Skip to main content

Home/ Future of the Web/ Group items tagged HACKING

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
Gonzalo San Gil, PhD.

Security wares like Kaspersky AV can make you more vulnerable to attacks | Ars Technica UK - 0 views

arstechnica.co.uk/...you-more-vulnerable-to-attacks

security wares open computers more vulnerabilities intentionally or not

shared by Gonzalo San Gil, PhD. on 24 Sep 15 - No Cached
  • Gonzalo San Gil, PhD. on 24 Sep 15
     
    "Products often open computers to hacks they otherwise wouldn't be vulnerable to. by Dan Goodin (US) - Sep 23, 2015 10:00pm CEST"
Gary Edwards

ongoing · Purple Pilcrows - 0 views

www.tbray.org/...PurpleAgain

metadata paralax pilcrow rdf structure wikiword

shared by Gary Edwards on 29 Aug 08 - Cached
  • Gary Edwards on 29 Aug 08
     
    First of all, I modified the approach by replacing # with ¶ per the suggestion of another Simon. Whereas # suggests Web anchors, it only suggests that to Web hacks, while ¶ has a long typographical history as a paragraph marker. Plus, it's kind of pretty and it's officially called a Pilcrow, which you gotta love. Now that the anchor is so evanescent, I wonder if it might work in a shade slightly less ethereally pale. ¶
Gary Edwards

Brendan's Roadmap Updates: Open letter to Microsoft's Chris Wilson and their fight to s... - 0 views

weblogs.mozillazine.org/...en_letter_to_chris_wilson.html

es4 es3 javascript brendan-eich microsoft

shared by Gary Edwards on 28 Jan 09 - Cached
  • The history of ECMAScript since its beginnings in November 1996 shows that when Microsoft was behind in the market (against Netscape in 1996-1997), it moved aggressively in the standards body to evolve standards starting with ES1 through ES3. Once Microsoft dominated the market, the last edition of the standard was left to rot -- ES3 was finished in 1999 -- and even easy-to-fix standards conformance bugs in IE JScript went unfixed for eight years (so three years to go from Edition 1 to 3, then over eight to approach Edition 4). Now that the proposed 4th edition looks like a competitive threat, the world suddenly hears in detail about all those bugs, spun as differences afflicting "JavaScript" that should inform a new standard.
  • In my opinion the notion that we need to add features so that ajax programming would be easier is plain wrong. ajax is a hack and also the notion of a webapp is a hack. the web was created in a document centric view. All w3c standards are also based on the same document notion. The heart of the web, the HTTP protocol is designed to support a web of documents and as such is stateless. the proper solution, IMO, is not to evolve ES for the benefit of ajax and webapps, but rather generalize the notion of a document browser that connects to a web of documents to a general purpose client engine that connects to a network of internet applications. thus the current web (document) browser just becomes one such internet application.
  • Gary Edwards on 28 Jan 09
     
    the obvious conflict of interest between the standards-based web and proprietary platforms advanced by Microsoft, and the rationales for keeping the web's client-side programming language small while the proprietary platforms rapidly evolve support for large languages, does not help maintain the fiction that only clashing high-level philosophies are involved here. Readers may not know that Ecma has no provision for "minor releases" of its standards, so any ES3.1 that was approved by TG1 would inevitably be given a whole edition number, presumably becoming the 4th Edition of ECMAScript. This is obviously contentious given all the years that the majority of TG1, sometimes even apparently including Microsoft representatives, has worked on ES4, and the developer expectations set by this long-standing effort. A history of Microsoft's post-ES3 involvement in the ECMAScript standard group, leading up to the overt split in TG1 in March, is summarized here. The history of ECMAScript since its beginnings in November 1996 shows that when Microsoft was behind in the market (against Netscape in 1996-1997), it moved aggressively in the standards body to evolve standards starting with ES1 through ES3. Once Microsoft dominated the market, the last edition of the standard was left to rot -- ES3 was finished in 1999 -- and even easy-to-fix standards conformance bugs in IE JScript went unfixed for eight years (so three years to go from Edition 1 to 3, then over eight to approach Edition 4). Now that the proposed 4th edition looks like a competitive threat, the world suddenly hears in detail about all those bugs, spun as differences afflicting "JavaScript" that should inform a new standard.
Paul Merrell

