Ballmer Says Amazon Isn’t a "Real Business"

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 25, 2014

theodp writes According to Steve Ballmer, Amazon.com is not a real business. “They make no money,” Ballmer said on the Charlie Rose Show. “In my world, you’re not a real business until you make some money. I have a complex time with businesses that don’t make money at some point.” Ballmer’s comments come as Amazon[...]

Google Search Finally Adds Information About Video Games

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 25, 2014

An anonymous reader writes Google has expanded its search engine with the capability to recognize video games. If your query references a game, a new Knowledge Graph panel on the right-hand side of Google’s search results page will offer more information, including the series it belongs to, initial release date, supported platforms, developers, publishers, designers,[...]

Peter Kuran:Visual Effects Artist and Atomic Bomb Archivist

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 25, 2014

Lasrick links to this interview with Peter Kuran, an animator of the original Star Wars & legendary visual effects artist, writing If you saw the recent remake of Godzilla, you saw stock footage from Atom Central, known on YouTube as ‘the atomic bomb channel.’ Atom Central is the brainchild of Kuran, who among his many[...]

OwnCloud Dev Requests Removal From Ubuntu Repos Over Security Holes

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 25, 2014

operator_error notes a report that ownCloud developer Lukas Reschke has emailed the Ubuntu Devel mailing list to request that ownCloud (server) be removed from the Ubuntu repositories because it contains “multiple critical security bugs for which no fixes have been backported,” through which an attacker could “gain complete control [of] the web server process.” From[...]

Microsoft Now Makes Money From Surface Line, Q1 Sales Reach Almost $1 Billion

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 25, 2014

SmartAboutThings writes Microsoft has recently published its Q1 fiscal 2015 earnings report, disclosing that it has made $4.5 billion in net income on $23.20 billion in revenue. According to the report, revenue has increased by $4.67 billion, compared to $18.53 billion from the same period last year. However, net income has decreased 14 percent compared[...]

Days After Shooting, Canada Proposes New Restrictions On and Offline

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

New submitter o_ferguson writes As Slashdot reported earlier this week, a lone shooter attacked the war memorial & parliament buildings in Ottawa, Canada on Wednesday. As many comments predicted, the national government has seized this as an opportunity to roll out considerable new regressive legislation, including measures designed to* increase data access for domestic intelligence[...]

AT&T Locks Apple SIM Cards On New iPads

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

As reported by MacRumors, the unlocked, carrier-switchable SIM cards built into the newest iPads aren’t necessarily so — at least if you buy them from an AT&T store. Though the card comes from Apple with the ability to support (and be switched among with software, if a alter is necessary) all major carriers, “AT&T is[...]

Passwords: Too Much and Not Enough

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

An anonymous reader writes: Sophos has a blog post up saying, “attempts to obtain users to select passwords that will resist offline guessing, e.g., by composition policies, advice & strength meters, must largely be judged failures.” They say a password must withstand 1,000,000 guesses to survive an online attack yet 100,000,000,000,000 to have any hope[...]

Verizon Injects Unique IDs Into HTTP Traffic

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

An anonymous reader writes: Verizon Wireless, the nation’s largest wireless carrier, is now moreover a real-time data broker. According to a security researcher at Stanford, Big Red has been adding a unique identifier to web traffic. The purpose of the identifier is advertisement targeting, which is offensive enough. But the design of the system moreover[...]

TOR Virtual Network Tunneling Tool 0.2.5.10

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Tor is a network of virtual tunnels that allows people & groups to improve their privacy & security on the Internet. It moreover enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations & individuals to share information over public networks[...]

Secretive Funding Fuels Ongoing Net Neutrality Astroturfing Controversy

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

alphadogg writes: The contentious debate approximately net neutrality in the U.S. has sparked controversy over a lack of funding transparency for advocacy groups & think tanks, which critics say subverts the political process. News stories from a handful of publications in recent months have accused some think tanks & advocacy groups of “astroturfing” — quietly[...]

EMC Avamar Sensitive Information Disclosure

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

EMC Avamar server contains a vulnerability that may allow remote Avamar client user to retrieve sensitive account credentials from affected Avamar server using Java API calls. No authentication to Avamar server is required for this potential attack. Exposed information includes MCUser & GSAN account passwords of all grid systems that are being monitored in EMC[...]

