Input Devices

The Fixes Sony's DualShock 4 Controller Still Needs 59

Posted by timothy
from the desperate-measures dept.
An anonymous reader writes Sony's PS4 has been on sale for more than a year now, and while its revamped DualShock 4 controller has been critically lauded, it's not without its faults. A new article flags up the issues — both hardware and software — that Sony could look to improve. Almost all of the points — a bigger battery, more options for the lightbar, repositions Option button — could be fixed with a bit of elbow grease. After all, as the author points out, Sony has already quietly changed the model it ships with each console once already.
Input Devices

Samsung's Advanced Chips Give Its Cameras a Big Boost 192

Posted by Soulskill
from the welcome-to-the-bigs dept.
GhostX9 writes: SLR Lounge just posted a first look at the Samsung NX1 28.1 MP interchangeable lens camera. They compare it to Canon and Sony full-frame sensors. Spoiler: The Samsung sensor seems to beat the Sony A7R sensor up to ISO 3200. They attribute this to Samsung's chip foundry. While Sony is using 180nm manufacturing (Intel Pentium III era) and Canon is still using 500nm process (AMD DX4 era), Samsung has gone with 65nm with copper interconnects (Intel Core 2 Duo — Conroe era). Furthermore, Samsung's premium lenses appear to be as sharp or sharper than Canon's L line and Sony's Zeiss line in the center, although the Canon 24-70/2.8L II is sharper at the edge of the frame.
Government

NSA Hack of N. Korea Convinced Obama NK Was Behind Sony Hack 181

Posted by timothy
from the that's-how-clever-it-was dept.
Mike Lape links to a NYTimes piece which says "The evidence gathered by the 'early warning radar' of software painstakingly hidden to monitor North Korea's activities proved critical in persuading President Obama to accuse the government of Kim Jong-un of ordering the Sony attack, according to the officials and experts, who spoke on the condition of anonymity about the classified N.S.A. operation." From the linked article: For about a decade, the United States has implanted “beacons,” which can map a computer network, along with surveillance software and occasionally even destructive malware in the computer systems of foreign adversaries. The government spends billions of dollars on the technology, which was crucial to the American and Israeli attacks on Iran’s nuclear program, and documents previously disclosed by Edward J. Snowden, the former security agency contractor, demonstrated how widely they have been deployed against China. ... The extensive American penetration of the North Korean system also raises questions about why the United States was not able to alert Sony as the attacks took shape last fall, even though the North had warned, as early as June, that the release of the movie “The Interview,” a crude comedy about a C.I.A. plot to assassinate the North’s leader, would be “an act of war.”
Crime

UK Suspect Arrested In Connection With PSN/XBL 'Lizard Squad' Attacks 55

Posted by timothy
from the just-a-bit-of-fun dept.
Dave Knott writes UK Police have arrested an 18-year-old man over involvement in the cyber-attacks on Sony's PlayStation Network and Microsoft's Xbox Live gaming services over Christmas, for which the Lizard Squad hacking group claimed responsibility. The man was arrested Friday in Southport, England, on suspicion of computer hacking, threats to kill and swatting. Computers and other electronic devices were seized during the arrest by officers from two UK cybercrime units working in conjunction with the US Federal Bureau of Investigation. A spokesman said that police were still in the early stages of an investigation working closely with the FBI to identify further people involved in the attacks.
Encryption

US/UK Will Stage 'Cyber-Attack War Games' As Pressure Against Encryption Mounts 77

Posted by Soulskill
from the do-you-want-to-play-a-game? dept.
An anonymous reader writes: British prime minister David Cameron is currently visiting Washington to discuss the future of cyber-security in Britain and North America. The leaders have announced that their respective intelligence agencies will mount ongoing cyber-attack "war games" starting this summer in an effort to strengthen the West's tarnished reputation following the Sony hacking scandal. Somewhat relatedly, a recently-leaked Edward Snowden document show the NSA giving dire warnings in 2009 of the threat posed by the lack of encrypted communications on the internet.
Data Storage

The Importance of Deleting Old Stuff 177

Posted by Soulskill
from the you-don't-need-meeting-notes-from-2006 dept.
An anonymous reader writes: Bruce Schneier has codified another lesson from the Sony Pictures hack: companies should know what data they can safely delete. He says, "One of the social trends of the computerization of our business and social communications tools is the loss of the ephemeral. Things we used to say in person or on the phone we now say in e-mail, by text message, or on social networking platforms. ... Everything is now digital, and storage is cheap — why not save it all?

