Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Submission + - Medical Equipment Crashes During Heart Procedure Because Of Antivirus Scan (softpedia.com)

An anonymous reader writes: The device in question is Merge Hemo, a complex medical equipment used to supervise heart catheterization procedures, during which doctors insert a catheter inside blood veins and arteries in order to diagnose various types of heart diseases. According to one such report filed by Merge Healthcare in February, Merge Hemo suffered a mysterious crash right in the middle of a heart procedure when the screen went black and doctors had to reboot their computer. Merge investigated the issue and later reported to the FDA that the problem occurred because of the antivirus software running on the doctors' computer. The antivirus was configured to scan for viruses every hour, and the scan started right in the middle of the procedure. Merge says the antivirus froze access to crucial data acquired during the heart catheterization. Unable to access real-time data, the app crashed spectacularly.

Submission + - It's Way Too Easy to Hack the Hospital (bloomberg.com)

schwit1 writes: The Mayo Clinic had assembled an all-star team of about a dozen computer jocks, investigators from some of the biggest cybersecurity firms in the country, as well as the kind of hackers who draw crowds at conferences such as Black Hat and Def Con. The researchers split into teams, and hospital officials presented them with about 40 different medical devices. Do your worst, the researchers were instructed. Hack whatever you can.

Like the printers, copiers, and office telephones used across all industries, many medical devices today are networked, running standard operating systems and living on the Internet just as laptops and smartphones do. Like the rest of the Internet of Things—devices that range from cars to garden sprinklers—they communicate with servers, and many can be controlled remotely. As quickly became apparent to Rios and the others, hospital administrators have a lot of reasons to fear hackers. For a full week, the group spent their days looking for backdoors into magnetic resonance imaging scanners, ultrasound equipment, ventilators, electroconvulsive therapy machines, and dozens of other contraptions. The teams gathered each evening inside the hospital to trade casualty reports.

“Every day, it was like every device on the menu got crushed,” Rios says. “It was all bad. Really, really bad.” The teams didn’t have time to dive deeply into the vulnerabilities they found, partly because they found so many—defenseless operating systems, generic passwords that couldn’t be changed, and so on.

Sooner or later, hospitals would be hacked, and patients would be hurt. He’d gotten privileged glimpses into all sorts of sensitive industries, but hospitals seemed at least a decade behind the standard security curve. “Someone is going to take it to the next level. They always do,” says Rios. “The second someone tries to do this, they’ll be able to do it. The only barrier is the goodwill of a stranger.”

Submission + - The one guy responsible for GPG is running out of money

jasonridesabike writes: ProPublica reports that Werner Koch, the man behind GPG is in financial straits. Link to article Link to GPG donate page

The man who built the free email encryption software used by whistleblower Edward Snowden, as well as hundreds of thousands of journalists, dissidents and security-minded people around the world, is running out of money to keep his project alive. Werner Koch wrote the software, known as Gnu Privacy Guard, in 1997, and since then has been almost single-handedly keeping it alive with patches and updates from his home in Erkrath, Germany. Now 53, he is running out of money and patience with being underfunded.

Submission + - Adobe Patches One Flash Zero Day, Another Still Unfixed

Trailrunner7 writes: Adobe has released an emergency update for Flash to address a zero-day vulnerability that is being actively exploited. The company also is looking into reports of exploits for a separate Flash bug not fixed in the new release, which is being used in attacks by the Angler exploit kit.

The vulnerability that Adobe patched Thursday is under active attack, but Adobe officials said that this flaw is not the one that security researcher Kafeine said Wednesday was being used in the Angler attacks.

The patch for Flash comes just a day after Kafeine disclosed that some instances of the Angler exploit kit contained an exploit for a previously unknown vulnerability in the software. Adobe officials said Wednesday that they were investigating the reports. Kafeine initially saw Angler attacking the latest version of Flash in IE on Windows XP, Vista, 7 and 8, but said the exploit wasn’t being used against Chrome or Firefox.

On Thursday he said on Twitter that the group behind Angler had changed the code to exploit Firefox as well as fully patched IE 11 on Windows 8.1.

