New submitter bupbin writes "We are providing a detailed report and analysis of eleven different popular gun safes produced by Stack-On, GunVault, and Bulldog to warn the public of the dangers inherent in some of these products because the manufacturers nor their major retailers will do so. In that report you can view eight different Stack-On models, one produced by Bulldog, and one manufactured by GunVault. A similar design defect is demonstrated in an inexpensive safe for storing valuables that is sold by AMSEC, a very reputable safe manufacturer in the United States. Unfortunately, their digital safe with their claim of a 'state-of-the-art electronic lock' can also be opened (literally) by a three-year-old because of a common mechanism used in the industry that is subject to circumvention."
Want business-intelligence news delivered to your inbox? Signup for SlashBI Update now.
An anonymous reader writes "When earlier this year Google introduced Bouncer — an automated app scanning service that analyzes apps by running them on Google's cloud infrastructure and simulating how they will run on an Android device — it shared practically nothing about how it operates, in the hopes of making malicious app developers' scramble for a while to discover how to bypass it. As it turned out, several months later security researchers Jon Oberheide and Charlie Miller discovered — among other things — just what kind of virtual environment Bouncer uses (the QEMU processor emulator) and that all requests coming from Google came from a specific IP block, and made an app that was instructed to behave as a legitimate one every time it detected this specific virtual environment. Now two more researchers have effectively proved that Bouncer can be rather easily fooled into considering a malicious app harmless."
An anonymous reader writes "I'm leaving my current job for a new one. I've been at this job for 10+ years so I'm sure there is tons of personal stuff stored on my machine. Since I can't take it with me does any one have a suggestions of tools or practices to clean off all of that data. I've already got my personal documents and files. I'm most worried about CC, debit card numbers and web site passwords I've used in browsers. Does clearing the cache, cookies, temp files do a good enough job? BTW it's a Windows 7 system if that makes a difference."
Sparrowvsrevolution writes "At the Defcon security conference later this week, two security researchers will release a tool that aims to expose a little-seen list of hidden private aircraft flight plans–the so-called Block Aircraft Registration Request or BARR list, a collection of aircraft whose owners have tried to keep their whereabouts secret. Any private jet owner can request to be taken out of the FAA's public database of flight plans. But Dustin Hoffman and Semon Rezchikov found that private flyers' whereabouts are still broadcast in air-traffic control communications. So they developed a speech-to-text system that pulls out planes' tail numbers from those communications almost in real time, often fast enough to post a plane's destination before it lands. In its proof-of-concept version, the site is focusing on Las Vegas airports, but plans to expand to other cities soon."
silentbrad writes with this excerpt from the Financial Post: "Fast-evolving biometric technologies are promising to deliver the most convenient, secure connection possible between you and your bank account — using your body itself in place of all of those wallets and purses stuffed with cash, change and plastic cards. Biometrics is the science of humans' physiological or behaviourial characteristics and it's being used to develop technology that recognizes and matches unique patterns in human fingerprints, faces and eyes and even sweat glands and buttock pressure. Its applications in the financial realm are a potentially huge time and effort saver, but that's just a beginning for the technology's usefulness. ... [BIOPTid Inc.]'s One Touch cube, set to be on the market within a year, is an external device that users can hook up to their computers and mobile electronics to replace passwords for Internet logins and banking. The cube reads a personal sweat gland barcode to verify identity from the moisture on a user's fingertip. ... 'Biometrics is something that's used by governments, it's used by "Big Brother" to keep an eye on us and we want to change that,' says [BIOPTid chief Scott McNulty] 'We think biometrics is something that can be actually used by the people and it becomes their technology that they use to protect themselves.'"
gManZboy writes "A key component of the FAA's emerging 'Next Gen' air traffic control system is fundamentally insecure and ripe for manipulation and attack, security researcher Andrei Costin said in a presentation Wednesday at Black Hat 2012. Costin outlined a series of issues related to the Automatic Dependent Surveillance-Broadcast (ADS-B) system, a replacement to the decades-old ground radar system used to guide airplanes through the sky and on the ground at airports. Among the threats to ADS-B: The system lacks a capability for message authentication. 'Any attacker can pretend to be an aircraft' by injecting a message into the system, Costin said. There's also no mechanism in ADS-B for encrypting messages. One example problem related to the lack of encryption: Costin showed a screen capture showing the location of Air Force One — or that someone had spoofed the system."
An anonymous reader writes "Anonymous is releasing some of the 40GB of data it claims to have stolen from Australian internet service provider AAPT. The hack is reportedly in protest against Australia's proposed data retention regime, which would mandate ISPs to collect and hold transmission data from its users for up to two years."
alphadogg writes "At the Black Hat Conference in Las Vegas Wednesday, Accuvant Labs researcher Charlie Miller showed how he figured out a way to break into both the Google/Samsung Nexus S and Nokia N9 by means of the Near Field Communication (NFC) capability in the smartphones. NFC is still new but it's starting to become adopted for use in smartphone-based purchasing in particular. The experimentation that Miller did, which he demonstrated at the event, showed it's possible to set up NFC-based radio communication to share content with the smartphones to play tricks, such as writing an exploit to crash phones and even in certain circumstances read files on the phone and more."
