×
Crime

John McAfee Launches Blog, Offers $25K Reward For "Real Killers" 377

Posted by samzenpus from the on-the-run dept.
An anonymous reader writes "The IT security pioneer John McAfee has launched a blog to document his life on the lam, as Belize police chase him down for suspicion of killing a neighbor. McAfee is using the blog to state his case, raise suspicions about Belize authorities and to offer a $25K reward to find the real killer or killers. From the article: 'McAfee writes that he is on run with a 20-year-old female named Sam, photos of whom are in the blog, along with a post from her. McAfee says a handful of friends and associates have been rounded up by police over the past week or so. His posts are filled with dramatic descriptions of his actions (including returning to his home in disguise to find police digging up his dead dogs and cutting off their heads) and lay bare his suspicions about Belize authorities. '"
Censorship

You Can't Say That On the Internet 432

Posted by samzenpus from the watch-what-you-say dept.
hessian writes in with a story about the arbitrary and often outdated online decency standards being imposed by companies."A bastion of openness and counterculture, Silicon Valley imagines itself as the un-Chick-fil-A. But its hyper-tolerant facade often masks deeply conservative, outdated norms that digital culture discreetly imposes on billions of technology users worldwide. What is the vehicle for this new prudishness? Dour, one-dimensional algorithms, the mathematical constructs that automatically determine the limits of what is culturally acceptable. Consider just a few recent kerfuffles. In early September, The New Yorker found its Facebook page blocked for violating the site’s nudity and sex standards. Its offense: a cartoon of Adam and Eve in the Garden of Eden. Eve’s bared nipples failed Facebook’s decency test."
Microsoft

Windows Phone 8 Users Hit Some Snags 391

Posted by timothy from the my-android-phone-freezes-way-too-often dept.
symbolset writes "As reported on The Verge, many people are experiencing freezing, rebooting and battery problems on their new Windows Phone 8 devices. This WP8Central thread shows many of the issues. Affected devices include Lumia 920 and HTC 8X." Every phone and every OS has its problems, and happy users probably aren't as vocal; it would be good to know how Windows Phone users who are also iOS and Android users compare them for reliability.
Crime

Hacker vs. Counter-Hacker — a Legal Debate 182

Posted by timothy from the shhh-this-is-the-conspiracy-room dept.
Freddybear writes "If your computer has been cracked and subverted for use by a botnet or other remote-access attack, is it legal for you to hack back into the system from which the attack originated? Over the last couple of years three legal scholars and bloggers have debated the question on The Volokh Conspiracy weblog. The linked webpage collects that debate into a coherent document. 'The debaters are:
  • Stewart Baker, a former official at the National Security Agency and the Department of Homeland Security, a partner at Steptoe & Johnson with a large cybersecurity practice. Stewart Baker makes the policy case for counterhacking and challenges the traditional view of what remedies are authorized by the language of the CFAA.
  • Orin Kerr, Fred C. Stevenson Research Professor of Law at George Washington School of Law, a former computer crimes prosecutor, and one of the most respected computer crime scholars. Orin Kerr defends the traditional view of the Act against both Stewart Baker and Eugene Volokh.
  • Eugene Volokh, Gary T. Schwartz Professor of Law at UCLA School of Law, founder of the Volokh Conspiracy, and a sophisticated technology lawyer, presents a challenge grounded in common law understandings of trespass and tort.'"
Google

New Malware Variant Uses Google Docs As a Proxy To Phone Home 85

Posted by timothy from the why-not-use-linkedin-like-all-the-other-spammers dept.
An anonymous reader writes "Windows 8 may block most malware out of the box, but there is still malware out there that thwarts Microsoft's latest and greatest. A new Trojan variant, detected as Backdoor.Makadocs and spread via RTF and Microsoft Word document marked as Trojan.Dropper, has been discovered that not only adds a clause to target Windows 8 and Windows Server 2012, but also uses Google Docs as a proxy server to phone home to its Command & Control (C&C) server."
Security

