Tag: portfolio-cond

Critical Microsoft, Adobe, and Oracle updates: Like dental floss for your PC

drueckert.com I was still wiping the sleep from my eyes this morning when the nagging voice kicked in: before trawling the Internet for news, you better install yesterday’s security updates. It wasn’t a pleasant thought, given the raft of patches released yesterday by Microsoft, Adobe, and Oracle for a variety of products. But as someone who has covered computer security for eight years, I’ve come to make updating a top priority. And for good reason. A large percentage of the booby-trapped websites that surreptitiously install malware on visitors’ machines exploit vulnerabilities that have already been patched. The recent hack on Yahoo’s ad network , for instance, targeted two security flaws in the Java software framework that Oracle had fixed 17 and 24 months ago, Trend Micro reported in a blog post . Those who visited compromised Yahoo servers with up-to-date systems were immune to those attacks. By contrast, people using unpatched software were exposed to malicious payloads that installed the Dorkbot and Gamarue trojans, as well as malware that turned visitors’ machines into Bitcoin miners. Read 5 remaining paragraphs | Comments

See the original post:
Critical Microsoft, Adobe, and Oracle updates: Like dental floss for your PC

New DoS attacks taking down game sites deliver crippling 100Gbps floods

Online gamers such as these ones often stream their play in real time. Twitch Recent denial-of-service attacks taking down League of Legends and other popular gaming services are doing more than just wielding a never-before-seen technique to vastly amplify the amount of junk traffic directed at targets. In at least some cases, their devastating effects can deprive celebrity game players of huge amounts of money. As Ars reported last week, the attacks are abusing the Internet’s Network Time Protocol (NTP), which is used to synchronize computers to within a few milliseconds of Coordinated Universal Time . A command of just 234 bytes is enough to cause some NTP servers to return a list of up to 600 machines that have previously used its time-syncing service. The dynamic creates an ideal condition for DoS attacks. Attackers send a modest-sized request to NTP servers and manipulate the commands to make them appear as if they came from one of the targeted gaming services. The NTP servers, which may be located in dozens or even hundreds of locations all over the world, in turn send the targets responses that could be tens or hundreds of times bigger than the spoofed request. The technique floods gaming servers with as much as 100Gbps, all but guaranteeing that they’ll be taken down unless operators take specific precautions ahead of time. Among the targets of this new type of attack are game servers used by celebrity players who broadcast live video streams of their gaming prowess that are viewed as many as 50,000 times. In some cases, the massive audiences translate into tens of thousands of dollars per month, as ads are displayed beside video feeds of the players blowing away opponents in Dota 2 and other games. Read 8 remaining paragraphs | Comments

Excerpt from:
New DoS attacks taking down game sites deliver crippling 100Gbps floods

DoS attacks that took down big game sites abused Web’s time-sync protocol

69 percent of all DDoS attack traffic by bit volume in the first week of January was the result of NTP reflection. Black Lotus Miscreants who earlier this week took down servers for League of Legends, EA.com, and other online game services used a never-before-seen technique that vastly amplified the amount of junk traffic directed at denial-of-service targets. Rather than directly flooding the targeted services with torrents of data, an attack group calling itself DERP Trolling sent much smaller-sized data requests to time-synchronization servers running the Network Time Protocol (NTP). By manipulating the requests to make them appear as if they originated from one of the gaming sites, the attackers were able to vastly amplify the firepower at their disposal. A spoofed request containing eight bytes will typically result in a 468-byte response to victim, an increase of more than 58 fold. “Prior to December, an NTP attack was almost unheard of because if there was one it wasn’t worth talking about,” Shawn Marck, CEO of DoS-mitigation service Black Lotus , told Ars. “It was so tiny it never showed up in the major reports. What we’re witnessing is a shift in methodology.” Read 4 remaining paragraphs | Comments