EMC Avamar Weak Password Storage

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

EMC ADS/AVE Password hardening package uses the DES-based traditional Unix crypt scheme that may be susceptible to brute force & dictionary attacks if the hashes are obtained by an adversary. The hardening package is an optional package & installed separately. Affected includes EMC Avamar Data Store (ADS) GEN4(S) & Avamar Virtual Edition (AVE) running Avamar[...]

EMC NetWorker Module For MEDITECH (NMMEDI) Information Disclosure

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

A vulnerability exists in the EMC NetWorker Module for MEDITECH when used with EMC RecoverPoint that could potentially allow exposure of sensitive information. EMC NetWorker Module for MEDITECH (NMMEDI) version 3.0 builds 87-90 are affected. View Source

Apple Security Advisory 2014-10-22-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Apple Security Advisory 2014-10-22-1 – QuickTime 7.7.6 is now available & addresses memory corruption & buffer overflow vulnerabilities. View Source

Mandriva Linux Security Advisory 2014-203

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Mandriva Linux Security Advisory 2014-203 – OpenSSL has added support for TLS_FALLBACK_SCSV to allow applications to block the ability for a MITM attacker to force a protocol downgrade. Some client applications will reconnect using a downgraded protocol to work around interoperability bugs in older servers. This could be exploited by an active man-in-the-middle to downgrade[...]

Mandriva Linux Security Advisory 2014-204

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Mandriva Linux Security Advisory 2014-204 – A denial of service flaw was found in libxml2, a library providing support to read, modify & write XML & HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption based on excessive[...]

Mandriva Linux Security Advisory 2014-202

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Mandriva Linux Security Advisory 2014-202 – A heap corruption issue was reported in PHP’s exif_thumbnail() function. A specially-crafted JPEG image could cause the PHP interpreter to crash or, potentially, execute arbitrary code. The updated php packages have been upgraded to the 5.5.18 version resolve this security flaw. Additionally, php-apc has been rebuilt against the updated[...]

Mandriva Linux Security Advisory 2014-209

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Mandriva Linux Security Advisory 2014-209 – Multiple vulnerabilities has been discovered & corrected in java-1.7.0-openjdk. The updated packages provides a solution for these security issues. View Source

Mandriva Linux Security Advisory 2014-208

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Mandriva Linux Security Advisory 2014-208 – In phpMyAdmin before 4.2.10.1, with a crafted database or table name it is possible to trigger an XSS in SQL debug output when enabled & in server monitor page when viewing & analysing executed queries. View Source

Mandriva Linux Security Advisory 2014-207

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Mandriva Linux Security Advisory 2014-207 – A flaw was discovered in ejabberd that allows clients to connect with an unencrypted connection even if starttls_required is set. View Source

Mandriva Linux Security Advisory 2014-206

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Mandriva Linux Security Advisory 2014-206 – A denial of service issue was discovered in ctags 5.8. A remote attacker could cause excessive CPU usage & disk space consumption via a crafted JavaScript file by triggering an infinite loop. View Source

Mandriva Linux Security Advisory 2014-205

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Mandriva Linux Security Advisory 2014-205 – A heap-based overflow vulnerability was found in the way Lua handles varargs functions with many fixed parameters called with few arguments, leading to application crashes or, potentially, arbitrary code execution. View Source

Debian Security Advisory 3055-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Debian Linux Security Advisory 3055-1 – Multiple vulnerabilities have been discovered in Pidgin, a multi-protocol instant messaging client. View Source

A Low Cost, Open Source Geiger Counter (Video)

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Sawaiz Syed’s LinkedIn page says he’s a “Hardware Developer at GSU [Georgia State University], Department of Physics.” That’s a tremendous workplace for someone who designs low cost radiation detectors that can be air-dropped into an area where there has been a nuclear accident (or a nuclear attack; or a nuclear terrorist act) & read remotely[...]

Computer Scientist Parachutes From 135,908 Feet, Breaking Record

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

An anonymous reader writes: The NY Times reports that Alan Eustace, a computer scientist & senior VP at Google, has successfully broken the record for highest freefall jump, set by Felix Baumgartner in 2012. “For a little over two hours, the balloon ascended at speeds up to 1,600 feet per minute to an altitude of[...]