Sony illustrates the reason why not. The hackers published old e-mails from company executives that caused enormous public embarrassment to the company. They published old e-mails by employees that caused less-newsworthy personal embarrassment to those employees, and these messages are resulting in class-action lawsuits against the company. They published old documents. They published everything they got their hands on."

Schneier recommends organizations immediately prepare a retention/deletion policy so in the likely event their security is breached, they can at least reduce the amount of harm done. What kind of retention policy does your organization enforce? Do you have any personal limits on storing old data?
Security

Lizard Stresser DDoS-for-Hire Service Built On Hacked Home Routers 65

Posted by Soulskill
from the go-change-your-parents'-router-credentials dept.
tsu doh nimh writes: The online attack service launched late last year by the same criminals who knocked Sony and Microsoft's gaming networks offline over the holidays is powered mostly by thousands of hacked home Internet routers, reports Brian Krebs. From the story: "The malicious code that converts vulnerable systems into stresser bots is a variation on a piece of rather crude malware first documented in November by Russian security firm Dr. Web, but the malware itself appears to date back to early 2014. As we can see in that writeup, in addition to turning the infected host into attack zombies, the malicious code uses the infected system to scan the Internet for additional devices that also allow access via factory default credentials, such as 'admin/admin,' or 'root/12345.' In this way, each infected host is constantly trying to spread the infection to new home routers and other devices accepting incoming connections (via telnet) with default credentials.
Censorship

Inside North Korea's Naenara Browser 159

Posted by timothy
from the threat-is-right dept.
msm1267 (2804139) writes with this excerpt from Threatpost Up until a few weeks ago, the number of people outside of North Korea who gave much thought to the Internet infrastructure in that country was vanishingly small. But the speculation about the Sony hack has fixed that, and now a security researcher has taken a hard look at the national browser used in North Korea and found more than a little weirdness. The Naenara browser is part of the Red Star operating system used in North Korea and it's a derivative of an outdated version of Mozilla Firefox. The country is known to tightly control the communications and activities of its citizens and that extends online, as well. Robert Hansen, vice president of WhiteHat Labs at WhiteHat Security, and an accomplished security researcher, recently got a copy of Naenara and began looking at its behavior, and he immediately realized that every time the browser loads, its first move is to make a request to a non-routable IP address, http://10.76.1.11./ That address is not reachable from networks outside the DPRK.

"Here's where things start to go off the rails: what this means is that all of the DPRK's national network is non-routable IP space. You heard me; they're treating their entire country like some small to medium business might treat their corporate office," Hansen wrote in a blog post detailing his findings. "The entire country of North Korea is sitting on one class A network (16,777,216 addresses). I was always under the impression they were just pretending that they owned large blocks of public IP space from a networking perspective, blocking everything and selectively turning on outbound traffic via access control lists."
Security

FBI: North Korean Hackers "Got Sloppy", Leaked IP Addresses 219

Posted by samzenpus
from the who's-to-blame dept.
An anonymous reader writes "The FBI launched a PR counterattack against skeptics of the assertion by the US government that North Korean hackers were responsible for anonymous threats received by Sony before its scheduled premiere of the film The Interview. Sony initially cancelled the Christmas day release, but later relented after receiving extensive criticism. In a speech at a New York City cybersecurity conference hosted by Fordham University, FBI Director James Comey said that while the attackers concealed their identify by using proxy servers, on occasion they "got sloppy" and made direct connections, exposing their true IP addresses; these indicated a North Korea origin. Comey also mentioned additional corroborative evidence, including patterns matching those seen in previous attacks known to have come from North Korea, but was guarded on details. Also at the Fordham conference, US Director of National Intelligence James Clapper mentioned recently meeting the Kim Yong Chol, the North Korean general in charge of cyberwarfare. Clapper emphasized Kim's belligerence and lack of a sense of humor, implying that an advance screening of "The Interview" would likely have enraged and provoked the North Korean brass."
Sony

Sony Thinks You'll Pay $1200 For a Digital Walkman 391

Posted by Soulskill
from the good-luck-with-that dept.
An anonymous reader writes: The Walkman is one of the most recognizable pieces of technology from the 1980s. Unfortunately for Sony, it didn't survive the switch to digital, and they discontinued it in 2010. Last year, they quietly reintroduced the Walkman brand as a "high-resolution audio player," supporting lossless codecs and better audio-related hardware. At $300, it seemed a bit pricey. But now, at the Consumer Electronics Show, Sony has loudly introduced its high-end digital Walkman, and somehow decided to price it at an astronomical $1,200.