More:
DoS attacks that took down big game sites abused Web’s time-sync protocol

Imagination Technologies boosts GPU speeds by 50 percent with Series 6XT

Imagination Technologies While most companies are withholding their big phone and tablet-related news until Mobile World Congress next month, this year’s CES is shaping up to be a busy one for mobile chip designers. Nvidia unveiled the latest version of its Tegra SoC last night, and this morning Imagination Technologies took the wraps off of some new graphics IP for mobile chips. There are two new designs being announced today, both relatives to the PowerVR Series 6 GPUs that are beginning to ship in phones and tablets today. At the top-end is the new PowerVR Series 6XT , which promises a 50 percent performance improvement and better power consumption compared to Series 6. These improvements come entirely from architectural optimizations, not more execution resources—the new GX6250, GX6450, and GX6460 parts use two, four, and six of Imagination’s “computer clusters,” the same number available in Series 6 GPUs. There’s also a GX6240 part, which uses two clusters but is “area-optimized” to take up less space in an SoC die. Like Series 6, Series 6XT supports DirectX 10, OpenGL ES 3.0 , and OpenCL 1.x on the API side. The Series 6XT GPU. The other GPU design being announced today is the Series 6XE series, which are being targeted to especially inexpensive or small SoCs. The G6050 and G6060 are both “half-cluster” parts—the two chips are identical aside from the G6060’s PVIRC2 lossless image compression support. The G6100 and G6110 are single cluster parts, again differentiated by PVIRC2 support in the G6110. The GPUs support only DirectX 9 shader model 3, a step down from the Series 6 and Series 6XT parts, but still support OpenGL ES 3.0 and OpenCL 1.x. Read 1 remaining paragraphs | Comments

Continue Reading:
Imagination Technologies boosts GPU speeds by 50 percent with Series 6XT

AT&T turns data caps into profits with new fees for content providers

Aurich Lawson / Thinkstock AT&T today confirmed a long-rumored plan to monetize wireless data caps by charging content providers for the right to serve up video and other media without chewing up consumers’ monthly data limits. Sometimes called 1-800-DATA, AT&T billed the plan as “a new way for eligible 4G customers to enjoy mobile content and apps over AT&T’s wireless network without impacting their monthly wireless data plan.” Basically, the price of data is being charged to content providers instead of consumers. The rates for consumers and business will be similar. “We will offer AT&T Sponsored Data providers a wide range of options,” an AT&T spokesperson told Ars. “Customers will be billed according to usage, with costs varying by amounts of usage. Rates are comparable to consumer rates.” Read 15 remaining paragraphs | Comments

See the original post:
AT&T turns data caps into profits with new fees for content providers

Putting Windows and Android on the same PC doesn’t solve anyone’s problems

PC makers at CES may announce Windows PCs that run Android apps. But should you do something just because you can? Andrew Cunningham CES begins in just a few short days, but rumors about what we’ll be seeing there are already in full-swing. It’s a fair bet that the usual suspects will show up—phones, tablets, PCs, maybe even a Linux-powered gun or two—but the things that stick out usually end up being the Flavors of the Year. These are often technologies that are cool in theory but fail to light the world on fire in practice. Netbooks, 3D TVs, and the first run of Android tablets are all members of this illustrious group, and so far baubles like 4K TVs and smartwatches look like worthy heirs to the throne. One such upcoming flavor, according to a report from The Verge , is an Intel-backed initiative that combines Windows 8.1 and Android on the same device. Rather than combine an Android tablet with a Windows PC like Asus’ Transformer Book Trio , these computers will seamlessly run Android apps within a Windows environment, probably by way of a virtualization layer like Bluestacks . This idea is in no way new, though the report suggests that a larger push is imminent. The initiative makes some sense for Intel and the OEMs. For Intel, it’s a way to offer tablet makers something that they can’t get from ARM chips like those from Qualcomm or Nvidia: the ability to provide full Windows 8.1 app compatibility combined with Android app compatibility. For the OEMs, it’s (theoretically) a way to patch gaps in Windows 8.1’s improving-but-spotty app store by giving consumers Android tablet apps that they (theoretically) know and love. Read 7 remaining paragraphs | Comments

Follow this link:
Putting Windows and Android on the same PC doesn’t solve anyone’s problems

Windows 8.x breaks 10 percent, Internet Explorer 11 makes a splash

Net Market Share In 2013, Internet Explorer reversed some of its historic losses, Google released of Chrome for Android, and Windows 8 surpassed OS X and Windows Vista to become the third most widely used desktop operating system. Net Market Share Net Market Share Compared to last month, Internet Explorer actually fell slightly, declining by 0.45 points. Firefox, Safari, and Opera also fell, down 0.19, 0.08, and 0.06 points, respectively. The month’s winner was Chrome, which picked up 0.78 points. Over the course of the entire year, Internet Explorer was up 3.14 points on 2012. Firefox was down 1.47 points. Chrome was also down by 1.82 points. Safari rose 0.58 points. Read 9 remaining paragraphs | Comments

