×
Communications

WW2 Carrier Pigeon and Undecoded Message Found In Chimney 287

Posted by Soulskill from the flue-the-coop dept.
BigBadBus writes "The BBC is reporting that the remains of a World War 2 carrier pigeon were found during renovation of a chimney in England. What is interesting is that the pigeon's remains still had its message attached to the leg ring; even more interesting, this is the first recorded instance of a code being used rather than plain text. The successor to WW2 code-breaking HQ Bletchley Park, the GCHQ, is trying to decipher this unique code. Maybe a Slashdot reader can beat them to it?"
Security

PayPal Security Holes Expose Customer Card Data, Personal Details 87

Posted by Soulskill from the time-to-do-a-chargeback-on-their-security-contractors dept.
mask.of.sanity writes "Dangerous website flaws have been discovered in PayPal that grant attackers access to customer credit card data, account balances and purchase histories. The holes still exist. One was publicly disclosed after a failed effort in July to responsibly disclose them under PayPal's bug bounty program. PayPal is working to close the holes."
Privacy

More Than 25% of Android Apps Know Too Much About You 277

Posted by Soulskill from the but-they-always-forget-my-birthday dept.
CowboyRobot writes "A pair of reports by Juniper and Bit9 confirm the suspicion that many apps are spying on users. '26 percent of Android apps in Google Play can access personal data, such as contacts and email, and 42 percent, GPS location data... 31 percent of the apps access phone calls or phone numbers, and 9 percent employ permissions that could cost the user money, such as incurring premium SMS text message charges... nearly 7 percent of free apps can access address books, 2.6 percent, can send text messages without the user knowing, 6.4 percent can make calls, and 5.5 percent have access to the device's camera.' The main issue seems to be with poor development practices. Only in a minority of cases is there malicious intent. The Juniper report and the Bit9 report are both available online."
Government

IEEE Standards For Voting Machines 221

Posted by samzenpus from the all-the-same dept.
kgeiger writes "Voting machine designs and data formats are a free-for-all. The result is poor validation and hence opportunity for fraud. An IEEE standards group wants all election computer systems to speak the same language. From the article: 'IEEE Standards Project 1622 is working on electronic data interchange for voting systems. The plan is to create a common format, based on the Election Markup Language (EML) already recommended for use in Europe. This is a subset of the popular XML (eXtensible Markup Language) that specifies particular fields and data structures for use in voting.'"
Government

Department of Homeland Security Wants Nerds For a New "Cyber Reserve'" 204

Posted by samzenpus from the grabbing-geeks dept.
pigrabbitbear writes "Just three weeks after Defense Secretary Leon Panetta told an audience at the Sea, Air and Space Museum that the U.S. is on the brink of a 'cyber Pearl Harbor,' the government has decided it needs to beef up the ranks of its digital defenses. It's assembling a league of extraordinary computer geeks for what will be known as the 'Cyber Reserve.'"
Operating Systems

OpenBSD 5.2 Released 141

Posted by samzenpus from the check-it-out dept.
An anonymous reader writes "OpenBSD 5.2 has been released and is available for download. One of the most significant changes in this release is the replacement of the user-level uthreads by kernel-level rthreads, allowing multithreaded programs to utilize multiple CPUs/cores."
Businesses

NYC Data Center Needs Focus On Fuel 162

Posted by timothy from the now-let's-talk-economic-fallacies dept.
Nerval's Lobster writes "Who knew that the most critical element of operating a data center in New York City was ensuring a steady supply of diesel fuel? In the wake of Hurricane Sandy, the challenges facing data center operators in the affected zones include pumping water from basements, waiting for utility power to be restored, and managing fuel-truck deliveries. And it's become increasingly clear which companies had the resources and foresight to plan for a disaster like Sandy, and which are simply reacting. Here's the latest on providers around the New York area." And remember, having fuel for machines sometimes only means it's time to start the manual labor.
Government

FTC Whacks "Rachel From Card Holder Services" 289

Posted by timothy from the what-about-ann?-don't-forget-ann dept.
coondoggie writes "Just two weeks after it challenged the public to come up with a better technological way to stop incessant robocalling, the Federal Trade Commission pulled the plug on five mass calling companies it said were allegedly responsible for millions of illegal pre-recorded calls from 'Rachel' and others from 'Cardholder Services.' 'At the FTC, Rachel from Cardholder Services is public enemy number one,' said FTC Chairman Jon Leibowitz at the announcement of the cases."
Bug

