Security

Neutrino Exploit Kit Has a New Way To Detect Security Researchers (csoonline.com) 26

itwbennett writes: [The Neutrino exploit kit] is using passive OS fingerprinting to detect visiting Linux machines, according to Trustwave researchers who found that computers they were using for research couldn't make a connection with servers that delivered Neutrino. Daniel Chechik, senior security researcher at Trustwave's SpiderLabs division wrote that they tried changing IP addresses and Web browsers to avoid whatever was causing the Neutrino server to not respond, but it didn't work. But by fiddling with some data traffic that Trustwave's computers were sending to the Neutrino server, they figured out what was going on.
Microsoft

Even With Telemetry Disabled, Windows 10 Talks To Dozens of Microsoft Servers (voat.co) 394

An esteemed reader writes: Curious about the various telemetry and personal information being collected by Windows 10, one user installed Windows 10 Enterprise and disabled all of the telemetry and reporting options. Then he configured his router to log all the connections that happened anyway. Even after opting out wherever possible, his firewall captured Windows making around 4,000 connection attempts to 93 different IP addresses during an 8 hour period, with most of those IPs controlled by Microsoft. Even the enterprise version of Windows 10 is checking in with Redmond when you tell it not to — and it's doing so frequently.
Botnet

Online Museum Displays Decades of Malware (thestack.com) 36

An anonymous reader writes: archive.org has launched a Museum of Malware, which devotes itself to a historical look at DOS-based viruses of the 1980s and 1990s, and gives viewers the opportunity to run the viruses in a DOS game emulator, and to download 'neutered' versions of the code. With an estimated 50,000 DOS-based viruses in existence by the year 2000, the Malware Museum's 65 examples should be seen as representative of an annoying, but more innocent era of digital vandalism.
Cloud

Docker Images To Be Based On Alpine Linux (brianchristner.io) 70

New submitter Tenebrousedge writes: Docker container sizes continue a race to the bottom with a couple of environments weighing in at less than 10MB. Following on the heels of this week's story regarding small images based on Alpine Linux, it appears that the official Docker images will be moving from Debian/Ubuntu to Alpine Linux in the near future. How low will they go?
Security

Avast SafeZone Browser Lets Attackers Access Your Filesystem (softpedia.com) 31

An anonymous reader writes: Just two days after Comodo's Chromodo browser was publicly shamed by Google Project Zero security researcher Tavis Ormandy, it's now Avast's turn to be publicly scorned for failing to provide a "secure" browser for its users. Called SafeZone, and also known as Avastium, Avast's custom browser is offered as a bundled download for all who purchase or upgrade to a paid version of Avast Antivirus 2016. This poor excuse of a browser was allowing attackers to access files on the user's filesystem just by clicking on malicious links. The browser wouldn't even have to be opened, and the malicious link could be clicked in "any" browser.
Bug

Some Reversible USB-C Cables/Adapters Could Cause Irreversible Damage 121

TheRealHocusLocus writes: Three Decembers ago I lauded the impending death of the trapezoid. Celebration of the rectangle might be premature however, because in the rush-to-market an appalling number of chargers, cables and legacy adapters have been discovered to be non-compliant. There have been performance issues with bad USB implementation all along, but now — with improved conductors USB-C offers to negotiate up to 3A in addition the 900ma base, so use of a non-compliant adapter may result in damage. Google engineer and hero Benson Leung has been waging a one-man compliance campaign of Amazon reviews to warn of dodgy devices and praise the good. Reddit user bmcclure937 offers a spreadsheet summary of the reviews. It's a jungle out there, don't get fried.
Stats

The Performance of Ubuntu Linux Over the Past 10 Years (phoronix.com) 105

An anonymous reader writes: Tests were carried out at Phoronix of all Ubuntu Long-Term Support releases from the 6.06 "Dapper Drake" release to 16.04 "Xenial Xerus," looking at the long-term performance of (Ubuntu) Linux using a dual-socket AMD Opteron server. Their benchmarks of Ubuntu's LTS releases over 10 years found that the Radeon graphics performance improved substantially, the disk performance was similar while taking into account the switch from EXT3 to EXT4, and that the CPU performance had overall improved for many workloads thanks to the continued evolution of the GCC compiler.
Books

Amazon's Thin Helvetica Syndrome: Font Anorexia vs. Kindle Readability (teleread.com) 141

David Rothman writes: The Thin Helvetica Syndrome arises from the latest Kindle upgrade and has made e-books less readable for some. In the past, e-book-lovers who needed more perceived-contrast between text and background could find at least partial relief in Helvetica because the font was heavy by Kindle standards. But now some users complain that the 5.7.2 upgrade actually made Helvetica thinner. Of course, the real cure would be an all-text bold option for people who need it, or even a way to adjust font weight, a feature of Kobo devices. But Amazon stubbornly keeps ignoring user pleas even though the cost of adding either feature would be minimal. Isn't this supposed to be a customer-centric company?
Open Source

