Google Search

Friday, March 21, 2014

DARPA Develops Electronic Component-Authentication System

The US Defense Advanced Research Projects Agency has announced that it will launch a program designed to thwart the use of counterfeit electronic components, particularly those in military electronics systems, which is becoming a widespread problem. DARPA’s Supply Chain Hardware Integrity for Electronics Defense (SHIELD) program will develop a 100 × 100 micron component, which it calls a dielet, to authenticate electronic components. This tool, according to DARPA, would let users “verify, without disrupting or harming the system, the trustworthiness of a protected electronic component.” It will consist of an encryption engine and antitampering sensors that could indicate tampering if exposed to light, as well as wireless-communications and power components. It will be small enough to fit on microchips by electronics makers. Consumers would apply an ordinary probe to a component to authenticate it. Although the system has yet to be developed, DARPA says, after such a scan, another device, perhaps a smartphone, should be able to upload a serial number to a central server to check the component. The server would send an unencrypted challenge to the dielet for authentication, which sends back an encrypted answer and data from the sensors. “SHIELD demands a tool that costs less than a penny per unit, yet makes counterfeiting too expensive and technically difficult to do,” DARPA program manager Kerry Bernstein, told Network World. “What SHIELD is seeking is a very advanced piece of hardware that will offer an on-demand authentication method never before available to the supply chain.” (SlashDot)(Network World)(RT)(SHIELD: Supply Chain Hardware Integrity for Electronics Defense Proposers’ Day)


View the original article here

Thursday, March 20, 2014

Bitcoin Exchange Mt. Gox Closes amid Allegations of Missing Funds

The Tokyo-based bitcoin exchange that was once the largest in the world abruptly closed on 25 February. Its website is offline and its headquarters are empty. The only activity is outside its offices, where protesters are picketing after losing money on their bitcoin investment. Wired.com reports that the closure is the result of Mt. Gox “losing hundreds of millions of dollars due to a years-long hacking effort that went unnoticed by the company.” The exchange, open since 2010, reportedly lost 744,408 bitcoin, valued at roughly $425 million based on current exchange rates. Mt. Gox’s closure follows a series of events that began 23 February when CEO Mark Karpeles resigned from the Bitcoin Foundation board. The company abruptly suspended trading today citing “unusual activity.” The website was taken down in the following hours. Six other bitcoin exchanges—Coinbase, Kraken, Bitstamp, BTC China, Blockchain and Circle—issued a statement that read in part, “This tragic violation of the trust of users of Mt. Gox was the result of one company's actions and does not reflect the resilience or value of bitcoin and the digital currency industry.” (Reuters)(Associated Press @ San Francisco Chronicle)(WIRED)
 


View the original article here

Wednesday, March 19, 2014

Amazon Expands Micropayment System to Android

Amazon announced it will now support its virtual currency on Google Android mobile devices in the US, UK, and Germany. Amazon Coins are a virtual currency introduced by the company in 2013, originally intended for Kindle Fire tablet users to make micropurchases, including applications. Each coin is now worth a penny. The company is reportedly working toward establishing “an end-to-end ecosystem” for developers. Some observers are skeptical about Amazon billing it as a virtual currency since it is linked to a user, unlike Bitcoin, which is anonymous. (SlashDot – 1)(SlashDot – 2)(Tech Crunch)(Amazon.com)


View the original article here

Tuesday, March 18, 2014

EU Commissioner: Internet Governance Should Be Global

The European Union is seeking an expanded role in Internet governance. The management and operations of the Internet must be reformed, said EU digital agenda commissioner Neelie Kroes upon proposing a new Internet governance policy. One of the keys is globalizing the US-based Internet Corporation for Assigned Names and Numbers (ICANN), which assigns top-level Internet domains. In light of the recent release of information about widespread Internet surveillance by US government agencies, various world leaders have questioned whether the US is a worthy Internet steward. Instead, said Kroes, Internet governance must become more global, transparent, and inclusive. The EU says governance should not be ceded to the United Nations but instead should be handled by all stakeholders, including governments, companies, civil society, and others. (SlashDot)(Network World)(The Wall Street Journal)(EUROPA)
 


View the original article here

Monday, March 17, 2014

Google Exploring Expanding Fiber to More US Markets

Google has announced it is talking to officials in 34 different cities in nine US markets to determine whether it can expand its broadband Internet service. Google Fiber fiber-optic networks are now in Kansas City, Mo.; Austin, Texas; and Provo, Utah. The company is in discussions with officials in Portland, Ore.; San Jose, Calif.; Salt Lake City; Phoenix; San Antonio; Nashville, Tenn.; Atlanta; as well as Charlotte and Raleigh/Durham, N.C. Several states have or are considering legislation that would limit public broadband infrastructure growth following intensive lobbying by phone and cable TV company interests. Google Fiber reportedly is able to provide transmission speeds of 1 gigabit per second, which is 20 times faster than the 50 mbps top-end service sold by Verizon Communications and Comcast. Google says it should know by year’s end which areas might be actually receiving Google Fiber. “While we do want to bring Fiber to every one of these cities,” writes Milo Medin, vice president of Google Access Services, “it might not work out for everyone.” (Investor’s Business Daily)(USA Today)(Google Official Blog)
 


