posted 3 days ago on slashdot
Bismillah writes: Ross Anderson and Laurent Simon of Cambridge University studied a range of Android devices and found that even though a "factory reset" is supposed to fully wipe storage, it often doesn't. Interestingly enough, full-device encryption could be compromised by the incomplete wiping too. ITnews reports: "The researchers estimated that 500 million Android devices may not fully wipe device disk partitions. As many as 630 million phones may not wipe internal SD cards. Five 'critical failures' were outlined in the researchers' Security Analysis of Android Factory Resets paper.

Read More...
posted 3 days ago on slashdot
Advocatus Diaboli writes: A newly released top secret document reveals that the NSA planned to hijack Google and Samsung app stores to plant spying software on smartphones. The report on the surveillance project, dubbed "IRRITANT HORN," shows the U.S. and its "Five Eyes" alliance: Canada, the United Kingdom, New Zealand and Australia, were looking at ways to hack smartphones and spy on users. According to The Intercept: "The top-secret document, obtained from NSA whistleblower Edward Snowden, was published Wednesday by CBC News in collaboration with The Intercept. The document outlines a series of tactics that the NSA and its counterparts in the Five Eyes were working on during workshops held in Australia and Canada between November 2011 and February 2012."

Read More...
posted 3 days ago on slashdot
ErnieKey writes: A youth club in Germany, called Toolbox Bodensee, has created an unusual musical organ. It is constructed of 49 floppy disk drives all of which combine to play quite a unique sound. It has the ability to be played manually or act as a playback device. If you have a bunch of old floppy drives and want to assemble your own organ, the 3D print files are available for free download on Thingiverse.

Read More...
posted 3 days ago on slashdot
HughPickens.com writes: In a case straight out of CSI, CNN reports that police are searching for the man suspected in the gruesome slayings of the Savopoulos family and their housekeeper, after his DNA was purportedly found on a pizza crust at the scene of the quadruple murders. They discovered his DNA on the crust of a Domino's pizza — one of two delivered to the Savopoulos home May 14 as the family was held hostage inside — a source familiar with the investigation said. The pizza apparently was paid for with cash left in an envelope on the porch. The next morning, Savvas Savopoulos's personal assistant dropped off a package containing $40,000 in cash at the home, according to the officials and police documents. The bodies of Savopoulos, along with his wife, Amy, their 10-year-old son Philip and the family's housekeeper, Veralicia Figueroa, were discovered the afternoon of May 14 after firefighters responded to reports of a fire. D.C. Police Chief Cathy Lanier says the killings are likely not a random crime and police have issued an arrest warrant for the 34-year-old Daron Dylon Wint, who is described as 5'7 and 155 lbs and might also go by the name "Steffon." Wint apparently used to work at American Iron Works, where Savvas Savopoulos was CEO and president. The neighborhood is home to numerous embassies and diplomatic mansions as well as the official residence of Vice President Joe Biden and his wife. "Right now you have just about every law enforcement officer across the country aware of his open warrant and are looking for him," says Lanier. "I think even his family has made pleas for him to turn himself in."

Read More...
posted 3 days ago on slashdot
StartsWithABang writes: Imagine you wanted to know what your acceleration was anywhere on Earth; imagine that simply saying "9.81 m/s^2" wasn't good enough. What would you need to account for? Sure, there are the obvious things: the Earth's rotation and its various altitudes and different points. Surely, the farther away you are from Earth's center, the less your acceleration's going to be. But what might come as a surprise is that if you went up to the peak of the highest mountains, not only would the acceleration due to gravity be its lowest, but there'd also be less mass beneath your feet than at any other location.

Read More...
posted 3 days ago on slashdot
itwbennett writes: In follow-up to a story that appeared on Slashdot yesterday about a critical vulnerability in the NetUSB service, networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected and said they are working on fixes. ZyXEL will begin issuing firmware updates in June, while Netgear plans to start releasing patches in the third quarter of the year.

