Tag: score2

Questions Linger As Juniper Removes Suspicious Dual_EC Algorithm

msm1267 writes: Juniper Networks has removed the backdoored Dual_EC DRBG algorithm from its ScreenOS operating system, but new developments show Juniper deployed Dual_EC long after it was known to be backdoored. Stephen Checkoway, assistant professor of computer science at the University of Illinois at Chicago, said that he and a number of crypto experts looked at dozens of versions of Juniper’s NetScreen firewalls and learned that ANSI X9.31 was used exclusively until ScreenOS 6.2 when Juniper added Dual_EC. It also changed the size of the nonce used with ANSI X9.31 from 20 bytes to 32 bytes for Dual_EC, giving an attacker the necessary output to predict the PRNG output. ‘And at the same time, Juniper introduced what was just a bizarre bug that caused the ANSI generator to never be used and instead just use the output of Dual_EC. They made all of these changes in the same version update.’ Read more of this story at Slashdot.

More here:
Questions Linger As Juniper Removes Suspicious Dual_EC Algorithm

Planetary Resources Reveals Out-of-This-World 3D Printing

Zothecula writes: If one is going to get into the asteroid mining business, one needs to prove that you can do something with what’s brought back. That seems to be the thinking behind Planetary Resources’ recent presentation at CES in Las Vegas, where the asteroid mining company unveiled the first object 3D printed using extraterrestrial materials. Made in collaboration with 3D Systems, the nickel-iron sculpture represents a stylized, geometric spacecraft, such as might be used for asteroid mining or prospecting. Planetary Resources says it is representative of what could be printed in a weightless environment. Read more of this story at Slashdot.

See the original article here:
Planetary Resources Reveals Out-of-This-World 3D Printing

Linux Kernel 4.4 LTS Officially Released

prisoninmate writes: January 10, 2016, will enter in the Linux history books as the day when the Linux kernel 4.4 LTS (Long-Term Support) has been officially released by Linus Torvalds and his team of hard working kernel developers. Prominent features of Linux kernel 4.4 LTS include 3D support in the virtual GPU driver, allowing for 3D hardware-accelerated graphics in virtualization guests, a leaner and faster loop device that supports Asynchronous I/O and Direct I/O, thus increasing the system’s performance and saving memory, and support for Open-Channel Solid State Drives (SSDs) through LightNVM. Phoronix also took a look during the newest kernel’s development cycle, and has an overview of 4.4’s new features. Read more of this story at Slashdot.

See the original post:
Linux Kernel 4.4 LTS Officially Released

OCZ RevoDrive 400 NVMe SSD Unveiled With Nearly 2.7GB/Sec Tested Throughput

MojoKid writes: Solid State Drive technology continues to make strides in performance, reliability and cost. At the CES 2016 show there were a number of storage manufacturers on hand showing off their latest grear, though not many made quite the splash that Toshiba’s OCZ Technology group made with the annoucement of their new RevoDrive 400 NVMe PCI Express SSD. OCZ is tapping on Toshiba’s NVMe controller technology to deliver serious bandwidth in this consumer-targeted M.2 gumstick style drive that also comes with a X4 PCI Express card adapater. The drive boasts specs conservatively at 2.4GB/sec for reads and 1.6GB/sec for writes in peak sequential transfer bandwidth. IOPs are rated at 210K and 140K for writes respectively. In the demo ATTO test they were running, the RevoDrive 400 actually peaks at 2.69GB/sec for reads and also hits every bit of that 1.6GB/sec write spec for large sequential transfers. Read more of this story at Slashdot.

Visit link:
OCZ RevoDrive 400 NVMe SSD Unveiled With Nearly 2.7GB/Sec Tested Throughput

Forbes Asks Readers To Disable Adblock, Serves Up Malvertising

Deathlizard writes with a report at Engadget that when this year’s “Forbes 30 Under 30” list came out , “it featured a prominent security researcher. Other researchers were pleased to see one of their own getting positive attention, and visited the site in droves to view the list. On arrival, like a growing number of websites, Forbes asked readers to turn off ad blockers in order to view the article. After doing so, visitors were immediately served with pop-under malware, primed to infect their computers, and likely silently steal passwords, personal data and banking information.” Read more of this story at Slashdot.

