Spoiler Alert: Your TV Will Be Hacked 211

snydeq writes "With rising popularity of Internet-enabled TVs, the usual array of attacks and exploits will soon be coming to a screen near you. 'Will Internet TVs will be hacked as successfully as previous generations of digital devices? Of course they will. Nothing in a computer built into a TV makes it less attackable than a PC. ... Can we make Internet TVs more secure than regular computers? Yes. Will we? Probably not. We never do the right things proactively. Instead, we as a global society appear inclined to accept half-baked security solutions that are more like Band-Aids than real protection.'"

IBM Sells Point-Of-Sale Business To Toshiba 120

ErichTheRed writes "Yet another move by IBM out of end-user hardware, Toshiba will be buying IBM's retail point-of-sale systems business for $850M. Is it really a good idea for a company defined by good (and in this case, high-margin) hardware to sell it off in favor of nebulous consulting stuff? 'Like IBM's spin-offs of its PC, high-end printer, and disk drive manufacturing businesses to Lenovo, Ricoh, and Hitachi respectively in the past decade, IBM is not just selling off the RSS division but creating a holding company where it will have a stake initially but which it will eventually sell.' Is there really no money in hardware anymore? "

US and China Held Secret Cyber Wargames 71

judgecorp writes "Despite the accusations that have flown both ways between the countries, the US and China have co-operated in wargames, held in secret in Beijing and Washington, designed to head off escalations in hostilities. From the article: 'During the first exercise, both sides had to describe what they would do if they were attacked by a sophisticated computer virus, such as Stuxnet, which disabled centrifuges in Iran's nuclear program. In the second, they had to describe their reaction if the attack was known to have been launched from the other side.'"

The Three Flavors of Windows 8 500

First time accepted submitter Kelerei writes "Windows 8 has been confirmed as the official name for the next x86/x64 version of Windows, which will be released in two editions: a home edition (simply named 'Windows 8') featuring an updated Windows Explorer, Task Manager, improved multi-monitor support and 'the ability to switch languages on the fly,' while a professional edition ('Windows 8 Pro') adds features for businesses and technical professionals such as encryption, virtualization and domain connectivity. Windows Media Center will not be included in the Pro edition and will be available separately as part of a 'media pack' add-on. A third edition, branded as 'Windows RT,' will be available for ARM-based systems."

The Cybercrime Wave That Wasn't 85

retroworks writes "Dinei Florencio and Cormac Herley write that cybercrime depleted gullible and unprotected users, producing diminishing returns (over-phishing). They argue that the statistics on the extent of losses from cybercrime are flawed because there is never an under-estimation reported. Do they underestimate the number of suckers gaining internet access born every minute? Or has cybercrime become the 'shark attack' that gets reported more often than it occurs?"

When Big Brother Watches IT 234

bdking writes "In an effort to protect sensitive data from internal security threats, some organizations are 'using new technology to look at the language of their IT staff's emails to determine whether their behavior or mind-set has changed,' the Wall Street Journal reports. Is secretly spying on and linguistically interpreting employee emails going too far in the name of security? From the article: 'I understand the need to be aware of the attitudes of workers with high-level access to data and networks, but this strikes me as creepy. What if an IT employee suddenly has relationship problems or family issues? Will they then be flagged by HR as potentially troublesome or even a data security risk? And all without them even knowing there's a dossier being created of them and their "suspect" behavior?'"

Boeing Preparing an Ultra-Secure Smartphone 101

bobwrit writes in with a story about Boeing's new secure government phones project. "Earlier this week, it was revealed that aerospace firm Boeing was working on a high security mobile device for the various intelligence departments. This device will most likely be released later this year, and at a lower price point than other mobile phones targeted at the same communities. Typically, phones in this range cost about 15,000-20,000 per phone, and use custom hardware and software to get the job done. This phone will most likely use Android as it's main operating system of choice, which lowers the cost per phone, since Boeing's developers don't have to write their own operating system from scratch."

