Main Area and Open Discussion > Living Room
Tech News Weekly: Edition 42
Ehtyar:
The Weekly Tech NewsHi all.
Not much to say this week. I still haven't worked out how I will do a table of contents. If anyone would like to recommend some regex, it will need to match every instance of [anchor=*] it finds in the given string.
Also, there are three articles this week that have been discussed elsewhere, please be sure to contribute to the original threads if you have any thoughts on the topic.
As usual, you may find last week's news here.
1. DHS to Fund Open Source Next Generation IDS/IPS
http://taosecurity.blogspot.com/2008/10/dhs-to-fund-open-source-next-generation.html
The US Department of Homeland Security will be bankrolling the next open source Intrusion Detection/Prevention System.
The Open Information Security Foundation (OISF, www.openinfosecfoundation.org) is proud to announce its formation, made possible by a grant from the U.S. Department of Homeland Security (DHS). The OISF has been chartered and funded by DHS to build a next-generation intrusion detection and prevention engine. This project will consider every new and existing technology, concept and idea to build a completely open source licensed engine. Development will be funded by DHS, and the end product will be made available to any user or organization.
--- End quote ---
2. Intellectual Property Bill Becomes Law: Critics Say It Goes Too Far
http://www.darkreading.com/document.asp?doc_id=165924&f_src=darkreading_section_296
Another Link: http://www.reuters.com/article/technologyNews/idUSTRE49C7EI20081013
Discussion started by Deozaan: PRO-IP Act signed into Law
US President George Bush has signed a bill which dramatically increases penalties for copyright infringement.
President Bush yesterday signed a bill that toughens current laws on the theft of intellectual property and establishes a new White House cabinet position to oversee the IP infringement effort.
The Prioritizing Resources and Organization for Intellectual Property Act (Pro-IP), which was passed by the House and Senate earlier this month, establishes the position of intellectual property enforcement coordinator ("IP czar"). It also steepens penalties for IP infringement and increases resources for the Department of Justice to coordinate for federal and state efforts against counterfeiting and piracy.
--- End quote ---
3. Russian Researchers Achieve 100-fold Increase in WPA2 Cracking Speed
http://securityandthe.net/2008/10/12/russian-researchers-achieve-100-fold-increase-in-wpa2-cracking-speed/
Another link: http://www.theregister.co.uk/2008/10/10/graphics_card_wireless_hacking/
Discussion started by f0dder: 100-fold WPA/WPA2 bruteforce speed increase
Researchers have used off-the-shelf GPUs to increase the speed of bruteforce attacks against wireless access points.
Russian security company Elcomsoft just posted a press release (original PDF) detailing a new method to crack WPA and WPA2 keys:
With the latest version of Elcomsoft Distributed Password Recovery, it is now possible to crack WPA and WPA2 protection on Wi-Fi networks up to 100 times quicker with the use of massively parallel computational power of the newest NVIDIA chips. Elcomsoft Distributed Password Recovery only needs a few packets intercepted in order to perform the attack.
--- End quote ---
4. Apple Patents OS X Dock
http://www.theregister.co.uk/2008/10/08/apple_patents_osx_dock/
Discussion started by VideoInPicture: Apple Patents the OS X Dock!!!
Apple has patented their OS X Dock. Makers of imitation products could be caught up in lawsuits should Apple choose to enforce the patent.
Apple has patented the OS X Dock, nearly a decade after the operating system made its public debut with a new slant on the taskbar.
The late arrival isn't due to a lack of initiative, however. Apple applied for the patent December 20, 1999, and it was approved by the US Patent Office only yesterday.
Apple summarizes the Dock as a "user interface for providing consolidation and access." The patent (available here) puts a particular focus on the Dock's ability to magnify icons to a predetermined size when the cursor is near, the user's ability to rearrange icons, and the way it overlaps the desktop and active windows. Other touches such as indicating which applications are running, label tiles appearing on mouse-over, and the ability to drag and drop files into applications on the Dock are also described.
--- End quote ---
5. World Bank Denies Key Systems Hacked
http://www.theregister.co.uk/2008/10/13/world_bank_hack_attack/
Another link: http://www.darkreading.com/document.asp?doc_id=165712
The World Bank denies that it's servers have repeatedly been compromised in recent times.
