reprints – Page 38 – Tech Today w/ Ken May

Human memory-saving devices get $37.5m research boost from DARPA

Flickr user: Dierk Schaefer Two teams creating devices that stimulate the brain to restore memory function have been granted $37.5 million by DARPA to develop the technology. Both will initially work with people with epilepsy who have been given implants to locate where their seizures originate. The researchers will reuse the data gathered during this process to monitor other brain activity, such as the patterns that occur when the brain stores and retrieves memories. One team will then attempt to map these patterns by recording the brain activity of epilepsy sufferers with mild memory problems while they play a computer game about remembering things. The pattern differences between the best and worst scores among these patents will be used to develop an algorithm for a personalized stimulation pattern to keep the brain performing at an optimal level. Read 6 remaining paragraphs | Comments

See the article here:
Human memory-saving devices get $37.5m research boost from DARPA

Judge orders unmasking of Amazon.com “negative” reviewers

A federal judge has granted a nutritional supplement firm’s request to help it learn the identities of those who allegedly left “phony negative” reviews of its products on Amazon.com. The decision means that Ubervita may issue subpoena’s to Amazon.com and Cragslist to cough up the identities of those behind a “campaign of dirty tricks against Ubervita in a wrongful effort to put Ubervita at a competitive disadvantage in the marketplace .” (PDF). According to a lawsuit by the maker of testosterone boosters, multivitamins and weight loss supplements, unknown commenters had placed fraudulent orders “to disrupt Ubervita’s inventory,” posted a Craigslist ad “to offer cash for favorable reviews of Ubervita products,” and posed “as dissatisfied Ubervita customers in posting phony negative reviews of Ubervita products, in part based on the false claim that Ubervita pays for positive reviews.” Read 2 remaining paragraphs | Comments

More:
Judge orders unmasking of Amazon.com “negative” reviewers

Emergency Windows update revokes dozens of bogus Google, Yahoo SSL certificates

Microsoft has issued an emergency update for most supported versions of Windows to prevent attacks that abuse recently issued digital certificates impersonating Google and Yahoo. Company officials warned other undiscovered fraudulent credentials for other domains may still be in the wild. Thursday’s unscheduled update revokes 45 highly sensitive secure sockets layer (SSL) certificates that hackers managed to generate after compromising systems operated by the National Informatics Centre (NIC) of India, an intermediate certificate authority (CA) whose certificates are automatically trusted by all supported versions of Windows. Millions of sites operated by banks, e-commerce companies, and other types of online services use the cryptographic credentials to encrypt data passing over the open Internet and to prove the authenticity of their servers. As Ars explained Wednesday , the counterfeit certificates pose a risk to Windows users accessing SSL-protected sections of Google, Yahoo, and any other affected domains. “These SSL certificates could be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against Web properties,” a Microsoft advisory warned. “The subordinate CAs may also have been used to issue certificates for other, currently unknown sites, which could be subject to similar attacks.” Read 4 remaining paragraphs | Comments

View post:
Emergency Windows update revokes dozens of bogus Google, Yahoo SSL certificates

Deep-sea streaming: 500-mile NEPTUNE cabling brings Internet to the ocean floor

Your home Ethernet cable doesn’t deal with any of this ish—pictured here, a sea star and a squat lobster—behind some desk. NEPTUNE Canada The Juan de Fuca tectonic plate is by far one of the Earth’s smallest. It spans just a few hundred kilometers of the Oregon, Washington, and British Columbia coast. But what the Juan de Fuca lacks in size it makes up for in connectivity. It’s home to a unique, high-speed optical cabling that has snaked its way across the depths of the Pacific seafloor plate since late 2009. This link is called NEPTUNE—the North-East Pacific Time-Series Underwater Networked Experiment—and, at more than 800 kilometers (about 500 miles), it’s about the same length as 40,000 subway cars connected in a single, long train. A team of scientists, researchers, and engineers from the not-for-profit group Oceans Network Canada maintains the network, which cost CAD $111 million to install and $17 million each year to maintain. But know that this isn’t your typical undersea cable. For one, NEPTUNE doesn’t traverse the ocean’s expanse, but instead loops back to its starting point at shore. And though NEPTUNE is designed to facilitate the flow of information through the ocean, it also collects information about the ocean, ocean life, and the ocean floor. Read 52 remaining paragraphs | Comments

