×
Cloud

Mega-Uploads: The Cloud's Unspoken Hurdle 134

Posted by samzenpus from the mountain-of-disks dept.
First time accepted submitter n7ytd writes "The Register has a piece today about overcoming one of the biggest challenges to migrating to cloud-based storage: how to get all that data onto the service provider's disks. With all of the enterprisey interweb solutions available, the oldest answer is still the right one: ship them your disks. Remember: 'Never underestimate the bandwidth of a station wagon full of tapes hurtling down the highway.'"
Security

White House Hires a New Cybersecurity Boss 20

Posted by samzenpus from the who's-in-charge dept.
TheGift73 writes "Last week, longtime chief Howard Schmidt stepped down. He's been replaced by Michael Daniel, who's been in the Office of Management and Budget's national security division for 17 years. What does that mean for the future of the cybersecurity issue? Probably that we can expect his knowledge of the intelligence community to play a part in not just tracking down hackers, but determining the lines that need to be crossed with future SOPA-like bills. So while this sounds like a relatively nondescript appointment, Daniel will almost definitely be a major player the next time someone comes for your internet."
Australia

Employee "Disciplined" For Installing Bitcoin Software On Federal Webservers 86

Posted by samzenpus from the bad-idea dept.
Fluffeh writes "Around a year ago, a person working for the ABC in Australia with the highest levels of access to systems got caught with his fingers on the CPU cycles. The staffer had installed Bitcoin mining software on the systems used by the Australian broadcaster. While the story made a bit of a splash at the time, it was finally announced today that the staffer hadn't been sacked, but was merely being disciplined by his manager and having his access to systems restricted. All the stories seem a little vague as to what he actually installed, however — on one side he installed the software on a public facing webserver, and the ABC itself admits, 'As this software was for a short time embedded within pages on the ABC website, visitors to these pages may have been exposed to the Bitcoin software,' and 'the Coalition (current Opposition Parties) was planning on quizzing the ABC further about the issue, including filing a request for the code that would have been downloaded to users' machines,' but on the other side there is no mention of the staffer trying to seed a Bitcoin mining botnet through the site, just that mining software had been installed."
Data Storage

Ask Slashdot: Temporary Backup Pouch? 153

Posted by timothy from the don't-forget-your-spare-co-backup-pouch dept.
An anonymous reader writes "It looks simple. I've got a laptop and a USB HDD for backups. With rsync, I only move changes to the USB HDD for subsequent backups. I'd like to move these changes to a more portable USB stick when I'm away, then sync again to the USB HDD when I get home. I figured with the normality of the pieces and the situation, there'd be an app for that, but no luck yet. I'm guessing one could make a hardlink parallel-backup on the laptop at the same time as the USB HDD backup. Then use find to detect changes between it and the actual filesystem when it's time to backup to the USB stick. But there would need to be a way to preserve paths, and a way communicate deletions. So how about it? I'm joe-user with Ubuntu. I even use grsync for rsync. After several evenings of trying to figure this out, all I've got is a much better understanding of what hardlinks are and are not. What do the smart kids do? Three common pieces of hardware, and a simple-looking task."
GNU is Not Unix

Linux 3.4 Released 385

Posted by timothy from the latest-in-a-long-long-run dept.
jrepin writes with news of today's release (here's Linus's announcement) of Linux 3.4: "This release includes several Btrfs updates: metadata blocks bigger than 4KB, much better metadata performance, better error handling and better recovery tools. There are other features: a new X32 ABI which allows to run in 64 bit mode with 32 bit pointers; several updates to the GPU drivers: early modesetting of Nvidia Geforce 600 'Kepler', support of AMD RadeonHD 7xxx and AMD Trinity APU series, and support of Intel Medfield graphics; support of x86 cpu driver autoprobing, a device-mapper target that stores cryptographic hashes of blocks to check for intrusions, another target to use external read-only devices as origin source of a thin provisioned LVM volume, several perf improvements such as GTK2 report GUI and a new 'Yama' security module."
Security

