Skip to main content

Home/ Indie Nation/ Group items tagged service

Rss Feed Group items tagged

Filter: All | Bookmarks | Topics Simple Middle
John Lemke

Amazon said to be negotiating Prime streaming music service | The Verge - 0 views

www.theverge.com/...-talks-music-streaming-service

2014 music Amazon streaming service indienationnews

shared by John Lemke on 27 Feb 14 - No Cached
  • Last year, we reported that Amazon was talking to the labels about an on-demand music service, and Recode has essentially confirmed that a dialog is ongoing.
  • At this point, the novelty of music streaming services has largely worn off, but Amazon's business approach could prove interesting. Just as it does with movies and TV shows, the company would likely include music streaming as part your Amazon Prime subscription. And while all of that content may seem like a lot when you factor in Prime's $79 fee, Amazon has recently said it's considering upping the annual cost by as much as $40. Having both music and video at your fingertips could help make a price hike easier to swallow.
John Lemke

RapidGator Wiped From Google by False DMCA Notices | TorrentFreak - 0 views

torrentfreak.com/e-by-false-dmca-notices-131223

2013 dmca google indienationnews legal law intellectualproperty take-down yourrights

shared by John Lemke on 24 Dec 13 - No Cached
  • File-hosting service RapidGator has had nearly all of its search results wiped from Google, including many clearly non-infringing pages. The URLs in question were removed by the search engine after a DMCA notice from several copyright holders. RapidGator is outraged and says the overbroad censorship is hurting its business, warning that the same could happen to others. “If it happens to us, it can happen to MediaFire or Dropbox tomorrow,” they state.
  • Thus far this has resulted in more than 200 million URLs being removed from Google’s search engine. While many of these takedown claims are legit, some are clearly false, censoring perfectly legitimate webpages from search results. File-hosting service RapidGator.net is one site that has fallen victim to such overbroad takedown requests. The file-hosting service has had nearly all its URLs de-listed, including its homepage, making the site hard to find through Google. Several other clearly non-infringing pages, including the FAQ, the news section, and even the copyright infringement policy, have also been wiped from Google by various takedown requests.
  • “Our robots.txt forbids search engines bots to index any file/* folder/ URLs. We only allow them to crawl our main page and the pages we have in a footer of the website. So most of the URLs for which Google gets DMCA notices are not listed in index by default,” RapidGator’s Dennis explains.
  • John Lemke on 24 Dec 13
     
    Quoting the article: "File-hosting service RapidGator has had nearly all of its search results wiped from Google, including many clearly non-infringing pages. The URLs in question were removed by the search engine after a DMCA notice from several copyright holders. RapidGator is outraged and says the overbroad censorship is hurting its business, warning that the same could happen to others. "If it happens to us, it can happen to MediaFire or Dropbox tomorrow," they state." This is, sooner or later, going to have to be addressed... It totally works against the concept of the cloud. I can not believe that more people are using the cloud for illegal uses than legit.
John Lemke

Swedes may soon exchange postage stamps for SMS codes - 0 views

arstechnica.com/...stage-stamps-for-sms-codes.ars

swedes wroteatindienation wroteatlockergnome 2011.03.15 2011 phone sms text cellphone stamp postage Sweden Denmark

shared by John Lemke on 15 Mar 11 - No Cached
  • John Lemke on 15 Mar 11
     
    that ritual is about to be replaced with a more high-tech one: people may soon be able to pay for their postage via text message, thereby eliminating the need for a stamp. The system works like this: Swedes will be able to send a text message to the postal service saying that they want postage for a letter. The postal service will then presumably charge an account on file, then respond with another text that contains a code. The letter-sender will then write the code on the envelope to show that postage had been paid.
John Lemke

Rdio Revamps Its Free Streaming Service, Offers More Radio Stations - 0 views

mashable.com/...rdio-free-streaming-overhaul

indienationnews 2014 NewMediaOrder Rdio streaming radio internet service radio stations

shared by John Lemke on 04 Sep 14 - No Cached
  • Music service Rdio unveiled a completely redesigned website, as well as iOS and Android apps on Thursday, emphasizing its expanded free streaming offerings.
  • Until now, Rdio has fallen pretty squarely into the latter camp, focusing on its on-demand subscription service with its free offerings as more of an afterthought.
  • The revamped Rdio highlights its free content more prominently, including additional customized radio stations
  • ...1 more annotation...
  • Rdio is also rolling out a new kind of station — curated stations. Curated stations are created in-house at Rdio and our based around topics like fitness, "classic cocktail party," or "angry breakup." These stations are unique, says Becherer, because each one is created individually and doesn't rely on algorithms like the rest of Rdio's stations.
John Lemke

