower Edward Snowden. The NSA boasts in training materials that the program, called XKeyscore, is its "widest-reaching" system for developing intelligence from the internet. The latest revelations will add to the intense public and congressional debate around the extent of NSA surveillance programs. They come as senior intelligence officials testify to the Senate judiciary committee on Wednesday, releasing classified documents in response to the Guardian's earlier stories on bulk collection of phone records and Fisa surveillance court oversight. The files shed light on one of Snowden's most controversial statements, made in his first video interview published by the Guardian on June 10. "I, sitting at my desk," said Snowden, could "wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email". US officials vehemently denied this specific claim. Mike Rogers, the Republican chairman of the House intelligence committee, said of Snowden's assertion: "He's lying. It's impossible for him to do what he was saying he could do."Link to Original Source
writes: HuffPo reports that Microsoft Office will be released for Android phones from Wednesday. /From the porcine aviation department?Link to Original Source
writes: While many Solidoodlers will likely use their 3D printers to output Yodas, gearsets or bunnies, one New Zealander decided to take 3D modeling to the next level. With the average price of an Aston Martin DB4 running in the hundreds of thousands of dollars, Ivan Sentch decided to go one better by printing a full-scale Aston Martin DB4 replica.Link to Original Source
writes: An Android tablet brought back from North Korea by a tourist has provided a glimpse at some of the restrictions placed on IT users in the famously secretive country. The Samjiyon is the third tablet to have gone on sale in North Korea. It was unveiled at a trade show in the capital, Pyongyang, last September and received some coverage on state television, but few westerners have had a chance to see it up close. The tablet was likely manufactured outside of North Korea and the hardware itself is fairly unremarkable, but the software and the usage restrictions placed on the device provide some insights about life in the country.Link to Original Source
writes: Reports on the possible motivation of Pedro Vargas, who shot six people before being killed by police, appear to make much of his accessing the "Anarchist Cookbook". Even the name of the page of the article emphasizes this — "at-former-job-hialeah-gunman-downloaded.html"
Link to Original Source
...an investigation into Vargas prompted by his poor work performance found he had downloaded a slew of inappropriate files onto his office desktop, including a so-called “Anarchist Cookbook,” which includes instructions on making explosives at home, counterfeiting money and killing someone with your bare hands...
Of chief concern to Vargas’ supervisors was a file titled “1000 hacking tutorials,” which, according to the university, included an “Index to the Anarchist Cookbook IV, version 4.14.” The Anarchist Cookbook is a bomb-making manual first published in 1971 during the Vietnam War.
writes: A little over a month ago, Microsoft released the first update to Windows 8, the preview version of Windows 8.1. Now, Microsoft has announced that Windows 8.1 Enterprise Preview has been made available for download. Of course, as always, you need to test the operating system with precautions, as this is not yet its final form and you might encounter some errors. The Windows 8.1 Enterprise Preview actually builds on the Window 8.1 Preview with some extra, premium features meant for business users, involved around security, mobility, management and virtualization. IT professionals should hurry up and download the Windows 8.1 Enterprise Preview to get to play around with the OS.Link to Original Source
writes: The head of police for Moscow's subway system has said stations will soon be equipped with devices that can read the data on the mobile telephones of passengers. In the July 29 edition of "Izvestia," Moscow Metro police chief Andrei Mokhov said the device would be used to help locate stolen mobile phones. Mokhov said the devices have a range of about 5 meters and can read the SIM card. If the card is on the list of stolen phones, the system automatically sends information to the police. The time and place of the alert can be matched to closed-circuit TV in stations. "Izvestia" reported that "according to experts, the devices can be used more widely to follow all passengers without exception." Mokhov said it was illegal to track a person without permission from the authorities, but that there was no law against tracking the property of a company, such as a SIM card. — Submitter's Note: What is this all about? Is it really about detecting stolen phones/SIM cards, or is that a convenient 'cover story' for eavesdropping on people's private smartphone data while they wait to ride the subway? Also — if this scheme goes ahead, how long will it be before the U.S., Europe and other territories employ 'Devices' that do this, too? How long before your local bus stop or train terminal eavesdrops on your smartphone just like in the Russian model?Link to Original Source
writes: Last year when OpenSignalMaps reported that there were almost 4,000 distinct Android devices in use, people were pretty surprised at the number. Well prepared to be even more surprised as the number has trebled in just 12 months to 11,868 distinct Android devices, of which 47.5% are Samsung devices and which, in total, are running eight different versions of Android.Link to Original Source
writes: The world’s GPS system is vulnerable to hackers or terrorists who could use it to hijack ships – even commercial airliners. Todd Humphreys, a GPS expert at the University of Texas just completed a frightening real-time, real-life experiment that has exposed a huge potential hole in national security. Using a laptop, a small antenna and an electronic GPS “spoofer” built for $3,000, Humphreys and his team took control of the sophisticated navigation system aboard an $80 million, 210-foot super-yacht in the Mediterranean Sea. “We injected our spoofing signals into its GPS antennas and we’re basically able to control its navigation system with our spoofing signals,” Humphreys told Fox News.Link to Original Source
writes: Practically since OpenStack was started there has been discussion about whether it should fully support Amazon Web Services’ APIs. Doing so would make it easy to port applications between an OpenStack cloud and AWS. It would also let businesses easily build hybrid apps that run internally on an OpenStack cloud and on AWS. Cloudscaling’s Randy Bias has been vocal about his support of fidelity with AWS. He argues that there’s no hope for OpenStack in the public cloud market so it would do well to support interoperability with AWS and Google Compute Engine if it wants to hold on to the private cloud market. It’s true that interoperability with AWS would be good for OpenStack in the private cloud market. But it’s easier said than done.Link to Original Source
writes: The freezing tundra that was the North Pole is now home to a lake. A picture, obtained by the North Pole Environmental Observatory this week, shows a shocking wide-angled photograph of the location’s newest lake, possible evidence of global warming.
The photograph, taken by the observatory’s weather buoy-attached camera Monday, is reportedly a result of the longtime decline of sea ice in the region due to global warming and the more recent increase in land temperature. "Major changes in recent years are widespread, sustained and occurring faster than anticipated,” the National Oceanic and Atmospheric Administration said in a statement. “The minimum artic sea ice extent in 2012 was nearly half the values seen at the end of the last century The large environmental shifts in 2012 provide evidence of sustained arctic change."Link to Original Source
writes: Armin Ronacher writes a lengthy and informative post on the state of software licensing today, and why GitHub's policy of requiring users to pick a license from a license selector might not improve matters in the long run.Link to Original Source
writes: Next week at the Black Hat Briefings in Las Vegas, Fran Brown will release a modified RFID reader that can capture data from 125KHz low frequency RFID badges from up to three feet away. Previous RFID hacking tools must be within centimeters of a victim to work properly; Brown’s tool would allow an attacker or pen-tester to store the device inside a backpack and it would silently grab card data from anyone walking close enough to it.Link to Original Source