Tag: program1

Et tu, Fortinet? Hard-coded password raises new backdoor eavesdropping fears

(credit: Fortinet) Less than a month after Juniper Network officials disclosed an unauthorized backdoor in the company’s NetScreen line of firewalls , researchers have uncovered highly suspicious code in older software from Juniper competitor Fortinet. The suspicious code contains a challenge-and-response authentication routine for logging into servers with the secure shell (SSH) protocol . Researchers were able to unearth a hard-coded password of “FGTAbc11*xy+Qqz27” (not including the quotation marks) after reviewing this exploit code posted online on Saturday . On Tuesday, a researcher posted this screenshot purporting to show someone using the exploit to gain remote access to a server running Fortinet’s FortiOS software. This exploit code provides unauthorized SSH access to devices running older versions of FortiOS. (credit: Full Disclosure mailing list ) This partially redacted screenshot purports to show the exploit in action. (credit: @dailydavedavids ) Ralf-Philipp Weinmann, a security researcher who helped uncover the innerworkings of the Juniper backdoor , took to Twitter on Tuesday and repeatedly referred to the custom SSH authentication as a “backdoor.”  In one specific post , he confirmed he was able to make it work as reported on older versions of Fortinet’s FortiOS. Read 4 remaining paragraphs | Comments

Taken from:
Et tu, Fortinet? Hard-coded password raises new backdoor eavesdropping fears

Oculus cofounder building a -43° propane phase-change-cooled PC

Palmer Luckey, the co-founder of Oculus VR and creator of the Oculus Rift, somewhat unsurprisingly, is a fully paid-up member of the PC Master Race . During a recent Reddit AMA , Luckey was asked about the hardware specs of his PC. The first part of his response was to be expected, and probably straight out of the company’s PR playbook: I have lived on the bleeding edge of PC hardware for as long as I could scrape the money together, but for VR, I am sticking to hardware that sticks to our recommended specs: https://www.oculus.com/en-us/oculus-ready-pcs/ That way, I get the same experience as most of my customers. I don’t want to become disconnected from the reality of how our hardware and software performs. On the side, though, Luckey is working on something just a little bit more exciting: Read 4 remaining paragraphs | Comments

Taken from:
Oculus cofounder building a -43° propane phase-change-cooled PC

Intel Skylake bug causes PCs to freeze during complex workloads

Intel has confirmed that its Skylake processors suffer from a bug that can cause a system to freeze when performing complex workloads. Discovered by mathematicians at the Great Internet Mersenne Prime Search (GIMPS), the bug occurs when using the GIMPS Prime95 application to find Mersenne primes. “Intel has identified an issue that potentially affects the 6th Gen Intel Core family of products. This issue only occurs under certain complex workload conditions, like those that may be encountered when running applications like Prime95. In those cases, the processor may hang or cause unpredictable system behaviour.” Intel has developed a fix, and is working with hardware partners to distribute it via a BIOS update. Read 6 remaining paragraphs | Comments

Originally posted here:
Intel Skylake bug causes PCs to freeze during complex workloads

Two months after FBI debacle, Tor Project still can’t get an answer from CMU

Proof of connection: the site check.torproject.org will show you if you’re connected via Tor. (credit: Tor) Shari Steele, Executive Director of the Tor Project (credit: EFF ) It’s been quite a few months for the Tor Project. Last November, project co-founder and director Roger Dingledine  accused the FBI of paying Carnegie Mellon computer security researchers at least $1 million to de-anonymize Tor users and reveal their IP addresses as part of a large criminal investigation. The FBI dismissed things, but the investigation in question is a very high-profile matter focused on members of the  Silk Road  online-drug marketplace. One of the IP addresses revealed belonged to Brian Farrell, an alleged Silk Road 2 lieutenant. An early filing in Farrell’s case, first reported  by Vice Motherboard, said that a “university-based research institute” aided government efforts to unmask Farrell. That document fit with Ars reporting  from January 2015, when a Homeland Security search warrant affidavit stated  that from January to July 2014, a “source of information” provided law enforcement “with particular IP addresses” that accessed the vendor-side of Silk Road 2. By July 2015, the Tor Project managed to discover and shut down this sustained attack. But the Tor Project further concluded that the attack resembled a technique described by a team of Carnegie Mellon University (CMU) researchers who a few weeks earlier had canceled a security conference presentation on a low-cost way to deanonymize Tor users . The Tor officials went on to warn that an intelligence agency from a global adversary also might have been able to capitalize on the vulnerability. Read 59 remaining paragraphs | Comments

Visit link:
Two months after FBI debacle, Tor Project still can’t get an answer from CMU

Latest tech support scam stokes concerns Dell customer data was breached

Enlarge (credit: Jjpwiki ) Tech-support scams, in which fraudsters pose as computer technicians who charge hefty fees to fix non-existent malware infections, have been a nuisance for years . A relatively new one targeting Dell computer owners is notable because the criminals behind it use private customer details to trick their marks into thinking the calls come from authorized Dell personnel. “What made the calls interesting was that they had all the information about my computer; model number, serial number, and notably the last item I had called Dell technical support about (my optical drive),” Ars reader Joseph B. wrote in an e-mail. “That they knew about my optical drive call from several months prior made me think there was some sort of information breach versus just my computer being compromised.” He isn’t the only Dell customer reporting such an experience. A blog post published Tuesday reported scammers knew of every problem the author had ever called Dell about. None of those problems were ever discussed in public forums, leading the author to share the suspicion that proprietary Dell data had somehow been breached. Read 7 remaining paragraphs | Comments