Internal Bug: Code Flaw May Lead to Wrong Dose From Infusion Pump 86

Posted by timothy from the clippy-thinks-you're-injecting-insulin dept.
chicksdaddy writes "The steady drumbeat of disturbing news about vulnerable, IP enabled medical devices continues this week, after medical device maker Hospira said it has issued a voluntary recall of its Symbiq-brand drug infusion pumps after discovering a software error that may cause touch interfaces on the pumps to not respond to user touches or to display dosage information that is inaccurate. The problem was detected in around 1.5% of Symbiq One Channel and Two Channel Infusers (model numbers 16026 and 16027), but could potentially affect 'all Symbiq infusion systems currently in the field.' The software bug could result in 'a delayed response and or the screen registering a different value from the value selected by the user,' the company said in a statement."
Privacy

Judge To Newspaper - Reveal Name of Commenter 307

Posted by samzenpus from the naming-names dept.
First time accepted submitter Andy Prough writes "A Kansas judge has ordered a Topeka newspaper to release the name of a commenter on one of its stories about the trial of Anceo D. Stovall for the murder of Natalie Gibson. Using the name 'BePrepared,' the commenter posted the following in response to a story about the ongoing trial on July 21 at 1:45pm: 'Trust me that's all they got in their little world, as you know, I have been there. Remember the pukes names they will do it for ever.' The problem? The court is convinced that 'BePrepared' was a juror, and was not supposed to be accessing news about the trial before it ended on July 24th. The court wants BePrepared's name, address and IP address. The jury was ultimately unable to find Stovall guilty of 10 of the 11 charges against him — including murder. Both defense and prosecution lawyers appear to want a new trial, and if it turns out that BePrepared was a juror, they are more likely to get their wish."
Networking

Dutch DigiNotar Servers Were Fully Hacked 83

Posted by Soulskill from the they-don't-fool-around dept.
ChristW writes "The final report that was handed to the Dutch government today indicates that all 8 certificate servers of the Dutch company DigiNotar were fully hacked. (Report PDF in English.) Because the access log files were stored on the same servers, they cannot be used to find any evidence for or against intrusion. In fact, blatant falsification has been found in those log files. A series of so-far unused certificates has also been found. It is unknown if and where these certificates have been used."
Security

More Drones Set To Use US Air Space 223

Posted by Unknown Lamer from the pakistan-can't-have-all-the-fun dept.
Dupple writes with a quote from the BBC about more testing of Predator drones in U.S. air space: "Tests have been carried out to see whether military drones can mix safely in the air with passenger planes. The tests involved a Predator B drone fitted with radio location systems found on domestic aircraft that help them spot and avoid other planes. The tests will help to pave the way for greater use of drones in America's domestic airspace."
Encryption

Ask Slashdot: Is TSA's PreCheck System Easy To Game? 157

Posted by Unknown Lamer from the it's-probably-a-crime dept.
OverTheGeicoE writes "TSA has had a preferred traveler program, PreCheck, for a while now. Frequent fliers and other individuals with prior approval from DHS can avoid some minor annoyances of airport security, like removing shoes and light jackets, but not all of the time. TSA likes to be random and unpredictable, so PreCheck participants don't always get the full benefits of PreCheck. Apparently the decision about PreCheck is made when the boarding pass is printed, and a traveler's PreCheck authorization is encoded, unencrypted, on the boarding pass barcode. In theory, one could use a barcode-reading Web site (like this one, perhaps) to translate a barcode into text to determine your screening level before a flight. One might even be able to modify the boarding pass using PhotoShop or the GIMP to, for example, get the screening level of your choice. I haven't been able to verify this information, but I bet Slashdot can. Is TSA's PreCheck system really that easy to game? If you have an old boarding pass lying around, can you read the barcode and verify that the information in TFA is correct?"
Government

