Tag: user agreement

Lavabit goes head to head with feds in contempt-of-court case

In oral arguments heard on Tuesday, Lavabit and federal prosecutors each presented their cases in front of three judges from the 4 th US Circuit Court of Appeals in Richmond, Virginia. This particular case is an appeal of contempt-of-court charges against Lavabit, a now-defunct e-mail hosting service that once offered secure communication. In the summer of 2013, Lavabit was ordered to provide real-time e-mail monitoring of one of its users, widely believed to be Edward Snowden, the former NSA contractor-turned-leaker. When Lavabit told the feds that the only way it could hand over communications was through an internal process that would deliver results 60 days after anycommunication was sent, the authorities returned with a search warrant for Lavabit’s SSL keys , which could decrypt the traffic of all  of Lavabit’s users. Ladar Levinson, the CEO of Lavabit, handed over the SSL keys but then shut down his 10-year-old business rather than expose all of Lavabit’s users. Levinson now faces charges of contempt-of-court. The case is proving to be difficult for both parties, as well as presiding judges Roger Gregory, Paul Niemeyer, and Steven Agee, to parse. As PC World reports : “Attorneys from both Lavabit and the US government agreed that the legal issues between them could have been resolved before heading to court, though neither party seemed to have an adequate technical answer of how Lavabit could have successfully passed unencrypted data to a law enforcement agency in order to meet the government’s demands.” Read 4 remaining paragraphs | Comments

Original post:
Lavabit goes head to head with feds in contempt-of-court case

Streaming comes to Steam: run on your gaming rig, play on your laptop

Valve is not done redefining itself yet. The gaming juggernaut added ‘operating system developer’ to ‘games studio’ and ‘digital media distributor’ with the introduction of SteamOS. And now it’s adding ‘streaming service’ to its repertoire. The service , currently in beta, allows users to stream game play from one PC to any other PC in their home. Invited users run a beta version of the Steam client on their computers and have settings for adjusting the amount of bandwidth the stream consumes. Though work is in progress to make streaming an option from OS X and Linux machines, the service is primarily aimed at Windows PCs to start. The Windows focus may, in part, be a result of the relatively larger library of Windows games on Steam. Valve’s Linux-based SteamOS has one big limitation compared with the full Steam experience: it can only run games compatible with Linux. That limitation may be mostly put to rest when a Steam Box is now paired with a Windows PC, allowing users to run any game in the Steam library either natively in the Steam Box or streamed. The other key benefit to the new streaming option is convenience. Graphically rich games often suffer when run on thermally limited notebooks. Decoding a video stream requires drastically less computing power than rendering a 3D environment, so gaming on a modestly specced laptop could become much more satisfying. Read 1 remaining paragraphs | Comments

Read more here:
Streaming comes to Steam: run on your gaming rig, play on your laptop

FBI: US court websites went down due to “technical problems,” not DDOS

Flickr user TexasGOPVote.com While the rest of us were fretting about the Gmail outage on Friday , lawyers and those involved in the United States judicial system were concerned that uscourts.gov and other federal courts’ sites had been hit by a distributed denial-of-service (DDOS) attack. Also suffering an outage was pacer.gov , the “Public Access to Court Electronic Records” (PACER), a common way for lawyers and journalists to access court documents online. (That site, which normally charges $0.10 per page for documents, also has a free online mirror , known as RECAP.) Initially, a spokesperson for the Administrative Office of the US Courts told Politico on Friday that it was indeed a denial-of-service attack. A group calling itself the “European Cyber Army” initially also claimed responsibility on Twitter . Read 2 remaining paragraphs | Comments

Read the article:
FBI: US court websites went down due to “technical problems,” not DDOS

Amazon cuts cloud storage prices, Microsoft immediately follows suit

Yesterday, Amazon announced that it would be cutting the prices of both its S3 and EBS cloud-based storage. Today, Microsoft announced that it too was cutting the cost of its cloud storage. The software giant promised last April that it would match Amazon’s prices for commodity cloud services: storage, bandwidth, and computation. Amazon’s pricing varies from region to region, and the price cuts range from 6 percent if you’re storing between 1 and 50 terabytes of data, to up to 22 percent—though you’ll need to be storing at least 5 petabytes to take advantage of this. Microsoft says that not only is it going to match these prices, making cuts of up to 20 percent itself, but it will also charge the same amount in every region . This means that Azure storage will in some parts of the world as much as 10 percent cheaper than the Amazon equivalent. Read 2 remaining paragraphs | Comments

