wiredmikey writes Researchers with RSA have discovered a Boleto malware (Bolware) ring that compromised as many as 495,753 Boleto transactions during a two-year period. Though it is not clear whether the thieves successfully collected on all of the compromised transactions, the value of those transactions is estimated to be worth as much as $3.75 billion. A Boleto is essentially a document that allows a customer to pay an exact amount to a merchant. Anyone who owns a bank account — whether a company or an individual — can issue a Boleto associated with their bank. The first signs of its existence appeared near the end of 2012 or early 2013, when it began to be reported in the local news media," according to the report (PDF). "The RSA Research Group analyzed version 17 of the malware, gathering data between March 2014 and June 2014. The main goal of Boleto malware is to infiltrate legitimate Boleto payments from individual consumers or companies and redirect those payments from victims to fraudster accounts."

MojoKid writes One of the trickiest aspects to launching a new platform update is the chicken and egg problem. Without any hardware to test on, developers are leery of committing to supporting new hardware features. Without software that takes advantage of new hardware capabilities, customers aren't willing to pay for new equipment. This is the crux of the issue with respect to the ARMv8 architecture and enabling development for 64-bit Android platforms. As such ARM is readying their Juno development platform that combines several of ARM's most advanced technologies on a single board. The product supports big.Little in an asymmetric configuration; each board ships with two Cortex-A57s, four Cortex-A53s, and a modest Mali T-624 core. All this hardware needs an OS to run on — which is why ARM is announcing a 64-bit port of Android as part of this new development board. By including AOSP support as well as additional hooks and features from Linaro, ARM wants Juno to be a sort-of one-stop shopping product for anyone who needs to test, prototype, or design a 64-bit product for the ARM ecosystem. The Android flavor that's coming over is based on Linaro Stable Kernel 3.10. At launch, Juno will support OpenGL-ES 3.0, on-chip thermal and power management, up to 8GB of RAM (12.8GB/s of bandwidth), an optional FPGA, and USB 2.0. OpenCL 1.1 will be added in a future product update. The project is positioned as a joint ARM / Linaro launch with ARM handling the hardware and Linaro taking responsibility for the software stack.

dcblogs writes Microsoft has joined a Linux Foundation effort to create an open platform for the Internet of Things. The AllSeen Alliance is an effort to standardize device communications. The code that it champions, called AllJoyn, was initially developed by Qualcomm but was subsequently made open source. Big vendors have been recruited to support it, and the AllSeen Alliance now includes LG, Panasonic, Sharp and Haier, among others. Its Xbox gaming platform is seen as a potential hub or control center for home devices. Microsoft's leadership in computing "and its significant Xbox business make it a potentially important contributor to the AllSeen ecosystem," said said Andy Castonguay, an analyst at Machina Research, a Reading, England-based research firm focusing on machine-to-machine (M2M) communications and the Internet of Things.

An anonymous reader writes There's an independent agency within the U.S. government called the Privacy and Civil Liberties Oversight Board. Their job is to weigh the benefits of government actions — like stopping terrorist threats — against violations of citizens' rights that may result from those actions. As you might expect, the NSA scandal landed squarely in their laps, and they've compiled a report evaluating the surveillance methods. As the cynical among you might also expect, the Oversight Board gave the NSA a pass, saying that while their methods were "close to the line of constitutional reasonableness," they were used for good reason. In the completely non-binding 191-page report (PDF), they said, "With regard to the NSA's acquisition of 'about' communications [metadata], the Board concludes that the practice is largely an inevitable byproduct of the government's efforts to comprehensively acquire communications that are sent to or from its targets. Because of the manner in which the NSA conducts upstream collection, and the limits of its current technology, the NSA cannot completely eliminate 'about' communications from its collection without also eliminating a significant portion of the 'to/from' communications that it seeks."

colinneagle writes: Airlines have seen almost no increase in the use of smartphones, tablets, and laptops among passengers since the Federal Aviation Administration ruled in October that they are now allowed to do so during takeoff and landing, a recent study found. Over a four month period observed by DePaul University's Chaddick Institute for Metropolitan Development this year, 35.9% of passengers used mobile devices at any point during the flight. In last year's study, while flight attendants still patrolled the aisles for devices that hadn't been shut off, 35.3% of passengers used devices during flight. Chaddick Institute director Joseph Schwieterman said many people may not be interested in using their mobile devices in-flight, and are simply excited for an opportunity to "use the time to sleep and chill out." Another contributing factor is the stipulation to the FAA's rule that still bans the use of smartphones for making phone calls or send text messages, the report noted. That may change soon, however. The FAA recently received public comment on a proposal to lift its ban on in-flight cellphone communications service, which has been in place since 1991.

