OverTheGeicoE - Slashdot User

Submission + - Google has demonstrated a successful practical attack against SHA-1 (googleblog.com)

Submitted by Artem Tashkinov on Thursday February 23, 2017 @11:34AM

Artem Tashkinov writes: Ten years after of SHA-1 was first introduced, Google has announced the first practical technique for generating an SHA-1 collision. It required two years of research between the CWI Institute in Amsterdam and Google. As a proof of the attack, Google has released two PDF files that have identical SHA-1 hashes but different content. The amount of computations required to carry out the attack is staggering: nine quintillion (9,223,372,036,854,775,808) SHA1 computations in total which took 6,500 years of CPU computation to complete the attack first phase and 110 years of GPU computation to complete the second phase.

Google says that people should migrate to newer hashing algorithms like SHA-256 and SHA-3, however it's worth noting that there are currently no ways of finding a collision for both MD5 and SHA-1 hashes simultaneously which means that we still can use old proven hardware accelerated hash functions to be on the safe side.

Submission + - World's only sample of 'holy grail' metallic hydrogen lost in laboratory mishap (ibtimes.co.uk)

Submitted by drunkdrone on Thursday February 23, 2017 @08:10AM

drunkdrone writes: A piece of rare meta poised to revolutionise modern technology and take humans into deep space has been lost in a laboratory mishap. The first and only sample of metallic hydrogen ever created on earth was the rarest material on the planet when it was developed by Harvard scientists in January this year, and had been dubbed "the holy grail of high pressure physics".

The metal was created by subjecting liquid hydrogen to pressures greater that those at the centre of the Earth. At this point, the molecular hydrogen breaks down and becomes an atomic solid.

Scientists theorised that metallic hydrogen – when used as a superconductor – could have a transformative effect on modern electronics and revolutionise medicine, energy and transportation, as well as herald in a new age of consumer gadgets.

Sadly, an attempt to study the properties of metallic hydrogen appears to have ended in catastrophe after one of the two diamonds being used like a vice to hold the tiny sample was obliterated.

Submission + - Judge Rules Against Forced Fingerprinting

Submitted by Anonymous Coward on Thursday February 23, 2017 @07:06AM

An anonymous reader writes: A federal judge in Chicago has ruled against a government request which would require forced fingerprinting of private citizens in order to open a secure, personal phone or tablet. In the ruling, the judge stated that while fingerprints in and of themselves are not protected, the government’s method of obtaining the fingerprints would violate the Fourth and Fifth amendments. The government’s request was given as part of a search warrant related to a child pornography ring. The court ruled that the government could seize devices, but that it could not compel people physically present at the time of seizure to provide their fingerprints ‘onto the Touch ID sensor of any Apple iPhone, iPad, or other Apple brand device in order to gain access to the contents of any such device.’

Submission + - Google: 99.95% of Recent 'Trusted' DMCA Notices Were Bogus (torrentfreak.com)

Submitted by AmiMoJo on Thursday February 23, 2017 @05:25AM

AmiMoJo writes: In comments submitted to a U.S. Copyright Office consultation, Google has given the DMCA a vote of support, despite widespread abuse. Noting that the law allows for innovation and agreements with content creators, Google says that 99.95% of URLs it was asked to take down last month didn't even exist in its search indexes. “For example, in January 2017, the most prolific submitter submitted notices that Google honored for 16,457,433 URLs. But on further inspection, 16,450,129 (99.97%) of those URLs were not in our search index in the first place.”

Submission + - Republican National Committee Security Foiled Russian Hackers (wsj.com)

Submitted by OverTheGeicoE on Friday December 16, 2016 @02:53PM

OverTheGeicoE writes: The Wall Street Journal is reporting that, according to U.S. officials who have been briefed on the attempted intrusion, Russian hackers unsuccessfully tried to penetrate the computer networks of the Republican National Committee using the same techniques that allowed them to infiltrate its Democratic counterpart. (Warning: article may be paywalled.) According to the article, "electronic filters" at RNC blocked phishing e-mails from being delivered to their intended RNC recipient, a former employee. Similar attacks against the Democratic National Committee helped reveal a treasure trove of damaging e-mails.

