Forgot your password?
typodupeerror

+ - Researcher Finds Tor Exit Node Adding Malware to Downloads

Submitted by Trailrunner7
Trailrunner7 (1100399) writes "A security researcher has identified a Tor exit node that was actively patching binaries users download, adding malware to the files dynamically. The discovery, experts say, highlights the danger of trusting files downloaded from unknown sources and the potential for attackers to abuse the trust users have in Tor and similar services.

Josh Pitts of Leviathan Security Group ran across the misbehaving Tor exit node while performing some research on download servers that might be patching binaries during download through a man-in-the middle attack. Downloading any kind of file from the Internet is a dodgy proposition these days, and many users know that if they’re downloading files from some random torrent site in Syria or The Marshall Islands, they are rolling the dice. Malware runs rampant on these kinds of sites.

But the scenario that worries security experts much more involves an attacker being able to control the download mechanism for security updates, say for Windows or OS X. If an attacker can insert malware into this channel, he could cause serious damage to a broad population of users, as those update channels are trusted implicitly by the users’ and their machines. Legitimate software vendors typically will sign their binaries and modified ones will cause verification errors. What Pitts found during his research is that an attacker with a MITM position can actively patch binaries–if not security updates–with his own code.

In terms of defending against the sort of attack, Pitts suggested that encrypted download channels are the best option, both for users and site operators.

“SSL/TLSis the only way to prevent this from happening. End-users may want to consider installing HTTPS Everywhere or similar plugins for their browser to help ensure their traffic is always encrypted,” he said via email."

+ - Peter Kuran:Visual Effects Artist and Atomic Bomb Archivist->

Submitted by Lasrick
Lasrick (2629253) writes "Great interview with Peter Kuran, an animator of the original Star Wars and legendary visual effects artist. If you saw the recent remake of Godzilla, you saw stock footage from Atom Central, known on YouTube as “the atomic bomb channel.” Atom Central is the brainchild of Kuran, who among his many talents is an expert on archival films of the atmospheric testing era of 1945 to 1963. Combining his film restoration and photography expertise with his interest in nuclear history, he has also produced and directed five documentaries. He is currently working with Lawrence Livermore and Los Alamos National Laboratories to preserve and catalog images from the bomb-testing era, and to produce a technical handbook that will help people understand these images and the techniques used to create them. Awesome slideshow accompanies the article"
Link to Original Source

+ - The Queen's Data Center Gets A Royal Warrant->

Submitted by judgecorp
judgecorp (778838) writes "The hosting firm that holds the Queen of England's data has been granted a "Royal Warrant". This allows it to use the phrase "By Appointment to Her Majesty The Queen", and display the royal crest in public. The firm in question, Pulsant, has been working for the Royal Family for more than five years., and is understandably pleased with the marketing opportunities. "They are a very good customer," said somewhat-understated Pulsant CTO Matt Lovell."
Link to Original Source
PC Games (Games)

PCGamingWiki Looks Into Linux Gaming With 'Port Reports' 40

Posted by Soulskill
from the welcome-to-our-home dept.
AberBeta writes: PCGamingWiki contributor Soeb has been looking into the recent larger budget game releases to appear on Linux, including XCOM: Enemy Unknown and Borderlands: The Pre–Sequel produced by Mac porting houses Feral and Aspyr. Soeb reports that while feature parity is high, performance could be a bit better. Performance differences aside, the games are finally arriving on Linux — now the userbase needs to expand to make a virtuous cycle.
The Almighty Buck

How To Beat Online Price Discrimination 104

Posted by Soulskill
from the complain-until-they-give-it-to-you-for-free dept.
New submitter Intrepid imaginaut sends word of a study (PDF) into how e-commerce sites show online shoppers different prices depending on how they found an item and what the sites know about the customer. "For instance, the study found, users logged in to Cheaptickets and Orbitz saw lower hotel prices than shoppers who were not registered with the sites. Home Depot shoppers on mobile devices saw higher prices than users browsing on desktops. Some searchers on Expedia and Hotels.com consistently received higher-priced options, a result of randomized testing by the websites. Shoppers at Sears, Walmart, Priceline, and others received results in a different order than control groups, a tactic known as “steering.” To get a better price, the article advises deleting cookies before shopping, using your browser's private mode, putting the items in your shopping cart without buying them right away, and using tools like Camelcamelcamel to keep an eye out for price drops.

