Skip navigation

Category Archives: tech news

Prosecutors forwarded the case to the financial watchdog Jan 8 saying that an unidentified, outsourced staff in charge of data-processing jobs stole the data and sold it to advertising agents illegally.

From South Korea Plans to Prevent Personal Data Leakage

You know what their solution (simplified) was?  “Under the revised rule, mandatory collection will be limited to six to 10 essential information, including names, ID numbers, home address, mobile phone numbers, type of job and nationality.”

Seriously?  That’s all you got to give us?  Nothing about ‘no more outsourcing’.  Nothing about “security clearance required to handler personal information”?  Just limit how much info is collected?  Oh, and something about you agreeing to share any info before hand….yeah, how many of you read the fine print?

See, being in Korea you see a lot of really dumb things.  While they have mostly done away with ‘pin codes’ for debit purchases, they were replaced with ‘signing pads’.  While this can be theoretically more secure, the Koreans just make some sort of random scribble.  Even the staff will make those scribble for you thus completely by-passing the more secure method.  Before you needed to know someone’s pin….now all you need to do is make a squiggle and BAM, purchase done.

There is a cool option to have every purchase you complete sent to you an SMS message summary.  This is really useful but rarely used.

To even just LOOK at a Korean website, you will need to download a programs which acts as a firewall/keylogger while you are just LOOKING at the website.  This used to be utterly limited to Windows and Internet Explorer but a few years ago they mandated that FireFox be allowed as well.  Still, some sites haven’t bothered with this (non-banks) and I don’t know about you but I don’t have a lot of faith in programs that haven’t been analyzed by independent security experts.  This is also severely limiting for those with Macs and Linux.  The few tech-savy ones can run emulators and such but it’s a real pain.

So, none of this really matters if you put data into the hands of money-hungry people.  Data will always be leaked if the rewards are worth the risk.

Been awhile since I posted here, figured this would be a good one to keep people aware, knowing how popular these routers were.

Researchers say they have uncovered an ongoing attack that infects home and small-office wireless routers from Linksys with self-replicating malware, most likely by exploiting a code-execution vulnerability in the device firmware.

Johannes B. Ullrich, CTO of the Sans Institute, told Ars he has been able to confirm that the malicious worm has infected around 1,000 Linksys E1000, E1200, and E2400 routers, although the actual number of hijacked devices worldwide could be much higher. A blog post Sans published shortly after this article was posted expanded the range of vulnerable models to virtually the entire Linksys E product line. Once a device is compromised, it scans the Internet for other vulnerable devices to infect.

Read More here.

 

 

Steven Bertoni Steven Bertoni, Forbes Staff

I cover technology, entrepreneurs and billionaires.

Tech
12/23/2013 @ 7:30AM |110,497 views

14 Bad Tech Habits To Break In 2014

Break these bad tech habits in 2014

Break these bad tech habits in 2014

Thanks to smartphones, cloud technology and social networks, we can take the Internet with us everywhere these days. The down side–we can take the Internet with us everywhere these days.

We are a society tethered to our devices. Apple played on this recently with a tear-jerker of a holiday commercial. But as clever as Apple marketing is–very few teenagers (or any of us for that matter) with faces glued to iPhones use the smartphone to create touching family moments. Most are only texting or surfing the Web.

So as we reflect on the life changes we hope to make in 2014, I asked my digitally astute colleagues at FORBES to share their technology New Years Resolutions. Below are bad technology habits we want (both ourselves, and others) to break in 2014–Good luck.

1) I will stop checking email before bed, right when I wake up and in bed in general.

Has this ever happened to you? Just before turning in, you check your iPhone one final time, only to have a (stressful, annoying, distressing—insert any adjective here) email keep you tossing all night. Or have you checked your phone first thing in the morning, and an email or text fills you with anxiety before you’ve even fully woken up? It happens to us too.

Tip: Keep all screens out of the bedroom. If like me, you use your iPhone as your alarm clock, swap it out for a clock radio to remove the temptation.

2) I will turn-off all email notifications.

The Microsoft Exchange email alert, the Gmail inbox counter and G-Chat indicator—few things are more distracting than these attention stealers.

Tip: Dig into your settings to switch off the distraction-inducing blips and chimes from detracting from the task at hand. Create a disciplined schedule to check your email once every hour or so–you’ll gain an incredible amount of control over your work day.

3) I will not use my iPhone or Android as a social crutch.

