×
Android

Submission + - Researchers Uncover Targeted Attack Campaign Using Android Malware (threatpost.com)

Submitted by Trailrunner7
Trailrunner7 writes: Android attacks have become all the rage in the last year or two, and targeted attacks against political activists in Tibet, Iran and other countries also have been bubbling up to the surface more and more often lately. Now those two trends have converged with the discovery of a targeted attack campaign that's going after Tibetan and Uyghur activists with a spear-phishing message containing a malicious APK file. Researchers say the attack appears to be coming from Chinese sources.

The new campaign began a few days ago when unknown attackers were able to compromise the email account of a well-known Tibetan activist. The attackers then used that account to begin sending a series of spear-phishing messages to other activists in the victim's contact list. One of the messages referred to a human rights conference in Geneva in March, using the recipients' legitimate interest in the conference as bait to get them to open the attachment. The malicious attachment in the emails is named "WUC's Conference.apk".

Submission + - Another Way Carriers Screw Customers: Premium SMS "Errors" (techcrunch.com)

Submitted by Anonymous Coward
An anonymous reader writes: No one likes their carrier. And with behaviour like this it's not surprising. TechCrunch catches T-Mobile taking money from a new pay-as-you-go customer after signing her up to its own premium horoscope text message service — and taking money before she's even put the SIM in the phone.
The Courts

Submission + - Brain scans predict which criminals are more likely to reoffend (nature.com)

Submitted by
ananyo
ananyo writes: "In a twist that evokes the dystopian science fiction of writer Philip K. Dick, neuroscientists have found a way to predict whether convicted felons are likely to commit crimes again from looking at their brain scans. Convicts showing low activity in a brain region associated with decision-making and action are more likely to be arrested again, and sooner.
The researchers studied a group of 96 male prisoners just before their release. They used functional magnetic resonance imaging (fMRI) to scan the prisoners’ brains during computer tasks in which subjects had to make quick decisions and inhibit impulsive reactions. The scans focused on activity in a section of the anterior cingulate cortex (ACC), a small region in the front of the brain involved in motor control and executive functioning. The researchers then followed the ex-convicts for four years to see how they fared. Among the subjects of the study, men who had lower ACC activity during the quick-decision tasks were more likely to be arrested again after getting out of prison, even after the researchers accounted for other risk factors such as age, drug and alcohol abuse and psychopathic traits."
Google

Submission + - Ask Slashdot: Are We in a Tech Bubble? (slashdot.org)

Submitted by
Nerval's Lobster
Nerval's Lobster writes: "When a major IT company pays a reported $30 million—roughly 90 percent of it in cash—for an iOS app with no monetization strategy and a million downloads since launch, is that a sign that the tech industry as a whole is riding a massive, overinflated bubble? That’s the amount of filthy lucre that Yahoo paid for 17-year-old Nick D’Aloisio’s Summly app, according to AllThingsD. The app offers “algorithmically generated summaries” (in its Website’s words) from hundreds of news sources across the Web, presented in an easy-to-read format; users can cherry-pick their topics and news sources of choice, save summaries for offline viewing, and share content with others. Yahoo isn't alone, by a long shot: over the past couple years, a few apps have been snatched up for enormous sums—think Facebook’s $1 billion acquisition of Instagram in 2012, or Google buying Sparrow for a reported $25 million. Nor has the money train stopped there: in a pattern that recalls the late-90s market frothiness for anyone over the age of 28, a handful of tech companies have either launched much-hyped IPOs or witnessed their share price skyrocket into the stratosphere. But does all this IPO activity and app-acquiring actually mean "bubble"?"
Windows

Submission + - Spanish Open Source Group Files Complaint Over Microsoft EUFI Boot (globalpost.com) 1

Submitted by sl4shd0rk
sl4shd0rk writes: Hispalinux, which represents Spanish Open Source developers and Users, has filed a complaint against Microsoft with the European Commision. 14 pages of grief cited Windows 8 as an "obstruction mechanism" calling EUFI Secure Boot a "de facto technological jail for computer booting systems ... making Microsoft's Windows platform less neutral than ever". on March 6 of 2012 the Commission fined Microsoft 561 million euros for failing to offer users a choice of web browser as well as a 2004 ruling which found M$ has abusted it's market position by tying Windows Media Player to Windows itself. Relations appear to remain more tense towards Windows in Europe so ther may be some hope of making EUFI more Linux friendly. EUFI has been implicated in the death of Samsung Laptops running Linux
Patents

Submission + - You Don't "Own" Your Own Genes (cornell.edu)

Submitted by olePigeon (Wik)
olePigeon (Wik) writes: Cornell University's New York based Weill Cornell Medical College issued a press release today regarding an unsettling trend in the U.S. patent system: Humans don't "own" their own genes, the cellular chemicals that define who they are and what diseases for which they might be at risk. Through more than 40,000 patents on DNA molecules, companies have essentially claimed the entire human genome for profit, report Dr. Christopher E. Mason of Weill Cornell Medical College, and the study's co-author, Dr. Jeffrey Rosenfeld, an assistant professor of medicine at the University of Medicine & Dentistry of New Jersey and a member of the High Performance and Research Computing Group, who analyzed the patents on human DNA. Their study, published March 25 in the journal Genome Medicine, raises an alarm about the loss of individual "genomic liberty."
Google

