RemyBR writes with an excerpt from an article at El Reg: "Microsoft has confirmed that users of its instant messaging app will not be able to send each other links to popular torrent site The Pirate Bay, citing malware fears. 'We block instant messages if they contain malicious or spam URLs based on intelligence algorithms, third-party sources, and/or user complaints. Pirate Bay URLs were flagged by one or more of these and were consequently blocked,' Redmond told The Register in an emailed statement."

Presto Vivace writes "Neil Chenoweth, of the Australian Financial Review, reports that the BBC program Panorama is making new allegations against News Corp of serious misconduct. This time it involves the NDS division of News Corp, which makes conditional access cards for pay TV. It seems that NDS also ran a sabotage operation, hiring pirates to crack the cards of rival companies and posting the code on The House of Ill Compute (thoic.com), a web site hosted by NDS. 'ITV Digital collapsed in March 2002 with losses of more than £1 billion, overwhelmed by mass piracy, as well as technical restrictions and expensive sports contracts. Its collapse left Murdoch-controlled BSkyB the dominant pay TV provider in the UK.' Chenoweth reports that James Murdoch has been an advocate for tougher penalties for pirates, 'These are property rights, these are basic property rights,' he said. 'There is no difference from going into a store and stealing a packet of Pringles or a handbag, and stealing something online. Right?'"

McGruber writes "Following up on an earlier Slashdot story, earlier today, the U.S. House of Representatives Committee on Oversight and Government Reform and the Committee on Transportation and Infrastructure held a hearing titled 'TSA Oversight Part III: Effective Security or Security Theater?' ... In a blog update, Bruce Schneier says that 'at the request of the TSA' he was removed from the witness list. Bruce also said 'it's pretty clear that the TSA is afraid of public testimony on the topic, and especially of being challenged in front of Congress. They want to control the story, and it's easier for them to do that if I'm not sitting next to them pointing out all the holes in their position. Unfortunately, the committee went along with them.'"

jfruh writes "If you have to administer a *nix computer remotely, you hopefully ditched Telnet for SSH years ago. But you might not know that this tool does a lot more than offer you a secured command line. Here are some tips and tricks that'll help you do everything from detect man-in-the-middle attacks (how are you supposed to know if you should accept a new hosts public key, anyway?) to evading restrictions on Web surfing." What are your own favorite tricks for using SSH?

wiredmikey writes "Microsoft, in what it called its 'most complex effort to disrupt botnets to date,' and in collaboration with partners from the financial services industry, has successfully taken down operations that fuel a number of botnets that make up the notorious Zeus family of malware. In what Microsoft is calling 'Operation b71,' Microsoft and its co-plaintiffs, escorted by U.S. Marshals, seized command and control (C&C) servers in two hosting locations on March 23 in Scranton, Pennsylvania and Lombard, Illinois. The move was to seize and preserve data and evidence from the botnets for the case. In addition to seizing the C&C servers, the group took down two IP addresses behind the Zeus command and control structure, and secured 800 domains that Microsoft is now monitoring and using to help identify computers infected by Zeus."

New submitter politkal excerpts from a report at Reuters: "A Chinese telecommunications equipment company has sold Iran's largest telecom firm a powerful surveillance system capable of monitoring landline, mobile and internet communications, interviews and contract documents show. The system was part of a 98.6 million euro ($130.6 million) contract for networking equipment supplied by Shenzhen, China-based ZTE Corp to the Telecommunication Co of Iran (TCI), according to the documents. Government-controlled TCI has a near monopoly on Iran's landline telephone services and much of Iran's internet traffic is required to flow through its network. ... Human rights groups say they have documented numerous cases in which the Iranian government tracked down and arrested critics by monitoring their telephone calls or internet activities. Iran this month set up a Supreme Council of Cyberspace, headed by President Mahmoud Ahmadinejad, who said it would protect 'against internet evils,' according to Iranian state television."

shreshtha writes "Huawei says it has 'recently introduced ... Beyond LTE technology, which significantly increases peak rates to 30Gbps — over 20 times faster than existing commercial LTE networks.' It claims to have achieved this with 'key breakthroughs in antenna structure, radio frequency architecture, IF (intermediate frequency) algorithms, and multi-user MIMO (multi-input multi-output).'"

