feeds – Page 36 – Tech Today w/ Ken May

AnandTech snapped up by parent company of Tom’s Hardware and LaptopMag

Purch, Inc. announced on Wednesday that it had purchased AnandTech.com, ending the site’s 17-year run as an independent publication. Purch also owns a number of other long-running technology sites, including LaptopMag (founded as Laptop Magazine in 1991), Tom’s Hardware (founded 1996), and a handful of other offshoot tech publications. Purch says the acquisition will help it “dominate the tech expert and enthusiast market.” Anand Shimpi, founder and original editor-in-chief of the site, left his post for Apple in late August. Shimpi says he is “happy to see [AnandTech] end up with a partner committed to taking good care of the brand and its readers.” Current Editor-In-Chief Ryan Smith says the site has “grown by leaps and bounds over the past several years” but that it was “nearing what’s possible as an independent company.” Smith goes on to say that Purch values AnandTech’s exhaustive hardware testing and reviews, and that Purch would enable the site to grow “without compromising the quality that made us who we are today.” Under Smith, AnandTech has continued to run reviews of individual PC components and, less frequently, complete consumer products like laptops, phones, and operating systems. While the site misses Shimpi’s voice and expertise (and that of former mobile editor Brian Klug, who also left for Apple this year), its coverage and testing procedures continue to be deep and thorough, and they will hopefully remain that way post-acquisition. Read 1 remaining paragraphs | Comments

ICANN e-mail accounts, zone database breached in spearphishing attack

Unknown attackers used a spearphishing campaign to compromise sensitive systems operated by the Internet Corporation for Assigned Names and Numbers (ICANN), a coup that allowed them to take control of employee e-mail accounts and access personal information of people doing business with the group. ICANN, which oversees the Internet’s address system, said in a release published Tuesday that the breach also gave attackers administrative access to all files stored in its centralized zone data system , as well as the names, postal addresses, e-mail addresses, fax and phone numbers, user names, and cryptographically hashed passwords of account holders who used the system. Domain registries use the database to help manage the current allocation of hundreds of new generic top level domains (gTLDs) currently underway. Attackers also gained unauthorized access to the content management systems of several ICANN blogs. “We believe a ‘spear phishing’ attack was initiated in late November 2014,” Tuesday’s press release stated. “It involved email messages that were crafted to appear to come from our own domain being sent to members of our staff. The attack resulted in the compromise of the email credentials of several ICANN staff members.” Read 4 remaining paragraphs | Comments

Original post:
ICANN e-mail accounts, zone database breached in spearphishing attack

Feds used Adobe Flash to identify Tor users visiting child porn sites

A little more than 16 months ago, word emerged that the FBI exploited a recently patched Firefox vulnerability to unmask Tor users visiting a notorious child pornography site. It turns out that the feds had waged an even broader uncloaking campaign a year earlier by using a long-abandoned part of the open source Metasploit exploit framework to identify Tor-using suspects. According to Wired , “Operation Torpedo,” as the FBI sting operation was dubbed, targeted users of three darknet child porn sites. It came to light only after Omaha defense attorney Joseph Gross challenged the accuracy of evidence it uncovered against a Rochester, New York-based IT worker who claims he was falsely implicated in the campaign. Operation Torpedo used the Metasploit Decloaking Engine to identify careless suspects who were hiding behind Tor, a free service used by good and bad guys alike to shield their point of entry to the Internet. The Decloaking Engine went live in 2006 and used five separate methods to break anonymization systems. One method was an Adobe Flash application that initiated a direct connection with the end user, bypassing Tor protections and giving up the user’s IP address. Tor Project officials have long been aware of the vulnerability and strenuously advise against installing Flash. According to Wired: Read 1 remaining paragraphs | Comments

View article:
Feds used Adobe Flash to identify Tor users visiting child porn sites

Oakland cops disciplined 24 times for failing to turn on body-worn cameras

OAKLAND, Calif.—Over the last two years, the Oakland Police Department (OPD) has disciplined police officers on 24 occasions for disabling or failing to activate body-worn cameras, newly released public records show. The City of Oakland did not provide any records prior to 2013, and the OPD did not immediately respond to Ars’ request for comment. The records show that on November 8, 2013 one officer was terminated after failing to activate his camera. Less than two weeks later, another resigned for improperly removing the camera from his or her uniform. However, most officers received minor discipline in comparison. The OPD has used Portable Digital Recording Devices (PDRDs) since late 2010 . According to the department’s own policy , patrol officers are required to wear the cameras during a number of outlined situations, including detentions, arrests, and serving a warrant. At present, the city has about 700 officers . Read 9 remaining paragraphs | Comments

See original article:
Oakland cops disciplined 24 times for failing to turn on body-worn cameras

4 seconds of body cam video can reveal a biometric fingerprint, study says

Researchers say they can have computers examine body camera video footage and accurately identify a person wearing a body-mounted device in about four seconds, according to a recently released paper . The authors of the study had their software look at biometric characteristics like height, stride length, and walking speed to find the identity of the person shooting the footage. As they point out, this could have both positive and negative implications for civilians, law enforcement, and military personnel if they’re using body-mounted cameras. (It’s important to note that this research paper, Egocentric Video Biometrics , was posted to the arXiv repository . As such, it’s not considered a final, peer-reviewed work.) Using static, mounted cameras to match a person’s height and gait is a relatively common and well-researched vector for narrowing down the identity of people caught in videos. The authors said that, to get an accurate read of the biometric data of the person wearing the body cam, the footage has to be from a camera secured to one point on a person’s body (handheld cameras don’t work), and it has to have at least four seconds of video of the camera-wearer walking. Despite these restrictions, the two researchers from The Hebrew University in Jerusalem noted that once the necessary information had been gathered, “the identity of the user can be determined quite reliably from a few seconds of video.” “This is like a fingerprint,” Shmuel Peleg, one of the paper’s authors, told The Verge. “In order to find the person you have to have their fingerprint beforehand. But we can compare two people and say whether two videos were shot by the same person or not.” Read 4 remaining paragraphs | Comments

