Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Submission + - New Fantom Ransomware Poses As Windows Update (hothardware.com)

MojoKid writes: A security researcher for AVG has discovered a new piece of ransomware called Fantom that masquerades as a critical Windows update. Victims who fall for the ruse will see a Windows screen acting like it's installing the update, but what's really happening is that the user's documents and files are being encrypted in the background. Fantom is based on the open-source EDA2 ransomware project, and unfortunately there's no way to decrypt the files without the culprit's help. The scam starts with a pop-up labeled as a critical update from Microsoft. Once a user decides to apply the fake update, it extracts files and executes an embedded program called WindowsUpdate.exe. As with other EDA2 ransomware, Fantom generates a random AES-128 key, encrypts it using RSA, and then uploads it to the culprit. From there, Fantom targets specific file extensions and encrypts those files using AES-128 encryption. Users affected by this are instructed to email the culprit for payment instructions. It's not clear how much it costs to decrypt the files or if the person responsible even follows through once payment is received.

Submission + - FBI: Hillary Clinton used BleachBit to wipe emails (neowin.net) 1

An anonymous reader writes: The open source disk cleaning application, BleachBit, got quite a decent ad pitch from the world of politics after it was revealed lawyers of the presidential hopeful, Hillary Clinton, used the software to wipe her email servers. Clinton is currently in hot water, being accused of using private servers for storing sensitive emails.

“She and her lawyers had those emails deleted. And they didn't just push the delete button; they had them deleted where even God can't read them. They were using something called BleachBit. You don't use BleachBit for yoga emails or bridesmaids emails. When you're using BleachBit, it is something you really do not want the world to see.”

Two of the main features that are listed on the BleachBit website include “Shred files to hide their contents and prevent data recovery”, and “Overwrite free disk space to hide previously deleted files”. These two features would make it pretty difficult for anyone trying to recover the deleted emails.

Submission + - Phony Ubuntu website possibly serving malware 4

An anonymous reader writes: If you accidentally misspell Ubuntu while typing in the address, you may end up at http://uhuntu.com/ . Spelling Ubuntu with an "h" instead of a "b" takes you to a website that looks just like Canonicals Ubuntu website. No word on whether or not they are serving malware ridden Ubuntu ISOs, so watch what you type into that address bar.

Submission + - KickStarter project wants to standardize :penis: and :vagina: emoji 1

An anonymous reader writes: This project is looking to petition the Unicode Consortium to add a penis, vagina and breasts emoji to the Unicode standard. If you've ever wanted send a little penis icon from the system standard keyboard on your phone then this is the crowd funding campaign for you.

Submission + - Justin Bieber Deletes His Instagram Account (viralzoo.co)

An anonymous reader writes: Justin did warn us. Bieber has gone and deleted his Instagram account. His Instagram profile vanished into cyberspace, leaving millions of followers hanging.

Submission + - 10 Year-Old Teaches Hackers a Valuable Lesson In Privacy (csoonline.com)

itwbennett writes: At r00tz Asylum, a kids-only gathering at DEF CON, 10-year-old Evan Robertson presented his first-place winning school science fair project, which showed how quickly people will hand over their privacy for a little free Wi-Fi. Robertson set up a Wi-Fi hotspot with terms-of-service that would allow him to access or modify connecting devices 'in any way.' In his science fair experiment, 76 people at local malls and stores connected to his hotspot, and 40 of them (52%) accepted the TOS to gain access. And, proving that security pros aren't all quite as privacy-minded as you might expect them to be, Robertson later set up his hotspot at BSides San Antonio, where 41 people connected to his hotspot, and 20 of them accepted the TOS.

Submission + - The U.S. plan to bomb Pagan Island, the worst place ever (guamblog.com)

dcblogs writes: The U.S. is being sued over its plan to take one of the Pacific's most beautiful places, Pagan Island, and turn into a training facility and bombing range for the U.S. military. “Families who formerly resided on Pagan would be forever banished from returning to their home island, which would be turned into a militarized wasteland,” according to the lawsuit filed by lawsuit filed by Earthjustice, which is representing some the groups in the Northern Mariana Islands fighting this action. The 18-square-mile island, which is part Commonwealth of the Northern Mariana Islands and a U.S. territory, is about about the size of Hartford, Conn. It is a volcanic island, shaped by magma and violent explosions. There are large rock outcrops, cliffs, King Kong Island-type vistas, relatively high elevations and plateaus. The island was evacuated in 1981 because of volcanic activity, but a handful of people have taken up residence. The government's proposal is reminiscent of the takeover of Bikini Atoll in 1946, which was used for nuclear testing. The U.S. Environmental Impact Statement suggest that the government has made plans to protect the native’s island wildlife. For instance, consider the protections for the fruit bat. “The proposed 0.5- mile (0.8-kilometer) buffer zone around each (Fruit Bat) colony will significantly reduce the potential for aircraft strikes of fruit bats.” [Emphasis added]

