Martin S. writes: The Decentralized Web Summit took place at the Internet Archive between June 7th and June 9th, 2016. Videos from the event which included speakers Tim Berners-Lee, Christopher Allen, Vint Cerf amongst many others are now available and more are expected soon. Link to Original Source
In Bitcoin, transaction malleability describes the fact that the signatures that prove the ownership of bitcoins being transferred in a transaction do not provide any integrity guarantee for the signatures themselves. This allows an attacker to mount a malleability attack in which it intercepts, modifies, and rebroadcasts a transaction, causing the transaction issuer to believe that the original transaction was not confirmed. In February 2014 MtGox, once the largest Bitcoin exchange, closed and filed for bankruptcy claiming that attackers used malleability attacks to drain its accounts. In this work we use traces of the Bitcoin network for over a year preceding the filing to show that, while the problem is real, there was no widespread use of malleability attacks before the closure of MtGox.
Sir Andrew Dillon, NICE Chief Executive: “A spam email purporting to come from NICE is being sent to members of the public regarding cancer test results. This email is likely to cause distress to recipients since it advises that ‘test results' indicate they may have cancer. This malicious email is not from NICE and we are currently investigating its origin. We take this matter very seriously and have reported it to the police.”
NICE is advising people who have received the email — the subject line of which is important blood analysis result — to delete it without opening it and not to click on any links.
Martin S. writes: The Register reports Top UK e-commerce sites including Amazon, Tesco and Virgin Atlantic are not doing enough to safeguard users from their own password-related foibles, according to a new study by Dashlane. Who go on to detail how
* 66% accept notoriously weak passwords such as “123456” or “password”, putting users in danger as these are often the first passwords hackers use when trying to breach accounts.
* 66% make no attempt to block entry after 10 incorrect password entries (including Amazon UK, Next, Tesco and New Look). This simple policy prevents hackers from using malicious software that can run thousands of passwords during log-ins to breach accounts.
Martin S. writes: How NASA Engineers have reverse engineered the F1 engine of a Saturn V launcher, because:
every scrap of documentation produced during Project Apollo, including the design documents for the Saturn V and the F-1 engines, remains on file. If re-creating the F-1 engine were simply a matter of cribbing from some 1960s blueprints, NASA would have already done so.
A typical design document for something like the F-1, though, was produced under intense deadline pressure and lacked even the barest forms of computerized design aids. Such a document simply cannot tell the entire story of the hardware. Each F-1 engine was uniquely built by hand, and each has its own undocumented quirks. In addition, the design process used in the 1960s was necessarily iterative: engineers would design a component, fabricate it, test it, and see how it performed. Then they would modify the design, build the new version, and test it again. This would continue until the design was "good enough."