Read More...
posted 3 days ago on slashdot
An anonymous reader writes: YouTube today announced that it is rolling out HTML5 playback and has added 60fps live streaming to allow users to broadcast in real time. "When you start a live stream on YouTube at 60fps, we'll transcode your stream into 720p60 and 1080p60, which means silky smooth playback for gaming and other fast-action videos," YouTube said in a statement. "We'll also make your stream available in 30fps on devices where high frame rate viewing is not yet available, while we work to expand support in the coming weeks."

Read More...
posted 4 days ago on slashdot
An anonymous reader writes: Sen. Rand Paul held up a vote on the Fast Track Authority for an eleven hour dissertation on the flaws of: the Patriot Act, the replacement the USA Freedom Act, bulk data collection including credit card purchases, the DEA and IRS's use of NSA intel. for "parallel construction", warrant-less GPS bugs on vehicles, as well as the important distinction of a general warrant versus a specific one. "There is a general veil of suspicion that is placed on every American now. Every American is somehow said to be under suspicion because we are collecting the records of every American," Paul said. The questions is what did the "filibuster" really accomplish? The speeches caused a delay in Senate business but it's unclear what larger effect, if any, that will have.

Read More...
posted 4 days ago on slashdot
msm1267 writes: The Commerce Department's Bureau of Industry and Security today to implement the controversial Wassenaar Arrangement, and computer security specialists are wary of its language and vagaries. For starters, its definition of "intrusion software" that originally was meant to stem the effect of spying software such as FinFisher and Hacking Team, has also apparently snared many penetration testing tools. Also, despite the Commerce Department's insistence that vulnerability research does not fall under Wassenaar, researchers say that's up for interpretation.

Read More...
posted 4 days ago on slashdot
New submitter thegarbz writes: As covered previously, after losing a legal battle against Dallas Buyers Club and Voltage Pictures the Federal Court of Australia asked ISP iiNet to hand over details of customers allegedly downloading the movie The Dallas Buyers Club. iiNet has now taken the unprecedented move to offer pro-bono legal advice to all of its customers targeted over piracy claims. "It is important to remember that the Court's findings in this case do not mean that DBC and Voltage's allegations of copyright infringement have been proven," Ben Jenkins, financial controller for iiNet wrote. Also, as part of the ruling the court will review all correspondence sent to alleged copyright infringers in hopes to prevent the practice of speculative invoicing. Unless it can be proven exactly how much and and with how many people a film was shared the maximum damages could also be limited to the lost revenue by the studio, which currently stands at $10AU ($7.90US) based on iTunes pricing.

Read More...
posted 4 days ago on slashdot
sandbagger writes: Anthony Mazur is a senior at Flower Mound High School in Texas who photographed school sports games and other events. Naturally he posted them on line. A few days ago he was summoned to the principal's office and threatened with a suspension and 'reporting to the IRS' if he didn't take those 4000 photos down. Reportedly, the principal's rationale was that the school has copyright on the images and not him.

Read More...
posted 4 days ago on slashdot
An anonymous reader writes: In response to a slew of new research about network-level attacks against Tor, academics from the U.S. and Israel built a new Tor client called Astoria designed to beat adversaries like the NSA, GCHQ, or Chinese intelligence who can monitor a user's Tor traffic from entry to exit. Astoria differs most significantly from Tor's default client in how it selects the circuits that connect a user to the network and then to the outside Internet. The tool is an algorithm designed to more accurately predict attacks and then securely select relays that mitigate timing attack opportunities for top-tier adversaries.

Read More...
posted 4 days ago on slashdot
New submitter ukrifleman writes: I've been doing UK based perl, JS, light PHP and JQUERY dev plus Centos/Debian sys admin on a freelance basis for over a decade now. Mostly maintaining older stuff but I also undertook a big, 3 year bespoke project (all written in legacy non OO perl). The trouble is, that contract has now finished and all the legacy work has dried out and I've only got about 2 months of income left! I need to get a full time job. To most dev firms I'm going to look like a bit of a dinosaur, 40 odd years old, knows little of OO coding OR modern languages and aproaches to projects. I can write other languages and, with a bit of practice I'll pick them up pretty quickly. I really don't know where to start. What's hot, what's worth learning, I'm self-taught so have no CS degree, just 15 years of dev and sys admin experience. I've got a bit of team and project management experience too it's quite a worry going up against young whipper snappers that know all the buzz words and modern tech! Am I better off trying to get a junior job to start so I can catch up with some tech? Would I be better off trawling the thousands of job sites or finding a bonafide IT specialist recruitment firm? Should I take the brutally honest approach to my CV/interviews or just wing it and hope I don't bite off more than I can chew? What kind of learning curve could I expect if I took on a new language I have no experience with? Are there any qualififcations that I NEED to have before firms would be willing to take me on? I've been sitting here at this desk for 10 years typing away and only now do I realise that I've stagnated to the point where I may well be obsolete!