+ - Detritus from cancer cells may infect healthy cells->

Submitted by bmahersciwriter
bmahersciwriter (2955569) writes "Tiny bubbles of cell membrane — called exosomes — are shed by most cells. Long thought to be mere trash, researchers had recently noticed that they often contain short, regulatory RNA molecules, suggesting that exosomes may be one way that cells communicate with one another. Now, it appears that RNA in the exosomes shed by tumor cells can get into healthy cells and 'transform' them, putting them on the path to becoming cancerous themselves."
Link to Original Source

+ - Scout SV is British Army's Smart-Tank of the Future, to be Driven By Videogamers->

Submitted by concertina226
concertina226 (2447056) writes "The UK branch of global defence firm General Dynamics is working on a futuristic state-of-the-art smart-tank to replace the British Army's ageing armoured vehicle fleet, to be delivered to the Ministry of Defence (MoD) in 2020.

The Scout SV armoured vehicle is the first fully-digitised armoured fighting vehicle to have been built for the British Army, and is far bigger and more durable than any of its existing tanks, which are now at least 20 years old.

The tank comes in six variants that can be customised with a tools for different missions, and has numerous sensors, cameras, and sights to offer real-time intelligence on weather conditions, target acquisition, and reconnaissance — all crucial battlefield data required by commanders to access and direct situations."

Link to Original Source

+ - Tracking a Bitcoin Thief->

Submitted by Anonymous Coward
An anonymous reader writes "In a rare case of Bitcoin meets InfoSec: a small group of researchers were able to publish an investigative report on the hacking of a popular Bitcoin exchange earlier this year by the name of CryptoRush.in. Close to a million dollars stolen in crypto currency lead the group to discover evidence, track down the attacker and put together a timeline of what exactly happened. A captivating read for a community desensitized by thefts, hackings and lack of reporting. With pictures, and logs to prove it all."
Link to Original Source

+ - SMART begins live public robocar tests in Singapore today->

Submitted by Hallie Siegel
Hallie Siegel (2948665) writes "Robocar R&D is moving fast in Singapore, and this week, the National University of Singapore (NUS) announced they will be doing a live public demo of their autonomous golf carts over a course with 10 stops in the Singapore Chinese and Japanese Gardens. The public will be able to book rides online, and then summon and direct the vehicles with their phones. The vehicles will have a touch tablet where the steering wheel will go. Rides will be free, and will take place Oct. 23-25, Oct. 30-31 and Nov. 1. Brad Templeton shares his insight."
Link to Original Source

+ - Microsoft exec opens up about Research lab closure, layoffs->

Submitted by alphadogg
alphadogg (971356) writes "It's been a bit over a month since Microsoft shuttered its Microsoft Research lab in Silicon Valley as part of the company's broader restructuring that will include 18,000 layoffs. This week, Harry Shum, Microsoft EVP of Technology & Research, posted what he termed an "open letter to the academic research community" on the company's research blog.http://blogs.msdn.com/b/msr_er/archive/2014/10/21/harry-shum-open-letter-to-academic-research-community.aspx In the post, Shum is suitably contrite about the painful job cut decisions that were made in closing the lab, which opened in 2001. He also stresses that Microsoft will continue to invest in and value "fundamental research"."
Link to Original Source

+ - Tech firm fined USD 3500 for paying workers $1.21 per hour-> 1

Submitted by Anonymous Coward
An anonymous reader writes ""FREMONT — Electronics for Imaging paid several employees from India as little as $1.21 an hour to help install computer systems at the company's Fremont headquarters, federal labor officials said Wednesday.