Firefox, YouTube and WebM ✩ Mozilla Hacks - the Web developer blog - 1 views

hacks.mozilla.org/...firefox-youtube-and-webm

Mozilla Firefox VP8 WebM youtube codecs H.264

shared by Paul Merrell on 20 May 10 - Cached
  • 1. Google will be releasing VP8 under an open source and royalty-free basis. VP8 is a high-quality video codec that Google acquired when they purchased the company On2. The VP8 codec represents a vast improvement in quality-per-bit over Theora and is comparable in quality to H.264. 2. The VP8 codec will be combined with the Vorbis audio codec and a subset of the Matroska container format to build a new standard for Open Video on the web called WebM. You can find out more about the project at its new site: http://www.webmproject.org/. 3. We will include support for WebM in Firefox. You can get super-early WebM builds of Firefox 4 pre-alpha today. WebM will also be included in Google Chrome and Opera. 4. Every video on YouTube will be transcoded into WebM. They have about 1.2 million videos available today and will be working through their back catalog over time. But they have committed to supporting everything. 5. This is something that is supported by many partners, not just Google and others. Content providers like Brightcove have signed up to support WebM as part of a full HTML5 video solution. Hardware companies, encoding providers and other parts of the video stack are all part of the list of companies backing WebM. Even Adobe will be supporting WebM in Flash. Firefox, with its market share and principled leadership and YouTube, with its video reach are the most important partners in this solution, but we are only a small part of the larger ecosystem of video.
Gonzalo San Gil, PhD.

Apple security flaw could be a backdoor for the NSA - RT USA - 1 views

rt.com/...apple-nsa-ios-exploit-693

apple nsa security flwas iphone Macs computers backdoor

shared by Gonzalo San Gil, PhD. on 27 Mar 14 - No Cached
  • Gonzalo San Gil, PhD. on 27 Mar 14
     
    "Was the National Security Agency exploiting two just-discovered security flaws to hack into the iPhones and Apple computers of certain targets? Some skeptics are saying there is cause to be concerned about recent coincidences regarding the NSA and Apple"
Paul Merrell

Did NSA, GCHQ steal the secret key in YOUR phone SIM? It's LIKELY * The Register - 0 views

www.theregister.co.uk/...mpany_to_steal_keys_to_kingdom

shared by Paul Merrell on 15 Mar 15 - No Cached
  • The NSA and Britain's GCHQ hacked the world's biggest SIM card maker to harvest the encryption keys needed to silently and effortlessly eavesdrop on potentially millions of people. That's according to documents obtained by surveillance whistleblower Edward Snowden and leaked to the web on Thursday. "Wow. This is huge – it's one of the most significant findings of the Snowden files so far," computer security guru Bruce Schneier told The Register this afternoon. "We always knew that they would occasionally steal SIM keys. But all of them? The odds that they just attacked this one firm are extraordinarily low and we know the NSA does like to steal keys where it can." The damning slides, published by Snowden's chums at The Intercept, detail the activities of the as-yet unheard-of Mobile Handset Exploitation Team (MHET), run by the US and UK. The group targeted Gemalto, which churns out about two billion SIM cards each year for use around the world, and targeted it in an operation dubbed DAPINO GAMMA.
  • Gemalto's hacking may also bring into question some of its other security products as well. The company supplies chips for electronic passports issued by the US, Singapore, India, and many European states, and is also involved in the NFC and mobile banking sector. It's important to note that this is useful for tracking the phone activity of a target, but the mobile user can still use encryption on the handset itself to ensure that some communications remain private. "Ironically one of your best defenses against a hijacked SIM is to use software encryption," Jon Callas, CTO of encrypted chat biz Silent Circle told The Register. "In our case there's a TCP/IP cloud between Alice and Bob and that can deal with compromised routers along the path as well as SIM issues, and the same applies to similar mobile software."
  • On Wednesday the UK government admitted that its intelligence agencies had in fact broken the ECHR when spying on communications between lawyers and those suing the British state, so GCHQ might want to reconsider that statement.
Gonzalo San Gil, PhD.