FCC to buy out TV broadcasters to free up mobile spectrum | Ars Technica - 0 views

arstechnica.com/...ers-to-free-up-mobile-spectrum

indienationnews 2012 fcc broadband spectrum mobile bandwidth cellphone mobile mobile-web

shared by John Lemke on 30 Sep 12 - No Cached
    • John Lemke
      John Lemke on 30 Sep 12
       
      I had my first issue at step one, "asks broadcasters to tell the FCC how much it wold take for the agency to buy them out".  They claim that this is a way to keep cost down by hopefully grabbing the least popular via low bids.   I see two issues immediately.  Number one by asking them what they want they are going to immediately INCREASE the bids.  Two, if you are asking me what I want for my business to change how it broadcasts why would I not include any expense to make the switch. By asking them what they think a fair bid would be, they are, more or less, giving them a blank check.
  • the commission will put the newly-freed blocks of spectrum up for auction. If, as expected, the spectrum is more valuable when used for mobile services than broadcast television, then the FCC should reap significantly more from these traditional auctions than it had to pay for the spectrum in the original reverse auctions, producing a tidy profit for taxpayers.
    • John Lemke
      John Lemke on 30 Sep 12
       
      The objective at an auction is to purchase the object at the lowest possible cost.  How much mobile providers are willing to pay will determine how high bids will climb.  Based on how our current mobile providers already provide poor service when compared to the rest of the world, how much is that bandwidth actually worth to these companies that, more or less, have a lobbied stranglehold on the consumer?
  • ...6 more annotations...
  • Bergmayer also praised an FCC proposal to update its "spectrum screen," a set of rules that prevent any single provider from gaining too large a share of the spectrum available in a particular market. The current scheme, he said, "treats all spectrum alike, even though some spectrum bands are better-suited to mobile broadband than others." As a result, he argued, it has become ineffective at preventing Verizon and AT&T from gaining enough spectrum to threaten competition. He urged the FCC to revise the rules to ensure the new auctions don't further entrench the dominance of the largest incumbents.
    • John Lemke
      John Lemke on 30 Sep 12
       
      It is the stuff like this that worries me, on one hand they want a high bid, and on the other it is going to be regulated.
  • Over the last decade, it has become increasingly obvious that America's spectrum resources are mis-allocated. The proliferation of cell phones, and more recently smartphones and tablets, has given mobile providers a voracious appetite for new spectrum. But a big chunk of the available spectrum is currently occupied by broadcast television stations. With more and more households subscribed to cable, satellite, and Internet video services, traditional broadcast television is looking like an increasingly outmoded use of the scarce and valuable airwaves.
  • incumbent broadcasters have controlled their channels for so long that they've come to be regarded as de facto property rights. And needless to say, the politically powerful broadcasters have fiercely resisted any efforts to force them to relinquish their spectrum.
  • incentive auctions
  • The plan has three phases. In the first phase, the FCC will conduct a reverse auction in which it asks broadcasters to tell the FCC how much it would take for the agency to buy them out. Presumably, the least popular (and, therefore, least profitable) channels will submit the lowest bids. By accepting these low bids, the FCC can free up the maximum possible spectrum at the minimum cost
John Lemke

How LexisNexis and others may have unwittingly aided identity thieves | Ars Technica - 0 views

arstechnica.com/...ttingly-aided-identity-thieves

2013 identity thieves ars law legal security indienationnews

shared by John Lemke on 25 Sep 13 - No Cached
  • Wednesday's report exposes serious risks in what banks, mortgage companies, and other financial services call "knowledge-based authentication." Representatives from these services frequently rely on a list of about 100 questions such as "What was your previous address?" or "Which company services your mortgage?" when trying to determine if the person on the phone or filling out an application is the individual he claims to be. Ready access to the data stored by the data aggregators can make the difference between a fraudulent application being approved or rejected. Krebs goes on to recount a story told by Gartner fraud analyst Avivah Litan about a fellow analyst who witnessed an identity thief in action.
John Lemke

