Tinba Trojan Targets Major US Banks

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 18, 2014

An anonymous reader writes Tinba, the tiny (20 KB) banking malware with man-in-the-browser & network traffic sniffing capabilities, is back. After initially being made to target users of a small number of banks, that list has been amplified & now includes 26 financial institutions mostly in the US & Canada, yet some in Australia &[...]

Tinba Trojan Targets Major US Banks

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 18, 2014

An anonymous reader writes Tinba, the tiny (20 KB) banking malware with man-in-the-browser & network traffic sniffing capabilities, is back. After initially being made to target users of a small number of banks, that list has been amplified & now includes 26 financial institutions mostly in the US & Canada, yet some in Australia &[...]

Ask Slashdot: Remote Support For Disconnected, Computer-Illiterate Relatives

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 18, 2014

An anonymous reader writes I use email to communicate with my folks overseas. Their ISP only allows dial-up access to their email account (there is no option of changing ISP), that can receive messages no larger than 1MB nor hold more than 15MB (no hope of changing that either). They are computer-illiterate, click on everything[...]

Ask Slashdot: Remote Support For Disconnected, Computer-Illiterate Relatives

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 18, 2014

An anonymous reader writes I use email to communicate with my folks overseas. Their ISP only allows dial-up access to their email account (there is no option of changing ISP), that can receive messages no larger than 1MB nor hold more than 15MB (no hope of changing that either). They are computer-illiterate, click on everything[...]

Airbnb To Start Collecting Hotel Tax On Rentals In San Francisco

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes Airbnb announced that it will commence collecting a 14% occupancy tax on behalf of its San Francisco hosts October 1. “This is the culmination of a long process that began earlier this year when we announced our intent to assist collect & remit occupancy taxes in San Francisco,” wrote Airbnb public[...]

Airbnb To Start Collecting Hotel Tax On Rentals In San Francisco

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes Airbnb announced that it will commence collecting a 14% occupancy tax on behalf of its San Francisco hosts October 1. “This is the culmination of a long process that began earlier this year when we announced our intent to assist collect & remit occupancy taxes in San Francisco,” wrote Airbnb public[...]

ULA and Jeff Bezos’ Blue Origin Announce Rocket Engine Partnership

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes During an event at the National Press Club, Bezos announced an agreement with Blue Origin & United Launch Alliance, the joint venture of Boeing & Lockheed Martin, to continue development of a new rocket engine for ULA’s Atlas & Delta rocket lines. From the article: “Called BE-4, the engine has been[...]

ULA and Jeff Bezos’ Blue Origin Announce Rocket Engine Partnership

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes During an event at the National Press Club, Bezos announced an agreement with Blue Origin & United Launch Alliance, the joint venture of Boeing & Lockheed Martin, to continue development of a new rocket engine for ULA’s Atlas & Delta rocket lines. From the article: “Called BE-4, the engine has been[...]

MODX Revolution 2.3.1-pl Cross Site Scripting

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

MODX Revolution version 2.3.1-pl suffers from a reflective cross site scripting vulnerability. View Source

webEdition 6.3.8.0 Path Traversal

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

webEdition version 6.3.8.0 suffers from a path traversal vulnerability. View Source

DAWIN – Distributed Audit & WIreless Intrusion Notification

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

DA-WIN, a wireless IDS, provides an organization a continuous wireless scanning capability that is light touch & simple. It utilizes compact & discreet sensors that can easily be deployed reducing the total cost of protection & simplifying the effort required for absolute, categoric regulatory compliance. This archive includes a dd image to be used on[...]

Apple Security Advisory 2014-2014-09-17-2

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Apple Security Advisory 2014-09-17-2 – Apple TV 7 is now available & addresses wifi credential interception, information disclosure, code execution, & various other vulnerabilities. View Source

Are Matt’s Robot Hexapods Creepy or Cute? (Video)

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

University of Arizona grad student Matt Bunting doesn’t come across as a mad scientist. That’s a very satisfactory thing, because his robot hexapod creations are effortless to imagine crawling across the USA in large hordes, devouring everything in their path & using all the electricity they come across to feed their Queen Hexapod, a 3-D[...]

