angry tapir writes "The creators of the Flame cyber-espionage threat ordered infected computers still under their control to download and execute a component designed to remove all traces of the malware and prevent forensic analysis. Flame has a built-in feature called SUICIDE that can be used to uninstall the malware from infected computers. However, late last week, Flame's creators decided to distribute a different self-removal module to infected computers that connected to servers still under their control."
Want business-intelligence news delivered to your inbox? Signup for SlashBI Update now.
snydeq writes "As the self-proclaimed 'cloud OS for the datacenter,' OpenStack is fast becoming one of the more intriguing movements in open source — complete with lofty ambitions, community in-fighting, and commercial appeal. But questions remain whether this project can reach its potential of becoming the new Linux. 'The allure of OpenStack is clear: Like Linux, OpenStack aims to provide a kernel around which all kinds of software vendors can build businesses. But with OpenStack, we're talking multiple projects to provide agile cloud management of compute, storage, and networking resources across the data center — plus authentication, self-service, resource monitoring, and a slew of other projects. It's hugely ambitious, perhaps the most far-reaching open source project ever, although still at a very early stage. ... Clearly, the sky-high aspirations of OpenStack both fuel its outrageous momentum and incur the risk of overreach and collapse, as it incites all manner of competition. The promise is big, but the success of OpenStack is by no means assured.'"
darthcamaro writes "So how did World IPv6 Launch go? Surprisingly well, according to participants at the event. Google said it has seen 150% growth in IPv6 traffic, Facebook now has 27 million IPv6 users and Akamai is serving 100x more IPv6 traffic. But it's still a 'brocolli' technology. 'I've said in the past that IPv6 is a 'broccoli' technology,' Leslie Daigle, CTO of the Internet Society said. 'I still think it is a tech everybody knows it would be good if we ate more of it but nobody wants to eat it without the cheese sauce.'" Reader SmartAboutThings adds a few data points: "According to Google statistics, Romania leads the way with a 6.55% adoption rate, followed by France with 4.67%. Japan is on the third place so far with 1.57% but it seems here 'users still experience significant reliability or latency issues connecting to IPv6-enabled websites.' In the U.S. and China the users have noticed infrequent issues connecting to the new protocol, but still the adoption rate is 0.93% and 0.58%, respectively."
An anonymous reader writes "CERT/CC has called out AMD for having insecure video drivers. AMD/ATI video drivers are incompatible with system-wide ASLR. 'Always On' DEP combined with 'Always On' ASLR are effective exploit mitigations. However, most people don't know about 'Always On' ASLR since Microsoft had to hide it from EMET with an 'EnableUnsafeSettings' registry key — because AMD/ATI video drivers will cause a BSOD on boot if 'Always On' ASLR is enabled."
As reported here recently, millions of LinkedIn password hashes have been leaked online. An anonymous reader writes "Now, Poul-Henning Kamp a developer known for work on various projects and the author of the md5crypt password scrambler asks everybody to migrate to a stronger password scrambler without undue delay. From the blog post: 'New research has shown that it can be run at a rate close to 1 million checks per second on COTS GPU hardware, which means that it is as prone to brute-force attacks as the DES based UNIX crypt was back in 1995: Any 8 character password can be found in a couple of days. The default algorithm for storing password hashes in /etc/shadow is MD5. RHEL / CentOS / FreeBSD user can migrate to SHA-512 hashing algorithms.'" Reader Curseyoukhan was one of several to also point out that dating site eHarmony got the same treatment as LinkedIn. Update: 06/07 20:13 GMT by T : An anonymous reader adds a snippet from Help Net Security, too: "Last.fm has piped up to warn about a leak of their own users' passwords. Users who have logged in to the site were greeted today by a warning asking them to change their password while the site investigates a security problem. Following the offered link to learn more, they landed on another page with another warning."
concertina226 writes to note that it's not just the U.S. that's increasingly open about using malware as an offensive tool of state security: From the TechWorld story: "According to German reports, the Bonn-based Computer Network Operations (CNO) unit had existed since 2006 but was only now being readied for deployment under the control of the country's military. 'The initial capacity to operate in hostile networks has been achieved,' a German press agency reported the brief document as saying. The unit had already conducted closed lab simulations of cyber-attacks." "Unlike physical attacks," concertina226 writes, "cyber-weapons can't be isolated from their surroundings with the same degree of certainty. If, as a growing body of evidence suggests, the U.S. Government sanctioned the use of cyber-malware such as Stuxnet, are the authorities also held responsible should such campaigns hit unintended victims?"
An anonymous reader writes "In spite of Linux's great networking capabilities, there seems to be a shortage of suitable hardware for building an enterprise-grade networking platform. I've had success on smaller projects with the Soekris offerings but they are suboptimal for large-scale deployment due to their single-board non-redundant design (eg., single power supply, lack of backup 'controller'). What is the closest thing to a modular Linux-capable platform with some level of hardware redundancy and substantial bus/backplane throughput?"