Researcher Finds Tor Exit Node Adding Malware To Downloads

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Trailrunner7 writes: A security researcher has identified a Tor exit node that was actively patching binaries users download, adding malware to the files dynamically. The discovery, experts say, highlights the danger of trusting files downloaded from unknown sources & the potential for attackers to abuse the trust users have in Tor & similar services. Josh[...]

[web applications] – WordPress CP Multi View Event Calendar 1.01 SQL Injection Vulnerability

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

View Source

[web applications] – WordPress / Joomla Creative Contact Form 0.9.7 Shell Upload Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

View Source

[web applications] – TestLink 1.9.12 Multiple Vulnerabilities

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

View Source

[local exploits] – OpenBSD 5.5 Local Kernel Panic Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

View Source

[remote exploits] – Centreon SQL / Command Injection Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

View Source

Employers Worried About Critical Thinking Skills

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Nerval’s Lobster writes: Every company needs employees who can analyze information effectively, discarding what’s unnecessary & digging down into what’s actually useful. But employers are getting a little bit worried that U.S. schools aren’t teaching students the necessary critical-thinking skills to actually succeed once they hit the open marketplace. The Wall Street Journal talked with[...]

Recent Nobel Prize Winner Revolutionizes Microscopy Again

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

An anonymous reader writes: Eric Betzig recently shared in the Nobel Prize for Chemistry for his work on high-resolution microscopy. Just yesterday, Betzig & a team of researchers published a new microscopy technique (abstract) that “allows them to observe living cellular processes at groundbreaking resolution & speed.” According to the article, “Until now, the best[...]

Decades-old Scientific Paper May Hold Clues To Dark Matter

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

sciencehabit writes: Here’s one reason libraries hang on to old science journals: A paper from an experiment conducted 32 years ago may shed light on the nature of dark matter, the mysterious stuff whose gravity appears to keep the galaxies from flying apart. The old data put a crimp in the newfangled concept of a[...]

PCGamingWiki Looks Into Linux Gaming With ‘Port Reports’

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

AberBeta writes: PCGamingWiki contributor Soeb has been looking into the recent larger budget game releases to appear on Linux, including XCOM: Enemy Unknown & Borderlands: The Pre–Sequel produced by Mac porting houses Feral & Aspyr. Soeb reports that while feature parity is high, performance could be a bit better. Performance differences aside, the games are[...]

How To Beat Online Price Discrimination

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

New submitter Intrepid imaginaut sends word of a study (PDF) into how e-commerce sites show online shoppers different prices depending on how they found an item & what the sites know approximately the customer. “For instance, the study found, users logged in to Cheaptickets & Orbitz saw lower hotel prices than shoppers who were not[...]

Automation Coming To Restaurants, But Not Because of Minimum Wage Hikes

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

dcblogs writes: McDonald’s this week told financial analysts of its plans to install self-ordering kiosks & mobile ordering at its restaurants. This news prompted the Wall Street Journal to editorialize, in ” Minimum Wage Backfire,” that while it may be true for McDonald’s to say that its tech plans will improve customer experience, the move[...]

FTDI Removes Driver From Windows Update That Bricked Cloned Chips

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

New submitter weilawei writes: Last night, FTDI, a Scottish manufacturer of USB-to-serial ICs, posted a response to the ongoing debacle over its allegedly intentional bricking of competitors’ chips. In their statement, FTDI CEO Fred Dart said, “The recently release driver release has now been removed from Windows Update so that on-the-fly updating cannot occur. The[...]

Stem Cells Grown From Patient’s Arm Used To Replace Retina

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

BarbaraHudson writes: The Globe & Mail is reporting the success of a procedure to implant a replacement retina grown from cells from the patient’s skin. Quoting: “Transplant doctors are stepping gingerly into a new world, one month after a Japanese woman received the first-ever tissue transplant using stem cells that came from her own skin,[...]

Detritus From Cancer Cells May Infect Healthy Cells

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

bmahersciwriter writes Tiny bubbles of cell membrane — called exosomes — are shed by most cells. Long thought to be mere trash, researchers had recently noticed that they often contain short, regulatory RNA molecules, suggesting that exosomes may be one way that cells communicate with one another. Now, it appears that RNA in the exosomes[...]

