Tag: privacy-rights

NASA melds vacuum tube tech with silicon to fill the terahertz gap

Vacuum tubes in a guitar amplifier. Shane Gorski The transistor revolutionized the world and made the abundant computing we now rely on a possibility, but before the transistor, there was the vacuum tube. Large, hot, power hungry, and prone to failure, vacuum tubes are a now-forgotten relic of the very earliest days of computing. But there’s a chance that vacuum tube technology could make its way back into computers—albeit without the vacuum—thanks to NASA research that has put together nanoscale “vacuum channel” transistors that can switch at more than 400GHz. Vacuum tubes have three important components: two electrodes—the negative, electron-emitting cathode, and the positive, electron-receiving anode—and a control grid placed between them. The flow of current between the cathode and the anode is controlled by the grid; the higher the voltage applied to the grid, the greater the amount of current that can flow between them. All three parts are housed in an evacuated glass tube or bulb and look somewhat like a kind of overcomplicated light bulb. The thing that made vacuum tubes so hot and power hungry was the cathode. Electrons can be encouraged to cross gaps by using very high voltages, but these tend to be difficult to work with. Instead, a phenomenon called thermionic emission is used—heat a piece of metal up enough, and the thermal energy lets the electrons escape the metal. Vacuum tubes have heating elements to make the cathode hot enough to emit electrons. Read 8 remaining paragraphs | Comments

View post:
NASA melds vacuum tube tech with silicon to fill the terahertz gap

Mint 17 is the perfect place for Linux-ers to wait out Ubuntu uncertainty

The team behind Linux Mint unveiled its latest update this week—Mint 17 using kernel 3.13.0-24, nicknamed “Qiana.” The new release indicates a major change in direction for what has quickly become one of the most popular Linux distros available today. Mint 17 is based on Ubuntu 14.04, and this decision appears to have one major driver.  Consistency.  Like the recently released Ubuntu 14.04, Mint 17 is a Long Term Support Release. That means users can expect support to continue until 2019. But even better, this release marks a change in Mint’s relationship with Ubuntu. Starting with Mint 17 and continuing until 2016, every release of Linux Mint will be built on the same package base—Ubuntu 14.04 LTS. With this stability, instead of working to keep up with whatever changes Ubuntu makes in the next two years, Mint can focus on those things that make it Mint. With major changes on the way for Ubuntu in the next two years, Mint’s decision makes a lot of sense. Not only does it free up the Mint team to focus on its two homegrown desktops (Cinnamon and MATE), but it also spares Mint users the potential bumpy road that is Ubuntu’s future. Read 53 remaining paragraphs | Comments

Original post:
Mint 17 is the perfect place for Linux-ers to wait out Ubuntu uncertainty

Microsoft wants you to trade in your MacBook Air for a Surface Pro 3

Ready to kick your MacBook Air to the curb (and wonder how much exactly in in-store credit it’s worth)? Your friendly neighborhood Microsoft Store is ready to help. Peter Bright This weekend, Microsoft Stores launched a trade-in program to encourage sales of the new Surface Pro 3 , but the trade-in promotion named only a single device : the MacBook Air, at a value of “up to $650” toward any Surface Pro 3 purchase. At the lowest specification, that trade-in amount would let buyers walk out of a Microsoft Store with an Intel i3 Surface Pro 3 for as little as $150. Though Microsoft Stores maintain a trade-in program that accepts video games, consoles, Apple iDevices, and PC laptops, this is the first promotion from Microsoft Stores that has actively sought Apple laptops—or, in this case, laptop singular. Seeing as how Microsoft has attempted to position the Surface Pro 3 as the best of both tablet and laptop worlds, the capable, paper-thin MacBook Air is the obvious recipient of Microsoft’s promotional crosshairs. We called the flagship Microsoft Store in Seattle with trade-in value questions, and while the representative said that any Macbook Air could be traded in at stores in the United States and Canada, he insisted that Microsoft won’t break down the exact trade-in value of a given Macbook Air or any other Apple hardware (iPhones, iPads, etc.) without seeing the product in person. The response came even after we tried listing off our MacBook Air’s processor, hard drive, and other specs. This stays in line with Microsoft Store policy through their own website to not disclose trade-in values. Read on Ars Technica | Comments

