Tag: privacy-rights

AnandTech snapped up by parent company of Tom’s Hardware and LaptopMag

Purch, Inc. announced  on Wednesday that it had purchased AnandTech.com, ending the site’s 17-year run as an independent publication. Purch also owns a number of other long-running technology sites, including LaptopMag (founded as Laptop Magazine in 1991), Tom’s Hardware (founded 1996), and a handful of other offshoot tech publications. Purch says the acquisition will help it “dominate the tech expert and enthusiast market.” Anand Shimpi, founder and original editor-in-chief of the site, left his post for Apple in late August. Shimpi says he is “happy to see [AnandTech] end up with a partner committed to taking good care of the brand and its readers.” Current Editor-In-Chief Ryan Smith says the site has “grown by leaps and bounds over the past several years” but that it was “nearing what’s possible as an independent company.” Smith goes on to say that Purch values AnandTech’s exhaustive hardware testing and reviews, and that Purch would enable the site to grow “without compromising the quality that made us who we are today.” Under Smith, AnandTech has continued to run reviews of individual PC components and, less frequently, complete consumer products like laptops, phones, and operating systems. While the site misses Shimpi’s voice and expertise (and that of former mobile editor Brian Klug, who also left for Apple this year), its coverage and testing procedures continue to be deep and thorough, and they will hopefully remain that way post-acquisition. Read 1 remaining paragraphs | Comments

Read More:
AnandTech snapped up by parent company of Tom’s Hardware and LaptopMag

ICANN e-mail accounts, zone database breached in spearphishing attack

Unknown attackers used a spearphishing campaign to compromise sensitive systems operated by the Internet Corporation for Assigned Names and Numbers (ICANN), a coup that allowed them to take control of employee e-mail accounts and access personal information of people doing business with the group. ICANN, which oversees the Internet’s address system, said in a release published Tuesday that the breach also gave attackers administrative access to all files stored in its centralized zone data system , as well as the names, postal addresses, e-mail addresses, fax and phone numbers, user names, and cryptographically hashed passwords of account holders who used the system. Domain registries use the database to help manage the current allocation of hundreds of new generic top level domains (gTLDs) currently underway. Attackers also gained unauthorized access to the content management systems of several ICANN blogs. “We believe a ‘spear phishing’ attack was initiated in late November 2014,” Tuesday’s press release stated. “It involved email messages that were crafted to appear to come from our own domain being sent to members of our staff. The attack resulted in the compromise of the email credentials of several ICANN staff members.” Read 4 remaining paragraphs | Comments

Original post:
ICANN e-mail accounts, zone database breached in spearphishing attack

Apple ceases online sales in Russia due to extreme ruble fluctuations

Bloomberg reported on Tuesday that Apple has ceased all online sales in Russia as the country has been unable to keep its currency from fluctuating dramatically. In the last month, Apple had already increased the price of its iPhone 6 in that country by 25 percent due to currency uncertainties. “Our online store in Russia is currently unavailable while we review pricing,” Alan Hely, a spokesman for the Cupertino, California-based company, told Bloomberg. “We apologize to customers for any inconvenience.” It is uncertain when Apple will reinstate its operations in Russia. Bloomberg noted that the Ruble sank 19 percent today, “with a surprise interest-rate increase failing to stem a run on the currency.” At one point during the day, the ruble sank to 80 on the dollar. Read 3 remaining paragraphs | Comments

View the original here:
Apple ceases online sales in Russia due to extreme ruble fluctuations

Cops illegally nailed webcam to utility pole for 6 weeks to spy on house

A federal judge on Monday tossed evidence that was gathered by a webcam—turned on for six weeks—that the authorities nailed to a utility pole 100 yards from a suspected drug dealer’s rural Washington state house. The Justice Department contended that the webcam, with pan-and-zoom capabilities that were operated from afar—was no different from a police officer’s observation from the public right-of-way. The government argued  (PDF): Read 6 remaining paragraphs | Comments

Continued here:
Cops illegally nailed webcam to utility pole for 6 weeks to spy on house

Feds used Adobe Flash to identify Tor users visiting child porn sites

A little more than 16 months ago, word emerged that the FBI exploited a recently patched Firefox vulnerability to unmask Tor users visiting a notorious child pornography site. It turns out that the feds had waged an even broader uncloaking campaign a year earlier by using a long-abandoned part of the open source Metasploit exploit framework to identify Tor-using suspects. According to Wired , “Operation Torpedo,” as the FBI sting operation was dubbed, targeted users of three darknet child porn sites. It came to light only after Omaha defense attorney Joseph Gross challenged the accuracy of evidence it uncovered against a Rochester, New York-based IT worker who claims he was falsely implicated in the campaign. Operation Torpedo used the Metasploit Decloaking Engine to identify careless suspects who were hiding behind Tor, a free service used by good and bad guys alike to shield their point of entry to the Internet. The Decloaking Engine went live in 2006 and used five separate methods to break anonymization systems. One method was an Adobe Flash application that initiated a direct connection with the end user, bypassing Tor protections and giving up the user’s IP address. Tor Project officials have long been aware of the vulnerability and strenuously advise against installing Flash. According to Wired: Read 1 remaining paragraphs | Comments

View article:
Feds used Adobe Flash to identify Tor users visiting child porn sites