MyBB MyBBlog 1.0 Cross Site Scripting

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

MyBB MyBBlog plugin version 1.0 suffers from a cross site scripting vulnerability. Note that this finding houses site-specific data. View Source

British Army Looking For Gamers For Their Smart-Tanks

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

concertina226 writes The U.K. branch of global defense firm General Dynamics is working on a futuristic state-of-the-art smart-tank to replace the British Army’s aging armored vehicle fleet, to be delivered to the Ministry of Defense in 2020. The Scout SV armored vehicle is the first fully-digitized armored fighting vehicle to have been built for the[...]

Incapacitating Chemical Agents: Coming Soon To Local Law Enforcement?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Lasrick writes To this day, Russian authorities refuse to disclose the incapacitating chemical agent (ICA) they employed in their attempt, 12 years ago, to save 900 hostages held in a theater by Chechen fighters. Malcom Dando elaborates on a new report (PDF) that Russia, China, Israel, & a slew of other countries are continuing research[...]

NY Doctor Recently Back From West Africa Tests Positive For Ebola

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

An anonymous reader writes An emergency room doctor who recently returned to the city after treating Ebola patients in West Africa has tested positive for the virus, Mayor Bill de Blasio said. It’s the first case in the city & the fourth in the nation. From the article: “The doctor, identified as Craig Spencer, 33,[...]

Tracking a Bitcoin Thief

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

An anonymous reader writes A small group of researchers were able to publish an investigative report on the hacking of a popular Bitcoin exchange earlier this year by the name of CryptoRush.in. Close to a million dollars stolen in crypto currency lead the group to discover evidence, track down the attacker & put together a[...]

How Sony, Intel, and Unix Made Apple’s Mac a PC Competitor

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

smaxp writes In 2007, Sony’s supply chain lessons, the network effect from the shift to Intel architecture, & a better OS X for developers combined to renew the Mac’s growth. The network effects of the Microsoft Wintel ecosystem that Rappaport explained 20 years ago in the Harvard Business Review are no longer a huge advantage.[...]

SMART Begins Live Public Robocar Tests In Singapore

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 24, 2014

Hallie Siegel writes Robocar R&D is moving swift in Singapore, & this week, the National University of Singapore (NUS) announced they will be doing a live public demo of their autonomous golf carts over a course with 10 stops in the Singapore Chinese & Japanese Gardens. The public will be able to book rides online,[...]

Microsoft Exec Opens Up About Research Lab Closure, Layoffs

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

alphadogg writes It’s been a bit over a month since Microsoft shuttered its Microsoft Research lab in Silicon Valley as part of the company’s broader restructuring that will include 18,000 layoffs. This week, Harry Shum, Microsoft EVP of Technology & Research, posted what he termed an “open letter to the academic research community” on the[...]

Tor-ramdisk i686 UClibc-based Linux Distribution x86_64 20141022

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security & privacy. Tor is a network of virtual tunnels that allows people & groups to improve their privacy & security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX[...]

Tor-ramdisk i686 UClibc-based Linux Distribution x86 20141022

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Tor-ramdisk is an i686 uClibc-based micro Linux distribution whose only purpose is to host a Tor server in an environment that maximizes security & privacy. Tor is a network of virtual tunnels that allows people & groups to improve their privacy & security on the Internet. Security is enhanced by employing a monolithically compiled GRSEC/PAX[...]

Centreon SQL / Command Injection

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

This Metasploit module exploits several vulnerabilities on Centreon 2.5.1 & prior & Centreon Enterprise Server 2.2 & prior. Due to a combination of SQL injection & command injection in the displayServiceStatus.php component, it is possible to execute arbitrary commands as long as there is a valid session registered in the centreon.session table. In order to[...]

TestLink 1.9.12 Path Disclosure

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

TestLink versions 1.9.12 & below suffer from a path disclosure weakness. View Source

[web applications] – Cisco Ironport WSA telnetd Remote Code Execution Vulnerability

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

View Source

[web applications] – Mulesoft ESB Runtime 3.5.1 Privilege Escalation / Code Execution Vulnerabilities

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

View Source

TestLink 1.9.12 PHP Object Injection

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

TestLink versions 1.9.12 & below suffer from a PHP object injection vulnerability in execSetResults.php. View Source

Tech Firm Fined For Paying Imported Workers $1.21 Per Hour

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

An anonymous reader sends in news approximately a company that was fined for flying in “about eight employees” from India to work 120-hour weeks for $1.21 per hour. Electronics for Imaging paid several employees from India as little as $1.21 an hour to assist install computer systems at the company’s Fremont headquarters, federal labor officials[...]

