golf – Page 77 – Tech Today w/ Ken May

Anonymous sets sights on an old enemy—the Westboro Baptist Church

That link? It leads to a survey entitled, “Interactive Butthurt Report v. 2.0.” Nothing is beneath the Westboro Baptist Church, as evidenced by the group’s announcement to picket outside Sandy Hook Elementary School in wake of the recent tragedy. The group’s most recent, perhaps most deplorable decision has apparently irked one of its oldest enemies : infamous hacker collective Anonymous. In response to the WBC’s plans early today, Anonymous tweeted , “It’s so nice of #WBC to provide the internet with a list of their twitter handles…” Roughly one hour later, they revealed their plans for the WBC : “#WBC GodHatesFags Site Admin gets #DOX’d via: Anonymous.” DOX, of course, refers to the work Anonymous did to find and publish a list of WBC members complete with e-mails, phone numbers, and even home addresses—all for the adoring public to access. In addition to the DOXing, Anonymous has repeatedly promoted a whitehouse.org petition to have the WBC recognized legally as a hate-group . The petition was created on Friday and it has already doubled the required 25,000 signatures. Read 1 remaining paragraphs | Comments

How to bring down mission-critical GPS networks with $2,500

Enlarge / The phase-coherent signal synthesizer with its top cover removed. The $2,500 device can be used to severely disrupt mission-critical GPS equipment used by the military and private industry. Nighswander et al. Scientists have devised a series of novel and inexpensive attacks that can severely disrupt mission-critical global positioning systems relied on by the military and a variety of industrial players, including airlines, mining companies, and operators of hydroelectric plants and other critical infrastructure. Unlike previous GPS attacks, the one developed by a team of scientists from Carnegie Mellon University and a private navigation company exploits software bugs in the underlying receivers. That allows the attacks to be stealthier and more persistent than earlier exploits, which primarily relied on signal jamming and spoofing. Prototype hardware that cost only $2,500 to build is able to cause a wide variety of GPS devices within a 30 mile radius to malfunction. Because many of those devices are nodes on special networks that make GPS signals more precise, the attacks have the effect of disrupting larger systems used in aviation, military, and critical infrastructure. The PCSS, or phase-coherent signal synthesizer, that they developed simultaneously receives and transmits civil GPS signals. It carries out many of the same things done by spoofers used in earlier GPS attacks. But instead of merely providing false information designed to compromise the accuracy of the GPS readings, it includes data that exploits weaknesses in the firmware of nearby receivers, many of which use the Internet to share their readings with other machines. The success of the PCSS is the result of an almost complete lack of authentication in the devices that send and receive GPS signals. Read 11 remaining paragraphs | Comments

View article:
How to bring down mission-critical GPS networks with $2,500

Sprint offers $2.1 billion to acquire the rest of Clearwire

As most observers expected , Sprint has finally made a formal offer to acquire the rest of Clearwire. On Thursday, Sprint said it would pay $2.1 billion for the remaining 49.7 percent of Clearwire that it does not currently control. As we reported yesterday , the move is widely seen as a play for Sprint to acquire Clearwire’s valuable 2.5 GHz spectrum, which it would use to offer LTE and strengthen its position against Verizon and AT&T. The bid works out to $2.90 per share—higher than the company’s closing price on Wednesday—but analysts say the offer may not be good enough. Read 2 remaining paragraphs | Comments

Continue Reading:
Sprint offers $2.1 billion to acquire the rest of Clearwire

FBI snares $850 million Butterfly botnet ring with help of Facebook

On Tuesday, the FBI announced that it had arrested ten people connected to a botnet that had spread through Facebook. Spread by a virus targeting Facebook users, the botnet caused over $850 million in losses to financial institutions, infected over 11 million computers, and stole credit card and bank account data. The botnet itself was shut down in October, according to an FBI statement. This is the second major outbreak of botnets based on the Butterfly (aka Mariposa) bot tool. The first incarnation, discovered in December 2008 and shut down a year later, infected over 12 million PCs worldwide and was spread primarily through file-sharing and instant messaging attacks. It also harvested financial information from over 800,000 victims. In the latest incarnation of Butterfly, the botnet spread itself using variants of Yahos, a virus that spreads itself by sending links via social networks and instant messaging. Victims clicked on the link, launching Yahos’ attack. The malware, which in some variants disguised itself as an NVIDIA video driver , then downloaded and installed the botnet controls and browser exploits that captured users’ credit card and bank account information. The spread of viruses like Yahos prompted Facebook to partner with McAfee in 2010 to provide tools to users to clean infected systems. Read 1 remaining paragraphs | Comments

