Tag: digest

CES tells CNET: You’re fired!

At the 2013 CES convention, CNET’s editorial staff loved the Dish Hopper DVR and nominated it “Best in Show.” That journalistic decision was quickly tossed out, however, by the legal department at CBS, CNET’s corporate parent. CBS is involved in litigation against Dish over the Hopper. The censoring of CNET’s decision has produced a fair bit of fallout for CBS already. The company has been criticized in many quarters for silencing its journalists. Greg Sandoval, a well-known writer for CNET, even left the company, saying he was concerned that his employer didn’t respect editorial independence. Now, CES itself has put out a press release slamming CNET’s behavior and announcing that CNET won’t be allowed to produce the “Best of CES” awards anymore. Those awards are produced by CNET under contract with the Consumer Electronics Association (CEA), which puts on CES. CEA said it will work to identify a new partner to run the Best of CES awards. Read 4 remaining paragraphs | Comments

See original article:
CES tells CNET: You’re fired!

How Yahoo allowed hackers to hijack my neighbor’s e-mail account

Reflected XSS vulnerabilities in action Aspect Security When my neighbor called early Wednesday morning, she sounded close to tears. Her Yahoo Mail account had been hijacked and used to send spam to addresses in her contact list. Restrictions had then been placed on her account that prevented her from e-mailing her friends to let them know what happened. In a  blog post  published hours before my neighbor’s call, researchers from security firm Bitdefender said that the hacking campaign that targeted my neighbor’s account had been active for about a month. Even more remarkable, the researchers said the underlying hack worked because Yahoo’s developer blog runs on a version of the WordPress content management system that contained a vulnerability developers addressed more than eight months ago . My neighbor’s only mistake, it seems, was clicking on a link while logged in to her Yahoo account. As someone who received one of the spam e-mails from her compromised account, I know how easy it is to click such links. The subject line of my neighbor’s e-mail mentioned me by name, even though my name isn’t in my address. Over the past few months, she and I regularly sent messages to each other that contained nothing more than a Web address, so I thought nothing of opening the link contained in Wednesday’s e-mail. The page that opened looked harmless enough. It appeared to be an advertorial post on MSNBC.com about working from home, which is something I do all the time. But behind the scenes, according to Bitdefender, something much more nefarious was at work. Read 9 remaining paragraphs | Comments

Read More:
How Yahoo allowed hackers to hijack my neighbor’s e-mail account

To prevent hacking, disable Universal Plug and Play now

Security experts are advising that a networking feature known as Universal Plug and Play be disabled on routers, printers, and cameras, after finding it makes tens of millions of Internet-connected devices vulnerable to serious attack. UPnP, as the feature is often abbreviated, is designed to make it easy for computers to connect to Internet gear by providing code that helps devices automatically discover each other over a local network. That often eliminates the hassle of figuring out how to configure devices the first time they’re connected. But UPnP can also make life easier for attackers half a world away who want to compromise a home computer or breach a business network, according to a white paper published Tuesday by researchers from security firm Rapid7. Over a five-and-a-half-month period last year, the researchers scanned every routable IPv4 address about once a week. They identified 81 million unique addresses that responded to standard UPnP discovery requests, even though the standard isn’t supposed to communicate with devices that are outside a local network. Further scans revealed 17 million addresses exposed UPnP services built on the open standard known as SOAP, short for simple object access protocol. By broadcasting the service to the Internet at large, the devices can make it possible for attackers to bypass firewall protections. Read 5 remaining paragraphs | Comments

Read More:
To prevent hacking, disable Universal Plug and Play now

“PlayStation 4K” and “Xbox Durango” will be key to Ultra HD adoption

Joseph Dumary Next-gen TV—with a 4K “Ultra HD” picture resolution—was this year’s hot topic at CES . But its success may be in the hands of console gamers. With leaked details of octal-core processor banks paired with 8GB of RAM, the PlayStation 4 “Orbis” is sounding powerful (just for comparison of RAM alone, the 8GB of system memory is roughly 32 times more than the current model). But to see where 4K comes in, it’s worth taking a trip back seven years. In 2005, very few people had an HDTV. According to one study , there were “as many” as 10 million homes with high-definition screens—globally. The problem, according to many commentators, was the lack of HD content: nobody wanted to buy an HDTV because there was little HD content; very little HD content was made because there were very few people to sell it to. Classic catch-22. Read 11 remaining paragraphs | Comments