Read More...
posted 4 days ago on slashdot
Pam Fletcher was propulsion system chief engineer on the first Chevrolet Volt plug-in hybrid and is now executive chief engineer for electrified vehicles at GM, overseeing electrified vehicles company-wide. A while ago you had a chance to ask about her work and the future of electric cars. Below you'll find her answers to your questions.

Read More...
posted 4 days ago on slashdot
An anonymous reader writes: What if there were an Uber for hackers? Well, there is. It's called Hacker's List, and it made the front page of the New York Times this year. Anyone can post or bid on an 'ethical' hacking project. According to new Stanford research, however, the site is a wreck. 'Most requests are unsophisticated and unlawful, very few deals are actually struck, and most completed projects appear to be criminal.' And it gets worse. 'Many users on Hacker's List are trivially identifiable,' with an email address or Facebook account. The research dataset includes thousands of individuals soliciting federal crimes.

Read More...
posted 4 days ago on slashdot
An anonymous reader writes with news, as reported by The Stack, that regional health insurer CareFirst BlueCross BlueShield, has confirmed a breach which took place last summer, and may have leaked personal details of as many as 1.1 million of the company's customers: "The Washington D.C.-based firm announced yesterday that the hack had taken place in June last year. CareFirst said that the breach had been a 'sophisticated cyberattack' and that those behind the crime had accessed and potentially stolen sensitive customer data including names, dates of birth, email addresses and ID numbers. All affected members will receive letters of apology, offering two years of free credit monitoring and identity threat protection as compensation, CareFirst said in a statement posted on its website." Free credit monitoring is pretty weak sauce for anyone who actually ends up faced with identity fraud.

Read More...
posted 4 days ago on slashdot
An anonymous reader writes: Take Two Interactive, the parent company of Rockstar Games, is suing the BBC for trademark infringement over its planned "making of GTA" drama, Game Changers. The 90-minute movie was created without the involvement of the studio, which rarely comments on the GTA series' development outside of organised press events. (It is expected that it will draw upon the public conflict between Sam Houser and notorious anti-gaming crank Jack Thompson, via the expose "Jacked" by David Kushner.) After direct negotiations with the BBC failed, Take Two brought suit to "ensure that [their] trademarks are not misused." The details of the suit, Rockstar's objections, and the penalties sought, are not yet known.

Read More...
posted 4 days ago on slashdot
MojoKid writes: Asus just finally made their ZenFone 2 available for sale in the US. It's an Intel-powered smartphone running Android Lollipop that's compatible with AT&T and T-Mobile, and other cellular networks that utilize GSM technology, like Straight Talk, MetroPCS, and Cricket Wireless among others.The device is packing a quad-core Intel Atom Z3580 (2.3GHz) with PowerVR G6430 graphics and 4GB of RAM, along with Intel 7262 and Intel 2230 modem tech, a 5.5" Full HD screen, a 13MP rear camera, dual-SIM support and 802.11ac Wi-Fi. The high-end model can be had for only $299, unlocked. A $199 version with 2GB of RAM and a slightly slower Intel Atom Z3560 is also available. In the benchmarks, the Zenfone 2 offers competent though middling performance but considering Asus has priced the ZenFone 2 so aggressively, it's sure to grab some attention at retail with consumers looking for a contract-free commitment.