"We are not going to tolerate this kind of behavior from employers," said Susana Blanco, district director of the U.S. Labor Department's wage and hour division in San Francisco.""

Link to Original Source

+ - Mark Zuckerberg Speaks Mandarin at Tsinghua University in Beijing 1

Submitted by HughPickens.com
HughPickens.com (3830033) writes "Abby Phillip reports at the Washington Post that that Mark Zuckerberg just posted a 30-minute Q&A at Tsinghua University in Beijing in which he answered every question exclusively in Chinese — a notoriously difficult language to learn and particularly, to speak. "It isn't just Zuckerberg's linguistic acrobatics that make this a notable moment," writes Philip. "This small gesture — although some would argue that it is a huge moment — is perhaps his strongest foray into the battle for hearts and minds in China." Zuckerberg and Facebook have been aggressively courting Chinese users for years and the potential financial upside for the business. Although Beijing has mostly banned Facebook, the company signed a contract for its first ever office in China earlier this year. A Westerner speaking Mandarin in China — at any level — tends to elicit joy from average Chinese, who seem to appreciate the effort and respect they feel learning Mandarin demonstrates. So how well did he actually do? One Mandarin speaker rates Zuckerberg's language skills at a seventh grader's speech: "It's hard not see a patronizing note in the Chinese audience's reaction to Zuckerberg's Mandarin. To borrow from Samuel Johnson's quip, he was like a dog walking on its hind legs: It wasn't done well, but it was a surprise to see it done at all.""
Privacy

Assange: Google Is Not What It Seems 250

Posted by timothy
from the mixed-motivations dept.
oxide7 (1013325) writes "In June 2011, Julian Assange received an unusual visitor: the chairman of Google, Eric Schmidt. They outlined radically opposing perspectives: for Assange, the liberating power of the Internet is based on its freedom and statelessness. For Schmidt, emancipation is at one with U.S. foreign policy objectives and is driven by connecting non-Western countries to Western companies and markets. These differences embodied a tug-of-war over the Internet's future that has only gathered force subsequently. Assange describes his encounter with Schmidt and how he came to conclude that it was far from an innocent exchange of views."

+ - WikiLeaks finally following other twitter users->

Submitted by Daniel_Stuckey
Daniel_Stuckey (2647775) writes "But yesterday, the account of 2.3 million followers started following Twitterers outside of its own family of accounts for what it told Motherboard was a “strategic reason.” WikiLeaks declined to elaborate further. I was alerted of the account’s sudden following spree by my roommate who’d excitedly told me he’d just been followed by and had sent it a thanks-for-following direct message, but alas, he hath yielded no response. The account is now following a large handful of international politicians and presidents, journalists, publishers, lawyers, whistleblower support and activist groups, including what appear to be all the Swedish embassies and ambassadors the account could manage to follow. Among its new followees is Googler-in-Chief, Eric Schmidt, the adversarial focus of Assange’s recently-published book, When Google Met WikiLeaks . At the time of this writing, WikiLeaks was following 1,491 people and counting fast."
Link to Original Source

+ - Assange: Google Is Not What It Seems->

Submitted by oxide7
oxide7 (1013325) writes "In June 2011, Julian Assange received an unusual visitor: the chairman of Google, Eric Schmidt. They outlined radically opposing perspectives: for Assange, the liberating power of the Internet is based on its freedom and statelessness. For Schmidt, emancipation is at one with U.S. foreign policy objectives and is driven by connecting non-Western countries to Western companies and markets. These differences embodied a tug-of-war over the Internet’s future that has only gathered force subsequently. Assange describes his encounter with Schmidt and how he came to conclude that it was far from an innocent exchange of views."
Link to Original Source

I bet the human brain is a kludge. -- Marvin Minsky

Working...