New submitter Guru Jim writes "Our company is currently looking at our incentives program and are wondering what is out there that helps motivate IT workers. We have engineers/sys admins as well as developers. With both teams, we have guns who are great and really engaged in looking after the customers, but some of the team struggle. Sometimes it is easy to say that there isn't too much work on and goof off and read Slashdot all day. This puts more pressure on some of the team. Management is being more proactive in making sure the work is shared equally, but we are wondering what can be out there that is more carrot than stick? We already have cake day, corporate massage day, bonuses for exams and profit share, but what is out there that is innovative and helps build a great workplace?" If you're reading this, the odds are good that you work in or around IT (or hope to); what would you most like to see your workplace implement?
Hugh Pickens writes "Neal Ungerleider writes about PlaceRaider, a trojan that can run in the background of any phone running Android 2.3 or above, and is hidden in a photography app that gives PlaceRaider the necessary permissions to access the camera and upload images. Once installed, PlaceRaider quietly takes pictures at random that are tagged with the time, location, and orientation of the phone while muting the phone's shutter sound. Once pictures are taken, PlaceRaider uploads them to a central server where they are knitted together into a 3D model of the indoor location where the pics were taken. A malicious user can then browse this space looking for objects worth stealing and sensitive data such as credit card details, identity data or calender details that reveal when the user might be away. If a user's credit card, bank information, or personal information happen to be out in the open — all the better. — the software can identify financial data, bar codes, and QR codes. End users will also be able to get the full layout of a victim's office or room. The good news? PlaceRaider isn't out in the wild yet. The malware was built as an academic exercise by a team at Indiana University as a proof of concept to show the invasive potential of visual malware beyond simple photo or video uploads and demonstrate how to turn an individual's mobile device against himself (PDF), creating an advanced surveillance platform capable of reconstructing the user's physical environment for exploration and exploitation. 'The message is clear — this kind of malware is a clear and present danger. It's only a matter of time before this game of cat and mouse becomes more serious.'" As malware, it's spooky. But merely as software, this kind of intelligent 3-D imaging is something I'd like to be able to do with my phone.
chicksdaddy writes "In the wake of Adobe's warning on Thursday about a high profile compromise on its network, security experts say the incident raises troubling questions about the extent of the breach at a company that makes software running on hundreds of millions of computers. Writing on Thursday, Brad Arkin, Adobe's Senior Director of Product Security And Privacy, reassured customers that the company's source code wasn't stolen, nor did the hackers have access to code for any of Adobe's core products like Adobe Reader or Flash. However, those with expertise in breaking into networks and cleaning up after hacks said the nature of the attack – which Adobe has described as having the characteristics of an 'APT' – or advanced persistent threat – make it difficult to know what attackers did or did not have access to and whether or not the threat has been removed. 'If you put yourself in the hacker's position you realize how much they must have known about Adobe internals to perform the hack they performed,' said Dave Aitel of Immunity Inc. 'If they had that kind of access it's very hard to say that they were limited in their access and are completely removed from the network.'"
First time accepted submitter SgtKeeling writes "After 5 release candidates, a new version of Slackware has been released. From the website: 'Yes, it is that time again! After well over a year of planning, development, and testing, the Slackware Linux Project is proud to announce the latest stable release of the longest running distribution of the Linux operating system, Slackware version 14.0! We are sure you'll enjoy the many improvements. We've done our best to bring the latest technology to Slackware while still maintaining the stability and security that you have come to expect. Slackware is well known for its simplicity and the fact that we try to bring software to you in the condition that the authors intended. We will be setting up BitTorrent downloads for the official ISO images. Stay tuned to http://slackware.com/ for the latest updates.'"
An article at Nintendo Gamer highlights how Electronic Arts put almost no work into the latest Wii release of their FIFA soccer game franchise, but didn't hesitate to push it out the door anyway. Side-by-side screenshots show the Wii version of FIFA 12 got some minor graphical tweaks — a different splash screen, slightly modified logos, different colored socks on the players — before being re-released as FIFA 13. From the article: "This is something that needs to be highlighted, because while it would be easy to pass it off and say 'meh, it’s just the Wii version,' the fact remains that this game does still sell relatively well. This isn’t guesswork – as journalists we receive confidential sales figures and though we’re legally bound not to reveal those figures, we can at least say with confidence that FIFA 12 did pretty well for a Wii game this close to the console’s death. The Wii U version of FIFA 13 will no doubt be a fantastic game, since it’ll share a lot (if not all) of the Xbox 360 and PS3 versions’ features. The 3DS version is a solid improvement over last year’s effort, and worth a look if you’re into some handheld football action. This, however – a £30 roster update – is unacceptable."
darthcamaro writes "Agencies of the U.S. Federal Government are racing to comply with a September 30th deadline to offer web, email and DNS for all public facing websites over IPv6. While not all government websites will hit the deadline, according to Akamai at least 2,000 of them will. According to at least one expert, the IPv6 mandate is proof that top-down cheerleading for tech innovation works. 'The 2012 IPv6 mandate is not the first (or the last) IPv6 transition mandate from the U.S. government. Four years ago, in 2008, the U.S. government also had an IPv6 mandate in place. That particular mandate, required U.S. Government agencies to have IPv6-ready equipment enabled in their infrastructure.'"