View the original article here

Sunday, March 16, 2014

Facebook Buys Startup WhatsApp for $19 Billion

Facebook announced it will buy mobile-messaging startup WhatsApp for US$19 billion in cash and stock. The transaction, notes Reuters, “places the world's largest social network closer to the heart of mobile communications and may bring younger users into the fold.” WhatsApp had 450 million users in five years and is now reportedly adding another million daily. It is billed as an alternative to SMS, allowing users to exchange unlimited text messages at no cost for a year. After a year’s use, a user is required to subscribe to the service, which is now 99 cents for one year. (Reuters)(National Public Radio) 


View the original article here

Saturday, March 15, 2014

Gaming Site Offers Reward for Conviction in DDos Attack

An online gaming site operator is offering a reward of €10,000 (roughly US$13,000) for information leading to the conviction of the people responsible for the site being taken down by a distributed denial-of-service attack. The massively multiplayer online role-playing game provider Wurm had its servers taken offline earlier this week as a result of the attack and was forced to move to a new Web hosting provider. Company officials said “We can offer 10,000 Euro for any tips or evidence leading to a conviction of the person responsible for this attack.” The attack is the latest in a series of large DDoS attacks, many of which are using the Network Time Protocol, used properly to sync a computer’s clock, to magnify the attack. Barry Shteiman, with the data security company Imperva, told the BBC attacks on online gaming have changed significantly in the past year. “If we take a look at last year's gaming attacks, we can definitely see that there was a focus on account hijacking rather than service disruption. This is therefore a new trend that should be watched out for.” Meanwhile, Wurm says it plans to compensate its players for any lost time. Its servers are being reconfigured, but, as of 20 February 2014, does not have a specific time that the site can be returned to full operations. (Ars Technica)(BBC)(Wurm Online -- 1)(Wurm Online -- 2)
 


View the original article here

Friday, March 14, 2014

Mozilla Provides Gigabit Fiber Grants

The Mozilla Foundation is supporting high-speed Internet access by awarding grants to development projects taking advantage of existing fiber infrastructure that offers data rates of at least 1 Gbit per second. The organization is giving $300,000 in grants of between $5,000 and $30,000 each to software projects based in Chattanooga, Tennessee, and Kansas City, Kansas, via the Mozilla Gigabit Community Fund. The fund is also backed by the US National Science Foundation and US Ignite, an organization that fosters the creation of next-generation Internet applications. Grant recipients must be working on real-life open source applications for gigabit networks that they want to turn into viable pilot projects. Successful projects are expected to support education, learning and/or workforce development in the community. (WIRED)(Mozilla)(National Science Foundation)(Mozilla Gigabit Community Fund) 


View the original article here

Thursday, March 13, 2014

Belkin Home Automation Vulnerability Uncovered

Security researchers asked consumers to stop using Belkin’s WeMo home automation products after finding various vulnerabilities in the items that attackers could use  to gain access to home networks, thermostats, or other connected devices. The line of products enable individuals to use their IOS and Android smartphones and computers to remotely control items including light switches, Web cams, motion sensors, and other home appliances. They were found to be exposing the password and cryptographic signing key used to ensure that firmware updates are valid, stated IOActive, a security firm. The US Computer Emergency Response Team issued a vulnerability note with five identified issues in the products. Belkin, in an 18 February 2014 statement, says it has fixed the vulnerabilities, which include updates to the API server, firmware, and application that could have possibly allowed the devices to be attacked. (Ars Technica)(eWeek)(IO Active)(Belkin) 


View the original article here

Wednesday, March 12, 2014

US Task Force Reports Retailer-Focused Cyberattacks Not Coordinated

A newly-released government report found that the recent cyberattacks against US retailers were not coordinated. According to the report by the National Cyber Investigative Joint Task Force—an alliance of US law enforcement agencies such as the FBI, Secret Service, and Department of Homeland Security—the attacks were not a concerted attempt to harm the US economy. The task force is continuing to track attacks on retailers that use malware that targets payment systems. The report, which didn’t name victims, said retailers could have blocked malware that attacked vulnerable remote network-management software. “It sounds like they’re saying that Target didn’t segment their network properly,” Avivah Litan, a cybersecurity analyst at market-research firm Gartner Inc. told the Wall Street Journal. “It’s very difficult to manage all these remote access accounts. It’s very reasonable that Target thought it was properly protected.” (The Associated Press)(Wall Street Journal) 