Are Matt’s Robot Hexapods Creepy or Cute? (Video)

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

University of Arizona grad student Matt Bunting doesn’t come across as a mad scientist. That’s a very satisfactory thing, because his robot hexapod creations are effortless to imagine crawling across the USA in large hordes, devouring everything in their path & using all the electricity they come across to feed their Queen Hexapod, a 3-D[...]

[web applications] – WordPress Theme LaBomba Arbitrary File Download Vulnerability

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

View Source

Use of Forced Labor "Systemic" In Malaysian IT Manufacturing

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

itwbennett (1594911) writes “The use of forced labor is so prevalent in the Malaysian electronics manufacturing industry that there is hardly a major brand name that isn’t touched by the illegal practice, according to a report funded by the U.S. Department of Labor & undertaken by Verité, a nonprofit organization focused on labor issues. The[...]

Use of Forced Labor "Systemic" In Malaysian IT Manufacturing

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

itwbennett (1594911) writes “The use of forced labor is so prevalent in the Malaysian electronics manufacturing industry that there is hardly a major brand name that isn’t touched by the illegal practice, according to a report funded by the U.S. Department of Labor & undertaken by Verité, a nonprofit organization focused on labor issues. The[...]

Apple Security Advisory 2014-09-17-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Apple Security Advisory 2014-09-17-1 – iOS 8 is now available & addresses wifi credential interception, identifier disclosure, path traversal, & various other vulnerabilities. View Source

Red Hat Security Advisory 2014-1256-01

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Red Hat Security Advisory 2014-1256-01 – An update for the openssl component for Red Hat JBoss Web Server 2.1.0 that fixes multiple security issues is now available from the Red Hat Customer Portal. View Source

ClassApps SelectSurvey.net 4.124.004 SQL Injection

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

ClassApps SelectSurvey.net version 4.124.004 suffers from multiple remote SQL injection vulnerabilities. View Source

Nokia Asha Lock Code Bypass

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

The Nokia Asha platform suffers from a lock code bypass vulnerability that allows for access to call records. View Source

eBay Redirect Attack Puts Buyers’ Credentials At Risk

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

mrspoonsi points out this BBC story approximately an eBay breach that was directing users to a spoof site. “eBay has been compromised so that people who clicked on some of its links were automatically diverted to a site designed to steal their credentials. The spoof site had been set up to look like the online[...]

eBay Redirect Attack Puts Buyers’ Credentials At Risk

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

mrspoonsi points out this BBC story approximately an eBay breach that was directing users to a spoof site. “eBay has been compromised so that people who clicked on some of its links were automatically diverted to a site designed to steal their credentials. The spoof site had been set up to look like the online[...]

[remote exploits] – Safari SVGPathSegList Use-After-Free Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

View Source

[web applications] – WordPress Theme Marble Arbitrary File Download Vulnerability

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

View Source

How Flickr Is Courting the Next Generation of Photographers

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

First time accepted submitter Molly McHugh writes Flickr Vice President Bernardo Hernandez explains how the beloved photo platform is targeting a new generation that’s addicted to smartphones. “10 or 15 years ago it was expensive & complicated to explore the world of photography,” Hernandez said. “Very few people could afford that—[it is] no surprise the[...]

How Flickr Is Courting the Next Generation of Photographers

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

First time accepted submitter Molly McHugh writes Flickr Vice President Bernardo Hernandez explains how the beloved photo platform is targeting a new generation that’s addicted to smartphones. “10 or 15 years ago it was expensive & complicated to explore the world of photography,” Hernandez said. “Very few people could afford that—[it is] no surprise the[...]

Obama Presses Leaders To Speed Ebola Response

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

mdsolar writes with the latest plan from the U.S. government to fight the Ebola epidemic in West Africa, & a call for more assist from other nations by the President. President Obama on Tuesday challenged world powers to accelerate the global response to the Ebola outbreak that is ravaging West Africa, warning that unless health[...]

Obama Presses Leaders To Speed Ebola Response

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

mdsolar writes with the latest plan from the U.S. government to fight the Ebola epidemic in West Africa, & a call for more assist from other nations by the President. President Obama on Tuesday challenged world powers to accelerate the global response to the Ebola outbreak that is ravaging West Africa, warning that unless health[...]

Is the Tesla Model 3 Actually Going To Cost $50,000?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

cartechboy writes How low can battery costs go, & how fast? That’s the question automakers are dealing with when it comes to the future of electric cars. Tesla is betting huge on electric & has already proven many skeptics wrong with its Model S sedan. The company is making even bolder claims with its upcoming[...]

