digest-golf – Page 30

Former US cybersecurity official gets 25 years for child porn charges

On Monday, a federal judge in Nebraska sentenced the former acting director of cybersecurity for the US Department of Health and Human Services to 25 years in prison on child porn charges. Timothy DeFoggi, who was convicted back in August 2014, is the sixth person to be convicted in relations to a Nebraska-based child porn Tor-enable website known as PedoBook. That site’s administrator, Aaron McGrath, was sentenced to 20 years last year by the same judge. McGrath famously did not have an administrator password, a mistake that federal investigators were easily able to make use of. DeFoggi’s attorneys did not immediately respond to Ars’ request for comment, but he was almost certainly unmasked via an FBI-created malware exploit designed to expose him and other PedoBook users. Read 3 remaining paragraphs | Comments

View original post here:
Former US cybersecurity official gets 25 years for child porn charges

North Korean defector to airdrop DVD, USB copies of The Interview

A well-known North Korean defector has announced that he will launch 100,000 DVDs and USB sticks with copies of The Interview as part of his regularly scheduled balloon launches into the Hermit Kingdom. Sony Pictures pulled the theatrical release of the film in the wake of hacks against its corporate networks . In an interview with the Associated Press on Wednesday, Park Sang-hak said that his next launch is planned for late January and will be in partnership with the Human Rights Foundation, which did not immediately respond to Ars’ request for comment. “North Korea’s absolute leadership will crumble if the idolization of leader Kim breaks down,” Park told the AP, which noted that the dispatched versions will have Korean subtitles. Read 6 remaining paragraphs | Comments

Read the original:
North Korean defector to airdrop DVD, USB copies of The Interview

Comcast just upped its cable modem rental fee from $8 to $10 per month

Comcast users in various parts of the country have already gotten (or may soon get) a lovely holiday present from their ISP—a seemingly inexplicable increase in the cable modem rental fee, from $8 to $10 per month. Eric Studley, of Boston, who posts on reddit as Slayer0606, first pointed out the increase on Tuesday. After reading Studley’s post, Ars encouraged readers who rent Comcast modems to check their bills and found that the increases seem to have taken place as far back as October 2014, while others took effect as of December 20, 2014 and January 1, 2015. The company did not immediately respond to Ars’ request for comment. Read 18 remaining paragraphs | Comments

View article:
Comcast just upped its cable modem rental fee from $8 to $10 per month

Pope to push for action on climate change

Over the weekend, The Guardian reported that Pope Francis will issue an encyclical urging Catholics to push for action on climate change. The push will coincide with the efforts to follow up on the Lima agreement in the hope that they will lead to binding agreements for the reduction of greenhouse gas emissions. Although the Vatican has not confirmed that the document is in the works, the article quotes several authorities by name, and they speak as if it is a done deal. The document would be in keeping with the Pope’s messages on environmental stewardship; the article quotes Francis as telling an audience in Latin America, “Climate change, the loss of biodiversity and deforestation are already showing their devastating effects in the great cataclysms we witness.” It’s also consistent with his general high regard for scientific findings. The Pope will join a variety of voices pushing for action next year and will undoubtedly add to the political pressure for an agreement. A more relevant question may be whether Francis can sway anyone who wasn’t already interested in seeing progress made on the climate. Read 6 remaining paragraphs | Comments

More:
Pope to push for action on climate change

California DMV will miss its deadline for driverless car regulations

This week, California’s Department of Motor Vehicles (DMV) announced that it will miss a state Senate deadline to establish public regulations for self-driving cars by January 1, 2015. The Los Angeles Times reports safety concerns are the main motivation behind the delay. Possible regulations will now be discussed at a public workshop in Sacramento in late January, and the DMV will gather feedback from industry, academic, and consumer groups in the meantime. The LA Times notes ” there are currently no federal safety standards or independent organizations that test the safety of these vehicles.” So according to USA Today , that leaves the state’s DMV essentially with three courses of action: follow the current US system (manufacturers self-certifying vehicles), opt for a European system (independent companies provide verification), or get into the Herculean task of providing its own testing. Despite the lack of standards for the public, 2014 was a banner year for the advancement of driverless cars. In May, Google publicly revealed the prototype for its in-house built self-driving car , which initially did not include traditional components like a steering wheel, accelerator, brakes, mirrors, or soundsystem. The cars were capped at 25mph and did not allow humans to take over piloting. (Google revealed the first genuine build of its prototype last Monday in a blog post.) Read 2 remaining paragraphs | Comments

Read the article:
California DMV will miss its deadline for driverless car regulations

North Korea suffers another Internet outage, hurls racial slur at Pres. Obama

With its latest response in the country’s on-going flap with the US, Agence France-Presse reports North Korea called President Barack Obama a “monkey” today. The racial slur comes after a recent double blow to North Korea: the country suffered yet another Internet outage Saturday and Sony officially released The Interview , its fictional Kim Jong-Un assassination film, on Thursday. North Korea has fingered Washington for the outages and insists President Obama encouraged US theaters to re-embrace The Interview. “Obama always goes reckless in words and deeds like a monkey in a tropical forest,” a spokesman for North Korea’s National Defence Commission said in a statement published by the country’s official KCNA news agency. “If the US persists in American-style arrogant, high-handed, and gangster-like arbitrary practices despite repeated warnings, the US should bear in mind that its failed political affairs will face inescapable deadly blows.” An apparent DDoS attack knocked North Korea off the ‘net earlier this week, and it experienced another mass outage Saturday evening. This one even affected North Korea’s telecommunication networks, according to Chinese state-run Xinhua news agency (via AFP ). Read 2 remaining paragraphs | Comments

