Yes, Google Reader is going away , and yes, there are great alternatives . However, if you’re tired of web services shutting down on you , why not take matters into your own hands? Tiny Tiny RSS is a free, open-source syncing RSS platform with more features than Google Reader ever had, and it can’t get shut down. Here’s how to install it and set it up. More »
Read the article:
How to Build Your Own Syncing RSS Reader with Tiny Tiny RSS and Kick Google Reader to the Curb
Nvidia’s Shield tablet can stream full PC games from your Steam library as long as you’re using a GeForce graphics card. This may be the best way to stream your PC games to your tablet. Andrew Cunningham In practically every one of its major press conferences since last year’s GPU Technology Conference, Nvidia has reminded us that they want to virtualize the graphics processor. The company wants to take it out of the computer on your lap or on your desk and put it into a server somewhere without you noticing the difference. It introduced the concept at GTC 2012. Then over the course of the next year, Nvidia unveiled the actual graphics cards that would enable this tech, started selling them to partners, and also stuck them in Nvidia Grid-branded servers aimed at both gamers and businesses . The difference between Nvidia’s initiatives and more traditional virtualization is that the company’s products support relatively few users for the hardware they require. The Grid gaming server supports 24 users per server box and the Visual Computing Appliance (VCA) only supports eight or 16 depending on the model. Most virtualization is all about dynamically allocating resources like CPU cycles and RAM to give as many users as possible the bare minimum amount of power they need. Instead, Nvidia’s is about providing a fixed number of users with a pretty specific amount of computing power, thus attempting to recreate the experience of using a regular old computer. There are situations where this makes sense. Given the cost of buying and maintaining workstation hardware, Nvidia’s argument for the VCA seems more or less convincing. But I’m slightly less optimistic about the prospect for the Grid gaming server, or any cloud gaming service, really—call it leftover skepticism from OnLive’s meltdown earlier this year . Read 11 remaining paragraphs | Comments
Read the original post:
“Cloud gaming” has a future—just maybe not in the cloud
Unlike Unicast-based networks, Anycast systems use dozens of individual data centers to dilute the effects of distributed denial-of-service attacks. CloudFlare As an international organization that disrupts spam operators, the Spamhaus Project has made its share of enemies. Many of those enemies possess the Internet equivalent of millions of water cannons that can be turned on in an instant to flood targets with more traffic than they can possibly stand. On Tuesday, Spamhaus came under a torrential deluge—75 gigabits of junk data every second—making it impossible for anyone to access the group’s website (the real-time blacklists that ISPs use to filter billions of spam messages were never effected). Spamhaus quickly turned to CloudFlare, a company that secures websites and helps mitigate the effects of distributed denial-of-service attacks. This is a story about how the attackers were able to flood a single site with so much traffic, and the way CloudFlare blocked it using a routing methodology known as Anycast. Read 8 remaining paragraphs | Comments
View article:
How whitehats stopped the DDoS attack that knocked Spamhaus offline
“When ECPA was enacted, e-mail was primarily a means of communicating information, not storing it,” said Sen. Mike Lee (R-UT) on Tuesday in a statement. Ed Yourdon On Tuesday, the Department of Justice acknowledged for the first time that the notion that e-mail more than 180 days old should require a different legal standard is outdated. This marked shift in legal theory, combined with new House subcommittee hearings and new Senate legislation, might just actually yield real, meaningful reform on the much-maligned Electronic Communications Privacy Act . It’s an act, by the way, that dates back to 1986. As Ars’ Tim Lee wrote in November 2012, “ECPA requires a warrant to obtain freshly sent e-mail before it’s been opened by the recipient. But once an e-mail has been opened, or once it has been sitting in the recipient’s e-mail box for 180 days, a lower standard applies. These rules simply don’t line up with the way modern e-mail systems work.” Read 14 remaining paragraphs | Comments
More:
Finally, Feds say cops’ access to your e-mail shouldn’t be time-dependent
Security researchers have discovered a botnet that is stealing millions of dollars per month from advertisers. The botnet does so by simulating click-throughs on display ads hosted on at least 202 websites. Revealed and dubbed “Chameleon” by the Web analytics firm spider.io because of its ability to fool advertisers’ behavior-tracking algorithms, the botnet is the first found to use display advertisements to generate fraudulent income for its masters. In a blog post today, spider.io reported that the company had been tracking Chameleon since December of 2012. Simulating multiple concurrent browser sessions with websites, each bot is able to interact with Flash and JavaScript based ads. So far, more than 120,000 Windows PCs have been identified—95 percent of them with IP addresses associated with US residential Internet services. The company has issued a blacklist of the 5,000 worst-offending IP addresses for advertisers to use to protect themselves from fraud. While in many respects the botnet simulates human activity on webpages to fool countermeasures to clickfraud, it generates random mouse clicks and mouse pointer traces across pages. This makes it relatively easy for bot-infected systems to be identified over time. The bot is also unstable because of the heavy load it puts on the infected machine, and its frequent crashes can also be used as a signature to identify infected systems. Read 1 remaining paragraphs | Comments
See the original post:
Chameleon botnet steals millions from advertisers with fake mouseclicks