More:
4 seconds of body cam video can reveal a biometric fingerprint, study says

Steam’s first “Holiday Auction” halted after dupe bug ruins market [Updated]

Update: Valve has updated its auction site to note that the Gem auctions will return “shortly” and that “an issue with Gems… means we need to reset and start again.” Specifically: All gems created by you will be returned to your Inventory. All Gem purchases from the Community Market will be reimbursed. All Auction bids have been canceled and the Auction will be reset. Trades involving Gems are being investigated on a case-by-case basis. Original Story The virtual “Holiday Auction” Steam first announced yesterday evening seemed like a cute idea at the time. For a limited time, users would be able to trade in unused or unwanted Steam Inventory items for “gems,” which could in turn, starting Monday, be used to bid against others on codes for 2,000 Steam games, 200,000 copies in all. Read 4 remaining paragraphs | Comments

Visit site:
Steam’s first “Holiday Auction” halted after dupe bug ruins market [Updated]

Comcast sued by customers for turning routers into public hotspots

A pair of Comcast customers has sued the company for turning Xfinity Internet routers into public Wi-Fi hotspots, saying Comcast’s actions pose risks to subscribers and are taken without seeking their authorization. Plaintiff Toyer Grear and daughter Joycelyn Harris of Alameda County, California, filed the suit on December 4 ( PDF ) in US District Court in Northern California, seeking class action status on behalf of all Comcast customers who lease wireless routers that broadcast Xfinity Wi-Fi hotspots. “Without authorization to do so, Comcast uses the wireless routers it supplies to its customers to generate additional, public Wi-Fi networks for its own benefit,” the complaint states. The plaintiffs seek financial damages and an order preventing Comcast “from using residential customers’ wireless routers to create Xfinity Wi-Fi Hotspots without first obtaining authorization.” Read 19 remaining paragraphs | Comments

See more here:
Comcast sued by customers for turning routers into public hotspots

Microsoft makes a nod to subscriptions for Windows 10

Microsoft Chief Operating Officer Kevin Turner Microsoft Even as it has cut the price of Windows— offering it for free on phones and small screen tablets, plus there’s a Bing edition for everything else—Microsoft is still working on ways to monetize its platform. Chief Operating Officer Kevin Turner was speaking to investors last week, and GeekWire reported that profits are still the goal. Asked if the plan was to make Windows a loss leader to draw people into the Microsoft ecosystem, Turner said that the company had “not had any conversations” on this. He reiterated this when asked if the company was going to start losing money on Windows, saying “that’s not any conversations that we’ve had… we’ve got to monetize it differently.” What form might that different monetization take? Turner says that “there are services involved. There are additional opportunities for us to bring additional services to the product and do it in a creative way.” Read 10 remaining paragraphs | Comments

See original article:
Microsoft makes a nod to subscriptions for Windows 10

Samsung 850 EVO SSD takes its storage into the third dimension

Things have advanced quite a bit since our last thoroughly in-depth look at how solid state disks work, and Samsung has been one of the biggest companies leading the charge toward faster, denser solid state drives. Its 840 EVO was the first consumer SSD to use TLC NAND—that’s triple-level cell NAND, which can store three bits per memory cell instead of one or two. Now, Samsung’s newest consumer SSD takes NAND density a step further, stacking the memory cells on top of each other in a complex sandwich. The 850 EVO, formally announced this morning , uses 32-layer TLC “V-NAND,” where the “V” stands for “vertical.” As we discussed previously at the 2013 Consumer Electronics Show, Samsung is the only SSD manufacturer that makes ” the whole widget “—it’s the only vertically integrated OEM that builds every part of the SSDs it sells, including the NAND that actually holds the data. This gives the company a distinct advantage over other SSD manufacturers—most of whom source their NAND from Samsung. The 850 EVO is set to be released in four capacities: 120GB, 250GB, 500GB, and 1TB. These are all decimal measurements, not binary—so that “1TB” is properly one trillion bytes, not 1024GB (there are official IEC units for binary measurements, but I’ll eat glass before I start saying ” tebibyte “). The quoted numbers on Samsung’s site look pretty good for a consumer-level drive: max sequential read speeds of 540MB/s, max sequential write speeds of 520MB/s, and relatively high IOPS across a variety of read and write regimes. Read 5 remaining paragraphs | Comments

Powerful, highly stealthy Linux trojan may have infected victims for years

Researchers have uncovered an extremely stealthy trojan for Linux systems that attackers have been using to siphon sensitive data from governments and pharmaceutical companies around the world. The previously undiscovered malware represents a missing puzzle piece tied to “Turla,” a so-called advanced persistent threat (APT) disclosed in August by Kaspersky Lab and Symantec . For at least four years, the campaign targeted government institutions, embassies, military, education, research, and pharmaceutical companies in more than 45 countries. The unknown attackers—who are probably backed by a nation-state, according to Symantec—were known to have infected several hundred Windows-based computers by exploiting a variety of vulnerabilities, at least two of which were zero-day bugs. The malware was notable for its use of a rootkit that made it extremely hard to detect. Now researchers from Moscow-based Kaspersky Lab have detected Linux-based malware used in the same campaign . Turla was already ranked as one of the top-tier APTs, in the same league as the recently disclosed Regin for instance. The discovery of the Linux component suggests it is bigger than previously thought and may presage the discovery of still more infected systems. Read 8 remaining paragraphs | Comments

More:
Powerful, highly stealthy Linux trojan may have infected victims for years