Comcast Declares War on Tor? - Deep Dot Web - 0 views

www.deepdotweb.com/...comcast-declares-war-tor

2014 indienationnews law legal tech Comcast ISP TOR

shared by John Lemke on 14 Sep 14 - No Cached
  • Comcast agents have contacted customers using Tor and instructed them to stop using the browser or risk termination of service. A Comcast agent named Jeremy allegedly called Tor an “illegal service.” The Comcast agent told its customer that such activity is against usage policies.
  • Users who try to use anonymity, or cover themselves up on the internet, are usually doing things that aren’t so-to-speak legal. We have the right to terminate,   fine, or suspend your account at anytime due to you violating the rules. Do you have any other questions? Thank you for contacting Comcast, have a great day.
  • Comcast previously corroborated with the FBI by providing information on alleged Silk Road mastermind Ross Ulbricht’s internet usage. Ulbricht’s legal defense without a warrant. Ulbricht was most certainly never given a warning by Comcast or given time to contact a lawyer before he was arrested in a San Francisco library last October. Comcast already monitors its customers internet usage to prevent them from downloading pirated media in violation of copyright laws. Under the “Six Strikes” plan, Comcast customers who are caught by Comcast pirating copy-written material are emailed by Comcast and told to cease the activity. Comcast will continue monitoring them, and if they violate the “Six Strikes” plan five more times, their internet service will be terminated.
John Lemke

Cambodia Wants Mandatory Surveillance Cameras In Internet Cafes | Techdirt - 0 views

www.techdirt.com/...e-cameras-internet-cafes.shtml

2012 indienationnews surveillance cameras internet cambodia yourrights

shared by John Lemke on 26 Sep 12 - No Cached
  • All telecommunications operators, sales outlets and distributors are obliged to register their business at local authorities. Meanwhile, all locations serving telephone services and Internet shall be equipped with closed circuit television camera and shall store footage data of users for at least 03 months. Telephone service corporation owners along public roads shall record National Identity Cards of any subscriber.
John Lemke

Microsoft's OneDrive For Business Throws Down Gauntlet For Box, Dropbox | TechCrunch - 0 views

techcrunch.com/...-down-gauntlet-for-box-dropbox

techcrunch microsoft business dropbox 2014 indienationnews tech technology

shared by John Lemke on 03 Mar 14 - No Cached
  • be unshackled from its other services, and sold as a standalone cloud storage solution for corporate customers. 
  • Now, with OneDrive for Business — the new SkyDrive Pro — Microsoft is selling cloud storage directly to businesses, no other strings attached. If you don’t want to buy into an Office-as-a-service contract, you can still buy cloud storage from Microsoft.
  • Microsoft is offering a deep discount — 50 percent
  • ...1 more annotation...
  • Dropbox has raised $607 million. Box has raised $414 million. That’s more than a billion for just two players in the market.
John Lemke

Forest Service says media needs photography permit in wilderness areas, alarming First ... - 0 views

www.oregonlive.com/...t_service_says_media_need.html

2014 2014.09.29-TNN photography media permit wilderness amendment indienationnews law legal yourrights

shared by John Lemke on 26 Sep 14 - No Cached
  • "It's pretty clearly unconstitutional," said Gregg Leslie, legal defense director at the Reporters Committee for Freedom of the Press in Alexandria, Va. "They would have to show an important need to justify these limits, and they just can't."
  • Close didn't cite any real-life examples of why the policy is needed or what problems it's addressing. She didn't know whether any media outlets had applied for permits in the last four years.
  • "The Forest Service needs to rethink any policy that subjects noncommercial photographs and recordings to a burdensome permitting process for something as simple as taking a picture with a cell phone," Wyden said. "Especially where reporters and bloggers are concerned, this policy raises troubling questions about inappropriate government limits on activity clearly protected by the First Amendment."
John Lemke

FBI pushes for surveillance backdoors in Web 2.0 tools - 0 views

arstechnica.com/...-backdoors-in-web-20-tools.ars

fbi surveillance cyberattack 2011 writeabout writeatlockergnome privacy spying monitoring

shared by John Lemke on 01 Mar 11 - No Cached
  • John Lemke on 01 Mar 11
     
    The FBI pushed Thursday for more built-in backdoors for online communication, but beat a hasty retreat from its earlier proposal to require providers of encrypted communications services to include a backdoor for law enforcement wiretaps. LUMPY HAS NOTES BELOW ties in with securirty and cyber attack.. use it as excuse
John Lemke

