|
features post news
(SMS/Articles)
featured download
Recent News
MS forensics tool leaks onto the web
@ Nov 13 2009, 12:12 (UTC+0) | From: Amos-Trask :
Microsoft's point-and-click "computer forensics for cops" tool has leaked onto the web.
COFEE (Computer Online Forensic Evidence Extractor) is designed to allow law enforcement officers to collect digital evidence from a suspect's PC without requiring any particular expertise. Using the technology - which recovers a list of processes running on an active computer at the scene of an investigation - involves inserting a specially adapted USB stick into a computer.
Continued... |
|
Leaking crypto keys from mobile devices
@ Oct 22 2009, 12:01 (UTC+0) | From: data :
Security researchers have discovered a way to steal cryptographic keys that
are used to encrypt communications and authenticate users on mobile devices
by measuring the amount of electricity consumed or the radio frequency
emissions.
Continued...
|
|
Spamwashers hijacked, a wake-up call for lazy sysadmins everywhere
@ Oct 05 2009, 16:31 (UTC+0) | From: PSY0NIC :
A Third Time, Uncharmed
Spamwashers hijacked, a wake-up call for lazy sysadmins everywhere. The slow bruteforcers are back for another round.
A new round of slow, distributed bruteforce attacks is in progress. Just like the other times we know about (see references later), the initial target is root. This time around I see only one of my ssh-contactable machines targeted, and the dribble started on September 30th.
Continued... |
|
Microsoft to release free anti-virus software today
@ Sep 29 2009, 20:48 (UTC+0) | From: Kirt :
Security Essentials has been available in beta since June, but will go live for everyone on 29 September. The software will update its anti-virus signature daily to deal with new threats.
Continued... |
|
TI vs. Calculator Hackers
@ Sep 25 2009, 22:35 (UTC+0) | From: data :
"So a bunch of TI calculator programming enthusiasts got together to factor the keys Texas Instruments uses to sign the operating system binaries for the ti83+ (a z80 architecture) and the ti89/v200 (a 68k architecture) series of calculators. Now Texas Instruments is sending out DMCA notices to take them down."
Continued...
Discuss Here
|
|
Verizon, AT&T: Net neutrality not OK for wireless
@ Sep 22 2009, 06:15 (UTC+0) | From: spider-man :
The wireless industry is gearing up to fight new Net neutrality rules that the Federal Communications Commission is formulating to keep the Internet open.
On Monday, FCC Chairman Julius Genachowski gave a speech at the Brookings Institute in Washington, D.C., outlining plans to turn the agency's principles for open Internet access into official regulation.
In addition to making sure that network operators cannot prevent users from accessing lawful Internet content, applications, and services of their choice, or attaching unharmful devices to the network, Genachowski wants to add two more rules.
Continued...
|
|
Linux webserver botnet pushes malware
@ Sep 14 2009, 11:02 (UTC+0) | From: Cygnum :
A security researcher has discovered a cluster of infected Linux servers that have been corralled into a special ops botnet of sorts and used to distribute malware to unwitting people browsing the web.
Each of the infected machines examined so far is a dedicated or virtual dedicated server running a legitimate website, Denis Sinegubko, an independent researcher based in Magnitogorsk, Russia, told The Register. But in addition to running an Apache webserver to dish up benign content, they've also been hacked to run a second webserver known as nginx, which serves malware.
Continuted..
|
|
Bug exposes eight years of Linux kernel
@ Aug 14 2009, 15:56 (UTC+0) | From: Kirt :
Linux developers have issued a critical update for the open-source OS after researchers uncovered a vulnerability in its kernel that puts most versions built in the past eight years at risk of complete takeover.
Continued... |
|
Linux Credit Card
@ Jul 30 2009, 12:08 (UTC+0) | From: data :
The Linux Foundation is pleased to offer a Linux-branded affinity credit card for those who want to support the Linux Foundation's activities while expressing their commitment to Linux. The Linux-branded credit card is an easy way for anyone to contribute to the growth of Linux and identify themselves as supporters of the community by carrying Tux in their pocket.
Continued...
|
|
NIST announces SHA-3 round 2 candidates
@ Jul 26 2009, 07:57 (UTC+0) | From: data :
A report summarizing NIST's selection of these candidates will be
forthcoming. A year is allocated for the public review of these
algorithms, and the Second SHA-3 Candidate Conference is being planned
for August 23-24, 2010, after Crypto 2010.
Shortlisted for round 2:
BLAKE,Blue Midnight Wish,
CubeHash,ECHO,Fugue,
Grostl,Hamsi,JH,Keccak,Luffa,
Shabal,SHAvite-3,SIMD,Skein
Continued... |
|
iPhone security cracked, smacked and broken
@ Jul 24 2009, 20:02 (UTC+0) | From: Kirt :
A researcher has delved into the encryption used to protect content on the iPhone 3GS, only to claim it is "entirely useless" and that he had "[never] seen encryption implemented so poorly before".
