NoelJ

Facebook To Add Remote Logout

angry tapir writes “Facebook users will soon have a new way of knocking spammers out of legitimate accounts. The social-networking company is rolling out a new security feature that lets users see which computers and devices are logged into their Facebook accounts, and then removing the ones that they don’t want to have access.”

Read more of this story at Slashdot.

Trailrunner7 writes “Google has released a new version of its Chrome browser and has included more than a dozen security fixes in the update. The new version, 6.0.472.53, was released two years to the day after the company pushed out the first version of Chrome. Google Chrome 6 includes patches for 14 total security vulnerabilities, including six high-priority flaws, and the company paid out a total of $4,337 in bug bounties to researchers who reported the vulnerabilities. A number of the flaws that didn’t qualify for bug bounties were discovered by members of Google’s internal security team.” (Read on for more, below.)

Read more of this story at Slashdot.

crimeandpunishment writes “The top man in telecommunications at the United Nations is weighing in on the Blackberry battle … and he says share the data. The UN’s telecom chief says governments have legitimate security concerns, and Research in Motion should give them access to its customer data. In an interview with the Associated Press, Hamadoun Toure said ‘There is a need for cooperation between governments and the private sector on security issues.’”

Read more of this story at Slashdot.

wiedzmin writes “Public broadcaster ARD’s show ‘Plusminus’ teamed up with the known hacker organization ‘Chaos Computer Club’ (CCC) to find out how secure the controversial new radio-frequency (RFID) chips were. The report shows how they used the basic new home scanners that will go along with the cards (for use with home computers to process the personal data for official government business) to demonstrate that scammers would have few problems extracting personal information. This includes two fingerprint scans and a new six-digit PIN meant to be used as a digital signature for official government business and beyond.” That was quick. Earlier this year, CCC hackers demonstrated vulnerabilities in German airport IDs, too.

Read more of this story at Slashdot.

wiredmikey writes “Think you can bust out some silly fresh rhymes on the subjects of hacking, identity theft and computer viruses? In a somewhat untraditional partnership, Snoop Dogg and Symantec’s Norton want you to show off your their lyrical skills on the subject of cybercrime and enter the ‘Hack is Wack’ cybercrime rap contest. If you have the skills and bust out the phattest rap, you’ll receive round trip airfare for two to Los Angeles along with two days and two nights’ hotel stay to meet with Snoop’s management, learn more about his business. You’ll also get two tickets to a Snoop Dogg concert and a new laptop pimped out with Norton Internet Security 2011.”

Read more of this story at Slashdot.

Steve Jobs gave his iPod keynote this morning. He started with iOS 4.1 and Game Center which will be coming out next week. iOS 4.2 will add printing to the iPad and will be out in November. The new iPod Shuffle has buttons again, and costs $49. The new iPod Nano has a tiny multi-touch screen, and an FM radio, and starts at $149. The new (thinner) Touch has the iPhone 4 screen, an A4 chip, and FaceTime over WiFi, starting at $229 for 8GB. They all ship next week.

iTunes 10 looks the same, but adds a social network called “Ping,” which basically looks like Last.fm integrated, and should be out today.

AppleTV is updating: 1/4th the size, no purchases — only rentals. 99 cents for TV rentals (ABC & Fox), Netflix on Demand built in, and for $99.

Read more of this story at Slashdot.

jj110888 writes “CyanogenMod has just been updated to version 6.0, bringing Android Open Source Project 2.2 (Froyo) to several devices. This fork includes enchantments to many of the built-in apps, Ad-hoc network connectivity, OpenVPN support, Bluetooth HID, Incognito browsing, extensive control over audio and UI elements, and more found in the extensive CHANGELOG. The CyanogenMod team uses an instance of Google’s gerrit tool for code review and patch submission, helping make this former backport of Android 1.6 to T-Mobile’s G1 into thriving development for the G1/MyTouch/MyTouch 1.2, Droid, Nexus One, HTC Aria, HTC Desire, HTC Evo 4G (minus 4G and HDMI output), Droid Incredible, and MyTouch Slide. HTC Hero (including Droid Eris) are coming soon for 6.0, with Samsung Galaxy S devices expected to be supported in 6.1.”

Read more of this story at Slashdot.

