Geek Stuff

Buggy Win 95 Code Almost Wrecked Stuxnet Campaign

Slashdot -

mask.of.sanity writes: Super-worm Stuxnet could have blown its cover and failed its sabotage mission due to a bug that allowed it to spread to ancient Windows boxes, malware analysts say. Stuxnet was on the brink of failure thanks to buggy code allowing it to spread to PCs running older and unsupported versions of Windows, and probably causing them to crash as a result. Those blue screens of death would have raised suspicions at the Natanz nuclear lab.

Read more of this story at Slashdot.

Allegation: Philly Cops Leaned Suspect Over Balcony To Obtain Password

Slashdot -

An anonymous reader writes with this news from Ars Technica: If you want access to encrypted data on a drug dealer's digital device, you might try to break the crypto—or you might just try to break the man. According to testimony from a police corruption trial currently roiling the city of Philadelphia, officers from an undercover drug squad took the latter route back in November 2007. After arresting their suspect, Michael Cascioli, in the hallway outside his 18th floor apartment, the officers took Cascioli back inside. Although they lacked a search warrant, the cops searched Cascioli's rooms anyway. According to a federal indictment (PDF), the officers 'repeatedly assaulted and threatened [Cascioli] during the search to obtain information about the location of money, drugs, and drug suppliers.' That included, according to Cascioli, lifting him over the edge of his balcony to try to frighten out of him the password to his Palm Pilot. That sounds like a good time for a duress password.

Read more of this story at Slashdot.

Patents Show Google Fi Was Envisioned Before the iPhone Was Released

Slashdot -

smaxp writes: Contrary to reports, Google didn't become a mobile carrier with the introduction of Google Fi. Google Fi was launched to prove that a network-of-networks serves smartphone users better than a single mobile carrier's network. Patents related to Google Fi, filed in early 2007, explain Google's vision – smartphones negotiate for and connect to the fastest network available. The patent and Google Fi share a common notion that the smartphone should connect to the fastest network available, not a single carrier's network that may not provide the best performance. It breaks the exclusive relationship between a smartphone and a single carrier. Meanwhile, a story at BostInno points out that Google's not the only one with a network-hopping hybrid approach to phone calls.

Read more of this story at Slashdot.

Bees Prefer Nectar Laced With Neonicotinoids

Slashdot -

Taco Cowboy writes: Neonicotinoids are a class of neuro-active insecticides chemically similar to nicotine. Neonicotinoids kill insects by overwhelming and short-circuiting their central nervous systems (PDF). Shell and Bayer started the development of neonicotinoids back in the 1980s and 1990s. Since this new group of pesticides came to market, the bee population has been devastated in regions where they have been widely used. Studies from 2012 linked neonicotinoid use to crashing bee populations. New studies, however, have discovered that bees prefer nectar laced with neonicotinoids over nectar free of any trace of neonicotinoids. According to researchers at Newcastle University, the bees may "get a buzz" from the nicotine-like chemicals in the same way smokers crave cigarettes.

Read more of this story at Slashdot.

Github DDoS Attack As Seen By Google

Slashdot -

New submitter opensec writes: Last month GitHub was hit by a massive DDoS attack originating from China. On this occasion the public discovered that the NSA was not the only one with a QUANTUM-like capability. China has its own "Great Cannon" that can inject malicious JavaScript inside HTTP traffic. That weapon was used in the GitHub attack. People using Baidu services were unwitting participants in the denial of service, their bandwidth used to flood the website. But such a massive subversion of the Internet could not evade Google's watchful eye. Niels Provos, engineer at Google, tells us how it happened. Showing that such attacks cannot be made covertly, Provos hopes that the public shaming will act as a deterrent.

Read more of this story at Slashdot.

Innovateck Windows PC Stick has 64GB of storage, two full-sized USB ports

Liliputing -

The Intel Compute Stick is one of the smallest full-fledged Windows computers you’re likely to find, and it offers decent performance for basic computing. But the pocket-sized PC suffers from a few limitations: It has just 32GB of storage space, features only a single USB 2.0 port, and has limited WiFi range. But the Intel […]

Innovateck Windows PC Stick has 64GB of storage, two full-sized USB ports is a post from: Liliputing

Microsoft, Chip Makers Working On Hardware DRM For Windows 10 PCs

Slashdot -

writertype writes: Last month, Microsoft began talking about PlayReady 3.0, which adds hardware DRM to secure 4K movies. Intel, AMD, Nvidia, and Qualcomm are all building it in, according to Microsoft. "Older generations of PCs used software-based DRM technology. The new hardware-based technology will know who you are, what rights your PC has, and won’t ever allow your PC to unlock the content so it can be ripped. ... Unfortunately, it looks like the advent of PlayReady 3.0 could leave older PCs in the lurch. Previous PlayReady technology secured content up to 1080p resolution using software DRM—and that could be the maximum resolution for older PCs without PlayReady 3.0." Years back, a number of people got upset when Hollywood talked about locking down "our content." It looks like we may be facing it again for 4K video.

