realized writes in with a closer look at the NSA's QUANTUM system. "Today QUANTUM packs a suite of attack tools, including both DNS injection (upgrading the man-on-the-side to a man-in-the-middle, allowing bogus certificates and similar routines to break SSL) and HTTP injection. That reasonable enough. But it also includes gadgets like a plug-in to inject into MySQL connections, allowing the NSA to quietly mess with the contents of a third-party's database. (This also surprisingly suggests that unencrypted MySQL on the internet is common enough to attract NSA attention.) And it allows the NSA to hijack both IRC and HTTP-based criminal botnets, and also includes routines which use packet-injection to create phantom servers, and even attempting (poorly) to use this for defense."

cartechboy writes "The presidential limo is known as "The Beast," and it's getting to be about that time where it's replaced. Currently The Beast is a General Motors creation with a Cadillac badge, but what if the next presidential limo was a Tesla? Stick with me here. The Beast is a massive vehicle, which means there would be plenty of room in the structure to have a long battery pack a la Model S. Plus, it could use the upcoming Model X's all-wheel-drive system. Tesla's air suspension would keep it from encountering high-centering issues. There could even be a charging port on both the front and back so a battery truck could hook up while driving, like in-flight refueling. Obviously the battery pack would need to have extra protection so it wouldn't have any issues with road debris, but that's a minor issue. Tesla is an American company, and that's a requirement for The Beast. So is it that far fetched to think the next presidential limo could be a Tesla?"

SmartAboutThings writes "Up until today, I always had the impression that cloud storage was pretty expensive and I'm sure that many will agree with me. It's a good thing that some bright minds over at Google have the same impressions as they now have drastically discounted the monthly storage plans on Google Drive. The new monthly storage plans and their previous prices are as follows: $1.99 for 100GB (previously $4.99), $9.99 for 1TB (previously $49.99), and $99.99 for 10TB.The 2 dollar plan per month means that the price for a gigabyte gets down to an incredibly low price of only two cents per month."

RSA holds big-time annual security conferences. The 2014 U.S. edition had 25,000 attendees, Stephen Colbert as the closing keynote speaker, and a major controversy (and some anger) from potential speakers and attendees over RSA's reputed $10 million contract with NSA to make sure the company's encryption software had back doors the secretive agency could use to spy on people and companies that use RSA software. This is part of a story that might be called The Snowden Revelations if it is made into a movie, but right now it's still controversial, and enough of a bombshell in the IT security industry that F-Secure's Mikko Hyppönen decided not to speak at this year's U.S. RSA conference, followed by Bruce Schneier, DEFCON founder Jeff Moss, Princeton professor Ed Felten, and other security luminaries.

And so, TrustyCon -- the Trustworthy Technology Conference -- was born. It was a sellout, with 400 people attending at $50 a head, and another 300 on a waiting list who couldn't get in. Slashdot's Tim Lord managed to get in, and got to speak briefly with several people there, including one of the TrustyCon organizers, Joel Wallenstrom. These were crude interviews, done on a "catch as catch can" basis, and the sound in them is poor. (Google sent a camera crew and shot over seven hours of the conference speakers, which you can watch on YouTube if you want to view TrustyCon presentations in good HD with great sound.). Will there be another TrustyCon next year? According to The Register, "The conference organizers said that, at this point, the plan is to hold another get-together next year, but that a final decision will be made closer to the time."

gnujoshua writes "Paul Kocialkowski (PaulK), a developer for the Replicant project, a fully free/libre version of Android, wrote a guest blog post for the Free Software Foundation announcing that whlie hacking on the Samsung Galaxy, they "discovered that the proprietary program running on the applications processor in charge of handling the communication protocol with the modem actually implements a back-door that lets the modem perform remote file I/O operations on the file system." They then replaced the proprietary program with free software.

While it may be a while before we can have a 100% free software microcode/firmware on the the cellular hardware itself, isolating that hardware from the rest of your programming and data is a seemingly important step that we can take right now. At least to the FSF anyhow. What do others think: is a 100% free software mobile device important to you?"