Tag: ad-choices

Nvidia plans to turn Ultrabooks into workstations with Grid VCA server

Nvidia CEO Jen-Hsun Huang directs a demo of the Grid Visual Computing Appliance (VCA) during his GTC 2013 keynote. Andrew Cunningham SAN JOSE, CA—One of the announcements embedded in Nvidia CEO Jen-Hsun Huang’s opening keynote for the company’s GPU Technology Conference Tuesday was a brand new server product, something that Nvidia is calling the Grid Visual Computing Appliance, or VCA. The VCA is a buttoned-down, business-focused cousin to the Nvidia Grid cloud gaming server that the company unveiled at CES in January. It’s a 4U rack-mountable box that uses Intel Xeon CPUs and Nvidia’s Grid graphics cards ( née VGX ), and like the Grid gaming server, it takes the GPU in your computer and puts it into a server room. The VCA serves up 64-bit Windows VMs to users, but unlike most traditional VMs, you’ve theoretically got the same amount of graphical processing power at your disposal as you would in a high-end workstation. However, while the two share a lot of underlying technology, both Grid servers have very different use cases and audiences. We met with Nvidia to learn more about just who this server is for and what it’s like to use and administer one. Read 19 remaining paragraphs | Comments

See the original post:
Nvidia plans to turn Ultrabooks into workstations with Grid VCA server

Chameleon botnet steals millions from advertisers with fake mouseclicks

Security researchers have discovered a botnet that is stealing millions of dollars per month from advertisers. The botnet does so by simulating click-throughs on display ads hosted on at least 202 websites. Revealed and dubbed “Chameleon” by the Web analytics firm spider.io because of its ability to fool advertisers’ behavior-tracking algorithms, the botnet is the first found to use display advertisements to generate fraudulent income for its masters. In a blog post today, spider.io reported that the company had been tracking Chameleon since December of 2012. Simulating multiple concurrent browser sessions with websites, each bot is able to interact with Flash and JavaScript based ads. So far, more than 120,000 Windows PCs have been identified—95 percent of them with IP addresses associated with US residential Internet services. The company has issued a blacklist of the 5,000 worst-offending IP addresses for advertisers to use to protect themselves from fraud. While in many respects the botnet simulates human activity on webpages to fool countermeasures to clickfraud, it generates random mouse clicks and mouse pointer traces across pages. This makes it relatively easy for bot-infected systems to be identified over time. The bot is also unstable because of the heavy load it puts on the infected machine, and its frequent crashes can also be used as a signature to identify infected systems. Read 1 remaining paragraphs | Comments

See the original post:
Chameleon botnet steals millions from advertisers with fake mouseclicks

Cisco switches to weaker hashing scheme, passwords cracked wide open

Password cracking experts have reversed a secret cryptographic formula recently added to Cisco devices. Ironically, the encryption type 4 algorithm leaves users considerably more susceptible to password cracking than an older alternative, even though the new routine was intended to enhance protections already in place. It turns out that Cisco’s new method for converting passwords into one-way hashes uses a single iteration of the SHA256 function with no cryptographic salt. The revelation came as a shock to many security experts because the technique requires little time and computing resources. As a result, relatively inexpensive computers used by crackers can try a dizzying number of guesses when attempting to guess the corresponding plain-text password. For instance, a system outfitted with two AMD Radeon 6990 graphics cards that run a soon-to-be-released version of the Hashcat password cracking program can cycle through more than 2.8 billion candidate passwords each second. By contrast, the type 5 algorithm the new scheme was intended to replace used 1,000 iterations of the MD5 hash function. The large number of repetitions forces cracking programs to work more slowly and makes the process more costly to attackers. Even more important, the older function added randomly generated cryptographic “salt” to each password, preventing crackers from tackling large numbers of hashes at once. Read 7 remaining paragraphs | Comments

Continue reading here:
Cisco switches to weaker hashing scheme, passwords cracked wide open