Dangerous_Minds writes "ZeroPaid is documenting some comments made by an encrypted chat developer who was interrogated at the U.S. border recently. According to the CryptoCat developer, border guards confiscated his passport and interrogated him about the application he developed. Most notably, he commented, "The interrogator (who claimed 22 years of computer experience) asked me which algorithms Cryptocat used and about its censorship resistance.""
coondoggie writes "Secretary of Homeland Security Janet Napolitano today said the agency will form a cybersecurity workforce task group that will consider strategies such as expanding DHS involvement in cyber competitions and university programs, enhancing public-private security partnerships and working with other government agencies to develop a more agile cyber workforce across the federal government. The new task force will be co-chaired by hacking expert Jeff Moss who now works for the Homeland Security Advisory Council and Alan Paller is director of research at the SANS Institute."
An anonymous reader writes "In the last two years, over 200 million Indian nationals have had their fingerprints and photographs taken and irises scanned, and given a unique 12-digit number that should identify them everywhere and to everyone. This is only the beginning, and the goal is to do the same with the entire population (1.2 billion), so that poorer Indians can finally prove their existence and identity when needed for getting documents, getting help from the government, and opening bank and other accounts. This immense task needs a database that can contain over 12 billion fingerprints, 1.2 billion photographs, and 2.4 billion iris scans, can be queried from diverse devices connected to the Internet, and can return accurate results in an extremely short time."
A number of readers have written in with stories related to today's permanent rollout of IPv6 by several major organizations. From the looks of it, for the 1% or so of end users with IPv6 support, everything is going smoothly. For those not so lucky to have IPv6 already, an anonymous reader writes with (mostly) good news: 60% of ISPs intend to enable IPv6 by the end of 2012. For business users, darthcamaro provides some words of caution: "...the Chief Security Officer of VeriSign doesn't think IPv6 should be turned on by a whole lot of people. The problem is network security devices in many cases don't scan IPv6. So if you turn IPv6 on, you're screwed. 'If you don't have that visibility into IPv6, you should probably consider explicitly disabling IPv6 on your systems until you can take a very concerted approach to enabling IPv6 in a secure manner,' McPherson said."
jones_supa writes "A user in a Russian forum is claiming to have hacked LinkedIn to the tune of almost 6.5 million account details. The user uploaded 6,458,020 SHA-1 hashed passwords, but no usernames. Several people have said on Twitter that they found their real LinkedIn passwords as hashes on the list. The Verge spoke with Mikko Hyppönen, Chief Research Officer at F-Secure, who thinks this is a real collection. He told us he is 'guessing it's some sort of exploit on their web interface, but there's no way to know.' We will have to wait for LinkedIn to report back to be sure what exactly has happened." An anonymous reader tipped us to related news: The LinkedIn iOS application harvests information from your calendar and transmits it to their servers unencrypted.
Trailrunner7 writes "Google, whose users have been frequent targets of suspected attacks by foreign governments, is deploying a new warning system for users who may be victims of those kinds of attacks. The new system is in addition to existing warnings that Google will show Gmail users when their accounts may have been accessed by attackers. Gmail users have been on the receiving end of a number of known attacks, including the infamous Google Aurora attack that has been blamed on China. Part of that operation was aimed at a specific subset of Gmail users, including Chinese dissidents and journalists. Now, Google says it will warn users about exactly that kind of activity."
wiredmikey writes "As more research unfolds about the recently discovered Flame malware, researchers have found three modules – named Snack, Gadget and Munch – that are used to launch what is essentially a man-in-the-middle attack against other computers on a network. As a result, Kaspersky researchers say when a machine attempts to connect to Microsoft's Windows Update, it redirects the connection through an infected machine and it sends a fake malicious Windows Update to the client. That is courtesy of a rogue Microsoft certificate that chains to the Microsoft Root Authority and improperly allows code signing. According to Symantec, the Snack module sniffs NetBIOS requests on the local network. NetBIOS name resolution allows computers to find each other on a local network via peer-to-peer, opening up an avenue for spoofing. The findings have prompted Microsoft to say that it plans to harden Windows Update against attacks in the future, though the company did not immediately reveal details as to how." And an anonymous reader adds a note that Flame's infrastructure is massive: "over 80 different C&C domains, pointed to over 18 IP addresses located in Switzerland, Germany, the Netherlands, Hong Kong, Poland, the UK, and other countries."
snowdon writes "The race for low-latency in finance and HPC has taken a major turn. A bunch of engineers from Australia have 'thrown away the air conditioning' in a traditional switch, to get a 10G fibre-to-fibre latency of less than 130ns! Way faster than more traditional offerings. This lady (video) would tell you that it's equivalent to just 26m of optical fibre. Does that mean we just lose money faster?"