×
Canada

'G20 Geek' Byron Sonne Cleared of Explosives Charges 278

Posted by Soulskill from the didn't-have-to-pull-a-dufresne dept.
New submitter davegravy writes "Byron Sonne, the Toronto-based security consultant, chemistry hobbyist, and geek who was arrested leading up to the Toronto G-20 for alleged plans to bomb the event, has been found not guilty of all charges. Sonne was held in prison for 11 months without receiving bail, and the ruling comes two years after his arrest. Sonne is considered by many in the Toronto security community as a champion of civil rights and a sharp critic of security theatre."
Bug

Avira Premium Anti-Virus Bug Disables Windows Machines 151

Posted by timothy from the malware-writers-have-won dept.
New submitter Adesso writes "Anti-virus vendor Avira is having difficulty with an update of all their Premium customers. An update that has been downloaded over 70 million times is causing the 32-bit version of Windows to block almost all critical applications. Avira has responded promptly with an interim solution for this problem. In most cases this causes Windows to not boot properly."
Security

Global Payments Breach Led To Prepaid Card Fraud 50

Posted by Unknown Lamer from the don't-copy-that-magstripe dept.
tsu doh nimh writes "Global Payments, the Atlanta-based credit card processor that disclosed a major breach of its systems last month, has said that less than 1.5 million card numbers were stolen, and that customer names and addresses weren't included in the purloined data. But security reporter Brian Krebs carries a piece today highlighting how thieves were still able to use the data to clone debit cards, which were then used in shopping sprees in and around the Las Vegas area recently."
Security

LulzSec Member Pleads Not Guilty In Stratfor Leak Case 89

Posted by Unknown Lamer from the freegan-crust-punk-enjoying-free-prison-food dept.
TheGift73 writes with an update on one of the many LulzSec court cases. From the article: "A former LulzSec member has pleaded not guilty to federal charges that he hacked into the servers of global intelligence company Stratfor and stole credit card data and personal details of 860,000 of its clients. Jeremy Hammond entered the plea on Monday during a brief hearing in U.S. District Court in Manhattan, the Associated Press reported. He's been held in federal custody since an initial court appearance in Chicago in early March, when federal prosecutors named him as a lieutenant of LulzSec ringleader Hector Xavier 'Sabu' Monsegur. There was no request for Hammond to be released on bail during Monday's hearing, according to the AP report."
Privacy

Kickstarter Leaves Project Ideas Exposed 56

Posted by Soulskill from the i-just-had-70,000-great-ideas dept.
netbuzz writes "Crowd-funding startup Kickstarter is taking a public-relations hit today after it was reported that some 70,000 not-yet-public project ideas were left exposed on the company's Web site for more than two weeks. Kickstarter insists that no financial information was compromised and that only a few dozen of the projects were actually accessed. 'Obviously our users' data is incredibly important to us, the company said in a blog post. 'Even though limited information was made accessible through this bug, it is completely unacceptable.'"
Security

Minneapolis Airport Gets $20 Million Hi-Tech Security Upgrade 104

Posted by samzenpus from the all-the-better-to-see-you dept.
New submitter bzzfzz writes "The Metropolitan Airports Commission (MAC) is beginning a $20 million upgrade of its surveillance system. The upgrade will include 1800 high-definition cameras, facial recognition systems, and digital archiving to replace the analog tape system in use since the 1980s. The system will serve both security and operational goals. The MAC asserts that improved camera technology yields improved security as though the connection between the two is so strong that no proof is required."
Security

Connecticut Resident Stopped By State Police For Radioactivity 545

Posted by Soulskill from the driving-while-ionized dept.
Okian Warrior writes "A Milford, CT man was pulled over when a state police car radioactivity scanner flagged his car as being radioactive. The man had been given a cardiac exam using radioactive dye, and had a note from his physician attesting to this, but it raises questions about the legality of the stop. Given that it is not illegal to own or purchase or transport radioactive materials (within limits for hobbyist use), should the police be allowed to stop and search vehicles which show a slight level of radioactivity?"
Businesses