Read more of this story at Slashdot.

Apple Watch Launches

Slashdot -

An anonymous reader writes: The Apple Watch's release date has arrived: retailers around the world have quietly begun putting them on their shelves, and customers are beginning to receive their shipments. Reviews have been out for a while, including thoughtful ones from John Gruber and Nilay Patel. Apple has published a full user guide for the software, and iFixit has put up a full teardown to take a look at the hardware. They give it a repairability score of 5 out of 10, saying that the screen and battery are easily replaced, but not much else is. Though Apple designated the watch "water-resistant" rather than "waterproof", early tests show it's able to withstand a shower and a swim in the pool without failing. Ars has an article about the difficulty of making games for the Apple Watch, and Wired has a piece detailing its creation.

Read more of this story at Slashdot.

Report: Next-gen Google Glass coming soon

Liliputing -

Google pulled the plug on its Glass Explorer program earlier this year, prompting some folks to start writing obituaries for Google’s experimental face computer. But Google never claimed Glass was dead. The company is no longer selling first-generation hardware and the project is now under management of Tony Fadell, the creator of the Nest learning […]

Report: Next-gen Google Glass coming soon is a post from: Liliputing

How and Why the U-Pick Game Marathon Raises Money With Non-Stop Gaming (Video)

Slashdot -

On June 12 through 14th of this year, the fourth (not "fourth annual," but close) iteration of the U-Pick Video Game Marathon for Charity --“UPickVG IV” for short --will be streaming on an Internet connection near you. The U-Pick crew's volunteers will be playing and broadcasting video games, non-stop, as a fundraiser for Charity Water, a cause they've supported since the beginning. I talked with organizers Stephanie and Grant Kibler from their video-game lounge of a living room about what it takes to broadcast an online gathering like this, and why they've adopted this as an annual event. Hint: some esoteric video-capture hardware helps, and so does a beefy network connection, for high-quality streaming of games that pre-date today's multiplayer, network-oriented options. That's significant, because U-Pick's stable of titles isn't limited to modern ones, and observers are encouraged to suggest appropriate games (hence "U-Pick").The remote viewers' choices and donations influence the event by deciding which games are represented on the Wheel of Destiny that the team spins to decide which games get played.The play itself, though,*is* limited to the players who'll be on hand at a Northern Virginia co-working space that will serve as this year's venue. It turns out to be easier to stream the output of old consoles than it is to control them from remote (never mind the latency that would mean), but maybe one day participants will be able to play as well as shoulder-surf and laugh at the players' running commentary. You can check out the Upick page on Facebook, too, and watch one of their practice runs each Sunday. (Note: Video #1 talks mostly about the game play and how you can join. Video #2 - below - talks more about hardware and behind-the-scenes work.)

Read more of this story at Slashdot.

Lenovo K80 smartphone sports 4GB of RAM, 4000 mAh battery

Liliputing -

Pretty soon it’s not going to be newsworthy when smartphone makers cram 4GB of RAM into their handsets. But right now it’s enough of a novelty to note that Lenovo’s getting in on the action. The Lenovo K80 smartphone has a 5.5 inch display, a 4,000 mAh battery, and 4GB of memory. It’s powered by […]

Lenovo K80 smartphone sports 4GB of RAM, 4000 mAh battery is a post from: Liliputing

German Intelligence Helped NSA Spy On EU Politicians and Companies

Slashdot -

An anonymous reader writes: We've known for some time already that intelligence agencies operate beyond rules, laws, and regulations. Now, we learn that the NSA and the German intelligence service, BND, lied and withheld information about misuse from the German Chancellor's Office. "The BND realized as early as 2008 that some of the selectors were not permitted according to its internal rules, or covered by a 2002 US-Germany anti-terrorism "Memorandum of Agreement" on intelligence cooperation. And yet it did nothing to check the NSA's requests systematically. It was only in the summer of 2013, after Edward Snowden's revelations of massive NSA and GCHQ surveillance, that the BND finally started an inquiry into all the selectors that had been processed. According to Der Spiegel, investigators found that the BND had provided information on around 2,000 selectors that were clearly against European and German interests. Not only were European businesses such as the giant aerospace and defense company EADS, best-known as the manufacturer of the Airbus planes, targeted, so were European politicians—including German ones. However, the BND did not inform the German Chancellor's office, which only found out about the misuse of the selector request system in March 2015. Instead, the BND simply asked the NSA to make requests that were fully covered by the anti-terrorism agreement between the two countries. According to Die Zeit, this was because the BND was worried that the NSA might curtail the flow of its own intelligence data to the German secret services if the selector scheme became embroiled in controversy.

