hash – Page 12 – Tech Today w/ Ken May

Vast, uncharted viral world discovered on human skin

A transmission electron microscopy image of a bunch of bacteriophages. (credit: ZEISS Microscopy/Flickr ) In the microbial metropolises that thrive in and on the human body, underground networks of viruses loom large. A closer look at human skin has found that it’s teeming with viruses, most of which don’t target us but infect the microbes that live there. Almost 95 percent of those skin-dwelling virus communities are unclassified, researchers report in mBio . Those unknown viruses may prune, manipulate, and hide out in the skin’s bacterial communities, which in turn can make the difference between human health and disease. The finding highlights how much scientists still have to learn about the microscopic affairs that steer human welfare. Past attempts to unmask the viruses on the human body have been hindered by technical difficulties. Viral genomes are much smaller than those of bacteria, making them hard to identify and sift from contamination. In the new study, researchers at the University of Pennsylvania used an advanced method to specifically isolate the DNA of virus-like particles from skin swabs. The researchers also screened viral DNA found on swabs that never touched human skin, allowing them to quickly identify and toss contaminating viruses from their analysis. Read 5 remaining paragraphs | Comments

How to use Tor Messenger, the most secure chat program around

(credit: Samuel Huron ) On Thursday, the Tor Project released its first public beta of Tor Messenger , an easy-to-use, unified chat app that has security and cryptography baked in. If you care about digital security, you should ditch whatever chat program you’re using and switch to it right now. The app is specifically designed to protect location and routing information ( by using Tor ) and chat data in transit (by using the open source Off-The-Record, or OTR, protocol ). For anyone who has used a similar app (like Pidgin or Adium), Tor Messenger’s interface will be fairly self-explanatory, but there are two notable quirks. First, by default, it will not allow you to send messages to someone who doesn’t support OTR—but there is an option to disable that feature. (We’ll get to that in a minute.) Second, unlike Pidgin or Adium, Tor Messenger cannot log chats, which is handy if you’re privacy-minded. Read 17 remaining paragraphs | Comments

Read the article:
How to use Tor Messenger, the most secure chat program around

Low-cost IMSI catcher for 4G/LTE networks tracks phone’s precise locations

Enlarge (credit: Shaik, et al. ) Researchers have devised a low-cost way to discover the precise location of smartphones using the latest LTE standard for mobile networks , a feat that shatters widely held perceptions that it’s immune to the types of attacks that targeted earlier specifications. The attacks target the LTE specification , which is expected to have a user base of about 1.37 billion people by the end of the year. They require about $1,400 worth of hardware that run freely available open-source software. The equipment can cause all LTE-compliant phones to leak their location to within a 32- to 64-foot (about 10 to 20 meter) radius and in some cases their GPS coordinates, although such attacks may be detected by savvy phone users. A separate method that’s almost impossible to detect teases out locations to within an area of roughly one square mile in an urban setting. The researchers have devised a separate class of attacks that causes phones to lose connections to LTE networks, a scenario that could be exploited to silently downgrade devices to the less secure 2G and 3G mobile specifications. The 2G, or GSM, protocol has long been known to be susceptible to man-in-the-middle attacks using a form of fake base station known as an IMSI catcher (like the Stingray). 2G networks are also vulnerable to attacks that reveal a phone’s location within about 0.6 square mile . 3G phones suffer from a similar tracking flaw . The new attacks, described in a research paper published Monday, are believed to be the first to target LTE networks, which have been widely viewed as more secure than their predecessors. Read 12 remaining paragraphs | Comments

See original article:
Low-cost IMSI catcher for 4G/LTE networks tracks phone’s precise locations

US regulators grant DMCA exemption legalizing vehicle software tinkering

(credit: Jerk Alert Productions ) Every three years, the Librarian of Congress issues new rules on Digital Millennium Copyright Act exemptions. Acting Librarian David Mao, in an order (PDF) released Thursday, authorized the public to tinker with software in vehicles for “good faith security research” and for “lawful modification.” The decision comes in the wake of the Volkswagen scandal, in which the German automaker baked bogus code into its software that enabled the automaker’s diesel vehicles to reduce pollutants below acceptable levels during emissions tests. “I am glad they granted these exemptions,” Sherwin Siy, said vice president for legal affairs for Public Knowledge in Washington, DC. “I am not glad it was necessary for them to do so in the first place.” Read 2 remaining paragraphs | Comments

First ever online-only NFL game draws over 15 million viewers

(credit: Jaguars.com ) Over the weekend, the NFL and Yahoo streamed the first ever online-only NFL game , a Bills/Jaguars matchup in London. The game was mostly seen as an experiment for the NFL to test the viability of online distribution for a football game. Yahoo seems happy with the turnout, trumpeting 15.2 million unique viewers and 33.6 million total views for the game. The site also claims 33 percent of the streams came from international users. As Deadspin notes, the numbers were seriously pumped up by Yahoo thanks to auto-playing streams on the Yahoo and Tumblr homepages. Anyone who visited either high-traffic homepage counted as a viewer for the game. Still, Yahoo notes that “460 million total minutes” of the game were streamed, which means that each of the 15.2 million viewers hung around for an average of 30 minutes. When the Yahoo/NFL deal was announced, a CNN Money report said that Yahoo paid “at least $10 million” for the rights to the game. The game was available for free online, supported only by advertising. Yahoo promised advertisers 3.5 million viewers in the United States, so things seem to have gone better than expected. Read 4 remaining paragraphs | Comments

See the original article here:
First ever online-only NFL game draws over 15 million viewers

