Tag: ars

Large Hadron Collider restarts after 2 years of maintenance

After being shut down for two years, the Large Hadron Collider (LHC) is back online, CERN announced Sunday. “Today at 10:41am [local time], a proton beam was back in the 27-kilometer ring, followed at 12:27pm by a second beam rotating in the opposite direction,” the European Organization for Nuclear Research reported in a statement . “These beams circulated at their injection energy of 450 GeV. Over the coming days, operators will check all systems before increasing energy of the beams.” Read 8 remaining paragraphs | Comments

See original article:
Large Hadron Collider restarts after 2 years of maintenance

How a $3.85 latte paid for with a fake $100 bill led to counterfeit kingpin’s downfall

Four men were indicted Wednesday on federal charges as part of an international online conspiracy to make and distribute “high-quality” counterfeits of over $1.4 million sold via Tor-enabled Dark Web sites. The new criminal charges expand on a previous case filed back in December 2014 against Ryan Andrew Gustafson , a man who went by the online monikers “Jack Farrel” and “Willy Clock”—he is also named as one of the four defendants. According to court records, Gustafson was previously positively identified via facial recognition against his Texas driver’s license. Prosecutors say the 27-year-old is an American living in Kampala, Uganda, and that he is currently on trial in the East African nation on counterfeiting charges. The United States does not have an extradition treaty nor a Mutual Legal Assistance Treaty (MLAT) with Uganda, so his return home is not a sure thing. Read 23 remaining paragraphs | Comments

More:
How a $3.85 latte paid for with a fake $100 bill led to counterfeit kingpin’s downfall

Man beats child porn rap by proving unintentional downloading

Every day, the popular uTorrent client is used by the masses to legally or illegally download all manner of torrent files. With that comes the risk of computer infections or a lawsuit from a copyright holder. A suburban Illinois man got way more than what he bargained for after the history buff downloaded files on World War II ordnance. What 40-year-old Wocjciech Florczykowski of Schaumburg got in 2011 was an extreme visit from the FBI and ultimately a charge of child-porn possession. “The FBI descended on his home with bomb-sniffing dogs and a diffusing team and the whole shebang,” his attorney, Lawrence Lykowski, told Ars on Friday. Read 10 remaining paragraphs | Comments

See the original article here:
Man beats child porn rap by proving unintentional downloading

TrueCrypt security audit is good news, so why all the glum faces?

The ongoing audit of the TrueCrypt whole-disk encryption tool used by millions of privacy and security enthusiasts has reached an important milestone—a detailed review of its cryptographic underpinnings that found no backdoors or fatal flaws. The 21-page Open Cryptographic review published Thursday uncovered four vulnerabilities, the most serious of which involved the use of a Windows programming interface to generate random numbers used by cryptographic keys. While that’s a flaw that cryptographers say should be fixed, there’s no immediate indication that the bug undermines the core security promise of TrueCrypt. To exploit it and the other bugs, attackers would most likely have to compromise the computer running the crypto program. None of the vulnerabilities appear to allow the leaking of plaintext or secret key material or allow attackers to use malformed inputs to subvert TrueCrypt. The report was produced by researchers from information security consultancy NCC Group . “The TL;DR is that based on this audit, TrueCrypt appears to be a relatively well-designed piece of crypto software,” Matt Green, a Johns Hopkins University professor specializing in cryptography and an audit organizer, wrote in a blog post accompanying Thursday’s report . “The NCC audit found no evidence of deliberate backdoors, or any severe design flaws that will make the software insecure in most instances.” Read 7 remaining paragraphs | Comments

Visit site:
TrueCrypt security audit is good news, so why all the glum faces?

Google Chrome will banish Chinese certificate authority for breach of trust

Google’s Chrome browser will stop trusting all digital certificates issued by the China Internet Network Information Center following a major trust breach last week that led to the issuance of unauthorized credentials for Gmail and several other Google domains . The move could have major consequences for huge numbers of Internet users as Chrome, the world’s most widely used browser, stops recognizing all website certificates issued by CNNIC. To give affected website operators time to obtain new credentials from a different certificate authority, Google will wait an unspecified period of time before implementing the change. Once that grace period ends, Google engineers will blacklist both CNNIC’s root and extended-validation certificates in Chrome and all other Google software. The unauthorized certificates were issued by Egypt-based MCS Holdings , an intermediate certificate authority that operated under the authority of CNNIC. MCS used the certificates in a man-in-the-middle proxy, a device that intercepts secure connections by masquerading as the intended destination. Such devices are sometimes used by companies to monitor employees’ encrypted traffic for legal or human resources reasons. Read 2 remaining paragraphs | Comments

Visit link:
Google Chrome will banish Chinese certificate authority for breach of trust