Read more of this story at Slashdot.

Wormholes Untangle a Black Hole Paradox

Slashdot -

An anonymous reader writes: Like initials carved in a tree, ER = EPR, as the new idea is known, is a shorthand that joins two ideas proposed by Einstein in 1935. One involved the paradox implied by what he called "spooky action at a distance" between quantum particles (the EPR paradox, named for its authors, Einstein, Boris Podolsky and Nathan Rosen). The other showed how two black holes could be connected through far reaches of space through "wormholes" (ER, for Einstein-Rosen bridges). At the time that Einstein put forth these ideas — and for most of the eight decades since — they were thought to be entirely unrelated. But if ER = EPR is correct, the ideas aren't disconnected — they're two manifestations of the same thing. And this underlying connectedness would form the foundation of all space-time. Quantum entanglement — the action at a distance that so troubled Einstein — could be creating the "spatial connectivity" that "sews space together," according to Leonard Susskind, a physicist at Stanford University and one of the idea's main architects. Without these connections, all of space would "atomize," according to Juan Maldacena, a physicist at the Institute for Advanced Study in Princeton, N.J., who developed the idea together with Susskind. "In other words, the solid and reliable structure of space-time is due to the ghostly features of entanglement," he said. What's more, ER = EPR has the potential to address how gravity fits together with quantum mechanics.

Read more of this story at Slashdot.

Deals of the Day (4-24-2015)

Liliputing -

Can’t decide whether you want a notebook or a tablet? The Dell Inspiron 13 i7347 is both. It looks like a 13 inch notebook until you push the screen back 360 degrees until it’s back-to-back with the keyboard. The Microsoft Store normally sells a model with a full HD display, an Intel Core i5 Haswell processor, […]

Deals of the Day (4-24-2015) is a post from: Liliputing

Amazon's Profits Are Floating On a Cloud (Computing)

Slashdot -

HughPickens.com writes: The NY Times reports that Amazon unveiled the financial performance of its powerful growth engine for the first time on Thursday, and the numbers looked good, energized primarily by renting processing power to start-ups and, increasingly, established businesses. Amazon said in its first-quarter earnings report that its cloud division, Amazon Web Services, had revenue of $1.57 billion during the first three months of the year. Even though the company often reports losses, the cloud business is generating substantial profits. The company said its operating income from AWS was $265 million. Amazon helped popularize the field starting in 2006 and largely had commercial cloud computing to itself for years, an enormous advantage in an industry where rivals usually watch one another closely. At the moment, there is no contest: Amazon is dominant and might even be extending its lead. Microsoft ranks a distant No. 2 in cloud computing but hopes to pick up the slack with infrastructure-related services it sells through Azure, the name of its cloud service. Amazon executives have said they expect AWS to eventually rival the company's other businesses in size. The cloud business has been growing at about 40 percent a year, more than twice the rate of the overall company and many Wall Street analysts have been hoping for a spinoff. As for Google, the cloud was barely mentioned in Google's earnings call. Nor did the search giant offer any cloud numbers, making it impossible to gauge how well it is doing. But the enthusiasm of Eric Schmidt, Google's executive chairman, was manifest when he spoke at an event for cloud software developers this week. "The entire world will be defined by smartphones, Android or Apple, a very fast network, and cloud computing," said Schmidt. "The space is very large, very vast, and no one is covering all of it."

Read more of this story at Slashdot.

Apple Watch teardown: Battery is replaceable, other upgrades unlikely

Liliputing -

As with practically every high-profile gadget to hit the market, the folks at iFixit took apart Apple Watch Sport to reveal what is inside. There were no new revelations on the hardware. But it looks like the Apple Watch is nearly impossible to repair. The DIY gadget repair website meticulously took apart every possible aspect of Apple […]

Apple Watch teardown: Battery is replaceable, other upgrades unlikely is a post from: Liliputing

Pentagon Discloses Network Breach By Russian Hackers

Slashdot -

An anonymous reader writes: The Pentagon has disclosed that Russian hackers were able to breach one of its secure networks earlier this year, and referred to the attack as a "worrisome" incident. "Earlier this year, the sensors that guard DOD's unclassified networks detected Russian hackers accessing one of our networks," said defense secretary Ash Carter yesterday during a speech at Stanford University. Carter warned Russia that the U.S. Department of Defense would retaliate with cyber campaigns should it see fit. "Adversaries should know that our preference for deterrence and our defensive posture don't diminish our willingness to use cyber options if necessary," said Carter. He added in a prepared statement that the Russian hackers had been able to gain access to an "unclassified network" but had been "quickly identified" by a team of cyberattack experts who managed to block the hackers "within 24 hours." The cybersecurity response team had quickly analyzed the hack patterns and code and identified the intruders as Russian, before "kicking them off the network."