How to access SoundCloud from the command line in Linux - Linux FAQ - 0 views

xmodulo.com/...dcloud-command-line-linux.html

how to access soundcloud command line linux

shared by Gonzalo San Gil, PhD. on 18 Jul 14 - No Cached
  • Gonzalo San Gil, PhD. on 18 Jul 14
     
    "Posted on July 18, 2014 by Adrien Brochard Leave a comment If you enjoy music streaming and originally-created sounds, you cannot have missed SoundCloud. Based in Germany, this cloud streaming service is now famous and well-established for any music adventurer. And naturally, as a Linux enthusiast, you might wonder how to join your passion for Linux with your love for music. As a solution, I advise you to check out Soundcloud2000, a command line client for SoundCloud born out of the Music Hack Day Stockholm '13."
Gonzalo San Gil, PhD.

DoS website with GoldenEye - Layer 7 DoS tool with KeepAlive NoCache - darkMORE Ops - 0 views

www.darkmoreops.com/...dos-website-with-goldeneye

dos attack website GooldenEye security warning admins

shared by Gonzalo San Gil, PhD. on 01 Dec 14 - No Cached
  • Gonzalo San Gil, PhD. on 01 Dec 14
     
    "I've talked about testing few DoS tools that can put heavy load on HTTP servers in order to bring them to their knees by exhausting resource pools. GoldenEye is the first of those tools and it is one of the newest I discovered in GitHub. You can DoS websites with GoldenEye and bring it down almost within 30 seconds depending on how big their memory pool is" # ! This is not... # ! ... a #Hacking #Call # ! but a #Security #WARNING # ! from the #OpenSource crew... (# ! So the sensationalists press has no reason to alarm everyb@dy # ! ... as 'They' like to do)
Paul Merrell

The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle - 0 views

firstlook.org/...great-sim-heist

surveillance state NSA GCHQ SIM-card-keys mobile-devices decryption

shared by Paul Merrell on 20 Feb 15 - No Cached
  • AMERICAN AND BRITISH spies hacked into the internal computer network of the largest manufacturer of SIM cards in the world, stealing encryption keys used to protect the privacy of cellphone communications across the globe, according to top-secret documents provided to The Intercept by National Security Agency whistleblower Edward Snowden. The hack was perpetrated by a joint unit consisting of operatives from the NSA and its British counterpart Government Communications Headquarters, or GCHQ. The breach, detailed in a secret 2010 GCHQ document, gave the surveillance agencies the potential to secretly monitor a large portion of the world’s cellular communications, including both voice and data. The company targeted by the intelligence agencies, Gemalto, is a multinational firm incorporated in the Netherlands that makes the chips used in mobile phones and next-generation credit cards. Among its clients are AT&T, T-Mobile, Verizon, Sprint and some 450 wireless network providers around the world. The company operates in 85 countries and has more than 40 manufacturing facilities. One of its three global headquarters is in Austin, Texas and it has a large factory in Pennsylvania. In all, Gemalto produces some 2 billion SIM cards a year. Its motto is “Security to be Free.”
  • With these stolen encryption keys, intelligence agencies can monitor mobile communications without seeking or receiving approval from telecom companies and foreign governments. Possessing the keys also sidesteps the need to get a warrant or a wiretap, while leaving no trace on the wireless provider’s network that the communications were intercepted. Bulk key theft additionally enables the intelligence agencies to unlock any previously encrypted communications they had already intercepted, but did not yet have the ability to decrypt.
  • Leading privacy advocates and security experts say that the theft of encryption keys from major wireless network providers is tantamount to a thief obtaining the master ring of a building superintendent who holds the keys to every apartment. “Once you have the keys, decrypting traffic is trivial,” says Christopher Soghoian, the principal technologist for the American Civil Liberties Union. “The news of this key theft will send a shock wave through the security community.”
  • ...2 more annotations...
  • According to one secret GCHQ slide, the British intelligence agency penetrated Gemalto’s internal networks, planting malware on several computers, giving GCHQ secret access. We “believe we have their entire network,” the slide’s author boasted about the operation against Gemalto. Additionally, the spy agency targeted unnamed cellular companies’ core networks, giving it access to “sales staff machines for customer information and network engineers machines for network maps.” GCHQ also claimed the ability to manipulate the billing servers of cell companies to “suppress” charges in an effort to conceal the spy agency’s secret actions against an individual’s phone. Most significantly, GCHQ also penetrated “authentication servers,” allowing it to decrypt data and voice communications between a targeted individual’s phone and his or her telecom provider’s network. A note accompanying the slide asserted that the spy agency was “very happy with the data so far and [was] working through the vast quantity of product.”
  • The U.S. and British intelligence agencies pulled off the encryption key heist in great stealth, giving them the ability to intercept and decrypt communications without alerting the wireless network provider, the foreign government or the individual user that they have been targeted. “Gaining access to a database of keys is pretty much game over for cellular encryption,” says Matthew Green, a cryptography specialist at the Johns Hopkins Information Security Institute. The massive key theft is “bad news for phone security. Really bad news.”
  • Paul Merrell on 20 Feb 15
     
