technology – Page 215

FBI Director Says Unlocking Method Won’t Work On Newer iPhones

Even though the FBI was able to gain access to the San Bernardino terrorist’s iPhone without Apple’s help, the Apple-FBI saga continues. It was reported yesterday the FBI is telling members of Congress of the methods used to break into the iPhone 5c. The most recent tidbit comes from FBI Director James Comey in regard to how many iPhones are at risk from the unlock tool. An anonymous reader quotes a report from CNN: FBI Director James Comey said Wednesday that the government had purchased “a tool” from a private party in order to unlock the iPhone used by one of the San Bernardino shooters. “Litigation between the government and Apple over the San Bernardino phone has ended, because the government has purchased, from a private party, a way to get into that phone, 5c, running iOS 9, ” Comey said. The FBI director also said the purchased tool worked only on a “narrow slice of phones” that does not include the newest Apple models, or the 5s. Read more of this story at Slashdot.

More:
FBI Director Says Unlocking Method Won’t Work On Newer iPhones

Outdated and Vulnerable WordPress, Drupal Versions Contributed To Panama Papers Breach

An anonymous reader quotes a report from WordPress Tavern: Authorities have not yet identified the hacker behind the Panama Papers breach, nor have they isolated the exact attack vector. It is clear that Mossack Fonseca, the Panamanian law firm that protected the assets of the rich and powerful by setting up shell companies, had employed a dangerously loose policy towards web security and communications. The firm ran its unencrypted emails through an outdated (2009) version of Microsoft’s Outlook Web Access. Outdated open source software running the frontend of the firm’s websites is also now suspected to have provided a vector for the compromise. Forbes has identified outdated WordPress and Drupal installations as security holes that may have led to the data leak. [WordPress Tavern Editor Sarah Gooding] found that the firm’s WordPress-powered site is currently running on version 4.1 (released in December 2014), based on its version of autosave.js, which is identical to the autosave.js file shipped in 4.1. The main site is also loading a number of outdated scripts and plugins. Its active theme is a three-year-old version of Twenty Eleven (1.5), which oddly resides in a directory labeled for /twentyten/. The Mossack Fonseca client portal changelog.txt file is public, showing that its Drupal installation hasn’t been updated for three years. Since the release of version 7.23, the software has received 25 security updates, which means that the version it is running includes highly critical known vulnerabilities that could have given the hacker access to the server. Read more of this story at Slashdot.

More:
Outdated and Vulnerable WordPress, Drupal Versions Contributed To Panama Papers Breach

WhatsApp Enables End-To-End Encryption For All Forms of Communications By Default

Popular instant messaging app WhatsApp, on Tuesday, announced that it is turning on end-to-end encryption for all its users by default. The company says that every call a user makes, every text message they send, all photos and videos they share will now be more secure. Furthermore, the encryption status of any chat is visible under the chat’s preferences screen. The announcement comes a little over a year after the Facebook-owned company partnered with Open Whisper Systems, a nonprofit software group that develops collaborative open source projects with a mission to “make private communication simple.” The end-to-end encryption feature is available on the latest version of the app. In a blog post, Open Whisper Systems further explains the feature: Once a client recognizes a contact as being fully e2e capable, it will not permit transmitting plaintext to that contact, even if that contact were to downgrade to a version of the software that is not fully e2e capable. This prevents the server or a network attacker from being able to perform a downgrade attack. In a blog post, WhatsApp writes: While WhatsApp is among the few communication platforms to build full end-to-end encryption that is on by default for everything you do, we expect that it will ultimately represent the future of personal communication. WhatsApp has also made available the technical details about how the two companies implemented this feature (PDF). For those of you who haven’t heard of WhatsApp, it’s an instant messaging and voice calling app. The free service, which is available across all popular platforms, is used by more than a billion people worldwide every month. A report on Wired says that a team of only 15 engineers enabled this security feature for over a billion users. Privacy researcher and activist Christopher Soghoian rightfully adds, “Google has no excuse.” Read more of this story at Slashdot.

View the original here:
WhatsApp Enables End-To-End Encryption For All Forms of Communications By Default

TSA Paid $1.4 Million For Randomizer App That Chooses Left Or Right

An anonymous reader writes: For those of you who have traveled through U.S. airports in recent years, you may have noticed the Transport Security Administration (TSA) use a Randomizer app to randomly search travelers in the Pre-Check lane. The app randomly chooses whether travelers go left or right in the Pre-Check lane so they can’t predict which lane each person is assigned to and can’t figure out how to avoid the random checks. Developer Kevin Burke submitted a Freedom of Information Act request asking for details about the app. The documents he received reveals the TSA purchased the Randomizer iPad app for $336, 413.59. That’s $336, 413.59 for an app, which is incredibly simple to make as most programming languages of choice have a randomizing function available to use. What may be even more intriguing is that the contract for the TSA Randomizer app was won by IBM. The total amount paid for the project is actually $1.4 million, but the cost is not broken down in Burke’s documents. It’s possible IBM supplied all the iPads and training in addition to the app itself. Read more of this story at Slashdot.

