Group items tagged

"Zero-day exploits are often put up by renowned hacker groups. Typically, the zero-day attack exploits a bug that neither developers, nor the users, know about. Indeed, this is exactly what the malicious coders anticipate. By discovering a software vulnerability before the software's developers do, a hacker can make a worm or virus that can be used to exploit the vulnerability and harm computers"

"Update: About two hours after this post went live, WordPress released a critical security update that fixes the 0day vulnerability described below. The WordPress content management system used by millions of websites is vulnerable to two newly discovered threats that allow attackers to take full control of the Web server. Attack code has been released that targets one of the latest versions of WordPress, making it a zero-day exploit that could touch off a series of site hijackings throughout the Internet."

"Update: About two hours after this post went live, WordPress released a critical security update that fixes the 0day vulnerability described below. The WordPress content management system used by millions of websites is vulnerable to two newly discovered threats that allow attackers to take full control of the Web server. Attack code has been released that targets one of the latest versions of WordPress, making it a zero-day exploit that could touch off a series of site hijackings throughout the Internet."

[ Andy on July 15, 2015 C: 69 News A researcher who exposed security flaws in tools used to monitor the Internet usage of UK students has been hit with a copyright complaint. 'Slipstream' discovered flaws in Impero Education Pro which could reveal the personal details of thousands of pupils but in response Impero has sent in its legal team. ...]

[ Andy on July 15, 2015 C: 69 News A researcher who exposed security flaws in tools used to monitor the Internet usage of UK students has been hit with a copyright complaint. 'Slipstream' discovered flaws in Impero Education Pro which could reveal the personal details of thousands of pupils but in response Impero has sent in its legal team. ...]

Although Google issued a patch for its Nexus line, hackers can have a field day exploiting a recently discovered lockscreen vulnerability on other Android products. "Even when users feel confident about locking their phone with a strong password, if their device is exposed to this exploit, it does not really matter how strong the password is," noted Armando Leon, director of mobile at LaunchKey.

Although Google issued a patch for its Nexus line, hackers can have a field day exploiting a recently discovered lockscreen vulnerability on other Android products. "Even when users feel confident about locking their phone with a strong password, if their device is exposed to this exploit, it does not really matter how strong the password is," noted Armando Leon, director of mobile at LaunchKey.

"Christine Hall Now that Microsoft has been pretty much neutralized as a threat, who's next on the list to be free tech's "public enemy number one?""

"Over the past several months, many of the world's most famous scientists and engineers - including Stephen Hawking - have said that one of the biggest threats to humanity is an artificial superintelligence. But Linus Torvalds, the irascible creator of open source operating system Linux, says their fears are idiotic."

"Over the past several months, many of the world's most famous scientists and engineers - including Stephen Hawking - have said that one of the biggest threats to humanity is an artificial superintelligence. But Linus Torvalds, the irascible creator of open source operating system Linux, says their fears are idiotic."

"Ten top-level domains are to blame for at least 95 percent of the websites that pose a potential threat to visitors Maria Korolov By Maria Korolov Follow CSO | Sep 1, 2015 1:00 AM PT"

"Summary: News about patents from all across the Web, placing special emphasis on software patents and how these affect Free software projects, including Linux and Android"

the obvious conflict of interest between the standards-based web and proprietary platforms advanced by Microsoft, and the rationales for keeping the web's client-side programming language small while the proprietary platforms rapidly evolve support for large languages, does not help maintain the fiction that only clashing high-level philosophies are involved here. Readers may not know that Ecma has no provision for "minor releases" of its standards, so any ES3.1 that was approved by TG1 would inevitably be given a whole edition number, presumably becoming the 4th Edition of ECMAScript. This is obviously contentious given all the years that the majority of TG1, sometimes even apparently including Microsoft representatives, has worked on ES4, and the developer expectations set by this long-standing effort. A history of Microsoft's post-ES3 involvement in the ECMAScript standard group, leading up to the overt split in TG1 in March, is summarized here. The history of ECMAScript since its beginnings in November 1996 shows that when Microsoft was behind in the market (against Netscape in 1996-1997), it moved aggressively in the standards body to evolve standards starting with ES1 through ES3. Once Microsoft dominated the market, the last edition of the standard was left to rot -- ES3 was finished in 1999 -- and even easy-to-fix standards conformance bugs in IE JScript went unfixed for eight years (so three years to go from Edition 1 to 3, then over eight to approach Edition 4). Now that the proposed 4th edition looks like a competitive threat, the world suddenly hears in detail about all those bugs, spun as differences afflicting "JavaScript" that should inform a new standard.

"According to the Open Security Foundation, three out of 10 of the all-time worst security breaches happened this year. That includes 173 million records from the NYC Taxi & Limousine Commission, 145 million records at Ebay, and 104 million records from the Korea Credit Bureau." [# ! Let's #keep on #Learning... # ! ... as #threats are always #watching.]

