Forgot your password?
typodupeerror

Google News Sci Tech: Vulnerable To 'Heartbleed' Bug, Obamacare Subscribers Told To Change ... - Fox N->

From feed by feedfeeder

SFGate

Vulnerable To 'Heartbleed' Bug, Obamacare Subscribers Told To Change ...
Fox News Latino
WASHINGTON (AP) – People who have accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the...
Blame Heartbleed: HealthCare.gov requires users to change their passwordsPCWorld (blog)
US Gov't Changed Your HealthCare.gov Password Because of HeartbleedGizmodo
Obamacare Site Tells Users to Change Passwords, Because Heartbleed Sucks ... Bustle
KWTX-CNN (blog)-The Verge
all 208 news articles

Link to Original Source
Input Devices

Google's New Camera App Simulates Shallow Depth of Field 28

Posted by timothy
from the give-your-mom-an-easter-bokeh dept.
New submitter katiewilliam (3621675) writes with a story at Hardware Zone about a new feature that Google's working on for Android phones' built-in cameras: the illusion of shallow depth of field in phone snapshots, which typically err on the side of too much in focus, rather than too little. Excerpting: "The Google Research Blog [note: here's a direct link] revealed that there's quite a fair bit of algorithms running to achieve this effect; to put it in a nutshell, computer vision algorithms create a 3D model of the world based on the shots you have taken, and estimate the depth to every point in the scene."
Beer

Beer Price Crisis On the Horizon 152

Posted by timothy
from the overarmed-and-overreaching dept.
Rambo Tribble (1273454) writes "The aficionados of beer and distilled spirits could be in for a major price-shock, if proposals by the Food and Drug Administration come to pass. Currently, breweries are allowed to sell unprocessed brewing by-products to feed farm animals. Farmers prize the nutritious, low-cost feed. But, new rules proposed by the FDA could force brewers to implement costly processing facilities or dump the by-products as waste. As one brewer put it, "Beer prices would go up for everybody to cover the cost of the equipment and installation.""
Security

Heartbleed Used To Bypass 2-Factor Authentication, Hijack User Sessions 40

Posted by timothy
from the bleeding-from-the-ears dept.
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization's multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software.

"Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users," Mandiant's Christopher Glyer explained. "With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated."

After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

+ - Heartbleed Exploited to Bypass Two-factor Authentication, Hijack User Sessions->

Submitted by wiredmikey
wiredmikey (1824622) writes "Security nightmares sparked by the Heartbleed OpenSSL vulnerability continue. According to Mandiant, now a unit of FireEye, an attacker was able to leverage the Heartbleed vulnerability against the VPN appliance of a customer and hijack multiple active user sessions. The attack bypassed both the organization’s multifactor authentication and the VPN client software used to validate that systems connecting to the VPN were owned by the organization and running specific security software.

“Specifically, the attacker repeatedly sent malformed heartbeat requests to the HTTPS web server running on the VPN device, which was compiled with a vulnerable version of OpenSSL, to obtain active session tokens for currently authenticated users,” Mandiant’s Christopher Glyer explained. “With an active session token, the attacker successfully hijacked multiple active user sessions and convinced the VPN concentrator that he/she was legitimately authenticated."

After connecting to the VPN, the attacker attempted to move laterally and escalate his/her privileges within the victim organization, Mandiant said."

Link to Original Source

+ - Beer Price Crisis on the Horizon

Submitted by Rambo Tribble
Rambo Tribble (1273454) writes "The aficionados of beer and distilled spirits could be in for a major price-shock, if proposals by the Food and Drug Administration come to pass. Currently, breweries are allowed to sell unprocessed brewing by-products to feed farm animals. Farmers prize the nutritious, low-cost feed. But, new rules proposed by the FDA could force brewers to implement costly processing facilities or dump the by-products as waste. As one brewer put it, "Beer prices would go up for everybody to cover the cost of the equipment and installation.”"
Government

Russia Writes Off 90 Percent of North Korea Debt 101

Posted by timothy
from the just-passing-through dept.
jones_supa (887896) writes "In Russia, the State Duma (lower house) on Friday ratified a 2012 agreement to write off the bulk of North Korea's debt. It said the total debt stood at $10.96 billion as of Sept. 17, 2012. Russia sees this lucrative in advancing the plans to build a gas pipe and railroad through North to South Korea. The rest of the debt, $1.09 billion, would be redeemed during the next 20 years, to be paid in equal installments every six months. The outstanding debt owed by North Korea will be managed by Russia's state development bank, Vnesheconombank. Moscow has been trying to diversify its energy sales to Asia away from Europe, which, in its turn, wants to cut its dependence on oil and gas from the erstwhile Cold War foe. Russia's state-owned top natural producer Gazprom is dreaming shipping 10 billion cubic meters of gas annually through the Koreas. Russia has written off debts to a number of impoverished Soviet-era allies, including Cuba. North Korea's struggling communist economy is just 2 percent of the size of neighboring South's."
Technology

The Design Flaw That Almost Wiped Out an NYC Skyscraper 129

Posted by timothy
from the let's-not-blow-this-out-of-proportion dept.
Hugh Pickens DOT Com (2995471) writes "Joel Werner writes in Slate that when Citicorp Center was built in 1977 it was, at 59 stories, the seventh-tallest building in the world but no one figured out until after it was built that although the chief structural engineer, William LeMessurier, had properly accounted for perpendicular winds, the building was particularly vulnerable to quartering winds — in part due to cost-saving changes made to the original plan by the contractor. "According to LeMessurier, in 1978 an undergraduate architecture student contacted him with a bold claim about LeMessurier's building: that Citicorp Center could blow over in the wind," writes Werner. "LeMessurier realized that a major storm could cause a blackout and render the tuned mass damper inoperable. Without the tuned mass damper, LeMessurier calculated that a storm powerful enough to take out the building hit New York every 16 years." In other words, for every year Citicorp Center was standing, there was about a 1-in-16 chance that it would collapse." (Read on for more.)