    Remember all those NSA claims that no evidence of their misbehavior has emerged? That one should never take wing again. Monitoring call content without the involvement of any court? Without a warrant? Without probable cause?  Was there even any Congressional authorization?  Wiretapping unequivocally requires a judicially-approved search warrant. It's going to be very interesting to learn the government's argument for this misconduct's legality. 
Gary Edwards

Google's ARC Beta runs Android apps on Chrome OS, Windows, Mac, and Linux | Ars Technica - 0 views

arstechnica.com/...roid-apps-on-most-desktop-oses

Google-ARC

shared by Gary Edwards on 02 Apr 15 - No Cached
  • So calling all developers: You can now (probably, maybe) run your Android apps on just about anything—Android, Chrome OS, Windows, Mac, and Linux—provided you fiddle with the ARC Welder and submit your app to the Chrome Web Store.
  • The App Runtime for Chrome and Native Client are hugely important projects because they potentially allow Google to push a "universal binary" strategy on developers. "Write your app for Android, and we'll make it run on almost every popular OS! (other than iOS)" Google Play Services support is a major improvement for ARC and signals just how ambitious this project is. Some day it will be a great sales pitch to convince developers to write for Android first, which gives them apps on all these desktop OSes for free.
  • Gary Edwards on 02 Apr 15
     
    Thanks Marbux. ARC appears to be an extraordinary technology. Funny but Florian has been pushing Native Client (NaCL) since it was first ported from Firefox to Chrome. Looks like he was right. "In September, Google launched ARC-the "App Runtime for Chrome,"-a project that allowed Android apps to run on Chrome OS. A few days later, a hack revealed the project's full potential: it enabled ARC on every "desktop" version of Chrome, meaning you could unofficially run Android apps on Chrome OS, Windows, Mac OS X, and Linux. ARC made Android apps run on nearly every computing platform (save iOS). ARC is an early beta though so Google has kept the project's reach very limited-only a handful of apps have been ported to ARC, which have all been the result of close collaborations between Google and the app developer. Now though, Google is taking two big steps forward with the latest developer preview: it's allowing any developer to run their app on ARC via a new Chrome app packager, and it's allowing ARC to run on any desktop OS with a Chrome browser. ARC runs Windows, Mac, Linux, and Chrome OS thanks to Native Client (abbreviated "NaCL"). NaCL is a Chrome sandboxing technology that allows Chrome apps and plugins to run at "near native" speeds, taking full advantage of the system's CPU and GPU. Native Client turns Chrome into a development platform, write to it, and it'll run on all desktop Chrome browsers. Google ported a full Android stack to Native Client, allowing Android apps to run on most major OSes. With the original ARC release, there was no official process to getting an Android app running on the Chrome platform (other than working with Google). Now Google has released the adorably-named ARC Welder, a Chrome app which will convert any Android app into an ARC-powered Chrome app. It's mainly for developers to package up an APK and submit it to the Chrome Web Store, but anyone can package and launch an APK from the app directly."
Paul Merrell