View article:
FBI snares $850 million Butterfly botnet ring with help of Facebook

Why Gmail went down: Google misconfigured load balancing servers

Portions of the Internet panicked yesterday when Gmail was hit by an outage that lasted for an agonizing 18 minutes . The outage coincided with reports of Google’s Chrome browser crashing. It turns out the culprit was a faulty load balancing change that affected products including Chrome’s sync service, which allows users to sync bookmarks and other browser settings across multiple computers and mobile devices. Ultimately, it was human error. Google engineer Tim Steele explained the problem’s origins in a developer forum : Chrome Sync Server relies on a backend infrastructure component to enforce quotas on per-datatype sync traffic. That quota service experienced traffic problems today due to a faulty load balancing configuration change. That change was to a core piece of infrastructure that many services at Google depend on. This means other services may have been affected at the same time, leading to the confounding original title of this bug [which referred to Gmail]. Because of the quota service failure, Chrome Sync Servers reacted too conservatively by telling clients to throttle “all” data types, without accounting for the fact that not all client versions support all data types. The crash is due to faulty logic responsible for handling “throttled” data types on the client when the data types are unrecognized. If the Chrome sync service had gone down entirely, the Chrome browser crashes would not have occurred, it turns out. “In fact this crash would *not* happen if the sync server itself was unreachable,” Steele wrote. “It’s due to a backend service that sync servers depend on becoming overwhelmed, and sync servers responding to that by telling all clients to throttle all data types (including data types that the client may not understand yet).” Read 4 remaining paragraphs | Comments

FCC and mobile carriers commit to nationwide text-to-911 by May 2014

It seems almost stupid that it’s nearly 2013 and we’re still unable to communicate with our emergency services in any way other than picking up the phone and calling them. We can certainly imagine situations where you’d want to be able to send a quick text message to local police. The US is a bit behind here—British mobile phone users have had access to EmergencySMS since 2009. For years, we’ve been covering the slow ascent of text-to-911 . But now, the Federal Communications Commission says that the nation’s Big Four mobile carriers have agreed to “accelerate” text-to-911 capabilities for debut in 2013, with a nationwide deployment by May 15, 2014. “Building on text-to-911 deployments and trials that are already underway, this agreement will accelerate progress and ensure that over 90 percent of the nation’s wireless consumers, including millions of consumers with hearing or speech disabilities, will be able to access emergency services by sending a text message to 911, where local 911 call centers (known as a Public Safety Answering Points, or PSAPs) are also prepared to receive the texts,” the FCC said in a statement Thursday. Read 1 remaining paragraphs | Comments

Continue reading here:
FCC and mobile carriers commit to nationwide text-to-911 by May 2014

iTunes (temporarily) serves porn images to Russian users

iTunes users in Russia got an eyeful on Wednesday (hat tip to Wired ) when a newly released version of the app displayed graphic images of porn instead of the foreign films they were expecting. The bug, reported to be present in the iTunes Store shown to users in Russia, is most likely the result of images that were linked to xxx.xxx. Security experts speculate it was an oversight by Apple developers, who put the address in as a placeholder and then forgot to revise it. The site happens to be the official search directory for domains that carry the .xxx top level domain, which was created last year. As a result, the iTunes section briefly featured a smorgasbord of pornographic images. Apple quickly fixed the mishap, but has yet to explain how it happened. Read on Ars Technica | Comments