See more here:
Deep-sea streaming: 500-mile NEPTUNE cabling brings Internet to the ocean floor

Goldman Sachs demands Google unsend one of its e-mails

Goldman Sachs has demanded a court order to get Google to unsend an e-mail that the bank sent in error, according to Reuters’ report Wednesday. The e-mail contained “highly confidential” information addressed to the wrong account, a mistake on Goldman Sachs’ part that Google hasn’t yet been tempted to rectify. Goldman Sachs did not specify to Reuters how many clients were affected in the situation, which occurred on June 23. Reportedly, the mistake happened while a Goldman Sachs contractor was testing internal changes made to Goldman Sachs’ system to meet new requirements from the Financial Industry Regulatory Authority. The contractor prepared a report with sensitive client information, including details on brokerage accounts, and e-mailed it to a gmail.com address, rather than the gs.com one she intended. Reuters says that it tried to “retrieve the report” and contact the owner of the Gmail account without success. Google told Goldman Sachs on June 26 that it couldn’t reach through Gmail and delete the e-mail without a court order. Goldman Sahcs filed with the New York Supreme Court, requesting “emergency relief” to both avoid a privacy violation and “avoid the risk of unnecessary reputational damage to Goldman Sachs.” Read on Ars Technica | Comments

Read the original post:
Goldman Sachs demands Google unsend one of its e-mails

Google asks Hangouts users to “migrate” their Google Voice accounts

Hangouts integration in Google Voice. Google has added a menu option inside its Android Hangouts app asking users to “migrate Google Voice to Hangouts,” according to a post in the Android subreddit from Tuesday. The dialogue, accessible through debug mode, tells users they can get their voicemail and SMSes through Hangouts instead of the Google Voice app, though it doesn’t specify how the feature works with dedicated Google Voice numbers. As time passes, Google Voice is becoming a Google product that is an increasingly odd combination of dead useful and difficult to use, beloved by its users for its (limited) functionality but long ignored by Google itself. The iOS app’s design is still from the dark days of skeuomorphism, and until recently, Google hadn’t made any attempts to absorb the service into the Google+ black hole it has been using to knit disparate parts of the company together. Hangouts seems like a natural place for Google Voice to be absorbed, but so far, there’s been little movement. Google integrated SMS into Hangouts in October 2013 and introduced an SMS for Hangouts feature for feature phones that would send Hangouts messages as SMSes. Read 1 remaining paragraphs | Comments

View post:
Google asks Hangouts users to “migrate” their Google Voice accounts

The Witcher coming to iOS, Android, WP8 as a free-to-play MOBA game

For a video game, the jump from “series” to “franchise” can have its seriously awkward moments. At what point does it make sense for a beloved game character to show up in different genres, like puzzle, sports, or kart-racing games? It’s a question worth posing to the folks at Polish design studio CD Projekt Red, who today publicly unveiled the first major spin-off for the company’s plot- and morals-loaded RPG series The Witcher . Thankfully, The Witcher: Battle Arena seems more logical for the series than, say, Dr. Geralt of Rivia’s Mean Bean Machine , as the game will pit the series’ heroes and villains against each other in three-on-three “MOBA”-styled combat by the end of this year. The game’s unveiling didn’t come with a grand pronouncement of new twists on the genre; rather, CD Projekt Red appeared to justify the game’s existence on the fact that quality MOBA games simply don’t exist on smartphones and tablets. “I dare you to name three MOBA games on mobile devices,” Tadek Zielinski said in a Eurogamer report , adding, “We don’t want to fight with League of Legends or Dota . We are a humble company. It wouldn’t be wise to go against guys who are working on it for such a long time.” Read 3 remaining paragraphs | Comments