CISA Security Bill: An F for Security But an A+ for Spying | WIRED - 0 views

www.wired.com/...ty-bill-gets-f-security-spying

surveillance state legislation CISA

shared by Paul Merrell on 23 Mar 15 - No Cached
  • When the Senate Intelligence Committee passed the Cybersecurity Information Sharing Act by a vote of 14 to 1, committee chairman Senator Richard Burr argued that it successfully balanced security and privacy. Fifteen new amendments to the bill, he said, were designed to protect internet users’ personal information while enabling new ways for companies and federal agencies to coordinate responses to cyberattacks. But critics within the security and privacy communities still have two fundamental problems with the legislation: First, they say, the proposed cybersecurity act won’t actually boost security. And second, the “information sharing” it describes sounds more than ever like a backchannel for surveillance.
  • On Tuesday the bill’s authors released the full, updated text of the CISA legislation passed last week, and critics say the changes have done little to assuage their fears about wanton sharing of Americans’ private data. In fact, legal analysts say the changes actually widen the backdoor leading from private firms to intelligence agencies. “It’s a complete failure to strengthen the privacy protections of the bill,” says Robyn Greene, a policy lawyer for the Open Technology Institute, which joined a coalition of dozens of non-profits and cybersecurity experts criticizing the bill in an open letter earlier this month. “None of the [privacy-related] points we raised in our coalition letter to the committee was effectively addressed.” The central concern of that letter was how the same data sharing meant to bolster cybersecurity for companies and the government opens massive surveillance loopholes. The bill, as worded, lets a private company share with the Department of Homeland Security any information construed as a cybersecurity threat “notwithstanding any other provision of law.” That means CISA trumps privacy laws like the Electronic Communication Privacy Act of 1986 and the Privacy Act of 1974, which restrict eavesdropping and sharing of users’ communications. And once the DHS obtains the information, it would automatically be shared with the NSA, the Department of Defense (including Cyber Command), and the Office of the Director of National Intelligence.
  • In a statement posted to his website yesterday, Senator Burr wrote that “Information sharing is purely voluntary and companies can only share cyber-threat information and the government may only use shared data for cybersecurity purposes.” But in fact, the bill’s data sharing isn’t limited to cybersecurity “threat indicators”—warnings of incoming hacker attacks, which is the central data CISA is meant to disseminate among companies and three-letter agencies. OTI’s Greene says it also gives companies a mandate to share with the government any data related to imminent terrorist attacks, weapons of mass destruction, or even other information related to violent crimes like robbery and carjacking. 
  • ...2 more annotations...
  • The latest update to the bill tacks on yet another kind of information, anything related to impending “serious economic harm.” All of those vague terms, Greene argues, widen the pipe of data that companies can send the government, expanding CISA into a surveillance system for the intelligence community and domestic law enforcement. If information-sharing legislation does not include adequate privacy protections, then...It’s a surveillance bill by another name. Senator Ron Wyden
  • “CISA goes far beyond [cybersecurity], and permits law enforcement to use information it receives for investigations and prosecutions of a wide range of crimes involving any level of physical force,” reads the letter from the coalition opposing CISA. “The lack of use limitations creates yet another loophole for law enforcement to conduct backdoor searches on Americans—including searches of digital communications that would otherwise require law enforcement to obtain a warrant based on probable cause. This undermines Fourth Amendment protections and constitutional principles.”
  • Paul Merrell on 23 Mar 15
     
    I read the legislation. It's as bad for privacy as described in the aritcle. And its drafting is incredibly sloppy.
Gonzalo San Gil, PhD.

Dynamic Malware Analysis Tools - Hacking Tutorials - 0 views

www.hackingtutorials.org/...dynamic-malware-analysis-tools

dynamic malware analysis tools hacking tutorials

shared by Gonzalo San Gil, PhD. on 16 Nov 15 - No Cached
  • Gonzalo San Gil, PhD. on 16 Nov 15
     
    "In this tutorial we will be covering dynamic malware analysis tools which are being used to determine the behaviour of malware after it has been executed. This tutorial is part 2 of 6 in our Malware Analysis tutorials on www.hackingtutorials.org. If you haven't read part 1 of this series please read it first before continuing on this malware analysis tutorial."
Paul Merrell