Joomla bug puts millions of websites at risk of remote takeover hacks

Enlarge / Here’s the control panel hackers can access by exploiting a just-patched Joomla vulnerability. (credit: Spiderlabs) Millions of websites used in e-commerce and other sensitive industries are vulnerable to remote take-over hacks made possible by a critical vulnerability that has affected the Joomla content management system for almost two years. The SQL-injection vulnerability was patched by Joomla on Thursday with the release of version 3.4.5 . The vulnerability, which allows attackers to execute malicious code on servers running Joomla, was first introduced in version 3.2 released in early November 2013. Joomla is used by an estimated 2.8 million websites. “Because the vulnerability is found in a core module that doesn’t require any extensions, all websites that use Joomla versions 3.2 and above are vulnerable,” Asaf Orpani, a researcher inside Trustwave’s Spiderlabs, wrote in a blog post (the post appears to be offline at the moment, but it was working through most of Friday morning). The vulnerability, and two closely related security flaws, have been cataloged as CVE-2015-7297, CVE-2015-7857, and CVE-2015-7858. Read 4 remaining paragraphs | Comments

Original post:
Joomla bug puts millions of websites at risk of remote takeover hacks

Prison phone companies fight for right to charge inmates $14 a minute

(credit: Jason Farrar ) The Federal Communications Commission is about to face another lawsuit, this time over a vote to cap the prices prisoners pay for phone calls. Yesterday’s vote came after complaints that inmate-calling companies are overcharging prisoners, their families, and attorneys. Saying the price of calls sometimes hits $14 per minute, the FCC has now capped rates at 11¢ per minute. “None of us would consider ever paying $500 a month for a voice-only service where calls are dropped for seemingly no reason, where fees and commissions could be as high at 60 percent per call and, if we are not careful, where a four-minute call could cost us a whopping $54,” FCC Commissioner Mignon Clyburn said before yesterday’s vote. Read 16 remaining paragraphs | Comments

Couple sues Pandora and SiriusXM over copyright in pre-1972 songs

(credit: Getty Images) An Illinois couple who owned several recording companies specializing in doo-wop, jazz, and rhythm and blues have filed suit against the major satellite and Internet radio companies over their playing of pre-1972 songs. It’s the third lawsuit that highlights how the patchwork of state copyright laws over older music is putting a drag on Internet radio—sound recordings made before 1972 aren’t protected by federal copyright but are protected by many states. On Monday, Arthur and Barbara Sheridan filed two lawsuits in New Jersey federal court: one against Pandora and Sirius XM (PDF) and another against iHeartMedia (PDF), the parent company of online music service iHeartRadio. Their lawsuits seek class action status, looking to represent owners of pre-1972 songs. The companies have derived “significant benefits,” including “millions of dollars in annual revenue,” by playing those songs without permission, the suit alleges. “The Pre-1972 Recordings, when created, were the novel product of mental labor embodied in material form,” the complaint against Sirius and Pandora states. “Plaintiffs and the Misappropriation Class thus have property rights in them as recognized by New Jersey common law.” Read 4 remaining paragraphs | Comments

More here:
Couple sues Pandora and SiriusXM over copyright in pre-1972 songs

iOS 9.1 release lays groundwork for upcoming Apple TV and iPad Pro

The upcoming iPad Pro will require iOS 9.1 (credit: Andrew Cunningham) Apple has just released iOS 9.1, the first major update to iOS 9 and the third update overall since the OS came out in September. It’s available as an over-the-air download or through iTunes for everything that supports iOS 9: the iPhone 4S or newer, the iPad 2 or newer, all flavors of the iPad Mini, and the fifth- and sixth-generation iPod Touches. The change you’ll notice the most if you do a bunch of texting is that Apple has implemented a bunch of new emoji, mostly from the Unicode 7.0 and 8.0 specs but with a few from earlier specifications mixed in. Tacos, burritos, and extended middle fingers are just a few of the additions you’ll find to the emoji keyboard, which needs a decent search function now more than ever. iOS 9.1 also lays the groundwork for some other iOS devices that are launching soon. One is the new Apple TV, which ships with the iOS-based “tvOS.” The other is the iPad Pro, which brings with it support for the Apple Pencil and its Smart Keyboard cover. The Apple TV ships next week , while the iPad Pro is due sometime in November. Read 2 remaining paragraphs | Comments

Read the article:
iOS 9.1 release lays groundwork for upcoming Apple TV and iPad Pro

Support scams that plagued Windows users for years now target Mac customers

Enlarge (credit: Malwarebytes) For years, scammers claiming that they’re “calling from Windows” have dialed up Microsoft customers and done their best to trick them into parting with their money or installing malicious wares. Now, the swindlers are turning their sights on Mac users. Researchers at antivirus provider Malwarebytes spotted a Web-based campaign that attempts to trick OS X and iOS users into thinking there’s something wrong with their devices . The ruse starts with a pop-up window that’s designed to look like an official OS notification. “Critical Security Warning!” it says. “Your Device (iPad, iPod, iPhone) is infected with a malicious adward [sic] attack.” It goes on to provide a phone number people can call to receive tech support. The site ara-apple.com is designed to masquerade as https://ara.apple.com/ , Apple’s official remote technical support page. People who are experiencing problems with their Macs can go there to get an official Apple tech support provider to remotely access the person’s computer desktop. Ara-apple provides links to the remote programs the supposed technician will use to log in to targets’ Macs. Read 1 remaining paragraphs | Comments

Read this article:
Support scams that plagued Windows users for years now target Mac customers