Read more here:
Microsoft wants you to trade in your MacBook Air for a Surface Pro 3

IE users get new protection against potent form of malware attack

a_codepoet Microsoft developers have fortified Internet Explorer with new protections designed to prevent a type of attack commonly used to surreptitiously install malware on end-user computers. The “isolated heap for DOM objects” made its debut with last week’s Patch Tuesday . Just as airbags lower the chance of critical injuries in automobile accidents, the new IE protection is designed to significantly lessen the damage attackers can do when exploiting so-called use-after-free flaws in the browser code. As the name suggests, use-after-free bugs are the result of code errors that reference computer memory objects after they have already been purged, or freed, from the operating system heap. Attackers can exploit them by refilling the improperly freed space with malicious code that logs passwords, makes computers part of a botnet, or carries out other nefarious behavior. Use-after-free flaws are among the most commonly exploited, often at great expense to end users. Recent in-the-wild attacks that targeted IE versions 9, 10, and 11 capitalized on a use-after-free bug. The bug class has been at the heart of many other real-world attacks on IE that are too numerous to count . (They have also been known to bring down Google Chrome and Mozilla Firefox.) Wei Chen, an exploit developer with Rapid 7’s Metasploit vulnerability framework, likens use-after-free exploits to sneaking tainted cookies into an already-opened bag of Oreos. Read 5 remaining paragraphs | Comments

View article:
IE users get new protection against potent form of malware attack

At least 32,000 servers broadcast admin passwords in the clear, advisory warns

An alarming number of servers containing motherboards manufactured by Supermicro continue to expose administrator passwords despite the release of an update that patches the critical vulnerability, an advisory published Thursday warned. The threat resides in the baseboard management controller (BMC), a motherboard component that allows administrators to monitor the physical status of large fleets of servers, including their temperatures, disk and memory performance, and fan speeds. Unpatched BMCs in Supermicro motherboards contain a binary file that stores remote login passwords in clear text. Vulnerable systems can be detected by performing an Internet scan on port 49152. A recent query on the Shodan search engine indicated there are 31,964 machines still vulnerable, a number that may not include many virtual machines used in shared hosting environments. “This means at the point of this writing, there are 31,964 systems that have their passwords available on the open market,” wrote Zachary Wikholm, a senior security engineer with the Carinet Security Incident Response Team. “It gets a bit scarier when you review some of the password statistics. Out of those passwords, 3,296 are the default combination. Since I’m not comfortable providing too much password information, I will just say that there exists a subset of this data that either contains or just was ‘password.'” Read 5 remaining paragraphs | Comments

Visit site:
At least 32,000 servers broadcast admin passwords in the clear, advisory warns

Hacker infects Synology storage devices, makes off with $620,000 in Dogecoin

One of the affected Synology devices. Synology A hacker generated digital coins worth more than $620,000 by hijacking a popular type of Internet-connected storage device from Synology, security researchers said. The incident, which was documented in a research report published Tuesday by Dell SecureWorks, is only the latest hack to steal other people’s computing resources to perform the computationally intense process of digital currency mining. The cryptographic operations behind the process often draw large amounts of power and produce lots of heat. People looking to acquire a large war chest of digital coins typically must pour large amounts of money and effort into the endeavor. One way malicious actors get by this requirement is by compromising large numbers of devices operated by other people. The devices then perform the work at the expense of the unsuspecting end users and pass on the proceeds to the attacker. According to researchers from SecureWorks Counter Threat Unit, the attackers exploited four separate vulnerabilities contained in the software of Synology network-attached storage boxes. The vulnerabilities were documented in September and fixed in February by Synology . By then, large numbers of people began complaining their Synology devices were running sluggishly and extremely hot . It turns out that at least some of them were running software that mined large sums of the Dogecoin cryptocurrency. Read 4 remaining paragraphs | Comments

See more here:
Hacker infects Synology storage devices, makes off with $620,000 in Dogecoin

