Tag: wired

Bullseye from 1,000 yards: Shooting the $17,000 Linux-powered rifle

1000 yards is a long, long way away. Steven Michael My photographer, Steve, squints through a computerized scope squatting atop a big hunting rifle. We’re outdoors at a range just north of Austin, Texas, and the wind is blowing like crazy—enough so that we’re having to dial in more and more wind adjustment on the rifle’s computer. The spotter and I monitor Steve’s sight through an iPad linked to the rifle via Wi-Fi, and we can see exactly what he’s seeing through the scope. Steve lines up on his target downrange—a gently swinging metal plate with a fluorescent orange circle painted at its center—and depresses a button to illuminate it with the rifle’s laser. “Good tag?” he asks, softly. “Good tag,” replies the spotter, watching on the iPad. He leaves the device in my hands and looks through a conventional high-powered spotting scope at the target Steve has selected. The wind stops momentarily. “Send it,” he calls out. Read 64 remaining paragraphs | Comments

Visit site:
Bullseye from 1,000 yards: Shooting the $17,000 Linux-powered rifle

Frustrated with iCloud, Apple’s developer community speaks up en masse

Aurich Lawson Apple’s iCloud is marketed to us end users as a convenient and centralized way to manage data on all of our Macs and iOS devices: sync contacts and bookmarks, re-download music and apps, back up iOS devices, and sync documents and data for third-party apps as MobileMe did. The last item, syncing of documents and data, is one of the least glossy features of iCloud, but it is one of the most important, and it should be among the most straightforward. Right? Perhaps not. Almost a year after Apple shut down MobileMe for good in favor of iCloud , third-party developers have begun to speak out about the difficulty involved in working with Apple’s cloud service. A piece published at The Verge this week highlights many of those complaints, with quotes coming from well-known developers and anonymous sources alike about the challenges faced by the developer community. From data loss and corruption to unexpected Apple ID use cases, developers have seen it all—but are stymied by the persistence of problems that prevent them from shipping products with working iCloud support. What’s the big problem, exactly? According to Bare Bones Software’s Rich Siegel, there are a number of moving parts to iCloud that all affect how things come out on the other end. Read 10 remaining paragraphs | Comments

See the original post:
Frustrated with iCloud, Apple’s developer community speaks up en masse

How the maker of TurboTax fought free, simple tax filing

This story was co-produced with NPR . Imagine filing your income taxes in five minutes—and for free. You’d open up a prefilled return, see what the government thinks you owe, make any needed changes and be done. The miserable annual IRS shuffle, gone. It’s already a reality in Denmark, Sweden, and Spain . The government-prepared return would estimate your taxes using information your employer and bank already send it. Advocates say tens of millions of taxpayers could use such a system each year, saving them a collective $2 billion and 225 million hours in prep costs and time, according to one estimate. Read 49 remaining paragraphs | Comments

Read the article:
How the maker of TurboTax fought free, simple tax filing

Solar power, white spaces bring 16Mbps broadband to towns without electricity

Microsoft White space networks haven’t exactly revolutionized Internet access in the US, but that doesn’t mean the technology can’t have a major impact in countries that lack consistent access to the Internet. The latest project showing the power of white spaces is unfolding in Kenya, where a solar-powered network is bringing the Internet to people who aren’t even connected to an electric grid. Microsoft deployed the network last month in conjunction with Kenyan government officials. It is serving a health care clinic in Burguret, a primary and secondary school in Male (that’s pronounced “mah-lay”), a secondary school in Gakawa, and a library in Laikipia. The network will be expanded to 20 locations in the coming months. “Down in the valley, nobody has electricity,” Paul Garnett, director of technology policy at Microsoft, told Ars. Garnett has been shuttling back and forth between the US and Kenya to get the white spaces network up and running, and he gave me an update on the project in a recent phone interview. Read 17 remaining paragraphs | Comments

Read More:
Solar power, white spaces bring 16Mbps broadband to towns without electricity