Is the Tesla Model 3 Actually Going To Cost $50,000?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

cartechboy writes How low can battery costs go, & how fast? That’s the question automakers are dealing with when it comes to the future of electric cars. Tesla is betting huge on electric & has already proven many skeptics wrong with its Model S sedan. The company is making even bolder claims with its upcoming[...]

[web applications] – WordPress Webcam 2Way Videochat Plagin XSS Vulnerability

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

View Source

[web applications] – WordPress Plugin FormCraft Premium Arbitrary File Deletion

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

View Source

[web applications] – ZTE ZXDSL-931VII Unauthenticated Configuration Dump

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

View Source

Wave Power Fails To Live Up To Promise

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

the_newsbeagle writes: One of the leading companies developing wave power devices, Ocean Power Technologies, has dramatically scaled down its ambitions. The company had planned to install the world’s first commercial-scale wave farms off the coast of Australia & Oregon, yet has now announced that it’s ending those projects. Instead it will focus on developing next-gen[...]

Wave Power Fails To Live Up To Promise

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

the_newsbeagle writes: One of the leading companies developing wave power devices, Ocean Power Technologies, has dramatically scaled down its ambitions. The company had planned to install the world’s first commercial-scale wave farms off the coast of Australia & Oregon, yet has now announced that it’s ending those projects. Instead it will focus on developing next-gen[...]

iOS 8 Review

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes: Apple is releasing iOS 8 today, & Ars Technica has posted one of their huge, thorough reviews of the updated operating system. They have this to say approximately the UI: “iOS 8 tries to fit a whole lot more stuff onto a single screen than iOS 7 did. The operating system[...]

iOS 8 Review

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes: Apple is releasing iOS 8 today, & Ars Technica has posted one of their huge, thorough reviews of the updated operating system. They have this to say approximately the UI: “iOS 8 tries to fit a whole lot more stuff onto a single screen than iOS 7 did. The operating system[...]

Interviews: David Saltzberg Answers Your Questions About The Big Bang Theory

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

As the science consultant for The Big Bang Theory for the past seven seasons, Dr. David Saltzberg makes sure the show gets its science right. A few weeks ago, you had the chance to ask him approximately his work on the show & his personal scientific endeavors. Below you’ll find his answers to those questions.[...]

Interviews: David Saltzberg Answers Your Questions About The Big Bang Theory

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

As the science consultant for The Big Bang Theory for the past seven seasons, Dr. David Saltzberg makes sure the show gets its science right. A few weeks ago, you had the chance to ask him approximately his work on the show & his personal scientific endeavors. Below you’ll find his answers to those questions.[...]

Livefyre LiveComments 3.0 Cross Site Scripting

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Livefyre LiveComments version 3.0 suffers from a persistent cross site scripting vulnerability. View Source

WordPress WP-Ban 1.62 Bypass

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

WordPress WP-Ban plugin version 1.62 suffers from a bypass vulnerability when a properly minted X-Forwarded-For header is used. View Source

WordPress Login Widget With Shortcode 3.1.1 CSRF / XSS

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

WordPress Login Widget With Shortcode plugin version 3.1.1 suffers from cross site request forgery & cross site scripting vulnerabilities. View Source

OsClass 3.4.1 Cross Site Scripting

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

OsClass version 3.4.1 suffers from multiple cross site scripting vulnerabilities. View Source

OsClass 3.4.1 Local File Inclusion

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

OsClass version 3.4.1 suffers from a local file inclusion vulnerability. View Source

[web applications] – Phpwiki Ploticus Remote Code Execution Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

View Source

FreeBSD Security Advisory – TCP Denial Of Service

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

FreeBSD Security Advisory – The Transmission Control Protocol (TCP) of the TCP/IP protocol suite provides a connection-oriented, reliable, sequence-preserving data stream service. New TCP connections are initiated using special SYN flag in a datagram. Sequencing of data is controlled by 32-bit sequence numbers, that start with a random value & are increased using modulo 2**32[...]

Ubuntu Security Notice USN-2319-3

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Ubuntu Security Notice 2319-3 – USN-2319-1 fixed vulnerabilities in OpenJDK 7. This update provides stability fixes for the arm64 & ppc64el architectures. Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity & availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the[...]