What will all that money get you? 128GB of onboard storage and a microSD slot to go with it. There's a large touchscreen, and the device runs Android — but it uses version 4.2 Jelly Bean, which came out in 2012. It also supports Bluetooth and NFC. Sony claims the device has 33 hours of battery life when playing FLAC files, and 60 hours when playing MP3s. They appear to be targeting audiophiles — their press release includes phrasing about how pedestrian MP3 encoding will "compromise the purity of the original signal."
Sony

After Outage, Sony Makes Peace Offering To Users of PlayStation Network 95

Posted by samzenpus
from the sorry-for-your-trouble dept.
An anonymous reader notes that Sony is offering deals to make up for the downtime over Christmas. "PlayStation Network gamers didn't have such a happy holiday thanks to the reported handiwork of some hackers, so Sony is hoping to appease users of its online gaming service with promises of deals and discounts. For Playstation Plus subscribers, Sony is offering a 5-day membership extension, and for all members, a 10 percent discount at the PlayStation store, according to a blog post published Thursday. The PlayStation Network is Sony's online service for its PlayStation game console. Both PSN and Microsoft's online gaming service, Xbox Live, were intermittently offline beginning on Christmas Eve and Christmas Day. Xbox Live came back online first, with PSN following Saturday night."
Sony

Sony, Facebook, Google, Samsung, Apple, and Microsoft Now All Have a Hand In VR 61

Posted by samzenpus
from the everyone-is-doing-it dept.
An anonymous reader writes The Oculus Kickstarter breathed new life into consumer virtual reality when it raised more than $2.4 million just three years ago. Now, at the onset of 2015, some of the world's biggest tech companies have a vested interest in the growing consumer virtual reality industry. Road to VR takes a look back at VR in 2014 and the path that lead these tech giants to start taking it seriously.
United States

US Slaps Sanctions On North Korea After Sony Cyberattack 231

Posted by Soulskill
from the you-can-have-cuba's-old-digs dept.
wiredmikey writes: The United States imposed financial sanctions Friday on North Korea and several senior government officials in retaliation for a cyber attack on Sony Pictures. President Obama said he ordered the sanctions because of "the provocative, destabilizing, and repressive actions and policies (PDF) of the Government of North Korea, including its destructive, coercive cyber-related actions during November and December 2014." The activities "constitute a continuing threat to the national security, foreign policy, and economy of the United States," he added, in a letter to inform congressional leaders of his executive order. The new measures allow the Treasury Department "to apply sanctions against officials of the Government of North Korea and the Workers' Party of Korea, and persons determined to be owned or controlled by, or acting for or on behalf of" these bodies.
Crime

Finnish KRP Questions Suspected Lizard Squad Member 62

Posted by timothy
from the breaking-off-the-tail dept.
An anonymous reader writes Coming on the heels of the UK arrest of Vinnie Omari, Yle reports that Finnish police have interviewed "Ryan", the Finland-based hacker reportedly responsible for hacking the PlayStation and Xbox networks on Christmas day, but have not arrested him — contrary to reports in the international media (such as Washington Post). Lizard Squad had tweeted that the Finland-based hacker had been detained. Chief Inspector Tero Muurman of Keskusrikospoliisi (Finnish National Bureau of Investigation) confirmed Yle that reports of "Ryan" having been detained were wide of the mark. He had been interviewed at the start of the week, but then released. Finnish police are continuing their probe and co-operating closely with the FBI.
Crime

UK Arrest Over Xbox Live and Playstation Network Outages 86

Posted by timothy
from the but-officer-I-was-having-fun dept.
An anonymous reader writes Neowin.net is reporting the arrest of one Vincent Omari, a UK citizen [see also this Daily Mail story from a few days ago mentioning Omari], in the Christmas Day DDoS attacks on Sony's PSN and Microsoft's XBL systems: "In documents sent to Neowin, Vinnie Omari has been accused of 'hacking of the Playstation Network and Xbox Live systems over the Christmas Period'... While this is the first arrest related to the recent service disruptions, it may not be the last... In further conversations with those who are familiar with the investigation and the arrest, Omari believes that the police will not find anything of substance on his computers. His alleged crime is that he helped coordinate the DDOS attack on the service."
Sony

