An anonymous reader writes "A series of reports shows that the U.S. and Israel are engaged in a cyber war with Iran to stop it from developing nuclear weapons. Oddly enough, at the same time, the United States and others nations are trying to negotiate with Iran. As America and others start the world's first undeclared cyber-wars, dangerous precedents are being set that this type of warfare is without consequences. Such ideas could not be further from from truth."
Sparrowvsrevolution writes "Free software lawyer and activist Eben Moglen plans to give a talk at the Hackers On Planet Earth conference in New York next month on the need to apply Isaac Asimov's laws of robotics to our personal devices like smartphones. Here's a preview: 'In [1960s] science fiction, visionaries perceived that in the middle of the first quarter of the 21st century, we'd be living contemporarily with robots. They were correct. We do. We carry them everywhere we go. They see everything, they're aware of our position, our relationship to other human beings and other robots, they mediate an information stream about us, which allows other people to predict and know our conduct and intentions and capabilities better than we can predict them ourselves. But we grew up imagining that these robots would have, incorporated in their design, a set of principles. We imagined that robots would be designed so that they could never hurt a human being. These robots have no such commitments. These robots hurt us every day. They work for other people. They're designed, built and managed to provide leverage and control to people other than their owners. Unless we retrofit the first law of robotics onto them immediately, we're cooked.'"
judgecorp writes "Two teens have pleaded guilty to taking part in Lulzsec attacks on the U.S.'s CIA and Britain's SOCA. Ryan Cleary and Jake Davis, aged 19 and 18 respectively, admit to denial of service attacks. Cleary has also been charged in the U.S., but is unlikely to face extradition." However, "... both Cleary and Davis denied allegations they posted 'unlawfully obtained confidential computer data' to public websites including LulzSec.com, Pirate Bay, and PasteBin, in order to encourage offenses contrary to the Serious Crime Act." Two others involved pleaded not guilty to all charges.
Trailrunner7 writes, quoting Threat Post: "Security researchers have come across a worm that is meant specifically to steal blueprints, design documents and other files created with the AutoCAD software. The worm, known as ACAD/Medre.A, is spreading through infected AutoCAD templates and is sending tens of thousands of stolen documents to email addresses in China. However, experts say that the worm's infection rates are dropping at this point and it doesn't seem to be part of a targeted attack campaign. ... [They] discovered that not only was the worm highly customized and well-constructed, it seemed to be targeting mostly machines in Peru for some reason. ... They found that ACAD/Medre.A was written in AutoLISP, a specialized version of the LISP scripting language that's used in AutoCAD."
zacharye writes "Apple's next-generation iPhone will feature an integrated NFC chip according to a new report, suggesting the Cupertino, California-based company may soon make its entrance into the mobile payment space. A report from 9to5Mac states that an analysis of code from Apple's latest iOS software includes references to an integrated NFC chip and antenna."
jfruh writes "You might be a bit jealous of Andrew Weiss: fresh out of college, he got interviews with both Microsoft and Google. He discusses (to the extent NDAs allow) the differences between the two experiences, ranging from the silly (Google's famous gourmet cafeteria vs. Microsoft's gaming room) to the serious (Google's technical emphasis vs. Microsoft's focus on explanatory and consulting skills.)"
redletterdave writes "Apple quietly switched out a statement that claimed its Mac computers were completely immune to viruses with a less-forward statement: 'It's built to be safe.' The PR shift comes in the aftermath of the Flashback Trojan, which affected hundreds of thousands of Macs back in early April. From the article: 'Apple strives for perfection, but stating something is perfect when it isn't is ultimately bad for PR and company morale. Jobs used his reality distortion field to "rally the troops," so to speak, but "Mountain Lion" will ensure Apple can tout its closed, highly-secure operating system for the foreseeable future in a much more realistic sense. Just because a product isn't impervious to sickness doesn't mean it isn't "insanely great."'"
