Flame

• Microsoft contains Flame with Windows Update revamp
• Crypto breakthrough shows Flame was designed by world-class scientists
• Flame’s “god mode cheat code” wielded to hijack Windows 7, Server 2008 (Updated)
• Flame malware wielded rare “collision” crypto attack against Microsoft
• Flame malware hijacks Windows Update to spread from PC to PC

The Flame espionage malware that infected Iranian computers has initiated a self-destruct command that removes all traces of itself on infected machines that receive the instruction, researchers said.

The 20-megabyte piece of malware already had a self-destruct module known as SUICIDE that removed all files and folders associated with Flame, but the purging command observed by Symantec researchers instead relied on a file called browse23.ocx that did much the same thing. The removal tool, which researchers from Kaspersky Lab briefly documented last month, was downloaded from a command and control server still under the control of Flame attackers to several machines in a honeypot. White hats monitored the activities of the sophisticated malware, which is also known as Flamer and sKyWIper.

“This command was designed to completely remove Flamer,” Symantec researchers wrote in a blog post. “The Flamer attackers were still in control of at least a few C&C servers, which allowed them to communicate with a specific set of compromised computers.”

Read more | Comments

See more here:
Flame espionage malware issues self-destruct command

60GHz WiFi technology will stream media at ultra-high speed across short distances

Wilocity

The next year and a half will see big advancements in WiFi technology, with much faster routers to replace the ones you use today, and a new class of devices to support an incredible 7Gbps speed and clear a lot of the cable clutter out of your house.

The advancements will come in the form of two new technologies—802.11ac for whole-home routers using the 5GHz band, and 802.11ad for short-distance, high-speed transfers over the 60GHz band—that are at different stages of development, with the latter being on a slower track. The WiFi Alliance expects to certify 802.11ac products in early 2013, but the timeline for 802.11ad is a lot more iffy. The soonest 802.11ad products would be certified is late 2013, and even then the first certifications may not include routers or modems, WiFi Alliance Marketing Director Kelly Davis-Felner told Ars.

Many of the use cases for 7Gbps connections over the 60GHz band will be point-to-point, like streaming video from a handheld device to a TV or transferring tons of data without a cable. The ultimate goal is to have 60GHz connections co-exist alongside 2.4GHz and 5GHz ones in tri-band routers, but it’s looking like the first 60GHz products won’t include access points.

Read more | Comments

More here:
7Gbps wireless transfers and streaming, no router required

In early 2011, former U.S. Chief Information Officer Vivek Kundra and team helped institute a “Cloud First” policy, which aimed to speed up the government’s internal adoption of cloud computing and services. Since then, many government agencies have begun moving their collaboration and productivity applications to the cloud. Today, the Federal Aviation Administration (FAA) became the latest to transition, awarding Computer Sciences Corp a contract worth as much as $91 million to implement its cloud productivity solution based on Microsoft Office 360, which includes messaging, calendaring, IMs and webconferencing.

According to Microsoft’s statement, 60,000 FAA employees and 20,000 employees at the Department of Transportation will be migrating to Office 360. The contract, which is for one year service with an option for an additional six years, is somewhat of a big, symbolic win for Microsoft in its ongoing efforts to win control of the government cloud market.

But Microsoft has to ward off plenty of competition in enterprise cloud services, namely Google, which won a big government contract with the Department of The Interior last month to implement its cloud services.

Microsoft and Google have been locked in an ongoing struggle that goes back several years. Google filed a lawsuit in 2010 as part of a solicitation of the Department of the Interior’s business, which required that vendors be compliant with Microsoft’s online suite.

Google claimed that the requirement was an unfair competitive advantage, and a back-and-forth began between the two companies over whether or not Google was authorized to sell to the government or not. The war over FISMA compliance came to a close last month, when Google was finally awarded the contract.

As Sharon Fisher of CMS Wire pointed out last year, it’s no wonder that Google and Microsoft are ready to do battle over this market. The U.S. government is a potential goldmine for IT vendors, “with a total IT budget of some $78.5 billion” — and that was just for 2011.

The adoption of Google Apps at the enterprise level has been increasing fast, and with Apple and others eating into the revenues it sees for software licensing, it clearly wants to make a big push to make up the difference in cloud services.

The FAA’s decision to opt for Office 360 (though implemented by CSC) is a big win, but clearly this back-and-forth is just getting started, and they’re not the only two players eying the market. Not to over-dramatize or anything.

The FAA follows the U.S. Department of Agriculture and the Broadcasting Board of Governors, and the governments of California, Nebraska and Minnesota in moving to the cloud.

For more, see Microsoft’s announcement here.

View post:
FAA Chooses Office 360: Microsoft One-Ups Google In Battle For Government Cloud Market

If you don’t want to cough up for a dedicated tethering plan, there are some illicit ways to share your phone’s data connection with other devices. Of course, most of them require you to root your handset, which might not be something you’re interested in doing. Another option is to buy a wireless router from Zoom (specifically the 4501 or 4506), install ZoomTether and plug your phone into the back. Rather than turn your smartphone into a hotspot itself, Zoom’s standalone routers do the heavy WiFi lifting, which means you get the full 330 yards you’ve come expect from an 802.11n radio and, perhaps, a little longer battery life from your mobile. The ZoomTether-compatible routers even have batteries so that you can use them as truly portable hotspots. This little gem isn’t available in Google Play just yet. You’ll have to side load it by first updating your router’s firmware, then transferring the app from the router to your phone. The fun and convoluted directions are available at the source. Just remember, if your carrier catches on and hits you with a hefty bill, don’t blame us.

