Comment Just a mater of time (Score 0) 2
It was just a mater of time, they grab money from ingame pets, changing names ,changing servers ect. $25 us is a real rip of.
Submission + - Interesting Artical by Mikko Hypponen (pcmag.com)
Bat Dude writes: taken from PC mag: Mikko Hypponen of F-Secure is a fairly major rock star in the security business (think somewhere between Ziggy and Bob Marley). Yes, he's a vendor, but you have to respect his insight and experience.
So I took it seriously when Mikko said he thinks that there's an angle to the Aurora attacks of late last year that hasn't gotten the attention it deserves: The nature of the attacks reinforces the idea that the attackers were primarily concerned with espionage against government opponents, and not the usual industrial espionage and simple criminality you typically find in the digital underground economy.
Consider the sort of people we're talking about as victims here: Dissidents, free speech advocates, non-governmental organizations, and their attorneys. Knowing that they're frequent targets of government spooks they like using webmail accounts, particularly GMail and Yahoo! Mail. Many will use Linux in order to avoid Windows malware which might reveal their personal information.
Note that there were many other companies attacked in the same attack campaign. But it's not hard to conjure up reasoning why someone going after Chinese state enemies would attack many of those. Most of the companies have not been identified, but some have:
Adobe—An important software company with broad market reach on Windows, Mac and Linux
Yahoo!—As I mentioned, also an important provider of online services.
Rackspace—One of the largest server farms in the business
Gipson, Hoffman & Pancione—A law firm doing work for organizations of interest to the Chinese government
Northrop Grumman, Dow Chemical and Juniper Networks—Military and other significant industry. Frequently target of such attacks.
So how do you spy on such people? You compromise their GMail credentials. Mikko is convinced that GMail was the main object of the attack, but remember that GMail is served by the same Gaia authentication system as the rest of Google's services. If you get someone's GMail account, you also have their Google Docs account, for example,
But back to e-mail: As SANS mentioned in today's Tip of the Day, e-mail is more like a postcard than an envelope: It's in plain text, so anyone snooping the network can see it too. So if you care, and you're sophisticated about it, you can use a program like PGP to encrypt your e-mail. Used correctly, PGP is, to all practical purposes, uncrackable. But using PGP correctly can be a big pain, so people take shortcuts: they share secret keys, they don't properly secure their secret keys or their whole keyring.
As Adi Shamir (the 'S' in RSA) said in his 2004 Turing Lecture, one of the 3 laws of security is that "Cryptography is typically bypassed, not penetrated." Thus it is with PGP: Nobody cracks it; instead they crack the system that it's on and either keylog it or steal the keyring. The more people have a single secret key, the easier this is to do.
Mikko says that they have seen malware designed to steal a PGP keyring. I'm guessing it was designed for a targeted attack because very few people have the patience to use PGP and use it correctly.
If Google (and the other webmail providers) want to do something about this, they can find a way to make it easier to use PGP as part of GMail and its competitors. Right now it's generally a very manual cutting and pasting affair.
Your take-away from all this is that you really can't trust content on public e-mail systems unless you go to extraordinary, and inconvenient, measures to secure that content. And even people who think they've gone to such measures are just better-defended, not invulnerable. If you're fighting the state you have to be willing to take some risks.
So I took it seriously when Mikko said he thinks that there's an angle to the Aurora attacks of late last year that hasn't gotten the attention it deserves: The nature of the attacks reinforces the idea that the attackers were primarily concerned with espionage against government opponents, and not the usual industrial espionage and simple criminality you typically find in the digital underground economy.
Consider the sort of people we're talking about as victims here: Dissidents, free speech advocates, non-governmental organizations, and their attorneys. Knowing that they're frequent targets of government spooks they like using webmail accounts, particularly GMail and Yahoo! Mail. Many will use Linux in order to avoid Windows malware which might reveal their personal information.
Note that there were many other companies attacked in the same attack campaign. But it's not hard to conjure up reasoning why someone going after Chinese state enemies would attack many of those. Most of the companies have not been identified, but some have:
Adobe—An important software company with broad market reach on Windows, Mac and Linux
Yahoo!—As I mentioned, also an important provider of online services.
Rackspace—One of the largest server farms in the business
Gipson, Hoffman & Pancione—A law firm doing work for organizations of interest to the Chinese government
Northrop Grumman, Dow Chemical and Juniper Networks—Military and other significant industry. Frequently target of such attacks.
