Desktops (Apple)

Scareware Signed With Apple Cert Targets OS X Machines (threatpost.com) 39

msm1267 writes: A unique scareware campaign targeting Mac OS X machines has been discovered, and it's likely the developer behind the malware has been at it a while since the installer that drops the scareware is signed with a legitimate Apple developer certificate.

"Sadly, this particular developer certificate (assigned to a Maksim Noskov) has been used for probably two years in similar attacks," said Johannes Ullrich, dean of research of the SANS Institute's Internet Storm Center, which on Thursday publicly disclosed the campaign. "So far, it apparently hasn't been revoked by Apple."

Communications

Grandma's Phone, DSL, and the Copper They Share (hackaday.com) 159

szczys writes: DSL is high-speed Internet that uses the same twisted pair of copper wire that still works with your Grandmother's wall-mounted telephone. How is that possible? The short answer is that the telephone company is cheating. But the long answer delves into the work of Claude Shannon, who figured out how much data could be reliably transferred using a given medium. His work, combined with that of Harry Nyquist and Ralph Hartley (pioneers of channel capacity and the role noise plays in these systems), brings the Internet Age to many homes on an infrastructure that has been in use for more than a hundred years.
DRM

In Japan, a Battle Brewing Over the Right To Record 4k and 8k Broadcasts (itmedia.co.jp) 101

AmiMoJo writes: Japanese broadcasters have indicated that 4k and 8k broadcasts may have recording disabled via a 'do not copy' flag [via Google Translate], which receivers would be expected to obey. Now the Internet Users Association (MIAU) and Shufuren (Housewives Federation) have submitted documentation opposing the ban. The document points out that the ban will only inconvenience the majority of the general audience, while inevitably failing to prevent unauthorized copying by anyone determined to circumvent the protection.
Security

MIT Reveals "Hack-Proof" RFID Chip (thestack.com) 52

JustAnotherOldGuy writes: A group of researchers at MIT and Texas Instruments claim that they have developed a new radio frequency identification chip that may be impossible to hack. Traditional RFID chips are vulnerable to side-channel attacks, whereby a hacker can extract a cryptographic key from the chip. The new RFID chip runs a random-number generator that creates a new secret key after each transaction. The key can then be verified with a server to ensure that it is correct. The group at MIT also incorporated protection against a power-glitch attack, an attack that would normally leave a chip vulnerable to an interruption of the power source that would in turn halt the creation of a new secret key. Texas Instruments CTO Ahmad Bahai stated, "We believe this research is an important step toward the goal of a robust, lo-cost, low-power authentication protocol for the industrial internet." The question is, how long will it be before this "hack proof" chip is hacked?
Piracy

All 12 Member Countries Sign Off On the TPP (freezenet.ca) 178

Dangerous_Minds writes: News is surfacing that the TPP has officially been signed by all 12 member countries. This marks the beginning of the final step towards ratification. Freezenet has a quick rundown of what copyright provisions are contained in the agreement, including traffic shaping, site blocking, enforcement of copyright when infringement is "imminent," and a government mandate for ISPs to install backdoors for the purpose of tracking copyright infringement on the Internet.
The Internet

Cisco To Acquire IoT Company Jasper For $1.4 Billion (thestack.com) 25

An anonymous reader writes: Cisco has announced its intention to spend $1.4 billion purchasing startup Jasper Technologies, Inc. which specialises in IoT connectivity. It's the most significant acquisition the tech multinational has made since its purchase of Wi-Fi manufacturer Meraki in 2012. In 2015 Cisco also acquired OpenDNS for $635 million, and with the Jasper acquisition seems committed to securing a major foothold in IoT infrastructure over the next five years.
Businesses

Senators Blast Comcast, Other Cable Firms For "Unfair Billing Practices" (arstechnica.com) 163

An anonymous reader writes: Six Democratic US senators [Wednesday] criticized Comcast and other TV and broadband providers for charging erroneous fees, such as cable modem rental fees billed to customers who bought their own modems. The senators have written a letter to Federal Communications Commission Chairman Tom Wheeler asking the commission to 'stop unfair billing practices.'.....Last year, more than 30 percent of complaints to the FCC about Internet service and 38 percent of complaints about TV service were about billing...
Open Source

