The FBI can’t get into a pimp’s Android phone—so it wants Google to hand over the keys.

In addition to accessing the phone, agents also want Google to turn over e-mail searches, Web searches, GPS tracking data, websites visited, and text messages. A federal judge has agreed. Hopefully, digital devices can make life hard out there for a pimp—but the case also reminds us just how much data smartphones generate on even innocuous users.

Read the comments on this post

Link:
FBI, stumped by pimp’s Android pattern lock, serves warrant on Google

White House CIO Brook Colangelo has revealed some harrowing details about his first days on the job. Entering the White House along with Barack Obama on Jan. 20, 2009, Colangelo “delivered the first presidential BlackBerry” and mobile devices to other top administration officials. Yet the White House’s technology was in such poor shape that for the first 40 days, e-mail was down 23 percent of the time.

On January 26, “Our e-mail servers went down for 21 hours,” Colangelo told attendees of the Computerworld Premier 100 IT Leaders Conference in Arizona this week. “In my professional career, there has not been a worst day since or ever.”

Three or four more outages followed in those first 40 days. The White House proceeded to replace its e-mail systems and storage area networks, and started staffing its data center 24 hours a day. Uptime improved, but there was still a nine-hour outage in February 2011, taking down e-mail and Internet access, according to Computerworld. Colangelo resorted to faxing updates to Obama while he was on the road.

The 2011 outage spurred the White House to finally open a second data center for disaster recovery. Other modernization efforts included replacing desktops, which were still using floppy disk drives at the time Colangelo came on board. About 82 percent of the White House’s technology had reached end of life when Obama’s administration began.

The need for IT modernization in a government agency is nothing new, but the extent of the White House’s problems is surprising. Computerworld has the full story.

Read the comments on this post

Originally posted here:
White House e-mail was down 23% of the time in Obama’s first 40 days

Gaygirlie writes “An article over at Gizmag says: ‘It’s a meme that’s been doing the rounds on the internet in recent years: multi-word pass-phrases are as secure as long strings of gibberish but with the added benefit of being easy to remember. But research from Cambridge University suggests that this may not be the case. Pass-phrases comprised of dictionary words may not be as vulnerable as individual passwords, but they may still succumb to dictionary attacks, the research finds.’ I find this to be twisting of words and general consensus; of course any password whatsoever is going to be insecure against offline attack, and using common, popular words is going to make guessing the password much easier. But is this really an issue in a world where most attacks are done online? Should general populace still be coaxed into using randomly generated passwords?”

Read more of this story at Slashdot.

Read the article:
Multiword Passwords Secure Or Not?

Snail turned into living battery, should have taken the blue pill originally appeared on Engadget on Wed, 14 Mar 2012 11:14:00 EDT. Please see our terms for use of feeds.

Permalink Digg | JACS | Email this | Comments

Originally posted here:
Snail turned into living battery, should have taken the blue pill

An anonymous reader writes “Hot on the trail of a stolen iPad using the ‘Find my iPad’ feature in iOS, Police in San Jose tracked the stolen device back to an apartment complex where they then stumbled onto 750 pounds of meth. All told, the meth is worth about $35 million on the street. The seizure was one of the largest drug busts in recent memory.”

Read more of this story at Slashdot.

Link:
Looking For iPad, Police Find 750 Pounds of Meth

After last week’s pwn2own and pwnium contests, browser security is, once more, a hot topic. The existence of flaws in browsers is nowadays taken for granted: what security researchers are most interested in is the mitigation techniques browsers use to try to render those flaws harmless. Microsoft published a recent blog post discussing some of the new mitigation techniques that will be used in Internet Explorer 10.

The post first addresses existing anti-exploitation measures already used by Internet Explorer. These are a mix of compile-time techniques—Microsoft’s compiler injects code to detect some buffer overflows, for example—and runtime techniques—such as the “Data Execution Prevention” that makes it harder to exploit buffer overflows.

Read the comments on this post

More:
New Internet Explorer 10 memory protection features not just for Internet Explorer

The 244-year-old Encyclopedia Britannica will be going out of print this year, abdicating to the likes of Google and Wikipedia. Most adults will remember looking up information in the IRL knowledge-base’s volumes, but the iconic encyclopedia only represents 1 percent of the company’s total sales today. Britannica traditionally published a new set of tomes every 2 years, but the company decided that the 2010 version (which costs $1,400) will be the final edition. Britannica will sell its remaining 4,000 copies of the encyclopedia, and then end its run.