Anonymous Attacks Israeli Websites In Response To IDF Operation In Gaza 560

Posted by timothy from the bad-juju dept.
An anonymous reader writes "On Thursday, Anonymous reported that it took down close to 40 Israeli government and security establishment websites, although the single website that they presented as having been attacked belonged to a security and cleaning services company. The report came after Likud MK Danny Danon announced earlier in the week that his website had been taken down by a group calling itself TeaM KuWaiT HaCkErS. Danon's website had been hosting an online petition calling for the Israeli government to cut off the supply of electricity going from Israel to Gaza. " A report at Russia Today puts the number at "hundreds" of sites, instead.
Security

FreeBSD Project Discloses Security Breach Via Stolen SSH Key 86

Posted by timothy from the happy-transparency dept.
An anonymous reader writes "Following recent compromises of the Linux kernel.org and Sourceforge, the FreeBSD Project is now reporting that several machines have been broken into. After a brief outage, ftp.FreeBSD.org and other services appear to be back. The project announcement states that some deprecated services (e.g., cvsup) may be removed rather than restored. Users are advised to check for packages downloaded between certain dates and replace them, although not because known trojans have been found, but rather because the project has not yet been able to confirm that they could not exist. Apparently initial access was via a stolen SSH key, but fortunately the project's clusters were partitioned so that the effects were limited. The announcement contains more detailed information — and we are left wondering, would proprietary companies that get broken into so forthcoming? Should they be?"
IT

US Justice Dept. Sues eBay For Anti-Competitive Hiring Practices 66

Posted by timothy from the scratcha-my-back dept.
McGruber writes "The Associated Press is reporting that the U.S. Justice Department is suing eBay for allegedly agreeing with Intuit not to hire each other's employees. According to the article, 'eBay's agreement with Intuit hurt employees by lowering the salaries and benefits they might have received and deprived them of better job opportunities at the other company,' said acting Assistant Attorney General Joseph Wayland, who is in charge of the Justice Department's antitrust division. The division 'has consistently taken the position that these kinds of agreements are per se (on their face) unlawful under antitrust laws.'"
Bug

iOS 6 Streaming Bug Sends Data Usage Skyrocketing 98

Posted by Soulskill from the please-don't-start-calling-this-streamgate dept.
MojoKid writes "iOS 6, by all appearances, has a streaming problem. This is separate from the network issues that led Verizon to state that it wouldn't bill people for overages that were caused by spotty Wi-Fi connectivity. The issue has been detailed at PRX.org with information on how the team saw a huge spike in bandwidth usage after the release of iOS 6, and then carefully tested the behavior of devices and its own app to narrow the possible cause. In one case, the playback of a single 30MB episode caused the transfer of over 100MB of data. It is believed that the issue was solved with the release of iOS 6.0.1, but anecdotal evidence from readers points to continued incidents of high data usage, even after updating. If you own an iPhone 5 or upgraded to iOS 6 on an older device, it is strongly recommend to check your usage over the past two months, update to iOS 6.0.1, and plan for a lengthy discussion with your carrier if it turns out your data use went through the roof."
Security

Will It Take a 'Cyber Pearl Harbor' To Break Congressional Deadlock? 104

Posted by Soulskill from the or-perhaps-a-cybertsunami,-or-a-cyberarmageddon dept.
Hugh Pickens writes "For years lawmakers had heard warnings about holes in corporate and government systems that imperil U.S. economic and national security. Now Ward Carroll writes that in the face of what most experts label as a potential 'Cyber Pearl Harbor' threat, Republicans have stalled the Cybersecurity Act of 2012 with a Senate vote of 51–47 against the legislation. This drew a quick response from the staff of Secretary of Defense Leon Panetta: 'The U.S. defense strategy calls for greater investments in cybersecurity measures, and we will continue to explore ways to defend the nation against cyber threats,' says DoD spokesman George Little. 'If the Congress neglects to address this security problem urgently, the consequences could be devastating.' Many Senate Republicans took their cues from the U.S. Chamber of Commerce and businesses that framed the debate not as a matter of national security, but rather as a battle between free enterprise and an overreaching government. They wanted to let companies determine whether it would be more cost effective — absent liability laws around cyber attacks — to invest in the hardware, software, and manpower required to effectively prevent cyber attacks, or to simply weather attacks and fix what breaks afterwards. 'Until someone can argue both the national security and the economic parts of it, you're going to have these dividing forces,' says Melissa Hathaway, a White House cyber official in the Bush and Obama administrations. 'Most likely, big industry is going to win because at the end of the day our economy is still in trouble.'"
Security

