Slashdot: News for nerds, stuff that matters

America's Cybersecurity Czar, Howard Schmidt, Steps Down 52

Posted by samzenpus on Friday May 18, 2012 @08:09AM
from the hit-the-road dept.

wiredmikey writes "In December of 2009, after months of waiting, the Obama Administration named Howard Schmidt as the White House Cybersecurity Coordinator. After more than forty years in the IT community, the nation's first cyber czar will retire at the end of the month. Schmidt, after just over two years of government service, said he would retire in order to spend more time with his family and to entertain teaching opportunities in the cyber field. Schmidt was at the reins when the White House introduced its international strategy for cyberspace, and also helped create the controversial National Strategy for Trusted Identities in Cyberspace, an initiative that would allow people to obtain a single credential as a one-time password (on a token or mobile device) to do business on the Internet. Schmidt will be replaced by Michael Daniel, currently the head of the White House budget office's intelligence branch."

UK Government Staff Caught Snooping On Citizen Data 120

Posted by samzenpus on Friday May 18, 2012 @03:05AM
from the lets-have-a-look dept.

An anonymous reader writes "More than 1,000 UK government staff have been caught snooping on citizen data — including criminal records, social security, and medical records. From the article: 'The U.K. government is haemorrhaging data — private and confidential citizen data — from medical records to social security details, and even criminal records, according to figures obtained through Freedom of Information requests. Just shy of 1,000 civil servants working at the Department for Work and Pensions (DWP), were disciplined for accessing personal social security records. The Department for Health (DoH), which operates the U.K.’s National Health Service and more importantly all U.K. medical records, saw more than 150 breaches occur over a 13-month period.'"

Social Networking: The New Workplace Smoke Break 105

Posted by samzenpus on Friday May 18, 2012 @01:32AM
from the friend-em-if-you-got-em dept.

snydeq writes "J. Peter Bruzzese sees a solution for organizations seeking to cut down employee time spent on social networks at work: treat social networking like a smoke break. 'Try as you might to keep social networks at bay, mobile devices let people be in constant connection to their social networking vices over the cellular networks, which you can't block. Still, it's not completely impossible to stop social time-wasting over mobile: You can establish policies that, if enforced strongly enough, eliminate social networks from being accessed on company time. Treat it like smoking: Let employees take a 15-minute coffee/smoking/Facebook break and make them go to a designated area to do it.'"

Android Hackers Honing Skills In Russia 98

Posted by samzenpus on Thursday May 17, 2012 @10:01PM
from the practice-makes-perfect dept.

MikeatWired writes "The malware business growing around Google Android — now the leading smartphone operating system — is still in its infancy. Today, many of the apps built to steal money from Android users originate from Russia and China, so criminal gangs there have become cyber-trailblazers. Sophos and Symantec on Wednesday released their latest Android malware discoveries written in Russian. While the language narrows the number of potential victims, the social-engineering tactics used to get Android users to install the malware is universal. The gang tracked by Sophos is using fake antivirus scanners, while Symantec is tracking cybercriminals using mobile websites to offer bogus versions of popular games. Sophos says the criminals are like other entrepreneurs launching startups. They're starting in Russia, but have far greater ambitions. 'I don't think we can say that they're necessarily using it as a testing ground — think of it more as a local business that as it grows may gain multinational ambitions,' Graham Cluley, senior technology consultant at Sophos, said in an email interview on Wednesday. The cyber scam tracked by Sophos was reported this week by GFI Lab, which discovered links to the bogus antivirus software on Twitter. Sophos dug deeper and found that the .ru domains pointed to the same Internet protocol address hosted in Ukraine."

Paul Vixie: 100,000 DSL Modems May Lose Their DNS On July 9 193

Posted by timothy on Thursday May 17, 2012 @03:54PM
from the blame-the-feds dept.

Dante_J writes "Up to 100,000 DSL modems may lose access to DNS come July the 9th, due to scripted web interface changes made to them by DNSChanger. This and other disturbing details were raised by respected Internet elder Paul Vixie during a presentation at the AusCERT 2012 conference."

The Pirate Bay Returns, Anonymous Hater Takes Credit For DDoS 122

Posted by timothy on Thursday May 17, 2012 @03:12PM
from the bad-childhoods-in-the-news dept.

An anonymous reader writes "After being the victim of a massive Distributed Denial of Service (DDoS) attack by an unknown party, The Pirate Bay has returned. An Anonymous traitor who goes by the name AnonNyre has claimed responsibility for the DDoS attack that kept the site offline for days."

Who Is Still Using IE6? the UK Government 141

Posted by timothy on Thursday May 17, 2012 @12:33PM
from the increased-customer-enragement dept.

strawberryshakes writes "The death knell for IE6 was sounded a couple of years ago, but seems like some people just can't let go. Many UK government departments are still using IE6, which is so old — 11 years old to be exact — it can't cope with social media — which the government is trying to get its staff to use more to engage with citizens."

