Tag: gender

Apple releases iOS 7.1.2 with iBeacon, mail attachment encryption fixes

Andrew Cunningham Apple today released iOS 7.1.2, the second minor update to iOS 7.1 . The list of changes is short and focused mainly on minor bugs—it “improves iBeacon connectivity and stability,” patches a security hold whereby at-rest e-mail attachments could be accessed by an attacker if he or she had physical access to your phone, and fixes a problem with data transfers from accessories “including barcode scanners.” The e-mail attachment bug is probably the most important thing addressed by the update—it was reported widely back in April when Andreas Kurtz wrote about it on his blog . Kurtz was able to access e-mail attachments using standard tools on several different iOS devices running versions 7.1.1 and 7.0.4. As part of the iBeacon update, iOS 7.1.2 also re-enables Bluetooth on iOS devices, which we verified on an iPhone 5S by disabling Bluetooth before installing the update. Read 1 remaining paragraphs | Comments

Read the original:
Apple releases iOS 7.1.2 with iBeacon, mail attachment encryption fixes

Verizon Wireless employee stole 900 phones, made $270,000 profit on eBay

A Verizon Wireless account executive who pleaded guilty to stealing more than 900 cell phones and selling them on eBay for a profit of $272,290 was sentenced this week to 27 months in prison. James Hopkins, 35, committed the fraud throughout most of 2009 while working as a business-to-business account executive at a Verizon Wireless branch office in Trevose, PA, according to a criminal complaint. He was charged with mail fraud and sentenced in US District Court in New Jersey, where Verizon is based. “From February through November 2009, Hopkins placed numerous orders for Verizon Wireless cellular telephones, handheld devices and accessories in the names of existing Verizon Wireless customers without their knowledge,” the US Attorney’s office in New Jersey wrote in an announcement. “After arranging for the merchandise to be shipped to the home of a relative in New Jersey, the defendant manipulated Verizon’s computer database to conceal the fraudulent orders and shipments. Hopkins received $328,517 worth of stolen Verizon Wireless merchandise, which he sold on eBay for a profit of $272,290.” That amounts to a profit of about $300 for each stolen phone. Read 2 remaining paragraphs | Comments

More here:
Verizon Wireless employee stole 900 phones, made $270,000 profit on eBay

Burglar logs in to Facebook in victim’s house, forgets to sign off

Nicholas Wig. Dakota County Sheriff’s Office A 27-year-old Minnesota man appears to have violated at least two tenets of the digital age: Never log in to your Facebook account in a stranger’s house you’re burglarizing, and don’t forget to sign off if you do. Such egregious violations have led to the arrest of a South St. Paul man charged with burglary allegations. Nicholas Steven Wig is accused of stealing cash, credit cards, a watch, a checkbook, and other items. When the victim came home last week, he noticed a screen missing from a window and his house in disarray. He also discovered his home computer was open to a Facebook page of one “Nick Dub,” who turned out to be Wig, police said. Read 4 remaining paragraphs | Comments

See the article here:
Burglar logs in to Facebook in victim’s house, forgets to sign off

Running WordPress? Got webshot enabled? Turn it off or you’re toast

A zero-day vulnerability in the popular TimThumb plugin for WordPress leaves many websites vulnerable to exploits that allow unauthorized attackers to execute malicious code, security researchers have warned. The vulnerability, which was disclosed Tuesday on the Full Disclosure mailing list , affects WordPress sites that have TimThumb installed with the webshot option enabled. Fortunately, it is disabled by default, and sites that are hosted on WordPress.com are also not susceptible. Still, at press time, there was no patch for the remote-code execution hole. People who are unsure if their WordPress-enabled site is vulnerable should open the timthumb file inside their theme or plugin directory, search for the text string “WEBSHOT_ENABLED,” and ensure that it’s set to false. When “WEBSHOT_ENABLED” is set to true, attackers can create or delete files and execute a variety of other commands, Daniel Cid, CTO of security firm Sucuri, warned in a blog post published Thursday . He said uploading a file to a vulnerable site was possible using URLs such as the following, where a.txt was the file being created: Read 1 remaining paragraphs | Comments

View original post here:
Running WordPress? Got webshot enabled? Turn it off or you’re toast

Are those lost IRS e-mails “unbelievable”? Not really

Former IRS official Lois Lerner giving testimony to a Congressional committee in 2013. The IRS says it can’t find her e-mails from before 2011. During a hearing held yesterday by the House Oversight Committee, Committee Chairman Darrel Issa said that it was “unbelievable” that the IRS had lost the e-mails of former IRS official Lois Lerner. While Congressman Issa is not generally ignorant on tech issues, he’s clearly not familiar with just how believable such a screw-up is. The IRS claims that many of Lerner’s e-mails were lost when the hard drive on her desktop computer crashed in 2011. In a Monday night hearing, IRS Commissioner John Koskinen told Issa and the Oversight Committee that there was no way to recover these e-mails. “If you have a magical way for me to do that,” he told Issa, “I’d be happy to hear about it.” The IRS is not the only federal agency to lose e-mails over the past few years. In fact, despite efforts at many agencies to standardize and improve e-mail by moving to services like Google Apps for Government and Microsoft Office 365 Government, many agencies still run their e-mail like it’s 1999. It’s not just a technology issue—it’s an IT policy issue, a staffing issue, and a cultural issue within government, one that the federal government shares with many private corporations. Read 12 remaining paragraphs | Comments

