Tag: california

In wake of Liberty Reserve bust, Mt. Gox will require user verification

On Thursday, the world’s largest Bitcoin exchange, Mt. Gox, announced that it would require all users to “be verified in order to perform any currency deposits and withdrawals. Bitcoin deposits do not need verification, and at this time we are not requiring verification for Bitcoin withdrawals.” The company did not provide any explanation about why it was imposing this new requirement, but it did say that it would be able to process most verifications within 48 hours. The move comes two days after federal prosecutors went after Liberty Reserve , another online currency that had notoriously poor verification. (In court documents, a federal investigator in that case included an address of “123 Fake Main Street, Completely Made Up City, New York” to create an account that was accepted.) It also comes two weeks after the Department of Homeland Security started investigating Mt. Gox over the possible crime of money transmitting without a license. Read 1 remaining paragraphs | Comments

See the original post:
In wake of Liberty Reserve bust, Mt. Gox will require user verification

Unprecedented e-mail privacy bill sent to Texas governor’s desk

Gov. Rick Perry is expected to sign the e-mail privacy bill, which passed both houses of the state legislature without a single “nay” vote. Gov. Rick Perry Assuming that Texas Governor Rick Perry does not veto it, the Lone Star State appears set to enact the nation’s strongest e-mail privacy bill , requiring state law enforcement agencies to get a warrant for all e-mails, regardless of the age of the e-mail. On Tuesday, the Texas bill ( HB 2268 ) was sent to Gov. Perry’s desk, where he has until June 16, 2013 to sign it or veto it—if he does neither, it will pass automatically, taking effect on September 1, 2013. The bill would give Texans more privacy over their inbox to shield against state-level snooping, but the bill would not protect against federal investigations . The bill passed both houses of the state legislature earlier this year without a single “nay” vote. This new bill, if signed, will make Texas law more privacy-conscious than the much-maligned (but frustratingly still in effect) 1986-era Electronic Communications Privacy Act (ECPA), where federal law enforcement agencies are only required to get a warrant to access recent e-mails before they are opened by the recipient. Read 9 remaining paragraphs | Comments

Read More:
Unprecedented e-mail privacy bill sent to Texas governor’s desk

Tim Cook confirms: Apple spending $100 million to build new Macs in Texas

Apple is looking to bring even more Mac production back to the states. Andrew Cunningham Last week, we learned that Apple was looking to devote about $100 million to bring the manufacturing of one of its Mac product lines back to the United States. At yesterday’s Senate hearings on the company’s untaxed overseas pile of cash, Apple CEO Tim Cook confirmed that the new Mac would be manufactured in Texas. The computer will also “include components made in Illinois and Florida and rely on equipment produced in Kentucky and Michigan.” Moving away from solid facts and into informed speculation, AllThingsD  notes that longtime Apple manufacturing partner Foxconn has facilities in Texas that may be used to build the new Mac. Apple is also building a campus in Austin, Texas, indicating that the company may continue to expand in the state. The new Mac is likely to be an updated version of one of Apple’s existing product lines—a new MacBook Air refresh looks possible for the company’s Worldwide Developer Conference next month—but we don’t know which just yet. If Apple were to move production of any of its product lines back into the country’s borders, it makes sense to start with Macs—they still sell well, but compared to the iPhone and iPad they make up a relatively small portion of Apple’s sales, and Apple has less to lose if there are hiccups. The company has been testing the waters with domestic production since at least the launch of the 2012 iMac. Some of these computers (including our 21.5-inch review unit  but  not our  27-inch review unit ) are (or were) already being made domestically, most likely nearer to Apple’s California headquarters . Read on Ars Technica | Comments

Visit link:
Tim Cook confirms: Apple spending $100 million to build new Macs in Texas

Microsoft talks about Xbox One’s internals, while disclosing nothing

Here’s the money shot: the back of the console has a power connector, HDMI in and out (for the purposes of hooking your cable box up to the console), optical audio out, two USB ports, the Kinect port, an IR Out port, and an Ethernet jack. Kyle Orland The Xbox One is full of technology and after its big reveal, Microsoft talked a little about what’s going into the console, giving some tidbits of info about what makes it tick. Hardware Microsoft says that the Xbox One has five custom-designed pieces of silicon spread between the console and its Kinect sensor. It didn’t elaborate on what these are. There’s a system-on-chip combining the CPU and GPU, which we presume to be a single piece of silicon, and there’s at least one sensor chip in the Kinect, perhaps replacing the PrimeSense processor used in the Xbox 360 Kinect, but what the others might be isn’t immediately clear. Possibilities include audio processors, on-chip memory, and USB controllers. One of the key questions about the AMD-built, 64-bit, 8-core SoC is “how fast is it?” At the moment, that’s unknown. Microsoft claims that the new console has “eight times” the graphics power of the old one, though some aspects of the new system are even more improved; for example, it has 16 times the amount of RAM. Read 13 remaining paragraphs | Comments