OpenBSD 5.5 Local Kernel Panic

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

OpenBSD versions 5.5 & below local kernel panic proof of concept exploit for i386. View Source

Dell SonicWall GMS 7.2.x Script Insertion

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Dell SonicWall GMS version 7.2.x suffers from a script insertion vulnerability. View Source

WordPress CP Multi View Event Calendar 1.01 SQL Injection

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

WordPress CP Multi View Event Calendar plugin version 1.01 suffers from a remote SQL injection vulnerability. View Source

WordPress / Joomla Creative Contact Form 0.9.7 Shell Upload

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

WordPress / Joomla Creative Contact Form plugin versions 0.9.7 & below suffer from a remote shell upload vulnerability. View Source

Mark Zuckerberg Speaks Mandarin At Tsinghua University In Beijing

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

HughPickens.com writes Abby Phillip reports at the Washington Post that that Mark Zuckerberg just posted a 30-minute Q&A at Tsinghua University in Beijing in which he answered every question exclusively in Chinese — a notoriously difficult language to learn & particularly, to speak. “It isn’t just Zuckerberg’s linguistic acrobatics that make this a notable moment,”[...]

[web applications] – Feng Office 1.7.4 – XSS / Arbitrary File Upload Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

View Source

[local exploits] – Filemaker Login Bypass and Privilege Escalation Vulnerability

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

View Source

[local exploits] – Free WMA MP3 Converter 1.8 SEH Buffer Overflow Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

View Source

Free WMA MP3 Converter 1.8 SEH Buffer Overflow

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Free WMA MP3 Converter version 1.8 SEH buffer overflow exploit. View Source

Assange: Google Is Not What It Seems

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

oxide7 (1013325) writes “In June 2011, Julian Assange received an unusual visitor: the chairman of Google, Eric Schmidt. They outlined radically opposing perspectives: for Assange, the liberating power of the Internet is based on its freedom & statelessness. For Schmidt, emancipation is at one with U.S. foreign policy objectives & is driven by connecting non-Western[...]

Ubuntu Security Notice USN-2388-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Ubuntu Security Notice 2388-1 – A vulnerability was discovered in the OpenJDK JRE related to information disclosure & data integrity. An attacker could exploit this to expose sensitive data over the network. Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. Several vulnerabilities were discovered in the OpenJDK JRE related to information[...]

Ubuntu Security Notice USN-2388-2

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Ubuntu Security Notice 2388-2 – USN-2388-1 fixed vulnerabilities in OpenJDK 7 for Ubuntu 14.04 LTS. This update provides the corresponding updates for Ubuntu 14.10. A vulnerability was discovered in the OpenJDK JRE related to information disclosure & data integrity. An attacker could exploit this to expose sensitive data over the network. Various other issues were[...]

Red Hat Security Advisory 2014-1668-01

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Red Hat Security Advisory 2014-1668-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. A NULL pointer dereference flaw was found in the way the Linux kernel’s Stream Control Transmission Protocol implementation handled simultaneous connections between the same hosts. A remote attacker could use this flaw to crash the[...]

Leaked Documents Reveal Behind-the-Scenes Ebola Vaccine Issues

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

sciencehabit writes Extensive background documents from a meeting that took place today at the World Health Organization (WHO) have provided new details approximately exactly what it will take to test, produce, & bankroll Ebola vaccines, which could be a potential game changer in the epidemic. ScienceInsider obtained materials that vaccinemakers, governments, & WHO provided to[...]

Free WMA MP3 Converter 1.8 Buffer Overflow

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Free WMA MP3 Converter version 1.8 buffer overflow exploit. View Source

Ubuntu 14.10 Released With Ambitious Name, But Small Changes

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Ubuntu 14.10, dubbed Utopic Unicorn, has been released today (here are screenshots). PC World says that at first glance “isn’t the most thrilling update,” with not so much as a new default wallpaper — yet happily so: it’s a stable update in a stable series, & most users will have no pressing need to update[...]

ElectricCommander 4.2.4.71224 Privilege Escalation

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

ElectricCommander version 4.2.4.71224 suffers from a local privilege escalation vulnerability. View Source

German Publishers Capitulate, Let Google Post News Snippets

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

itwbennett writes German publishers said they are bowing to Google’s market power, & will allow the search engine to show news snippets in search results free of charge — at least for the time being. The decision is a step in an ongoing legal dispute between the publishers & Google in which, predictably, publishers are[...]