4 seconds of body cam video can reveal a biometric fingerprint, study says

Researchers say they can have computers examine body camera video footage and accurately identify a person wearing a body-mounted device in about four seconds, according to a recently released paper . The authors of the study had their software look at biometric characteristics like height, stride length, and walking speed to find the identity of the person shooting the footage. As they point out, this could have both positive and negative implications for civilians, law enforcement, and military personnel if they’re using body-mounted cameras. (It’s important to note that this research paper,  Egocentric Video Biometrics , was posted  to the arXiv repository . As such, it’s not considered a final, peer-reviewed work.) Using static, mounted cameras to match a person’s height and gait is a relatively common and well-researched vector for narrowing down the identity of people caught in videos. The authors said that, to get an accurate read of the biometric data of the person wearing the body cam, the footage has to be from a camera secured to one point on a person’s body (handheld cameras don’t work), and it has to have at least four seconds of video of the camera-wearer walking. Despite these restrictions, the two researchers from The Hebrew University in Jerusalem noted that once the necessary information had been gathered, “the identity of the user can be determined quite reliably from a few seconds of video.” “This is like a fingerprint,” Shmuel Peleg, one of the paper’s authors, told The Verge. “In order to find the person you have to have their fingerprint beforehand. But we can compare two people and say whether two videos were shot by the same person or not.” Read 4 remaining paragraphs | Comments

More:
4 seconds of body cam video can reveal a biometric fingerprint, study says

Judge says reporter can’t get public records about cops’ “stingray” use

A local judge in Arizona ruled Friday that the Tucson Police Department (TPD) does not have to disclose records related to the use of stingrays, also known as cell-site simulators, under the state’s public records act. According to a Saturday report from Capitol Media Services , a state news wire, complying with reporter Beau Hodai ’s public records request “would give criminals a road map for how to defeat the device, which is used not only by Tucson but other local and national police agencies.” Hodai sued the TPD and the City of Tucson in March 2014 to force them to hand over such records. The devices are often used covertly by local and federal law enforcement to locate target cellphones and their respective owners. However, stingrays also sweep up cell data of innocent people nearby who have no idea that such collection is taking place. Stingrays can be used to intercept voice calls and text messages as well. Read 9 remaining paragraphs | Comments

Link:
Judge says reporter can’t get public records about cops’ “stingray” use

Steam’s first “Holiday Auction” halted after dupe bug ruins market [Updated]

Update:  Valve has updated its auction site to note that the Gem auctions will return “shortly” and that “an issue with Gems… means we need to reset and start again.” Specifically: All gems created by you will be returned to your Inventory. All Gem purchases from the Community Market will be reimbursed. All Auction bids have been canceled and the Auction will be reset. Trades involving Gems are being investigated on a case-by-case basis. Original Story The virtual “Holiday Auction” Steam first announced yesterday evening seemed like a cute idea at the time. For a limited time, users would be able to trade in unused or unwanted Steam Inventory items for “gems,” which could in turn, starting Monday, be used to bid against others on codes for 2,000 Steam games, 200,000 copies in all. Read 4 remaining paragraphs | Comments

Visit site:
Steam’s first “Holiday Auction” halted after dupe bug ruins market [Updated]

Microsoft withdraws bad Windows 7 update that broke future Windows 7 updates

One of this week’s Patch Tuesday updates for Windows 7 has been withdrawn after some users discovered that it blocked installation of software containing digital signatures, including first- and third-party software, and even other Windows updates. The problem update is called KB3004394. The purpose of this update was to change how Windows updates its collection of root certificates used to authenticate SSL and TLS connections. Without the update, Windows is meant to poll for certificate updates once a week. With the update, this frequency is increased to once a day. Unfortunately, this apparently simple change has had severe consequences for some users of Windows 7 Service Pack 1 and Windows Server 2008 R2 Service Pack 1, with users reporting that Windows Update, drivers from both NVIDIA and AMD, as well as some third-party software including Virtual Box are all unable to install correctly. The error code 0x8004FF91 seems to be a common finding. Read 3 remaining paragraphs | Comments

Visit link:
Microsoft withdraws bad Windows 7 update that broke future Windows 7 updates

Synaptics builds a fingerprint reader right into its trackpads

Consider the trackpad. The ones in Windows laptops are rarely (if ever) their best feature, but they nevertheless remain ubiquitous. Synaptics is one of the biggest names in trackpads, and today it announced a new one called the ” SecurePad ” that integrates a fingerprint reader into the trackpad itself rather than as a separate component. The SecurePad will have a small, 4mm by 10mm sensor on the trackpad’s surface that can scan a “fingertip placed at any angle on the sensor.” Said sensor will be available in a variety of different Synaptics trackpads, including the TouchPad , ClickPad , and ForcePad , and those trackpads will all be available in a variety of sizes. LED lights will provide feedback and allow the sensor to be used in dark environments. Fingerprint data traveling between the sensor and the “host processor” is encrypted to prevent the information from being accessed by other apps (Apple uses a similar sort of encryption with TouchID , and it prevents user apps from accessing fingerprint data in transit). We’ve contacted Synaptics to see if storing and reading fingerprints securely requires a separate chip to be installed in laptops that use the SecurePad and to get more detail on how this encryption works—we’ll update this article if we receive a response. Read 3 remaining paragraphs | Comments

See the original article here:
Synaptics builds a fingerprint reader right into its trackpads