Forgot your password?
typodupeerror

+ - CNN iPhone App Sends iReporters' Passwords In The Clear->

Submitted by chicksdaddy
chicksdaddy (814965) writes "The Security Ledger reports on newly published research from the firm zScaler that reveals CNN's iPhone application — one of the leading mobile news apps — transmits user login session information in clear text. (https://securityledger.com/2014/07/cnn-app-leaks-passwords-of-citizen-reporters/). The security flaw could leave users of the application vulnerable to having their login credential snooped by malicious actors on the same network or connected to the same insecure wifi hotspot. That's particularly bad news if you're one of CNN's iReporters — citizen journalists — who use the app to upload photos, video and other text as they report on breaking news events, zScaler warned in a blog post.

According to a zScaler analysis (http://research.zscaler.com/2014/07/cnn-app-for-iphone.html), CNN's app for iPhone exposes user credentials in the clear both during initial setup of the account and in subsequent mobile sessions. The iPad version of the CNN app is not affected, nor is the CNN mobile application for Android. A spokesman for CNN said the company had a fix ready and was working with Apple to have it approved and released to the iTunes AppStore.

The privacy of journalists' private communications has never been more a risk. Reporters find themselves in the crosshairs of sophisticated hacking crews, often working at the beck and call of anti-democratic regimes. They have infiltrated the networks of newspapers like The New York Times and The Washington Post — often in search of confidential communications between reporters and policy makers or human rights activists. (http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html) Here in the U.S., the Obama Administration is aggressively pursuing Pulitzer Prize winning journalist James Risen of The New York Times in order to uncover the source for a chapter in his book State of War concerning a covert US operation against Iran. (http://www.npr.org/blogs/thetwo-way/2014/06/02/318214947/times-reporter-must-testify-about-source-court-decides)"

Link to Original Source

+ - When Google Sells Your Data, It Might Be Illegally Killing Your Phone's Battery

Submitted by Jason Koebler
Jason Koebler (3528235) writes "Personal information about you and your browsing, email, and app-using habits is regularly sent between apps on your Android phone, a potentially illegal practice that could be killing your battery life. A federal judge ruled that the claim, raised in a class action lawsuit against the company, "requires a heavily and inherently fact-bound inquiry."
That means that there's a good chance we're about to get a look into the ins and outs of Google's advertising backbone: what information is shared with who, and when."

+ - The daily harassment of women in the game industry->

Submitted by Anonymous Coward
An anonymous reader writes "Brianna Wu, leader of a game development studio, has an article exposing the constant harassment of women in the games industry. She says, "I’m not writing this piece to evoke your sympathy. I’m writing to share with you what prominent, successful women in the industry experience, in their own words." She goes through the individual stories of several women targeted by this vitriol, and tries to figure out why it happens. Quoting: "We live in a society that’s sexist in ways it doesn’t understand. One of the consequences is that men are extremely sensitive to being criticized by women. ... This is why women are socialized to carefully dance around these issues, disagreeing with men in an extremely gentle manner. Not because women are nicer creatures than men. But because our very survival can depend on it. ... Growing a thicker skin isn't the answer, nor is it a proper response. Listening, and making the industry safer for the existence of visible women is the best, and only, way forward.""
Link to Original Source

+ - UK to use Open Document Format for government documents->

Submitted by sfcrazy
sfcrazy (1542989) writes "UK has decided to use ‘open standards’ for sharing and viewing government documents. The announcement was made by the Minister for the Cabinet Office, Francis Maude. One of the primary objectives of this move is to create a level playing field for suppliers of all sizes. The move must put some pressure on Google to offer full support for ODF in Chrome, Android and Google Docs."
Link to Original Source

+ - Researcher Finds Hidden Data-Dumping Services in iOS

Submitted by Trailrunner7
Trailrunner7 (1100399) writes "There are a number of undocumented and hidden features and services in Apple iOS that can be used to bypass the backup encryption on iOS devices and remove large amounts of users’ personal data. Several of these features began as benign services but have evolved in recent years to become powerful tools for acquiring user data.

Jonathan Zdziarski, a forensic scientist and researcher who has worked extensively with law enforcement and intelligence agencies, has spent quite a bit of time looking at the capabilities and services available in iOS for data acquisition and found that some of the services have no real reason to be on these devices and that several have the ability to bypass the iOS backup encryption. One of the services in iOS, called mobile file_relay, can be accessed remotely or through a USB connection can be used to bypass the backup encryption. If the device has not been rebooted since the last time the user entered the PIN, all of the data encrypted via data protection can be accessed, whether by an attacker or law enforcement, Zdziarski said.

Zdziarski discussed his findings in a talk at the HOPE X conference recently and published the slides and paper, as well. The file_relay service has been in iOS for some time and originally was benign, but Zdziarski said that in recent versions it has turned into a tool that can dump loads of user data on command. The file_relay tool can dump a list of the email and social media accounts, the address book, the user cache folder, which contains screenshots, offline content, copy/paste data, keyboard typing cache and other personal data. The tool can also provide a log of periodic location snapshots from the device."