High Security Animal Disease Lab Faces Uncertain Future 105

Posted by samzenpus from the not-in-my-backyard dept.
Dupple writes in with a story about the uncertain future of a proposed bio lab in the heart of cattle country. "Plans to build one of the world's most secure laboratories in the heart of rural America have run into difficulties. The National Bio and Agro defense facility (NBAF) would be the first US lab able to research diseases like foot and mouth in large animals. But reviews have raised worries about virus escapes in the middle of cattle country. For over fifty years the United States has carried out research on dangerous animal diseases at Plum Island, just off the coast of New York. However after 9/11 the Department of Homeland Security raised concerns about the suitability of the location and its vulnerability to terrorist attack."
Government

House Subcommittee Holds Hearing On TSA's "Scanner Shuffle" 134

Posted by samzenpus from the who's-to-blame dept.
OverTheGeicoE writes "The Homeland Security Subcommittee on Transportation Security held a hearing on TSA's recent decision to move X-ray body scanners from major airports to smaller ones, which the subcommittee refers to as a 'Scanner Shuffle.' John Sanders, TSA's assistant administrator for security capabilities, testified that 91 scanners recently removed from major airports were now in storage due to 'privacy concerns.' Although TSA originally planned to relocate the scanners to smaller airports, those plans have been shelved because smaller airports don't have room for them. The subcommitteee is also investigating allegations that the machines' manufacturer, Rapiscan, 'may have falsified tests of software intended to stop the machines from recording graphic images of travelers' (VIDEO). Coincidentally, shares of Rapiscan's parent company, OSI Systems Inc., dropped in value almost 25% today, its biggest intraday decline in about 12 years. If wrongdoing is proven, Rapiscan could face fines, prison terms and a ban on government contracting, according to a former head of federal procurement."
NASA

NASA To Encrypt All of Its Laptops 226

Posted by timothy from the violators-will-be-employed-with-social-security dept.
pev writes "After losing another laptop containing personal information, NASA wants to have all of its laptops encrypted within a month's time with an intermediate ban on laptops containing sensitive information leaving its facilities. Between April 2009 and April 2011 it lost or had stolen 48 'mobile computing devices.' I wonder how long it will be before other large organizations start following suit as a sensible precaution?"
Cellphones

Papa John's Sued For Unwanted Pizza-Related Texts 418

Posted by samzenpus from the spam-spam-spam-pizza-spam dept.
jfruh writes "Nationwide pizza chain Papa John's is finding itself on the receiving end of a $250 million text spam lawsuit. From the article: 'Seattle law firm Heyrich Kalish McGuigan, representing three Papa John's customers, alleged that the pizza delivery service has sent 500,000 unwanted text messages to customers. If the court finds that Papa John's violated the U.S. Telephone Consumer Protection Act, the pizza maker could have to pay damages of $500 per text message, or US$250 million, one of the largest damage awards under the 1991 law, the law firm said. "Many customers complained to Papa John's that they wanted the text messages to stop, and yet thousands of spam text messages were sent week after week," Donald Heyrich, attorney for the plaintiffs said in a statement. "This should be a wake-up call to advertisers. Consumers do not want spam on their cell phones."'
Software