Continued... |
|
IEEE 802.11n Heads for a September Finish
@ Jul 23 2009, 18:48 (UTC+0) | From: looserpedro :
The IEEE 802.11n standard is likely to be approved in September, making the high-speed wireless LAN technology official after about seven years of wrangling and refinement.
Continued... |
|
Chinese firms behind 'Sexy Space' Trojan
@ Jul 22 2009, 20:35 (UTC+0) | From: Kirt :
F-Secure has identified three China-based companies as the creators of the "Sexy Space" Trojan, which was identified last week to have passed through Symbian Foundation's digital-signing process.
Continued...
|
|
Linux flaw bypasses security
@ Jul 22 2009, 16:01 (UTC+0) | From: Kirt :
A security researcher has released zero-day code for a flaw in the Linux kernel, saying that it bypasses security protections in the operating system.
Continued... |
|
New Technology to Make Digital Data Self-Destruct
@ Jul 22 2009, 09:39 (UTC+0) | From: Cygnum :
A group of computer scientists at the University of Washington has developed a way to make electronic messages “self destruct” after a certain period of time... the researchers said they had struck upon a unique approach that relies on “shattering” an encryption key that is held by neither party in an e-mail exchange but is widely scattered across a peer-to-peer file sharing system.
Continued...
|
|
Five Technologies Iran is Using to Censor the Web From IP blocking to DPI, a look at how the Iranian government is censoring dissent
@ Jul 21 2009, 09:14 (UTC+0) | From: looserpedro :
One month after a disputed presidential election sparked widespread unrest in Iran, the country's government has initiated a cyber-crackdown that is challenging hackers across the globe to find new ways to help keep Iranian dissidents connected to the Web.
Continued...
|
|
Could You Be Hacked Like Twitter?
@ Jul 21 2009, 09:04 (UTC+0) | From: looserpedro :
The French hacker who broke into Twitter's Google Apps and stole more than 300 private company documents has revealed in detail how he did it. Using a method known as "cracking," the man who goes by the name Hacker Croll was able to break down Twitter security by trolling the Web for publicly available information, according to TechCrunch. Eventually, Croll found one weakness many of us are guilty of -- using one password for everything -- and Twitter's security was compromised. Read on to see how Hacker Croll did it, and consider whether access to your digital life could be breached by his methods.
Continued...
Editor note: What is interesting is it works!
|
|
How to use electrical outlets and cheap lasers to steal data
@ Jul 16 2009, 15:34 (UTC+0) | From: human :
If attackers intent on data theft can tap into an electrical socket near a computer or if they can draw a bead on the machine with a laser, they can steal whatever is being typed into it.
How to execute these attacks will be demonstrated at the Black Hat USA 2009 security conference in Las Vegas later this month by Andrea Barisani and Daniele Bianco, a pair of researchers for network security consultancy Inverse Path.
Continued... |
|
Ever Better Cryptanalytic Results Against SHA-1
@ Jul 15 2009, 16:49 (UTC+0) | From: data :
The SHA family (which, I suppose, should really be called the MD4 family) of cryptographic hash functions has been under attack for a long time. In 2005, we saw the first cryptanalysis of SHA-1 that was faster than brute force: collisions in 2^69 hash operations, later improved to 2^63 operations. A great result, but not devastating. But remember the great truism of cryptanalysis: attacks always get better, they never get worse. Last week, devastating got a whole lot closer. A new attack can, at least in theory, find collisions in 2^52 hash operations -- well within the realm of computational possibility. Assuming the cryptanalysis is correct, we should expect to see an actual SHA-1 collision within the year.
Note that this is a collision attack, not a pre-image attack. Most uses of hash functions don't care about collision attacks. But if yours does, switch to SHA-2 immediately.
This is why NIST is administering a SHA-3 competition for a new hash standard. And whatever algorithm is chosen, it will look nothing like anything in the SHA family (which is why I think it should be called the Advanced Hash Standard, or AHS).
A copy of this essay, with all embedded links, is
Here...
Source: Bruce Schneier Blog
|
|
Acceptable DRM? PRISM thinks so
@ Jul 10 2009, 21:01 (UTC+0) | From: Iolaus :
Apparently so, and in the world of computer games no less. Yes I know this confounds previous media coverage, or user experience, with games DRM (e.g. think Spore), but there is strong indication that one company may have come up with something close to acceptable DRM for gamers.
Continued...
|
|
|
sms news
New Bills in U.S. Congress
@ Jan 17 2003, 16:27 (UTC+0) | From: stand__sure :
The following is a list of new legislation in the U.S. House of Representatives and U.S. Senate which was receceived from EPIC.
House
H.R.48: To develop and deploy technologies to defeat Internet jamming and censorship.
Sponsor: Rep Cox, Christopher (R-CA).
Committees: House International Relations.
Latest Major Action: 1/7/2003 Referred to House committee.
Status: Referred to the House Committee on International Relations.
H.R.69: To require the Federal Trade Commission to prescribe regulations to protect the privacy of personal information collected from and about individuals who are not covered by the Children's Online Privacy Protection Act of 1998 on the Internet, to provide greater individual control over the collection and use of that information, and for other purposes.