Read More:
Amazon cuts cloud storage prices, Microsoft immediately follows suit

Microfluidics panel could add physical buttons to a touch screen

Tactus Technology Tactus Technology has created a microfluidics panel that could be overlaid on touchscreens to produce “buttons,” per a report from CNET. The panel would allow smartphones to create a bunch of nubs over the keyboard keys on touch screens to help guide typists’ fingers. Some smartphone users are still lamenting the loss of tactile keys like those on a Blackberry, but QWERTY keyboards are hard to justify in terms of real estate when a touch screen can use that space better. A keyboard add-on is a possibility, but one pretender to the Blackberry throne, the Typo, has gotten a mixed reception . Tactus Technology Tactus’ system would put a 0.75 to 1 millimeter-thick microfluidics panel over a device’s LCD instead of glass or plastic. A sub-layer of the panel would be punctured with 200-nanometer holes, through which fluid would be pressed to raise the flexible surface of the screen when the operating system called up some buttons. Read 1 remaining paragraphs | Comments

View original post here:
Microfluidics panel could add physical buttons to a touch screen

Developer screenshots may show off Apple’s “iOS in the Car” progress

Steve Troughton-Smith One of the features Apple talked about when it unveiled iOS 7 at its Worldwide Developer Conference (WWDC) back in June was “iOS in the Car,” a vehicle integration feature that would let drivers with supported vehicles talk to Siri, listen to and respond to text messages, use Maps, and perform other tasks without removing their hands from the wheel. That feature was absent from the original iOS 7 release, but rumors suggest it will be supported in the iOS 7.1 update that’s currently in beta testing. While Apple’s promotional page for iOS 7 shows some early screenshots of what iOS in the Car might look like, new screenshots pulled from developer Steve Troughton-Smith’s Twitter feed and published by 9to5Mac purport to show off a refined version of the interface. Apple Maps is the only usable app as of this writing, suggesting that the screenshots were taken in the iOS Simulator that shipped with the XCode developer tools rather than on actual hardware, but we can still see the basic UI changes that Apple has made since the original demo. There’s a left-aligned bar with the time, connection status, and a software Home button that appears to be persistent across all of the screenshots, and the rest of the interface’s graphics, fonts, and buttons closely mirror those used throughout iOS 7. A safety warning screen like the one used in most GPSs. Steve Troughton-Smith The list of apps should grow once the feature is actually released. Steve Troughton-Smith For most people, iOS in the Car’s biggest drawback will be that it requires a new car to support all of its features. Though Apple says a number of automakers (including Acura, Chevy, Ferrari, Honda, Hyundai, Infiniti, Jaguar, Kia, Mercedes-Benz, Nissan, and Opel) are interested in bringing the feature to some of their 2014 models, replacing a car to use a new feature is a bit more onerous than buying new cables or other accessories. Read 1 remaining paragraphs | Comments

Read the original post:
Developer screenshots may show off Apple’s “iOS in the Car” progress

Point-of-sale malware infecting Target found hiding in plain sight

Cyberslayer Independent security journalist Brian Krebs has uncovered important new details about the hack that compromised as many as 110 million Target customers, including the malware that appears to have infected point-of-sale systems and the way attackers first broke in. According to a post published Wednesday to KrebsOnSecurity, point-of-sale (POS) malware was uploaded to Symantec-owned ThreatExpert.com on December 18, the same day that  Krebs broke the news of the massive Target breach . An unidentified source told Krebs that the Windows share point name “ttcopscli3acs” analyzed by the malware scanning website matches the sample analyzed by the malware scanning website . The thieves used the user name “Best1_user” to log in and download stolen card data. Their password was “BackupU$r”. KrebsonSecurity The class of malware identified by Krebs is often referred to as a memory scraper, because it monitors the computer memory of POS terminals used by retailers. The malware searches for credit card data before it has been encrypted and sent to remote payment processors. The malware then “scrapes” the plain-text entries and dumps them into a database. Krebs continued: Read 2 remaining paragraphs | Comments