Cameron Calls June 23 EU Referendum as Cabinet Fractures - Bloomberg Business - 0 views

www.bloomberg.com/...m-on-eu-membership-for-june-23

surveillance state Apple iPhone hack FBI NSC

shared by Paul Merrell on 20 Feb 16 - No Cached
  • In a secret meeting convened by the White House around Thanksgiving, senior national security officials ordered agencies across the U.S. government to find ways to counter encryption software and gain access to the most heavily protected user data on the most secure consumer devices, including Apple Inc.’s iPhone, the marquee product of one of America’s most valuable companies, according to two people familiar with the decision.The approach was formalized in a confidential National Security Council “decision memo,” tasking government agencies with developing encryption workarounds, estimating additional budgets and identifying laws that may need to be changed to counter what FBI Director James Comey calls the “going dark” problem: investigators being unable to access the contents of encrypted data stored on mobile devices or traveling across the Internet. Details of the memo reveal that, in private, the government was honing a sharper edge to its relationship with Silicon Valley alongside more public signs of rapprochement.
  • On Tuesday, the public got its first glimpse of what those efforts may look like when a federal judge ordered Apple to create a special tool for the FBI to bypass security protections on an iPhone 5c belonging to one of the shooters in the Dec. 2 terrorist attack in San Bernardino, California that killed 14 people. Apple Chief Executive Officer Tim Cook has vowed to fight the order, calling it a “chilling” demand that Apple “hack our own users and undermine decades of security advancements that protect our customers.” The order was not a direct outcome of the memo but is in line with the broader government strategy.White House spokesman Josh Earnest said Wednesday that the Federal Bureau of Investigation and Department of Justice have the Obama administration’s “full” support in the matter. The government is “not asking Apple to redesign its product or to create a new backdoor to their products,” but rather are seeking entry “to this one device,” he said.
Gonzalo San Gil, PhD.

Cyber bill's final language likely to anger privacy advocates | TheHill - 0 views

thehill.com/...e-will-anger-privacy-advocates

cyber bill CISA final language anger privacy advocates worse than expeccted feared democracy scorn disdain politics menaced menace threat again

shared by Gonzalo San Gil, PhD. on 08 Dec 15 - No Cached
  • Gonzalo San Gil, PhD. on 08 Dec 15
     
    "By Cory Bennett - 12/07/15 09:55 AM EST Digital rights advocates are in an uproar as the final text of a major cybersecurity bill appears to lack some of the privacy community's favored clauses. In the last few weeks, House and Senate negotiators have been working unofficially to reach a compromise between multiple versions of a cyber bill that would encourage businesses to share more data on hacking threats with the government."
Gonzalo San Gil, PhD.

Database of 4 million Adult Friend Finder users leaked for all to see | Ars Technica [#... - 0 views

arstechnica.com/...er-users-leaked-for-all-to-see

database million friend finder users leaked leaks business world plenty of bored gossipers or coward opportunists

shared by Gonzalo San Gil, PhD. on 29 Nov 15 - No Cached
  • Gonzalo San Gil, PhD. on 29 Nov 15
     
    "by Dan Goodin - May 22, 2015 3:00 pm UTC Share Tweet 51 E-mail addresses, sexual orientations, and other sensitive details from almost four million AdultFriendFinder.com subscribers have been leaked onto the Internet following a hack that rooted the casual dating service, security researchers said."
Paul Merrell

Apple's New Challenge: Learning How the U.S. Cracked Its iPhone - The New York Times - 0 views

www.nytimes.com/...the-us-cracked-its-iphone.html

surveillance state Apple FBI San-Bernadino iPhone security

shared by Paul Merrell on 31 Mar 16 - No Cached
  • Now that the United States government has cracked open an iPhone that belonged to a gunman in the San Bernardino, Calif., mass shooting without Apple’s help, the tech company is under pressure to find and fix the flaw.But unlike other cases where security vulnerabilities have cropped up, Apple may face a higher set of hurdles in ferreting out and repairing the particular iPhone hole that the government hacked.The challenges start with the lack of information about the method that the law enforcement authorities, with the aid of a third party, used to break into the iPhone of Syed Rizwan Farook, an attacker in the San Bernardino rampage last year. Federal officials have refused to identify the person, or organization, who helped crack the device, and have declined to specify the procedure used to open the iPhone. Apple also cannot obtain the device to reverse-engineer the problem, the way it would in other hacking situations.
  • Paul Merrell on 31 Mar 16
     