Ask Slashdot: Best Degree For a Late Career Boost? 234

Posted by Soulskill from the definitely-philosophy-for-the-big-bucks dept.
Qbertino writes "I'm in my early 40s, and after a little more than 10 years of web, scripting and software development as a freelancer and some gigs as a regular, full-time employee, I'm seriously considering giving my IT career a boost by getting a degree. I'm your regular 1980s computer kid and made a career switch to IT during the dot-bomb days. I have quite a bit of programming and project experience, but no degree. I find myself hitting somewhat of a glass ceiling (with maybe a little age discrimination thrown in there). Since I'm in Germany, degrees count for a lot (70% of IT staff have a degree) so getting one seems fitting and a nice addition to my portfolio. However, I'm pondering wether I should go for Computer Science or Business Informatics. I'd like to move into Project Management or Technical Account Management, which causes my dilemma: CS gives me the pro credibility and proves my knowledge with low-level and technical stuff, and I'd be honing my C/C++ and *nix skills. Business Informatics would teach me some bean-counting skills; I'd be doing modelling, ERP with Java or .NET all day. It would give me some BA cred, but I'd lose karma with the T-shirt wearing crew and the decision-makers in that camp. I'm leaning toward Business Informatics because I suspect that's where the money is, but I'm not quite sure wether a classic CS degree wouldn't still be better — even if I'm wearing a suit. Any suggestions?"
Bitcoin

Bitcoinica Breach Nets Hackers $87,000 In Bitcoins 196

Posted by Soulskill from the stealing-your-imaginary-money dept.
dynamo52 sends this quote from Ars about a breach involving a Bitcoin exchange: "More than $87,000 worth of the virtual currency known as Bitcoin was stolen after online bandits penetrated servers belonging to Bitcoinica, prompting its operators to temporarily shutter the trading platform to contain the damage. Friday's theft came after hackers accessed Bitcoinica's production servers and depleted its online wallet of 18,547 BTC, as individual Bitcoin units are called, company officials said in a blog post published on Friday. It said the heist affected only a small fraction of Bitcoinica's overall bitcoin deposits and that all withdrawal requests will be honored once the platform reopens." Reader linhares points out a forum post discussing how the attacker(s) hinted at a 'mass leak' in the near future. This attack comes shortly after a leak of a different sort — an FBI document (PDF) about Bitcoin found it way onto the internet. It seems they're worried about the virtual currency's potential use in criminal activities.
Security

Adobe Changes Its Tune On Forcing Paid Upgrade To Fix Security Flaws 90

Posted by Soulskill from the give-the-people-what-they-scream-about dept.
wiredmikey writes with a followup to Thursday's news that Adobe was recommending paid software upgrades in lieu of fixing security holes in some of its applications. After receiving criticism for the security bulletin, Adobe changed its mind and announced that it's developing patches to fix the vulnerabilities. "Developing a patch, especially for three different applications, can be costly and time consuming. Developing these patches consumes development resources, then must run through a QA process, and the patch needs to be communicated and distributed to users. And for a company like Adobe with a massive customer base using its Photoshop, Illustrator, and Flash Professional, the bandwidth cost alone can be substantial. For a popular product that was just over two years old, providing a fix to address a serious security flaw its what customers deserve. And while Adobe may have originally tried to sneak by without addressing the issue and pushing users to upgrade to its new product, the company made the right move in the end."
Security

Ask Slashdot: Open Source Multi-User Password Management? 198

Posted by timothy from the login-admin-password-blank dept.
An anonymous reader writes "I work in a network environment that requires multiple people to have access to numerous Wireless Access Keys, iTunes/iCloud accounts/passwords, hardware appliance logins, etc. I'm attempting to replace the ever popular 'protected' excel spreadsheet that exists in almost every network with all usernames and passwords just waiting to be discovered. Are there any open source, multi-user, secure and preferably Linux-based password management tools that the Slashdot community would recommend?"
Government

US Grabs More Domain Names, $1.4M From Online Counterfeit Operations 69

Posted by timothy from the business-as-increasingly-usual dept.
coondoggie writes "According to court documents, investigation by federal law enforcement agents revealed that subjects whose domain names had been seized in a November 2010 operation continued to sell counterfeit goods using new domain names. In particular, the individuals, based in China, sold counterfeit professional and collegiate sports apparel, primarily counterfeit sports jerseys." So now the government has again taken over a swathe of domain names used in crime.
Government

Senator Seeks More Info On DOJ Location Tracking Practices 35

Posted by Soulskill from the he-knows-when-you've-been-bad-or-good dept.
Gunkerty Jeb writes "Senator Al Franken (D-MN) is demanding answers to questions about the U.S. Department of Justice practice of gathering data from wireless providers in order to monitor individuals' movements using mobile phone location data. In a letter (PDF) to Attorney General Eric Holder, Franken said, 'I was further concerned to learn that in many cases, these agencies appear to be obtaining precise records of individuals' past and current movements from carriers without first obtaining a warrant for this information. I think that these actions may violate the spirit if not the letter of the Jones decision.'"
Google

Court Rules NSA Doesn't Have To Confirm Or Deny Secret Relationship With Google 119