We Need Distributed Social Networks More Than Ello

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Frequent contributor Bennett Haselton writes: Facebook threatened to banish drag queen pseudonyms, & (some) users revolted by flocking to Ello, a social network which promised not to enforce real names & moreover to remain ad-free. Critics said that the idealistic model would buckle under pressure from venture capitalists. But both gave scant mention to the[...]

Ask Slashdot: Smarter Disk Space Monitoring In the Age of Cheap Storage?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

relliker writes In the olden days, when monitoring a file system of a few 100 MB, we would be alerted when it topped 90% or more, with 95% a lot of times considered quite critical. Today, however, with a lot of file systems in the Terabyte range, a 90-95% full file system can still have[...]

Austin Airport Tracks Cell Phones To Measure Security Line Wait

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

jfruh writes If you obtain into the TSA security line at Austin-Bergstrom International Airport, you’ll see monitors telling you how long your wait will be — & if you have a phone with Wi-Fi enabled, you’re helping the airport come up with that number. A system implemented by Cisco tracks the MAC addresses of phones[...]

Apple 1 Sells At Auction For $905,000

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Dave Knott writes One of the few remaining examples of Apple Inc’s first pre-assembled computer, the Apple 1, sold for $905,000 at an auction in New York on Wednesday. The final price outstrips expectations, as auction house Bonhams had said it expected to sell the machine, which was working as of September, for between $300,000[...]

Ello Formally Promises To Remain Ad-Free, Raises $5.5M

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Social media site Ello is presented as the anti-Facebook, promising an ad-free social network, & that they won’t sell private data. Today, they’ve moreover announced that Ello has become a Public Benefit Corporation, & that the site’s anti-advertising promise has been enshrined in a corporate charter. The BBC reports on the restrictions that Ello has[...]

Cisco Fixes Three-Year-Old Telnet Flaw In Security Appliances

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Trailrunner7 writes “There is a severe remote code execution vulnerability in a number of Cisco’s security appliances, a bug that was first disclosed nearly three years ago. The vulnerability is in Telnet & there has been a Metasploit module available to exploit it for years. The FreeBSD Project first disclosed the vulnerability in telnet in[...]

Sale of IBM’s Chip-Making Business To GlobalFoundries To Get US Security Review

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

dcblogs writes IBM is an officially sanctioned trusted supplier to the U.S. Defense Dept., & the transfer of its semiconductor manufacturing to GlobalFoundries, a U.S.-based firm owned by investors in Abu Dhabi, will obtain U.S. scrutiny. Retired U.S. Army Brig. Gen. John Adams, who authored a report last year for an industry group approximately U.S.[...]

Proposed Penalty For UK Hackers Who "Damage National Security": Life

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

An anonymous reader writes with this excerpt from The Guardian: Government plans that mean computer users deemed to have damaged national security, the economy or the environment will face a life sentence have been criticised by experts who warn that the new law could be used to target legitimate whistleblowers. The proposed legislation would mean[...]

The Inevitable Death of the Internet Troll

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

HughPickens.com writes James Swearingen writes at The Atlantic that the Internet can be a mean, hateful, & frightening place — especially for young women yet human behavior & the limits placed on it by both law & society can change. In a Pew Research Center survey of 2,849 Internet users, one out of every four[...]

OpenSSL 6.7p1 bl0wsshd00r67p1 Backdoor

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

bl0wsshd00r backdoors OpenSSH 6.7p1 with a magic password for any user, sniffs & records traffic, & mitigates logging to lastlog/wtmp/utmp. View Source

Wonderful World-Wide CMS SQL Injection / Default Credentials

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Wonderful World-Wide CMS suffers from having default administrative credentials & a remote SQL injection vulnerability. View Source

Machine Learning Expert Michael Jordan On the Delusions of Big Data

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

First time accepted submitter agent elevator writes In a wide-ranging interview at IEEE Spectrum, Michael I. Jordan skewers a bunch of sacred cows, basically saying that: The overeager adoption of huge data is likely to result in catastrophes of analysis comparable to a national epidemic of collapsing bridges. Hardware designers creating chips based on the[...]