Google kills 200 ad-injecting Chrome extensions, says many are malware

Google is cracking down on ad-injecting extensions for its Chrome browser after finding that almost 200 of them exposed millions of users to deceptive practices or malicious software. More than a third of Chrome extensions that inject ads were recently classified as malware in a study Google researchers carried out with colleagues from the University of California at Berkeley. The Researchers uncovered 192 deceptive Chrome extensions that affected 14 million users. Google officials have since killed those extensions and incorporated new techniques to catch any new or updated extensions that carry out similar abuses. The study also found widespread use of ad injectors for multiple browsers on both Windows and OS X computers. More than five percent of people visiting Google sites have at least one ad injector installed Within that group, half have at least two injectors installed, and nearly one-third have at least four installed. Google officials don’t bar such ad injectors outright, but they do place restrictions on them. Terms of service for Chrome extensions , for instance, require that the ad-injecting behavior be clearly disclosed. Customers of DoubleClick and other Google-operated ads services must also comply with policies barring unwanted software . Read 2 remaining paragraphs | Comments

Read More:
Google kills 200 ad-injecting Chrome extensions, says many are malware

Uber driver arrested for trying to burglarize passenger’s house

An Uber driver was arrested Tuesday on suspicion of attempting to break in to the residence of a woman he had just brought to the Denver International Airport. Gerald Montgomery The 51-year-old driver, Gerald Montgomery, allegedly used what the police described as “burglary tools” to try to open the back door of the Colorado woman’s house. The victim’s roommate was home and confronted Montgomery, the Denver Police Department said. Uber said it has “deactivated” Montgomery’s “access to the platform, pending a full investigation.” Read 5 remaining paragraphs | Comments

View article:
Uber driver arrested for trying to burglarize passenger’s house

New Firefox version says “might as well” to encrypting all Web traffic

Developers of the Firefox browser have moved one step closer to an Internet that encrypts all the world’s traffic with a new feature that can cryptographically protect connections even when servers don’t support the HTTPS protocol. Opportunistic encryption, as the feature is known, acts as a bridge between plaintext HTTP connections and fully compliant HTTPS connections based on transport layer security or its predecessor, protocol secure sockets layer. These traditional Web-based encryption measures require site operators to obtain a digital credential issued by a browser-recognized certificate authority and to implement TLS protection through OpenSSL or a similar code library. Even then, many sites are unable to fully encrypt their pages because they embed ads and other third-party content that’s still transmitted in plaintext. As a result, large numbers of sites (including this one) continue to publish some or all of their content in HTTP, which can be readily manipulated by people with the ability to monitor the connection. OE, as opportunistic encryption is often abbreviated, was turned on by default in Firefox 37, which was released this week. The move comes 17 months after an Internet Engineering Task Force working group proposed OE become an official part of the HTTP 2.0 specification . The move garnered critics and supporters alike, with the former arguing it may delay some sites from using the more secure HTTPS protections and the latter saying, in effect, some protection is better than none. The chief shortcoming of OE is its lack of authentication for cryptographically validating that a connected server is operated by the organization claiming ownership. Read 2 remaining paragraphs | Comments

View article:
New Firefox version says “might as well” to encrypting all Web traffic

California governor mandates 25 percent water use reduction

Today, California Governor Jerry Brown issued an executive order that is intended to spur water savings. The order comes as the state enters another year of extreme drought caused by lack of winter rain and snowfall. The state receives almost all of its precipitation in the winter and relies on that to fill reservoirs and deposit snow in the Sierra Nevada mountains. But this year, there was no precipitation for the entire month of January, leaving snowpack at many locations well below average —and completely absent in many areas. The new order focuses on conservation, with mandatory water reductions in cities and towns that will cut use by 25 percent. Many of the additional steps are obvious and probably should have been done before a crisis hit: remove 50 million square feet of lawns, have places like school campuses, golf courses, and cemeteries limit water use, and ban any installation of new irrigation systems that don’t use efficient drip irrigation. Standards for toilet and faucet water use will also be updated. Read 1 remaining paragraphs | Comments

Original post:
California governor mandates 25 percent water use reduction

10% of Americans have a smartphone but no other Internet at home

One out of 10 Americans owns a smartphone but has no other Internet service at home, with the poor far more likely to find themselves in this situation than those who are well off, according to a  Pew Research Center report released today . “10 percent of Americans own a smartphone but do not have broadband at home, and 15 percent own a smartphone but say that they have a limited number of options for going online other than their cell phone,” Pew Senior Researcher Aaron Smith wrote. “Those with relatively low income and educational attainment levels, younger adults, and non-whites are especially likely to be ‘smartphone-dependent.’” Pew said that 7 percent of Americans are in both categories—a smartphone is their only option for using the Internet at home, and they have few easily available options for going online when away from home. Pew refers to these Americans as “smartphone-dependent.” Read 9 remaining paragraphs | Comments

Continue Reading:
10% of Americans have a smartphone but no other Internet at home