Read this article:
“PlayStation 4K” and “Xbox Durango” will be key to Ultra HD adoption

Starved brains kill memory-making to survive

“Thanks for the memories, but I’d prefer a bite to eat.” UFL.edu As the organ responsible for maintaining equilibrium in the body and the most energy-demanding of all the organs, the brain takes a lot of the body’s energy allocation. So when food is in short supply, the brain is the organ that is fed first. But what happens when there isn’t enough food to fulfill the high-energy needs of the brain and survival is threatened? The brain does not simply self-allocate available resources on the fly; instead it “trims the fat” by turning off entire processes that are too costly. Researchers from CNRS in Paris created a true case of do-or-die, starving flies to the point where they must choose between switching off costly memory formation or dying. When flies are starved, their brains will block the formation of aversive long-term memories, which depend on costly protein synthesis and require repetitive learning. But that doesn’t mean all long-term memories are shut down. Appetitive long-term memories, which can be formed after a single training, are enhanced during a food shortage. Read 3 remaining paragraphs | Comments

More:
Starved brains kill memory-making to survive

Grammar badness makes cracking harder the long password

Comparison of the size of password search space when treating the password as a sequence of characters or words, or as words generated by grammatical structure. Rao,et al. When it comes to long phrases used to defeat recent advances in password cracking, bigger isn’t necessarily better, particularly when the phrases adhere to grammatical rules. A team of Ph.D. and grad students at Carnegie Mellon University and the Massachusetts Institute of Technology have developed an algorithm that targets passcodes with a minimum number of 16 characters and built it into the freely available John the Ripper cracking program. The result: it was much more efficient at cracking passphrases such as “abiggerbetter password” or “thecommunistfairy” because they followed commonly used grammatical rules—in this case, ordering parts of speech in the sequence “determiner, adjective, noun.” When tested against 1,434 passwords containing 16 or more characters, the grammar-aware cracker surpassed other state-of-the-art password crackers when the passcodes had grammatical structures, with 10 percent of the dataset cracked exclusively by the team’s algorithm. The approach is significant because it comes as security experts are revising password policies to combat the growing sophistication of modern cracking techniques which make the average password weaker than ever before . A key strategy in making passwords more resilient is to use phrases that result in longer passcodes. Still, passphrases must remain memorable to the end user, so people often pick phrases or sentences. It turns out that grammatical structures dramatically narrow the possible combinations and sequences of words crackers must guess. One surprising outcome of the research is that the passphrase “Th3r3 can only b3 #1!” (with spaces removed) is one order of magnitude weaker than “Hammered asinine requirements” even though it contains more words. Better still is “My passw0rd is $uper str0ng!” because it requires significantly more tries to correctly guess. Read 9 remaining paragraphs | Comments

View article:
Grammar badness makes cracking harder the long password

MP3 files written as DNA with storage density of 2.2 petabytes per gram

The general approach to storing a binary file as DNA, described in detail below. Goldman et al., Nature It’s easy to get excited about the idea of encoding information in single molecules, which seems to be the ultimate end of the miniaturization that has been driving the electronics industry. But it’s also easy to forget that we’ve been beaten there—by a few billion years. The chemical information present in biomolecules was critical to the origin of life and probably dates back to whatever interesting chemical reactions preceded it. It’s only within the past few decades, however, that humans have learned to speak DNA. Even then, it took a while to develop the technology needed to synthesize and determine the sequence of large populations of molecules. But we’re there now, and people have started experimenting with putting binary data in biological form. Now, a new study has confirmed the flexibility of the approach by encoding everything from an MP3 to the decoding algorithm into fragments of DNA. The cost analysis done by the authors suggest that the technology may soon be suitable for decade-scale storage, provided current trends continue. Trinary encoding Computer data is in binary, while each location in a DNA molecule can hold any one of four bases (A, T, C, and G). Rather than using all that extra information capacity, however, the authors used it to avoid a technical problem. Stretches of a single type of base (say, TTTTT) are often not sequenced properly by current techniques—in fact, this was the biggest source of errors in the previous DNA data storage effort. So for this new encoding, they used one of the bases to break up long runs of any of the other three. Read 9 remaining paragraphs | Comments