Lucas123 writes: A company in China has used additive manufacturing to print 10 single-room buildings out of recycled construction materials in under a day as offices for a Shanghai industrial park. The cost: about $5,000 each. The company, Suzhou-based Yingchuang New Materials, used four massive 3D printers supplied by the WinSun Decoration Design Engineering Co. Each printer is 20 feet tall, 33 feet wide and 132 feet long. Like their desktop counterparts, the construction-grade 3D printers use fused deposition modeling (FDM), where instead of thermoplastics layer after layer of cement is deposited atop one another. The cement contains hardeners that make each layer firm enough for the next. Yingchuang's technique builds structures off site in a factory one wall at a time. The structures are then assembled onsite. The technique is unlike U.S.-based Contour Crafting, a company whose 3D printing technology to form the entire outer structure of buildings at once, The Yingchuang factory and research center, a 33,000 square foot building, was also constructed using the 3D printing manufacturing technique. It only took one month to construct.

Project Tango is part of Google's Advanced Technology and Projects group (ATAP), which Wikipedia says was "...formerly a division of Motorola." Tango's goal is "to give mobile devices a human-scale understanding of space and motion." We humans and our forebears have spent millions of years learning to sense our surroundings, not as a set of static 2D images, but in 3D with motion. This YouTube video starring Johnny Lee, the Tango project lead Tim interviewed at Google I/O 2014, gives you some decent insight into Project Tango's goals -- in addition to our video, that is. (Alternate Slashdot Video Link)

the simurgh writes: As many who follow the Kim Dotcom saga know, New Zealand police seized his encrypted computer drives in 2012, copies of which were illegally passed to the FBI. Fast-forward to 2014: Dotcom wants access to the seized but encrypted content. A New Zealand judge has now ruled that even if the Megaupload founder supplies the passwords, the encryption keys cannot be forwarded to the FBI.

Albanach writes: In 2007, the BBC's economics editor, Robert Peston, penned an article on the massive losses at Merrill Lynch and the resulting resignation of their CEO Stan O'Neal. Today, the BBC has been notified that the 2007 article will no longer appear in some Google searches made within the European Union, apparently as a result of someone exercising their new-found "right to be forgotten." O'Neal was the only individual named in the 2007 article. While O'Neal has left Merrill Lynch, he has not left the world of business, and now holds a directorship at Alcoa, the world's third largest aluminum producer with $23 billion in revenues in 2013.

llebeel writes Philips has shown off its Ethernet-powered connected lighting, which can transmit data to mobile devices through light via embedded code. Arriving in the form of LED "luminaires," Philips' connected office lighting will aim to not only save businesses money on energy costs, but also serve as a means of providing information and data about the general running of a building, transmitted through light, to improve the overall efficiency of business infrastructure. Philips' Onno Willemse said, "Over the light, we can project a code — its number, its IP address, its MAC address — making each fixture unique and recognizable. We can also receive that light on our mobile phones, so if you hold the lens of a mobile device under the luminaire, it actually reads the code and makes a connection to it over WiFi."

New submitter faderrider (3726665) writes I work in the healthcare design industry and our firm is looking to get away from using paper during our design meetings. My first thought was to load our reports and plans on a tablet, bring a half dozen or so tablets for attendees and somehow create a local ad hoc network that would allow them to view my desktop. A little more thinking brought me to consider the value of attendees being able to mark up documents on their own, or take control of what is being viewed to talk through ideas. Is anyone else out there doing something like this and if so what are you implementing? Specifically the challenges i see are creating the local network, establishing share/control relationships between tablets and managing any documentation markups attendees may make during the meeting. I am also looking at the Samsung 10.1 as the hardware but would be interested in any recommendations. I can also provide, most of the time, web access via my phone but would prefer not to rely on a service like WebEx or JoinMe.

vortex2.71 (802986) writes Amazon is suing a former employee of its cloud services division after he took a similar position at Google. The interesting aspect of the lawsuit is that Google is choosing to vigorously defend the lawsuit, so this is a case of Goliath vs. Goliath rather than David vs. Goliath. According to court documents, Zoltan Szabadi left a business-development position at Amazon Web Services for Google's Cloud Platform division. Szabadi's lawyer responded by contending that, while Szabadi did sign a non-compete agreement, he would only use his general knowledge and skills at Google and would not use any confidential information he had access to at Amazon. He also believes Amazon's confidentiality and non-compete agreements are an unlawful business practice.

After some speculation yesterday about the winner of the auction for the first block of bitcoins seized from the Silk Road, the winner went ahead and made his identity public. Tim Draper has won the U.S. Marshals bitcoin auction and is partnering with Vaurum to provide bitcoin liquidity in emerging markets. ... Tim offered this in a statement: “Bitcoin frees people from trying to operate in a modern market economy with weak currencies. With the help of Vaurum and this newly purchased bitcoin, we expect to be able to create new services that can provide liquidity and confidence to markets that have been hamstrung by weak currencies. Of course, no one is totally secure in holding their own country’s currency. We want to enable people to hold and trade bitcoin to secure themselves against weakening currencies.”

mpicpp (3454017) writes with news that Google is expanding its online music services through acquisition. From the article: Songza focuses on playlists curated by music experts that are designed for specific activities or occasions and then suggested to specific listeners based on seven points of context: day of week, time of day, the device used being used, weather, location, what the particular listener has done before with the service considering those previous five points, and then what all other Songza listeners have done before given the first five context points.