Follow this link:
The Witcher coming to iOS, Android, WP8 as a free-to-play MOBA game

Serious Android crypto key theft vulnerability affects 10% of devices

Kevlangdo Researchers have warned of a vulnerability present on an estimated 10 percent of Android phones that may allow attackers to obtain highly sensitive credentials, including cryptographic keys for some banking services and virtual private networks, and PINs or patterns used to unlock vulnerable devices. The vulnerability resides in the Android KeyStore , a highly sensitive region of the Google-made operating system dedicated to storing cryptographic keys and similar credentials, according to an advisory published this week by IBM security researchers. By exploiting the bug, attackers can execute malicious code that leaks keys used by banking and other sensitive apps, virtual private network services, and the PIN or finger patterns used to unlock handsets. The advisory said Google has patched the stack-based buffer overflow only in version 4.4, aka KitKat, of Android. The remaining versions, which according to Google figures run 86.4 percent of devices , have no such fix. In an update, IBM said the vulnerability affected only version 4.3, which runs on about 10.3 percent of handsets. There are several technical hurdles an attacker must overcome to successfully exploit the vulnerability. Android is fortified with modern software protections, including data execution prevention and address space layout randomization, both of which are intended to make it much harder for hackers to execute code when they identify security bugs. Attackers would also have to have an app installed on a vulnerable handset. Still, the vulnerability is serious because it resides in KeyStore, arguably one of the most sensitive resources in the Android OS. In an e-mail, Dan Wallach , a professor specializing in Android security in the computer science department of Rice University, explained: Read 5 remaining paragraphs | Comments

See the original article here:
Serious Android crypto key theft vulnerability affects 10% of devices

Burglar logs in to Facebook in victim’s house, forgets to sign off

Nicholas Wig. Dakota County Sheriff’s Office A 27-year-old Minnesota man appears to have violated at least two tenets of the digital age: Never log in to your Facebook account in a stranger’s house you’re burglarizing, and don’t forget to sign off if you do. Such egregious violations have led to the arrest of a South St. Paul man charged with burglary allegations. Nicholas Steven Wig is accused of stealing cash, credit cards, a watch, a checkbook, and other items. When the victim came home last week, he noticed a screen missing from a window and his house in disarray. He also discovered his home computer was open to a Facebook page of one “Nick Dub,” who turned out to be Wig, police said. Read 4 remaining paragraphs | Comments

See the article here:
Burglar logs in to Facebook in victim’s house, forgets to sign off

Running WordPress? Got webshot enabled? Turn it off or you’re toast

A zero-day vulnerability in the popular TimThumb plugin for WordPress leaves many websites vulnerable to exploits that allow unauthorized attackers to execute malicious code, security researchers have warned. The vulnerability, which was disclosed Tuesday on the Full Disclosure mailing list , affects WordPress sites that have TimThumb installed with the webshot option enabled. Fortunately, it is disabled by default, and sites that are hosted on WordPress.com are also not susceptible. Still, at press time, there was no patch for the remote-code execution hole. People who are unsure if their WordPress-enabled site is vulnerable should open the timthumb file inside their theme or plugin directory, search for the text string “WEBSHOT_ENABLED,” and ensure that it’s set to false. When “WEBSHOT_ENABLED” is set to true, attackers can create or delete files and execute a variety of other commands, Daniel Cid, CTO of security firm Sucuri, warned in a blog post published Thursday . He said uploading a file to a vulnerable site was possible using URLs such as the following, where a.txt was the file being created: Read 1 remaining paragraphs | Comments

View original post here:
Running WordPress? Got webshot enabled? Turn it off or you’re toast