"According to the Open Security Foundation, three out of 10 of the all-time worst security breaches happened this year. That includes 173 million records from the NYC Taxi & Limousine Commission, 145 million records at Ebay, and 104 million records from the Korea Credit Bureau."

[... copyright-induced stupidity...] "from the 'all-applicants-must-have-brain-wiped-before-leaving-testing-area' dept Today's copyright-induced stupidity is brought to you by… a whole host of regulatory institutions. An anonymous Techdirt reader sent in a pointer to this ridiculous warning that greets those accessing the National Association of Legal Assistants practice tests. (Press "Sign In" to view the legal threats pop-up.) "

[... copyright-induced stupidity...] "from the 'all-applicants-must-have-brain-wiped-before-leaving-testing-area' dept Today's copyright-induced stupidity is brought to you by… a whole host of regulatory institutions. An anonymous Techdirt reader sent in a pointer to this ridiculous warning that greets those accessing the National Association of Legal Assistants practice tests. (Press "Sign In" to view the legal threats pop-up.) "

I read the legislation. It's as bad for privacy as described in the aritcle. And its drafting is incredibly sloppy.

"By Cory Bennett - 12/07/15 09:55 AM EST Digital rights advocates are in an uproar as the final text of a major cybersecurity bill appears to lack some of the privacy community's favored clauses. In the last few weeks, House and Senate negotiators have been working unofficially to reach a compromise between multiple versions of a cyber bill that would encourage businesses to share more data on hacking threats with the government."

[Top-down, international regulation is antithetical to the Net, which has flourished under its current governance model. ...]

A further thought: There is binding and enforceable international law on the subject of freedom of speech and access to information in a treaty that has been ratified by all nations other than China, which has signed but not yet ratified the treaty. That treaty's terms might provide a rallying point for at least limiting the ITU's desire to grab power over the Internet. The International Covenant on Civil and Political Rights ("ICCRR") Article 19 provides: "1. Everyone shall have the right to hold opinions without interference. "2. Everyone shall have the right to freedom of expression; this right shall include freedom to seek, receive and impart information and ideas of all kinds, regardless of frontiers, either orally, in writing or in print, in the form of art, or through any other media of his choice. "3. The exercise of the rights provided for in paragraph 2 of this article carries with it special duties and responsibilities. It may therefore be subject to certain restrictions, but these shall only be such as are provided by law and are necessary: (a) For respect of the rights or reputations of others; (b) For the protection of national security or of public order (ordre public), or of public health or morals." http://www2.ohchr.org/english/law/ccpr.htm The last exception is broader than what I would prefer. However, while the rights created by by the ICCRR transcend national boundaries, the quoted provision unquestionably stands for the proposition that exception (b) applies only to nations and not to a U.N. body itself. Therefore, there is a very strong argument that content-based both content-based restrictions and changes in the internet's functioning to facilitate such restrictions are beyond the legal jurisdiction of the ITU. I.e., changes in the internet's functioning to facilitate content-based restrictions require consideration of the content types to be restricted. The treaty permits only national level restrictions and arguably, it thereb

*Oh, we got -even from before- The Art 27 of The THE UNIVERSAL DECLARATION OF HUMAN RIGHTS https://www.un.org/en/documents/udhr/index.shtml#a27 [(1) Everyone has the right freely to participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits. ...] And, as 'NOBODY' (Repeat 'NOBODY') has demonstrated that sharing affects negatively to creators (more yet, all the contrary), saying that SHARING (in any way the technology allows) is an EXCELLENT way to "participate in the cultural life of the community, to enjoy the arts and to share in scientific advancement and its benefits." is The Ultimate Truth. http://www.p2pnet.net/story/7566 *'Authorities only want to control the Information Flow... ...Nothing related with the "Defence" of Anything... but their own craving of control.

"The Electronic Frontier Foundation (EFF) has created this Surveillance Self-Defense site to educate the American public about the law and technology of government surveillance in the United States, providing the information and tools necessary to evaluate the threat of surveillance and take appropriate steps to defend against it. "

"The Internet Infrastructure Coalition is urging the U.S. Government not to blindly follow the RIAA and MPAA's input regarding online piracy threats. The group, which represents tech firms including Google, Amazon and Verisign, warns that the future of the Internet is at stake"

" Ernesto on July 8, 2016 C: 16 News Various music and movie industry groups have warned that fair use exceptions are a threat. The groups were responding to proposals put forward in Australia by the Government's Productivity Commission. They claim that content creators will be severely disadvantaged if fair use is introduced Down Under. "

[A senior State Department official has stressed the Obama administration's opposition to a controversial cybersecurity bill ahead of a vote in the House of Representatives later this week. The Cyber Intelligence Sharing and Protection Act (Cispa) is intended to facilitate sharing of information on ...online threats across different federal agencies and private companies. It has been criticised by both activists and politicians of both Democrats and Republicans for vague wording and insufficient safeguards.]