Sparrowvsrevolution writes "Dane Jasper's tiny Internet service provider Sonic.net briefly took the national spotlight last October, when it contested a Department of Justice order that it secretly hand over the data of privacy activist and WikiLeaks associate Jacob Appelbaum. But Sonic.net has actually been quietly implementing a much more fundamental privacy measure: For the past eighteen months it's only kept logs of user data for two weeks before deletion, compared with 18 to 36 months at Verizon, AT&T, Comcast, Time Warner and other ISPs. In a lengthy Q&A, he explains how he came to the decision to limit logging after a series of shakedowns by copyright lawyers attempting to embarrass users who had downloaded porn films, and he argues that it's time all ISPs adopt the two-week rule."
mikejuk writes "Two former Facebook developers have created a new database that they say is the world's fastest and it is MySQL compatible. According to Eric Frenkiel and Nikita Shamgunov, MemSQL, the database they have developed over the past year, is thirty times faster than conventional disk-based databases. MemSQL has put together a video showing MySQL versus MemSQL carrying out a sequence of queries, in which MySQL performs at around 3,500 queries per second, while MemSQL achieves around 80,000 queries per second. The documentation says that MemSQL writes back to disk/SSD as soon as the transaction is acknowledged in memory, and that using a combination of write-ahead logging and snapshotting ensures your data is secure. There is a free version but so far how much a full version will cost isn't given." (See also this article at SlashBI.)
That Alan Turing committed suicide is widely accepted as fact. Now, an anonymous reader writes, "According to Professor Jack Copeland, director of the The Turing Archive for the History of Computing, 'The coroner [in Turing's case] didn't really investigate the evidence at all, he just jumped to the conclusion that he committed suicide. He seems to have been very biased from the statements in newspapers at the time.' Copeland further said that medical evidence suggested Turing died from inhaling cyanide rather than drinking or ingesting it."
wiredmikey writes "Using a combination of TCP scans and Google, security researchers found that nearly a quarter of the organizations running vulnerable versions of SAP are tempting fate by leaving them exposed to the Internet. This discovery, researchers from ERPScan say, dispels the myth that SAP systems are only available from the internal network, leading to the misconception that they are protected by design. By March 2012, there were more than 2,000 security advisories published by SAP. Of those, about 7% (124) have publicly available PoC (proof-of-concept) exploit code available to the public. Many of the issues discovered are related to poor configuration or poor deployment planning. For example, 212 SAP Routers were found in Germany, which were created mainly to route access to internal SAP systems. Another issue with the vulnerable and exposed SAP installations is that many of them run on Windows NT, creating a twin set of risks for the organization, as they have to contend with a bad SAP deployment and unsupported OS that is full of security issues all by itself."
An anonymous reader writes "Growing up in the digital age, 18 – 25s may appear to be a more tech-savvy generation, but that does not translate into safer computing and online practices. A new study reveals that they are the most at-risk group, and prone to cyber-attacks. That makes this group even more vulnerable to online security threats. Younger users tend to prioritize entertainment and community over security, perhaps due to overconfidence in their security knowledge. For example, they're more concerned about gaming or other social activities than their online security. They also have less sophisticated security software, and hence, have reported more security problems than other groups."
frisket writes with news from The Register about ongoing problems for some UK banks: "'RBS and Natwest have failed to register inbound payments for up to three days, customers have reported, leaving people unable to pay for bills, travel and even food. The banks — both owned by RBS Group — have confirmed that technical glitches have left bank accounts displaying the wrong balances and certain services unavailable. There is no fix date available.' Customers of NatWest subsidiary Ulster Bank in Ireland have also been left without banking services. RTE reports that 'the problem had arisen within the systems of parent bank RBOS when an incorrect patch was applied.'"
judgecorp writes "Iran has reported that its nuclear facilities are under a sustained cyber attack which it blames on the U.S., UK and Israel. America and Israel created Stuxnet, and have been accused of starting the Flame worm." And once a country admits that it's created such software, publicly deflecting such blame gets a lot harder.
Trailrunner7 writes "PayPal is the latest company to join the ranks of software vendors and Web properties that offer bounties to security researchers who privately disclose new bugs to them. The company isn't saying how much it will pay for each bug, just that its security team will determine the severity of each flaw as well as the ultimate payout. PayPal's decision to offer financial incentives to researchers follows the establishment of similar programs by companies including Google, Mozilla, Facebook, Barracuda and others. Google's bug bounty program may be the most well-known and comprehensive, as it includes bugs not just in its software products such as Chrome, but also its Web properties. The company has paid out more than $400,000 in rewards to researchers since the program began and researchers who consistently find bugs in Google's products can make a nice side income off the program."