Hugh Pickens writes "With 3 million sold over the last week what's not to like about the new iPad? Michelle Maltais at the LA Times does a good job of putting together a compendium of gripes about the new device, justified or otherwise. Most people thought that Siri on the new iPad was a gimme; instead it has a scaled back version — dictation. 'If you want Siri, buy an iPhone. Plain and simple.' The new iPad is a little heavier than the iPad 2, thanks to the better graphics processor and more powerful battery. At one-tenth of a pound heavier that really doesn't sound like much, but it can start to matter if you hold your iPad in one hand for long periods or have any kind of repetitive stress injury. Apps designed for Retina display can be up to five times bigger and it's not just a problem for owners of the new iPad. Legacy owners of the original and iPad 2 who have these apps get to feel the pain too, since updates aren't device specific." The list continues, below.

New submitter themib writes "After only two release candidates XBMC v11.0 Eden has been released. The latest version contains many updates and new features, including: Addon Rollbacks, Confluence improvements, Dirty region rendering, a new JPEG decoder, movie scraping, better network support, a new upgraded Weather service. This announcement also heralds the new XBMCbuntu Final."

Gunkerty Jeb writes with a selection from Threatpost about upcoming legislation to watch out for: "EFF looked at two bills making their way through Congress: The Cybersecurity Act of 2012 (S. 2105), sponsored by Senator Joseph Lieberman (I-CT) of Connecticut and the Secure IT Act (S. 2151), sponsored by Senator John McCain (R-AZ). The digital rights group claims that the quality of both bills ranges from 'downright terrible' to 'appropriately intentioned.' Each, however, is conceptually similar and flawed, EFF said."

An anonymous reader writes "It looks like paranoia regarding Chinese cyber-espionage is riding sky-high within the Australian Government. It was confirmed today that the country's Attorney-General's Department had banned Chinese networking vendor Huawei (the number two telco networking equipment vendor globally) from bidding for work supplying equipment to the government's $50 billion National Broadband Network universal fibre project. The unprecedented move comes despite Huawei offering to share its source code with security officials, and despite Huawei not being accused of breaking any laws in Australia. Questions over the legality of the Government's move are already being raised."

Trailrunner7 writes "The U.S.'s leading Internet Service Providers signed on to a new FCC code of conduct to limit the impact of major cyber security threats, including botnets, attacks on the Domain Name System and Internet routing attacks. AT&T, CenturyLink, Comcast, Cox, Sprint, Time Warner Cable, T-Mobile and Verizon were among the ISPs that participated in the agreement. 'The recommendations approved today identify smart, practical, voluntary solutions that will materially improve the cyber security of commercial networks and bolster the broader endeavors of our federal partners,' said FCC Chairman Julius Genachowski." A fact sheet from the FCC provides details on the recommendations, but they're pretty vague: "The CSRIC recommended ISPs participate in a U.S. Anti-Bot Code of Conduct (PDF) that encourages ISPs to engage in: (1) end-user education to prevent bot infections; (2) detection of bots; (3) notification of potential bot infections; (4) remediation of bots; and (5) collaboration and sharing of information." They also recommend broader adoption of DNSSEC and the development of an "industry framework" to combat IP route hijacking.

peetm sends this quote from the BBC: "When the Spanish Civil War began in 1936, both Hitler's Germany and Mussolini's Italy sent troops to help the nationalists under Franco. But with the conflict dispersed across the country, some means of secure communication was needed for the German Condor Legion, the Italians and the Spanish forces under Franco. As a result, a set of modified commercial Enigma machines were delivered by Germany. ... A key figure in trying to understand it was Dilly Knox, a classicist who had been working on breaking ciphers since World War I. He was fascinated by the machine and began studying ways in which an intercepted message might in theory be broken, even writing his own messages, encrypting them and then trying to break them himself. But there was no opportunity to actually intercept a real message since German military signals were inaudible in Britain. However, the signals produced by the machines sent to Spain in 1936 were audible enough to be intercepted and Knox began work. ... Within six or seven months of having his first real code to crack, Knox had succeeded, producing the first decryption of an Enigma message in April 1937."