BBC News - Blizzard cuts off Iranian access to World of Warcraft - 0 views

www.bbc.com/...technology-19399375

2012 warcraft bbc news blizzard iranian access world of warcraft cuts TGGN 2012.09.11

shared by John Lemke on 12 Sep 12 - No Cached
  • "This week, Blizzard tightened up its procedures to ensure compliance with these laws, and players connecting from the affected nations are restricted from access to Blizzard games and services," read the statement. Unfortunately, said Blizzard, the same sanctions meant it could not give refunds to players in Iran or help them move their account elsewhere. "We apologise for any inconvenience this causes and will happily lift these restrictions as soon as US law allows," it added. Although the block on Wow has been imposed by Blizzard, other reports suggest a wider government ban might have been imposed.
John Lemke

Ain't No Science Fiction, Suspended Animation Is FDA Approved and Heading To Clinical T... - 0 views

singularityhub.com/...and-heading-to-clinical-trials

2012 science clinical trials fda medicine hypothermia suspended animation tauma surgery cooling

shared by John Lemke on 26 Sep 12 - No Cached
  • The Food and Drug Administration has already approved his technique for human trials, and he has secured funding from the Army to conduct the feasibility phase. Dr. Rhee is currently lobbying for funds to conduct a full trial. If he’s successful human trials could begin as early as next year.
  • What Dr. Rhee hopes to test on humans is a method he worked out for the past couple decades on pigs. Patients would be injected with a cold fluid to induce severe hypothermia. Clinically hypothermia is characterized by the drop of a person’s body temperature from its normal 98.6 degrees Fahrenheit (37 degrees Celcius) to lower than 95 degrees (35 C). Below 95, the heart, nervous system and other organs begin to fail. The strict range is indicative of a metabolic system with strict temperature requirements for proper function (death waits only a few degrees the other way as well). Dr. Rhee’s method involves injecting patients with a cold fluid that would bring the body’s temperature down to 50 degrees Fahrenheit (10 C). Sounds chilling, but when he induced the extreme hypothermia in pigs they came out just fine. Heart function, breathing, and brain function was completely normal.
  • Dr. Rhee is no stranger to high-stakes medicine. The native South Korean was trained at the Uniformed Services University Medical School in Bethesda, Maryland. Following a fellowship in trauma and critical care at the University of Washington’s Harborview Medical Center he served in the US Navy as director of the University of South California’s Navy Trauma Training Center at Los Angeles County. He was then sent to Afghanistan where he was one of the first surgeons at Camp Rhino. Later he started the first surgical unit at Ramadi, Iraq. His cool under fire was on display nationally as he performed surgery on US Representative Gabrielle Giffords after she was shot through the skull in the Tucson shootings this past January. His experience with induced hypothermia came into play the night of the shootings when Dr. Rhee removed part of the congresswoman’s skull. The wound had raised her body temperature and began “cooking the brain.” He used a device to cool Rep. Giffords’ skin.
John Lemke

US banks hit by more than a week of cyberattacks (Update) - 0 views

phys.org/...9-banks-week-cyberattacks.html

2012 banks Cyberwarefare cyber warfare cyberattack cyberwar USA Akamai Joe Lieberman

shared by John Lemke on 29 Sep 12 - No Cached
    • John Lemke
      John Lemke on 29 Sep 12
       
      They believe it was not a hacktivist attack because they are usually also associated with a rise in IRC and social network activity, those who would be joining the hacktivist event, and this even had no such spike.
  • Could a state actor be at play? U.S. Senator Joe Lieberman, without offering any proof, said he believed the assaults were carried out by Iran in retaliation for tightened economic sanctions imposed by the United States and its allies.
  • only a handful of groups out there that have the technical ability or incentive
  • ...3 more annotations...
  • at least half a dozen banks—including the Bank of America, JPMorgan Chase, and Citigroup—have witnessed traffic surges and disruptions. Not all have confirmed they were the victims of an online onslaught, but such surges are a hallmark of denial-of-service attacks, which work by drowning target websites with streams of junk data.
  • Such attacks are fairly common and generally don't compromise sensitive data or do any lasting damage. Still, they can be a huge headache for companies that rely on their websites to interact with customers.
  • Most say the recent spate of attacks has been unusually powerful. PNC bank, which was hit on Thursday, has never seen such a strong surge in traffic, spokesman Fred Solomon said in a telephone interview. Smith said he estimated the flow of data at 60 to 65 gigabits per second.
John Lemke