“Cloud gaming” has a future—just maybe not in the cloud

Nvidia’s Shield tablet can stream full PC games from your Steam library as long as you’re using a GeForce graphics card. This may be the best way to stream your PC games to your tablet. Andrew Cunningham In practically every one of its major press conferences since last year’s GPU Technology Conference, Nvidia has reminded us that they want to virtualize the graphics processor. The company wants to take it out of the computer on your lap or on your desk and put it into a server somewhere without you noticing the difference. It introduced the concept at GTC 2012. Then over the course of the next year, Nvidia unveiled the actual graphics cards that would enable this tech, started selling them to partners, and also stuck them in Nvidia Grid-branded servers aimed at both gamers and businesses . The difference between Nvidia’s initiatives and more traditional virtualization is that the company’s products support relatively few users for the hardware they require. The Grid gaming server supports 24 users per server box and the Visual Computing Appliance (VCA) only supports eight or 16 depending on the model. Most virtualization is all about dynamically allocating resources like CPU cycles and RAM to give as many users as possible the bare minimum amount of power they need. Instead, Nvidia’s is about providing a fixed number of users with a pretty specific amount of computing power, thus attempting to recreate the experience of using a regular old computer. There are situations where this makes sense. Given the cost of buying and maintaining workstation hardware, Nvidia’s argument for the VCA seems more or less convincing. But I’m slightly less optimistic about the prospect for the Grid gaming server, or any cloud gaming service, really—call it leftover skepticism from OnLive’s meltdown earlier this year . Read 11 remaining paragraphs | Comments

Read the original post:
“Cloud gaming” has a future—just maybe not in the cloud

Nvidia plans to turn Ultrabooks into workstations with Grid VCA server

Nvidia CEO Jen-Hsun Huang directs a demo of the Grid Visual Computing Appliance (VCA) during his GTC 2013 keynote. Andrew Cunningham SAN JOSE, CA—One of the announcements embedded in Nvidia CEO Jen-Hsun Huang’s opening keynote for the company’s GPU Technology Conference Tuesday was a brand new server product, something that Nvidia is calling the Grid Visual Computing Appliance, or VCA. The VCA is a buttoned-down, business-focused cousin to the Nvidia Grid cloud gaming server that the company unveiled at CES in January. It’s a 4U rack-mountable box that uses Intel Xeon CPUs and Nvidia’s Grid graphics cards ( née VGX ), and like the Grid gaming server, it takes the GPU in your computer and puts it into a server room. The VCA serves up 64-bit Windows VMs to users, but unlike most traditional VMs, you’ve theoretically got the same amount of graphical processing power at your disposal as you would in a high-end workstation. However, while the two share a lot of underlying technology, both Grid servers have very different use cases and audiences. We met with Nvidia to learn more about just who this server is for and what it’s like to use and administer one. Read 19 remaining paragraphs | Comments

See the original post:
Nvidia plans to turn Ultrabooks into workstations with Grid VCA server

Cisco switches to weaker hashing scheme, passwords cracked wide open

Password cracking experts have reversed a secret cryptographic formula recently added to Cisco devices. Ironically, the encryption type 4 algorithm leaves users considerably more susceptible to password cracking than an older alternative, even though the new routine was intended to enhance protections already in place. It turns out that Cisco’s new method for converting passwords into one-way hashes uses a single iteration of the SHA256 function with no cryptographic salt. The revelation came as a shock to many security experts because the technique requires little time and computing resources. As a result, relatively inexpensive computers used by crackers can try a dizzying number of guesses when attempting to guess the corresponding plain-text password. For instance, a system outfitted with two AMD Radeon 6990 graphics cards that run a soon-to-be-released version of the Hashcat password cracking program can cycle through more than 2.8 billion candidate passwords each second. By contrast, the type 5 algorithm the new scheme was intended to replace used 1,000 iterations of the MD5 hash function. The large number of repetitions forces cracking programs to work more slowly and makes the process more costly to attackers. Even more important, the older function added randomly generated cryptographic “salt” to each password, preventing crackers from tackling large numbers of hashes at once. Read 7 remaining paragraphs | Comments

Continue reading here:
Cisco switches to weaker hashing scheme, passwords cracked wide open