OzPeter writes "As a part of National Consumer Fraud week, the Queensland Police are going war driving in order to identify insecure WiFi setups. From the press release: 'The War Driving Project involves police conducting proactive patrols of residential and commercial areas to identify unprotected connections. Police will follow this up with a letterbox drop in the targeted area with information on how to effectively secure your connection.' While some people may like having an open WiFi AP its interesting to see that the Police also feel that 'Having WEP encryption is like using a closed screen door as your sole means of security at home. The WPA or WPA2 security encryption is certainly what we would recommend as it offers a high degree of protection.'"

Diomidis Spinellis writes "We hear a lot about the adoption of open source software, but when I was asked to provide hard evidence there was little I could find. In a recent article we tried to fill this gap by examining the type of software the U.S. Fortune 1000 companies use in their web-facing operations. Our study shows that the adoption of OSS in large U.S. companies is significant and is increasing over time through a low-churn transition, advancing from applications to platforms, and influenced by network effects. The adoption is likelier in larger organizations and is associated with IT and knowledge-intensive work, operating efficiencies, and less productive employees. Yet, the results were not what I was expecting."

AZA43 writes "A group of U.S. federal cybersecurity experts recently said the Defense Department's network is totally compromised by foreign spies. The experts suggest the agency simply accept that its networks are compromised and will probably remain that way, then come up with a way to protect data on infected machines and networks."

alphadogg writes "Hactivists — not cybercriminals — were responsible for the majority of personal data stolen from corporate and government networks during 2011, according to a new report from Verizon. The Verizon 2012 Data Breach Investigation Report found that 58% of data stolen in 2011 was the result of hactivism, which involves computer break-ins for political rather than commercial gain. In previous years, most hacking was carried out by criminals, Verizon said. Altogether, Verizon examined 855 cybersecurity incidents worldwide that involved 174 million compromised records. This is the largest data set that Verizon has ever examined, thanks to its cooperation with law enforcement groups including the U.S. Secret Service, the Dutch National High Tech Crime Unit and police forces from Australia, Ireland and London."

An anonymous reader writes "Altinn.no is a web service run by the Norwegian government, on which citizens can find, fill out and deliver forms electronically. Every year Norwegian citizens can also log in to check their tax results. This year, as every year, the site was unable to cope with the traffic generated from everyone wanting to check their taxes at the same time. New this year, however, was that once people were finally able to log in, a significant amount of people were logged in as someone else. Users then had access to all financial data of this unfortunate person over two years back in time, in addition to the financial information of his wife and the company he worked for. Altinn shut down some 15 minutes later, and has been down since."

Sparrowvsrevolution writes "Forbes profiles Vupen, a French security firm that openly sells secret software exploits to spies and government agencies. Its customers pay a $100,000 annual fee simply for the privilege of paying extra fees for the exploits that Vupen's hackers develop, which the company says can penetrate every major browser, as well as other targets like iOS, Android, Adobe Reader and Microsoft Word. Those individual fees often cost much more than that six-figure subscription, and Vupen sells them non-exclusively to play its customers off each other in an espionage arms race. The company's CEO, Chaouki Bekrar, says Vupen only sells to NATO governments and 'NATO partners' but he admits 'if you sell weapons to someone, there's no way to ensure that they won't sell to another agency.'"

An anonymous reader writes "Microsoft has demoed a working prototype of Microsoft Dynamics GP (an ERP package) running on Windows 8, with a full Metro UI. This is the first example of an enterprise app for the Windows 8 metro 'wall.' The one hour keynote is available online behind a short registration form ... (demos start around 40 minutes in). Screenshots available at source."