Java-based malware driving DDoS botnet infects Windows, Mac, Linux devices | Ars Technica - 0 views

arstechnica.com/...ects-windows-mac-linux-devices

2014 malware ddos windows mac linux technology tech security botnet

shared by John Lemke on 29 Jan 14 - No Cached
  • takes hold of computers by exploiting CVE-2013-2465, a critical Java vulnerability that Oracle patched in June. The security bug is present on Java 7 u21 and earlier. Once the bot has infected a computer, it copies itself to the autostart directory of its respective platform to ensure it runs whenever the machine is turned on. Compromised computers then report to an Internet relay chat channel that acts as a command and control server.
  • The botnet is designed to conduct distributed denial-of-service attacks on targets of the attackers' choice. Commands issued in the IRC channel allow the attackers to specify the IP address, port number, intensity, and duration of attacks.
John Lemke

Snowden Keeps Outwitting U.S. Spies - The Daily Beast - 0 views

www.thedailybeast.com/...till-outwitting-u-s-spies.html

2014 indienationnews legal law security Snowden Spying

shared by John Lemke on 11 Feb 14 - No Cached
  • First, it assumes that Snowden’s master file includes data from every network he ever scanned. Second, it assumes that this file is already in or will end up in the hands of America’s adversaries. If these assumptions turn out to be true, then the alarm raised in the last week will be warranted. The key word here is “if.”
    • John Lemke
      John Lemke on 11 Feb 14
       
      The two asumptions
  • One U.S. intelligence official briefed on the report said the DIA concluded that Snowden visited classified facilities outside the NSA station where he worked in Hawaii while he was downloading the documents he would eventually leak to journalists Glenn Greenwald and Barton Gellman. On Tuesday, Clapper himself estimated that less than 10 percent of the documents Snowden took were from the NSA.
    • John Lemke
      John Lemke on 11 Feb 14
       
      Seems not many of the documents were actually NSA documents.
  • assume
  • ...10 more annotations...
  • DIA director Gen. Michael Flynn put it this way on Tuesday in testimony before the House Permanent Select Committee on Intelligence: “We
  • that Snowden, everything that he touched, we assume that he took, stole.”
  • The U.S. intelligence official briefed on the report said the DIA was able to retrace the steps Snowden took inside the military’s classified systems to find every site where he rummaged around. “Snowden had a very limited amount of time before he would be detected when he did this, so we
  • assume
  • he zipped up the files and left,” this official said.
  • Bruce Schneier, a cybersecurity expert and cryptographer who Greenwald has consulted on the Snowden archive, said it was prudent to
  • assume
  • that lest some of Snowden’s documents could wind up in the hands of a foreign government.
  • In June, Greenwald told the Daily Beast that he did not know whether or not Snowden had additional documents beyond the ones he gave him. “I believe he does. He was clear he did not want to give to journalists things he did not think should be published.”
    • John Lemke
      John Lemke on 11 Feb 14
       
      He is not willing to release stuff he felt that journalist should not publish...
  • Snowden, however, has implied that he does not have control over the files he took. “No intelligence service—not even our own—has the capacity to compromise the secrets I continue to protect,” he wrote in July in a letter to former New Hampshire Republican senator Gordon Humphrey. “While it has not been reported in the media, one of my specializations was to teach our people at DIA how to keep such information from being compromised even in the highest threat counter-intelligence environments (i.e. China). You may rest easy knowing I cannot be coerced into revealing that information, even under torture.”
John Lemke

How Covert Agents Infiltrate the Internet to Manipulate, Deceive, and Destroy Reputatio... - 0 views

firstlook.org/...jtrig-manipulation

NSA GCHQ 2014 misinformation psyops surveillance spying espinoge yourrights indienationnews law

shared by John Lemke on 25 Feb 14 - No Cached
  • “The Art of Deception: Training for Online Covert Operations.”
  • Among the core self-identified purposes of JTRIG are two tactics: (1) to inject all sorts of false material onto the internet in order to destroy the reputation of its targets; and (2) to use social sciences and other techniques to manipulate online discourse and activism to generate outcomes it considers desirable. To see how extremist these programs are, just consider the tactics they boast of using to achieve those ends: “false flag operations” (posting material to the internet and falsely attributing it to someone else), fake victim blog posts (pretending to be a victim of the individual whose reputation they want to destroy), and posting “negative information” on various forums. 
  • Critically, the “targets” for this deceit and reputation-destruction extend far beyond the customary roster of normal spycraft: hostile nations and their leaders, military agencies, and intelligence services. In fact, the discussion of many of these techniques occurs in the context of using them in lieu of “traditional law enforcement” against people suspected (but not charged or convicted) of ordinary crimes or, more broadly still, “hacktivism”, meaning those who use online protest activity for political ends. The title page of one of these documents reflects the agency’s own awareness that it is “pushing the boundaries” by using “cyber offensive” techniques against people who have nothing to do with terrorism or national security threats, and indeed, centrally involves law enforcement agents who investigate ordinary crimes:
    • John Lemke
      John Lemke on 25 Feb 14
       