Inside Meow Wolf, the amusement park for people who want a weirder Disneyland

A view from the enchanted forest, showing all the stairs and crawl spaces that you can explore. (credit: Meow Wolf) SANTA FE, NM—The Meow Wolf art complex looks like a strip mall from another dimension. Located in downtown Santa Fe, its massive main building—a former bowling alley—is covered in zig-zagging lines of explosive color. The parking lot is dominated by towering metal sculptures of a spider and a robot. Its landlord is George RR Martin, author of the Game of Thrones series, and its tenants are a high-tech artist collective called Meow Wolf, known previously for building a full-scale spaceship that visitors could explore . On March 17, after nearly two years of construction, the Meow Wolf art complex opened its riotously painted doors and invited the public in to its first permanent exhibit, called The House of Eternal Return . Think of it as a walk-in science fiction novel built with milling machines, thermoplastic, and Arduinos. Or maybe it’s a cross between Disneyland and a massive, multiplayer, IRL game . Built by 135 artists and makers, the result is a 20,000-square-foot dreamworld where your goal is to figure out why an old Victorian house in Mendocino, California, has become ground zero for a rupture in space-time that’s allowing other dimensions to leak into ours. I took a tour of the Meow Wolf art complex in the final few days before it opened, when dozens of artists and fabricators were working around the clock to finish building what I can only describe as something I never imagined could exist. My tour guides were artist Lauren Oliver, whose magnificent space owl can be found in the dreamscape of Eternal Return, and technology project lead Corvas Brinkerhoff. They fitted me with a hard hat and took me into a building that was once a bowling alley. Now it’s another world. Read 27 remaining paragraphs | Comments

Newly Discovered Star Has an Almost Pure Oxygen Atmosphere

William Herkewitz, reports for Popular Mechanics: A newly discovered star is unlike any ever found. With an outermost layer of 99.9 percent pure oxygen, its atmosphere is the most oxygen-rich in the known universe. Heck, it makes Earth’s meager 21 percent look downright suffocating. The strange stellar oddity is a radically new type of white dwarf star, and was discovered by a team of Brazilian astronomers led by Kepler de Souza Oliveira at the Federal University of Rio Grande do Sul in Brazil. The star is unique in the known pool of 32, 000 white dwarf stars, and is the only known star of any kind with an almost pure oxygen atmosphere. The new white dwarf has a mouthful of a name — SDSSJ124043.01+671034.68 — but has been nicknamed ‘Dox’ (pronounced Dee-Awks) by Kepler’s team. The discovery was reported today in a paper in the journal Science. Read more of this story at Slashdot.

Link:
Newly Discovered Star Has an Almost Pure Oxygen Atmosphere

Chinese Scammers Take Mattel To the Bank, Phishing Them For $3 Million

itwbennett quotes a report from The Associated Press: Mattel, the popular toy maker behind Barbie and Hot Wheels, was the victim of a phishing attack last year that nearly cost them $3 million. On April 30, 2015, a Mattel finance executive got a note from the new CEO, Christopher Sinclair, requesting a new vendor payment to China. Transfers required approval from two high-ranking managers; the finance exec qualified and so did the CEO. The transfer was made. The only thing preventing a total loss was the fact that the following day was a bank holiday. Details of the attack against Mattel come from a report by the Associated Press, investigating money laundering and other financial crime in Wenzhou, China. Read more of this story at Slashdot.

Read this article:
Chinese Scammers Take Mattel To the Bank, Phishing Them For $3 Million

Over 1,400 Vulnerabilities Found In Automated Medical Supply System

An anonymous reader writes: Security researchers have discovered 1, 418 vulnerabilities in CareFusion’s Pyxis SupplyStation system — automated cabinets used to dispense medical supplies — that are still being used in the healthcare and public health sectors in the US and around the world. The vulnerabilities can be exploited remotely by attackers with low skills, and exploits that target these vulnerabilities are publicly available. Things already seem to be getting out hands. Read more of this story at Slashdot.

View article:
Over 1,400 Vulnerabilities Found In Automated Medical Supply System

First USB-Powered 8TB Drive Is as Portable as a Flash Drive

Keeping the number of power cords dangling off your desk to a minimum usually means settling for a smaller capacity backup drive that draws all the power it needs from a single USB cable. But Seagate’s new Innov8 drive packs 8TB of storage into an external closure that doesn’t need to draw power from an outlet. Read more…

View the original here:
First USB-Powered 8TB Drive Is as Portable as a Flash Drive

iPhone 7s May Sport Curved Glass and AMOLED Display

anderzole quotes a report from BGR: With calls for Apple’s upcoming iPhone models to be “spectacular, ” it appears that pundits and those who have been quick to proclaim that we’ve reached “peak iPhone” have nothing to worry about. While we’ll know what type of wild new features the iPhone 7 will incorporate in just about three months, a new report from reputed analyst Ming-Chi Kuo provides us with some interesting insight as to what Apple has planned for 2017 when it releases what will presumably be called the iPhone 7s. According to a research note Kuo provided to investors, Apple is busy working on an iPhone model with curved pieces of glass and an AMOLED display. What’s more, the report relays that Apple also has plans to shake up its iPhone lineup with a model sporting a 5.8-inch display. Further, Kuo believes that the bezels on the iPhone 7s will be smaller than they are on Apple’s current iPhone lineup. Read more of this story at Slashdot.

View original post here:
iPhone 7s May Sport Curved Glass and AMOLED Display

Ken May

Tag: technology