When did if become a requirement to bury your face in a smartphone during every minute you find yourself waiting for a friend at a bar or restaurant? Keep your phone in your pocket, take in the scene and maybe even talk to the person next to you at the bar.

4) I will talk more and text less.

No more refusing to answer calls from friends so you can text them back asking “what’s up?” Same goes for texting happy birthday, happy anniversary, happy new year. While texting is great for logistics, for big, emotional moments and milestones—reach out and touch someone. But there’s a caveat to this rule, see resolution #5.

5) If a person does not answer my call, I will not leave a voicemail—that’s what texts are for.

Pass codes, dialing “1″ for new messages, quickly scribbling down the phone numbers and addresses left in those messages–no one has the patience for that these days. As a result, now no one checks voicemail any more–at least not right away. Send a text, your friend will appreciate it, and it will actually be received.

6) I will not use my smartphone in the following places:

– in the gym

– in an elevator

– in a crosswalk

– in the checkout line

– in the drivers seat

– in the restroom

7) I will not use hashtags outside of Twitter, and when I do, it will be solely for trending topics (say no to #stopwritingstupidhashtags)

8) I will limit my Instagram posts to one photo per event/setting.

Tip: Want to post a series of pics—create a Facebook photo album. Another good tool is the InstaFrame app that lets you make a photo collage to share as a single Instagram image. A final option for not spamming your Instagram feed—use Instagram Direct to send photos to folks you know will appreciate seeing same sunset, 7 different ways–with 7 different filters.

9) I will not check Facebook more than 3 times a day.

Tip: Download Anti-Social–the program will block social networks like Facebook and Twitter but still let you access the rest of the Web.

10) I will not Google facts, dates, actors’ names, or anything else in the presence of other people.

11) I will not show people Memes in public

Memes, funny videos, cat photos should be shared via text message and email only–not by pushing smartphones under our friends’ noses.

12) I will unsynch my Facebook, Twitter and Instagram accounts because people don’t need to see the same post on three different platforms.

13) I will delete enough email to keep my pile of unread Gmail messages below five-figures–because seeing you have 10,000 unread emails is just plain overwhelming.

14) I will stop writing click-bait, listicle-style Web stories. (But hey, it’s not 2014 yet, so I better get them in while I still can. Happy New Year everyone.

Follow me on Twitter: @Stevenbertoni

Since we’re on the topic of bullshit….

Stop the DRM in HTML5
More than 29,500 people have signed.

Hollywood is at it again. Its latest ploy to take over the Web? Use its influence at the World Wide Web Consortium (W3C) to weave Digital Restrictions Management (DRM) into HTML5 — in other words, into the very fabric of the Web. Millions of Internet users came together to defeat SOPA/PIPA, but now Big Media moguls are going through non-governmental channels to try to sneak digital restrictions into every interaction we have online. Giants like Netflix, Google, Microsoft, and the BBC are all rallying behind this disastrous proposal, which flies in the face of the W3C’s mission to “lead the World Wide Web to its full potential.”

So get on over here, read more and sign the petition!

Employees of Register.com, a domain registry, had apparently accepted a fax as a valid application to change the DNS entries for certain domains. It appears that the fax was not checked for authenticity.

Read the whole thing here:

http://blog.gdatasoftware.com/blog/article/hacking-like-its-1964-by-fax.html

 

International Space Station Infected With USB Stick Malware Carried on Board by Russian Astronauts

 By : Subscribe to David’s RSS feed | November 11, 2013 11:22 AM GMT

Renowned security expert Eugene Kaspersky reveals that the International Space Station was infected by a USB stick carried into space by a Russian astronaut.

International Space Station Infected USB stick carried by russian Astronaut

the International Space Station was infected by malware held on a USB stick and carried by Russian astronauts (Reuters)

Russian security expert Eugene Kaspersky has also told journalists that the infamous Stuxnet had infected an unnamed Russian nuclear plant and that in terms of cyber-espionage “all the data is stolen globally… at least twice.”

Kaspersky revealed that Russian astronauts carried a removable device into space which infected systems on the space station. He did not elaborate on the impact of the infection on operations of the International Space Station (ISS).

Kaspersky said he had been told that from time to time there were “virus epidemics” on the station.

Kaspersky doesn’t give any details about when the infection he was told about took place, but it appears as if it was prior to May of this year when the United Space Alliance, the group which oversees the operaiton of the ISS, moved all systems entirely to Linux to make them more “stable and reliable.”

Windows XP

Prior to this move the “dozens of laptops” used on board the space station had been using Windows XP, which is inherently more vulnerable to infection from malware than Linux.

