Tag: program1

Teen sues TV station for $1M over unauthorized broadcast of his genitals

(credit: NURV.com ) A South Carolina teenager has sued a Colorado television station over allegations the station broadcasted a picture of his erect penis taken from a cell phone video uploaded to YouTube. The case, known as Holden v. KOAA , asks for $1 million in damages and accuses the station, its reporter, its parent companies (NBC and Comcast), and other defendants of violating federal child pornography laws, invasion of privacy and negligence, and other allegations. According to the lawsuit , the teen was 14 years old and living in Colorado at the time of the incident. (The incident occurred two years ago, but Ars will not name the individual as he is still a minor.) The cell phone video had been taken of the teen and put online as a way to blackmail him. His father’s girlfriend, Heather Richardson, soon contacted the KOAA TV station to let them know about the situation. KOAA sent a local reporter, Matthew Prichard, to the family’s home in Pueblo, Colorado, where Prichard interviewed the boy and filmed the offending material. The suit claims that the boy’s father specifically told Prichard to keep his son’s name out of the report. Read 7 remaining paragraphs | Comments

Read the original post:
Teen sues TV station for $1M over unauthorized broadcast of his genitals

Oracle deprecates the Java browser plugin, prepares for its demise

The much-maligned Java browser plugin, source of so many security flaws over the years, is to be killed off by Oracle. It will not be mourned. Oracle, which acquired Java as part of its 2010 purchase of Sun Microsystems, has announced that the plugin will be deprecated in the next release of Java, version 9, which is currently available as an early access beta. A future release will remove it entirely. Of course, Oracle’s move is arguably a day late and a dollar short. Chrome started deprecating browser plugins last April , with Firefox announcing similar plans in October . Microsoft’s new Edge browser also lacks any support for plugins. Taken together, it doesn’t really matter much what Oracle does: even if the company continued developing and supporting its plugin, the browser vendors themselves were making it an irrelevance. Only Internet Explorer 11, itself a legacy browser that’s receiving only security fixes, is set to offer any continued plugin support. Read 1 remaining paragraphs | Comments

Read the article:
Oracle deprecates the Java browser plugin, prepares for its demise

City cops in Disneyland’s backyard have had “stingray on steroids” for years

(credit: NoHoDamon ) New documents released ( PDF ) on Wednesday by the American Civil Liberties Union (ACLU) of California show that for the last several years, police in the city of Anaheim, California—home of Disneyland—have been using an invasive cell phone surveillance device, known as a “dirtbox.” The ACLU obtained the 464 pages of documents recently after it sued the Anaheim Police Department (APD) last year over the agency’s failure to respond to its public records request concerning such surveillance-related documents. The DRTBox has been described by one Chicago privacy activist as a “stingray on steroids,” referring to the controversial cell-site simulator that spoofs cell towers to locate phones and intercept calls and texts . Read 16 remaining paragraphs | Comments

Excerpt from:
City cops in Disneyland’s backyard have had “stingray on steroids” for years

Israel’s electric grid hit by “severe” hack attack

Israel experienced a serious hack attack on its electrical grid that officials are still working to repel, the head of the country’s energy minister said Tuesday. “The virus was already identified and the right software was already prepared to neutralize it,” Israeli Energy Minister Yuval Steinitz told attendees of a computer security conference in Tel Aviv, according to this article published Tuesday by The Times of Israel . “We had to paralyze many of the computers of the Israeli Electricity Authority. We are handling the situation and I hope that soon, this very serious event will be over … but as of now, computer systems are still not working as they should.” The “severe” attack was detected on Monday as temperatures in Jerusalem dipped to below freezing, creating two days of record-breaking electricity consumption, according to The Jerusalem Post . Steinitz said it was one of the biggest computer-based attacks Israel’s power infrastructure has experienced, and that it was responded to by members of his ministry and the country’s National Cyber Bureau. The energy minister didn’t identify any suspects behind the attack or provide details about how it was carried out. Read 2 remaining paragraphs | Comments

Read More:
Israel’s electric grid hit by “severe” hack attack

After FBI briefly ran Tor-hidden child-porn site, investigations went global

(credit: Andrew ) In 2015, the FBI seized a Tor-hidden child-porn website known as Playpen and allowed it to run for 13 days so that the FBI could deploy malware in order to identify and prosecute the website’s users. That malware, known in FBI-speak as a “network investigative technique,” was authorized by a federal court in Virginia in February 2015. In a new revelation, Vice Motherboard has now determined that this operation had much wider berth. The FBI’s Playpen operation was effectively transformed into a global one, reaching Turkey, Colombia, and Greece, among others. Motherboard’s Joseph Cox wrote on Twitter on Friday that he was able to find a document describing this infiltration as something called “Operation Pacifier” by using creative “Google-fu.” Read 11 remaining paragraphs | Comments

Read the article:
After FBI briefly ran Tor-hidden child-porn site, investigations went global

Media devices sold to feds have hidden backdoor with sniffing functions

(credit: AMX) A company that supplies audio-visual and building control equipment to the US Army, the White House, and other security-conscious organizations built a deliberately concealed backdoor into dozens of its products that could possibly be used to hack or spy on users, security researchers said. Members of Australia-based security firm SEC Consult said they discovered the backdoor after analyzing the AMX NX-1200 , a programmable device used to control AV and building systems. The researchers first became suspicious after encountering a function called “setUpSubtleUserAccount” that added an highly privileged account with a hard-coded password to the list of users authorized to log in. Unlike most other accounts, this one had the ability to capture data packets flowing between the device and the network it’s connected to. “Someone with knowledge of the backdoor could completely reconfigure and take over the device and due to the highest privileges also start sniffing attacks within the network segment,” SEC Consult researcher Johannes Greil told Ars. “We did not see any personal data on the device itself, besides other user accounts which could be cracked for further attacks.” Read 4 remaining paragraphs | Comments

