The source of the massive Target security breach that allowed hackers to swipe the credit and debit card data of up to 40 million customers may have finally been tracked down. The culprit? One extremely unfortunate HVAC repairman. Read more…
Read More:
Last Month’s Massive Target Hack Was the Heating Guy’s Fault
Aurich Lawson Silk Road, the infamous and anonymous online marketplace specializing in illicit goods, sells everything from pot to black tar heroin. If you can smoke it, inject it, or snort it, there’s a good chance Silk Road has it. Well, had it. Late last year, the FBI burst into a local branch of the San Francisco Public Library and arrested one Ross Ulbricht, the alleged kingpin who ran the site. It all happened while Ulbricht’s laptop was open and he was logged into his encrypted accounts. In the days that followed, the feds dropped a host of charges on Ulbricht, including several salacious accusations that Ulbricht attempted to arrange hits on various people he thought had betrayed him or blackmailed him. The feds also arrested several people accused of being major sellers, creating anxiety for those who ever bought or sold on the site. The Silk Road was closed . It didn’t take long to return. Just as the previous Silk Road operator had done, the new owner called himself “Dread Pirate Roberts” (DPR). The name came from a character in The Princess Bride who passes his piratical business down from one individual to the next, each of whom uses the same name to ensure continuity. So in a move that would seem to tempt fate, the new DPR built another version of Silk Road and restarted the drug marketplace. Read 42 remaining paragraphs | Comments
See more here:
Dread Pirate Roberts 2.0: An interview with Silk Road’s new boss
Google engineers have added a new feature to the Chrome browser that automatically warns users when browsing settings have been altered by malicious software. The new protection was unveiled in a blog post published Friday by Linus Upson, Google’s vice president of engineering. It is designed to augment a feature introduced in October that allows users to return Chrome settings to a factory-fresh state with the click of a single button. Malicious code frequently included with screensavers and other free software can surreptitiously make any number of changes to Chrome settings. Injecting ads into webpages and blocking the ability to revert settings to those previously chosen by the user are two of the more common ways unscrupulous developers tamper with browser options. The hijackings were among the top issue users reported in Chrome help forums when the reset button was introduced in October. Upson explained: Read 1 remaining paragraphs | Comments
Read the article:
New Google Chrome feature warns users when browser has been hijacked
Yahoo said it is resetting passwords for some of its e-mail users after discovering a coordinated effort to compromise accounts. Attackers behind the cracking campaign used usernames and passwords that were probably collected from a compromised database belonging to an unidentified third party, according to Jay Rossiter, Yahoo senior vice president of platforms and personalization products, who wrote an advisory published Thursday . A large percentage of people use the same password to protect multiple Internet accounts, a practice that allows attackers holding credentials taken from one site to compromise accounts on other sites. There’s no evidence the passwords used in the attack came from Yahoo Systems. “Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts,” Rossiter wrote. “The information sought in the attack seems to be names and e-mail addresses from the affected accounts’ most recent sent e-mails.” Read 3 remaining paragraphs | Comments
Visit site:
Mass hack attack on Yahoo Mail accounts prompts password reset
PhotoAtelier On Thursday, the Federal Communications Commission is expected to take its first major step toward letting AT&T and other carriers replace the country’s traditional phone system with one that works entirely over Internet Protocol networks. AT&T has argued that the technology transition should be accompanied by deregulation that would strip the company of most of its monopoly-era obligations. AT&T likely won’t get everything it wants, though. FCC Chairman Tom Wheeler wrote in a blog post last November that he intends to “ensure the continuation of the Network Compact” with universal service for all Americans, consumer protections, public safety services, and competition.In other words, AT&T can’t stop maintaining the Public Switched Telephone Network (PSTN) without a plan to preserve current service levels. This is not as simple as just making sure phone calls get through, although solving the rural call completion problem by itself is a challenge. It also means maintaining access to 911 services, fire alarms, fax machines, medical alert systems, anything that relies on the phone network. Not everything is to be decided this week. The FCC vote is on an AT&T petition to launch customer trials of new IP-based networks. While AT&T’s petition is expected to be granted, the FCC’s proposed order is written to ensure continuation of the four values (universal service, consumer protection, public safety, and competition) as Wheeler emphasized, an FCC official told Ars on condition that he not be named. Read 10 remaining paragraphs | Comments
Read More:
AT&T plan to shut off Public Switched Telephone Network moves ahead at FCC
Gretar Ívarsson Can enormous heat deep in the Earth be harnessed to provide energy for us on the surface? A promising report from a geothermal borehole project that accidentally struck magma—the same fiery, molten rock that spews from volcanoes—suggests it could. The Icelandic Deep Drilling Project, IDDP , has been drilling shafts up to 5km deep in an attempt to harness the heat in the volcanic bedrock far below the surface of Iceland. But in 2009 a borehole at Krafla, Northeast Iceland, reached only 2,100m deep before unexpectedly striking a pocket of magma. The molten rock was intruding into the Earth’s upper crust from below at searing temperatures of 900 to 1000 degrees Celsius. This borehole, IDDP-1, was the first in a series of wells drilled by the IDDP in Iceland looking for usable geothermal resources. A special report in this month’s Geothermics journal details the engineering feats and scientific results that came from the attempt to harness the incredible geothermal heat. (The only previous case like this was in Hawaii in 2007, but that well was sealed in concrete.) Read 12 remaining paragraphs | Comments