Ubuntu Security Notice USN-2349-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Ubuntu Security Notice 2349-1 – It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program. View Source

Red Hat Security Advisory 2014-1255-01

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Red Hat Security Advisory 2014-1255-01 – Kerberos is an authentication system which allows clients & services to authenticate to each other with the assist of a trusted third party, a Kerberos Key Distribution Center. A buffer overflow was found in the KADM5 administration server when it was used with an LDAP back end for the[...]

Debian Security Advisory 3026-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Debian Linux Security Advisory 3026-1 – Alban Crequy & Simon McVittie discovered several vulnerabilities in the D-Bus message daemon. View Source

Debian Security Advisory 3025-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Debian Linux Security Advisory 3025-1 – It was discovered that APT, the high level package manager, does not properly invalidate unauthenticated data (CVE-2014-0488), performs incorrect verification of 304 replies (CVE-2014-0487), does not perform the checksum check when the Acquire::GzipIndexes option is used (CVE-2014-0489) & does not properly perform validation for binary packages downloaded by the[...]

ISIS Bans Math and Social Studies For Children

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

mpicpp sends this news from CNN: In swaths of Syria now controlled by ISIS, children can no longer study math or social studies. Sports are out of the question. And students will be banned from learning approximately elections & democracy. Instead, they’ll be subjected to the teachings of the radical Islamist group. And any teacher[...]

ISIS Bans Math and Social Studies For Children

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

mpicpp sends this news from CNN: In swaths of Syria now controlled by ISIS, children can no longer study math or social studies. Sports are out of the question. And students will be banned from learning approximately elections & democracy. Instead, they’ll be subjected to the teachings of the radical Islamist group. And any teacher[...]

Logitech Aims To Control the Smart Home

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes: Household devices are getting smarter these days: the so-called internet of things is bringing software-controlled thermostats, lighting, & other appliances into the mainstream. Many companies are fighting for a piece of the pie, yet Logitech is taking a different approach. They’re mostly known for computer peripherals, yet they moreover make multi-function[...]

Logitech Aims To Control the Smart Home

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes: Household devices are getting smarter these days: the so-called internet of things is bringing software-controlled thermostats, lighting, & other appliances into the mainstream. Many companies are fighting for a piece of the pie, yet Logitech is taking a different approach. They’re mostly known for computer peripherals, yet they moreover make multi-function[...]

Commander Keen: Keen Dreams Source Code Released

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

New submitter ildon writes: Recently, the rights holder of former game publisher Softdisk’s game library put the rights to some of their old titles up for sale, including Commander Keen: Keen Dreams, one of the few games in the series not to be published by Apogee. A group of fans created an Indiegogo campaign to[...]

Commander Keen: Keen Dreams Source Code Released

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

New submitter ildon writes: Recently, the rights holder of former game publisher Softdisk’s game library put the rights to some of their old titles up for sale, including Commander Keen: Keen Dreams, one of the few games in the series not to be published by Apogee. A group of fans created an Indiegogo campaign to[...]

Torvalds: No Opinion On Systemd

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes:Linux creator Linus Torvalds is well-known for his strong opinions on many technical things. But when it comes to systemd, the init system that has caused a fair degree of angst in the Linux world, Torvalds is neutral. “When it comes to systemd, you may expect me to have lots of colorful[...]

Torvalds: No Opinion On Systemd

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes:Linux creator Linus Torvalds is well-known for his strong opinions on many technical things. But when it comes to systemd, the init system that has caused a fair degree of angst in the Linux world, Torvalds is neutral. “When it comes to systemd, you may expect me to have lots of colorful[...]

Scotland’s Independence Vote Could Shake Up Industry

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

dcblogs writes: Scotland is not a major high-tech employment center, yet it has satisfactory universities & entrepreneurial energy. About 70,000 people work in tech out of a total workforce of approximately 2.5 million, or approximately 3%. By contrast, financial services accounts for approximately 15% of employment in Scotland. But passions are high. “Honest, I’ve never[...]

Scotland’s Independence Vote Could Shake Up Industry

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

dcblogs writes: Scotland is not a major high-tech employment center, yet it has satisfactory universities & entrepreneurial energy. About 70,000 people work in tech out of a total workforce of approximately 2.5 million, or approximately 3%. By contrast, financial services accounts for approximately 15% of employment in Scotland. But passions are high. “Honest, I’ve never[...]