View the original article here

Tuesday, March 11, 2014

Home-Based Wireless Routers Notoriously Insecure

Security experts conclude there are so many potential vulnerabilities in home-based wireless routers that it is best to consider them insecure. The issues came to light following the discovery of problems with Linksys routers, which enabled TheMoon worm to infect and thrive on the home hardware. Security researchers found these types of products are shipped with several other bugs that make them open to infection, according to SANS Institute Internet Storm Center researchers Kyle Lovett and Matt Claunch. This includes home routers from Linksys, Cisco and Netgear. Compounding the problem is most consumers don’t know how to properly protect these networks, through which personal and financial information can be sent. In addition to wireless routers, security experts say home networking devices are particularly vulnerable through the Universal Plug and Play protocol. Independent Security Evaluators, a security firm, identified 55 new and undisclosed vulnerabilities in home routers, which led its analysts to conclude few, if any, home routers could be properly secured. (SlashDot)(Symantec Security Focus)(SANS Institute Internet Storm Center) 


View the original article here

Monday, March 10, 2014

US Wireless Carriers Wheel and Deal in Advance of Spectrum Auction

A planned large US spectrum auction in 2015 has prompted major wireless carriers to buy, sell, and trade spectrum licenses as they seek to shore up their market positions. The broadcast television spectrum auction, which the Federal Communications Commission is still planning, will sell 600MHz spectrum, traditionally used for TV broadcasts, to wireless carriers. The band has properties similar to the 700 MHz frequency. T-Mobile, for example, announced in January it would be buying some 700MHz spectrum from Verizon in several markets for $3.3 billion, which should help the carrier quickly build out its 4G services. Explosive consumer demand for mobile bandwidth, which Network World expects to increase 11 times in four years, is causing carriers to acquire spectrum and otherwise upgrade their infrastructure. Experts forecast that Verizon, AT&T, Sprint, T-Mobile, and Dish Network will spend about $50 billion on spectrum licenses in the next two years. (SlashDot)(Network World)(Federal Communications Commission)


View the original article here

Sunday, March 9, 2014

Toyota Issues Prius Recall for Faulty Software

Toyota announced that it is recalling 1.9 million third-generation Prius vehicles to repair faulty software in the hybrid gas-electrical system. The software problem is related to control systems for boost converters—designed to increase the voltage in batteries small enough to fit in hybrid vehicles that could cause overheating in some transistors, which would shut down the hybrid system and, in some cases, cause the vehicle to unexpectedly stop. Since May 2011, 451 drivers have reported such problems. However, noted Toyota, no accidents have been attributed to the defect, according to Toyota. About half the recalls— about 1 million vehicles—are in Japan and roughly 700,000 or 37 percentare in North America. This is the third recall for the Prius, first produced in 1997 and now Toyota’s best-selling model. (Wall Street Journal)(Reuters)(Bloomberg)(Toyota)
 


View the original article here

Saturday, March 8, 2014

Brazil Plans to Augment World Cup Security with Robots

Brazilian law enforcement will get high-tech assistance during the 2014 World Cup soccer games from 30 robots. The national government purchased the machines for $7.2 million. They will be stationed in the 12 host cities during the soccer matches and will primarily be used to help examine any suspicious objects. The small and sturdy robot, which weighs roughly 40 pounds, is designed to fit in a backpack such that a human can deploy it immediately. It is able to reach speeds of up to 9 miles/hour and can navigate uneven and steep terrain, but it is also submersible at depths of up to 2 meters. The PackBot robot is made by Bedford, Massachusetts-based iRobot. It was first deployed in 2002 in Afghanistan and has since been used by the military in Iraq and several other countries. The PackBot was also the first remote controlled robot to enter the Fukushima nuclear facility after the Japanese earthquake and tsunami in March 2011. (SlashDot)(International Business Times UK)(Robohub) 


View the original article here

Friday, March 7, 2014

US Agency Charges LA Building Owner for Lights that Interfere with Communications

The US Federal Communications Commission (FCC) has cited a Los Angeles office building owner has been cited by for interfering with local cellular communications. The FCC says fluorescent lights at Ernst & Young Plaza, a 41-story  building near downtown, emit frequencies that interfere with a Verizon Wireless 700-MHz network. The commission thus cited the building’s owner, Brookfield Office Properties, which reportedly has investigated the matter without submitting the findings to the FCC. Verizon previously complained to the FCC about the interference prompting the agency’s investigation. The FCC has requested the results of the building owner’s internal investigation, as well as steps it is taking to resolve the issue, within 60 days. The commission could fine Brookfield as much as $16,000 per day, up to a total of $112,500, and seek criminal sanctions if it keeps using the lighting. The company—which says it is committed to resolving technical issues associated with its properties—has 30 days to challenge the FCC findings. The problem is reportedly a General Electric lighting fixture transformer that emits high-frequency radio signals. Fixture maker General Electric provided information about how consumers can replace bad fixtures, according to the FCC. This is reportedly the same fixture found last year to be interfering with an AT&T 700-MHz Long Term Evolution (LTE) cell site in San Antonio, Texas. (SlashDot)(Fierce Wireless)(PC World)
 