Visit link:
Drilling surprise opens door to magma-powered electricity
In oral arguments heard on Tuesday, Lavabit and federal prosecutors each presented their cases in front of three judges from the 4 th US Circuit Court of Appeals in Richmond, Virginia. This particular case is an appeal of contempt-of-court charges against Lavabit, a now-defunct e-mail hosting service that once offered secure communication. In the summer of 2013, Lavabit was ordered to provide real-time e-mail monitoring of one of its users, widely believed to be Edward Snowden, the former NSA contractor-turned-leaker. When Lavabit told the feds that the only way it could hand over communications was through an internal process that would deliver results 60 days after anycommunication was sent, the authorities returned with a search warrant for Lavabit’s SSL keys , which could decrypt the traffic of all of Lavabit’s users. Ladar Levinson, the CEO of Lavabit, handed over the SSL keys but then shut down his 10-year-old business rather than expose all of Lavabit’s users. Levinson now faces charges of contempt-of-court. The case is proving to be difficult for both parties, as well as presiding judges Roger Gregory, Paul Niemeyer, and Steven Agee, to parse. As PC World reports : “Attorneys from both Lavabit and the US government agreed that the legal issues between them could have been resolved before heading to court, though neither party seemed to have an adequate technical answer of how Lavabit could have successfully passed unencrypted data to a law enforcement agency in order to meet the government’s demands.” Read 4 remaining paragraphs | Comments
Original post:
Lavabit goes head to head with feds in contempt-of-court case
Valve is not done redefining itself yet. The gaming juggernaut added ‘operating system developer’ to ‘games studio’ and ‘digital media distributor’ with the introduction of SteamOS. And now it’s adding ‘streaming service’ to its repertoire. The service , currently in beta, allows users to stream game play from one PC to any other PC in their home. Invited users run a beta version of the Steam client on their computers and have settings for adjusting the amount of bandwidth the stream consumes. Though work is in progress to make streaming an option from OS X and Linux machines, the service is primarily aimed at Windows PCs to start. The Windows focus may, in part, be a result of the relatively larger library of Windows games on Steam. Valve’s Linux-based SteamOS has one big limitation compared with the full Steam experience: it can only run games compatible with Linux. That limitation may be mostly put to rest when a Steam Box is now paired with a Windows PC, allowing users to run any game in the Steam library either natively in the Steam Box or streamed. The other key benefit to the new streaming option is convenience. Graphically rich games often suffer when run on thermally limited notebooks. Decoding a video stream requires drastically less computing power than rendering a 3D environment, so gaming on a modestly specced laptop could become much more satisfying. Read 1 remaining paragraphs | Comments
Read more here:
Streaming comes to Steam: run on your gaming rig, play on your laptop
An international law-enforcement crackdown on paid password cracking services has resulted in at least 11 arrests, including the operators of an alleged cracker-for-hire site in the US that prosecutors said compromised almost 6,000 e-mail accounts. Mark Anthony Townsend, 45, of Cedarville, Arkansas, and Joshua Alan Tabor, 29, of Prairie Grove, Arkansas, ran a site called needapassword.com, according to court documents filed this week in federal court in Los Angeles. The site accepted user requests to hack into specific e-mail accounts hosted by Google, Yahoo, and other providers, prosecutors alleged. According to charging documents, the operators would break into the accounts, access their contents and send screenshots to the users proving the accounts had been compromised. The men would then send passwords in exchange for a fee paid to their PayPal account, prosecutors said. “Through www.needapassword.com, defendant and others known and unknown to the United States Attorney obtained unauthorized access to over 5,900 e-mail accounts submitted by customers,” a criminal information filed against Townsend stated. During the time of Tabor’s involvement, needapassword.com broke into at least 250 accounts, a separate charging document claimed. Read 3 remaining paragraphs | Comments
View original post here:
Investigation of password crackers busts site feds say hacked 6,000 accounts
Tactus Technology Tactus Technology has created a microfluidics panel that could be overlaid on touchscreens to produce “buttons,” per a report from CNET. The panel would allow smartphones to create a bunch of nubs over the keyboard keys on touch screens to help guide typists’ fingers. Some smartphone users are still lamenting the loss of tactile keys like those on a Blackberry, but QWERTY keyboards are hard to justify in terms of real estate when a touch screen can use that space better. A keyboard add-on is a possibility, but one pretender to the Blackberry throne, the Typo, has gotten a mixed reception . Tactus Technology Tactus’ system would put a 0.75 to 1 millimeter-thick microfluidics panel over a device’s LCD instead of glass or plastic. A sub-layer of the panel would be punctured with 200-nanometer holes, through which fluid would be pressed to raise the flexible surface of the screen when the operating system called up some buttons. Read 1 remaining paragraphs | Comments
View original post here:
Microfluidics panel could add physical buttons to a touch screen