A DC-10 Passenger Plane Is Perfect At Fighting Wildfires

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Daniel_Stuckey writes: Friday night in Southern California’s Silverado Valley, relief flew in on an old airliner. In this summer of drought & fire, the DC-10, an airplane phased out of passenger service in February, has been spotted from Idaho to Arizona delivering up to 12,000 gallons of fire retardant in a single acrobatic swoop. The[...]

A DC-10 Passenger Plane Is Perfect At Fighting Wildfires

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Daniel_Stuckey writes: Friday night in Southern California’s Silverado Valley, relief flew in on an old airliner. In this summer of drought & fire, the DC-10, an airplane phased out of passenger service in February, has been spotted from Idaho to Arizona delivering up to 12,000 gallons of fire retardant in a single acrobatic swoop. The[...]

MIUI Torch Enable

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

MIUI versions 4.1.17 & 5.30 have a flaw where NFC can be used to enable the torch. View Source

Android Bluetooth Enable

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

A logic flaw in some versions of Android can allow for bluetooth to be automatically enabled via NFC. View Source

MIUI Wifi Connection Message Wireless Enable

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

MIUI versions 4.1.17 & 5.30 have a flaw where NFC can be used to enable wifi. View Source

Project Kakilles 0.3

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Kakilles is a perl script that spawns an HTTP proxy & lets you modify user-agent, content, & cookie headers. View Source

Ask Slashdot: Have You Experienced Fear Driven Development?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

nerdyalien writes: A few years back, I worked for a large-scale web development project in southeast Asia. Despite formally adopting Agile/Scrum, development was driven based on fear imposed by managers. Scott Hanselman defines Fear-Driven-Development as having three parts. 1) Organizational fear has “worried approximately making mistakes, breaking the build, or causing bugs that the organization[...]

Ask Slashdot: Have You Experienced Fear Driven Development?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

nerdyalien writes: A few years back, I worked for a large-scale web development project in southeast Asia. Despite formally adopting Agile/Scrum, development was driven based on fear imposed by managers. Scott Hanselman defines Fear-Driven-Development as having three parts. 1) Organizational fear has “worried approximately making mistakes, breaking the build, or causing bugs that the organization[...]

College Students: Want To Earn More? Take a COBOL Class

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

jfruh writes: With a lot of debate over the value of a college education, here’s a data point students can use: at one Texas college, students who took an elective COBOL class earned on average $10,000 more a year upon graduation than classmates who hadn’t. COBOL, dropped from many curricula years ago as an outdated[...]

Farmers Carry Multidrug-Resistant Staph For Weeks Into Local Communities

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes: Fresh research out of the UNC Gillings & JHU Bloomberg schools of public health shows industrial farm workers are carrying livestock-associated, multidrug-resistant staph into local communities for weeks at a time. “Among the [22 people tested], 10 workers carried antibiotic-resistant strains of the bacteria in their noses for up to four[...]

Farmers Carry Multidrug-Resistant Staph For Weeks Into Local Communities

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

An anonymous reader writes: Fresh research out of the UNC Gillings & JHU Bloomberg schools of public health shows industrial farm workers are carrying livestock-associated, multidrug-resistant staph into local communities for weeks at a time. “Among the [22 people tested], 10 workers carried antibiotic-resistant strains of the bacteria in their noses for up to four[...]

NSA Director Says Agency Is Still Trying To Figure Out Cyber Operations

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Trailrunner7 writes: In a keynote speech at a security conference in Washington on Tuesday, new NSA Director Mike Rogers emphasized a need to establish behavioral norms for cyber war. “We’re still trying to work our way through distinguishing the difference between criminal hacking & an act of war,” said Rogers. “If this was easy, we[...]

NSA Director Says Agency Is Still Trying To Figure Out Cyber Operations

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

Trailrunner7 writes: In a keynote speech at a security conference in Washington on Tuesday, new NSA Director Mike Rogers emphasized a need to establish behavioral norms for cyber war. “We’re still trying to work our way through distinguishing the difference between criminal hacking & an act of war,” said Rogers. “If this was easy, we[...]