Most PC security problems come from unpatched third-party Windows apps

If you’ve got 99 security problems, odds are Microsoft’s not one—or at least it’s just a minority of them. In its annual review of software vulnerabilities , security software firm Secunia found that 86 percent of vulnerabilities discovered on systems scanned by its software in the 50 most popular Windows software packages in 2012 were attributable to third-party developers and not to Microsoft’s Windows operating system or applications. And for most of these vulnerabilities, a patch was already available at the time they were discovered. Of the top 50 most used Windows packages—including the Windows 7 operating system itself, 18 were found to have end-point security vulnerabilities, a 98 percent increase over five years ago. Of those 18 packages, Google’s Chrome and the Mozilla Firefox browser were the biggest culprits, with 291 and 257 detected vulnerabilities respectively. Apple iTunes came in third, with 243 detected vulnerabilities. The remainder of the top ten offenders were: Adobe Flash Player: 67 Oracle Java JRE SE: 66 Adobe AIR: 56 Microsoft Windows 7: 50 Adobe Reader: 43 Microsoft Internet Explorer: 41 Apple Quicktime: 29 Of the vulnerabilities documented in Secunia’s database, 84 percent had already been patched by vendors when they were discovered on systems. “This means that it is possible to remediate the majority of vulnerabilities,” said Secunia Director of Product Management Morten R. Stengaard. “There is no excuse for not patching.” Read on Ars Technica | Comments

View original post here:
Most PC security problems come from unpatched third-party Windows apps

Stabilizing the electric grid by keeping generators in sync

Library of Congress When the lights go out, it affects everyone. It’s not only the inconvenience of having the TV shut off unexpectedly—a lot of heavy equipment really dislikes having the power disappear suddenly. For the most part, the power grid is very stable. But sometimes random events and seemingly small operator errors can cascade to create massive power outages. Underlying the stability of a power grid is the need to keep multiple generators operating in a synchronized manner. New research shows (in an annoyingly abstract way) that good network design can take advantage of the tendency for generators to self-synchronize. Counting the beat Depending on where you happen to be in the world, your power outlet supplies alternating current at either 50 or 60 Hz. The precise value doesn’t really matter as long as it stays within a narrow limit. Essentially, this means that the generator supplying the power needs to rotate at a rate producing this frequency. Read 14 remaining paragraphs | Comments

Follow this link:
Stabilizing the electric grid by keeping generators in sync

Brazilian docs fool biometric scanners with bag full of fake fingers

Six silicone fingers, all in a row. BBC The BBC is one of several outlets carrying the bizarre story of a Brazilian doctor arrested for allegedly defrauding her employer, a hospital in the town of Ferraz de Vasconcelos, near São Paulo. At the time of her arrest, she was equipped with a total of sixteen fingers—ten of which God gave her, and six of which were crafted of silicone and given to her by coworkers. At least three of the extra fingers bore the prints of fellow doctors at the hospital. The doctor, Thaune Nunes Ferreira, 29, claims through her attorney that she was forced to use the silicone fingers to clock in to the hospital’s time card system in order to cover for absentee colleagues. “She says she was innocent because it is a condition they imposed on her to keep her job,” the attorney notes. According to the Bangkok Post and several other sources, Brazil’s Globo TV International network obtained and played footage of Ferreira clocking in to the hospital with her own permanently attached digits, then touching the same fingerprint scanner with two of the silicone fakes. The scanner produced paper time card receipts for her and the two employees to whom the silicone fingers’ prints belonged. In this way, notes the Post, “it looked like there were three doctors on duty when there was just one.” Read 2 remaining paragraphs | Comments

Link:
Brazilian docs fool biometric scanners with bag full of fake fingers

ID thieves “dox” Joe Biden, Jay-Z, Michelle Obama, and dozens more

The front page of exposed.su. Identity thieves have posted social security numbers, credit information, and other sensitive data belonging to more than a dozen politicians and celebrities. It’s a list that includes Vice President Joe Biden, FBI Director Robert Mueller, former Secretary of State Hillary Clinton, rapper Jay Z, and actor and director Mel Gibson. The website, exposed.su, surfaced on Monday with birth dates, telephone numbers, home addresses, and in some cases credit reports for a handful of politicians and celebrities. Throughout the past 24 hours the site has published details on additional individuals. Social security numbers for Mueller, Jay-Z, and Gibson appeared to be valid, the Associated Press reported . Los Angeles Police Chief Charlie Beck, whose information was also posted on the site, hasn’t challenged the accuracy, either. Still, other journalists wrote that phone numbers purportedly belonging to former California Governor Arnold Schwarzenegger and actor Ashton Kutcher reportedly went to a movie production company and a New York-based accounting firm respectively. The site included the image of a gaunt young woman with black circles around her eyes and an index finger in front of her lips. It was headed by a quote from the Showtime TV series Dexter , in which the title character says, “If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve.” The site included an embarrassing or humorous photo related to each individual whose information was disclosed. The act of publicly documenting the private details of people is known as “doxxing,” and it came into vogue a few years ago with the growing visibility of the Anonymous hacking collective. Read 2 remaining paragraphs | Comments

