69 percent of all DDoS attack traffic by bit volume in the first week of January was the result of NTP reflection. Black Lotus Miscreants who earlier this week took down servers for League of Legends, EA.com, and other online game services used a never-before-seen technique that vastly amplified the amount of junk traffic directed at denial-of-service targets. Rather than directly flooding the targeted services with torrents of data, an attack group calling itself DERP Trolling sent much smaller-sized data requests to time-synchronization servers running the Network Time Protocol (NTP). By manipulating the requests to make them appear as if they originated from one of the gaming sites, the attackers were able to vastly amplify the firepower at their disposal. A spoofed request containing eight bytes will typically result in a 468-byte response to victim, an increase of more than 58 fold. “Prior to December, an NTP attack was almost unheard of because if there was one it wasn’t worth talking about,” Shawn Marck, CEO of DoS-mitigation service Black Lotus , told Ars. “It was so tiny it never showed up in the major reports. What we’re witnessing is a shift in methodology.” Read 4 remaining paragraphs | Comments
More:
DoS attacks that took down big game sites abused Web’s time-sync protocol
Today, the US Department of Energy announced an agreement with a diverse group of NGOs that would see significant improvements to a poorly recognized energy sink: the set-top box that receives and controls TV programming. The agreement, while voluntary, commits service providers to using more efficient hardware through to 2017. Although the individual savings will be small, the cumulative impact is massive: a billion dollars in electricity saved by consumers and five million fewer metric tons of carbon dioxide emissions in the atmosphere. The agreement, brokered by the EPA, brings together a diverse coalition of groups. On the environmental side, we have the Natural Resources Defense Council and the Appliance Standards Awareness Project. Representing industry are the Consumer Electronics Association and the National Cable & Telecommunications Association. The American Council for an Energy-Efficient Economy, which gets its funding from a variety of sources (including utilities), was also at the party. The standards they’ve developed will cover all existing delivery methods: telecom, cable, and satellite. It won’t be written into legislation, but an independent third party will verify that hardware meets the agreement’s specifications each year between now and 2017. The exact details of the energy-saving changes aren’t specified in the announcement , but the electronics in the devices can get quite hot, and statements made by Senator Dianne Feinstein (D-CA) suggest that they often remain active even when the television is off. Read 1 remaining paragraphs | Comments 
In 2008, the British Library, in partnership with Microsoft, embarked on a project to digitize thousands of out-of-copyright books from the 17 th , 18 th , and 19 th centuries. Included within those books were maps, diagrams, illustrations, photographs, and more. The Library has uploaded more than a million of them onto Flickr and released them into the public domain. It’s now asking for help. Though the library knows which book each image is taken from, its knowledge largely ends there. While some images have useful titles, many do not, so the majority of the million picture collection is uncatalogued, its subject matter unknown. Next year, it plans to launch a crowdsourced application to fill the gap, to enable humans to describe the images. This information will then be used to train an automated classifier that will be run against the entire corpus. Read 1 remaining paragraphs | Comments