See the original post:
iTunes (temporarily) serves porn images to Russian users

How Windows tech support scammers walked right into a trap set by the feds

Aurich Lawson Three weeks ago, Jack Friedman got a call from a man with an Indian accent claiming to be from the Windows technical team at Microsoft. Friedman, a Florida resident who is my friend Elliot’s grandfather, was told by “Nathan James” from Windows that he needed to renew his software protection license to keep his computer running smoothly. “He said I had a problem with my Microsoft system,” Friedman told me. “He said they had a deal for $99, they would straighten out my computer and it will be like brand new.” Friedman’s three-year-old Windows Vista computer was running a bit slow, as many PCs do. Friedman is often suspicious of unsolicited calls, but after talking with Nathan on the phone and exchanging e-mails, he says, “I figured he was a legitimate guy.” Friedman handed over his Capital One credit card number, and the “technician” used remote PC support software to root around his computer for a while, supposedly fixing whatever was wrong with it. “I could see my arrow going all over the place and clicking different things on my computer,” Friedman said. But that $99 Capital One credit card charge turned into a $495 wire transfer. Then Bank of America’s fraud department called Friedman, and said, “somebody is trying to get into your account.” Whoever it was had entered the wrong password multiple times, and as a precaution Friedman’s checking account was shut down. Read 35 remaining paragraphs | Comments

More:
How Windows tech support scammers walked right into a trap set by the feds

Sophisticated botnet steals more than $47M by infecting PCs and phones

Behold—the Eurograbber, visualized. Aurich Lawson / Thinkstock A new version of the Zeus trojan—a longtime favorite of criminals conducting online financial fraud—has been used in attacks on over 30,000 electronic banking customers in Europe, infecting both their personal computers and smartphones. The sophisticated attack is designed to circumvent banks’ use of two-factor authentication for transactions by intercepting messages sent by the bank to victims’ mobile phones. The malware and botnet system, dubbed “Eurograbber” by security researchers from Check Point Software and Versafe, was first detected in Italy earlier this year. It has since spread throughout Europe. Eurograbber is responsible for more than $47 million in fraudulent transfers from victims’ bank accounts, stealing amounts from individual victims that range from 500 Euros (about $650) to 25,000 Euros (about $32,000), according to a report published Wednesday (PDF) . The malware attack begins when a victim clicks on a malicious link, possibly sent as part of a phishing attack. Clicking on the link directs them to a site that attempts to download one or more trojans: customized versions of Zeus and its SpyEye and CarBerp variants that allow attackers to record Web visits and then inject HTML and JavaScript into the victim’s browser. The next time the victim visits their bank website, the trojans capture their credentials and launch a JavaScript that spoofs a request for a “security upgrade” from the site, offering to protect their mobile device from attack. The JavaScript captures their phone number and their mobile operating system information—which are used in the second level of Eurograbber’s attack. Read 3 remaining paragraphs | Comments

Visit site:
Sophisticated botnet steals more than $47M by infecting PCs and phones

Windows 8 takes 1 percent of Web usage as Internet Explorer gains

Enlarge Net Marketshare November saw Firefox climb back up above 20 percent, Internet Explorer grow further still, and Chrome apparently suffer a surprisingly sharp drop. Enlarge Net Marketshare Enlarge Net Marketshare Internet Explorer was up 0.63 points at 54.76 percent, its highest level since October 2011. Firefox was up 0.45 points to 20.44 percent, all but erasing the last six month’s losses. Chrome, surprisingly, was down a whopping 1.31 points to 17.24 percent, its lowest level since September 2011. We’ve asked Net Applications, the source we use for browser market share data, if it has made any change in its data collection that might account for this large Chrome drop. The company attributed this in part to the exclusion of Chrome’s pre-rendering data. It estimates that 11.1 percent of all Chrome pageviews are a result of pre-rendering (where Chrome renders pages that aren’t currently visible just in case the user wants to see them) and accordingly excluded this from its figures. Read 4 remaining paragraphs | Comments

View the original here:
Windows 8 takes 1 percent of Web usage as Internet Explorer gains