According to Kaspersky the infections occurred on laptops used by scientists who used Windows as their main platform and carried USB sticks into space when visiting the ISS.

The ISS’s control systems (known generally as SCADA systems) were already running various flavours of Linux prior to this switch for laptops last May.

According to a report on ExtremeTech, as far back as 2008 a Windows XP laptop was brought onto the ISS by a Russian astronaut infected with the W32.Gammima.AG worm, which quickly spread to other laptops on the station – all of which were running Windows XP.

Stuxnet

The Russian said this example shows that not being connected to the internet does not prevent you from being infected. In another example, Kaspersky revealed that an unnamed Russian nuclear facility, which is also cut off from the public internet, was infected with the infamous Stuxnet malware.

Eugene Kaspersky Speaking Press Club, Canbera

Founder of Kaspersky security company, Eugene Kaspersky, reveals the International Space Station was infected with malware carried on USB sticks. (Screengrab)

Quoting an employee of the plant, Kaspersky said:

“[The staffer said] their nuclear plant network which was disconnected from the internet … was badly infected by Stuxnet. So unfortunately these people who were responsible for offensive technologies, they recognise cyber weapons as an opportunity.”

Infamous

Stuxnet is one of the most infamous pieces of malware ever created, though it was never designed to come to the attention of the public.

Never officially confirmed by either government, the widely-held belief is that Stuxnet was created jointly by the US and Israeli governments to target and disable the Natanz nuclear enrichment facility in Iran, in a bid to disrupt the country’s development of nuclear weapons.

The malware was introduced to the Natanz facility, which is also disconnected from the internet, through a USB stick and went on to force centrifuges to spin out of control and cause physcial damage to the plant.

Stuxnet only became known to the public when an employee of the Natanz facility took an infected work laptop home and connected to the internet, with the malware quickly spreading around the globe infecting millions of PCs.

Expensive

Kaspersky told the Press Club that creating malware like Stuxnet, Gauss, Flame and Red October is a highly complex process which would cost up to $10 million to develop.

Speaking about cyber-crime, Kaspersky said that half of all criminal malware was written in Chinese, with a third written in Spanish or Portuguese. Kaspersky added that Russian-based malware was the next most prevalent threat, but that it was also the most sophisticated.

He also added that Chinese malware authors were not very interested in security with some adding social media accounts and personal photos on servers hosting the malware.

To report problems or to leave feedback about this article, e-mail: d.gilbert@ibtimes.co.uk
To contact the editor, e-mail: editor@ibtimes.co.uk

 

I ran across an odd article the other day and it was about a Mysterious Barge that is supposedly owned by Google.

SAN FRANCISCO — The Coast Guard on Wednesday visited the mysterious “Google barge” floating in San Francisco Bay, but the agency would not reveal anything about the tech giant’s hush-hush vessel.

GTY 186321586

I didn’t think too much of it and figured it would make the tech rounds once there was some sort of public release of details.  Then I ran into a random blog which had some curious postings that really started putting things together.

Data centre in a shipping container:


And earlier in this posting:

Google: Cyberpunk as hell

Slashdot links to Bob Cringely’s usual brand of wild conjecture, this week about Google. But, man, this paragraph plays right to everything that I find exciting about computers:

The probable answer lies in one of Google’s underground parking garages in Mountain View. There, in a secret area off-limits even to regular GoogleFolk, is a shipping container. But it isn’t just any shipping container. This shipping container is a prototype data center. Google hired a pair of very bright industrial designers to figure out how to cram the greatest number of CPUs, the most storage, memory and power support into a 20- or 40-foot box. We’re talking about 5000 Opteron processors and 3.5 petabytes of disk storage that can be dropped-off overnight by a tractor-trailer rig.

Remember that X-Files episode (perhaps one of the ones scripted by William Gibson) with a secret shipping container down at the docks full of busy rack-mount hardware and workstations?

****

So, guess we kinda already know what is in the barge then huh?  Some sick amount of CPUs stuffed into an endless supply of cooling fluid.  Next up, environment report that Google is now the cause of the ocean’s water temperature rise.

http://imgur.com/a/Ezz2G?gallery

Summary: Apple’s iMessage is believed to be among the most secure, surveillance-proof messaging tools. But hackers have exposed a flaw that allows malicious interception, impersonation, and the viewing of private messages.

Yeah….not so much any more eh?[emphasis mine]

http://www.zdnet.com/hackers-heres-how-apples-imessage-surveillance-flaw-works-video-7000022118/