Continued here:
Microsoft talks about Xbox One’s internals, while disclosing nothing

Mac malware signed with Apple ID infects activist’s laptop

F-Secure Stealthy Mac OS X spyware that was digitally signed with a valid Apple Developer ID has been detected on the laptop of an Angolan activist attending a human rights conference, researchers said. The backdoor, which is programmed to take screenshots and send them to remote servers under the control of the attackers, was spread using a spear phishing e-mail , according to privacy activist Jacob Appelbaum. Spear phishing is a term for highly targeted e-mails that address the receiver by name and usually appear to come from someone the receiver knows. The e-mails typically discuss topics the two people have talked about before. According to AV provider F-Secure, the malware was discovered during a workshop showing freedom of speech activists how to secure their devices against government monitoring. The malware was signed with a valid Apple Developer ID  allowing it to more easily bypass the Gatekeeper feature Apple introduced in the Mountain Lion version of OS X. If it’s not the first time Mac malware has carried such a digital assurance, it’s certainly among the first. Both F-Secure and Appelbaum said the backdoor, identified as OSX/KitM.A, is new and previously unknown. For its part, AV provider Intego said the malware is a variant of a previously seen trojan known as OSX/FileSteal. Intego continued: Read 3 remaining paragraphs | Comments

See more here:
Mac malware signed with Apple ID infects activist’s laptop

Critical Linux vulnerability imperils users, even after “silent” fix

Wikipedia For more than two years, the Linux operating system has contained a high-severity vulnerability that gives untrusted users with restricted accounts nearly unfettered “root” access over machines, including servers running in shared Web hosting facilities and other sensitive environments. Surprisingly, most users remain wide open even now, more than a month after maintainers of the open-source OS quietly released an update that patched the gaping hole. The severity of the bug, which resides in the Linux kernel’s “perf,” or performance counters subsystem, didn’t become clear until Tuesday, when attack code exploiting the vulnerability became publicly available (note: some content on this site is not considered appropriate in many work environments). The new script can be used to take control of servers operated by many shared Web hosting providers, where dozens or hundreds of people have unprivileged accounts on the same machine. Hackers who already have limited control over a Linux machine—for instance, by exploiting a vulnerability in a desktop browser or a Web application—can also use the bug to escalate their privileges to root. The flaw affects versions of the Linux kernel from 2.6.37 to 3.8.8 that have been compiled with the CONFIG_PERF_EVENTS kernel configuration option. “Because there’s a public exploit already available, an attacker would simply need to download and run this exploit on a target machine,” Dan Rosenberg, a senior security researcher at Azimuth Security , told Ars in an e-mail. “The exploit may not work out-of-the-box on every affected machine, in which case it would require some fairly straightforward tweaks (for someone with exploit development experience) to work properly.” Read 4 remaining paragraphs | Comments

Link:
Critical Linux vulnerability imperils users, even after “silent” fix

VMware’s dual-persona smartphones phones finally available to purchase

The first two phones to run VMware’s dual-persona software. VMware At long last, VMware’s dual-persona software for smartphones is available on actual devices. Today, VMware and Verizon Wireless announced that the Android-based LG Intuition and Motorola Razr M can now be purchased with VMware’s Horizon Mobile software, which separates the device into isolated partitions that keep a user’s work applications and data separate from personal stuff. VMware began promising virtualized smartphones in 2010 , claiming they would be available for sale in 2011. Samsung promised to support VMware’s virtualized phone vision in September 2011, and VMware started promising virtualization for iPhones and iPads in August 2012. We called it ” vaporware .” Samsung and Apple devices still aren’t running the dual-persona software, but it’s nice to see VMware phones finally materialize. VMware and Verizon said the Intuition and Razr M are immediately available for sale with Horizon Mobile software. Perpetual licenses to Horizon Mobile start at $125 per user and “can be purchased through local resellers of VMware and Verizon Wireless,” the companies said. Read 5 remaining paragraphs | Comments