If you’ve got 99 security problems, odds are Microsoft’s not one—or at least it’s just a minority of them. In its annual review of software vulnerabilities , security software firm Secunia found that 86 percent of vulnerabilities discovered on systems scanned by its software in the 50 most popular Windows software packages in 2012 were attributable to third-party developers and not to Microsoft’s Windows operating system or applications. And for most of these vulnerabilities, a patch was already available at the time they were discovered. Of the top 50 most used Windows packages—including the Windows 7 operating system itself, 18 were found to have end-point security vulnerabilities, a 98 percent increase over five years ago. Of those 18 packages, Google’s Chrome and the Mozilla Firefox browser were the biggest culprits, with 291 and 257 detected vulnerabilities respectively. Apple iTunes came in third, with 243 detected vulnerabilities. The remainder of the top ten offenders were: Adobe Flash Player: 67 Oracle Java JRE SE: 66 Adobe AIR: 56 Microsoft Windows 7: 50 Adobe Reader: 43 Microsoft Internet Explorer: 41 Apple Quicktime: 29 Of the vulnerabilities documented in Secunia’s database, 84 percent had already been patched by vendors when they were discovered on systems. “This means that it is possible to remediate the majority of vulnerabilities,” said Secunia Director of Product Management Morten R. Stengaard. “There is no excuse for not patching.” Read on Ars Technica | Comments
View original post here:
Most PC security problems come from unpatched third-party Windows apps
Library of Congress When the lights go out, it affects everyone. It’s not only the inconvenience of having the TV shut off unexpectedly—a lot of heavy equipment really dislikes having the power disappear suddenly. For the most part, the power grid is very stable. But sometimes random events and seemingly small operator errors can cascade to create massive power outages. Underlying the stability of a power grid is the need to keep multiple generators operating in a synchronized manner. New research shows (in an annoyingly abstract way) that good network design can take advantage of the tendency for generators to self-synchronize. Counting the beat Depending on where you happen to be in the world, your power outlet supplies alternating current at either 50 or 60 Hz. The precise value doesn’t really matter as long as it stays within a narrow limit. Essentially, this means that the generator supplying the power needs to rotate at a rate producing this frequency. Read 14 remaining paragraphs | Comments
Follow this link:
Stabilizing the electric grid by keeping generators in sync
For the first time ever, the Obama administration has publicly admitted to developing offensive cyberweapons that could be aimed at foreign nations during wartime. According to an article published Tuesday night by The New York Times , that admission came from General Keith Alexander, the chief of the military’s newly created Cyber Command. He said officials are establishing 13 teams of programmers and computer experts who would focus on offensive capabilities. Previously, Alexander publicly emphasized defensive strategies in electronic warfare to the almost complete exclusion of offense. “I would like to be clear that this team, this defend-the-nation team, is not a defensive team,” Alexander, who runs both the National Security Agency and the new Cyber Command, told the House Armed Services Committee on Tuesday. “This is an offensive team that the Defense Department would use to defend the nation if it were attacked in cyberspace. Thirteen of the teams that we’re creating are for that mission alone.” Read 3 remaining paragraphs | Comments
Excerpt from:
For first time, US military says it would use offensive cyberweapons
Dropbox for Mac received an update to version 2.0 on Tuesday, bringing with it a number of UI upgrades to the desktop. The most noticeable difference is the revamped and prettified drop-down interface, which now allows you to accept or decline sharing requests right from the menu instead of requiring a trip to the website. The new drop-down interface also displays a list of recently updated files from across your Dropbox-enabled devices, and it gives easy access to both sync settings and the Dropbox website. This is a small but significant change to the way the menu item previously functioned. In the past, there was not much functionality there, but now it’s a place where the user might actually go in order to see which files are being synced. Additionally, the new menu interface makes for much easier file or folder sharing. Select the item in the menu that you want to share and a “Share” button pops up on the right. Clicking it still takes you to the Dropbox website in order to invite other users, but it’s a start in making the desktop software a little more usable. Read 1 remaining paragraphs | Comments
Visit link:
Dropbox 2.0 brings functional drop-down menus to Mac and Windows
A screenshot from Jeremi Gosney showing passwords cracked by the ocl-Hashcat-plus program. Jeremi Gosney Zoosk.com, an online dating service with about 15 million unique visitors each month, is requiring some users to reset their passwords. The move comes after someone published a list cryptographically protected passcodes that may have been used by subscribers to the website. In the past, the San Francisco-based company has said it has more than 50 million users . With this dump, a small but statistically significant percentage of the 29-million-strong password list contained the word “zoosk,” an indication that at least some of the credentials may have originated with the dating site. Jeremi Gosney, a password expert at Stricture Consulting Group , said he cracked more than 90 percent of the passwords and found almost 3,000 had links to Zoosk. The cracked passcodes included phrases such as “logmein2zoosk,” “zoosk password,” “myzooskpass,” “@zoosk,” “zoosk4me,” “ilovezoosk,” “flirtzoosk,” “zooskmail.” Other passwords contained strings such as “flirt,” “lookingforlove,” “lookingforguys,” and “lookingforsex,” another indication that they were used to access accounts at one or more dating websites. Many users choose passwords containing names, phrases, or topics related to the specific website or generic type of service they’re used to access. In December, Ars profiled a 25-GPU cluster system Gosney built that’s capable of trying every possible Windows passcode in the typical enterprise in less than six hours. . Read 6 remaining paragraphs | Comments
Originally posted here:
Dating site Zoosk resets some user accounts following password dump (Updated)