Tag: internet

Employee Outsourced Programming Job To China, Spent Days Websurfing

New submitter kju writes “The security blog of Verizon has the story of an investigation into unauthorized VPN access from China which led to unexpected findings. Investigators found invoices from a Chinese contractor who had actually done the work of the employee, who spent the day watching cat videos and visiting eBay and Facebook. The man had Fedexed his RSA token to the contractor and paid only about 1/5th of his income for the contracting service. Because he provided clean code on time, he was noted in his performance reviews to be the best programmer in the building. According to the article, the man had similar scams running with other companies.” Read more of this story at Slashdot.

View original post here:
Employee Outsourced Programming Job To China, Spent Days Websurfing

Quickly Multiply Big Numbers the Japanese Way

Japanese kids learn to multiply with a completely different method than the one kids in the US do. The Japanese math voodoo/magic is more of a visual technique where you draw lines and count the intersections. More »

See more here:
Quickly Multiply Big Numbers the Japanese Way

We’ve Known Texting Was Going to Destroy Conversation for Over a Century

If you’ve ever thought “man, texting is really ruining verbal communication” stop right now, before you start feeling like you’ve had an original thought. People were thinking the same thing about the telegraph in 1906 . Then again, depending on who you are, maybe it’s an improvement. [ Kip W via Buzzfeed ] More »

See more here:
We’ve Known Texting Was Going to Destroy Conversation for Over a Century

Remote Linksys 0-Day Root Exploit Uncovered

Orome1 writes “DefenseCode researchers have uncovered a remote root access vulnerability in the default installation of Linksys routers. They contacted Cisco and shared a detailed vulnerability description along with the PoC exploit for the vulnerability. Cisco claimed that the vulnerability was already fixed in the latest firmware release, which turned out to be incorrect. The latest Linksys firmware (4.30.14) and all previous versions are still vulnerable.” Read more of this story at Slashdot.

Read More:
Remote Linksys 0-Day Root Exploit Uncovered

Graphene Can Clean Radioactive Water By Clumping Up Toxins Like Magic

The wonders of graphene never seem to cease. Desalinization , flexible semiconductors , and now nuclear waste clean-up. It turns out graphene-oxide is fantastic for clumping up around radioactive waste making it easier to get rid of the stuff. More »

Continue Reading:
Graphene Can Clean Radioactive Water By Clumping Up Toxins Like Magic

Arnold Schwarzenegger: Great Darth Vader or the Greatest Darth Vader?

No offense to James Earl Jones, but I can’t imagine how anybody could watch the above video of Arnold Schwarzenegger’s little known tryout in the role of Darth Vader, and not see he makes the superior Sith Lord. I mean, it’s not even close. Come on, George. You know you have one more Special Edition left in you before you go. Tell you what — you include this vocal track, and I’ll forgive you for inserting Jar Jar into all the Dagobah scenes, or whatever other nonsense you had planned before we fanboys drove you screaming into retirement. More »

Link:
Arnold Schwarzenegger: Great Darth Vader or the Greatest Darth Vader?

Thousands of SCADA Devices Discovered On the Open Internet

Trailrunner7 writes with news of the continuing poor state of security for industrial control systems. From the article: “Never underestimate what you can do with a healthy list of advanced operator search terms and a beer budget. That’s mostly what comprises the arsenal of two critical infrastructure protection specialists who have spent close to nine months trying to paint a picture of the number of Internet-facing devices linked to critical infrastructure in the United States. It’s not a pretty picture. The duo … have with some help from the Department of Homeland Security (PDF) pared down an initial list of 500,000 devices to 7,200, many of which contain online login interfaces with little more than a default password standing between an attacker and potential havoc. DHS has done outreach to the affected asset owners, yet these tides turn slowly and progress has been slow in remedying many of those weaknesses. …The pair found not only devices used for critical infrastructure such as energy, water and other utilities, but also SCADA devices for HVAC systems, building automation control systems, large mining trucks, traffic control systems, red-light cameras and even crematoriums.” Read more of this story at Slashdot.

More:
Thousands of SCADA Devices Discovered On the Open Internet

Postal Service Pilots ‘Federal Cloud Credential Exchange’

CowboyRobot writes with news about a federal initiative to support federated authentication for government services. From the article: “The U.S. Postal Service will be the guinea pig for a White House-led effort to accelerate government adoption of technologies that allow federal agencies to accept third-party identity credentials for online services. The program involves using services … through standards like OpenID rather than requiring users to create government usernames and passwords. … The federated identity effort, known as the Federal Cloud Credential Exchange, is just one piece of a broader Obama administration online identity initiative: the National Strategy for Trusted Identities in Cyberspace (NSTIC), which aims to catalyze private sector-led development of a secure, digital ‘identity ecosystem’ to better protect identities online. … The Postal Service pilot is but one of several different pilots that are part of NSTIC. There are also three cryptography pilots and two non-cryptographic privacy pilots in the works. Each of those pilots is being carried out by multiple private sector organizations ranging from the Virginia Department of Motor Vehicles to AOL to AARP to Aetna.” Read more of this story at Slashdot.

Original post:
Postal Service Pilots ‘Federal Cloud Credential Exchange’