Link Rot Rx: 'Amber' Add-on For WordPress and Drupal 17

David Rothman writes: If you run a WordPress or Drupal site, you can now fight link rot with Amber, a new open source add-on from Harvard's Berkman Center. If links are dead, visitors can still summon up the pages as stored on your server or, if you prefer, outside ones such as the Internet Archive. TeleRead has the details, and the Amber site is here, with download information.
Communications

Receiving Real-Time Imagery From Russia's Meteor-M N2 Satellite 26

An anonymous reader writes: The Meteor-M N2 is a low orbit Russian weather satellite which broadcasts live weather satellite images, similar to the APT images produced by the NOAA satellites. But Meteor digital images are however much better as they are transmitted as a digital signal with an image resolution 12x greater than the aging analog NOAA APT signals. Radio enthusiasts are receiving images with hacked cheap digital TV dongles. There is even the AMIGOS project which stands for Amateur Meteor Images Global Observation System: users around the world can contribute Meteor images through the internet to create worldwide real-time coverage.
China

Duplicate Login Details Enabled Hack of More Than 20 Million Chinese Consumers (thestack.com) 14

An anonymous reader writes: According to various Chinese sources including Techweb (Chinese language), police in Zhejiang held a conference on Monday announcing that 20.59 million users of the 'Chinese eBay', taobao.com, had their login details stolen by proxy, when hackers ran user/pass combos from a stolen database of 99 million other users and found that more than 20% were using the same login credentials across different ecommerce sites.
Security

Chromodo Browser Disables Key Web Security (thestack.com) 53

An anonymous reader writes: A Google Security Research update has claimed that Comodo's internet browser Chromodo, based on the open-source project Chromium, contains significant security failings and puts its users at risk. This week's Google alert suggested that the Chromodo browser – available as a standalone download, as well as part of the company's Security package – is less secure than it promises. According to analysis, the browser is disabling the Same Origin policy, hijacking DNS settings, and replacing shortcuts with Chromodo links, among other security violations.
It's funny.  Laugh.

John Cleese Warns Campus Political Correctness Leading Towards 1984 (washingtonexaminer.com) 662

An anonymous reader writes: Ashe Schow writes at the Washington Examiner that, "The Monty Python co-founder, in a video for Internet forum Big Think, railed against the current wave of hypersensitivity on college campuses, saying he has been warned against performing on campuses. "[Psychiatrist Robin Skynner] said: 'If people can't control their own emotions, then they have to start trying to control other people's behavior,'" Cleese said. "And when you're around super-sensitive people, you cannot relax and be spontaneous because you have no idea what's going to upset them next." Cleese said that it's one thing to be "mean" to "people who are not able to look after themselves very well," but it was another to take it to "the point where any kind of criticism of any individual or group could be labeled cruel." Cleese added that "comedy is critical," and if society starts telling people "we mustn't criticize or offend them," then humor goes out the window. "With humor goes a sense of proportion," Cleese said. "And then, as far as I'm concerned, you're living in 1984." Cleese is just the latest comedian to lecture college students about being so sensitive.
The Internet

How the Raspberry Pi Can Automatically Tweet Complaints About Your Slow Internet (ibtimes.co.uk) 153

An anonymous reader writes: Contacting your internet provider to complain about slow browsing speeds is a tiresome chore which none of us enjoy, but one man has found a solution. He has configured a Raspberry Pi computer to automatically tweet a complaint to Comcast when his internet falls below 50Mbps, well below the 150Mbps he pays for. Wouldn't it be nice if ISPs wrote a rebate check each month to reflect the percentage of their promised throughput that was actually available?
Communications