The article states that the attacks against the RNC were "less aggressive and much less persistent". Why? Was this disparity of effort evidence of Russian bias against the Democrats, or were Republicans simply better protected by superior information security practices?

Submission + - Trump to Attack Visas That "Undercut the American Worker" (cio.com.au)

Submitted by OverTheGeicoE on Wednesday November 23, 2016 @01:17PM

OverTheGeicoE writes: On Monday, US President-elect Donald Trump released a video message outlining his policy plans for his first 100 days in office. At 1 minute, 56 seconds into the message, he states that he will direct the Department of Labor to investigate "all abuses of the visa programs that undercut the American worker." During his presidential campaign, Trump was critical of the H-1B visa program that has been widely criticized for displacing US high-technology workers. "Companies are importing low-wage workers on H-1B visas to take jobs from young college-trained Americans," said Trump at an Ohio rally. At other rallies, Trump invited former IT workers from Disney who had been forced to train their H-1B replacements to speak. According to TFA, the Monday Trump video is "the strongest signal yet that the H-1B visa program is going get real scrutiny once he takes office."

Submission + - Tesla Model 3 Deliveries Delayed Until 2018 (supercars-news.co.uk)

Submitted by polishgranite on Wednesday November 23, 2016 @01:11PM

polishgranite writes: Unless of course you have been living in the cage within the last year, it is possible acquainted with the Tesla model 3 — a vehicle that made headlines and broke records through getting around 500, 000 orders within times of getting announced.

Initially first deliveries were scheduled for 2017 however, it emerged today they have been delayed until mid-2018 or later.

Submission + - Bruce Schneier: 'The internet era of fun and games is over' (dailydot.com)

Submitted by campuscodi on Wednesday November 23, 2016 @04:22AM

campuscodi writes: Internet pioneer Bruce Schneier issued a dire proclamation in front of the House of Representatives’ Energy & Commerce Committee Wednesday: “It might be that the internet era of fun and games is over, because the internet is now dangerous.”

The meeting, which focused on the security vulnerabilities created by smart devices, came in the wake of the Oct. 21 cyberattack on Dyn that knocked Amazon, Netflix, Spotify, and other major web services offline.

Schneier’s opening statement provided one of the clearest distillations of the dangers posed by connected devices I’ve seen. It should be required viewing. He starts around the 1:10:30 mark in the livestream below, but we’ve also transcribed most of his remarks.

Submission + - Airport Manager Won't Let TSA Replace Body Scanner With Magnetometer (spokesman.com)

Submitted by OverTheGeicoE on Monday February 25, 2013 @02:07PM

OverTheGeicoE writes: TSA recently announced that it would remove all of Rapiscan's X-ray body scanners from airports by June. As part of this effort, it is trying to move a millimeter-wave body scanner from the Helena, Montana airport to replace an X-ray unit at a busier airport. Strangely enough, they have encountered resistance from the Helena's Airport Manager, Ron Mercer. Last Thursday, workers came to remove the machine, but were prevented from doing so by airport officials. Why? Perhaps Mercer agrees with Cindi Martin, airport director at Montana's Glacier Park International Airport airport, who called the scheduled removal of her airport's scanner 'a great disservice to the flying public' in part because it 'removed the need for the enhanced pat-down.'

Comment The technology might not change at all (Score 1) 268

by OverTheGeicoE on Friday January 18, 2013 @02:15PM (#42627177) Attached to: TSA Terminates Its Contract With Maker of Full-Body Scanner

We might not be finished with X-ray body scanners. TSA and DHS have a fairly-recent $245 million contract with another supplier for a similar X-ray scanner.