ZoomTether shares your phone’s connection, tethering plan optional originally appeared on Engadget on Fri, 08 Jun 2012 02:51:00 EDT. Please see our terms for use of feeds.

Permalink | Zoom Telephonics 1, 2 | Email this | Comments

More:
ZoomTether shares your phone’s connection, tethering plan optional

DillyTonto writes “Want to know how strong your password is? Count the number of characters and the type and calculate it yourself. Steve Gibson’s Interactive Brute Force Password Search Space Calculator shows how dramatically the time-to-crack lengthens with every additional character in your password, especially if one of them is a symbol rather than a letter or number. Worst-case scenario with almost unlimited computing power for brute-forcing the decrypt: 6 alphanumeric characters takes 0.0000224 seconds to crack, 10 alpha/nums with a symbol takes 2.83 weeks.”

Read more of this story at Slashdot.

View article:
How Many Seconds Would It Take To Crack Your Password?

If you’re a mobile / tablet gaming enthusiast, you may get tired of swiping your fingers across the Retina display or using the on-screen controls. Snakebyte is looking to lend a hand with its upcoming game controller for Android slates and the iPad, so we went hands-on here at E3. The accessory plays nice with tablet PCs running Gingerbread or Ice Cream Sandwich and Apple’s portable device outfitted with any iCade-compatible apps. Dressed in a soft-touch coating, the peripheral feels great in the hand and the base is much like a PS3 controller. The unit connects via Bluetooth and pairing it with your mobile gaming device of choice is a breeze. When performing said set-up, you can select from five different modes to suit your needs including gamepad / controller, keyboard and mouse, solo keyboard, solo mouse and iCade mode (iOS-only). You’ll always know which setting you’ve chosen thanks to an LED indicator on the front side of the kit. Touting eight hours of battery life, the gaming accessory charges via USB and will include a simple stand for your slate. Interested? You’ll be able to snag one for $40 at the end of July. For now, though, take a peek at the gallery below for a closer look.

Snakebyte tablet gaming controller for Android and iOS hands-on originally appeared on Engadget on Thu, 07 Jun 2012 13:00:00 EDT. Please see our terms for use of feeds.

Permalink | | Email this | Comments

Follow this link:
Snakebyte tablet gaming controller for Android and iOS hands-on

lightbox32 writes with the news as carried by MSNBC that “Best Buy’s chairman and founder Richard Schulze has announced his resignation from the board of directors Thursday a year ahead of the planned transition at the helm of the struggling retailer. The resignation of Dunn and Schulze come after Best Buy reported a quarterly loss of $1.7 billion after same-store sales dropped 5 percent.” This sounds like a bad omen for people who get their electronic fix there. For all its imperfections and limited range, when I’m looking for computer stuff new, at retail, and in person — meaning it’s not at the Goodwill and I need it right now — I’m usually glad to be near a Fry’s location. What brick-and-mortar stores make sense where you live?

Read more of this story at Slashdot.

View original post here:
Best Buy Chairman and Founder Resigns Ahead of Schedule

As reported here recently, millions of LinkedIn password hashes have been leaked online. An anonymous reader writes “Now, Poul-Henning Kamp a developer known for work on various projects and the author of the md5crypt password scrambler asks everybody to migrate to a stronger password scrambler without undue delay. From the blog post: ‘New research has shown that it can be run at a rate close to 1 million checks per second on COTS GPU hardware, which means that it is as prone to brute-force attacks as the DES based UNIX crypt was back in 1995: Any 8 character password can be found in a couple of days. The default algorithm for storing password hashes in /etc/shadow is MD5. RHEL / CentOS / FreeBSD user can migrate to SHA-512 hashing algorithms.'” Reader Curseyoukhan was was one of several to also point out that dating site eHarmony got the same treatment as LinkedIn.

Read more of this story at Slashdot.

Read this article:
MD5crypt Password Scrambler Is No Longer Considered Safe

As you’ve no doubt heard, a large tranche of hashed LinkedIn passwords has been leaked onto the net. There’s no known way to turn the hash of a password back into the password itself, but you can make guesses about passwords, hash the guesses, and see if the hashed guess matches anything in the leaked database. Bunnie Huang has been making some educated guesses about the passwords, and he’s reported on his findings.

I thought it’d be fun to try to guess some passwords just based on intuition alone, using LeakedIn to check the guesses. Here’s some of the more entertaining passwords that are in the database: ‘obama2012′, ‘Obama2012′, ‘paladin’, ‘linkedinsucks’, ‘fuckyou’, ‘godsaveus’, ‘ihatemyjob’, ‘ihatejews’ (tsk tsk), ‘manson’, ‘starbucks’, ‘qwer1234′, ‘qwerty’, ‘aoeusnth’ (hello fellow dvorak user!), ‘bigtits’ (really?), ‘colbert’, ‘c0lbert’, ‘bieber’, ‘ilovejustin’, ’50cent’, ‘john316′, ‘john3:16′, ‘John3:16′, ’1cor13′, ‘psalm23′, ‘exodus20′, ‘isiah40′, ‘Matthew6:33′, ‘hebrews11′ (bible verses are quite popular passwords!).

Interestingly, there is no ‘romney2012′ or any variant thereof.

Leaked In

View article:
Preliminary analysis of LinkedIn user passwords

Following in the footsteps of USB flash drives that have shrunk to meer slivers of plastic, Eikon’s new Mini biometric fingerprint reader is barely noticeable as it hangs off your laptop. And the convenience of not having to remember passwords will cost you just $10. More »

View post:
World’s Smallest Fingerprint Reader Borders on Adorable [Security]