Slashdot

oxide7 writes "Starting from August 1, Chinese Internet users will have to register using their real names for playing online games, China Daily reported on Saturday. The regulation, issued by the Ministry of Culture on June 22, is said to be part of a nationwide campaign to improve management of the virtual gaming industry and protect minors from unwholesome content. It applies to all multiplayer role-playing and social networking games."

An anonymous reader writes with news that security experts from Spider Labs released a kernel level rootkit for Android devices at DefCon on Friday. "As a proof of concept, it is able to send an attacker a reverse TCP over 3G/WIFI shell upon receiving an incoming call from a 'trigger number.' This ultimately results in full root access on the Android device." The rootkit was developed over a period of two weeks, and has been handed out to DefCon attendees on DVD.

Trailrunner7 writes "Microsoft will issue an out-of-band patch on Monday for a critical vulnerability in all of the current versions of Windows. The company didn't identify which flaw it will be patching, but the description of the vulnerability is a close match to the LNK flaw that attackers have been exploiting for several weeks now, most notably with the Stuxnet malware. The advance notification from Microsoft on Friday said that the company is patching a critical vulnerability that is being actively exploited in the wild and affects all supported Windows platforms. The LNK flaw in the Windows shell was first identified earlier this month when researchers discovered the Stuxnet worm spreading from infected USB drives to PCs. Stuxnet has turned out to be a rather interesting piece of malware as it not only uses the LNK zero day vulnerability to spread, but it had components that were signed using a legitimate digital certificate belonging to Realtek, a Taiwanese hardware manufacturer."

drbutts writes "The Toronto Star has an interesting story on how they are securing DNS: 'It's housed in two high-security facilities separated by the North American landmass. The one authenticated map of the Internet. Were it to be lost — either through a catastrophic physical or cyber attack — it could be recreated by seven individuals spread around the globe. One of them is Ottawa's Norm Ritchie. Ritchie was recently chosen to hold one of seven smartcards that can rebuild the root key that underpins this system' called DNSSEC (Domain Name System Security Extensions). In essence, these seven can rebuild the architecture that allows users to know for certain where they are and where they are going when navigating the Web."

Hugh Pickens writes "The NY Times covers a report released by the National Research Council, which says the ability of the US to identify the source of a nuclear weapon used in a terrorist attack is fragile and eroding. The goals of the highly specialized detective work, known as nuclear attribution, is to clarify options for retaliation and to deter terrorists by letting them know that nuclear devices have fingerprints that atomic specialists can find and trace. 'Although US nuclear forensics capabilities are substantial and can be improved, right now they are fragile, under-resourced and, in some respects, deteriorating,' the report warns. 'Without strong leadership, careful planning and additional funds, these capabilities will decline.' The report calls on the federal government to take steps to strengthen its forensic capabilities and argues for the necessity of better planning, more robust budgets, clearer lines of authority and more realistic exercises."

snydeq writes "A DefCon contest that invites contestants to trick employees at 30 US corporations into revealing not-so-sensitive data has rattled nerves at the FBI. Chris Hadnagy, who is organizing the contest, also noted concerns from the financial industry, which fears hackers will target personal information. The contest will run for three days, with participants attempting to unearth data from an undisclosed list of about 30 US companies. The contest will take place in a room in the Riviera hotel in Las Vegas furnished with a soundproof booth and a speaker, so an audience can hear the contestants call companies and try to weasel out what data they can get from unwitting employees." The group organizing the contest has established a strict set of rules to ensure participants don't violate any laws. Update: 07/31 04:45 GMT by S : PCWorld has coverage of one of the day's more successful attacks.

Tara Fitzgerald couldn't find the nude pictures she planned on sending to her boyfriend, but instead of just taking more, she decided to see if a Dell tech support call could fix her problem. Apparently the tech support guy found them. Unfortunately, he then put them up on a site called "bitchtara."

ArbiterOne writes "The 11th Annual System Administrator Appreciation Day is today. Celebrated worldwide on the last Friday of July, this day honors those who fight in the digital trenches to keep the Net alive. OpenDNS offers a way to remind your boss about the holiday, while another blogger shares war stories. The startup Ksplice has created an homage to these heroes in the style of Choose Your Own Adventure." Reader Netbuzz submits a sobering look at the profession from Network World, which notes, "In the past year, [sysadmins'] pay has dropped, and more of their positions are being farmed out to temporary workers."

wisebabo writes "A wallpaper utility (that presents purloined copyrighted material) 'quietly collects personal information such as SIM card numbers, text messages, subscriber identification, and voicemail passwords. The data is then sent to www.imnet.us, a site that hails from Shenzen, China.'"

mehemiah writes "The writer of the Mariposa Botnet has been arrested through international effort. The FBI said this arrest and the arrests of three alleged operators in February were the result of a two-year joint investigation into the Mariposa Botnet, which may have infected as many as eight million to 12 million computers around the world."