Read the original post:
ID thieves “dox” Joe Biden, Jay-Z, Michelle Obama, and dozens more

EA not altering return policy for furious SimCity buyers

Aurich Lawson / Thinkstock Electronic Arts has indicated that it will not be altering its usual digital refund policy in the wake of SimCity server issues that have led to access problems and scaled-back features for players that are able to log in, days after the game’s North American release. “In general we do not offer refunds on digital download games,” EA tweeted through its official Origin account yesterday, directing people to the company’s  online policy on returns and cancellations . While downloadable games purchased in North America are not be refunded “as a general policy,” EA does offer a “14-day unconditional guarantee” on any physical product sold through the Origin store. European customers, however, may be able to withdraw their downloadable purchase during a 14-day “Cooling Off period” as outlined on EA’s European return policy page . The recent tweet comes after a message posted to EA’s forums by Community Manager Raven on Tuesday, stating that “[i]f you regrettably feel that we let you down, you can of course request a refund for your order… though we’re currently still in the process of resolving this issue.” That message has now been revised to simply say “please review our refund policy here .” Read 6 remaining paragraphs | Comments

See the article here:
EA not altering return policy for furious SimCity buyers

Porn trolling mastermind is the world’s most evasive witness

Stefan Schlautmann On Wednesday we wrote about the elaborate chart defense attorney Morgan Pietz created to help Judge Otis Wright keep track of the many organizations associated with porn copyright trolling firm Prenda law, all of which seem to be run by the same half-dozen people. Pietz has now released a transcript of a remarkable deposition he took of Paul Hansmeier, who along with John Steele is widely regarded as the brains behind Prenda’s litigation campaign. Officially, a Prenda-linked shell company called “AF Holdings” is suing Pietz’s client for infringing copyright by downloading a pornographic film from BitTorrent. But in recent weeks, the focus of the litigation has shifted to alleged misconduct by Prenda, including whether the firm stole the identity of Minnesota resident Alan Cooper to use as an officer of AF Holdings. Judge Wright has scheduled a Monday hearing to get to the bottom of the allegations. Last month, we covered a filing by Prenda attorney Brett Gibbs, who insisted that all the important decisions had been made by “senior members of the law firms” connected to Prenda. Gibbs later identified these individuals as Hansmeier and Steele. Read 18 remaining paragraphs | Comments

Continue Reading:
Porn trolling mastermind is the world’s most evasive witness

Bill would force cops to get a warrant before reading your e-mail

Last fall we wrote about how easy it probably was for the FBI to get the e-mails it needed to bring down CIA chief David Petraeus over allegations of infidelity. Under the ancient Electronic Communications Privacy Act, passed in 1986, the police can often obtain the contents of private e-mails without getting a warrant from a judge. A bipartisan group of legislators has introduced a bill to the House of Representatives to change that. The bill would require the police to get warrants before reading users’ e-mails in most circumstances and would also repudiate the view, advanced by the Obama administration last year, that the police can obtain information about the historical location of your cell phone without a warrant. The new legislation , proposed by Rep. Zoe Lofgren (D-CA) and supported by Reps. Ted Poe (R-TX) and Suzan DelBene (D-WA), would extend privacy protections for both e-mail and location privacy. “Fourth Amendment protections don’t stop at the Internet,” Lofgren said in an e-mailed statement. “Establishing a warrant standard for government access to cloud and geolocation provides Americans with the privacy protections they expect, and would enable service providers to foster greater trust with their users and international trading partners.” Read 2 remaining paragraphs | Comments

Read the original:
Bill would force cops to get a warrant before reading your e-mail