Nerval's Lobster writes "Europe's most powerful supercomputer — and the fourth most powerful in the world — has been officially inaugurated. The SuperMUC, ranked fourth in the June TOP500 supercomputing listing, contains 147,456 cores using Intel Xeon 2.7-GHz, 8-core E5-2680 chips. IBM, which built the supercomputer, stated in a recent press release that the supercomputer actually includes more than 155,000 processor cores. It is located at the Leibniz-Rechenzentrum (Leibniz Supercomputing Centre) in Garching, Germany, near Munich. According to the TOP500 list, the SuperMUC is the world's most powerful X86-based supercomputer. The Department of Energy's 'Sequoia' supercomputer at the Lawrence Livermore National Laboratory in Livermore, Calif., the world's [overall] most powerful, relies on 16-core, 1.6-GHz POWER BQC chips."
zwei2stein writes "My team of about 10 men (IT guys) is expecting a new colleague: a female one. It is guaranteed that there will be remarks, double entendres and innuendos with huge potential of getting worse. We already have women in teams who can somehow handle this (and deliver apropriate verbal slaps). How would you deal with this? We talked about some simple, fun ways — anyone who [acts inappropriately] will have to wear an embarassing tie, etc. — instead of swear jar, having a sexual innuendo jar and even fairly harsh punishments (like people losing their bonuses for the month or their extra vaccation days). I'd like to figure out a solution that would be effective, not call much attention to itself, and not be quickly abandoned." What has your workplace done to create a good culture on this front? And what hasn't worked?
alphadogg writes "Google Talk, a desktop and mobile text and voice chat service used by many Google Gmail customers, suffered a widespread outage Thursday morning that the company said was affecting 'a majority of users.' The outage, first reported by Google a little before 7am eastern time, was being restored about 4 hours later, according to Google. Meanwhile, users of the downed cloud service took to Twitter and other avenues to voice their displeasure." Update: 07/26 16:24 GMT by T : wiedzmin writes "It looks like Twitter is experiencing an outage. leaving users unable to access the site on Thursday morning. I wonder if it's related to the Google Talk outage at all, but one thing is for sure — this has stopped a slew of complaints about Google Talk on Twitter. If Twitter is down, where do you tweet about that?"
An anonymous reader writes "A new Mac OS X Trojan referred to as OSX/Crisis silently infects OS X 10.6 Snow Leopard and OS X 10.7 Lion. The backdoor component calls home to the IP address 220.127.116.11 every five minutes, awaiting instructions. The threat was created in a way that is intended to make reverse engineering more difficult, an added extra that is more common with Windows malware than it is with Mac malware."
jfruh writes "Comcast customers who dream of superfast download speeds drooled when they heard the company would be offering 305 Mbps service. There's only one catch: the high speeds are only available in markets where the cable giant is going head-to-head with Verizon's FiOS service. It seems that competition really does improve service quality when it comes to ISPs."
theodp writes "IBM CEO Virginia M. Rometty's Big Blue bio boasts that she led the development of IBM Global Delivery Centers in India. In his latest column, Robert X. Cringely wonders if customers of those centers know what they're getting for their outsourcing buck. 'Right now,' writes Cringely, 'IBM is preparing to launch an internal program with the goal of increasing in 2013 the percentage of university graduates working at its Indian Global Delivery Centers (GDCs) to 50 percent. This means that right now most of IBM's Indian staffers are not college graduates. Did you know that? I didn't. I would be very surprised if IBM customers knew they were being supported mainly by graduates of Indian high schools.'"
Sherloqq sends this quote from a Bloomberg report: "FinFisher, a spyware sold by U.K.- based Gamma Group, can secretly take remote control of a computer, copying files, intercepting Skype calls and logging every keystroke. For the past year, human rights advocates and virus hunters have scrutinized FinFisher, seeking to uncover potential abuses. They got a glimpse of its reach when a FinFisher sales pitch to Egyptian state security was uncovered after that country's February 2011 revolution. In December, anti-secrecy website WikiLeaks published Gamma promotional videos showing how police could plant FinFisher on a target's computer. ... Researchers believe they’ve identified copies of FinFisher, based on an examination of malicious software e-mailed to Bahraini activists, they say. ... The findings illustrate how the largely unregulated trade in offensive hacking tools is transforming surveillance, making it more intrusive as it reaches across borders and peers into peoples’ digital devices. From anywhere on the globe, the software can penetrate the most private spaces, turning on computer web cameras and reading documents as they are being typed."