jfruh writes: 419 scams come from Nigeria. Cyberextortion rings are based in the former USSR. China is responsible for attacks on defense contractors. These are stereotypes, but they have a basis in reality. But why? The answers, as they do for so many things, lie in history and economics.
itwbennett writes: When Intel and Micron Technology first announced the 3D XPoint memory in July, they promised about 1,000 times the performance of NAND flash, 1,000 times the endurance of NAND flash, and about 10 times the density of DRAM. At OpenWorld last week, Intel CEO Brian Krzanich disclosed a little more information on the new memory, which Intel will sell under the Optane brand, and did a demo on a pair of matching servers running two Oracle benchmarks. One server had Intel's P3700 NAND PCI Express SSD, which is no slouch of a drive. It can perform up to 250,000 IOPS per second. The other was a prototype Optane SSD. The Optane SSD outperformed the P3700 by 4.4 times in IOPS with 6.4 times less latency.
jfruh writes: Windows 10 collects much more user data than previous versions of the OS, which resulted in unease from privacy advocates. But the company is still brushing aside complaints, saying that most data collection, while enabled by default, can be opted out of, and that the remainder is non-user-specific "telemetry" that Microsoft needs in order to improve its operating system.
jfruh writes: Even if you're a frequent ocean swimmer, you're much more likely to die in a car accident than from a shark attack — and yet sharks strike fear into people's hearts in ways that directly affect the economies of surf paradises like Australia. That's why the Australian government is working on a host of techologies to detect shark incursions on popular beaches, including drones and smart buoys that can identify potential predators.
itwbennett writes: Researchers from Boston University say they've found several flaws in NTP (Network Time Protocol), one of the oldest Internet protocols, published in 1985. These flaws could undermine encrypted communications and even jam up bit coin transactions. One of the problems they found is that it's possible for an attacker to cause an organization's servers to stopping checking the time altogether, and they didn't have to hunt through code to find it, said Sharon Goldberg, an associate professor at Boston University's computer science department. 'We discovered the KOD vulnerability by just reading the specifications of the [NTP] protocol,' she told Jeremy Kirk in a phone interview on Wednesday. 'We just saw this packet, and we were like 'Really? What can you do with this thing'?'
itwbennett writes: Yesterday, Microsoft started a three-month bug bounty program for two open source tools that are part of Visual Studio 2015. The program applies to the beta versions of Core CLR, which is the execution engine for.NET Core, and ASP.NET, Microsoft's framework for building websites and web applications. Bounties range from $500 to $15,000, although Microsoft will reward more 'depending on the entry quality and complexity.' The highest reward will go to researchers who've found a remote code execution bug with a functioning exploit and an accompanying, high-quality white paper. On the low end, cross-site scripting or cross-site request forgery bugs with a low-quality report will get $500.
itwbennett writes: Oracle said Tuesday that it has fixed Oracle fixed 154 security flaws in Java and a wide range of its other products, including one that Russian cyberespionage group Pawn Storm used to launch stealthy attacks earlier this year. The vulnerability, tracked as CVE-2015-4902, was being used by the Pawn Storm attackers to enable the execution of a malicious Java application without user interaction.
jfruh writes: Ireland's Data Protection Commissioner (DPC) has agreed to investigate allegations that Facebook exposes its users' personal data to mass snooping by U.S. intelligence services, following a ruling of the High Court of Ireland on Tuesday. An Austrian Facebook user filed a coplaint with the DPC in 2013 that was originally rejected as "frivolous," but the nation's highest court has mandated an investigation.
jfruh writes: Western Digital's external hard drives with built-in hardware encryption have proven popular with the security-conscious. But now security researchers are saying that the drives have flaws and vulnerabilities, including "backdoor-like features".
itwbennett writes: Intel's 'purchase of Infineon four years ago may be ready to pay off,' writes Andy Patrizio in a blog post today. 'Infineon made modem chips, which are used in every cell phone to make the connection to a cellular tower. At the time, it seemed like the $1.4 billion purchase was a smart move because Intel could pair its Atom chips for smartphones with the Infineon mobile chip and sell them as a set. Well, it won't be getting that with Apple but it looks like Apple is set to pick up the Infineon LTE modem for a future iPhone, perhaps as soon as the iPhone 7.'
itwbennett writes: Researchers from the Korea Advanced Institute of Science and Technology's (KAIST) say they've found several weaknesses in VoLTE networks in the U.S. and South Korea that would make it possible to spoof phone calls, conduct denial-of-service attacks and overbill customers. They also found it would be possible for a malicious Android app to make secret phone calls in the background due to a flaw in the mobile OS. T-Mobile, Verizon and AT&T were notified of the issues in May, according to an advisory updated on Monday from Carnegie Mellon University's CERT. CERT's alert also said each operator's problems are different and will require them to apply their own updates, which may take time. For its part, Google said it is working on a software patch for Android that will be released next month.
he spends the whole summary being FURIOUS that Quest Diagnostics and your doctor aren't being "disrupted," rather than the fact that... this "stealth startup" seems to have pulled a billion-dollar scam on investors?
itwbennett writes: Last week, the Linux Foundation released the first in a series of videos to promote Linux awareness depicting 2 hapless characters trying to navigate the modern world without the Linux-driven services we've become used to. The latest installment of the series just went live (you can watch it here) and shows how hard it was to get from point A to point B in the days when paper maps ruled — days which many of us actually remember quite fondly.
itwbennett writes: In a post on the IAB (Internet Advertising Bureau) website Thursday, Scott Cunningham, senior vice president of technology of IAB and general manager of its Tech Lab, issued what amounts to an apology for '[losing] track of the user experience' and called on advertisers 'to do better.' But it may be a case of too little, too late as 'a report released in August forecasted that U.S. websites will lose US$21.8 billion in ad revenue this year due to ad blockers,' writes Jeremy Kirk.