+ - The Design Flaw That Almost Wiped Out an NYC Skyscraper

Submitted by Hugh Pickens DOT Com
Hugh Pickens DOT Com (2995471) writes "Joel Werner writes in Slate that when Citicorp Center was built in 1977 it was, at 59 stories, the seventh-tallest building in the world but no one figured out until after it was built that although the chief structural engineer, William LeMessurier, had properly accounted for perpendicular winds, the building was particularly vulnerable to quartering winds — in part due to cost-saving changes made to the original plan by the contractor. "According to LeMessurier, in 1978 an undergraduate architecture student contacted him with a bold claim about LeMessurier’s building: that Citicorp Center could blow over in the wind," writes Werner. "LeMessurier realized that a major storm could cause a blackout and render the tuned mass damper inoperable. Without the tuned mass damper, LeMessurier calculated that a storm powerful enough to take out the building hit New York every 16 years." In other words, for every year Citicorp Center was standing, there was about a 1-in-16 chance that it would collapse.

LeMessurier and his team worked with Citicorp to coordinate emergency repairs. With the help of the NYPD, they worked out an evacuation plan spanning a 10-block radius. They had 2,500 Red Cross volunteers on standby, and three different weather services employed 24/7 to keep an eye on potential windstorms. Work began immediately, and continued around the clock for three months. Welders worked all night and quit at daybreak, just as the building occupants returned to work. But all of this happened in secret, even as Hurricane Ella, the strongest hurricane on record in Canadian waters, was racing up the eastern seaboard. The hurricane became stationary for about 24 hours, and later turned to the northeast away from the coast. Hurricane Ella never made landfall. And so the public—including the building’s occupants—were never notified.

Until his death in 2007, LeMessurier talked about the summer of 1978 to his classes at Harvard. The tale, as he told it, is by turns painful, self-deprecating, and self-dramatizing--an engineer who did the right thing. But it also speaks to the larger question of how professional people should behave. "You have a social obligation," LeMessurier reminded his students. "In return for getting a license and being regarded with respect, you're supposed to be self-sacrificing and look beyond the interests of yourself and your client to society as a whole.""
Government

Declassified Papers Hint US Uranium May Have Ended Up In Israeli Arms 91

Posted by timothy
from the long-long-ago dept.
Lasrick (2629253) writes "Victor Gilinsky and Roger J. Mattson update their story on the NUMEC affair to take into account the recent release of hundreds of classified documents that shed additional light on the story. In the 1960s, the Nuclear Materials and Equipment Corporation (NUMEC) was found to be missing about a 100 pounds of bomb-grade uranium. Based on available evidence, Gilinsky and Mattson are convinced that the material ended up in Israel nuclear bombs. The newly release documents add more to the story, and Gilinsky and Mattson are calling on President Obama to declassify the remainder of the file."
Displays

For $20, Build a VR Headset For Your Smartphone 35

Posted by timothy
from the watch-movies-on-the-plane dept.
An anonymous reader writes "Not everyone can drop a few hundred dollars on a VR headset, but that doesn't mean they can't experience VR! For those with the time and a bit of handiwork skill, this DIY guide from guest writer Ohaple will show you how to make a smartphone-based VR headset for as little as $20. Along the way, you'll learn the hardware and software basics of a VR headset." This project screams for a ready-made commercial version; does anyone know of existing purpose-built headgear? As one of the comments on the linked tutorial says, Poppy seems close, but lacks an LED for tracking.

+ - Russia Writes Off 90 Percent Of North Korea Debt->

Submitted by jones_supa
jones_supa (887896) writes "In Russia, the State Duma lower house on Friday ratified a 2012 agreement to write off the bulk of North Korea's debt. It said the total debt stood at $10.96 billion as of Sept. 17, 2012. Russia sees this lucrative in advancing the plans to build a gas pipe and railroad through North to South Korea. The rest of the debt, $1.09 billion, would be redeemed during the next 20 years, to be paid in equal installments every six months. The outstanding debt owed by North Korea will be managed by Russia's state development bank, Vnesheconombank. Moscow has been trying to diversify its energy sales to Asia away from Europe, which, in its turn, wants to cut its dependence on oil and gas from the erstwhile Cold War foe. Russia's state-owned top natural producer Gazprom is dreaming shipping 10 billion cubic meters of gas annually through the Koreas. Russia has written off debts to a number of impoverished Soviet-era allies, including Cuba. North Korea's struggling communist economy is just 2 percent of the size of neighboring South's."
Link to Original Source

"The Amiga is the only personal computer where you can run a multitasking operating system and get realtime performance, out of the box." -- Peter da Silva

Working...