Read this article:
Windows 8.x breaks 10 percent, Internet Explorer 11 makes a splash

GOG’s managing director: Gamer resistance to DRM is stronger than ever

GOG.com’s Guillaume Rambourg giving Jenga advice. Digital games distribution site GOG (Good Old Games) has spent the last five years offering classic videogame titles DRM-free to its customers. Earlier in 2013, the site launched an indie publishing platform which allowed independent developers to submit their games for sale through GOG—an alternative to Steam’s contentious Greenlight initiative . Wired.co.uk spoke to Guillaume Rambourg, managing director of GOG.com, to discuss DRM, anti-sales, and why exactly the site was offering the original Fallout games free of charge. Wired.co.uk: What was the story behind setting up the GOG.com website? Rambourg: It all began in the mid-90s, when friends Marcin Iwinski and Michal Kicinski started their business as retail distributors in Poland. Back then, Poland was a very highly pirated market, with most gamers using outdated hardware and not having too much money to spend on games. That’s a tough market to break into: one where people aren’t used to paying for games. Read 32 remaining paragraphs | Comments

Read the original:
GOG’s managing director: Gamer resistance to DRM is stronger than ever

Wii U gamepad hacked, reverse engineered to stream from a PC

Reverse engineering the Wii U gamepad was non-trivial. libdrc The Wii U’s tablet controller isn’t moving as many consoles as Nintendo might like, but the technology itself is still interesting enough to draw the attention of the hacker community. Engadget reports that the libdrc team gave a presentation at the Chaos Communication Congress explaining how it managed to hack the Wii U’s gamepad to communicate with and stream content from a standard Linux PC. The full talk is available in video form here . The 64-slide deck describes the many, many hoops the team had to jump through to get the gamepad working—dumping the gamepad’s firmware helped the team reverse-engineer the Wi-Fi encryption system, at which point the team also needed to reverse-engineer the protocols Nintendo is using to stream video, audio, and input data. The team included a screenshot of an emulated  Final Fantasy VII  in its deck to prove that the software works and was also able to get the GameCube version of The Legend of Zelda:  Wind Waker working live onstage. While the project is, at this point, “very buggy” and “not meant for end users,” the team thinks that the project is “a good prototype that can be improved on.” The team also wants to add the ability to pair other tablets with the Wii U, to port the project to Windows and to OS X, and to make it possible to stream things to the gamepad over the Internet. It may be some time before the layperson can take advantage of the libdrc team’s work, but even as an early alpha the project is an interesting proof-of-concept. Read on Ars Technica | Comments

View article:
Wii U gamepad hacked, reverse engineered to stream from a PC

Game of Thrones illegal downloads exceed TV viewers for second year

The most-torrented shows of 2013, according to Torrent Freak. Torrent Freak Game of Thrones again turned out to be the most-pirated TV show of 2013, according to a report from Torrent Freak. The show was downloaded an estimated 5.9 million times, besting its proportion of conventional television viewers, which clocks in at 5.5 million. That is a 37 percent increase from 2012, when Torrent Freak estimated Game of Thrones was downloaded 4.28 million times. As the New York Times points out , illegal downloads grew about 10 percent in 2013, with 327 million unique users navigating 13.9 billion webpages that handle pirated movies and TV. The shows Breaking Bad, The Walking Dead, The Big Bang Theory , and Dexter contributed another 14.3 million downloads between them. 2013 also saw plenty of industry leaders endorsing illegal downloading in one way or another. Game of Thrones director David Petrarca said the show thrives on “cultural buzz” in part generated by pirates; Time Warner CEO Jeff Bewkes said that Game of Thrones ’ status as the most pirated show was “ better than an Emmy ;” Netflix stated that it uses piracy statistics to determine what types of shows to produce or license; Breaking Bad creator Vince Gilligan said piracy ” helped… in terms of brand awareness .” The Walking Dead executive producer Gale Ann Hurd disagreed , calling the idea that piracy does good for content a “mistaken belief” and saying the activity is not something “we should encourage.” Read 1 remaining paragraphs | Comments

Read More:
Game of Thrones illegal downloads exceed TV viewers for second year