See more here:
VMware’s dual-persona smartphones phones finally available to purchase

Feds seize money from Dwolla account belonging to top Bitcoin exchange Mt. Gox

jurvetson The Department of Homeland Security has apparently shut down a key mobile payments account associated with Mt. Gox, the largest Bitcoin exchange. Chris Coyne, the co-founder of online dating service OKCupid, tweeted out an e-mail he received from Dwolla this afternoon. The e-mail states that neither Coyne, nor presumably any other Dwolla user, will be able to transfer funds to Mt. Gox. Dwolla confirmed the change to the New York Observer , which first reported the story. Dwolla received a seizure warrant from a federal court. Read 4 remaining paragraphs | Comments

See the original post:
Feds seize money from Dwolla account belonging to top Bitcoin exchange Mt. Gox

Network Solutions seizes over 700 domains registered to Syrians

While Syria’s Internet connection is back up, many of the sites hosted in Damascus have lost their domain names. As Brian Krebs of Krebs on Security reports , the domain registrar Network Solutions LLC has taken control of 708 domain names in the .com, .org, and .net top-level domains registered to Syrian organizations. The organizations affected by the seizure include the state-supported hacker group Syrian Electronic Army. Usually when there’s a domain name seizure, it’s the work of government agencies like Immigrations and Customs Enforcement or the FBI, or domains are shut down with the help of US Marshals as part of a court-sanctioned seizure related to malware. But in this case, Network Solutions appears to have seized the domains in question without coordinating with federal authorities, though its action was guided by federal regulations—domain name registration is one of the services explicitly banned in US trade sanctions enacted against Syria last year. Network Solutions has marked the seized domains with the notation “OFAC Holding,” indicating they were taken over in accordance with regulations propagated by the Department of the Treasury’s  Office of Foreign Assets Control , a unit of Treasury’s Office of Terrorism and Financial Intelligence. The vast majority of the seized domains were pointed at IP addresses assigned to the Syrian Computer Society. As we’ve reported previously, Syrian President Bashar al-Assad, who was an Army doctor and ophthalmologist before being groomed to take over for his father, was head of the Syrian Computer Society in the 1990s. He became president in 2000. The Syrian Computer Society acts as Syria’s domain registration authority and regulates the Internet within Syria, and is also believed to be connected to Syria’s state security apparatus. The Syrian Computer Society registered .sy domain names for the Syrian Electronic Army’s servers, giving the hacker group a national-level domain name (sea.sy) rather than a .com or other non-government address, signifying its status as at least a state-supervised operation. Read 1 remaining paragraphs | Comments

See the article here:
Network Solutions seizes over 700 domains registered to Syrians

Defense contractor pwned for years by Chinese hackers

QinetiQ , a UK-based defense contractor, has its fingers all over some of the US Defense Department’s most sensitive systems. The company’s subsidiaries provide robots, diagnostic systems, intelligence systems for satellites, drones, and even “cyber-security” to the US Department of Defense. The parent company, which was created as a privatized spinoff of the British Defense Evaluation and Research Agency—what was the UK’s equivalent of the US Defense Advanced Research Projects Agency—is often cited as the inspiration for James Bond’s “Q.” But for at least three years, QinetiQ was apparently unintentionally supplying its expertise to another customer: China. In multiple operations, hackers tied to the People’s Liberation Army have had the run of QinetiQ’s networks, stealing sensitive data from them and even using them to launch attacks on the systems of government agencies and other defense contractors. E mails uncovered by the hack of security firm HBGary revealed that Chinese hackers had the run of the company’s networks starting in 2007. Bloomberg’s Michael Riley and Ben Elgin report that in one effort that lasted for over three years, “Comment Crew”—the group tied to the recent hacking of the New York Times and other news organizations, plus a host of attacks on other defense contractors and technology businesses—managed to gain access to “most if not all of the company’s research.” The company was notified on multiple occasions by government agencies of ongoing breaches, starting with a report from the Naval Criminal Investigative Service in December of 2007 that “a large quantity of sensitive information” was being stolen from two computers at the company’s US subsidiary, QinetiQ North America (QNA). A month later, NASA informed QNA that one of the company’s computers was being used in a cyberattack on its network. Read 1 remaining paragraphs | Comments

More:
Defense contractor pwned for years by Chinese hackers