27816552
submission
wiedzmin writes:
Japanese Defense Ministry has awarded Fujitsu a contract to develop a vigilante computer virus, which will track down and eliminate other viruses, or rather — their sources of origin. Are "good" viruses a bad idea? Sophos seems to think so.
23518176
submission
wiedzmin writes:
In "life imitates Pulp Fiction" whoever is entrusted with posting installation instructions on Adobe.com decided to set the clocks to 4:20 in Firefox screenshots. Right on, dude.
23330498
submission
wiedzmin writes:
Having previously requested ownership with no success, Jay Freeman the creator of Cydia, has now filed a lawsuit in a bid to obtain the Cydia.com domain from its current owner, despite the domain registration preceding Cydia by at least 6 years. Freeman argues that with the current content of Cydia.com, its visitors could be confused by the name and led to believe that Cydia is affiliated with Apple. He also seeks damages for legal fees on behalf of his company. I wonder if Apple should chime in on this one.
23132312
submission
wiedzmin writes:
A new report released by NSS labs shows that the latest version of Internet Explorer, equipped with some new anti-malware functionality, catches more Web-based malware attacks than any of the other major browsers on the market. IE9 caught nearly 100 percent of the attacks thrown at it in a new test done, followed with a huge disparity by Google Chrome at 13.2%, Safari and Firefox at 7.6% and Opera at 6.1%.
23031818
submission
wiedzmin writes:
"Federal authorities are tacitly acknowledging that, despite their best efforts, it's impossible to keep domestic aircraft safe from all evildoers. That's because if a pilot wants to crash a plane, the pilot can crash a plane. With that in mind, the Transportation Security Administration began a program Tuesday allowing pilots to skirt the security-screening process." I guess if you're a bad guy, first place you want to look for something to use as a weapon is in the bag of a guy wearing a pilot's uniform.
23024390
submission
wiedzmin writes:
North Korean government seems to have found a novel way of raising badly needed cash, according to the South Korean authorities: unleashing young hackers on South Korea's immensely popular online gaming sites to steal points convertible to cash. The police in Seoul said Thursday that four South Koreans and a Korean-Chinese had been arrested on charges of drawing on that army to organize a hacking squad of 30 young video gaming experts. Working from Northern China, the police said, the squad created software that breached the servers for such popular South Korean online gaming sites as "Lineage" and "Dungeon and Fighter". Despite its decrepit economy, North Korea is believed to train an army of computer programmers and hackers.
23004048
submission
wiedzmin writes:
A California appeals court is striking down a voter-approved measure requiring every adult arrested on a felony charge to submit a DNA sample. Court questioned the extent to which technology can be permitted to diminish the privacy guaranteed by the Fourth Amendment. More than 1.6 million samples have been taken following the law’s 2009 implementation. Only about a half of those arrested in California are convicted.
21162786
submission
wiedzmin writes:
Falungong members are suing Cisco Systems for custom-building "Golden Shield" Internet technology used by China to track down devotees of the spiritual movement, who then get detained, tortured and even killed. Cisco dismisses the case as being without basis and vows to "vigorously defend" itself.
21090436
submission
wiedzmin writes:
Cisco on Thursday waved away rumors that it will soon sell off its Linksys and WebEx businesses as part of an ongoing restructuring. Cisco spokesperson declined to comment on the recent rumors that the networking giant was looking for potential buyers, but analysts have been wondering if Cisco would offload Linksys among other consumer brands in light of their recent quarters' disappointing earnings results.
21007714
submission
wiedzmin writes:
Police do not need a search warrant to knock on a suspected drug dealer’s door and then kick it down when a suspicious bustling noise is heard from the other side, the Kentucky Supreme Court ruled.
20830294
submission
wiedzmin writes:
Subpoenas are expected to go out this week to ISP's in what could be a biggest BitTorrent downloading case in U.S. history. At least 23,000 file sharers are being targeted by the U.S. Copyright Group for downloading "Expendables". Company appears to have adopted Righthaven's strategy in blanket-suing large numbers of defendants and offering an option to quickly settle online for a moderate payment. The IP addresses of defendants have allegedly been collected by paid snoops capturing IP addresses of all peers who were downloading or seeding Sylvester Stallone's flick last year. I am curious to see how this will tie into the the BitTorrent case ruling made earlier this year, indicating that an IP address does not uniquely identify the person behind it.
17697334
submission
wiedzmin writes:
According to SANS ISC Diary, exploit code and a working binary have been published for a previously unknown 0-day vulnerability in Windows registry handling, which allows any user elevate their privileges regardless of their current role. Exploit affects almost all versions of Windows, inlcuding Windows 7 with UAC enabled.
17657186
submission
wiedzmin writes:
Anybody who has worked with or around anything dubbed as an "appliance" in the past 5 years, knows that they now usually come with a management web-interface, and that the web-interface is usually "secure". However, no company in their right mind (accounting mind that is) will spend $400/year per appliance to buy Verisign SSL certificates to secure web-interfaces on networks that may not even have Internet access at the time. So network administrators, and sometimes end-users, are stuck clicking away at the annoying "Continue to this website (not recommended)" messages every time they connect, setting an unhealthy precedence when it comes to the actual security of SSL and the much-hyped-about MITM attacks. So the question I have for the /. crowd is — do you have valid SSL certificates on your intranet sites and if so — what do you use? Any cost-neutral, or at least cost-conscious solutions out there that don't involve manually distributing your certificates and CRL to every workstation in the company? Thanks.
17534910
submission
wiedzmin writes:
1and1 customer service has confirmed that due to a current issue with their private domain registration system, any user who has registered a 'private' domain since at least beginning of September, ended-up with a 'public' registration, exposing their name, address, phone number and email information on the web. Until the issue is resolved, users are unable to change the status on their 'public' domain names, leaving all of their personal information publicly available on every whois service. While 1and1 technical support is aware of the issue, there is currently no ETA for resolution to be provided.
16466138
submission
wiedzmin writes:
Passware, a Mountain View corporation that focuses on providing commercial "password recovery tools" says it has come up with a way to access files on drives secured with Microsoft Windows BitLocker encryption. The vendor claims its Kit Forensic software is now capable of retrieving BitLocker encryption keys and getting "full access" to the contents of encrypted disks. Person wishing to use the software in order to defeat BitLocker encryption and gain access to drive contents, will need physical access to the target system, according to the company spokesperson, Nataly Koukoushkina. While company claims to cater primarily to forensic investigators and law enforcement agencies, there is nothing preventing the toolkit from being used for malicious purposes.