Read More...
posted 4 days ago on slashdot
harrymcc writes: In 1984, Apple launched the Apple IIc computer. As part of its promotion, it produced a video with Steve Jobs, Steve Wozniak, and other employees talking about company's founding and the creation of the Apple I and Apple II computers. Over at Fast Company, I've shared this remarkable, little-seen bit of history. It's full of goodies, from images of Jobs and Wozniak wearing remarkably Apple Watch-like timepieces to evocative photos of early computer stores.

Read More...
posted 4 days ago on slashdot
New submitter JoSch1337 writes: After a year and a half of development, the Neo900 project now opened its web shop for the down payments of binding pre-orders for either a full Neo900 phone or the bare circuit board to upgrade an existing Nokia N900. The up-front down payment is necessary to now secure expensive "risk parts" like the modem, 1GB RAM and N900 cases. Thus, without pre-ordering now, there might not be enough parts left after the first batch. The Neo900 is the spritual successor of the Nokia N900. The new circuit board can be placed into an existing N900 for better specs (faster CPU, more RAM, LTE modem) than the original device while still maintaining fremantle (maemo 5) backwards compatibility. Alternatively, a fully assembled phone can be purchased as well. The Neo900 will be fully operational without any binary blob running on the main CPU. While the modem still requires a non-free firmware, it is completely decoupled from the rest of the device (think of a LTE usb stick you put in your laptop) and can reliably be monitored or switched off by the operating system. You can follow the development of the project in the maemo forum, read about the specs of the device or consult the FAQ

Read More...
posted 4 days ago on slashdot
itwbennett writes: The U.S. Commerce Department has proposed tighter export rules for computer security tools and could prohibit the export of penetration testing tools without a license. The proposal would modify rules added to the Wassenaar Arrangement in 2013 that limit the export of technologies related to intrusion and traffic inspection. The definition of intrusion software would also encompass 'proprietary research on the vulnerabilities and exploitation of computers and network-capable devices,' the proposal said.

Read More...
posted 4 days ago on slashdot
An anonymous reader writes: For the past few days kernel developers and Linux users have been investigating an EXT4 file-system corruption issue affecting the latest stable kernel series (Linux 4.0) and the current development code (Linux 4.1). It turns out that Linux users running the EXT4 file-system on a RAID0 configuration can easily destroy their file-system with this newest "stable" kernel. The cause and fix have materialized but it hasn't yet worked its way out into the mainline kernel, thus users should be warned before quickly upgrading to the new kernel on systems with EXT4 and RAID0.

Read More...
posted 4 days ago on slashdot
jfruh writes: Java made its public debut twenty years ago today, and despite a sometimes bumpy history that features its parent company being absorbed by Oracle, it's still widely used. Mark Reinhold, chief architect for the Oracle's Java platform group, offers one explanation for its continuing popularity: it's easy for humans to understand it at a glance. "It is pretty easy to read Java code and figure out what it means. There aren't a lot of obscure gotchas in the language ... Most of the cost of maintaining any body of code over time is in maintenance, not in initial creation."

Read More...
posted 4 days ago on slashdot
derekmead writes: The oldest stone tools ever found have been discovered by scientists in Kenya who say they are 3.3m years old, making them by far the oldest such artifacts discovered. Predating the rise of humans' first ancestors in the Homo genus, the artifacts were found near Lake Turkana, Kenya. More than 100 primitive hammers, anvils and other stone tools have been found at the site. An in-depth analysis of the site, its contents, and its significance as a new benchmark in evolutionary history will be published in the May 21 issue of Nature.

Read More...
posted 4 days ago on slashdot
An anonymous reader writes: Telstra’s Asian-based data center and undersea cable operator Pacnet has been hacked exposing many of the telco’s customers to a massive security breach. The company said it could not determine whether personal details of customers had been stolen, but it acknowledged the possibility. The Stack reports: "Telstra said that an unauthorized third party had been able to gain access to the Pacnet business management systems through a malicious software installed via a vulnerability on an SQL server. The hack had taken place just weeks before Telstra acquired the Asian internet service provider for $550mn on 16 April this year. The telecom company confirmed that it had not been aware of the hack when it signed the deal in December 2014."

Read More...