View article:
Are those lost IRS e-mails “unbelievable”? Not really

NASA melds vacuum tube tech with silicon to fill the terahertz gap

Vacuum tubes in a guitar amplifier. Shane Gorski The transistor revolutionized the world and made the abundant computing we now rely on a possibility, but before the transistor, there was the vacuum tube. Large, hot, power hungry, and prone to failure, vacuum tubes are a now-forgotten relic of the very earliest days of computing. But there’s a chance that vacuum tube technology could make its way back into computers—albeit without the vacuum—thanks to NASA research that has put together nanoscale “vacuum channel” transistors that can switch at more than 400GHz. Vacuum tubes have three important components: two electrodes—the negative, electron-emitting cathode, and the positive, electron-receiving anode—and a control grid placed between them. The flow of current between the cathode and the anode is controlled by the grid; the higher the voltage applied to the grid, the greater the amount of current that can flow between them. All three parts are housed in an evacuated glass tube or bulb and look somewhat like a kind of overcomplicated light bulb. The thing that made vacuum tubes so hot and power hungry was the cathode. Electrons can be encouraged to cross gaps by using very high voltages, but these tend to be difficult to work with. Instead, a phenomenon called thermionic emission is used—heat a piece of metal up enough, and the thermal energy lets the electrons escape the metal. Vacuum tubes have heating elements to make the cathode hot enough to emit electrons. Read 8 remaining paragraphs | Comments

View post:
NASA melds vacuum tube tech with silicon to fill the terahertz gap

Mint 17 is the perfect place for Linux-ers to wait out Ubuntu uncertainty

The team behind Linux Mint unveiled its latest update this week—Mint 17 using kernel 3.13.0-24, nicknamed “Qiana.” The new release indicates a major change in direction for what has quickly become one of the most popular Linux distros available today. Mint 17 is based on Ubuntu 14.04, and this decision appears to have one major driver.  Consistency.  Like the recently released Ubuntu 14.04, Mint 17 is a Long Term Support Release. That means users can expect support to continue until 2019. But even better, this release marks a change in Mint’s relationship with Ubuntu. Starting with Mint 17 and continuing until 2016, every release of Linux Mint will be built on the same package base—Ubuntu 14.04 LTS. With this stability, instead of working to keep up with whatever changes Ubuntu makes in the next two years, Mint can focus on those things that make it Mint. With major changes on the way for Ubuntu in the next two years, Mint’s decision makes a lot of sense. Not only does it free up the Mint team to focus on its two homegrown desktops (Cinnamon and MATE), but it also spares Mint users the potential bumpy road that is Ubuntu’s future. Read 53 remaining paragraphs | Comments

Original post:
Mint 17 is the perfect place for Linux-ers to wait out Ubuntu uncertainty

Tell a lie, remove the gear: How the NSA covers up when cable taps are found

Der Spiegel via Edward Snowden via NSA Sometimes, the spooks do get caught. German magazine Der Spiegel yesterday revealed a new slide  (PDF) from the Edward Snowden document cache that offers a tantalizing glimpse of what it looks like when someone stumbles on an intelligence agency cable tap. The NSA’s Special Source Operations (SSO) branch isn’t in the business of computer hacking but of cable tapping; its logo shows an eagle flying above the globe and clutching a string of wires in its talons. These taps, each obscured with a codename, are often made deep within the network of telecom providers and often with the cooperation of key executives. But sometimes non-cleared people start raising questions about just what might be going on, as was the case with AT&T whistleblower Mark Klein, who revealed an NSA “secret room” in San Francisco . On March 14, 2013, an SSO weekly briefing included a note regarding such a discovery. The unit had been informed two days earlier that “the access point for WHARPDRIVE was discovered by commercial consortium personnel. Witting partner personnel have removed the evidence and a plausible cover story was provided. All collection has ceased.” Read 2 remaining paragraphs | Comments

See the original post:
Tell a lie, remove the gear: How the NSA covers up when cable taps are found

Undergrad breaks Android crypto ransomware

Early in June, Ars reported the discovery of Android/Simplocker , which appeared to be the first cryptographic ransomware Trojan targeted at Android devices. Simplocker encrypts photos, documents, and videos in devices’ local storage and then instructs the device owner to send money if they ever want to see that content again. One researcher—Simon Bell, an undergraduate student at the University of Sussex—managed to dissect the code for Simplocker. He found that while the code actually called back to a command and control server over the Tor anonymizing network to pass information about the infected device, all of the encryption work was done by the malware itself. Today, Bell released an antidote to Simplocker —a Java program that can decrypt the files attacked by the malware. “The antidote was incredibly easy to create because the ransomware came with both the decryption method and the decryption password,” Bell wrote. “Therefore producing an antidote was more of a copy-and-paste job than anything.” Read 3 remaining paragraphs | Comments

Original post:
Undergrad breaks Android crypto ransomware

Report: Seattle paid $17,500 to boost online reputation of city official

tdlucas5000 A newly-published document shows that Seattle’s publicly-owned electrical utility paid thousands of dollars to Brand.com to manage the online reputation of CEO Jorge Carrasco. The document , which was received and published Saturday by the Seattle Times after a public records request, shows that Brand.com charged City Light $5,000 in December 2013. As the contract states: Read 6 remaining paragraphs | Comments

Excerpt from:
Report: Seattle paid $17,500 to boost online reputation of city official