View the original article here

Thursday, March 6, 2014

Hackers Breach Casino Sites

Hackers breached and defaced all the websites of Las Vegas Sands Corp., including the home pages for some of the world’s largest casinos. After the attack, the company down the sites, which includes those for the company, the Venetian and Palazzo casinos in Las Vegas, and the Sands casinos in Bethlehem, Pennsylvania, Singapore, and Macau. The attackers also stole and released some Sands employees’ personal information, including Social Security numbers, email addresses, and job titles. Company officials are still assessing the damages. Experts guess the attacks may have been politically motivated, as the hackers placed a photo of Sands CEO Sheldon Adelson posing with Israel Prime Minister Benjamin Netanyahu on the affected websites with a message condemning the use of weapons of mass destruction on the sites. Adelson, whose personal wealth is estimated to be at least $37 billion, is a vocal supporter of Israel and has met Netanyahu several times. He has also sought to have Internet gambling banned in the US. The Nevada State Gaming Control Board is investigating the breach. (Associated Press)(The Morning Call)


View the original article here

Wednesday, March 5, 2014

Report: Young Tech Firms’ Sluggish Growth is a Problem for US Economy

Young technology firms’ sluggish growth rate is a troubling sign for the US economy, according to a newly-released white paper from the Kauffman Foundation, a nonprofit organization that studies entrepreneurship and provides grants to award educational achievement and entrepreneurial success. The high-tech sector has traditionally sparked economic growth in recent decades. However, the Kauffman report finds the number of technology firms five years old and younger—which typically drive job creation—has fallen from a high of 113,000 in 2001 to about 80,000 now, as it was in the mid-1990s. One factor that may have skewed the number is the acquisition of young firms by established technology companies. The report also finds that technology firms’ job reallocation rate—which basically subtracts the rate at which jobs are lost from the rate at which they are created—has fallen to the lowest rate since the late 1970s “Because young high-tech firms are so disproportionately important for innovation and job creation, a slowdown in this sector calls for a new approach to fostering a stronger entrepreneurial economy,” said Dane Stangler, the Kauffman Foundation’s vice president of research and policy. (Reuters)(Ewing Marion Kauffman Foundation)


View the original article here

Tuesday, March 4, 2014

Whitelisting Prevents Cyberattacks

With the recent increase in the number of virulent cyberattacks, some security experts are calling for organizations to readily embrace whitelisting as a defense, saying conventional approaches such as intrusion detection aren’t working. Whitelisting lets computers run only files and system components listed as trusted. The practice, according to Forbes magazine, is “not going to sound too sexy to the average end user” but does eliminate many security problems. (SlashDot)(Forbes)


View the original article here

Monday, March 3, 2014

Researchers Demonstrate Wi-Fi Virus Spread

A team of UK researchers has demonstrated that infected Wi-Fi networks can spread a virus in densely populated areas as efficiently as the common cold moves among humans. They sought to disprove assumptions that developing a virus able to attack Wi-Fi networks is impossible. Scientists from the University of Liverpool, Queen’s University Belfast, and software vendor Traffic Observation via Management in Belfast designed a simulated Wi-Fi virus attack on Belfast and London. In the simulation, their Chameleon virus spread quickly between homes and businesses, while avoiding detection. The virus moved via access points after discovering those least protected by encryption and passwords. The researchers are using their findings to develop a technique to identify when a Wi-Fi virus attack is likely. They published their work in the journal EURASIP Journal on Information Security. (SlashDot)(PhysOrg)(University of Liverpool)(EURASIP Journal on Information Security)


View the original article here

Sunday, March 2, 2014

Massive Denial-of-Service Attack Hits CloudFlare

CloudFlare, a US-based provider of distributed denial-of-service attack-protection services, itself became the target of the world’s largest DoS attack. Hackers struck the company following an attack on one of its customers. CloudFlare CEO Matthew Prince said the traffic generated by the attack on CloudFlare was 400 Gbits per second, the largest ever recorded. It also affected other European and US websites and users. The Network Time Protocol reflection attack took advantage of a technology designed to synchronize time settings on computers communicating over the Internet. It used fraudulent synchronization requests that ultimately flooded CloudFlare’s site. (SlashDot)(Ars Technica)(IT News)(Matthew Prince @ Twitter)(CloudFlare)

Please sign in to flag this as inappropriate.

View the original article here