Submission + - NASA demonstrates HiRyRS-X: a Game-Changing Camera (nasa.gov)

vikingpower writes: When a rocket takes off, one sees an inferno of glowing gases streaming out of the engines: a source of unimaginably bright light, for looking at which you need at least sunglasses. No camera is adapted for a detailed recording of how the gases exactly behave. Until now. NASA developed the so-called High Dynamic Range Stereo-X-camera (HiDyRS-X), to better than ever before image what happens in and around a rocket engine during launch. And the result is a spectacular video feed. The HiDyRS-X project began as part of NASA Space Technology Mission Directorate’s Early Career Initiative (ECI), designed to give young engineers the opportunity to lead projects and develop hardware alongside leading innovators in industry. Howard Conyers, a structural dynamist at NASA’s Stennis Space Center, was awarded an ECI grant in 2015. And he developed HiDyRS-X as part of NASA's Game Changing Development program, set up to investigate technologies "that have the potential to revolutionize future space missions".

Submission + - Comcast: FCC's Set-Top Box Proposal's Impossible. FCC: (consumerist.com)

dennisl80716606 writes: The FCC's got a proposal in the works right now that Comcast doesn't like. This is not a shock; Comcast has generally not liked any headlining proposals from the FCC in recent years. Some of the cable giant's complaints are undoubtedly just sound and noise, signifying nothing other than “we like profit, don't screw with our thing.” But maybe some of its technological complaints have merit.


First, a recap of where we stand right now:


Cable companies currently make a lot of money from mandatory equipment rental fees imposed on consumers. The FCC has a proposal in the works to make the cable set-top box market at least halfway competitive. That plan has support from the White House as well as from technology and consumer advocates. That proposal, of course, also has detractors. And among those detractors, Comcast has consistently been the most vocal.


That's the background. These many months in, Comcast has made its opinion known in filings and meetings with the FCC many times. So Ars Technica, as it does, took a look at the technological complaints that Comcast is making, and the rebuttals from the FCC.


The sum of Comcast's arguments, says Ars, is that it accuses the FCC of not actually knowing how TV works in 2016. The FCC's proposal would require providers to make “information flows” available to third-party providers, the same way that they are available on a company's own hardware. Three flows would be transmitted: one would be for content itself (“content delivery”), all the programming you tune to and watch. Another would be for “service discovery,” meaning all that handy data about channel listings and programming guides. And the third would be about “entitlements” — that's whether or not you can record or fast-forward given programming.


Sounds good, right? Except Comcast claims that there's no such thing: rather than information flowing out to cable boxes, it is stored on a server and customers basically reach in and grab it on-demand. Comcast's X1 cable platform is an internet-based system, not a broadcast one (which is why it's technologically possible, for example, to run Netflix on a modern Comcast box).


These on-demand requests, Comcast adds, are too individualized to be transmitted elsewhere. In other words, they're too tied to an individual account, and over a hundred little subsystems would get completely screwed up if Comcast tried to mess with them.


The FCC, however, does not think these arguments have much weight. An unnamed senior Commission official told Ars that the FCC is perfectly aware of how on-demand, IP-based systems work and that Comcast's pile of excuses is, well, no excuse.


The FCC official said that Comcast and others could comply by creating an API that would let third parties use their data for their own software uses. The API wouldn't need to know every single feature internal to Comcast; it would only need to be able to access the customer's permissions to access content. (Much the same way as third-party apps on your phone can access some of your Facebook content without knowing everything Facebook does or being Facebook.)


The FCC official also pointed out that the API was a suggestion — the rule proposed doesn't mandate any specific solution, but instead requires everyone to develop and pick some kind of open standard that works and then stick with it.


Comcast claims the API is a no-go even though of course there's the fact that to some degree, making cloud-based cable into an app you can run anywhere already works: Comcast has itself proven this with its X1 app for Samsung and Roku devices, in addition to having a fairly robust TV-everywhere login-based viewing option for cable customers to use on their computers and tablets.


So who's more right? Ars consulted an expert who works for neither Comcast nor the FCC. That expert says that his own company ran a successful proof-of-concept demonstration showing that “off-the-shelf equipment and open standards” work right now to let third-party hardware access Comcast's (and Google Fiber's) video stream. The catch: that demo used a CableCard, which kinda sorta failed miserably to launch and is being phased out as a product and standard.


So where do we go from here? That's a big old giant open question. We'll find out if the proposal goes through or not sometime in the coming months.




