topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 2:55 pm
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Tech News Weekly: Edition 29-09  (Read 4836 times)

Ehtyar

  • Supporting Member
  • Joined in 2007
  • **
  • Posts: 1,237
    • View Profile
    • Donate to Member
Tech News Weekly: Edition 29-09
« on: July 19, 2009, 04:56 AM »
The Weekly Tech News
TNWeekly01.gifHi all.
Enjoy :)
As usual, you can find last week's news here.


1. Oz Cops Turn to Wardriving to Fight Wi-Fi 'jackers
Spoiler
http://www.reghardware.co.uk/2009/07/17/oz_plod_wardriving/
In an apparent plea for some meaningful work, police officers in the Australian state of Queensland will soon commence searching for unsecured wireless networks in city suburbs, warning residents at risk of attack.

Police in the Australian state of Queensland are to go on the hunt for unsecured wireless networks.

Claiming that "the crooks are out there driving around trying to identify these [open] networks", Queensland Police Detective Superintendent Brian Hay told local site ITnews that the Boys in Blue will now do the same.

Folk found to be in possession of an un-WEPed WLAN will be warned of the dangers they face, as will wireless router owners who enabled security but retained the default password.


2. Clever Attack Exploits Fully-patched Linux Kernel
Spoiler
http://www.theregister.co.uk/2009/07/17/linux_kernel_exploit/
While I find this headline to be outrageously sensationalist, this is an interesting story. Due to the way a certain optimization procedure is performed by gcc, pieces of the Linux Kernel have become vulnerable to null pointer dereference bugs. Devs, remember to check for NULL *before* assignment...who knew?

A recently published attack exploiting newer versions of the Linux kernel is getting plenty of notice because it works even when security enhancements are running and the bug is virtually impossible to detect in source code reviews.

The exploit code was released Friday by Brad Spengler of grsecurity, a developer of applications that enhance the security of the open-source OS. While it targets Linux versions that have yet to be adopted by most vendors, the bug has captured the attention of security researchers, who say it exposes overlooked weaknesses.


3. Facebook 'breaches Canadian law'
Spoiler
http://news.bbc.co.uk/2/hi/americas/8155367.stm
It looks as though someone has finally found the balls to question Facebook on the way it handles user data (read: keeps user data forever).

An investigation by Canada's privacy commission found the US-based website also gave "confusing or incomplete" information to subscribers.

Facebook says it is aiming to safeguard users' privacy without compromising their experience of the site.

More than 200 million people actively use Facebook.

They include about 12 million in Canada, more than one in three of the population.


4. Why Amazon Went Big Brother On Some Kindle E-books
Spoiler
http://arstechnica.com/tech-policy/news/2009/07/amazon-sold-pirated-books-raided-some-kindles.ars
Discussion started by nosh: https://www.donationcoder.com/forum/index.php?topic=19218.0
Kindle users who had purchased copies of George Orwell's 1984 or Animal Farm found via email that their purchases were being refunded, then upon connecting to Amazon with their Kindles, found the books were automatically deleted.

Amazon.com shocked customers yesterday when it reached out to hundreds, if not thousands of Kindles and simply deleted texts that users had not only purchased, but had started to read. A literary coitus interruptus, Amazon spoiled the readers' descent into Orwellian masochism with nary a warning or apology.

Sometime on Thursday, users had an eerie feeling that they were being watched, receiving emails stating that their purchases were being refunded. When they connected to the Kindle's WhisperNet, the purchases in question were automatically deleted. Some could only wonder: how often could this happen? Perhaps the Thought Police Amazon Customer Service team could cut off your books whenever they wanted to.


5. Mozilla Design Challenge Showcases New Browser Tab Concepts
Spoiler
http://arstechnica.com/open-source/news/2009/07/mozilla-design-challenge-showcases-new-browser-tab-concepts.ars
Discussion started by mouser: https://www.donationcoder.com/forum/index.php?topic=18379.0
The winners of Mozilla's tab improvement challenge have been announced.

Earlier this year, Mozilla's design gurus began exploring the possibility of improving on the principle of tabbed browsing. They launched a discussion about various ways to transcend the limitations imposed by the current tab system.

To encourage broader community participation in this discussion, Mozilla Labs launched a competition and called for designers to submit mockups and concept art that depicted new ideas and interfaces for tabbed browsing. The results of the Summer Design Challenge were announced this week and Mozilla has published the best entries.