Irked By Cyberspying, Georgia Outs Russia-based Hacker 95

Posted by Soulskill from the turnabout-is-fair-play dept.
coondoggie writes "In one of the photos, the dark-haired, bearded hacker is peering into his computer's screen, perhaps puzzled at what's happening. Minutes later, he cuts his computer's connection, realizing he has been discovered. In an unprecedented move, the country of Georgia — irritated by persistent cyber-spying attacks — has published two photos of a Russia-based hacker who, the Georgians allege, waged a persistent, months-long campaign that stole confidential information from Georgian government ministries, parliament, banks and NGOs."
Data Storage

Intel 335 Series SSD Equipped With 20-nm NAND 135

Posted by Soulskill from the that's-not-many-nanometers dept.
crookedvulture writes "The next generation of NAND has arrived. Intel's latest 335 Series SSD sports 20-nm flash chips that are 29% smaller than the previous, 25-nm generation. The NAND features a new planar cell structure with a floating, high-k/metal gate stack, a first for the flash industry. This cell structure purportedly helps the 20-nm NAND overcome cell-to-cell interference, allowing it to offer the same performance and reliability characteristics of the 25-nm stuff. The performance numbers back up that assertion, with the 335 Series matching other drives based on the same SandForce controller silicon. The 335 Series may end up costing less than the competition, though; Intel has set the suggested retail price at an aggressive $184 for the 240GB drive, which works out to just 77 cents per gigabyte."
Security

Want a Security Pro? Get Politically Incorrect and Learn Geek Culture 314

Posted by samzenpus from the fight-trolls-with-trolls dept.
coondoggie writes "While complaints can be heard far and wide that it's hard to find the right IT security experts to defend the nation's cyberspace, the real problem in hiring security professionals is the roadblocks put up by lawyers and human resources personnel and a complete lack of understanding of geek culture, says security consultant Winn Schwartau. Take Janet Napolitano, U.S. secretary of the Department of Homeland Security, who has said the country can't find the right people for network defense. The real problem is a misunderstanding of computer geeks, their personalities, habits and their backgrounds, said Schwartau today during his talk at the Hacker Halted information security conference."
Security

FBI Says They're Now Working 24/7 To Investigate Hackers and Network Attacks 74

Posted by samzenpus from the better-late-than-never dept.
An anonymous reader writes "The Federal Bureau of Investigation (FBI) is finally stepping up its game when it comes to hackers. Maybe it was Anonymous that did it or maybe it was statements from the US Secretary of Defense two weeks ago, but either way, the FBI is now hunting hackers 24/7." I'm happy that the FBI no longer has an investigation schedule when it comes to online crime, but I have to think that I'm not the only one who assumed they were doing this before.
Government

Showdown Set On Bid To Give UN Control of Internet 316

Posted by samzenpus from the taking-the-wheel dept.
wiredmikey writes "When delegates gather in Dubai in December for an obscure UN agency meeting, the mother of all cyber diplomatic battles is expected, with an intense debate over proposals to rewrite global telecom rules to effectively give the United Nations control over the Internet. Russia, China and other countries back a move to place the Internet under the authority of the International Telecommunications Union (ITU), a UN agency that sets technical standards for global phone calls. While US officials have said placing the Internet under UN control would undermine the freewheeling nature of cyberspace, some have said there is a perception that the US owns and manages the Internet. The head of the ITU, Hamadoun Toure, claims his agency has 'the depth of experience that comes from being the world's longest established intergovernmental organization.' But Harold Feld of the US-based non-government group Public Knowledge said any new rules could have devastating consequences. Some are concerned over a proposal by European telecom operators seeking to shift the cost of communication from the receiving party to the sender. This could mean huge costs for US Internet giants like Facebook and Google."
Canada

US and Canada Launch Joint Cybersecurity Plan 42

Posted by samzenpus from the when-our-powers-combine dept.
wiredmikey writes "Canada and the United States announced Friday they were launching a joint cybsersecurity plan that aims to better protect critical digital infrastructure and improve the response to cyber incidents. Under the action plan, the US Department of Homeland Security and Public Safety Canada will cooperate to protect vital cyber systems and respond to and recover from any cyber disruptions, by improving collaboration on managing cyber incidents between their respective cyber security operation centers, enhancing information sharing and engagement with the private sector and pursuing US-Canadian collaboration to promote cyber security awareness to the public."

Slashdot Top Deals