Submission + - Phony USB Charger Masquerades as Wireless Keylogger (threatpost.com) 3

msm1267 writes: Hardware hacker and security researcher Samy Kamkar has released a slick new device that masquerades as a typical USB wall charger but in fact houses a keylogger capable of recording keystrokes from nearby wireless keyboards.

The device is known as KeySweeper and Kamkar has released the source code and instructions for building one of your own. The components are inexpensive and easily available, and include an Arduino microcontroller, the charger itself and a handful of other bits. When it’s plugged into a wall socket, the KeySweeper will connect to a nearby Microsoft wireless keyboard and passively sniff, decrypt and record all of the keystrokes and send them back to the operator over the Web.

Submission + - Microsoft Restricts Advanced Notification of Patch Tuesday Updates (securityweek.com) 1

wiredmikey writes: Microsoft has decided to ditch its tradition of publicly publishing information about upcoming patches the Thursday before Patch Tuesday. The decision represents a drastic change for the company's Advance Notification Service (ANS), which was created more than a decade ago to communicate information about security updates before they were released. However, Microsoft's "Premier customers" who still want to receive information about upcoming patches will be able to get the information through their Technical Account Manager support representatives, Microsoft said.

Submission + - Ask Slashdot: Bluetooth to USB bridge

technology_dude writes: I work at a K-12 school and Smartboard interactive white boards are a pretty prominent part of our classroom technology. Smart Technologies, the maker of the boards we own, have a bluetooth module they sell for their older boards. It consists of a plug-in module for the controller on the back of the board and a bluetooth dongle about two inches long for the PC. Their bluetooth module reportedly doesn't play well with other bluetooth devices. Our problem is that we are wanting to move to tablets where the teacher would walk around the room using the Smartboard, mostly with Windows based devices, and the two inch dongle sticking out of a tablet just doesn't seem appropriate (breaking, damaging the tablet USB port, etc).

I am looking for a device that would take a USB connection on one side and finish out the connection with Bluetooth. Something like the USB bridge adapter here (http://www.hantzundpartner.com/hannovermesse_2013/). I have yet been able to receive any replies from a couple of different email addresses on the website. IOGear makes a USB sharing station but I don't know if it will work in this situation. The Smartboard is basically a large touchpad.

I'm hoping someone here on Slashdot can point me to a solution.

Submission + - Ask Slashdot: Dealing With Electronics-Induced Pseudo ADHD? 1

An anonymous reader writes: I am a graduate student in his twenties who used to be able to read dozens and dozens of lengthy books in his childhood. Over the years, I have noticed that my attention span and ability to concentrate has decreased noticeably, seemingly in synchronization with society's increased connectedness with the Internet and constant stimulation from computers and mobile devices alike. I have noticed that myself and others seem to have a difficult time really sitting down to read anything or focus on anything relatively boring for even more than ten seconds (the "TL;DR Generation," as I sometimes call it). I see it when socializing with others or even during a professor's lecture. It is not that I have developed true ADHD in a clinical sense, but rather pseudo ADHD, possibly due to electronics dependence and a constant need for stimulation. I have tried leaving my mobile phone at home and limiting myself to fewer browser tabs in an effort to regain concentration that I believe has been lost in recent years. Nonetheless, this is an issue that has begun to adversely affect my academic studies and may only get worse in time. What advice do fellow Slashdot users have with regard to reclaiming what has been lost? Should such behaviors simply be accepted as a sign of the times?

Submission + - 18th Century Law dredged up to force decryption of devices (theregister.co.uk) 1

Cognitive Dissident writes: The Register has a story about federal prosecutors using a law signed by George Washington to force manufacturers to help law enforcement access encrypted data on devices they manufacture. The All Writs Act is a broad statute simply authorizing courts to issue any order necessary to obtain information within their jurisdiction.

Quoting the Register Article:
Last month, New York prosecutors successfully persuaded a judge that the ancient law could be used to force an unnamed smartphone manufacturer to help unlock a phone allegedly used in a credit card fraud case. The judge ordered the manufacturer to offer "reasonable technical assistance" to make the phone's contents available.

End quote. What will happen when this collides with Apple and Google deliberately creating encryption that they themselves cannot break?

