Author: kenmay

We’re going to blow up your boiler: Critical bug threatens hospital systems

A picture of a Tridium device running the Niagara AX framework. Tridium More than 21,000 Internet-connected devices sold by Honeywell are vulnerable to a hack that allows attackers to remotely seize control of building heating systems, elevators, and other industrial equipment and in some cases, causes them to malfunction. The hijacking vulnerability in Niagara AX-branded hardware and software sold by Honeywell’s Tridium division was demonstrated at this week’s Kaspersky Security Analyst Summit in San Juan, Puerto Rico. Billy Rios and Terry McCorkle, two security experts with a firm called Cylance , allowed an audience to watch as they executed a custom script that took about 25 seconds to take control of a default configuration of the industrial control software. When they were done they had unfettered control over the device, which is used to centralize control over alarm systems, garage doors, heating ventilation and cooling systems, and other equipment in large buildings. Taking advantage of the flaw would give attackers half a world away the same control on-site engineers have over connected systems. Extortionists, disgruntled or unstable employees, or even terrorists could potentially exploit vulnerabilities that allow them to bring about catastrophic effects, such as causing a large heating system to explode or catch fire or sabotaging large chillers used by hospitals and other facilities. Attackers could also exploit the bug to gain a toehold into networks, which could then be further penetrated using additional vulnerabilities that may be present. Read 12 remaining paragraphs | Comments

View the original here:
We’re going to blow up your boiler: Critical bug threatens hospital systems

Automate Everything In Your Home Using Siri and a Raspberry Pi

We’ve shared quite a few DIY tips for automating your home , but YouTube user Elvis Impersonator takes it a step further with voice control, controlling everything in his house with the help of Siri and a Raspberry Pi. More »

Taken from:
Automate Everything In Your Home Using Siri and a Raspberry Pi

Microsoft and Symantec Just Busted a Major Cyber Crime Ring

It sounds like the plot of a movie: two major software corporations join together to shut down an evil global cyber crime operation and engage in wacky hijinks along the way. While the latter can be neither confirmed nor denied, according to an exclusive report by Reuters , Microsoft and Symantec did shut down servers that had been controlling hundreds of thousands of PCs without their users being any the wiser. More »

Original post:
Microsoft and Symantec Just Busted a Major Cyber Crime Ring

Dropbox announces Sync API for Android and iOS

The lives of devs eager to take advantage of storage in the cloud are about to get a whole lot easier thanks to Dropbox’s new Sync API. The tool streamlines the process of integrating with the service, offloading most of the heavy lifting onto Dropbox itself. Now, that’s not entirely new, since Dropbox has been open to other app makers for sometime. The big sell here are the actual syncing capabilities. Until now, apps have been able to tap into your online well of files, but syncing has always been a dev-implemented process built on top of the existing APIs. The downloading, storing, change tracking and uploading were all the responsibility of the developer. The Sync API does away with the much of the set up work and allows the creation of apps that simply sync across platforms without any hacking or jury-rigging. Apps can simply ask if you want to sync with Dropbox now and the act of creating and maintaining a folder won’t necessitate any further user input (though, it still can if the dev so chooses). The API is available today, and the first program to take advantage of the private in-app Dropbox client, Squarespace Note is awaiting approval before landing in the App Store. For more, check out the blog post at the source. Update : As some of you may have noticed the source link was missing. Sorry for the inconvenience. Filed under: Storage , Internet Comments Source: Dropbox

More:
Dropbox announces Sync API for Android and iOS

KDE 4.10 released with leaner Air theme, more love for mobile devices

There are plenty of Linux desktop environments to choose from , but if KDE has a special place in your heartware, you’ll be pleased to know its first 2013 update is out. Making the jump from 4.9 to 4.10 brings various tweaks to Plasma Workspaces, including upped support for high-res displays, a streamlining of the default Air theme, and plenty of behind the scenes adjustments. All running software can now be controlled through a common menu system, search indexes happen faster, and the new Nepomuk Cleaner will help rid those clogged drives of unnecessary data. In addition, printer management has been improved, and the enhanced Dolphin file manager communicates more freely with mobile devices. A thorough, lovingly crafted changelog is available at the source link below, but if you’re particularly fond of surprises, then head straight for the download. Happy upgrading! Filed under: Desktops , Laptops , Software Comments Via: Phoronix Source: KDE

View the original here:
KDE 4.10 released with leaner Air theme, more love for mobile devices