Submission + - Google Tests White Space Radio For Schools In South Africa (techweekeurope.co.uk)

Submitted by
judgecorp
judgecorp writes: "White space radio, which uses unused capacity in the TV broadcast spectrum, is being used by Google to connect schools in South Africa. The experimental project gives ten schools a wireless link to the Internet — while most white space applications are for low-speed "machine to machine" comms, this one is full speed (well, 2.5Mbps) broadband."
Google

Submission + - Google Gets "Ungoogleable" Removed From Swedish (itworld.com) 1

Submitted by
jfruh
jfruh writes: "The Swedish Language Council is a semi-official, government funded body that regulates, cultivates, and tracks changes to the Swedish language. Every year it releases a list of new words that have crept into Swedish, and one of 2012's entries was "ogooglebar" — "ungoogleable," meaning something that can't be found with a search engine. After Google demanded that the definition be changed and the Council add a disclaimer about Google's trademark, the Council has instead decided to remove the word from the list altogether."
The Courts

Submission + - 30 months in the slammer for man who pointed green laser at aircraft (networkworld.com)

Submitted by
coondoggie
coondoggie writes: "In a move federal prosecutors hope sends a strong message to the knuckleheads who point lasers at aircraft for fun, a California man was sentenced to 30 months in prison for shining one at two aircraft. According to the FBI Adam Gardenhire, 19, was arrested on March 29, 2012 and named in a two-count indictment filed in United States District Court in Los Angeles that said he pointed the beam of a laser at a private plane and a police helicopter that responded to the report."
Android

Submission + - Android Trojan Used in APT Attacks (securityweek.com)

Submitted by wiredmikey
wiredmikey writes: Targeted attacks against Tibetan and Uyghur activists are nothing new, but attackers appear to be expanding their arsenal of attack tools to the Android platform. While attacks against the activists in the past have targeted both Windows and Mac OS X-based platforms, researchers from Kaspersky Lab have discovered an APT that successfully leverages Android to compromise targets.

According to Kaspersky researchers, a high profile Tibetan activist had his email account hacked on March 24th, 2013. Attackers used the hacked account to send spear phishing emails to the victim’s contact list that included a malicious Android Package (APK) attachment named “WUC’s Conference.apk”, which if installed, creates a malicious app called ‘Conference’ on the Android desktop.

If the victim launches the malicious app, the malware silently contacts a C&C server and starts to harvest data including includes contacts, call logs. SMS messages, geolocation and other phone data such as phone number, OS version, phone model, and SDK version.

While there have been previous indications that these types of attacks were in development, this attack is perhaps the first in a new wave of targeted attacks aimed at Android users, Kaspersky noted in a blog post. “So far, the attackers relied entirely on social engineering to infect the targets. History has shown us that, in time, these attacks will use zero-day vulnerabilities, exploits or a combination of techniques.”
Security

Submission + - Ask Slashdot: Do it yourself security auditing websites/tools?

Submitted by Anonymous Coward
An anonymous reader writes: I am wondering if the Slashdot community can offer some resources for someone like myself who would like to make my websites more secure but who doesn't have any venture capital and can't pony up vast sums of money to professional testing. I'm a "prosumer" website builder, have a few sites that are mainly hobbies, but I would like to know that they're at least fairly robust. I'm thinking of the equivalent of a "dental clinic" where someone interested in the white hat security field might be willing to take on an audit for the experience and to build a resume. Or, tools such as websites that let you put in a password and see how long it takes to crack it. Or sites where you can put in a URL and it gets poked and prodded by a number of different cracker tools and a "score" is given. Ideally with suggestions on how to improve. Does anything like that exist? I'm not talking FBI/CIA level security, but just common-sense basics. I've _tried_ to use techniques that improve security, but I don't know how well they work. And I've realized that in the ever growing, fast changing field of computers I'm not going to ever get the knowledge I need to do this myself. I know there are software suites that allow you to sniff and test things on your own, but I'm afraid it's overwhelmingly foreign to me and I just feel like I can't reliably do this myself. Any ideas?
Government

Submission + - petition to require congressmen and senators to wear logos of sponsors (boingboing.net) 1

Submitted by arnodf
arnodf writes: Since most politicians' campaigns are largely funded by wealthy companies and individuals, it would give voters a better sense of who the candidate they are voting for is actually representing if the company's logo, or individual's name, was prominently displayed upon the candidate's clothing at all public appearances and campaign events. Once elected, the candidate would be required to continue to wear those "sponsor's" names during all official duties and visits to constituents. The size of a logo or name would vary with the size of a donation. For example, a $1 million dollar contribution would warrant a patch of about 4" by 8" on the chest, while a free meal from a lobbyist would be represented by a quarter-sized button. Individual donations under $1000 are exempt.

