Forgot your password?

+ - Dyreza Banker Trojan Can Bypass SSL, Two-Factor Authentication 1

Submitted by Trailrunner7
Trailrunner7 (1100399) writes "Banker Trojans have proven to be reliable and effective tools for attackers interested in quietly stealing large amounts of money from unwitting victims. Zeus, Carberp and many others have made piles of money for their creators and the attackers who use them, and researchers have been looking at a newer banker Trojan that has the ability to bypass SSL protection for banking sessions by redirecting traffic through the attackers’ own domains.

The Trojan, which is being called either Dyre or Dyreza by researchers, uses a technique known as browser hooking to intercept traffic flowing between the victim’s machine and the target Web site. The malware arrives in users’ inboxes through spam messages, many of which will look like messages from a financial institution. The list of targeted banks includes Bank of America, Natwest, Citibank, RBS and Ulsterbank. Researchers say that much of the activity from the Trojan so far is in the U.K.

“The traffic, when you browse the Internet, is being controlled by the attackers. They use a MiTM (Man in The Middle) approach and thus are able to read anything, even SSL traffic in clear text. This way they will also try to circumvent 2FA,” an analysis by Peter Kruse at CSIS says."

Comment: Patents vs. the laws of physics (Score 1) 121

by tomek.bury (#42346781) Attached to: The Mark Cuban Chair To Eliminate Stupid Patents
Patent law demands the people to defy the laws of physics. It's obvious from the court cases that examining the true meaning, depth and breadth of a single patent can take months or years. On the other hand USPTO granted 247,713 patents in 2011 alone. Assuming a full-time job (240 working days and 8 hours a day) this equates to 129 patents per hour. It's physically impossible to even read the monopoly rights granted to patent holders. Even if that was possible it's still impossible to analyse and understand the selected patents that my be related to the line of business. Even if that was possible the language used in paten applications make impossible to judge the validity and extend of the patent protection. Can an inventor or small company be held responsible for not defying the laws of physics? I'm not talking about the negligence. It's physically impossible to keep up with the current rate of patent granting. Would that be a sufficient defence line?

+ - "No Power for the Parliament" warns EPO examiners 2

Submitted by zoobab
zoobab (201383) writes "The Staff Union of the EPO (SUEPO) sent a letter to the President of the European Parliament, Jerzy Buzek, warning of risks for the European Parliament to be "circumvented" as a legislator when the EU will accede to the European Patent Convention (EPC). The European Patent Organisation is everything except a model of democracy: national patent offices are in power, there is no parliament involved in the decision making process, and diplomatic conferences are held behind closed doors. There are plans to create a central patent court in Europe, which would operate in a democratic vacuum, as it would not be counterbalanced by any legislative assembly, let alone the European Parliament. Such central patent court could also validate software patents via caselaw (as it was recently done with the Microsoft FAT patent by the German Supreme Court), and Microsoft, IBM or SAP are lobbying in Brussels not to reopen the software patent directive."

White dwarf seeks red giant for binary relationship.