Why Is It Taking So Long To Secure Internet Routing?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

CowboyRobot writes: We live in an imperfect world where routing-security incidents can still slip past deployed security defenses, & no single routing-security solution can prevent every attacks. Research suggests, however, that the combination of RPKI (Resource Public Key Infrastructure) with prefix filtering could significantly improve routing security; both solutions are based on whitelisting techniques &[...]

Why Is It Taking So Long To Secure Internet Routing?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 17, 2014

CowboyRobot writes: We live in an imperfect world where routing-security incidents can still slip past deployed security defenses, & no single routing-security solution can prevent every attacks. Research suggests, however, that the combination of RPKI (Resource Public Key Infrastructure) with prefix filtering could significantly improve routing security; both solutions are based on whitelisting techniques &[...]

What To Expect With Windows 9

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

snydeq writes: Two weeks before the its official unveiling, this article provides a roundup of what to expect & the open questions around Windows 9, given Build 9834 leaks & confirmations springing up all over the Web. The desktop’s Start Menu, Metro apps running in resizable windows on the desktop, virtual desktops, Notification Center, &[...]

What To Expect With Windows 9

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

snydeq writes: Two weeks before the its official unveiling, this article provides a roundup of what to expect & the open questions around Windows 9, given Build 9834 leaks & confirmations springing up all over the Web. The desktop’s Start Menu, Metro apps running in resizable windows on the desktop, virtual desktops, Notification Center, &[...]

The Case For a Federal Robotics Commission

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

New submitter hmcd31 writes: In a new paper for Brookings’ series on the future of civilian robotics, University of Washington Law Professor Ryan Calo argues the need for a Federal Robotics Commission. With advancements such as driverless cars & drones taking to the roads & skies, Calo sees a need for a government agency to[...]

The Case For a Federal Robotics Commission

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

New submitter hmcd31 writes: In a new paper for Brookings’ series on the future of civilian robotics, University of Washington Law Professor Ryan Calo argues the need for a Federal Robotics Commission. With advancements such as driverless cars & drones taking to the roads & skies, Calo sees a need for a government agency to[...]

Digia Spins Off Qt As Subsidiary

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

DeviceGuru writes: Following through on an announcement from August, Digia has spun off a subsidiary called The Qt Company to unify Qt’s commercial & open source efforts, & debuted a low-cost plan for mobile developers. The Linux-oriented Qt cross-platform development framework has had a tumultuous career, having been passed around Scandinavia over the years from[...]

Digia Spins Off Qt As Subsidiary

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

DeviceGuru writes: Following through on an announcement from August, Digia has spun off a subsidiary called The Qt Company to unify Qt’s commercial & open source efforts, & debuted a low-cost plan for mobile developers. The Linux-oriented Qt cross-platform development framework has had a tumultuous career, having been passed around Scandinavia over the years from[...]

NASA’s Manned Rocket Contract: $4.2 Billion To Boeing, $2.6 Billion To SpaceX

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

schwit1 writes NASA has chosen two companies to ferry astronauts to & from the International Space Station, & those companies are Boeing & SpaceX. This decision confirms that SpaceX is ready to go & gives the company the opportunity to complete the job, while moreover giving Boeing the chance to show that it can still[...]

NASA’s Manned Rocket Contract: $4.2 Billion To Boeing, $2.6 Billion To SpaceX

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

schwit1 writes NASA has chosen two companies to ferry astronauts to & from the International Space Station, & those companies are Boeing & SpaceX. This decision confirms that SpaceX is ready to go & gives the company the opportunity to complete the job, while moreover giving Boeing the chance to show that it can still[...]

Ubuntu Security Notice USN-2348-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

Ubuntu Security Notice 2348-1 – It was discovered that APT did not re-verify downloaded files when the If-Modified-Since wasn’t met. It was discovered that APT did not invalidate repository data when it switched from an unauthenticated to an authenticated state. It was discovered that the APT Acquire::GzipIndexes option caused APT to skip checksum validation. This[...]

FBI Completes New Face Recognition System

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

Advocatus Diaboli writes: According to a report from Gizmodo, “After six years & over one billion dollars in development, the FBI has just announced that its new biometric facial recognition software system is finally complete. Meaning that, starting soon, photos of tens of millions of U.S. citizen’s faces will be captured by the national system[...]