View article:
Forbes Asks Readers To Disable Adblock, Serves Up Malvertising

After Years of Serving X11, X.Org Stands To Lose Its One-Letter Domain

An anonymous reader writes: The X.Org domain predates the X.Org Foundation. It was used in the ’90s as a destination by The Open Group around the X Window System. While many are expecting Mir and Wayland to eventually succeed the X.Org Server, it seems the X.Org/X11 Server may outlive the valuable domain. Thanks to poor management by the X.Org Foundation, they risk losing access to their one-letter domain. Procrastination, paired with not transferring the domain when forming the non-profit foundation, has led to a last-minute mess. They left the domain registered for years to a person who is no longer involved with X.Org — and doesn’t want to relinquish it. In the few days until the domain expires, they are hoping for a “Hail Mary.” Let this be a lesson for open-source projects to better manage their assets. Read more of this story at Slashdot.

See the original article here:
After Years of Serving X11, X.Org Stands To Lose Its One-Letter Domain

New Dell Tech Support Scams Have Customers Worried Company Was Hacked

Trailrunner7 writes: A new twist on the fake tech support scam has arisen that has victims wondering whether Dell has been hacked.There has been a recent rash of calls to Dell customers in which the caller says he is from Dell itself and is able to identify the victim’s PC by model number and provide details of previous warranty and support interactions with the company. These are details that, it would seem, only Dell or perhaps its contractors would know. One person who was contacted by the scammers wrote a detailed description of the call, and said the caller had personal details that could not have been found online. Dell officials say they’re looking into it. Read more of this story at Slashdot.

More here:
New Dell Tech Support Scams Have Customers Worried Company Was Hacked

Twitter To Extend 140-Character Limit For Tweets

An anonymous reader writes: According to Re/code, Twitter is doing away with its 140-character limit for tweets. The company is currently planning on increasing the limit to 10, 000 characters, though the final number may change before they roll it out. “Twitter is currently testing a version of the product in which tweets appear the same way they do now, displaying just 140 characters, with some kind of call to action that there is more content you can’t see. Clicking on the tweets would then expand them to reveal more content. The point of this is to keep the same look and feel for your timeline, although this design is not necessarily final, sources say.” Read more of this story at Slashdot.

Link:
Twitter To Extend 140-Character Limit For Tweets

IPv6 Turns 20, Reaches 10 Percent Deployment

An anonymous reader writes: Ars notes that the RFC for IPv6 was published just over 20 years ago, and the protocol has finally reached the 10% deployment milestone. This is an increase from ~6% a year ago. (The percentage of users varies over time, peaking on the weekends when most people are at home instead of work.) “If a 67 percent increase per year is the new normal, it’ll take until summer 2020 until the entire world has IPv6 and we can all stop slicing and dicing our diminishing stashes of IPv4 addresses.” “A decade or so ago, it was still quite common for people to complain about certain IPv6 features, and proclaim the protocol would never catch on. Although part of that can be blamed on the conservative nature of network administrators, it’s true that adopting IPv6 requires abandoning some long standing IPv4 practices. For instance, with IPv4, it’s common to use Network Address Translation (NAT) so multiple devices can share the use on an IPv4 address. IPv6 has more than enough addresses to give each device its own, so there’s no NAT in IPv6. The Internet is probably better off without NAT and the complications that it adds, but without NAT as a first but relatively porous line of defense against random packets coming in from the open Internet, it’s necessary to be much more deliberate about which types of packets to accept and which to reject.” Read more of this story at Slashdot.

Follow this link:
IPv6 Turns 20, Reaches 10 Percent Deployment

Google Glass For Work Is Sleeker, Tougher and Foldable

An anonymous reader writes: FCC filings published today are offering a glimpse of the “Enterprise Edition” of Google Glass. According to Engadget: “…The work-focused eyepiece touts a much slicker (and likely more durable) design with both a larger display prism and a hinge that lets you fold it up for travel. The test photos also reveal a spot for a magnetic battery attachment and what looks to be a speedier Atom processor. There’s still no word on when Google will announce this headset, although the FCC presence hints that it might not take long.” Read more of this story at Slashdot.

Follow this link:
Google Glass For Work Is Sleeker, Tougher and Foldable