Flashback Click Fraud Campaign Was a Bust 29

Posted by Soulskill from the peter-principle-for-black-hats dept.
zarmanto writes "It seems the Flashback botnet has netted their creators nothing but frustration. Flashback was tagged early on by anti-virus vendors, who promptly sink-holed many of the command & control addresses, and essentially crippled the hacker's ability to control the vast majority of the Flashback botnet... but that's not the best part. The Flashback spawned click fraud campaign resulted in... nada! It seems that their pay-per-click affiliate may be on to their scheme, as they refused to pay out. Score one for the good guys, for once."
Image

Book Review: Elementary Information Security Screenshot-sm 56

Posted by samzenpus from the read-all-about-it dept.
benrothke writes "Elementary Information Security, based on its title, weight and page length, I assumed was filled with mindless screen shots of elementary information security topics, written with a large font, in order to jack up the page count. Such an approach is typical of far too many security books. With that, if there ever was a misnomer of title, Elementary Information Security is it." Read below for the rest of Ben's review
Government

America's Cybersecurity Czar, Howard Schmidt, Steps Down 52

Posted by samzenpus from the hit-the-road dept.
wiredmikey writes "In December of 2009, after months of waiting, the Obama Administration named Howard Schmidt as the White House Cybersecurity Coordinator. After more than forty years in the IT community, the nation's first cyber czar will retire at the end of the month. Schmidt, after just over two years of government service, said he would retire in order to spend more time with his family and to entertain teaching opportunities in the cyber field. Schmidt was at the reins when the White House introduced its international strategy for cyberspace, and also helped create the controversial National Strategy for Trusted Identities in Cyberspace, an initiative that would allow people to obtain a single credential as a one-time password (on a token or mobile device) to do business on the Internet. Schmidt will be replaced by Michael Daniel, currently the head of the White House budget office's intelligence branch."
Government

UK Government Staff Caught Snooping On Citizen Data 120

Posted by samzenpus from the lets-have-a-look dept.
An anonymous reader writes "More than 1,000 UK government staff have been caught snooping on citizen data — including criminal records, social security, and medical records. From the article: 'The U.K. government is haemorrhaging data — private and confidential citizen data — from medical records to social security details, and even criminal records, according to figures obtained through Freedom of Information requests. Just shy of 1,000 civil servants working at the Department for Work and Pensions (DWP), were disciplined for accessing personal social security records. The Department for Health (DoH), which operates the U.K.’s National Health Service and more importantly all U.K. medical records, saw more than 150 breaches occur over a 13-month period.'"
Social Networks

Social Networking: The New Workplace Smoke Break 105

Posted by samzenpus from the friend-em-if-you-got-em dept.
snydeq writes "J. Peter Bruzzese sees a solution for organizations seeking to cut down employee time spent on social networks at work: treat social networking like a smoke break. 'Try as you might to keep social networks at bay, mobile devices let people be in constant connection to their social networking vices over the cellular networks, which you can't block. Still, it's not completely impossible to stop social time-wasting over mobile: You can establish policies that, if enforced strongly enough, eliminate social networks from being accessed on company time. Treat it like smoking: Let employees take a 15-minute coffee/smoking/Facebook break and make them go to a designated area to do it.'"
Android

Android Hackers Honing Skills In Russia 98

Posted by samzenpus from the practice-makes-perfect dept.
MikeatWired writes "The malware business growing around Google Android — now the leading smartphone operating system — is still in its infancy. Today, many of the apps built to steal money from Android users originate from Russia and China, so criminal gangs there have become cyber-trailblazers. Sophos and Symantec on Wednesday released their latest Android malware discoveries written in Russian. While the language narrows the number of potential victims, the social-engineering tactics used to get Android users to install the malware is universal. The gang tracked by Sophos is using fake antivirus scanners, while Symantec is tracking cybercriminals using mobile websites to offer bogus versions of popular games. Sophos says the criminals are like other entrepreneurs launching startups. They're starting in Russia, but have far greater ambitions. 'I don't think we can say that they're necessarily using it as a testing ground — think of it more as a local business that as it grows may gain multinational ambitions,' Graham Cluley, senior technology consultant at Sophos, said in an email interview on Wednesday. The cyber scam tracked by Sophos was reported this week by GFI Lab, which discovered links to the bogus antivirus software on Twitter. Sophos dug deeper and found that the .ru domains pointed to the same Internet protocol address hosted in Ukraine."
Government