See the original article here:
Media devices sold to feds have hidden backdoor with sniffing functions

Skylake users given 18 months to upgrade to Windows 10

Intel Skylake die shot. (credit: Intel) If you own a system with an Intel 6th generation Core processor—more memorably known as Skylake—and run Windows 7 or Windows 8.1, you’ll have to think about upgrading to Windows 10 within the next 18 months. Microsoft announced today that after July 17, 2017, only the “most critical” security fixes will be released for those platforms and those fixes will only be made available if they don’t “risk the reliability or compatibility” of Windows 7 and 8.1 on other (non-Skylake) systems. The full range of compatibility and security fixes will be published for non-Skylake machines for Windows 7 until January 14 2020, and for Windows 8.1 until January 10 2023. Next generation processors, including Intel’s ” Kaby Lake “, Qualcomm’s 8996 ( branded as Snapdragon 820 ), and AMD’s “Bristol Ridge” APUs (which will use the company’s Excavator architecture, not its brand new Zen arch) will only be supported on Windows 10. Going forward, the company says that using the latest generation processors will always require the latest generation operating system. Read 12 remaining paragraphs | Comments

View article:
Skylake users given 18 months to upgrade to Windows 10

Department of Transportation going full speed ahead on self-driving cars

The world as seen by a self-driving car. (credit: Jonathan Gitlin) We’ve been hitting the tech of self-driving cars pretty heavily this week, taking a look at what companies like Audi , BMW , Ford , QNX , and Tesla are doing in the field. But it’s looking more and more likely that it’s not going to be the technology itself that determines when  we’ll be able to buy a self-driving car for that morning commute. Instead, all the other stuff— regulations, laws, insurance questions, and society’s comfort level —appear ready to own the issue of timing. At this week’s North American International Auto Show in Detroit, Transportation Secretary Anthony Foxx announced that “i n 2016, we are going to do everything we can to promote safe, smart and sustainable, vehicles. We are bullish on automated vehicles.” Still, w orking out how to regulate self-driving cars is far from settled. Each state (well, OK maybe every state but Maryland) has a pretty good idea of how to test young drivers to determine whether they’re ready to mix it with the rest of us in traffic. Figuring out how to apply that to a car itself is proving to be more of a challenge. California, for instance, is about to hold a couple of public workshops to get input into its draft regulations on the the matter, and DMVs in other states are being told by their respective legislatures to start working on the problem. Today, there’s a real fear in the industry that we could end up with a patchwork of different state laws (something Cars Technica even talked about on the radio yesterday ). Then there’s the federal government, where crafting policies, regulations, and guidances can be slow work. Take recent advances in headlight technology for example. Over in Europe, you can now buy cars that use LED lasers to supplement their high-beams. Those lights are intelligent enough to avoid blinding other cars on the road, and they represent a significant safety advantage. But the Federal Motor Vehicle Safety Standards for headlights in the US went into effect in 1968 and haven’t been updated since. And because they don’t make any allowances for anything other than a high beam and a low beam, such systems are illegal here in the US. Read 4 remaining paragraphs | Comments

View original post here:
Department of Transportation going full speed ahead on self-driving cars

Security firm sued for filing “woefully inadequate” forensics report

(credit: ErrantX ) A Las Vegas-based casino operator has sued security firm Trustwave for conducting an allegedly “woefully inadequate” forensics investigation that missed key details of a network breach and allowed credit card thieves to maintain their foothold during the course of the two-and-a-half month investigation. In a legal complaint filed in federal court in Las Vegas, Affinity Gaming said it hired Trustwave in October 2013 to investigate and contain a network breach that allowed attackers to obtain customers’ credit card data. In mid January 2014, Trustwave submitted a report required under payment card industry security rules on all merchants who accept major credit cards. In the PCI forensics report, Trustwave said it had identified the source of the data breach and had contained the malware responsible for it. More than a year later after Affinity was hit by a second credit card breach, the casino operator allegedly learned from Trustwave competitor Mandiant that the malware had never been fully removed. According to the December, 2015 complaint : Read 4 remaining paragraphs | Comments

Read More:
Security firm sued for filing “woefully inadequate” forensics report

David Bowie’s ISP, as remembered by the guy who helped create “BowieNet”

David Bowie. (credit: davidbowie.com ) When David Bowie became an Internet service provider in 1998, a man named Ron Roy helped him start the business. Now, three days after the legendary musician’s death at age 69, we’ve interviewed Roy about how “BowieNet” came to life and why it was so important to the artist. “David was tremendously involved from day one,” Roy told Ars via e-mail. Roy appeared in some of the first press releases that followed BowieNet’s US and UK launches; we tracked him down at his current business, Wines That Rock . It was a lot easier to become an Internet service provider in 1998 than it is today. Instead of the enormous expense of  deploying fiber or cable throughout a city, ISPs could spring to life by selling dial-up connections to anyone with a telephone line. BowieNet’s dial-up service sold full access to the Internet for $19.95 a month (or £10.00 in the UK), but it was also a fan club that provided exclusive access to David Bowie content such as live video feeds from his studio. Customers who already had a dial-up Internet provider and didn’t want to switch could buy access to BowieNet content separately for $5.95 a month. BowieNet had about 100,000 customers at its peak, Roy said. Read 10 remaining paragraphs | Comments

Taken from:
David Bowie’s ISP, as remembered by the guy who helped create “BowieNet”