Continue reading here:
Point-of-sale malware infecting Target found hiding in plain sight

Creator of PGP e-mail encryption making secure Android “Blackphone”

Blackphone Phil Zimmerman, creator of PGP e-mail encryption , is leading a team of security industry executives building an Android phone with a variety of built-in privacy tools. “I’ve been interested in secure telephony for longer than I’ve been interested in secure e-mail,” Zimmerman said in a video on so-called Blackphone ‘s website. “I had to wait for the rest of the technology infrastructure to catch up to make it possible to do secure telephony. PGP was kind of a detour for me while waiting for the rest of the technology to catch up to make really good secure telephony possible.” The narrator of the Blackphone video ominously says, “Technology was supposed to make our lives better. Instead we have lost our privacy—we have become enslaved.” The Blackphone website says the phone will use “PrivatOS,” an Android-based operating system, while letting users “make and receive secure phone calls; exchange secure texts; exchange and store secure files; have secure video chat; browse privately; and anonymize your activity through a VPN.” Read 4 remaining paragraphs | Comments

See more here:
Creator of PGP e-mail encryption making secure Android “Blackphone”

Critical Microsoft, Adobe, and Oracle updates: Like dental floss for your PC

drueckert.com I was still wiping the sleep from my eyes this morning when the nagging voice kicked in: before trawling the Internet for news, you better install yesterday’s security updates. It wasn’t a pleasant thought, given the raft of patches released yesterday by Microsoft, Adobe, and Oracle for a variety of products. But as someone who has covered computer security for eight years, I’ve come to make updating a top priority. And for good reason. A large percentage of the booby-trapped websites that surreptitiously install malware on visitors’ machines exploit vulnerabilities that have already been patched. The recent hack on Yahoo’s ad network , for instance, targeted two security flaws in the Java software framework that Oracle had fixed 17 and 24 months ago, Trend Micro reported in a blog post . Those who visited compromised Yahoo servers with up-to-date systems were immune to those attacks. By contrast, people using unpatched software were exposed to malicious payloads that installed the Dorkbot and Gamarue trojans, as well as malware that turned visitors’ machines into Bitcoin miners. Read 5 remaining paragraphs | Comments

See the original post:
Critical Microsoft, Adobe, and Oracle updates: Like dental floss for your PC

New DoS attacks taking down game sites deliver crippling 100Gbps floods

Online gamers such as these ones often stream their play in real time. Twitch Recent denial-of-service attacks taking down League of Legends and other popular gaming services are doing more than just wielding a never-before-seen technique to vastly amplify the amount of junk traffic directed at targets. In at least some cases, their devastating effects can deprive celebrity game players of huge amounts of money. As Ars reported last week, the attacks are abusing the Internet’s Network Time Protocol (NTP), which is used to synchronize computers to within a few milliseconds of Coordinated Universal Time . A command of just 234 bytes is enough to cause some NTP servers to return a list of up to 600 machines that have previously used its time-syncing service. The dynamic creates an ideal condition for DoS attacks. Attackers send a modest-sized request to NTP servers and manipulate the commands to make them appear as if they came from one of the targeted gaming services. The NTP servers, which may be located in dozens or even hundreds of locations all over the world, in turn send the targets responses that could be tens or hundreds of times bigger than the spoofed request. The technique floods gaming servers with as much as 100Gbps, all but guaranteeing that they’ll be taken down unless operators take specific precautions ahead of time. Among the targets of this new type of attack are game servers used by celebrity players who broadcast live video streams of their gaming prowess that are viewed as many as 50,000 times. In some cases, the massive audiences translate into tens of thousands of dollars per month, as ads are displayed beside video feeds of the players blowing away opponents in Dota 2 and other games. Read 8 remaining paragraphs | Comments

Excerpt from:
New DoS attacks taking down game sites deliver crippling 100Gbps floods