Visit site:
North Korea suffers another Internet outage, hurls racial slur at Pres. Obama

Apple automatically patches Macs to fix severe NTP security flaw

Most OS X security updates are issued alongside other fixes via the Software Update mechanism, and these require some kind of user interaction to install—you’ve either got to approve them manually or tell your Mac to install them automatically. Apple does have the ability to quietly and automatically patch systems if it needs to, however, and it has exercised that ability for the first time to patch a critical flaw in the Network Time Protocol (NTP) used to keep the system clock in sync. This security hole became public knowledge late last week . When exploited, the NTP flaw can cause buffer overflows that allow remote attackers to execute code on your system. If you allow your system to “install system data files and security updates” automatically (checked by default), you’ve probably already gotten the update and seen the notification above. If not, Mountain Lion, Mavericks, and Yosemite users should use Software Update to download and install the update as soon as possible. The flaw may exist in Lion, Snow Leopard, and older OS X versions, but they’re old enough that Apple isn’t providing security updates for them anymore. While this was the first time this particular auto-update function has been used, Apple also automatically updates a small database of malware definitions on all Macs that keeps users from installing known-bad software. That feature, dubbed “XProtect,” was introduced in Snow Leopard in response to the Mac Defender malware and has since expanded to include several dozen items . Read on Ars Technica | Comments

EFF: Feds can’t get around Fourth Amendment via automated data capture

OAKLAND, Calif.—A federal judge spent over four hours on Friday questioning lawyers from the Electronic Frontier Foundation (EFF) and from the Department of Justice in an ongoing digital surveillance-related lawsuit that has dragged on for more than six years. During the hearing, US District Judge Jeffrey White heard arguments from both sides in his attempt to wrestle with the plaintiffs’ July 2014 motion for partial summary judgment . He went back and forth between the two sides, hearing answers to his list of 12 questions that were published earlier this week in a court filing. That July 2014 motion asks the court to find that the government is “violating the Fourth Amendment by their ongoing seizures and searches of plaintiffs’ Internet communications.” The motion specifically doesn’t deal with allegations of past government wrongdoing, nor other issues in the broader case. Read 17 remaining paragraphs | Comments

See original article:
EFF: Feds can’t get around Fourth Amendment via automated data capture

T-Mobile gives up fight over cramming fees, will pay $90M back to customers

T-Mobile US has given up its fight against a lawsuit filed by the US government, agreeing today to refund $90 million or more to customers who were charged premium text message fees without their consent. The Federal Trade Commission alleged that T-Mobile made hundreds of millions of dollars off the practice of passing along third-party charges to customers without their authorization and taking a commission on each charge. T-Mobile could end up paying much more than $90 million. “The settlement requires that they provide full refunds to consumers, with a total of ‘at least’ $90 million,” an FTC spokesperson explained. “The $90 million is a floor. If they receive refund requests of more than that, they have to provide them.” In addition to everything it pays back customers, T-Mobile will pay $18 million in fines and penalties to state attorneys general and $4.5 million to the Federal Communications Commission. If T-Mobile receives less than $90 million worth of refund requests, the extra fines can be counted toward the minimum payment of $90 million. If the payment is still under $90 million, “the balance must be remitted to the FTC for additional consumer redress, consumer education, or other uses,” the FTC said. Read 5 remaining paragraphs | Comments

Original post:
T-Mobile gives up fight over cramming fees, will pay $90M back to customers

ICANN e-mail accounts, zone database breached in spearphishing attack

Unknown attackers used a spearphishing campaign to compromise sensitive systems operated by the Internet Corporation for Assigned Names and Numbers (ICANN), a coup that allowed them to take control of employee e-mail accounts and access personal information of people doing business with the group. ICANN, which oversees the Internet’s address system, said in a release published Tuesday that the breach also gave attackers administrative access to all files stored in its centralized zone data system , as well as the names, postal addresses, e-mail addresses, fax and phone numbers, user names, and cryptographically hashed passwords of account holders who used the system. Domain registries use the database to help manage the current allocation of hundreds of new generic top level domains (gTLDs) currently underway. Attackers also gained unauthorized access to the content management systems of several ICANN blogs. “We believe a ‘spear phishing’ attack was initiated in late November 2014,” Tuesday’s press release stated. “It involved email messages that were crafted to appear to come from our own domain being sent to members of our staff. The attack resulted in the compromise of the email credentials of several ICANN staff members.” Read 4 remaining paragraphs | Comments

Original post:
ICANN e-mail accounts, zone database breached in spearphishing attack

Ken May

Tag: digest-golf