Submission + - Taking Sense Away: Confessions of a Former TSA Screener (wordpress.com)

Submitted by OverTheGeicoE on Thursday December 20, 2012 @02:55PM

OverTheGeicoE writes: TSA gets discussed on Slashdot from time to time, usually negatively. Have you ever wondered about the TSA screeners' perspective? Taking Sense Away is a blog, allegedly written by a former TSA screener, offering insider perspectives on TSA topics. For example, there's the Insider's TSA Dictionary, whose entries are frequently about the code screeners use to discuss attractive female passengers (like 'Code Red,' 'Fanny Pack,' and 'Hotel Bravo'). Another posting explains what goes on in private screening rooms, which the author claims is nothing compared to screener conduct in backscatter image operator rooms. Apparently what happens in the IO room stays in the IO room. Today's posting covers how TSA employees feel about working for 'a despised agency'. For many the answer is that they hate working for 'the laughing stock of America’s security apparatus,' try to hide that they work for TSA, and want to transfer almost anywhere else ASAP.

Submission + - House Subcommittee Holds Hearing on TSA's 'Scanner Shuffle' (house.gov)

Submitted by OverTheGeicoE on Thursday November 15, 2012 @05:30PM

OverTheGeicoE writes: The Homeland Security Subcommittee on Transportation Security held a hearing on TSA's recent decision to move X-ray body scanners from major airports to smaller ones, which the subcommitte refers to as a 'Scanner Shuffle.' John Sanders, TSA's assistant administrator for security capabilities, testified that 91 scanners recently removed from major airports were now in storage due to 'privacy concerns.' Although TSA originally planned to relocate the scanners to smaller airports, those plans have been shelved because smaller airports don't have room for them. The subcommittee is also investigating allegations that the machines' manufacturer, Rapiscan, 'may have falsified tests of software intended to stop the machines from recording graphic images of travelers' (VIDEO). Coincidentally, shares of Rapiscan's parent company, OSI Systems Inc., dropped in value almost 25% today, its biggest intraday decline in about 12 years. If wrongdoing is proven, Rapiscan could face fines, prison terms and a ban on government contracting, according to a former head of federal procurement.

Submission + - Ask Slashdot: Is TSA's PreCheck System Easy to Game? (wordpress.com)

Submitted by OverTheGeicoE on Tuesday October 30, 2012 @01:31PM

OverTheGeicoE writes: TSA has had a preferred traveler program, PreCheck, for a while now. Frequent fliers and other individuals with prior approval from DHS can avoid some minor annoyances of airport security, like removing shoes and light jackets, but not all of the time. TSA likes to be random and unpredictable, so PreCheck participants don't always get the full benefits of PreCheck. Apparently the decision about PreCheck is made when the boarding pass is printed, and a traveler's PreCheck authorization is encoded, unencrypted, on the boarding pass barcode. In theory, one could use a barcode-reading Web site (like this one, perhaps) to translate a barcode into text to determine your screening level before a flight. One might even be able to modify the boarding pass using PhotoShop or the GIMP to, for example, get the screening level of your choice. I haven't been able to verify this information, but I bet Slashdot can. Is TSA's PreCheck system really that easy to game? If you have an old boarding pass lying around, can you read the barcode and verify that the information in TFA is correct?

Submission + - Twitter Removes Anti-Semitic Tweets In France (techweekeurope.co.uk)

Submitted by

judgecorp

on Friday October 19, 2012 @01:09PM

judgecorp writes: "Following its censorship in Germany, Twitter is removing anti-Semitic tweets in France after a complaint from a Jewish students group about an anti-Semitic hashtag"

Submission + - Is Ubuntu Development Becoming Less Open? (muktware.com)

Submitted by sfcrazy on Friday October 19, 2012 @12:31PM

sfcrazy writes: While the larger Ubuntu community was busy downloading, installing and enjoying the latest edition of Ubuntu yesterday, a post by Ubuntu founder Mark Shuttleworth rustled some feathers. He gave indications that from now onwards only selected members of the community will be involved in some development and it will be announced publicly only after completion. Unlike other open source projects where all development happens in open manner. There as some criticism of this move and Shuttleworth ate his words and responded that they are actually opening up those projects where were being developed internally by Canonical employees instead of closing currently open projects. He also attacked Red Hat, as usual. This attitude or Shuttleworth is causing much discomfort for the entire Linux community. Is Canonical doing something wrong?

Slashdot Top Deals