6. Researchers To Release Tool That Silently Hijacks EV SSL Sessions
Spoiler
http://www.darkreading.com/security/app-security/showArticle.jhtml?articleID=218500176
Apparently, in much the same manner the regular SSL doesn't mean much anymore, EV SSL is pretty useless as a new MITM attack on EV SSL will be presented at the July BlackHat conference.

If you think you're safe from man-in-the-middle (MITM) attacks as long as you're visiting an Extended Validation SSL (EV SSL) site, then think again: Researchers will release a new tool at Black Hat USA later this month that lets an attacker hack into a user's session on an EV SSL-secured site.

Mike Zusman and Alex Sotirov -- who in March first demonstrated possible MITM attacks on EV SSL at CanSecWest -- will release for the first time their proxy tool at the Las Vegas conference, as well as demonstrate variations on the attacks they have discovered. The Python-based tool can launch an attack even with the secure green badge displaying on the screen: "It doesn't alert the user that anything fishy is going on," says Zusman, principal consultant at Intrepidus.


7. BlackBerry Update Bursting With Spyware
Spoiler
http://www.reghardware.co.uk/2009/07/15/o2_tg01_virus/
BlackBerry users of the Etisalat network in the United Arab Emirates were delivered a software update from their carrier that, when activated, would forward messages to an Etisalat server. It was only noticed thanks to a customer who reverse engineered the update after noticing excessive battery drain due to a glitch.

An update pushed out to BlackBerry users on the Etisalat network in the United Arab Emirates appears to contain remotely-triggered spyware that allows the interception of messages and emails, as well as crippling battery life.

Sent out as a WAP Push message, the update installs a Java file that one curious customer decided to take a closer look at, only to discover an application intended to intercept both email and text messages, sending a copy to an Etisalat server without the user being aware of anything beyond a slightly excessive battery drain.


8. Glitch Hits Visa Users With More Than $23 Quadrillion Charge
Spoiler
http://www.cnn.com/2009/US/07/15/quadrillion.dollar.glitch/index.html
In their haste to create an inflation-poof credit system, Visa apparently forgot to add a sanity check to credit card purchases, charging several customers $23 Quadrillion in a single transation, on top of which went a $15 overdraft fee.

A technical snafu left some Visa prepaid cardholders stunned and horrified Monday to see a $23,148,855,308,184,500 charge on their statements.
Josh Muszynski noticed the 17-digit charge while making a routine balance inquiry.

That's about 2,007 times the size of the national debt.

Josh Muszynski, 22, of Manchester, New Hampshire, was one Visa customer aghast to find the 17-digit charge on his bill. Adding insult to injury, he had also been hit with a $15 overdraft fee.


9. Twitter's Underwear Exposed After Google Apps Hack
Spoiler
http://www.theregister.co.uk/2009/07/15/twitter_hack_exposes_data/
Twitter has yet again trumpeted its immaturity to the world after documents were obtained from a Google Apps breach that held intimate details of the companies financials.

An unidentified hacker has exposed confidential corporate and personal information belonging to microblogging site Twitter and its employees after breaching electronic accounts belonging to several people close to the company.

The episode is the latest reminder that the convenience of cloud-based services that store spreadsheets and other information online cut both ways. While they make it easy to access personal notes from anywhere in the world, they also open up the information to theft - especially when the owners are highly public individuals who didn't take due care to safeguard the data in the first place.


10. Hand in Liquid Nitrogen
Spoiler
http://www.collegehumor.com/video:1917191
Pretty awesome video explaining how one can put ones hand into a pool of liquid nitrogen and pull it out without causing any harm.

onion.jpg



Ehtyar.

4wd

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 5,641
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 29-09
« Reply #1 on: July 19, 2009, 06:07 AM »
1. "...as will wireless router owners who enabled security but retained the default password."

This implies they are going to access your router, (and thus your network), without your permission....which is illegal.

When they come to the door to tell us the dangers we can ask how they know the password is default and then get them charged for illegal network access......yeah, right.


On a side note and totally off-topic: The new series of Scrapheap Challenge sucks!!  >:(

housetier

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • default avatar
  • Posts: 1,321
    • View Profile
    • Donate to Member
Re: Tech News Weekly: Edition 29-09
« Reply #2 on: July 19, 2009, 10:37 AM »
nice selection! thanks