Forgot your password?
typodupeerror

Submission Summary: 0 pending, 20 declined, 10 accepted (30 total, 33.33% accepted)

+ - Smithsonian Releasing 3D Models of Artifacts

Submitted by plover
plover (150551) writes "The Seattle Times reports "the Smithsonian Institution is launching a new 3D scanning and printing initiative to make more of its massive collection accessible to schools, researchers and the public worldwide. A small team has begun creating 3D models of some key objects representing the breadth of the collection at the world's largest museum complex. Some of the first 3D scans include the Wright brothers' first airplane, Amelia Earhart's flight suit, casts of President Abraham Lincoln's face during the Civil War and a Revolutionary War gunboat. Less familiar objects include a former slave's horn, a missionary's gun from the 1800s and a woolly mammoth fossil from the Ice Age. They are pieces of history some people may hear about but rarely see or touch."

So far they have posted 20 models on the site, with the promise of much more to come."

+ - Why iFingerprinting Makes You Legally Unsafe->

Submitted by plover
plover (150551) writes "Mark Rasch, an attorney specializing in privacy and security law, has taken a look at using the iPhone's fingerprint access to protect your privacy. He believes that you can sometimes be compelled by a court to provide your password to unlock an encrypted file, depending on the circumstances. But you can always be compelled to provide your fingerprints, and that the Supreme Court has repeatedly affirmed there is no Fifth Amendment protection against it. That means if you lock your phone with only a fingerprint, the government will almost certainly be able to compel you to unlock it. If you lock it with a passcode, there's a chance you can refuse to provide it under the Fifth Amendment.

The new iPhone 5s’s biometric fingerprint scanner can actually put consumers (or merchants, for that matter) in a worse position legally than the previous four-digit PIN. In fact, the biometric can open the contents of a consumer’s phone and any linked payment systems, accounts or systems—including contacts, email and documents—less legally protected than the simple passcode. This is because the law may treat the biometric (something you are) differently from a password (something you know).

"

Link to Original Source
Government

+ - FinSpy Commercial Spyware Abused By Governments

Submitted by plover
plover (150551) writes "The NY Times has this story about FinSpy, a commercial spyware package sold "only for law enforcement purposes" being used by governments to spy on dissidents, journalists, and others, and how two U.S. computer experts, Morgan Marquis-Boire from Google, and Bill Marczak, a PhD student in Computer Science, have been tracking it down around the world."
The Military

+ - Iran Admits Stuxnet Impacted Their Nuclear Program->

Submitted by plover
plover (150551) writes "According to this article in the Guardian,

Ahmadinejad admitted the worm had affected Iran's uranium enrichment. "They succeeded in creating problems for a limited number of our centrifuges with the software they had installed in electronic parts," the president said. "They did a bad thing. Fortunately our experts discovered that, and today they are not able [to do that] anymore."

"

Link to Original Source

+ - Ars Technica Forums Abused by Phishers

Submitted by plover
plover (150551) writes "Some Ars Technica members received phishing attempts purporting to be from SunTrust this morning. Here's the posting on the Ars forum explaining what happened.

It seems that many users received phishing attempts to Ars only email addresses this morning. We're working on it and will update this post when we find something out.

We believe that our previous forum provider has some exploit that allows people to send messages to private email addresses through their servers. Every report we've seen has originated at one of their web front ends. If we are correct, your email addresses have not been compromised. It's obviously pretty bad to be getting phishing attempts forwarded through someone else, but not quite as bad as if an email DB had been jacked or something.

We have emails out to them. There's a chance we won't hear back for a couple of hours since they're on pacific time, but we're doing what we can.

That's got to be one stupid phisherman to try phishing from the members of Ars Technica."

+ - US Admits Most Piracy Estimates Are Bogus

Submitted by plover
plover (150551) writes "According to this article on Ars Technica, the GAO admitted that the estimates of the impact of piracy have no basis in fact.