The World Bank has denied reports that hackers penetrated its network on multiple occasions over the last year.
Fox News reports the financial institution has suffered at least six attacks since the middle of 2007. The assault emerged in the course of a separate FBI investigation, prompting the bank to issue a memo (pdf) to warn workers.
--- End quote ---
6. CastleCops Nemesis Gets Two Year Sentence
http://www.theregister.co.uk/2008/10/13/castlecops_attacker_sentenced/
A man has been convicted and sentenced to two years federal prison time for using botnets to launch Distributed Denial of Service Attacks against the volunteer CastleCops forum.
An American hacker has been sentenced to two years in federal prison for waging potent attacks that took down two volunteer websites for days at a time.
Gregory C. King of Fairfield, California, was also ordered to pay more than $69,000 in restitution for distributed denial of service (DDoS) attacks on CastleCops and KillaNet Technologies. In June, King admitted he used a bot army to wage a relentless campaign of destruction on the sites in a scheme to punish the operators for behavior he thought was unfair. The attacks were so fierce that his victims sustained as much as $70,000 in damage, according to court documents.
--- End quote ---
7. DarkMarket Carder Forum Revealed As FBI Sting
http://www.theregister.co.uk/2008/10/14/darkmarket_sting/
Followup: Arrests made and here.
It has been revealed that a well known forum for credit card thieves was actually an FBI sting.
Leaked documents have confirmed that carder forum DarkMarket was actually an FBI sting operation.
For the last two years until its shutdown earlier this month DarkMarket.ws posed as a forum where identity thieves, credit card fraudsters, crackers and other ne'er do wells could hang out and exchange tips as well as trading hacker tools and stolen data. In reality, the site was run by Federal agents based in Pittsburgh.
--- End quote ---
8. Storm Botnet Blows Itself Out
http://www.theregister.co.uk/2008/10/14/storm_worm_botnet_rip/
It would appear that the infamous Storm botnet has finally ceased to exist, for now.
Security watchers Marshal claim the infamous Storm botnet is no more, after waning spam emails finally dried up altogether last month.
Other security researchers have noted a similar decline, but warn that while the botnet is currently inactive it may yet return, possibly in a more potent form.
--- End quote ---
9. Warezov Botnet Rises from the Grave
http://www.theregister.co.uk/2008/10/16/warezovs_second_coming/
As the perfect companion story to Storm Botnet Blows Itself Out, the long-since-forgotten Warezov botnet appears to be up and running again.
After laying low for the better part of a year, the Warezov botnet is back - with some new tricks up its sleeve.
In the past week, trojan horse programs that install the Warezov bot have been spotted on websites offering free MP3 downloads, according to Joe Stewart, director of malware research at security provider SecureWorks. The attacks are a big change for Warezov, which burst on the scene in 2006 with malware attacks spread in email attachments. The new methodology is an acknowledgment of the futility of email attacks given the difficulty of sneaking malicious payloads past today's email filters.
--- End quote ---
10. Adobe Patch Thwarts Clickjacking Attack
http://www.theregister.co.uk/2008/10/16/adobe_update_thwarts_clickjacking/
Another link: http://news.cnet.com/8301-1009_3-10067544-83.html
Original stories here and here.
Adobe has finally patched the infamous clickjacking flaw in Adobe Flash Player.
Adobe has published an update to its popular Flash Player software, addressing a much-publicised clickjacking flaw.
Clickjacking affects multiple applications (including browsers and media players) and creates a means for hackers to trick prospective marks into unknowingly clicking on a link or dialogue. Adobe Flash Player - specifically the microphone and camera access dialogue - was among the products affected.
--- End quote ---
11. Net Filters "Required" for All Australians, No Opt-out
http://arstechnica.com/news.ars/post/20081016-net-filters-required-for-all-australians-no-opt-out.html
The internet filtering currently being tested in Tasmania may soon be mandatory for the entire country, with no complete opt-out option as promised.
Australians may not be able to opt out of the government's Internet filtering initiative like they were originally led to believe. Details have begun to come out about Australia's Cyber-Safety Plan, which aims to block "illegal" content from being accessed within the country, as well as pornographic material inappropriate for children. Right now, the system is in the testing stages, but network engineers are now saying that there's no way to opt out entirely from content filtering.
