Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Security

New Javascript Attack Lets Websites Spy On the CPU's Cache 134

An anonymous reader writes: Bruce Upbin at Forbes reports on a new and insidious way for a malicious website to spy on a computer. Any computer running a late-model Intel microprocessor and a Web browser using HTML5 (i.e., 80% of all PCs in the world) is vulnerable to this attack. The exploit, which the researchers are calling "the spy in the sandbox," is a form of side-channel attack. Side channel attacks were previously used to break into cars, steal encryption keys and ride the subway for free, but this is the first time they're targeted at innocent web users. The attack requires little in the way of cost or time on the part of the attacker; there's nothing to install and no need to break into hardened systems. All a hacker has to do is lure a victim to an untrusted web page with content controlled by the attacker.

Submission + - Report: Mercenaries Behind APT Attacks (inforisktoday.co.uk)

kierny writes: An increasing number of online attacks are not being launched by governments or carder gangs, but rather by opportunistic mercenaries who sell whatever they can steal, to the highest bidder, information security consultancy Taia Global says in a new report:

"These mercenary hacker groups range from small groups with little funding to specialty shops run by ex-government spooks, to highly financed criminal groups who use similar if not identical tactics to nation state actors. That they are rarely discovered is due in part to their skill level and in part to being misidentified as a state actor instead of a non-state actor if they are discovered."

Cue implications for attribution and sanctions — and the possibility that the Sony Pictures hack blamed on North Korea was actually the work of mercenaries, says Europol cybersecurity advisor Alan Woodward.

Submission + - Microwave Links: Chicago to New York. The new new thing in 1949! (blogspot.com)

sumoinsanity writes: Everything old is new again. There has been much fuss about High Frequency Trading firms using microwave links as a new medium for communications. We Slashdot geeks need to be ready to repudiate such such rubbish with the simple truth that it was new 65 years ago next month. I hope you'll forgive the engineering cliffhanger at the end of the article.

Submission + - Alleged Hooker and Heroin Kill a Key Google exec on his Yacht in Santa Cruz (santacruzsentinel.com)

An anonymous reader writes: Authorities allege model, makeup artist, and self-described "hustler" Alix Catherine Tichelman initially met 51-year-old Google executive Forrest Hayes of Santa Cruz and other Silicon Valley executives at SeekingArrangement.com for sexual encounters that fetched $1,000 or more. Last November 22, Tichelman met Hayes in-person on his white, 50-foot yacht, "Escape," in the Santa Cruz Small Craft Harbor. She brought heroin and needles into the yacht's cabin where she injected Hayes, causing him to overdose, said Santa Cruz Deputy Police Chief Steve Clark.

It has recently become known that a security camera in the cabin showed her pack drugs and syringes into her purse, clean off a table and draw a window blind. When she stepped over Hayes' lifeless body to drink from a glass of wine, she left behind a fingerprint on the glass, which helped investigators to identify her, Clark said. The yacht's captain found Hayes dead the next morning.

Santa Cruz police said they continued to probe Tichelman's possible involvement in another suspicious death out of state, but they declined to elaborate.

Hayes joined Apple in 2005 and worked there for several years, according to a brief profile on the business networking website LinkedIn. He started working for Mountain View-based Google about a year ago and joined its secretive "X" division, which is responsible for what the company likes to call "moon shot" projects including self-driving cars and the computer headset known as Glass.

"Seeking Arrangement," is a website that aims to connect "sugar daddies" and "sugar babies." suggesting, "Financial Stability: Unpaid bills no longer have to be a concern."

Submission + - Claims that NSA Spying Stopped Terrorism are 'Overblown and Misleading' (ibtimes.co.uk) 2

DavidGilbert99 writes: A new report by Washington think tank New American Foundation claims that the US governments claims that the NSA spying programs had helped stop 50 terrorist plots are "'overblown and even misleading." The report concludes that the NSA's controversial spying programs have had "no discernible impact on preventing acts of terrorism."

Submission + - The Shadowy Darknet will be the Only Truly World-wide Web (ibtimes.co.uk)

DavidGilbert99 writes: “The shadowy Darknet then will be the only truly world-wide web” — this is the view of Alexander Gostev, chief security expert at Kaspersky Lab who believes the fallout from Edward Snowden's leaks may lead at some point to the "collapse of the current Internet, which will break into dozens of national networks."

Submission + - Memo to Parents and Society: Teen Social Media "Addiction" is Your Fault (wired.com)

FuzzNugget writes: Wired presents a this damning perspective on so-called social media addiction...

If kids can’t socialize, who should parents blame? Simple: They should blame themselves. This is the argument advanced in It’s Complicated: The Social Lives of Networked Teens, by Microsoft researcher Danah Boyd. Boyd ... has spent a decade interviewing hundreds of teens about their online lives. What she has found, over and over, is that teenagers would love to socialize face-to-face with their friends. But adult society won’t let them. “Teens aren’t addicted to social media. They’re addicted to each other,” Boyd says. “They’re not allowed to hang out the way you and I did, so they’ve moved it online.