An anonymous reader writes “Responses to a survey from attendees of the DEFCON 18 conference revealed that 73% came across a misconfigured network more than three quarters of the time – which, according to 76% of the sample, was the easiest IT resource to exploit. Results revealed that 18% of professionals believe misconfigured networks are the result of insufficient time or money for audits. 14% felt that compliance audits that don’t always capture security best practices are a factor and 11% felt that threat vectors that change faster than they can be addressed play a key role.”

Read more of this story at Slashdot.

An anonymous reader writes “Ksplice, the technology that allows Linux kernel updates without a reboot, is now free for users of the Fedora distribution. Using Ksplice is like ‘replacing your car’s engine while speeding down the highway,’ and it can potentially save your Linux systems from a lot of downtime. Since Fedora users often live on the bleeding edge of Linux development, Ksplice makes it even easier to do so, and without reboots!”

Read more of this story at Slashdot.

snydeq writes “InfoWorld’s Galen Gruman reports on the future of mobile security — one that will see a significant rise in exploits as valuable information increasingly migrates to mobile devices. To date, sandboxing and code-signing have helped make mobile OSes relatively secure, when compared with their desktop brethren. But as devices store more valuable information than email, they will become more enticing to hackers currently breaking into Windows PCs. And the biggest bulls-eye appears to be on Android, in large part because its architecture is most like that of the desktop PC but also because there are so many variants in use — too many for Google or the carriers to patch securely. And as the PDF-jailbreak vulnerability showed, sandboxing has its limits when it comes to securing the browser — the most likely point of entry for exploits not due to the rise of extensions, helper objects, and plug-ins on the mobile Web.”

Read more of this story at Slashdot.

An anonymous reader writes “Engadget has photos of ‘Pionen White Mountains, the nuclear bunker in which Wikileaks will locate some of its servers. It was excavated 98 feet underground, in a rock hill in the center of Stockholm, Sweden, during the Cold War.’ It looks like they hired the same interior designer who decorated Batman’s lair.”

Read more of this story at Slashdot.

Trailrunner7 writes “A Spanish security researcher has discovered a new vulnerability in Apple’s QuickTime software that can be used to bypass both ASLR and DEP on current versions of Windows and give an attacker control of a remote PC. The flaw apparently results from a parameter from an older version of QuickTime that was left in the code by mistake. It was discovered by Ruben Santamarta of Wintercore, who said the vulnerability can be exploited remotely via a malicious Web site. On a machine running Internet Explorer on Windows 7, Vista or XP with QuickTime 7.x or 6.x installed, the problem can be exploited by using a heap-spraying technique. In his explanation of the details of the vulnerability and the exploit for it, Santamarta said he believes the parameter at the heart of the problem simply was not cleared out of older versions of the QuickTime code. ‘The QuickTime plugin is widely installed and exploitable through IE; ASLR and DEP are not effective in this case and we will likely see this in the wild,’ said HD Moore, founder of the Metasploit Project.”

Read more of this story at Slashdot.

Canadian_Daemon writes with news that India has granted a 60-day reprieve for their threat to ban BlackBerry devices while the government evaluates RIM’s proposal for “lawful access” to users’ encrypted data.
“The Ministry of Home Affairs said in a statement it would review the situation in 60 days after the Department of Telecommunications studies the feasibility of routing BlackBerry services through a server in India. India wants greater access to encrypted corporate e-mails and instant messaging, though it remains unclear precisely what concessions Research In Motion agreed to in order to avert the ban. About one million BlackBerry users would have been affected in India. ‘RIM have made certain proposals for lawful access by law enforcement agencies and these would be operationalized immediately. The feasibility of the solutions offered would be assessed thereafter,’ the ministry said.”

Read more of this story at Slashdot.

Martin Hellman writes “According to an article in Nature magazine, quantum hackers have performed the first ‘invisible’ attack on two commercial quantum cryptographic systems. By using lasers on the systems — which use quantum states of light to encrypt information for transmission —’ they have fully cracked their encryption keys, yet left no trace of the hack.’”

Read more of this story at Slashdot.

gphilip writes “I have been asked to contribute ideas for the preparation of a textbook for ninth graders (ages circa 14 years) in the subject of Information and Communication Technologies (ICT). Could you suggest material to include in such a text? More details below.”

Quite a few details, actually — how would you add to the curriculum plan outlined below?

Read more of this story at Slashdot.

Trackback this post | Feed on Comments to this post