Big Satellite Systems, Simulated On Your Desktop (sf.net) 44

An anonymous reader writes: Big systems of hundreds of satellites are under development to provide wireless Internet globally, with Richard Branson's OneWeb and Thales' LeoSat aiming at consumers and business markets respectively. It's like reliving the late 1990s, when Bill Gates' Teledesic and Motorola's Celestri were trying to do the same thing before merging their efforts and then giving up. And now you can simulate OneWeb and LeoSat for yourself, and compare them to older systems, in the new release of the vintage SaVi satellite simulation package, which was created in the 1990s during the first time around. Bear in mind Karl Marx's dictum of history: the first time is tragedy, and the second time is farce. Do these new systems stand a chance?
Open Source

Linux Kernel 2.6.32 LTS Reaches End of Life In February 2016 (softpedia.com) 116

An anonymous reader writes: The oldest long-term supported Linux kernel branch finally reaches end of life next month, but before going into the deepest darkest corners of the Internet, it just dropped one more maintenance release, Linux kernel 2.6.32.70 LTS. Willy Tarreau dropped the news about the release of Linux kernel 2.6.32.70 LTS on January 29, 2016, informing all us that this will most likely be the last maintenance release in the series, as starting with February 2016 it will no longer be supported with security patches and bugfixes. Linux 2.6 first came out in December, 2003, and 2.6.16 (the first long-term release) in March 2006.
Bug

Sensitive Information Can Be Revealed From Tor Hidden Services On Apache (dailydot.com) 37

Patrick O'Neill writes: A common configuration mistake in Apache, the most popular Web server software in the world, can allow anyone to look behind the curtains on a hidden server to see everything from total traffic to active HTTP requests. When an hidden service reveals the HTTP requests, it's revealing every file—a Web page, picture, movie, .zip, anything at all—that's fetched by the server. Tor's developers were aware of the issue as early as last year but decided against sending out an advisory. The problem is common enough that even Tor's own developers have made the exact same mistake. Until October 2015, the machine that welcomed new users to the Tor network and checked if they were running up-to-date software allowed anyone to look at total traffic and watch all the requests.
Spam

Ask Slashdot: Why Are Major Companies Exiting the Spam Filtering Business? (slashdot.org) 242

broswell writes: For years we used Postini for spam filtering. Google bought Postini in 2007, operated it for 5 years and then began shutting it down. Then we moved to MX Logic. McAfee bought MX Logic, and McAfee was purchased by Intel. Now Intel is shutting down the service. Neither company chose to raise prices, or spin off the division. Anyone want to speculate on the reasons?
EU

Europe Now Has Its Own "Most Wanted Fugitives" Web Page (eumostwanted.eu) 208

New submitter ffkom writes: European police organization Europol was probably jealous of the fame and popularity of the FBI's Most Wanted site, so they finally launched their own, European version. And if you want to know what a peaceful place Europe is, just consider this: You don't even have to kill anyone to get on the current "Most Wanted Fugitives" list. A mere fraud worth 12€ is currently enough to get you into this "Hall of questionable fame."
Security

Google Will Soon Let You Know By Default When Websites Are Unencrypted (softpedia.com) 216

An anonymous reader writes: Permanent changes are planned for future Google Chrome releases, which will add a big shiny red cross in the URL bar if the website you're accessing is not using HTTPS. Google says it is planning to add this to Chrome by the end of 2016, after one of its developers proposed the idea back in December 2014. Many have argued that the web is predominantly unencrypted, so they're displaying a persistent and ambiguous error message for a large portion of the Internet. Since unencrypted content is not an error state, the Chrome team should use alternate iconography, because the default error message this will just confuse average people, and it will encourage error blindness.
The Internet

T-Mobile's Binge On Violates Net Neutrality, Says Stanford Report (tmonews.com) 217

An anonymous reader writes: The debate over whether or not Binge On violates Net Neutrality has been raging ever since the service was announced in November. The latest party to weigh in is Barbara van Schewick, law professor at Stanford University.

In a new report published today — and filed to the FCC, as well — van Schewick says that Binge on "violates key net neutrality principles" and "is likely to violate the FCC's general conduct rule." She goes on to make several arguments against Binge On, saying that services in Binge On distorts competition because they're zero-rated and because video creators are more likely to use those providers for their content, as the zero-rated content is more attractive to consumers.

Slashdot Top Deals