Documentation As a Bug-Finding Tool 188

New submitter Sekrimo writes "This article discusses an interesting advantage to writing documentation. While the author acknowledges that developers often write documentation so that others may better understand their code, he claims documenting can also be a useful way to find bugs before they ever become an issue. Taking the time to write this documentation helps to ensure that you've thought through every aspect of your program fully, and cleared up any issues that may arise."
Desktops (Apple)

New Targeted Mac OS X Trojan Requires No User Interaction 322

An anonymous reader writes "Another Mac OS X Trojan has been spotted in the wild; this one exploits Java vulnerabilities just like the Flashback Trojan. Also just like Flashback, this new Trojan requires no user interaction to infect your Apple Mac. Kaspersky refers to it as 'Backdoor.OSX.SabPub.a' while Sophos calls it at 'SX/Sabpab-A.'"

More Malicious Apps Found On Google Play 143

suraj.sun writes "We've seen quite a few Android malware discoveries in the recent past, mostly on unofficial Android markets. There was a premium-rate SMS Trojan that not only sent costly SMS messages automatically, but also prevented users' carriers from notifying them of the new charges, a massive Android malware campaign that may be responsible for duping as many as 5 million users, and an malware controlled via SMS. Ars Technica is now reporting another Android malware discovery made by McAfee researcher Carlos Castillo, this time on Google's official app market, Google Play, even after Google announced back in early February that it has started scanning Android apps for malware. Two weeks ago, a separate set of researchers found malicious extensions in the Google Chrome Web Store that could gain complete control of users' Facebook profiles. Quoting the article: 'The repeated discoveries of malware hosted on Google servers underscore the darker side of a market that allows anyone to submit apps with few questions asked. Whatever critics may say about Apple's App Store, which is significantly more selective about the titles it hosts, complaints about malware aren't one of them.'"

Former TSA Administrator Speaks 196

phantomfive writes "Former TSA head Kip Hawley talks about how the agency is broken and how it can be fixed: 'The crux of the problem, as I learned in my years at the helm, is our wrongheaded approach to risk. In attempting to eliminate all risk from flying, we have made air travel an unending nightmare for U.S. passengers and visitors from overseas, while at the same time creating a security system that is brittle where it needs to be supple. ... the TSA's mission is to prevent a catastrophic attack on the transportation system, not to ensure that every single passenger can avoid harm while traveling. Much of the friction in the system today results from rules that are direct responses to how we were attacked on 9/11. But it's simply no longer the case that killing a few people on board a plane could lead to a hijacking. ...The public wants the airport experience to be predictable, hassle-free and airtight and for it to keep us 100% safe. But 100% safety is unattainable. Embracing a bit of risk could reduce the hassle of today's airport experience while making us safer at the same time."
The Internet

Banned From Kickstarter For Being Cyberstalked 382

An anonymous reader writes "Rachel Marone has been a victim of cyberstalking for over 10 years. In 2011, she had a project on Kickstarter shut down because of the high volume of spam posted by the stalker in the comment section of the project. Recently, Marone's manager spoke to Kickstarter again to see how she could avoid having a new project banned if the cyberstalker showed up again. They replied, 'If there is any chance that Rachel will receive spam from a stalker on her project, she should not create one. We simply cannot allow a project to become a forum for rampant spam, as her past project became. If this happens again, we will need to discard the project and permanently suspend Rachel's account.' On her website, Marone sums up the situation thus: 'I am being told that I cannot crowdfund because I am a stalking victim. ... With so many women being stalking targets this does not seem reasonable to me.'"

Why Your IT Spending Is About To Hit the Wall 301

CowboyRobot writes "For decades, rapid increases in storage, processor speed, and bandwidth have kept up with the enormous increases in computer usage. That could change however, as consumption finally outpaces the supply of these resources. It is instructive to review the 19th-century Economics theory known as Jevons Paradox. Common sense suggests that as efficiencies rise in the use of a resource, the consumption goes down. Jevons Paradox posits that efficiencies actually drive up usage, and we're already seeing examples of this: our computers are faster than ever and we have more bandwidth than ever, yet our machines are often slow and have trouble connecting. The more we have, the even more we use."