--- End quote ---
12. City-owned Fiber Network a Go As Judge Tosses Telco Lawsuit
http://arstechnica.com/news.ars/post/20081009-city-owned-fiber-network-a-go-as-judge-tosses-telco-lawsuit.html
A small US city has resolved to build their own fiber-to-the-home network when the local ISP failed to listen to their requests.
When the 12,000 person city of Monticello, Minnesota voted overwhelmingly to put in a city-owned and -operated fiber-optic network that would link up all homes and business to a fast Internet pipe, the local telco sued to stop them. Wednesday, District Court Judge Jonathan Jasper dismissed the suit with prejudice after finding that the city was well within its rights to build the network by issuing municipal bonds. In this case, however, a total loss for the telco might actually turn out to be a perverse sort of victory.
--- End quote ---
13. The Android Fine Print: Kill Switch and Other Tidbits
http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9117279
Google's Android mobile OS contains a kill-switch, much like that found in Apple's iPhone in August.
An uproar erupted when iPhone users discovered a so-called remote kill switch on their phones -- will it spur the same reaction in users of the G1, the first Android phone?
In the Android Market terms of service, Google expressly says that it might remotely remove an application from a user's phone. "Google may discover a product that violates the developer distribution agreement ... in such an instance, Google retains the right to remotely remove those applications from your device at its sole discretion," the terms, linked to from the phone, read.
--- End quote ---
14. Firefox 3.1 Beta Available For Download
http://blogs.pcmag.com/securitywatch/2008/10/firefox_31_beta_available_for.php
Firefox 3.1 BETA 1 is now avilable for developers and web designers to test. It includes improved CSS 3 and HTML 5 support, and faster rendering speeds in addition to various minor improvements.
Version 3.1 doesn't seem to have any major improvements, but a large number of potentially noteworthy ones. There is a new version of the Gecko rendering engine that claims improvements in web compatibility, standards compliance, ease of use and performance. There is more support for CSS 2.1 and 3.0 properties.
The Smart Location Bar has support for new characters to restrict searches.
Developers get a lot of new features to use: There are new video and audio elements from HTML 5. There are many additions to the DOM and Canvas and SVG (Scalable Vector Graphics) support.
--- End quote ---
15. OpenOffice 3: Why Buy Microsoft Office?
http://blogs.computerworld.com/review_of_final_openoffice_3_why_buy_microsoft_office
Open Office 3.0 has been released, then officially announced to server-crippling demand. This article is a review of the new features available because I thought that would be more useful.
The final version of OpenOffice 3 is out today, and if you're looking to save yourself plenty of money, download it instead of buying Microsoft Office --- you could save yourself hundreds of dollars, and not lose out on many features.
I put the Windows version through its paces, and am about to download the Linux version as well. The suite has six full-blown applications: the Writer word processor, Calc spreadsheet, Impress presentations program, Base database program, Math equation editor, and Draw graphics program.
--- End quote ---
16. Mobile Firefox Reaches ALPHA 1
http://www.webmonkey.com/blog/Mobile_Firefox_Reaches_Alpha_1__Offers_Desktop_Version_for_Testing
Mozilla's mobile Firefox has reached the ALPHA 1 testing phase.
Mozilla’s mobile version of Firefox, code-named Fennec, has reached the alpha 1 milestone. As with the previous, pre-alpha releases, Fennec alpha 1 will only work with the Nokia N800/N810 internet tablet. While Mozilla says that it has made great progress on the Windows Mobile version, there’s still no release available. There also won’t be an iPhone version anytime soon; as Mozilla execs have previously stated, Apple’s software requirements for the device are too restrictive.
--- End quote ---
Ehtyar.
Grorgy:
Good selection Ehtyar, well done, your work on this is appreciated :Thmbsup:
mouser:
Well you outdid yourself this time -- really great edition. This is clearly now a must-read thing on DC.
Your summaries and quotes are great if you just want to keep informed but dont want to go read the whole article. And very cool how you link to forum discussions too.
Ehtyar:
Thanks guys :)
Ehtyar.
Deozaan:
Number 11: The Australian internet filters story is just scary. It won't be long before the Aussies have no idea what Tiananmen Squarew was all about either.
Navigation
[0] Message Index
[#] Next page
Go to full version