    It would make a very interesting Freedom of Information Act case if Apple sued under that Act to force disclosure of the security hole iPhone product defect the FBI exploited. I know of no interpretation of the law enforcement FOIA exemption that would justify FBI disclosure of the information. It might be alleged that the information is the trade secret of the company that disclosed the defect and exploit to the the FBI, but there's a very strong argument that the fact that the information was shared with the FBI waived the trade secrecy claim. And the notion that government is entitled to collect product security defects and exploit them without informing the exploited product's company of the specific defect is extremely weak.  Were I Tim Cook, I would have already told my lawyers to get cracking on filing the FOIA request with the FBI to get the legal ball rolling. 
kasperskyhelpau

How to Detect Ransomware with Kaspersky Tool - 0 views

kasperskyantivirus-australia.blogspot.com/...ransomware-with-kaspersky.html

KASPERSKY ANTI-RANSOMWARE TOOL HOW TO DETECT RANSOMWARE DETECT RANSOMWARE WITH KASPERSKY TOOL

shared by kasperskyhelpau on 20 Sep 18 - No Cached
  • kasperskyhelpau on 20 Sep 18
     
    Lately, ransomware joined the cyber-attacks list and thus, it became the popular and dangerous online threat. It is very dangerous from that of other risks and malicious activities. In this threat, the attacker hacks & attacks your system, encrypts the data and asks for ransom. Kaspersky Support Australia team is here to help you in detecting the ransomware with the help of antivirus.
Paul Merrell

The punk rock internet - how DIY ​​rebels ​are working to ​replace the tech g... - 0 views

amp.theguardian.com/...e-tech-giants-snoopers-charter

internet freedom decentralization

shared by Paul Merrell on 02 Feb 18 - No Cached
  • What they are doing could be seen as the online world’s equivalent of punk rock: a scattered revolt against an industry that many now think has grown greedy, intrusive and arrogant – as well as governments whose surveillance programmes have fuelled the same anxieties. As concerns grow about an online realm dominated by a few huge corporations, everyone involved shares one common goal: a comprehensively decentralised internet.
  • In the last few months, they have started working with people in the Belgian city of Ghent – or, in Flemish, Gent – where the authorities own their own internet domain, complete with .gent web addresses. Using the blueprint of Heartbeat, they want to create a new kind of internet they call the indienet – in which people control their data, are not tracked and each own an equal space online. This would be a radical alternative to what we have now: giant “supernodes” that have made a few men in northern California unimaginable amounts of money thanks to the ocean of lucrative personal information billions of people hand over in exchange for their services.
  • His alternative is what he calls the Safe network: the acronym stands for “Safe Access for Everyone”. In this model, rather than being stored on distant servers, people’s data – files, documents, social-media interactions – will be broken into fragments, encrypted and scattered around other people’s computers and smartphones, meaning that hacking and data theft will become impossible. Thanks to a system of self-authentication in which a Safe user’s encrypted information would only be put back together and unlocked on their own devices, there will be no centrally held passwords. No one will leave data trails, so there will be nothing for big online companies to harvest. The financial lubricant, Irvine says, will be a cryptocurrency called Safecoin: users will pay to store data on the network, and also be rewarded for storing other people’s (encrypted) information on their devices. Software developers, meanwhile, will be rewarded with Safecoin according to the popularity of their apps. There is a community of around 7,000 interested people already working on services that will work on the Safe network, including alternatives to platforms such as Facebook and YouTube.
  • ...3 more annotations...
  • Once MaidSafe is up and running, there will be very little any government or authority can do about it: “We can’t stop the network if we start it. If anyone turned round and said: ‘You need to stop that,’ we couldn’t. We’d have to go round to people’s houses and switch off their computers. That’s part of the whole thing. The network is like a cyber-brain; almost a lifeform in itself. And once you start it, that’s it.” Before my trip to Scotland, I tell him, I spent whole futile days signing up to some of the decentralised social networks that already exist – Steemit, Diaspora, Mastadon – and trying to approximate the kind of experience I can easily get on, say, Twitter or Facebook.
  • And herein lie two potential breakthroughs. One, according to some cryptocurrency enthusiasts, is a means of securing and protecting people’s identities that doesn’t rely on remotely stored passwords. The other is a hope that we can leave behind intermediaries such as Uber and eBay, and allow buyers and sellers to deal directly with each other. Blockstack, a startup based in New York, aims to bring blockchain technology to the masses. Like MaidSafe, its creators aim to build a new internet, and a 13,000-strong crowd of developers are already working on apps that either run on the platform Blockstack has created, or use its features. OpenBazaar is an eBay-esque service, up and running since November last year, which promises “the world’s most private, secure, and liberating online marketplace”. Casa aims to be an decentralised alternative to Airbnb; Guild is a would-be blogging service that bigs up its libertarian ethos and boasts that its founders will have “no power to remove blogs they don’t approve of or agree with”.
  • An initial version of Blockstack is already up and running. Even if data is stored on conventional drives, servers and clouds, thanks to its blockchain-based “private key” system each Blockstack user controls the kind of personal information we currently blithely hand over to Big Tech, and has the unique power to unlock it. “That’s something that’s extremely powerful – and not just because you know your data is more secure because you’re not giving it to a company,” he says. “A hacker would have to hack a million people if they wanted access to their data.”
Paul Merrell