Submission + - Scientists Have Finally Sampled the Most Abundant Material on Earth

rossgneumann writes: The most abundant material on Earth didn’t have a name, and, in fact, hadn’t been seen—until now. For the first time ever, scientists have gotten their hands on a sample of bridgmanite, a mineral that is believed to make up more than a third of the volume of the Earth. In a new paper published in Science late last week, Oliver Tschauner of the University of Nevada, Las Vegas, and his team describe bridgmanite for the first time.

Submission + - Wells Fargo refuses to honor 30-year old CD because they can't find it (kpho.com)

BUL2294 writes: The Consumerist and KPHO-TV Phoenix are reporting the story of a widow who attempted to cash a Certificate of Deposit (CD) at Wells Fargo that had been issued to her late husband for just over $18,000 in 1984. She has been battling with them since 2009, after finding the CD among other paperwork, and a decision in the court case is expected in January. The CD was issued by First Interstate bank, which merged with Norwest, which was bought by Wells Fargo. Wells Fargo has no record of the CD, but the physical document itself mentions that it has to be surrendered to receive payment, or could have been paid out by signing an indemnity form--which they also do not have. In addition, there's a fight over whether the CD is worth $60,000 or $400,000, as the CD was self-renewing and was issued when interest rates were 10.9%.

Ultimately, this is a case of data getting lost within 30-years worth of mergers and system changes. Both the existence of this instrument and its terms are probably on some long-lost tape that may no longer be readable, or paper copies were shredded years ago. That being said, we entrust that our banks and regulators can dig up such historical information... So what happens when they can't? As was evidenced during the US mortgage crisis, banks are terrible at appropriate document retention, so how could they prove what was paid out and when? More importantly, how much of banks' historical / legacy accounts are complete guesses?

Submission + - Fish tagged for research become lunch for gray seals (sciencemag.org)

sciencehabit writes: When scientists slap an acoustic tag on a fish, they may be inadvertently helping seals find their next meal. The tags, rods a few centimeters long that give off a ping that can be detected from up to a kilometer away, are often used to follow fish for studies on their migration, hunting, or survival rates. Researchers working with 10 gray seals (Halichoerus grypus) who were captive for a year have now reported that the animals—including the female seal pictured above, named Janice—can learn to associate the pings with food. If the findings hold true in the wild, the authors warn, they could skew the results of studies trying to analyze fish survival rates or predation.

Submission + - Man fired for posting pictures to Facebook

gurps_npc writes: As per this CNN article a US Navy veteran working for the Drury hotel was fired when his boss discovered that he had posted pictures of a large number of police cars marked "Homeland Security" parked near Ferguson. His boss called the navy veteran a terrorist.

Unlike the Hotel chain, Homeland Security is not attempting to hide their presence — having admitted it, using marked cars, and have even issued bulletins telling people to be on alert.

Submission + - French Health Watchdog: 3D Viewing May Damage Eyesight In Children (bbc.com)

dryriver writes: The BBC reports: A French health watchdog has recommended that children under the age of six should not be allowed access to 3D content. The Agency for Food, Environmental and Occupational Health and Safety (Anses) added that access for those up to the age of 13 should be 'moderate'. It follows research into the possible impact of 3D imaging on still-developing eyes. Few countries currently have guidelines about 3D usage. According to Anses, the process of assimilating a three-dimensional effect requires the eyes to look at images in two different places at the same time before the brain translates it as one image. 'In children, and particularly before the age of six, the health effects of this vergence-accommodation conflict could be much more severe given the active development of the visual system at this time,' it said in a statement.

Submission + - Verizon, AT&T tracking their users with 'supercookies' (washingtonpost.com)

walterbyrd writes: Verizon and AT&T have been quietly tracking the Internet activity of more than 100 million cellular customers with what critics have dubbed “supercookies” — markers so powerful that it’s difficult for even savvy users to escape them.

The technology has allowed the companies to monitor which sites their customers visit, cataloging their tastes and interests. Consumers cannot erase these supercookies or evade them by using browser settings, such as the “private” or “incognito” modes that are popular among users wary of corporate or government surveillance.

Slashdot Top Deals

The meat is rotten, but the booze is holding out. Computer translation of "The spirit is willing, but the flesh is weak."

Working...