+ - What do WhiteHouse.gov and YouPorn.com have in common?->

Submitted by Anonymous Coward
An anonymous reader writes "Both sites use a new, extremely persistent type of online tracking called "canvas fingerprinting" that can't be blocked by standard Web browser privacy settings or even anti-tracking tools such as AdBlock Plus.

Companies are looking to this method to replace cookies as Web users increasingly rely on more sophisticated ad-blocking software."

Link to Original Source

+ - Court Fines French Blogger $3,400 For Her Negative Review Of Local Restaurant-> 1

Submitted by Anonymous Coward
An anonymous reader writes "Here's yet another business that, when confronted with a negative review, thought to itself, "Why not deter EVEN MORE potential patrons from ever considering setting foot in our establishment?" There are many ways to react to criticism, and Il Giardino, an Italian restaurant located in France, opted for "catastrophic."

        A food blogger in France has been fined 1500 euros ($2,040 USD) for writing a negative review of a restaurant. According to Arret Sur Images (translated), Caroline Doudet wrote an unflattering review of Il Giardino, an Italian restaurant in Cap-Ferret, France in August of 2013 on her blog Les Chroniques Culturelles. She was brought to court six months later by the restaurant.

Doudet's review is actually a blog post, one that would require readers to do a little digging to get past the normal review sites. As far as I can tell from the translation, Doudet portrayed the lousy service she encountered in a far more humorous fashion than most negative reviews, all the while clearly pointing out the deficiencies she encountered.

So, rather than address the issues, or simply disregard the single voice complaining about the three waitpersons apparently needed to acquire a single round of beverages (not to mention quality issues with the food [and service] past that point), Il Giardino decided to make its mégot mal a full-blown legal affair."

Link to Original Source

+ - Comcast Customer Service Rep Just Won't Take No For An Answer

Submitted by RevWaldo
RevWaldo (1186281) writes "The Verge and other sources post how AOL's Ryan Block ultimately succeeded in cancelling his Comcast account over the phone, but not before the customer service representative pressed him for eight solid minutes (audio) to explain his reasoning for leaving "the number one provider of TV and internet service in the country" in a manner that would cause a character in Glengarry Glen Ross to blanch. Comcast has as of now issued an apology."

+ - Stop DRIP: What The Data Retention and Investigatory Powers Bill Actually Means

Submitted by concertina226
concertina226 (2447056) writes "David Cameron has decided to rush through new emergency legislation known as the Data Retention and Investigatory Powers Bill (DRIP) into law this week, saying that there is an urgent need for better legislation since the European Court of Justice (ECJ) overturned the EU Data Retention Directive in April.

Some of the changes from the 2009 Data Retention Regulations potentially give the UK government more powers for monitoring our data, from allowing the UK government to give warrants to non-UK companies to issuing warrants to forum owners, online storage services like Dropbox and webmail providers."

+ - Prevalence of offshoring in the Information Security industry

Submitted by sundarvenkata
sundarvenkata (1214396) writes "After having been a regular (C# .NET, C++) code monkey in the US for 6 years now with readily offshoreable skills, I feel like I am fighting an uphill battle against third world wages. While I am not prepared for a drastic career change that will be completely incompatible with my Computer Science background, I was wondering if investing money and resources in getting a degree in Information Security would be worthwhile to get a job that can't easily be offshored.

I would welcome insights from the industry insiders on the level of offshoring that they have witnessed in this industry (in the US) and the barriers-to-entry for someone with an undergrad in Computer Science."

+ - 10000 year old drawings of aliens and UFOs found in caves of India->

Submitted by Anonymous Coward
An anonymous reader writes "The archeological department of the Indian state of Chattisgarh has found some interesting paintings in caves. They are now asking NASA, ISRO and other archeologists for help for more research into this. According to the folklore among the villages, the small sized aliens, who used to land from sky in a round shaped flying object and take away one or two persons of village who never returned.
Full story at
http://timesofindia.indiatimes..."

Link to Original Source

+ - Mozilla Releases Mozjpeg 2.0, Facebook Backs The JPEG Encoder With $60,000

Submitted by Anonymous Coward
An anonymous reader writes "Mozilla today announced the release of mozjpeg version 2.0. The JPEG encoder is now capable of reducing the size of both baseline and progressive JPEGs by 5 percent on average (compared to those produced by the standard JPEG library libjpeg-turbo upon which mozjpeg is based). Mozilla today also revealed that Facebook is testing mozjpeg 2.0 to see whether it can be used to improve the compression of images on Facebook.com. The company has even donated $60,000 to contribute to the ongoing development of the technology."

My computer can beat up your computer. - Karl Lehenbauer

Working...