Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×

Submission + - Malibu Media stay lifted, motion to quash denied

NewYorkCountryLawyer writes: In the federal court for the Eastern District of New York, where all Malibu Media cases have been stayed for the past year, the Court has lifted the stay and denied the motion to quash in the lead case, thus permitting all 84 cases to move forward. In his 28-page decision (PDF), Magistrate Judge Steven I. Locke accepted the representations of Malibu's expert, one Michael Patzer from a company called Excipio, that in detecting BitTorrent infringement he relies on "direct detection" rather than "indirect detection", and that it is "not possible" for there to be misidentification.

Submission + - Maxthon Web Browser Sends Sensitive Data to China

wiredmikey writes: Security experts have discovered that the Maxthon web browser collects sensitive information and sends it to a server in China. Researchers warn that the harvested data could be highly valuable for malicious actors.

Researchers at Fidelis Cybersecurity and Poland-based Exatel recently found that Maxthon regularly sends a file named ueipdata.zip to a server in Beijing, China, via HTTP. Further analysis (PDF) revealed that ueipdata.zip contains an encrypted file named dat.txt. This file stores information on the operating system, CPU, ad blocker status, homepage URL, websites visited by the user (including online searches), and installed applications and their version number.

Interestingly, In 2013, after the NSA surveillance scandal broke, the company boasted about its focus on privacy and security, and the use of strong encryption.

Submission + - Facebook Messenger to Add Strong Encryption

wiredmikey writes: Facebook announced Friday it would roll out optional "end to end encryption" for its Messenger application, following a trend aimed at stronger security and protection against snooping. The new feature will be known as "secret conversations" which can be read only by the sender and recipient. Facebook shared technical details about its implementation of the security in a technical white paper (PDF).

Facebook earlier this year began implementing this end-to-end encryption on its WhatsApp messaging service.

Submission + - Malware Steals Data From Air-Gapped Devices via Fans (securityweek.com)

wiredmikey writes: Researchers have demonstrated that data can be stolen using fans and a mobile phone placed in the vicinity of the targeted machine. The method, dubbed Fansmitter, leverages the noise emitted by a computer’s fans to transmit data.

Researchers from Ben-Gurion University of the Negev explained (PDF) that a piece of malware installed on the targeted air-gapped computer can use the device’s fans to send bits of data to a nearby mobile phone or a different computer equipped with a microphone.

Comment Re:Actually 3rd point was agreement with trial jud (Score 1) 23

Actually whoever the new guy is, I don't find the site to be "improved" at all; seems a little crummy. The story was butchered and incorrectly interpreted, and the all important software for interaction seems less interactive.

But what do I know?

As to my absence I've been a bit overwhelmed by work stuff, sorry about that, it's no excuse :)

Comment Actually 3rd point was agreement with trial judge (Score 4, Informative) 23

The story as published implies that the ruling overruled the lower court on the 3 issues. In fact, it was agreeing with the trial court on the third issue -- that the sporadic instances of Vimeo employees making light of copyright law did not amount to adopting a "policy of willful blindness".

Submission + - Appeals court slams record companies on DMCA in Vimeo case

NewYorkCountryLawyer writes: In the long-simmering appeal in Capitol Records v. Vimeo, the US Court of Appeals for the 2nd Circuit upheld Vimeo's positions on many points regarding the Digital Millenium Copyright Act. In its 55 page decision (PDF) the Court ruled that (a) the Copyright Office was dead wrong in concluding that pre-1972 sound recordings aren't covered by the DMCA, (b) the judge was wrong to think that Vimeo employees' merely viewing infringing videos was sufficient evidence of "red flag knowledge", and (c) a few sporadic instances of employees being cavalier about copyright law did not amount to a "policy of willful blindness" on the part of the company. The Court seemed to take particular pleasure in eviscerating the Copyright Office's rationales. Amicus curiae briefs in support of Vimeo had been submitted by a host of companies and organizations including the Electronic Frontier Foundation, the Computer & Communications Industry Association, Public Knowledge, Google, Yahoo!, Facebook, Microsoft, Pinterest, Tumblr, and Twitter.

Submission + - Singapore Blocking Internet Access on Government Computers (securityweek.com)

wiredmikey writes: Singapore will be cutting off Internet access for government work stations within a year for security reasons.

A surprise move in one of the world's most wired countries, the measure was aimed at preventing cyber attacks and the spread of malware.

Public servants will reportedly still have access to the Internet on their personal devices, and dedicated Internet-linked terminals will be issued to civil servants who need them for work.

Submission + - "SandJacking" Attack Allows Install of Evil iOS Apps (securityweek.com)

wiredmikey writes: An unpatched iOS vulnerability can be exploited to replace legitimate applications with a rogue version that allows attackers to access sensitive information without raising any suspicion.

While Apple's iOS 8.3 prevents the installation of an app that has an ID similar to an existing one, security researcher Chilik Tamir discovered a new method, which he dubbed “SandJacking."

Tamir demonstrated the SandJacking attack at the Hack In The Box (HITB) conference in Amsterdam on Thursday using Skype as the targeted application. However, the researcher told SecurityWeek that SandJacking attacks have been successfully tested against numerous popular applications.

The vulnerability was discovered in December 2015 and reported to Apple in January. The tech giant has confirmed the issue, but a patch has yet to be developed. Once Apple addresses the flaw, Tamir says he will release a SandJacker tool that automates the entire process of pushing malicious apps to iOS devices via the SandJacking vulnerability.

Submission + - Microsoft May Ban Your Favorite Password

wiredmikey writes: Microsoft is taking a step to better protect users by banning the use of weak and commonly-used passwordsacross its services.

Microsoft has announced that it is dynamically banning common passwords from Microsoft Account and Azure Active Directory (AD) system. In addition to banning commonly used passwords to improve user account safety, Microsoft has implemented a feature called smart password lockout, meant to add an extra level of protection when an account is attacked.

Microsoft is seeing more than 10 million accounts being attacked each day, and that this data is used to dynamically update the list of banned passwords. This list is then used to prevent people from choosing a common or similar password.

Slashdot Top Deals

"We don't care. We don't have to. We're the Phone Company."

Working...