Who Is Still Using IE6? the UK Government 141

Posted by timothy from the increased-customer-enragement dept.
strawberryshakes writes "The death knell for IE6 was sounded a couple of years ago, but seems like some people just can't let go. Many UK government departments are still using IE6, which is so old — 11 years old to be exact — it can't cope with social media — which the government is trying to get its staff to use more to engage with citizens."
Security

DreamHammer Wants To Corner the Drone OS Market 125

Posted by timothy from the special-interests-with-guns dept.
nonprofiteer writes "The Pentagon is increasingly transforming the military into an unmanned force, taking soldiers out of harm's way and replacing them with drones and robots. In 2011, it spent $6 billion on unmanned systems. The problem is that the unmanned systems don't work well together thanks to contractors building proprietary control systems (to lock government into exclusive relationships and to make extra money). A company called DreamHammer plans to have a solution to this — a universal remote control that could integrate all robots and drones into one control system. It would save money and allow anyone to build apps for drones. 'DreamHammer CTO Chris Diebner compares it with a smartphone OS — on which drones and features for those drones can be run like apps. Of course, Ballista is doing something on a much larger scale. It means that it takes fewer people to fly more drones and that new features can be rolled out without the need to develop and build a new version of a Predator, for example.'"
Data Storage

RunCore Introduces Self-Destructable SSD 168

Posted by timothy from the magic-smoke-that-is dept.
jones_supa writes "RunCore announces the global launch of its InVincible solid state drive, designed for mission-critical fields such as aerospace or military. The device improves upon a normal SSD by having two strategies for the drive to quickly render itself blank. First method goes through the disk, overwriting all data with garbage. Second one is less discreet and lets the smoke out of the circuitry by driving overcurrent to the NAND chips. Both ways can be ignited with a single push of a button, allowing James Bond -style rapid response to the situation on the field."
Privacy

Most CCTV Systems Come With Trivial Exploits 89

Posted by timothy from the peek-a-boo dept.
An anonymous reader writes "The use of CCTV cameras for physical surveillance of all kinds of environments has become so pervasive that most of us don't give the devices a second thought anymore. But, those individuals and organizations who actually use and control them should be aware that most of them come with default settings that make them vulnerable to outside attacks. According to Gotham Digital Science researcher Justin Cacak, standalone CCTV video surveillance systems by MicroDigital, HIVISION, CTRing, and many other rebranded devices are not only shipped with remote access enabled by default, but also with preconfigured default accounts and passwords that are banal and easy to guess."
Cellphones

UK Police Roll Out On-the-Spot Mobile Data Extraction System 145

Posted by samzenpus from the doing-it-faster dept.
Qedward writes "The Metropolitan Police has rolled out a mobile device data extraction system to allow officers to extract data 'within minutes' from suspects' phones while they are in custody. 'Ostensibly, the system has been deployed to target phones that are suspected of having actually been used in criminal activity, although data privacy campaigners may focus on potentially wider use.'"
Security

Americans More Worried About Cybersecurity Than Terrorism 266

Posted by Soulskill from the that-there-internet-is-a-scary-thing dept.
TheGift73 tips an article discussing a new study (PDF) which found Americans are now more worried about cybersecurity threats than they are about terrorism. Here's Techdirt's acerbic take: "Well, it looks like all the fearmongering about hackers shutting down electrical grids and making planes fall from the sky is working. No matter that there's no evidence of any actual risk, or that the only real issue is if anyone is stupid enough to actually connect such critical infrastructure to the internet (the proper response to which is: take it off the internet), fear is spreading. Of course, this is mostly due to the work of a neat combination of ex-politicians/now lobbyists working for defense contractors who stand to make a ton of money from the panic — enabled by politicians who seem to have no shame in telling scary bedtime stories that have no basis in reality."

Slashdot Top Deals