Set-top saga: Comcast says it's “not feasible” to comply with FCC cable box rules [Ars Technica]

Submission + - SPAM: Mysterious, ice-buried Cold War military base may be unearthed by climate change

sciencehabit writes: It sounds like something out of a James Bond movie: a secret military operation hidden beneath the Greenland Ice Sheet. But that’s exactly what transpired at Camp Century during the Cold War. In 1959, the U.S. Army Corps of Engineers built the subterranean city under the guise of conducting polar research—and scientists there did drill the first ice core ever used to study climate. But deep inside the frozen tunnels, the corps also explored the feasibility of Project Iceworm, a plan to store and launch hundreds of ballistic missiles from inside the ice.

The military ultimately rejected the project, and the corps abandoned Camp Century in 1967. Engineers anticipated that the ice—already a dozen meters thick—would continue to accumulate in northwestern Greenland, permanently entombing what they left behind. Now, climate change has upended that assumption. New research suggests that as early as 2090, rates of ice loss at the site could exceed gains from new snowfall. And within a century after that, melting could begin to release waste stored at the camp, including sewage, diesel fuel, persistent organic pollutants like PCBs, and radiological waste from the camp’s nuclear generator, which was removed during decommissioning.

Link to Original Source

Submission + - Driver Signing To Be Enforced In Next Windows 10 (i-programmer.info) 1

mikejuk writes: The control of what software users can run on their machines is becoming ever tighter. Now Microsoft has announced that only signed drivers will work in the next release of Windows 10.
Before you start to panic about backward compatibility with existing drivers the lockdown is only going to be enforced on new installations of Windows 10. If you simply upgrade an existing system then the OS will take over the drivers that are already installed. Only new installations, i.e. installing all drivers from scratch, will enforce the new rules from Windows 10 version 1607.
Be warned, if you need to do a fresh install of Windows 10 in the future you might find that your existing drivers are rejected.
There's an xkcd for that: https://xkcd.com/1144/

Submission + - China's CH-4B Drone Looks Awfully Familiar to a U.S. Drone (popularmechanics.com)

schwit1 writes: Footage of China's CH-4B armed drone has hit the Internet, and provides some interesting insights into the unmanned aircraft. The video shows off the various capabilities of the medium-altitude, long-endurance drone, from surveillance to attack. The drone also bears a striking resemblance to the American Reaper drone, which fulfills the exact same missions.

The video, posted on YouTube, shows the uncanny resemblance between the MQ-9 Reaper and the CH-4B. The two aircraft appear identical, save for a ventral stabilizer on the bottom rear of the Reaper that doesn't appear on the CH-4B. The Chinese aircraft is made by CASC, the China Aerospace Science and Technology Corporation.

Submission + - SPAM: The Stillbirth of the Soviet Internet

kurrawong writes: A socio-technical history of the Internet that will definitely appeal to many Slashdotters: Ben Peters, author of "How Not to Network a Nation", discusses the history of Soviet cybernetics and computer networks on Sean's Russia Blog podcast episode "The Stillbirth of the Soviet Internet".

In the interview, Peters states the reason the Internet appeared in Silicon Valley and not near Soviet Kiev was that "the capitalists behaved like socialists while the socialists behaved like capitalists". This challenges conventional notions about the relationship between society and technology and contradicts the often-stated belief about laissez faire economic freedoms and capitalism being necessary for the high-tech booms.

Peters also ponders what we might learn about current Internet state surveillance trends, such as the now-known NSA programs, by looking at the 1960's Soviet project called OGAS ("obshche-gosudarstvennaia avtomatizirovannaia sistema"). Its full title in English unashamedly gives away its intentions: "All-State Automated System for the Gathering and Processing of Information for the Accounting, Planning, and Governance of the National Economy, USSR".

Submission + - Google maps receives big update, UX disaster. 1

MrL0G1C writes: Google Maps has been updated, The UX geniuses have decided that roads are not an important feature on maps and have removed road outlines and the roads are now white on an off-white background. Places of interest are obviously not so interesting and they get light pastel colours on a white background.

Submission + - Judge Rules Political Robocalls Are Protected by First Amendment

Trailrunner7 writes: A federal judge has ruled that robocalls made on behalf of political candidates are protected by the First Amendment and cannot be outlawed. The decision came in a case in Arkansas, where political robocalls had been illegal for more than 30 years.

On Wednesday, U.S. District Court Judge Leon Holmes ruled that banning political robocalls amounts to an infringement of free speech protections and also constitutes prior restraint of speech. Political campaigns have been using robocalls for decades, and some states have sought to ban them, arguing that they are intrusive and violate recipients’ privacy. In the Arkansas case, the state attorney general put forward both of these arguments, and also argued that the calls can tie up phone lines, making them unusable in an emergency.

Holmes said in his decision that there was no evidence that political robocalls prevent emergency communications, and also said that the Arkansas statute should have banned all robocalls, not just commercial and political ones.

Slashdot Top Deals

"Stupidity, like virtue, is its own reward" -- William E. Davidsen

Working...