Trailrunner7 writes “The RC4 and SHA-1 algorithms have taken a lot of hits in recent years, with new attacks popping up on a regular basis. Many security experts and cryptographers have been recommending that vendors begin phasing the two out, and Microsoft on Tuesday said it is now recommending to developers that they deprecate RC4 and stop using the SHA-1 hash algorithm. RC4 is among the older stream cipher suites in use today, and there have been a number of practical attacks against it, including plaintext-recovery attacks. The improvements in computing power have made many of these attacks more feasible for attackers, and so Microsoft is telling developers to drop RC4 from their applications. The company also said that as of January 2016 it will no longer will validate any code signing or root certificate that uses SHA-1.” Read more of this story at Slashdot.
Read More:
Microsoft Warns Customers Away From RC4 and SHA-1
jones_supa writes “Final releases of Visual Studio 2013, .NET 4.5.1, and Team Foundation Server 2013 are now available. As part of the new release, the C++ engine implements variadic templates, delegating constructors, non-static data member initializers, uniform initialization, and ‘using’ aliases. The editor has seen new features, C++ improvements and performance optimizations. Support for Windows 8.1 has been enhanced and the new XAML UI Responsiveness tool and Profile Guided Optimization help to analyze responsiveness in Windows Store apps. Graphics debugging has been furthered to have better C++ AMP tools and a new remote debugger (x86, x64, ARM). As before, MSDN and DreamSpark subscribers can obtain the releases from the respective channels, and the Express edition is available zero cost for all.” Read more of this story at Slashdot. 
judgecorp writes “Research from Seagate suggests that hybrid hard drives in general use are virtually as good as solid state drives if they have just 8GB of solid state memory. The research found that normal office computers, not running data-centric applications, access just 9.58GB of unique data per day. 8GB is enough to store most of that, and results in a drive which is far cheaper than an all-Flash device. Seagate is confident enough to ease off on efforts to get data off hard drives quickly, and rely on cacheing instead. It will cease production of 7200 RPM laptop drives at the end of 2013, and just make models running at 5400 RPM.” Read more of this story at Slashdot. 
satuon writes “The popular Ubuntu Forums site is now displaying a message saying there was a security breach. What is currently known: Unfortunately the attackers have gotten every user’s local username, password, and email address from the Ubuntu Forums database. The passwords are not stored in plain text. However, if you were using the same password as your Ubuntu Forums one on another service (such as email), you are strongly encouraged to change the password on the other service ASAP. Ubuntu One, Launchpad and other Ubuntu/Canonical services are NOT affected by the breach.” Read more of this story at Slashdot. 
schwit1 writes with a report on just how extensive always-on license plate logging has gotten. The article focuses on California; how different is your state? “In San Diego, 13 federal and local law enforcement agencies have compiled more than 36 million license-plate scans in a regional database since 2010 with the help of federal homeland security grants. The San Diego Association of Governments maintains the database. Unlike the Northern California database, which retains the data for between one and two years, the San Diego system retains license-plate information indefinitely. Can we get plate with code to delete the database?” Read more of this story at Slashdot. 