After examining all the data and consulting with numerous experts inside and outside of government, the Government Accountability Office concluded that it is "difficult, if not impossible, to quantify the economy-wide impacts."

"
Government

+ - Senate Votes to Replace Aviation Radar With GPS-> 1

Submitted by plover
plover (150551) writes "The U.S. Senate today passed by a 93-0 margin a bill that would implement the FAA's NextGen plan to replace aviation radar with GPS units. It will help pay for the upgrade by increasing aviation fuel taxes on private aircraft. It will require two inspections per year on foreign repair stations that work on U.S. planes. And it will ban pilots from using personal electronics in the cockpit. This just needs to be reconciled with the House version and is expected to soon become law. This was discussed on Slashdot a few years ago."
Link to Original Source

+ - Do your developers have local admin rights? 6

Submitted by plover
plover (150551) writes "I work as a developer for a Very Large American Corporation. We are not an IT company, but have a large IT organization that does a lot of internal development. In my area, we do Windows development, which includes writing and maintaining code for various services and executables. A few years ago the Info Security group removed local administrator rights from most accounts and machines, but our area was granted exceptions for developers. My question is: do other developers in other large companies have local admin rights to their development environment? If not, how do you handle tasks like debugging, testing installations, or installing updated development tools that aren't a part of the standard corporate workstation?"
Security

+ - Wal-mart Hacked in 2006, Details in Wired

Submitted by plover
plover (150551) writes "Kim Zetter of Wired documents an extensive hack of Wal-Mart that took place in 2005-2006. She goes into great detail about the investigation and what the investigators found, including that the hackers made copies of their point-of-sale source code, and that they ran l0phtCrack on a Wal-Mart server.

Wal-Mart uncovered the breach in November 2006, after a fortuitous server crash led administrators to a password-cracking tool that had been surreptitiously installed on one of its servers. Wal-Mart’s initial probe traced the intrusion to a compromised VPN account, and from there to a computer in Minsk, Belarus.

Wal-mart has long since fixed the flaws that allowed the compromise, and confirmed that no customer data was lost in the hack."

Security

+ - Ex-CIO Blames Microsoft For Security Breach

Submitted by plover
plover (150551) writes "Hannaford is a grocery store chain who lost 4.2 million credit card numbers earlier this year as a result of a security breach. Their former CIO is directly blaming their use of Microsoft as the reason they were breached.

"None of the breach was anything related to Linux. All of it was Microsoft."

Asked whether he believed that Microsoft is less secure because it's truly less secure software or whether its overwhelming marketshare makes it a cyber thief target, Homa said it was the other way around. Microsoft's marketshare is not what attracts so many attackers. "Microsoft is so full of holes. That's why it's still a target," he said.

"
Security

+ - Hannaford's CIO Blames Data Breach on Microsoft->

Submitted by plover
plover (150551) writes "Hannaford is a grocery store chain who lost 4.5 million credit card numbers as a result of a security breach. Their former CIO is directly blaming their use of Microsoft as the reason they were breached.

Homa has become a fan of simplification in battling security. "We used a lot of Linux," Homa said. "None of the breach was anything related to Linux. All of it was Microsoft."

Asked whether he believed that Microsoft is less secure because it's truly less secure software or whether its overwhelming marketshare makes it a cyber thief target, Homa said it was the other way around. Microsoft's marketshare is not what attracts so many attackers. "Microsoft is so full of holes. That's why it's still a target," he said.

Would he counsel other CIOs to avoid Microsoft like the plague? "That's what I'd do. If you limit your exposure to Microsoft, you're going to be in a more secure environment," he said, adding that Microsoft's philosophy is decentralized, forcing IT to manage more points. That means more license fees for Microsoft and more potential security gotchas for the CIO. "Hence, you see my aversion to Microsoft."

"

Link to Original Source

"Only the hypocrite is really rotten to the core." -- Hannah Arendt.

Working...