rtoz (2530056) writes Whenever there is a major spill of oil into water, the two tend to mix into a suspension of tiny droplets, called an "emulsion." It is extremely hard to separate them, and they can cause severe damage to ecosystems. Now, MIT researchers have discovered a new, inexpensive way of getting the two fluids apart again. This new approach uses membranes with hierarchical pore structures. The membranes combine a very thin layer of nanopores with a thicker layer of micropores to limit the passage of unwanted material while providing strength sufficient to withstand high pressure and throughput.

oever (233119) writes with news that WebODF (an Open Document Format editor written entirely using Javascript and natively rendering the XML document using CSS) 0.5.0 has been released, and the developers are declaring this release stable enough for every day use. TheMukt chides Google for not supporting the OpenDocument Format well and claims that the newly released WebODF 0.5.0 in combination with ownCloud is the answer to this deficiency. A WebODF developer blog highlights all the goodies in the first WebODF release where the text editor is considered stable and made available as an easy to use component. These include extensive benchmarking, unit testing, and advanced HTML5 techniques to give the editor a native feel. There's also touch screen support, and better support for real-time collaborative editing. A demo shows off a few of the features.

jfruh (300774) writes Tech writer Tyler Hayes had never come close to hitting the 250 GB monthly bandwidth cap imposed by Cox Cable — until suddenly he was blowing right through it, eating up almost 80 GB a day. Using the Mac network utility little snitch, he eventually tracked down the culprit: a screensaver on his new Kindle Fire TV. A bug in the mosaic screensaver caused downloaded images to remain uncached.

mrspoonsi (2955715) writes with this excerpt from the BBC: ISPs from the U.S., UK, Netherlands, and South Korea have joined forces with campaigners Privacy International to take GCHQ to task over alleged attacks on network infrastructure. It is the first time that GCHQ has faced such action. The ISPs claim that alleged network attacks, outlined in a series of articles in Der Spiegel and the Intercept, were illegal and "undermine the goodwill the organizations rely on." The complaint (PDF).

An anonymous reader writes: Traffic engineers had a problem to solve: too many pedestrians were getting hit by cars while using the crosswalks at intersections because they didn't know when the 'WALK' sign would change. Their solution was simple: implement a countdown timer. Countless cities have now adopted these timers, but it turns out to have an undesired consequence: motor vehicle crashes are actually increasing at intersections where the countdown timer is used. Researchers think this is because pedestrians aren't the only ones who see the timers. Drivers see them too, and it provides them with information on when the light will change. Then they anticipate the change by either speeding up to beat a change to red light, or anticipating a green light in order to get through before the pedestrians can move into the road. The researchers suggest finding some way to hide the countdown from the drivers, perhaps through the use of an audio countdown that would be difficult to hear from inside a car.

sciencehabit writes: In North America, they're called Bigfoot or Sasquatch. In the Himalayan foothills, they're known as yeti or abominable snowmen. And Russians call them Almasty. But in the scientific laboratory, these elusive, hairy, humanoid creatures are nothing more than bears, horses, and dogs. That's the conclusion of a new study—the first peer-reviewed, genetic survey of biological samples claimed to be from the shadowy beasts. To identify the evolutionary source of each sample, the team determined the sequence of a gene—found inside the mitochondria of cells—that encodes the 12S RNA, which is often used for species identification. Unlike standard DNA, mitochondrial genes are passed only from mother to offspring.

Seven of the samples didn’t yield enough DNA for identification. Of the 30 that were sequenced, all matched the exact 12S RNA sequences for known species, the team reports online today in the Proceedings of the Royal Society B. Ten hairs belonged to various bear species; four were from horses; four were from wolves or dogs; one was a perfect match to a human hair; and the others came from cows, raccoons, deer, and even a porcupine. Two samples, from India and Bhutan, matched polar bear 12S RNA—a surprising finding that Sykes is following up on to determine whether some Himalayan bears are hybrid species with polar bears.

New submitter Aryeh Goretsky writes: The IEEE Standards Assocation has launched an Anti-Malware Support Service to help the computer security industry respond more quickly to malware. The first two services available are a Clean file Metadata Exchange (PDF), to help prevent false positives in anti-malware software, and a Taggant System (PDF) to help prevent software packers from being abused. Official announcement is available at the offical website."

MojoKid writes with news that Microsoft has announced the opening of a 'Transparency Center' at their Redmond campus, a place where governments who use Microsoft software can come to review the source code in order to make sure it's not compromised by outside agencies. (The company is planning another Transparency Center for Brussels in Belgium.) In addition, Microsoft announced security improvements to several of its cloud products: As of now, Outlook.com uses TLS (Transport Layer Security) to provide end-to-end encryption for inbound and outbound email — assuming that the provider on the other end also uses TLS. The TLS standard has been in the news fairly recently after discovery of a major security flaw in one popular package (gnuTLS), but Microsoft notes that it worked with multiple international companies to secure its version of the standard. Second, OneDrive now uses Perfect Forward Secrecy (PFS). Microsoft refers to this as a type of encryption, but PFS isn't a standard like AES or 3DES — instead, it's a particular method of ensuring that an attacker who intercepts a particular key cannot use that information to break the entire key sequence. Even if you manage to gain access to one file or folder, in other words, that information can't be used to compromise the entire account.