Sony Sends DMCA Notices Against Users Spreading Leaked Emails 138

Posted by samzenpus
from the take-it-down dept.
Dangerous_Minds writes Last week, Sony threatened legal action against users spreading information obtained through the e-mails that were leaked as a result of the Sony hack. Sony has begun carrying through with those threats. Twitter, after resisting demands that a user account be suspended for publishing leaked e-mails, has received a DMCA notice saying that the e-mails are, weirdly enough, copyrighted.
Image

South Korean Activist To Drop "The Interview" In North Korea Using Balloons 146 Screenshot-sm

Posted by samzenpus
from the it's-raining-movies dept.
Siddharth Srinivas writes Park Sang Hak, a North Korean democracy activist, said he will start dropping 100,000 DVDs and USBs with Sony's The Interview by balloon in North Korea as early as late January. He's partnering with the U.S.-based non-profit Human Rights Foundation, which is financing the making of the DVDs and USB memory sticks of the movie with Korean subtitles.
Advertising

Lizard Squad: Xbox Live, PSN Attacks Were a 'Marketing Scheme' For DDoS Service 139

Posted by timothy
from the now-how-much-would-you-pay? dept.
blottsie writes The devastating Christmas Day attacks against the gaming networks of Sony and Microsoft were a marketing scheme for a commercial cyberattack service, according to the hackers claiming responsibility for the attacks. Known as Lizard Squad, the hacker collective says it shut down the PlayStation Network (PSN) and Xbox Live network on Dec. 25 using a distributed denial-of-service (DDoS) attack, a common technique that overloads servers with data requests. The powerful attacks rendered the networks unusable for days, infuriating gamers around the world and causing yet-untold losses of revenue. Now, members of Lizard Squad say the group is selling the DDoS service they used against Sony and Microsoft to anyone willing to pay.
XBox (Games)

FBI Allegedly Investigating Lizard Squad Member Over Xbox Live, PSN Attacks 78

Posted by samzenpus
from the who's-to-blame dept.
blottsie writes The FBI is actively investigating a member of the hacker collective that claimed responsibility for recent high-profile cyberattacks on Microsoft and Sony properties, according to multiple sources with knowledge of the investigation and the attacks. A member of the Lizard Squad hacking group, who goes by the alias "ryanc" or Ryan, allegedly garnered the attention of a special agent with the Federal Bureau of Investigation after speaking with the media about Lizard Squad's Christmas-day attacks on Xbox Live and the PlayStation Network.
Security

Norse Security IDs 6, Including Ex-Employee, As Sony Hack Perpetrators 158

Posted by timothy
from the enough-blame-to-go-around dept.
chicksdaddy writes Alternative theories of who is responsible for the hack of Sony Pictures Entertainment have come fast and furious in recent weeks -- especially since the FBI pointed a finger at the government of North Korea last week. But Norse Security is taking the debate up a notch: saying that they have conclusive evidence pointing to group of disgruntled former employees as the source of the attack and data theft. The Security Ledger quotes Norse Vice President Kurt Stammberger saying that Norse has identified a group of six individuals — in the U.S., Canada, Singapore and Thailand — that it believes carried out the attack, including at least one 10-year employee of SPE who worked in a technical capacity before being laid off in May. Rather than starting from the premise that the Sony hack was a state sponsored attack, Norse researchers worked their investigation like any other criminal matter: starting by looking for individuals with the "means and motive" to do the attack.

HR files leaked in the hack provided the motive part: a massive restructuring in Spring, 2014, in which many longtime SPE employees were laid off. After researching the online footprint of a list of all the individuals who were fired and had the means to be able to access sensitive data on Sony's network, Norse said it identified a handful who expressed anger in social media posts following their firing. They included one former employee — a 10-year SPE veteran who he described as having a "very technical background." Researchers from the company followed that individual online, noting participation in IRC (Internet Relay Chat) forums where they observed communications with other individuals affiliated with underground hacking and hacktivist groups in Europe and Asia. According to Stammberger, the Norse investigation was eventually able to connect an individual directly involved in conversations with the Sony employee with a server on which the earliest known version of the malware used in the attack was compiled, in July, 2014.