Link to we-the-people petition, 55000 signatures still needed.
Government

Submission + - Federal Reserve to Hire Chief Data Officer (informationweek.com)

Submitted by
CowboyRobot
CowboyRobot writes: "The Board of Governors of the Federal Reserve System wants to hire a chief data officer to usher the organization through the big data era, saying that the new CDO position should address everything from managing the massive quantity of data that the Fed is collecting and analyzing and sharing that data, making Fed employees more aware of what data is available, setting policies for data security and controls, and ensuring better data quality. Other government agencies have recently committed to CDO positions. The NIH announced in January that it planned to hire a new associate director for data science. The Federal Communications Commission has an agency-wide chief data officer as well as chief data officers for each FCC bureau. Other federal agencies that have chief data officers include the Army and the Consumer Financial Protection Bureau, and the Commodity Futures Trading Corporation."
Android

Submission + - Ask Slashdot: Getting apps to use the full power of the device.

Submitted by MurukeshM
MurukeshM writes: I have a 16 GB Nexus 4. I rarely manage to push the RAM usage above 1 GB (not counting cached processes). Yet I find it increasingly annoying when apps do stuff to save on RAM usage, such as having a browser reload a tab if I havent used it for a long time, instead of keeping it in memory or have an ebook reader load from storage instead of keeping the entire eBook in RAM. I know there are plenty of phones with far less memory, but when most of the RAM is unutilized, with more and more phones and tablets having 1GB+ RAM, isn't it time that apps check on available RAM and use optimizations accordingly? And it isn't only about RAM. Android by default only downloads one thing at a time, whether it be an app from Play Store or a file from a site. When connected to WiFi or 3G/LTE, there's no reason why multiple simultaneous downloads shouldn't be used. How do /. readers with high-end phones get the most out of their device? Are there custom ROMs which act more sensibly?
Linux

Submission + - The end is nigh for The Linux Game Tome (happypenguin.org)

Submitted by Sodki
Sodki writes: The Linux Game Tome, one of the most important websites related to video gaming in GNU/Linux, will shut down on the 13th of April, according to a news post published on the website. The decision was made due to the "lack both the time and the ambition to do what is necessary to keep the site afloat", which has resulted in "spam clogging the forums, lack of updates and increasing brokenness of the site". This might not be the end, though. The maintainers of The Linux Game Tome will make available a dump of the games database, so that anyone interested can cook up a new and updated version of the website, and a worthwhile effort will be considered for a transfer of ownership of the domain. The current source code of the website, which is from 1999, will not be available because "it is not fit for human consumption".
Google

Submission + - Free Software Camps Wading Into VP8 Patent Fight

Submitted by Anonymous Coward
An anonymous reader writes: As reported by Slashdot, Nokia recently notified the IETF that its RFC 6386 video codec (aka VP8, released by Google under a BSD license with a waiver of that company's patent rights) infringed several dozen of its patents; furthermore, Nokia was not inclined to license them under FRAND (fair, reasonable, and non-discriminating) terms. While the list provided by Nokia looks intimidating, Pamela Jones at Groklaw discovered that many appeared to be duplicates except for the country of filing; and even within a single country (e.g. the US), some appeared to be overlapping. In other words, there may be far fewer distinct patented issues than what appears on Nokia's IETF form. Thom Holwerda at OSNews also weighed in, recalling another case where sweeping patent claims by Qualcomm and Huawei against the Opus open source audio codec, which proved to be groundless FUD. The familiar name Florian Mueller pops up again in Holwerda's article.
Software

Submission + - Requirement is NOT implementation! (wordpress.com)

Submitted by
developersrant
developersrant writes: "“Requirement requirement requirement” as I whispered to myself while I sat around a board room table with 5 other fellow developers who anxiously tried to reach an agreement on how we will go about a Jira ticket. This happened at a recent sprint planning meeting. For a 2 weeks long sprint the planning session lasted 3 straight days and everyone was tired and wanted to move on. For each ticket there was a one sentence description and we had to come up with some kind of implementation details and then estimate using actual hours as story points. The reason for the lack of detailed requirement was that the product owner felt that we as developers should have more controls on how we go about the tickets hence prepared the vague requirements. Let me explain why the product owner is totally stupid and insane and only idiots will prepare each ticket with one sentence description."
Books

Submission + - Bezos Patenting 'Dumb' Tablets, Glasses, Windshields 2

Submitted by theodp
theodp writes: GeekWire reports on Amazon CEO Jeff Bezos' pending patent on remote displays that communicate with base stations and operate on wireless power. Reducing devices to mere screens with minimal storage that receive pre-rendered content (e.g., bitmap images), the patent application explains, eliminates the need for bulky batteries or processors, and employing techniques like electromagnetic or electrostatic induction allows one to cut the cord completely. Such remote displays, Amazon suggests, could find a home on college campuses (tablets), in your car (windshield displays or DVD players), and even on your face (eyeglasses).

Slashdot Top Deals