The company will still sell its online version at a subscription price of $70 per year (there’s also an app version that will put you out $2 per month) but even that only accounts for 15 percent of Britannica’s revenue. The other 85 percent comes from the company’s sales of educational products like its online learning tools. Britannica says it may start offering more free information to muster subscribers.

The books were originally printed in Scotland in 1768. Since then, 7 million bound sets have been sold. The company’s president, Jorge Cauz, said the company will throw a party for itself on Wednesday to celebrate the changes with a “cake in the shape of a print set,” according to CNN Money.

Personally, as a kid, I loved Encyclopedia Britannica. My dad’s 1960’s edition had my favorite entry, the one for “Frog” showing the different layers of a dissected frog on transparent layers. Feel free to share your favorite entry (if you have one, naturally) below.

Read the comments on this post

See the original post:
Encyclopædia Britannica’s 2010 edition to be its last

Windows/Mac/Linux: The latest version of Firefox is available for download, and with it comes the ability to synchronize your extensions across desktops and operating systems with add-on sync (after an eternity of waiting). Firefox 11 is in line with Mozilla’s new Chrome-like rapid-release schedule, and aside from a few new developer tools, add-on sync is the only major new feature available in the new version. More »

Read the original post:
Firefox 11 (Finally) Adds Add-On Sync, Solves Add-On Compatibility Issues [Firefox]

If you’re one of those people who tend to lose their phone shortly after putting it down, then you’ll want to read this. According to a new study, if you lose your smartphone, you have a 50/50 chance of getting it back. But chances are much higher — nearly 100 percent — that whoever retrieves it will try to access your private information and apps.

According to a study by Symantec, 96 percent of people who picked up the lost phones tried to access personal or business data on the device. In 45 percent of cases, people tried to access the corporate email client on the device.

“This finding demonstrates the high risks posed by an unmanaged, lost smartphone to sensitive corporate information,” according to the report. “It demonstrates the need for proper security policies and device/data management.”

Symantec called the study the “Honey Stick Project.” In this case the honey on a stick consisted of 50 smartphones that were intentionally left in New York, Los Angeles, Washington, D.C., San Francisco and Ottowa, Canada. The phones were deposited in spots that were easy to see, and where it would be plausible for someone to forget them, including food courts and public restrooms.

None of the phones had security features, like passwords, to block access. Each was loaded with dummy apps and files that contained no real information, but which had names like “Social Networking” and “Corporate Email” that made it easy for the person who found it to understand what each app did. Each phone also was loaded with programs to track what finders did with the devices, and to send that information to the researchers.

Among people who found the phones, 72 percent tried to access photos, 57 percent tried to open a file called “Saved Passwords,” and 43 percent tried to open an app called “Online Banking.” Most of the apps on the phones were protected by passwords, but the username and password fields were already filled out, so that users could simply press a button to access them. Well over half of the people who discovered the phones, 66 percent, clicked those buttons to try and start the programs. The fact that the finders had to click a button to access the apps indicates that their attempts were likely intentional.

“This might be considered to be an unethical access attempt,” according to the study. Also disturbing, only half the people who found the phones ever tried to contact the rightful owner, even though the owner’s phone number and email address were prominently listed in the phones’ contact lists. “This finding highlights the fact that in many cases, regaining possession of lost device may be a losing battle,” according to the study.

If this sends shivers down your spine, here are some tips for how to protect yourself:

–Always protect your phone with a password or a “draw to unlock” pattern.

–Use security software designed specifically for smartphones to lock up programs on your phone. Some of these programs can be used to help locate the phone, or to wipe its memory from remote locations.

–Don’t lose your cell phone. This falls under the category of “Well, duh.” Nobody loses a smartphone on purpose, obviously. But try to make sure you keep it in you pocket or purse when not in use.

–Companies that issue phones to their employees should make sure to train workers on security, and should secure every phone with passwords.

This article originally appeared on Credit.com.

Excerpt from:
The Scary Consequences of A Lost Smartphone

Microsoft has plugged a critical hole in all supported versions of Windows that allows attackers to hit high-value computers with self-replicating attacks that install malicious code with no user interaction required.

The vulnerability in the Remote Desktop Protocol is of particular concern to system administrators in government and corporate settings because they often use the feature to remotely trouble-shoot e-mail servers, point-of-sale terminals and other machines when they experience problems. RDP is also the default way to manage Windows machines that connect to Amazon’s EC2 and other cloud services. That means potentially millions of endpoints are at risk of being hit by a powerful computer worm that spreads exponentially, similarly to the way exploits known as Nimda and Code Red did in 2001.

Read the comments on this post

View original post here:
Critical Windows bug could make worm meat of millions of high-value machines