iPhone Users Sue AT&T For Letting Thieves Re-Activate Their Stolen Devices 197

An anonymous reader writes "Following on the heels of the FCC and U.S. mobile carriers finally announcing plans to create a national database for stolen phones, a group of iPhone users filed a class action lawsuit against AT&T on Tuesday claiming that it has aided and abetted cell phone thieves by refusing to brick stolen cell phones. AT&T has '[made] millions of dollars in improper profits, by forcing legitimate customers, such as these Plaintiffs, to buy new cell phones, and buy new cell phone plans, while the criminals who stole the phone are able to simply walk into AT&T stories and 're-activate' the devices, using different, cheap, readily-available 'SIM' cards,' states their complaint. AT&T, of course, says the suit is 'meritless.'"

Mozilla Testing Click-to-Play Option For Plugin Content 124

Trailrunner7 writes "Mozilla is developing a feature in Firefox that would require some user interaction in order for Flash ads, Java scripts and other content that uses plugins to play. In addition to easing system slowdowns, the opt-in for Web plugins is expected to reduce threats posed by exploiting security vulnerabilities in plugins, including zero-day attacks. 'Whether you hate them or love them, content accessed through plugins is still a sizable chunk of the web. So much so, that over 99% of internet users have Flash installed on their browser,' writes Mozilla's Jared Wein, the lead software engineer on the project, in a blog post."

FBI Wants To "Advance the Science of Interrogation" 252

coondoggie writes "From deep in the Department of Creepy today I give this item: The FBI this week put out a call for new research 'to advance the science and practice of intelligence interviewing and interrogation.' The part of the FBI that is requesting the new research isn't out in the public light very often: the High Value Detainee Interrogation Group, which according to the FBI was chartered in 2009 by the National Security Council and includes members of the CIA and Department of Defense, to 'deploy the nation's best available interrogation resources against detainees identified as having information regarding terrorist attacks against the United States and its allies.'"

Apple Updates Java To Include Flashback Removal 121

Fluffeh writes "In the third update to Java that Apple has released this week, the update now identifies and removes the most common variants of the Flashback malware that has infected over half a million Apple machines. 'This Java security update removes the most common variants of the Flashback malware,' Apple wrote in the support document for the update. 'This update also configures the Java web plug-in to disable the automatic execution of Java applets. Users may re-enable automatic execution of Java applets using the Java Preferences application. If the Java web plug-in detects that no applets have been run for an extended period of time it will again disable Java applets.'"

Stuxnet Allegedly Loaded By Iranian Double Agents 167

First time accepted submitter rainbo writes "According to a report from ISSSource, a saboteur who was likely a member of an Iranian dissident group loaded the Stuxnet virus on to a flash drive and infected machines at the Natanz nuclear facility. Iran's intelligence minister, Heydar Moslehi, said that an unspecified amount of 'nuclear spies' were arrested on ties to this attack. Some officials believe these spies belonged to Mujahedeen-e-Khalq (MEK), which is used as the assassination arm of the Israeli Mossad."

University of Pittsburgh Deluged With Internet Bomb Threats 238

An anonymous reader writes "The University of Pittsburgh has been plagued with 78 bomb threats (and counting) since February 14. It started low-tech, with handwritten notes, but has progressed to anonymous emails. Nearly every campus building has been a target. The program suspected is anonymous mailer Mixmaster. The university has been evacuating each building when threats come in (day or night), and police departments from around Allegheny County have offered assistance with clearing each building floor by floor with bomb sniffing dogs. There is a popular tracking blog set up by a student as well as a growing Reddit community. Is there any foreseeable defense (forensic or socially engineered) to a situation like this?"
The Internet

ICANN's Brand-Named Internet Suffix Application Deadline Looms 197

AIFEX writes with a snippet from the BBC: "'Organisations wishing to buy web addresses ending in their brand names have until the end of Thursday to submit applications. For example, drinks giant Pepsi can apply for .pepsi, .gatorade or .tropicana as an alternative to existing suffixes such as .org or .com.'" Asks AIFEX: "Does anyone else think this is absolutely ridiculous and defeats the logical hierarchy of current URLs?"

Slashdot Top Deals