Continued here:
MP3 files written as DNA with storage density of 2.2 petabytes per gram

Wires smaller in diameter than light waves boost solar cell efficiency

Electron micrograph of indium phosphide (InP) nanowires. Each is 180 nanometers in diameter; this diameter allows them to capture more light, making them effective in a photovoltaic solar cell. Wallentin et al. In the continuing quest to create solar cells, researchers seek new materials, use clever techniques, and look for novel physical phenomena to extract the maximum electricity out of sunlight for the lowest cost. One method of extracting more power at a lower cost relies on creating arrays of nanowires that stand vertically on inexpensive substrates. In contrast to the material in ordinary solar cells, nanowires use less material, can potentially be built with less costly materials, and in principle trap more light thanks to the geometry of the arrays. However, most nanowire solar cells are currently outperformed by their conventional counterparts. A new effort used indium phosphide (InP) nanowires with diameters smaller than the wavelength of the light they were trapping. That trick enabled Jesper Wallentin and colleagues to reach comparable efficiencies and slightly higher voltage than a conventional InP solar cell. While the wires only covered 12 percent of the surface area, they exploited a principle known as resonant trapping to extract over half as much current as a full planar cell of InP. This approach could lead to even greater efficiency at lower cost for solar cells. Many candidates for the next generation of photovoltaic (PV) solar cells are being investigated. Research in this area has two goals that don’t always overlap: maximizing the efficiency of converting sunlight into electric current, and reducing cost per unit of electricity. The advantage of nanowire-based cells lies in using a lot less material, since the entire surface need not be covered in PV material. Additionally, the wires themselves can be fabricated from relatively inexpensive semiconductor materials. Read 7 remaining paragraphs | Comments

Originally posted here:
Wires smaller in diameter than light waves boost solar cell efficiency

All backscatter “pornoscanners” to be removed from US airports

Bloomberg is reporting that the TSA will be removing all of the remaining backscatter X-ray machines from US airports. The removal isn’t because of health concerns—instead, the machines’ manufacturer, Rapiscan Systems , failed to meet a US Congress-imposed deadline for altering the machines’ software to produce “generic passenger images,” according to the report. TSA assistant administer for acquisitions Karen Shelton Waters, speaking on behalf of the agency, noted that Rapiscan Systems would absorb the cost for the scanners’ removal, and that the removal is unrelated to Rapiscan’s alleged falsification of the machines’ abilities to protect passengers’ privacy. Nor does the removal appear to be related to ongoing questions about the safety of the backscatter X-ray technology. The CEO of OSI systems, Rapiscan’s parent company, says that rather than pitching the expensive machines into the garbage bin, the TSA will be relocating them to other government agencies. In total, there are 174 Rapiscan backscatter X-ray machines that will be pulled from airports and relocated, on top of the 76 that were  removed last year. Read 1 remaining paragraphs | Comments

Excerpt from:
All backscatter “pornoscanners” to be removed from US airports

FCC adds spectrum to Wi-Fi—but you likely need a new router to use it

Jason Alley The Federal Communications Commission last week said it will add 195MHz of spectrum to Wi-Fi’s 5GHz band. This move is designed to relieve congestion in Wi-Fi networks, particularly in areas of widespread simultaneous usage like airports and sports stadiums . It could help your home network too, but not right away—routers available in stores today may not be able to use the new spectrum at all . Finding out definitively whether today’s routers will support the new spectrum is difficult, partly because the FCC still has to issue specific rules governing its use. We’ve hit up router vendors and other industry people to find out whether software updates might let current routers access the new spectrum. While the results were a bit muddled, it seems safe to say no one is guaranteeing today’s routers will get the benefit of the new 195MHz. Even the latest routers supporting the ultra-modern 802.11ac standard may be left behind. Cisco refused to comment at all, telling us only “Cisco has not made any announcements about this so cannot discuss at this time.” Buffalo told us “the chip vendors will need to work on it” and that “they will at least to have to make changes to the hardware driver. … The magnitude of that change will determine if Buffalo is able to use the same hardware.” Read 21 remaining paragraphs | Comments

Continue reading here:
FCC adds spectrum to Wi-Fi—but you likely need a new router to use it