Read more here:
Latest tech support scam stokes concerns Dell customer data was breached

T-Mobile added another 8.3 million customers in 2015

T-Mobile USA added 8.3 million customers last year, including 2.1 million in the fourth quarter, solidifying its position as the country’s number three wireless carrier ahead of Sprint and behind Verizon Wireless and AT&T. T-Mobile had 63.3 million customers as of December 31, 2015, up from 55 million customers at the end of 2014, the company announced today  in a preliminary earnings report. In total, T-Mobile now has 29.4 million postpaid phone customers, 2.3 million postpaid mobile broadband customers, 17.6 million prepaid customers, and 14 million wholesale customers. This was the second consecutive year that T-Mobile boosted its customer total by more than 8 million. (credit: T-Mobile) T-Mobile has also improved its churn rate—the percentage of subscribers who discontinued service—meaning that fewer customers are leaving for other carriers. Read 2 remaining paragraphs | Comments

More:
T-Mobile added another 8.3 million customers in 2015

First known hacker-caused power outage signals troubling escalation

(credit: Krzysztof Lasoń ) Highly destructive malware that infected at least three regional power authorities in Ukraine led to a power failure that left hundreds of thousands of homes without electricity last week, researchers said. The outage left about half of the homes in the Ivano-Frankivsk region of Ukraine without electricity, Ukrainian news service TSN reported in an article posted a day after the December 23 failure . The report went on to say that the outage was the result of malware that disconnected electrical substations. On Monday, researchers from security firm iSIGHT Partners said they had obtained samples of the malicious code that infected at least three regional operators. They said the malware led to “destructive events” that in turn caused the blackout. If confirmed it would be the first known instance of someone using malware to generate a power outage. “It’s a milestone because we’ve definitely seen targeted destructive events against energy before—oil firms, for instance—but never the event which causes the blackout,” John Hultquist, head of iSIGHT’s cyber espionage intelligence practice, told Ars. “It’s the major scenario we’ve all been concerned about for so long.” Read 7 remaining paragraphs | Comments

See the original post:
First known hacker-caused power outage signals troubling escalation

Files on nearly 200 floppy disks belonging to Star Trek creator recovered

(credit: churl ) According to a press release from DriveSavers data recovery, information on nearly 200 floppy disks that belonged to Star Trek creator Gene Roddenberry has been recovered. The information on the disks belongs to Roddenberry’s estate and has not been disclosed to the general public. DriveSavers notes, however, that Roddenberry used the disks to store his work and “to capture story ideas, write scripts and [take] notes.” VentureBeat reports that the disks, containing 160KB of data each, were likely used and written in the ’80s. The circumstances of the information recovery are particularly interesting, however. Several years after the death of Roddenberry, his estate found the 5.25-inch floppy disks. Although the Star Trek creator originally typed his scripts on typewriters, he later moved his writing to two custom-built computers with custom-made operating systems before purchasing more mainstream computers in advance of his death in 1991. Read 2 remaining paragraphs | Comments

Excerpt from:
Files on nearly 200 floppy disks belonging to Star Trek creator recovered

CBS, Paramount sue crowdfunded Star Trek filmmakers for copyright infringement

Prelude to Axanar (Official). On Tuesday, lawyers representing CBS and Paramount Studios sued Axanar Productions, a company formed by a group of fans attempting to make professional-quality Star Trek fan-fiction movies, for copyright infringement. “The Axanar Works are intended to be professional quality productions that, by Defendants’ own admission, unabashedly take Paramount’s and CBS’s intellectual property and aim to ‘look and feel like a true Star Trek movie,’” the complaint reads  (PDF). Axanar Productions released a short 20-minute film called  Prelude to Axanar  in 2014, in which retired Starfleet leaders talk about their experiences in the Four Years War, a war between the Federation and the Klingons that occurred in the Star Trek universe before The Original Series began. The feature-length Axanar is scheduled to premier in 2016 and follows the story of Captain Kirk’s hero, Garth of Izar . Both productions were funded on Kickstarter and Indiegogo, raising more than $1.1 million  from fans. Read 12 remaining paragraphs | Comments

Read More:
CBS, Paramount sue crowdfunded Star Trek filmmakers for copyright infringement

Beating graphene to push supercapacitors closer to batteries

(credit: Oak Ridge National Lab ) Most people think of batteries when they consider energy storage, but capacitors are an alternative in some use cases. Capacitors are used in almost all electronic devices, often to supply temporary power when batteries are being changed to prevent loss of information. In addition to everyday devices, they are also used in more obscure technologies, including certain types of weapons. Understanding the supercapacitor Unlike batteries, capacitors use static electricity to store energy. In their simplest form, they contain two conducting metallic plates with an insulating material (dielectric) placed in between. A typical capacitor charges instantly but usually cannot hold a great deal of charge. Supercapacitors can at least partly overcome this shortcoming. They differ from the typical capacitor in that their “plates” provide significantly larger surface area and are much closer together. The surface area is increased by coating the metal plates with a porous substance. Instead of having a dielectric material between them, the plates of a supercapacitor are soaked in an electrolyte and separated by an extremely thin insulator. Read 11 remaining paragraphs | Comments

Excerpt from:
Beating graphene to push supercapacitors closer to batteries