Undergrad breaks Android crypto ransomware

Early in June, Ars reported the discovery of Android/Simplocker , which appeared to be the first cryptographic ransomware Trojan targeted at Android devices. Simplocker encrypts photos, documents, and videos in devices’ local storage and then instructs the device owner to send money if they ever want to see that content again. One researcher—Simon Bell, an undergraduate student at the University of Sussex—managed to dissect the code for Simplocker. He found that while the code actually called back to a command and control server over the Tor anonymizing network to pass information about the infected device, all of the encryption work was done by the malware itself. Today, Bell released an antidote to Simplocker —a Java program that can decrypt the files attacked by the malware. “The antidote was incredibly easy to create because the ransomware came with both the decryption method and the decryption password,” Bell wrote. “Therefore producing an antidote was more of a copy-and-paste job than anything.” Read 3 remaining paragraphs | Comments

Original post:
Undergrad breaks Android crypto ransomware

Report: Seattle paid $17,500 to boost online reputation of city official

tdlucas5000 A newly-published document shows that Seattle’s publicly-owned electrical utility paid thousands of dollars to Brand.com to manage the online reputation of CEO Jorge Carrasco. The document , which was received and published Saturday by the Seattle Times after a public records request, shows that Brand.com charged City Light $5,000 in December 2013. As the contract states: Read 6 remaining paragraphs | Comments

Excerpt from:
Report: Seattle paid $17,500 to boost online reputation of city official

Unicode 7.0 introduces 2,834 new characters, including 250 emoji

We can leave dumb old “words” behind as soon as emoji evolve to express all forms of human feeling and emotion. Andrew Cunningham The Unicode Consortium has just announced the release of version 7.0 of the Unicode Standard , the list of characters ” which specifies the representation of text in all modern software products and standards .” Unicode 7.0 adds 2,834 new characters to the existing list of 110,187 characters defined by Unicode 6.3, including new symbols for currency, new “lesser-used and historic scripts,” and extended support “for written languages of North America, China, India, other Asian countries, and Africa.” Of course, the Internet being what it is, what people seem the most excited about are the 250 new emoji characters, listed here by Emojipedia . Notable additions include “hot pepper,” “sleuth or spy,” “man in business suit levitating,” “reversed hand with middle finger extended,” and “raised hand with part between middle and ring fingers” (aka the ” live long and prosper ” thing). The list of emoji also extends the character set’s adorable fascination with outmoded technology thanks to icons like “soft shell floppy disk,” “fax icon,” and “old personal computer.” Mostly absent from that list of new emoji are the more racially diverse characters Apple said it was trying to introduce back in March . There are a few characters that suggest progress on that front (“sideways black left pointing index,” “black up pointing backhand index,” and so on, assuming that “index” is a reference to index fingers), but those additions don’t introduce parity between black- and white-skinned icons, nor do they account for other skin tones. That’s not necessarily surprising, since these standards take a long time to change—hopefully more characters are introduced in a future Unicode release. Read 1 remaining paragraphs | Comments

View article:
Unicode 7.0 introduces 2,834 new characters, including 250 emoji

Bitcoin security guarantee shattered by anonymous miner with 51% network power

Cornering the Bitcoin market may be easier than cornering orange juice futures. Paramount Pictures / Aurich Lawson For the first time in Bitcoin’s five-year history, a single entity has repeatedly provided more than half of the total computational power required to mine new digital coins, in some cases for sustained periods of time. It’s an event that, if it persists, signals the end of crypto currency’s decentralized structure. Researchers from Cornell University say that on multiple occasions, a single mining pool repeatedly contributed more than 51 percent of Bitcoin’s total cryptographic hashing output for spans as long as 12 hours. The contributor was GHash , which bills itself as the “#1 Crypto & Bitcoin Mining Pool.” During these periods, the GHash operators had unprecedented powers that circumvented the decentralization that is often held up as a salient advantage Bitcoin has over traditional currencies. So-called 51 percenters, for instance, have the ability to spend the same coins twice, reject competing miners’ transactions, or extort higher fees from people with large holdings. Even worse, a malicious player with a majority holding could wage a denial-of-service attack against the entire Bitcoin network. Like tremblers before a major earthquake, most of GHash’s 51-percent spans were relatively short. Few people paid much attention, since shortly after a miner loses the majority position, it also loses its extraordinary control. Then, on June 12, GHash produced a majority of the power for 12 hours straight, a sustained status that enables precisely the type of doomsday scenario some researchers have warned was possible. Read 8 remaining paragraphs | Comments

Read the original:
Bitcoin security guarantee shattered by anonymous miner with 51% network power