Elon Musk wants brain implants to merge humans with artificial intelligence | Science |... - 0 views

www.express.co.uk/...al-intelligence-elon-musk-news

brain-implants AI Musk

shared by Paul Merrell on 23 Aug 20 - No Cached
  • Elon Musk and his team of boffins are exploring ways in which they can connect a computer interface to the mind. The South African-born billionaire claims to have already trialled the revolutionary device on a monkey which was able to control the computer with its brain. Mr Musk said at a presentation on Tuesday: “A monkey has been able to control the computer with his brain.”
  • NeuraLink describes the device as “sewing machine-like”. The system implants ultra-thin threads deep into the brain’s nervous system.The company has applied to US regulators in the hopes of beginning trials on humans next year.Primarily, the firm states that initially it wants to help people with severe neurological conditions, but as with all of his companies, Mr Musk is aiming for more and sees humanity’s future as having “superhuman cognition”.The device in question, which is nameless so far, will see the tiny thread fitted with 3,000 electrodes which can monitor the activity of 1,000 neurons.
  • Mr Musk hopes the product will be on the market within four years.
Paul Merrell

DailyDot - 0 views

www.dailydot.com/...dead-cybersecurity-bill-failed

security state CISPA internet freedom data privacy

shared by Paul Merrell on 27 Apr 13 - No Cached
  • Experts and sources with knowledge of the situation say the most controversial Internet bill of the year, the Cyber Information Sharing and Protection Act (CISPA), is already dead in the water. That's good news for the millions worldwide who have formally registered their opposition to the bill. Designed to help the U.S. fight online attacks, CISPA would make it easier for corporations that are hacked to pass what they know to government agencies—including, critics say, swaths of your private information that would otherwise be protected by law. But though CISPA resoundingly passed the House of Representatives April 18, "it is extremely unlikely for the Senate" to vote on the bill," the ACLU's Michelle Richardson told the Daily Dot.
  • A Senate committee aide, who requested to not be named, told the Daily Dot that "there is no possible plan to bring up CISPA," in the Senate. The aide cited the fact that the Senate tried to pass its own cybersecurity bill, the Cybersecurity Act of 2012 (CSA). While unsuccessful, it underscored a desire for legislation that took more explicit efforts to protect individuals' Internet privacy. "There are just too many problems with it," the aide said of CISPA. This is backed up by U.S. News and World Report, which has reported that a staffer on the Senate's Committee on Commerce, Science and Transportation explicitly claims CISPA is no longer a possibility, and senators are "drafting separate bills" to include some CISPA provisions.
« First ‹ Previous 81 - 100 of 134 Next › Last »
Showing 20 items per page