FBI Completes New Face Recognition System

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

Advocatus Diaboli writes: According to a report from Gizmodo, “After six years & over one billion dollars in development, the FBI has just announced that its new biometric facial recognition software system is finally complete. Meaning that, starting soon, photos of tens of millions of U.S. citizen’s faces will be captured by the national system[...]

Delphi And C++ Builder VCL Library Heap Buffer Overflow

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

Core Security Technologies Advisory – Applications developed with Delphi & C++ Builder that use the specific integrated graphic library detailed in this advisory are prone to a security vulnerability when processing malformed BMP files. View Source

Cart Engine 3.0 XSS / Open Redirect / SQL Injection

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

Cart Engine version 3.0 suffers from cross site scripting, open redirection, & remote SQL injection vulnerabilities. View Source

Laravel 2.1 Hash::make() bcrypt Truncation

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

Laravel version 2.1 fails to check length prior to password hash creation allowing for possible hash collisions for secrets over 72 characters. View Source

Phpwiki Ploticus Remote Code Execution

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

The Ploticus module in PhpWiki 1.5.0 allows remote attackers to execute arbitrary code via command injection. View Source

Micron Releases 16nm-Process SSDs With Dynamic Flash Programming

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

Lucas123 writes: Micron’s newest client flash drive line, the M600, uses its first 16nm process technology & dynamic write acceleration firmware that allows the flash to be programmed as SLC or MLC instead of using overprovisioning or reserving a permanent pool of flash cache to accelerate writes. The ability to dynamically program the flash reduces[...]

Micron Releases 16nm-Process SSDs With Dynamic Flash Programming

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

Lucas123 writes: Micron’s newest client flash drive line, the M600, uses its first 16nm process technology & dynamic write acceleration firmware that allows the flash to be programmed as SLC or MLC instead of using overprovisioning or reserving a permanent pool of flash cache to accelerate writes. The ability to dynamically program the flash reduces[...]

Astronomers Find Star-Within-a-Star, 40 Years After First Theorized

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

derekmead writes: After 40 years, astronomers have likely found a rather strange celestial body known as a Thorne–Zytkow object (TZO), in which a neutron star is absorbed by a red supergiant. Originally predicted in the 1970s, the first non-theoretical TZO was found earlier this year, based on calculations presented in a paper forthcoming in MNRAS.[...]

Astronomers Find Star-Within-a-Star, 40 Years After First Theorized

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

derekmead writes: After 40 years, astronomers have likely found a rather strange celestial body known as a Thorne–Zytkow object (TZO), in which a neutron star is absorbed by a red supergiant. Originally predicted in the 1970s, the first non-theoretical TZO was found earlier this year, based on calculations presented in a paper forthcoming in MNRAS.[...]

Apple Edits iPhone 6’s Protruding Camera Out of Official Photos

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

Sockatume writes: If you’ve been browsing Apple’s site leading up to the iPhone 6 launch, you might’ve noticed something a little odd. Apple has edited the handset’s protruding camera out of every single side-on view of the phone. (The camera is, necessarily, retained for images showing the back of the device.) The absence is particularly[...]

Apple Edits iPhone 6’s Protruding Camera Out of Official Photos

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

Sockatume writes: If you’ve been browsing Apple’s site leading up to the iPhone 6 launch, you might’ve noticed something a little odd. Apple has edited the handset’s protruding camera out of every single side-on view of the phone. (The camera is, necessarily, retained for images showing the back of the device.) The absence is particularly[...]

New Global Plan Would Crack Down On Corporate Tax Avoidance

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

HughPickens.com writes: Reuters reports that plans for a major rewriting of international tax rules have been unveiled by the Organisation for Economic Co-operation & Development (OECD) that could eliminate structures that have allowed companies like Google & Amazon to shave billions of dollars off their tax bills. For more than 50 years, the OECD’s work[...]

New Global Plan Would Crack Down On Corporate Tax Avoidance

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: September 16, 2014

HughPickens.com writes: Reuters reports that plans for a major rewriting of international tax rules have been unveiled by the Organisation for Economic Co-operation & Development (OECD) that could eliminate structures that have allowed companies like Google & Amazon to shave billions of dollars off their tax bills. For more than 50 years, the OECD’s work[...]

Tags
Online Now
Welcome , today is Thursday, September 18, 2014