It’s true. As a teenager in the early ’80s I could roam pretty widely with my friends, as long as we were back by dark. Over the next three decades, the media began delivering a metronomic diet of horrifying but rare child-abduction stories, and parents shortened the leash on their kids. Politicians warned of incipient waves of youth wilding and superpredators (neither of which emerged). Municipalities crafted anti-loitering laws and curfews to keep young people from congregating alone. New neighborhoods had fewer public spaces. Crime rates plummeted, but moral panic soared. Meanwhile, increased competition to get into college meant well-off parents began heavily scheduling their kids’ after-school lives.


Submission + - TSA Doesn't Think Terrorists Are Plotting To Attack Airplanes (techdirt.com) 2

Mikkeles writes: Jonathan Corbett has been engaged in a lawsuit against the government concerning the constitutionality of scanners in the course of which, the TSA gave him classified documents. Thus he needed to file two copies of his brief: a public one with classified stuff redacted, and the full brief under seal. Someone over at Infowars noticed that apparently a clerk at the 11th Circuit appeals court forgot to file the document under seal, allowing them to find out what was under the redacts, including: "As of mid-2011, terrorist threat groups present in the Homeland are not known to be actively plotting against civil aviation targets or airports; instead, their focus is on fundraising, recruiting, and propagandizing."

Submission + - Research in Motion/Blackberry Device Exploitation Guidelines for Law Enforcement (publicintelligence.net)

MichaelBall writes: The following table describes Research in Motion/Blackberry requirements for disclosure of user data to law enforcement. The table shows what legal process is required to request user data, the type of data each process can typically obtain and the legal authorities authorizing each form of request. The table is from a course for DEA agents on mobile device exploitation and is accompanied by a script to be read by an instructor.
Government

Submission + - Electronic Surveillance by US Law Enforcement Agencies Rising Steeply (paritynews.com)

hypnosec writes: According to data obtained by American Civil Liberties Union (ACLU), surveillance of emails and other forms of Internet communications without warrants has increased substantially over the last two years. Documents, obtained by ACLU after months of litigation, reveal that there has been a whopping 361 per cent increase in “pen register” and “trap-and-trace” orders between 2009 and 2011. ACLU has appealed to US congress to bring in more judicial oversight of pen register and trap-and-trace orders as agencies don’t require a warrant to obtain such orders.

Submission + - Tablets a fad and deskphones to disappear within five years, say UK CIOs (computerworlduk.com)

Qedward writes: Still using a deskphone?

UK CIOs expect the deskphone to disappear from offices within five years, and the future use of tablets doesn't seem that secure either.

Following a survey of 500 UK CIOs about the technology they expected to be using over the next few years, 65% predicted deskphones would disappear from everyday use within five years.

The survey also revealed CIO skepticism about tablet technology such as Apple's iPad, with nearly a quarter (24%) of CIOs surveyed expecting tablets to "fall out of fashion".

Science

Submission + - The Great Outdoors Is Good for Allergies (sciencemag.org)

sciencehabit writes: A new study reveals that people who grow up in more rural environments are less likely to develop allergies. The reason may be that environments rich with species harbor more friendly microbes, which colonize our bodies and protect against inflammatory disorders.
Google

Submission + - Google Consumer Surveys Steal, Sell User Data (internetevolution.com)

hapworth writes: Google has just released a service for publishers called Consumer Surveys, which it's marketing as a way for users to avoid content paywalls. In reality, writes one reporter today, while publishers are getting "a modest five cents" per consumer, Google is using this effort to sell data about consumers to the survey sponsors. Naturally, this information isn't disclosed to users who take the surveys.

Submission + - Smartphone Power Consumption Suprisingly Inefficient (hothardware.com)

MojoKid writes: "A joint study between Microsoft Research and Purdue University has taken a look at how smartphone applications handle power consumption and come to some damning conclusions where energy efficiency is concerned. This is an issue that's become more important as smartphone specs have skyrocketed without a similar increase in battery life. The study considered multiple popular smartphone apps, including Angry Birds, Facebook, and the phone's web browser. One of the primary findings of the group is that modern smartphones exhibit "asynchronous power behavior" where, "an entity's impact on the power consumption of the phone may persist long after the entity is completed." As a result, components may remain powered up after they've finished executing workloads. By not powering a 3G radio down immediately following the last send, the 3G tail can burn up to 60% of the total energy used in the first request and workload. According to the researchers, a significant amount of the total energy expended in web browsing; possibly as much as 30-45% is wasted through tails."

Slashdot Top Deals

"Security is mostly a superstition. It does not exist in nature... Life is either a daring adventure or nothing." -- Helen Keller

Working...