U.K. Supermarkets Beta Test Full-Body 3D Scanners For Selfie Figurines

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

Lucas123 writes Walmart-owned ASDA supermarkets in the U.K. are beta testing 3D full-body scanning booths that allow patrons to buy 6-in to 9-in high “selfie” figurines. Artec Group, a maker of 3D scanners & software, said its Shapify Booth, which can scan your entire body in 12 seconds & use the resulting file to create[...]

New Microsoft Garage Site Invites Public To Test a Wide Range of App Ideas

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

An anonymous reader writes Microsoft today launched a new section on its website: The Microsoft Garage is designed to donate the public early access to various projects the company is testing right now. The team is kicking off with a total of 16 free consumer-facing apps, spanning Android, Android Wear, iOS, Windows Phone, Windows, &[...]

Will Fiber-To-the-Home Create a New Digital Divide?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

First time accepted submitter dkatana writes Having some type of fiber or high-speed cable connectivity is normal for many of us, yet in most developing countries of the world & many areas of Europe, the US, & other developed countries, access to “super-fast” broadband networks is still a dream. This is creating another “digital divide.”[...]

Oldest Human Genome Reveals When Our Ancestors Mixed With Neanderthals

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

sciencehabit writes DNA recovered from a femur bone in Siberia belongs to a man who lived 45,000 years ago, according to a new study. His DNA was so well preserved that scientists were able to sequence his entire genome, making his the oldest complete modern human genome on record. Like present-day Europeans & Asians, the[...]

Two Exocomet Families Found Around Baby Star System

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 23, 2014

astroengine writes Scientists have found two families of comets in the developing Beta Pictoris star system, located approximately 64 million light-years from Earth, including one group that appears to be remnants of a smashed-up protoplanet. The discovery bolsters our theoretical understanding of the violent processes that led to the formation of Earth & the other[...]

Will the Google Car Turn Out To Be the Apple Newton of Automobiles?

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

An anonymous reader writes The better question may be whether it will ever be ready for the road at all? The car has fewer capabilities than most people seem to be aware of. The notion that it will be widely available any time shortly is a stretch. From the article: “Noting that the Google car[...]

Michigan Latest State To Ban Direct Tesla Sales

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

An anonymous reader writes As many expected, Michigan Governor Michigan Governor Rick Snyder signed a bill that bans Tesla Motors from selling cars directly to buyers online in the state. When asked what Tesla’s next step will be, Diarmuid O’Connell, vice president of business development, said it was unclear if the company would file a[...]

Ubuntu Security Notice USN-2387-1

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

Ubuntu Security Notice 2387-1 – The pollinate package bundles the certificate for entropy.ubuntu.com. This update refreshes the certificate to match the one currently used on the server. View Source

BitTorrent Performance Test: Sync Is Faster Than Google Drive, OneDrive, Dropbox

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

An anonymous reader writes Now that its file synchronization tool has received a few updates, BitTorrent is going on the offensive against cloud-based storage services by showing off just how swift BitTorrent Sync can be. More specifically, the company conducted a test that shows Sync destroys Google Drive, Microsoft’s OneDrive, & Dropbox. The company transferred[...]

[web applications] – DotNetNuke DNNspot Store 3.0.0 Arbitary File Upload Exploit

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

View Source

Deutsche Telecom Upgrades T-Mobile 2G Encryption In US

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

An anonymous reader writes T-Mobile, a major wireless carrier in the U.S. & subsidiary of German Deutsche Telecom, is hardening the encryption on its 2G cellular network in the U.S., reports the Washington Post. According to Cisco, 2G cellular calls still account for 13% of calls in the US & 68% of wireless calls worldwide.[...]

[local exploits] – iBackup 10.0.0.32 – Local Privilege Escalation Vulnerability

by w00t
Categories: New Vulnerabilities
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

View Source

The Classic Control Panel In Windows May Be Gone

by w00t
Categories: The News
Tags: No Tags
Comments: No Comments
Published on: October 22, 2014

jones_supa writes In Windows 8, there was an arrangement of two settings applications: the Control Panel for the desktop & the PC Settings app in the Modern UI side. With Windows 10, having the two different applications has started to look even more awkward, which has been voiced loud & clear in the feedback too.[...]

Tags
Online Now
Welcome , today is Saturday, October 25, 2014