So how do you spy on such people? You compromise their GMail credentials. Mikko is convinced that GMail was the main object of the attack, but remember that GMail is served by the same Gaia authentication system as the rest of Google's services. If you get someone's GMail account, you also have their Google Docs account, for example,
But back to e-mail: As SANS mentioned in today's Tip of the Day, e-mail is more like a postcard than an envelope: It's in plain text, so anyone snooping the network can see it too. So if you care, and you're sophisticated about it, you can use a program like PGP to encrypt your e-mail. Used correctly, PGP is, to all practical purposes, uncrackable. But using PGP correctly can be a big pain, so people take shortcuts: they share secret keys, they don't properly secure their secret keys or their whole keyring.
As Adi Shamir (the 'S' in RSA) said in his 2004 Turing Lecture, one of the 3 laws of security is that "Cryptography is typically bypassed, not penetrated." Thus it is with PGP: Nobody cracks it; instead they crack the system that it's on and either keylog it or steal the keyring. The more people have a single secret key, the easier this is to do.
Mikko says that they have seen malware designed to steal a PGP keyring. I'm guessing it was designed for a targeted attack because very few people have the patience to use PGP and use it correctly.
If Google (and the other webmail providers) want to do something about this, they can find a way to make it easier to use PGP as part of GMail and its competitors. Right now it's generally a very manual cutting and pasting affair.
Your take-away from all this is that you really can't trust content on public e-mail systems unless you go to extraordinary, and inconvenient, measures to secure that content. And even people who think they've gone to such measures are just better-defended, not invulnerable. If you're fighting the state you have to be willing to take some risks.
Submission + - Bridging the digital divide in Africa
jtrust27 writes: An innovative new approach is allowing citizens of Uganda, a developing nation in the heart of Africa, to access online goods and services for the first time.
Slow or non-existent internet connections have meant that the people of Uganda for the last three decades have not been able to harness the many advantages of the online economy. This social and economic exclusion of the poorest of the poor was further accentuated by the impossibility for a Ugandan to obtain a credit card or make paypal payments — a simple requirement to be able to pay for goods and services online. Most merchants and payment gateway providers automatically block all credit cards from Africa and it is not possible to get a verified paypal account in many African Nations.
A big ray of Hope was the arrival of the first submarine fibre-optic cable on the African coastal port of Mombasa Kenya. This revolutionary event has started a data revolution, for the first time enabling Ugandans to watch online videos and access secure sites without timing out. The final step in bridging the digital divide has now been provided by an innovative service of a Ugandan company. EasyPayUganda (http://www.easypayuganda.com) is providing the first service of its kind in the region, allowing customers to make online payments by proxy in order to pay for services and goods. EasyPayUganda is also providing a logistics solution, forwarding customers shipments to Uganda as most online merchants will not ship to Africa. By taking this revolutionary approach, recognizing that there is demand for products and services in Africa, the company is for the first time allowing Africans to purchase online and drastically improve their standard of living.
Slow or non-existent internet connections have meant that the people of Uganda for the last three decades have not been able to harness the many advantages of the online economy. This social and economic exclusion of the poorest of the poor was further accentuated by the impossibility for a Ugandan to obtain a credit card or make paypal payments — a simple requirement to be able to pay for goods and services online. Most merchants and payment gateway providers automatically block all credit cards from Africa and it is not possible to get a verified paypal account in many African Nations.
A big ray of Hope was the arrival of the first submarine fibre-optic cable on the African coastal port of Mombasa Kenya. This revolutionary event has started a data revolution, for the first time enabling Ugandans to watch online videos and access secure sites without timing out. The final step in bridging the digital divide has now been provided by an innovative service of a Ugandan company. EasyPayUganda (http://www.easypayuganda.com) is providing the first service of its kind in the region, allowing customers to make online payments by proxy in order to pay for services and goods. EasyPayUganda is also providing a logistics solution, forwarding customers shipments to Uganda as most online merchants will not ship to Africa. By taking this revolutionary approach, recognizing that there is demand for products and services in Africa, the company is for the first time allowing Africans to purchase online and drastically improve their standard of living.