Posted by Soulskill from the mum's-the-word dept.
Sparrowvsrevolution writes "A DC appeals court has ruled that the National Security Agency doesn't need to either confirm or deny its secret relationship with Google in response to a Freedom of Information Act (FOIA) request and follow-up lawsuit filed by the Electronic Privacy Information Center. The NSA cited a FOIA exemption that covers any documents whose exposure might hinder the NSA's national security mission, and responded to EPIC with a 'no comment.' Beyond merely rejecting the FOIA request, the court has agreed with the NSA that it has the right to simply not respond to the request, as even a rejection of the request might reveal details of a suspected relationship with Google that it has sought to keep secret. Google was reported to have partnered with the NSA to bolster its defenses against hackers after its breach by Chinese cyberspies in early 2010. But to the dismay of privacy advocates who fear the NSA's surveillance measures coupled with Google's trove of data, the company has never explained the details of that partnership."
Security

New .secure Internet Domain On Tap 129

Posted by Soulskill from the it-says-so-right-in-the-url dept.
CowboyRobot writes "A new top-level domain (TLD) in the works for the Internet will bake security in from the outset: The .secure domain will require fully encrypted HTTPS sessions and a comprehensive vetting process for websites and their operators. If the new domain takes off, it could shift the way Web domains are secured. ICANN is expected to sign off on .secure, and for the new TLD to be up and running June or July 2013."
Security

Adobe Introduces the Paid Security Fix 392

Posted by timothy from the sure-would-be-a-shame-if-somethin'-was-ta-happen dept.
Nimey writes "Adobe has posted a security bulletin for Photoshop CS5 for Windows and OSX. It seems there is a critical security hole that will allow attackers to execute arbitrary code in the context of the user running the affected application. Adobe's fix? You need to pay to upgrade to Photoshop CS6. For users who cannot upgrade to Adobe Photoshop CS6, Adobe recommends users follow security best practices and exercise caution when opening files from unknown or untrusted sources."
Security

New York City Pushes Plan To Prevent Cyberattacks On Elevators, Boilers 171

Posted by timothy from the what-about-egg-poachers-and-escalators? dept.
coondoggie writes "Imagine what would happen if an attacker broke into the network for the industrial control systems for New York City's elevators and boiler systems and decided to disrupt them, imperiling the lives of hundreds of thousands of residents relying on them. Think it could never happen? Think again. 'You could increase the speed of how elevators go up or down,' says Steve Ramirez, business analyst, analysis and communications in the Office of the CIO of the New York City Housing Authority, which provides public housing for low- to moderate-income families in the five boroughs of the city. And if attackers ever successfully penetrated the network-based industrial control systems for the boilers, they could raise the heat levels for municipal boilers, causing them to explode." Maybe Bruce Schneier could run a new movie-scenario contest about ways this could play out.
Security

Apple Auto-Disables Old Flash Players In Mac OS X 10.7.4 155

Posted by timothy from the for-your-own-good dept.
wiredmikey writes "Just released, and coming in at 370 MB in size, the Mac OS X 10.7.4 update includes general OS fixes, and addresses more than 30 security vulnerabilities. But aside from typical security fixes, Apple has made an interesting move in an effort to protect users. Through this latest software update, Safari 5.1.7 will now automatically disable older — and typically more vulnerable — versions of the Adobe Flash player. While many software vendors would prefer OS makers to keep their hands off their software, the move appears to be welcomed by Adobe, which has constantly battled vulnerabilities in its widely installed Flash Player."
Music

Pirate Bay Criticizes Anonymous' Attack On Virgin 89

Posted by timothy from the leave-that-virgin-alone! dept.
judgecorp writes "Anonymous launched a DDoS attack on Virgin Media, apparently in protest at Virgin's decision to block the Pirate Bay. Now the Pirate Bay has criticized Anonymous, saying it doesn't support DDoS as a form of protest. The statement is interesting, given that Anonymous has been attacking music industry sites and other targets for some years, saying it is in support of the Pirate Bay."
Security

North Korea Jamming GPS Signals In South Korea 290

Posted by samzenpus from the no-directions-for-you dept.
Fluffeh writes "North Korea has been looking for new and inventive ways to mess with South Korea. It seems that their missile launch fizzled a bit though, so those wacky folks from the North have bought a few GPS jamming trucks from Russia and are now blocking GPS signals around their city of Kaeson. While Kaeson is around 60 Km inside their borders, the jamming circle is around 100 Km, so it actually covers good parts of South Korea including the airports at Inchon and Gimpo. While no accidents have been caused as yet, it has caused quite some disruption and has made ocean going craft suffer as well due to their heavy reliance on GPS signals."

Slashdot Top Deals