DreamHammer Wants To Corner the Drone OS Market 125

Posted by timothy on Thursday May 17, 2012 @12:11PM
from the special-interests-with-guns dept.

nonprofiteer writes "The Pentagon is increasingly transforming the military into an unmanned force, taking soldiers out of harm's way and replacing them with drones and robots. In 2011, it spent $6 billion on unmanned systems. The problem is that the unmanned systems don't work well together thanks to contractors building proprietary control systems (to lock government into exclusive relationships and to make extra money). A company called DreamHammer plans to have a solution to this — a universal remote control that could integrate all robots and drones into one control system. It would save money and allow anyone to build apps for drones. 'DreamHammer CTO Chris Diebner compares it with a smartphone OS — on which drones and features for those drones can be run like apps. Of course, Ballista is doing something on a much larger scale. It means that it takes fewer people to fly more drones and that new features can be rolled out without the need to develop and build a new version of a Predator, for example.'"

RunCore Introduces Self-Destructable SSD 168

Posted by timothy on Thursday May 17, 2012 @11:06AM
from the magic-smoke-that-is dept.

jones_supa writes "RunCore announces the global launch of its InVincible solid state drive, designed for mission-critical fields such as aerospace or military. The device improves upon a normal SSD by having two strategies for the drive to quickly render itself blank. First method goes through the disk, overwriting all data with garbage. Second one is less discreet and lets the smoke out of the circuitry by driving overcurrent to the NAND chips. Both ways can be ignited with a single push of a button, allowing James Bond -style rapid response to the situation on the field."

Most CCTV Systems Come With Trivial Exploits 89

Posted by timothy on Thursday May 17, 2012 @09:25AM
from the peek-a-boo dept.

An anonymous reader writes "The use of CCTV cameras for physical surveillance of all kinds of environments has become so pervasive that most of us don't give the devices a second thought anymore. But, those individuals and organizations who actually use and control them should be aware that most of them come with default settings that make them vulnerable to outside attacks. According to Gotham Digital Science researcher Justin Cacak, standalone CCTV video surveillance systems by MicroDigital, HIVISION, CTRing, and many other rebranded devices are not only shipped with remote access enabled by default, but also with preconfigured default accounts and passwords that are banal and easy to guess."

UK Police Roll Out On-the-Spot Mobile Data Extraction System 145

Posted by samzenpus on Thursday May 17, 2012 @12:34AM
from the doing-it-faster dept.

Qedward writes "The Metropolitan Police has rolled out a mobile device data extraction system to allow officers to extract data 'within minutes' from suspects' phones while they are in custody. 'Ostensibly, the system has been deployed to target phones that are suspected of having actually been used in criminal activity, although data privacy campaigners may focus on potentially wider use.'"

Americans More Worried About Cybersecurity Than Terrorism 266

Posted by Soulskill on Tuesday May 15, 2012 @07:15PM
from the that-there-internet-is-a-scary-thing dept.

TheGift73 tips an article discussing a new study (PDF) which found Americans are now more worried about cybersecurity threats than they are about terrorism. Here's Techdirt's acerbic take: "Well, it looks like all the fearmongering about hackers shutting down electrical grids and making planes fall from the sky is working. No matter that there's no evidence of any actual risk, or that the only real issue is if anyone is stupid enough to actually connect such critical infrastructure to the internet (the proper response to which is: take it off the internet), fear is spreading. Of course, this is mostly due to the work of a neat combination of ex-politicians/now lobbyists working for defense contractors who stand to make a ton of money from the panic — enabled by politicians who seem to have no shame in telling scary bedtime stories that have no basis in reality."

'G20 Geek' Byron Sonne Cleared of Explosives Charges 278

Posted by Soulskill on Tuesday May 15, 2012 @03:01PM
from the didn't-have-to-pull-a-dufresne dept.

New submitter davegravy writes "Byron Sonne, the Toronto-based security consultant, chemistry hobbyist, and geek who was arrested leading up to the Toronto G-20 for alleged plans to bomb the event, has been found not guilty of all charges. Sonne was held in prison for 11 months without receiving bail, and the ruling comes two years after his arrest. Sonne is considered by many in the Toronto security community as a champion of civil rights and a sharp critic of security theatre."

Avira Premium Anti-Virus Bug Disables Windows Machines 151

Posted by timothy on Tuesday May 15, 2012 @10:48AM
from the malware-writers-have-won dept.

New submitter Adesso writes "Anti-virus vendor Avira is having difficulty with an update of all their Premium customers. An update that has been downloaded over 70 million times is causing the 32-bit version of Windows to block almost all critical applications. Avira has responded promptly with an interim solution for this problem. In most cases this causes Windows to not boot properly."

Global Payments Breach Led To Prepaid Card Fraud 50

Posted by Unknown Lamer on Monday May 14, 2012 @10:08PM
from the don't-copy-that-magstripe dept.

tsu doh nimh writes "Global Payments, the Atlanta-based credit card processor that disclosed a major breach of its systems last month, has said that less than 1.5 million card numbers were stolen, and that customer names and addresses weren't included in the purloined data. But security reporter Brian Krebs carries a piece today highlighting how thieves were still able to use the data to clone debit cards, which were then used in shopping sprees in and around the Las Vegas area recently."

2011	Military Drone Attacks Are Not 'Hostile'	892 comments
2008	McCain Backs Nuclear Power	1563 comments
2007	White House E-mail Scandal Widens	839 comments
2005	Desktop Linux on x86 - Adapt or Die	924 comments
2003	Honda Crash Detection System	868 comments