Sponsor: Rep Frelinghuysen, Rodney P. (R-NJ).
Committees: House Energy and Commerce.
Latest Major Action: 1/7/2003 Referred to House committee.
Status: Referred to the House Committee on
Energy and Commerce.
H.R.70: To regulate the use by interactive computer services of Social Security account numbers and related personally identifiable information.
Sponsor: Rep Frelinghuysen, Rodney P. (R-NJ).
Committees: House Energy and Commerce.
Latest Major Action: 1/7/2003 Referred to
House committee.
Status: Referred to the House Committee on Energy and Commerce.
H.R.71: To require customer consent to the provision of wireless call location information.
Sponsor: Rep Frelinghuysen, Rodney P. (R-NJ).
Committees: House Energy and Commerce.
Latest Major Action: 1/7/2003 Referred to House committee.
Status: Referred to the House Committee on Energy and Commerce.
H.R.107: To amend the Federal Trade Commission Act to provide that the advertising or sale of a mislabeled copy-protected music disc is an unfair method of competition and an unfair and deceptive act or practice, and for other purposes.
Sponsor: Rep Boucher, Rick (D-VA).
Committees: House Energy and Commerce; House Judiciary.
Latest Major Action: 1/7/2003 Referred to House committee.
Status: Referred to the Committee on Energy and Commerce, and in addition to the Committee on the Judiciary, for a period to be subsequently determined by the
Speaker, in each case for consideration of such provisions as fall within the jurisdiction of the committee concerned.
H.R.115: To amend title 49, United States Code, to improve airport security by using biometric security badges, and for other purposes.
Sponsor: Rep Hefley, Joel (R-CO).
Committees: House Transportation and Infrastructure.
Latest Major Action: 1/7/2003 Referred to House committee.
Status: Referred to the House Committee on Transportation and Infrastructure.
H.R.122: To amend section 227 of the Communications Act of 1934 to prohibit the use of the text, graphic, or image messaging systems of wireless telephone systems to transmit unsolicited commercial messages.
Sponsor: Rep Holt, Rush D. (D-NJ).
Committees: House Energy and Commerce.
Latest Major Action: 1/7/2003 Referred to House committee.
Status: Referred to the House Committee on Energy and Commerce.
*Senate*
S.6 Comprehensive Homeland Security Act of 2003. A bill to enhance homeland security and for other purposes.
Sponsor: Sen Daschle, Thomas A. (D-SD).
Committees: Senate Judiciary.
Latest Major Action: 1/7/2003 Referred to Senate committee.
Status: Read twice and referred to the Committee on the Judiciary.
S.16: A bill to protect the civil rights of all Americans, and for other purposes.
Sponsor: Sen Daschle, Thomas A. (D-SD).
Committees: Senate Finance.
Latest Major Action: 1/7/2003 Referred to Senate committee.
Status: Read twice and referred to the Committee on Finance.
S.22: A bill to enhance domestic security, and for other purposes.
Sponsor: Sen Daschle, Thomas A. (D-SD).
Committees: Senate Judiciary.
Latest Major Action: 1/7/2003 Referred to Senate committee.
Status: Read twice and referred to the Committee on the Judiciary.
S.41: A bill to strike certain provisions of the Homeland Security Act of 2002 (Public Law 107-296), and for other purposes.
Sponsor: Sen Lieberman, Joseph I. (D-CT).
Committees: Senate Governmental Affairs.
Latest Major Action: 1/7/2003 Referred to Senate committee.
Status: Read twice and referred to the Committee on Governmental Affairs.
S.113: A bill to exclude United States persons from the definition of "foreign power" under the Foreign Intelligence Surveillance Act of 1978 relating to international terrorism.
Sponsor: Sen Kyl, Jon (R-AZ).
Committees: Senate Judiciary.
Latest Major Action: 1/9/2003 Referred to
Senate committee.
Status: Read twice and referred to the Committee on the Judiciary.
S.123: A bill to exclude United States persons from the definition of "foreign power" under the Foreign Intelligence Surveillance Act of 1978 relating to international terrorism.
Sponsor: Sen Kyl, Jon (R-AZ).
Committees: Senate Judiciary.
Latest Major Action: 1/9/2003 Referred to
Senate committee.
Status: Read twice and referred to the Committee on the Judiciary.
S.153: A bill to amend title 18, United States Code, to establish penalties for aggravated identity theft, and for other purposes.
Sponsor: Sen Feinstein, Dianne (D-CA).
Committees: Senate Judiciary.
Latest Major Action: 1/14/2003 Referred to Senate committee.
Status: Read twice and referred to the Committee on the Judiciary.
|
|
Top of page
|
featured article List puzzle
Your friendly 3 letter organization is in the neighborhood hiring mathematicians and computer scientists. One of their interview questions reads as follows:.
Let H be the pointer given to the head
read here
poll
Which profesional degree do you think will meet your needs best?
|
linking & backends Information about how to link to NewOrder.
New Order news rss feed,
a sms rss feed or a complete list. |