Read more of this story at Slashdot.

Surgeon Swears Human Head Transplant Isn't a 'Metal Gear Solid' Publicity Stunt

Slashdot -

Jason Koebler writes: Dr. Sergio Canavero wants to become the first surgeon to perform a human head transplant. But some discerning gamers noticed that a doctor shown in the trailer for Metal Gear Solid V looks almost exactly like Canavero, leading some to speculate that it's all a viral marketing campaign for the upcoming game. Canavero, however, filed a sworn affidavit with Italian police in which he said Konami illegally stole his likeness, and that he has nothing to do with the game.

Read more of this story at Slashdot.

When Congress Heads Home, Head to Your Elected Representatives’ Office or Town Hall

EFF's Deeplinks -

When your elected representatives are in their home-districts, it’s a chance for you to hear—in person—what they have to say about surveillance. Even while in session, Congress takes recesses. The House majority leader schedule and the Senate calendar can help you figure out when those recesses are taking place.  

Now is an especially important time to talk to lawmakers. It's been nearly two years since the first disclosure from Edward Snowden. And one of the laws being used to spy on everyday Americans—Section 215 of the Patriot Act—is set to expire in June. But some lawmakers want to prevent any NSA reform. Senate Majority Leader Mitch McConnell has introduced a piece of legislation that would reauthorize Section 215 of the USA Patriot Act—the provision used by the NSA to collect the call records of innocent Americans' in bulk—until 2020.

We urge you to set up a meeting with your lawmaker, or visit their town hall meeting (often displayed on their website), and demand answers about NSA spying.

Here are some suggested questions, which we've also provided as a printable pdf:

  1. It's been almost two years since the Guardian published the first Snowden leak, but Congress hasn’t done anything to fix the NSA. Section 215 of the Patriot Act is expiring on June 1. What do you plan to do this Congress to reform the Patriot Act?  Have you done anything to support NSA reform so far?
  2. We keep hearing that national security justifies the NSA’s intrusive surveillance, especially the bulk collection of everyone’s calling records. But the Privacy and Civil Liberties Oversight Board, the President’s Review Group, and senators who are familiar with how bulk phone records collection works have all said we don’t need the program, and that it isn’t essential in keeping us safe. Do you think we need Section 215 of the Patriot Act? If so, why?
  3. Congress intended Section 702 of the FISA Amendments Act to be used to surveil suspected foreign targets. But because of leaks, we know that Section 702 is used to collect totally domestic American communications. That seems a far cry from foreign intelligence collection. How can we fix Section 702?
  4. Director of National Intelligence James Clapper admitted that the NSA collects and searches Americans' private communications without a warrant. Do you think it’s right for the NSA to exploit the so-called Section 702 "backdoor" to Americans' phone calls and emails simply because they were captured incidentally?
  5. Executive Order 12333 is an order signed by President Ronald Reagan that outlines the roles and conduct of intelligence agencies. We know hardly anything about how the government uses this document, although the NSA has admitted that it uses the order for bulk collection. What role does, and should, Congress play in overseeing the use of Executive Order 12333?
  6. In 2014, security vulnerability Heartbleed and others got widespread attention. These security weaknesses were disclosed by researchers, not the government. In fact, the government has admitted that if it sees a “national security or law enforcement need” it may hide vulnerabilities, implying that the government exploits these vulnerabilities for intelligence purposes. We don’t know how the government decides when to let the public know about these dangerous vulnerabilities. What kind of oversight does Congress have over these matters?
  7. Both the FBI and NSA Directors have urged companies to install security "backdoors" into hardware or software. They claim that these backdoors would only be accessible to the US government. But tech companies and security experts have retorted that this is impossible and dangerous—security backdoors make products and services, and by extension the Internet, less secure for everyone. There have also been several legislative efforts to prohibit the NSA from mandating security backdoors in products and services. Have you supported these efforts? If not, why not?
  8. The New York Times has reported that US companies suffered reputational harm overseas, and even lost business, in the wake of revelations about the extent of NSA spying. This is especially troubling considering the economic troubles the US has faced in recent years. What do you say to companies and their employees who are concerned that NSA spying is making U.S. tech companies less competitive?
  9. Considering that we’ve been told that there are many levels of oversight, it’s outrageous that most of Congress didn’t know that the government was vacuuming up ordinary people’s information. In fact, we seem to learn about a new spying program every week, though only through unauthorized leaks. It seems that the NSA wants to keep everything classified, and that prevents even you, a member of Congress, from knowing what’s going on or telling us what you know. Do you agree that too much secrecy is part of the problem here? How would you fix that?

In addition to asking lawmakers questions in person, you can also take action now by calling Congress at Fight215.org.


Share this:   ||  Join EFF

Pages

Subscribe to debianHELP aggregator - Geek Stuff