      Wow, how is not changing pictures and creating false victims not identity theft and conspiracy?  
  • ...4 more annotations...
  • it is not difficult to see how dangerous it is to have secret government agencies being able to target any individuals they want – who have never been charged with, let alone convicted of, any crimes – with these sorts of online, deception-based tactics of reputation destruction and disruption.
    • John Lemke
      John Lemke on 25 Feb 14
       
      Not only are you now guilty until proven innocent but, if you are guilty enough, we shall create a situation so that you are.
  • Government plans to monitor and influence internet communications, and covertly infiltrate online communities in order to sow dissension and disseminate false information, have long been the source of speculation. Harvard Law Professor Cass Sunstein, a close Obama adviser and the White House’s former head of the Office of Information and Regulatory Affairs, wrote a controversial paper in 2008 proposing that the US government employ teams of covert agents and pseudo-”independent” advocates to “cognitively infiltrate” online groups and websites, as well as other activist groups. Sunstein also proposed sending covert agents into “chat rooms, online social networks, or even real-space groups” which spread what he views as false and damaging “conspiracy theories” about the government. Ironically, the very same Sunstein was recently named by Obama to serve as a member of the NSA review panel created by the White House, one that – while disputing key NSA claims – proceeded to propose many cosmetic reforms to the agency’s powers (most of which were ignored by the President who appointed them).
    • John Lemke
      John Lemke on 25 Feb 14
       
      So one of the guys who advocates this and approves of it, gets to be on the NSA review committee?  Isn't that like Ted Kennedy on the Ethics Review Committee or the Warren Commission?
  • Whatever else is true, no government should be able to engage in these tactics: what justification is there for having government agencies target people – who have been charged with no crime – for reputation-destruction, infiltrate online political communities, and develop techniques for manipulating online discourse? But to allow those actions with no public knowledge or accountability is particularly unjustifiable.
John Lemke

2 million Facebook, Gmail and Twitter passwords stolen in massive hack - Dec. 4, 2013 - 0 views

money.cnn.com/...index.html

2013 passwords hack million

shared by John Lemke on 05 Dec 13 - No Cached
  • The massive data breach was a result of keylogging software maliciously installed on an untold number of computers around the world,
  • The virus was capturing log-in credentials for key websites over the past month and sending those usernames and passwords to a server controlled by the hackers.
  • Of all the compromised services, Miller said he is most concerned with ADP. Those log-ins are typically used by payroll personnel who manage workers' paychecks. Any information they see could be viewed by hackers until passwords are reset.
  • ...1 more annotation...
  • But in a statement, ADP said that, "To [its] knowledge, none of ADP's clients has been adversely affected by the compromised credentials."
John Lemke

Brazil passes an Internet 'Bill of Rights' - San Jose Mercury News - 0 views

www.mercurynews.com/...passes-an-internet-bill-rights

brazil bill of rights internet 2014

shared by John Lemke on 24 Apr 14 - No Cached
  • It also makes Internet service providers not liable for content published by their users and requires them to comply with court orders to remove offensive material.
  • "Our legislation can influence the worldwide debate aimed at finding a way to guarantee real rights in a virtual world,"
John Lemke

Shellshock: Code injection vulnerability found in Bash | LIVE HACKING - 0 views

www.livehacking.com/...on-vulnerability-found-in-bash

2014.09.29-TNN code bash hacking indienationnews 2014 technology tech security

shared by John Lemke on 26 Sep 14 - No Cached
  • A code injection vulnerability in the Bourne again shell (Bash) has been disclosed on the internet. If exploited then arbitrary commands can be executed, and where Bash is used in relation to a network service, for example in CGI scripts on a web server, then the vulnerability will allow remote code execution.
  • The problem is that Bash does not stop after processing the function definition; it continues to parse and execute any shell commands following the function definition
  • The vulnerability is deemed as critical because Bash is used widely on many types of UNIX-like operating systems including Linux, BSD, and Mac OS X.
  • ...1 more annotation...
  • The most prominent attack vector is via HTTP requests sent to CGI scripts executed by Bash. Also, if SSH has been configured to allow remote users to run a set of restricted commands, like rsync or git, this bug means that an attacker can use SSH to execute any command and not just the restricted command.
1 - 20 of 23 Next ›
Showing 20 items per page