US Air Force Scraps ERP Project After $1 Billion Spent 362

Posted by samzenpus from the on-second-thought dept.
angry tapir writes "The U.S. Air Force has decided to scrap a major ERP (enterprise resource planning) software project after spending $1 billion, concluding that finishing it would cost far too much more money for too little gain. Dubbed the Expeditionary Combat Support System (ECSS), the project has racked up $1.03 billion in costs since 2005, 'and has not yielded any significant military capability,' an Air Force spokesman said in a statement. 'We estimate it would require an additional $1.1B for about a quarter of the original scope to continue and fielding would not be until 2020. The Air Force has concluded the ECSS program is no longer a viable option for meeting the FY17 Financial Improvement and Audit Readiness (FIAR) statutory requirement. Therefore, we are canceling the program and moving forward with other options in order to meet both requirements.'"
Security

Hacker Grabs 150k Adobe User Accounts Via SQL Injection 64

Posted by samzenpus from the breaking-in dept.
CowboyRobot writes "Adobe today confirmed that one of its databases has been breached by a hacker and that it had temporarily taken offline the affected Connectusers.com website. The hacker, who also goes by Adam Hima, told Dark Reading that the server he attacked was the Connectusers.com Web server, and that he exploited a SQL injection flaw to execute the attack. 'It was an SQL Injection vulnerability, somehow I was able to dump the database in less requests than normal people do,' he says. Users passwords for the Adobe Connectusers site were stored and hashed with MD5, he says, which made them 'easy to crack' with freely available tools. And Adobe wasn't using WAFs on the servers, he notes. Tal Beery, a security researcher at Imperva, analyzed the data dump in the Connectusers Pastebin post and found that the list appears to be valid and that the hacked database was relatively old."
Network

Battery-Powered Transmitter Could Crash A City's 4G Network 121

Posted by Soulskill from the new-york-must-have-a-lot-of-these dept.
DavidGilbert99 writes "With a £400 transmitter, a laptop and a little knowledge you could bring down an entire city's high-speed 4G network. This information comes from research carried out in the U.S. into the possibility of using LTE networks as the basis for a next-generation emergency response communications system. Jeff Reed, director of the wireless research group at Virginia Tech, along with research assistant Marc Lichtman, described the vulnerabilities to the National Telecommunications and Information Administration, which advises the White House on telecom and information policy. 'If LTE technology is to be used for the air interface of the public safety network, then we should consider the types of jamming attacks that could occur five or ten years from now (PDF). It is very possible for radio jamming to accompany a terrorist attack, for the purpose of preventing communications and increasing destruction,' Reed said."
Communications

Skype Disables Password Resets After Huge Security Hole Discovered 65

Posted by Unknown Lamer from the time-to-get-a-landline dept.
another random user writes with news of a vulnerability in the Skype password reset tool "All you need to do is register a new account using that email address, and even though that address is already used (and the registration process does tell you this) you can still complete the new account process and then sign in using that account Info (original post in Russian)" concealment adds a link to another article with an update that Skype disabled the password reset page as a temporary fix.
Security

Cyberespionage For Everyone 44

Posted by Soulskill from the senior-discount-kids-get-in-free dept.
Mephistophocles writes "A chilling article by Darkreading's Kelly Jackson Higgins describes how the growing accessibility of hacking tools like RATs (Remote Access Trojans) have made cyber-espionage possible for more than just those financially backed by large nation-states, and speculates on what the implications of this may be: 'Researchers at Norman Security today revealed that they recently analyzed malware used in phishing emails targeting Israeli and Palestinian targets and found that attackers used malware based on the widely available Xtreme RAT crimeware kit. The attacks, which first hit Palestinian targets, this year began going after Israeli targets, including Israeli law enforcement agencies and embassies around the world. Norman says the same attacker is behind the attacks because the attacks use the same command-and-control (C&C) infrastructure, as well as the same phony digital certificates. This attack campaign just scratches the surface of the breadth and spread of these types of attacks around the world as more players have been turning to cyberspying. "We're just seeing the tip of the iceberg," says Einar Oftedal, deputy CTO at Norman.'"

Slashdot Top Deals