Submission + - The Mystery of the Missing Methane
Hugh Pickens writes: "Astrobiology Magazine reports that NASA’s Spitzer Space Telescope has discovered something odd about GJ 436b a distant planet about the size of Neptune located 33 light-years away circling the star Gliese 436. The mystery? GJ 436b lacks methane, an ingredient common to many of the planets in our solar system. Methane is present on our life-bearing planet, manufactured primarily by microbes living in cows and all of the giant planets in our solar system have methane too, despite their lack of cows. “In this case, we expected to find methane not because of the presence of life, but because of the planet’s chemistry,” says Joseph Harrington of the University of Central Florida. "This type of planet should have cooked up methane. It’s like dipping bread into beaten eggs, frying it, and getting oatmeal in the end." Spitzer was able to detect the faint glow of GJ 436b by watching it slip behind its star, an event called a secondary eclipse. As the planet disappears, the total light observed from the star system drops and the drop is then measured to find the brightness of the planet at various wavelengths. Eventually, a larger space telescope could use the same kind of technique to search smaller, Earth-like worlds for methane and other chemical signs of life, such as water, oxygen and carbon dioxide. Adam Showman, a planetary scientist at the University of Arizona, says the "provocative result" raises questions about the evolution of this planet, as well as the possibility that its atmosphere might represent an entirely new class of atmospheres that has never been explored. “It’s a big puzzle,” says Kevin Stevenson. “Models tell us that the carbon in this planet should be in the form of methane. Theorists are going to be quite busy trying to figure this one out.”"
Submission + - Mac versions of Valve's Steam and Games Coming (shacknews.com)
Dragoniz3r writes: It would seem that the rumors and speculation about a Mac version of Steam were true, as Shacknews reports that "The Mac client for Steam is scheduled to be released this month along with Mac versions of Left 4 Dead 2, Team Fortress 2, Counter-Strike, Portal, and the Half-Life series." A video of Steam in action on a Mac is included.
Submission + - Did Facebook migrate to Windows Servers? (tumblr.com) 1
jonklinger writes: A rather esoteric report this morning about the Hebrew letter 'Nun' (Unicode 05E0) being unreadable in Facebook and replaced with a non-breaking-space (Hebrew link) reminded me an old discussion from the WordPress discussion group (Hebrew link) where it was explained that in a limited number of Windows IIS servers there's a bug that does not allow displaying such character. Of course, historically Facebook worked on Linux Servers, but there might have been a connection between Facebook's new changes and this
Submission + - Branson Says Flight Ban an Overraction (yahoo.com) 1
HaymarketRiot writes: Richard Branson has claimed that the flight ban, due to the eruption of the volcano Eyjafjallajokull, was an overraction on the part of the authorities. Britain's government has even called for the airlines to be compensated. This does look like a perfect excuse for already greedy airlines to try and get more money...any experts care to comment on the effect of volcanic ash on planes?
Submission + - Celestial Steed a WoW windfall for Blizzard (news.com.au) 2
Dexter Herbivore writes: With the first "useful" object for WoW players for less than a week, over 140,000 players have shelled out US$25 for a pretty picture. Does this signify a shift to Real Money Transactions in conjunction with a subscription model? Has Activision-Blizzard found a winning formula for squeezing even more money out of their users?
Comment Screeech (Score 0) 166
schreeeeech bugger looked in rear mirror again.
seriously 1 step forward two steps back.
Comment say again! (Score -1, Flamebait) 192
So it's not illegle to to brake the copyright unless you break the copyright.
Comment Retire long and prosper (Score 1) 224
All the best to one of the greats.
A life time in the lime light without all the bad hipe and gossip, form the media you have done well.
one off a kind you will be missed.
Comment Dont Look (Score 1) 166
Just don't look at the oncoming Traffic.
This is a late April fools joke, me thinks !
Comment Re:Endless vs. infinite (Score 3, Funny) 301
Simple endless task never ends but the infinite task! the end is just not in sight :)
Comment NO NO let me make up the rest of the Story (Score 3, Funny) 301
Sounds a bit like a journalists brain to me ... NO NO let me make up the rest of the Story
MIT Finds 'Grand Unified Theory of AI' 301
aftab14 writes "'What's brilliant about this (approach) is that it allows you to build a cognitive model in a much more straightforward and transparent way than you could do before,' says Nick Chater, a professor of cognitive and decision sciences at University College London. 'You can imagine all the things that a human knows, and trying to list those would just be an endless task, and it might even be an infinite task. But the magic trick is saying, "No, no, just tell me a few things," and then the brain — or in this case the Church system, hopefully somewhat analogous to the way the mind does it — can churn out, using its probabilistic calculation, all the consequences and inferences. And also, when you give the system new information, it can figure out the consequences of that.'"