Nerval's Lobster writes "The Electronic Privacy Information Center (EPIC) and the Center for Digital Democracy (CDD) want the Federal Trade Commission (FTC) to examine the new alliance between Facebook and Datalogix. According to the Financial Times, Facebook and Datalogix have teamed up to measure the effects of some 45 marketing campaigns so far, with the two companies matching consumer information from loyalty-card programs to the identifiers (such as email addresses) used to set up Facebook accounts. Combining those datasets could offer insight into whether consumers are actually heading out and buying certain products or services advertised on Facebook. While the two companies apparently strip personal information from the datasets, EPIC and CDD nonetheless have significant concerns over how that data is handled, and by whom. 'Facebook is matching the personal information of users with personal information held by Datalogix,' EPIC wrote in a Sept. 27 posting on its website, hinting that such a deal could violate the social network's previous agreement with the FTC prohibiting it 'from changing privacy settings without the affirmative consent of users or misrepresenting the privacy or security of users' personal information.'"
TheBoat writes "Tim Cook has apologized for the company's Maps app in iOS 6. 'We are extremely sorry for the frustration this has caused our customers and we are doing everything we can to make Maps better.' Cook said the company is continuing to work on the app, but recommended several alternatives in the meantime: apps from Bing, MapQuest, and Waze, or the map websites of Google and Nokia." This is unusual for Apple, but not unprecedented. Steve Jobs acknowledged reception issues with the iPhone 4 in 2010, but he wasn't quite so contrite about it.
coondoggie writes "The U.S. Department of Homeland Security this week issued a call for unmanned systems makers to participate in a program that will ultimately determine their safety and performance for use in first responder, law enforcement and border security situations. In a twist that will certainly raise some eyebrows, the results of the program — called the Robotic Aircraft for Public Safety (RAPS) — will remain unavailable to the public, which, considering how involved the actual public may be with these drones is unfortunate."
wiredmikey writes "Adobe said Thursday it will be revoking a code signing certificate next week after discovering two pieces of malware that had been digitally signed with Adobe's credentials. Two malicious utilities, pwdump7 v7.1 and myGeeksmail.dll, both came from the same source and were signed with valid Adobe digital certificates, Adobe's Brad Arkin said. Adobe plans to revoke the impacted certificate on Oct. 4. After initial investigation, the company identified a compromised build server which had been used to access the code signing infrastructure, Brad Arkin wrote in a blog post. The build server did not have rights to any public key infrastructure functions other than the ability to issue requests to the signing service and did not have access to any Adobe products such as Flash Player, Adobe Reader, Shockwave Player, or Adobe AIR, Arkin said. According to Adobe, most customers won't notice anything out of the ordinary during the certificate revocation process, but some IT administrators may have to take some actions in response."
tsu doh nimh writes "Telvent, a multinational company whose software and services are used to remotely administer and monitor large sections of the energy and gas industries, began warning customers last week that it is investigating a sophisticated hacker attack spanning its operations in the United States, Canada and Spain. Brian Krebs reports that the attacker(s) installed malicious software and stole project files related to one of Telvent's core offerings — OASyS SCADA — a product that helps energy firms mesh older IT assets with more advanced 'smart grid' technologies. A follow-up story from Wired.com got confirmation from Telvent, and includes speculation from experts that the 'project files' could be used to sabotage systems. 'Some project files contain the "recipe" for the operations of a customer, describing calculations and frequencies at which systems run or when they should be turned on or off. If you're going to do a sophisticated attack, you get the project file and study it and decide how you want to modify the pieces of the operation. Then you modify the project file and load it, and they're not running what they think they're running.'"
An anonymous reader writes "Today, Intel is launching its next-generation Clover Trail platform. The new Intel Z2760 is a dual-core, quad-threaded device clocked at up to 1.8GHz, with support for up to 2GB of RAM and graphics provided courtesy of a single PowerVR SGX545 core. Chipzilla expects to see wide adoption from multiple partners, with a host of tablets expected to launch simultaneously with Windows 8. The new SoC is closely related to Medfield, Intel's 32nm smartphone platform that ExtremeTech reviewed earlier this year, but there are a few differences between the two."
tlhIngan writes "So why did Apple decide to ditch the (working) iOS maps app with one based on their own data (despite having one more year to the contract)? It turns out to be turn-by-turn voice navigation. It wasn't a feature in the original Apple-Google licensing agreement, so Apple went back to Google to renegotiate what has become a top-tier feature on Android. Apple wanted it. In return, Google wanted increased branding in the maps app (Apple refused) or to integrate Latitude (Google's FourSquare competitor), to which Apple refused as well. As a result Apple was forced to seek other sources in order to obtain this feature." Eventually, iOS users who don't want to wait for Apple-Google parity will be able to download a native version of Google's maps (rather than a hacked version), but that could be a ways off.
angry tapir writes "Bitcoin exchanges generally don't seem to recover that easily after security breaches. However, BitFloor, which was hacked and had 24,000 Bitcoins stolen in early September, is coming back online, refunding account holders whose coins were stolen and implementing new security measures, including cold storage for private keys." The key word is "intends" — but I hope it happens as promised.