Most PC security problems come from unpatched third-party Windows apps

If you’ve got 99 security problems, odds are Microsoft’s not one—or at least it’s just a minority of them. In its annual review of software vulnerabilities , security software firm Secunia found that 86 percent of vulnerabilities discovered on systems scanned by its software in the 50 most popular Windows software packages in 2012 were attributable to third-party developers and not to Microsoft’s Windows operating system or applications. And for most of these vulnerabilities, a patch was already available at the time they were discovered. Of the top 50 most used Windows packages—including the Windows 7 operating system itself, 18 were found to have end-point security vulnerabilities, a 98 percent increase over five years ago. Of those 18 packages, Google’s Chrome and the Mozilla Firefox browser were the biggest culprits, with 291 and 257 detected vulnerabilities respectively. Apple iTunes came in third, with 243 detected vulnerabilities. The remainder of the top ten offenders were: Adobe Flash Player: 67 Oracle Java JRE SE: 66 Adobe AIR: 56 Microsoft Windows 7: 50 Adobe Reader: 43 Microsoft Internet Explorer: 41 Apple Quicktime: 29 Of the vulnerabilities documented in Secunia’s database, 84 percent had already been patched by vendors when they were discovered on systems. “This means that it is possible to remediate the majority of vulnerabilities,” said Secunia Director of Product Management Morten R. Stengaard. “There is no excuse for not patching.” Read on Ars Technica | Comments

View original post here:
Most PC security problems come from unpatched third-party Windows apps

ID thieves “dox” Joe Biden, Jay-Z, Michelle Obama, and dozens more

The front page of exposed.su. Identity thieves have posted social security numbers, credit information, and other sensitive data belonging to more than a dozen politicians and celebrities. It’s a list that includes Vice President Joe Biden, FBI Director Robert Mueller, former Secretary of State Hillary Clinton, rapper Jay Z, and actor and director Mel Gibson. The website, exposed.su, surfaced on Monday with birth dates, telephone numbers, home addresses, and in some cases credit reports for a handful of politicians and celebrities. Throughout the past 24 hours the site has published details on additional individuals. Social security numbers for Mueller, Jay-Z, and Gibson appeared to be valid, the Associated Press reported . Los Angeles Police Chief Charlie Beck, whose information was also posted on the site, hasn’t challenged the accuracy, either. Still, other journalists wrote that phone numbers purportedly belonging to former California Governor Arnold Schwarzenegger and actor Ashton Kutcher reportedly went to a movie production company and a New York-based accounting firm respectively. The site included the image of a gaunt young woman with black circles around her eyes and an index finger in front of her lips. It was headed by a quote from the Showtime TV series Dexter , in which the title character says, “If you believe that God makes miracles, you have to wonder if Satan has a few up his sleeve.” The site included an embarrassing or humorous photo related to each individual whose information was disclosed. The act of publicly documenting the private details of people is known as “doxxing,” and it came into vogue a few years ago with the growing visibility of the Anonymous hacking collective. Read 2 remaining paragraphs | Comments

Read the original post:
ID thieves “dox” Joe Biden, Jay-Z, Michelle Obama, and dozens more

Mac malware that infected Facebook bypassed OS X Gatekeeper protection

Researchers have identified the Mac malware that infected employees of Apple, Facebook, and Twitter, and say it may have been used to compromise machines in other US organizations, including auto manufacturers, government agencies, and a leading candy maker, according to a published report. Pintsized.A is a new family of Mac malware that uses an exploit to bypass Gatekeeper, an OS X protection that allows end users to tightly control which sources are permitted to install apps , according to an article published Monday by The Security Ledger. Mac antivirus provider Intego says  the trojan masquerades on infected machines as Linux printing software known as cupsd, although it runs from a different location than the legitimate title. It’s unclear exactly how the malware gets around Gatekeeper. Once installed, Pintsized establishes a reverse shell to a command and control server controlled by the attackers. It uses a modified version of the OpenSSH utility to encrypt traffic, a measure that can help it remain undetected on infected networks. One of the domain names that hosted such a server was corp-aapl.com. It caught the attention of members of Facebook’s security team, tipping them off that there was an infected machine inside their network . When they later took control of the domain, they discovered multiple other companies were also compromised by the same attackers. Around the same time, Apple , Twitter , and Microsoft were also hit with attacks that meet the same pattern. Read 1 remaining paragraphs | Comments

Link:
Mac malware that infected Facebook bypassed OS X Gatekeeper protection