CFQ In Linux Gets BFQ Characteristics 64

jones_supa writes: Paolo Valente from University of Modena has submitted a Linux kernel patchset which replaces CFQ (Completely Fair Queueing) I/O scheduler with the last version of BFQ (Budget Fair Queuing, a proportional-share scheduler). This patchset first brings CFQ back to its state at the time when BFQ was forked from CFQ. Paolo explains: "Basically, this reduces CFQ to its engine, by removing every heuristic and improvement that has nothing to do with any heuristic or improvement in BFQ, and every heuristic and improvement whose goal is achieved in a different way in BFQ. Then, the second part of the patchset starts by replacing CFQ's engine with BFQ's engine, and goes on by adding current BFQ improvements and extra heuristics." He provides a link to the thread in which it is agreed on this idea, and a direct link to the e-mail describing the steps.
Communications

A Bot That Drives Robocallers Insane 239

Trailrunner7 writes: Robocalls are among the more annoying modern inventions, and consumers and businesses have tried just about every strategy for defeating them over the years, with little success. But one man has come up with a bot of his own that sends robocallers into a maddening hall of mirrors designed to frustrate them into surrender. The bot is called the Jolly Roger Telephone Company, and it's the work of Roger Anderson, a veteran of the phone industry himself who had grown tired of the repeated harassment from telemarketers and robocallers. Anderson started out by building a system that sat in front of his home landlines and would tell human callers to press a key to ring through to his actual phone line; robocallers were routed directly to an answering system. He would then white-list the numbers of humans who got through. Sometimes the Jolly Roger bot will press buttons to be transferred to a human agent and other times it will just talk back if a human is on the other end of the line to begin with.
Bug

Have Your iPhone 6 Repaired, Only To Get It Bricked By Apple (theguardian.com) 383

New submitter Nemosoft Unv. writes: In case you had a problem with the fingerprint sensor or some other small defect on your iPhone 6 and had it repaired by a non-official (read: cheaper) shop, you may be in for a nasty surprise: error 53. What happens is that during an OS update or re-install the software checks the internal hardware and if it detects a non-Apple component, it will display an error 53 and brick your phone. Any photos or other data held on the handset is lost – and irretrievable. Thousands of people have flocked to forums to express their dismay at this. What's more insiduous is that the error may only appear weeks or months after the repair. Incredibly, Apple says this cannot be fixed by any hard- or software update, while it is clearly their software that causes the problem in the first place. And then you thought FTDI was being nasty ...
Security

MIT Reveals "Hack-Proof" RFID Chip (thestack.com) 52

JustAnotherOldGuy writes: A group of researchers at MIT and Texas Instruments claim that they have developed a new radio frequency identification chip that may be impossible to hack. Traditional RFID chips are vulnerable to side-channel attacks, whereby a hacker can extract a cryptographic key from the chip. The new RFID chip runs a random-number generator that creates a new secret key after each transaction. The key can then be verified with a server to ensure that it is correct. The group at MIT also incorporated protection against a power-glitch attack, an attack that would normally leave a chip vulnerable to an interruption of the power source that would in turn halt the creation of a new secret key. Texas Instruments CTO Ahmad Bahai stated, "We believe this research is an important step toward the goal of a robust, lo-cost, low-power authentication protocol for the industrial internet." The question is, how long will it be before this "hack proof" chip is hacked?
Security

Anti-Malware Maker Files Lawsuit Over Bad Review (csoonline.com) 160

itwbennett writes: In a lawsuit filed January 8, 2016, Enigma Software, maker of anti-malware software SpyHunter, accuses self-help portal Bleeping Computer of making 'false, disparaging, and defamatory statements.' At issue: a bad review posted by a user in September, 2014. The lawsuit also accuses Bleeping Computer of profiting from driving traffic to competitor Malwarebytes via affiliate links: 'Bleeping has a direct financial interest in driving traffic and sales to Malwarebytes and driving traffic and sales away from ESG.' Perhaps not helping matters, one of the first donations to a fund set up by Bleeping Computer to help with legal costs came from Malwarebytes.
Google

Google Targets Fake "Download" and "Play" Buttons (torrentfreak.com) 117

AmiMoJo writes: Google says it will go to war against the fake 'download' and 'play' buttons that attempt to deceive users on file-sharing and other popular sites. According to a new announcement from the company titled 'No More Deceptive Download Buttons', Google says it will expand its eight-year-old Safe Browsing initiative to target some of the problems highlighted above. 'You may have encountered social engineering in a deceptive download button, or an image ad that falsely claims your system is out of date. Today, we're expanding Safe Browsing protection to protect you from such deceptive embedded content, like social engineering ads,' the company says.
AI

Harnessing Artificial Intelligence To Build an Army of Virtual Analysts 41

An anonymous reader writes: PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market. Their goal was to make a system capable of mimicking the knowledge and intuition of human security analysts so that attacks can be detected in real time. The platform can go through millions of events per day and can make an increasingly better evaluation of whether they are anomalous, malicious or benign.
Security

Push To Hack: Reverse Engineering an IP Camera (contextis.com) 35

New submitter tetraverse writes: For our most recent IoT adventure, we've examined an outdoor cloud security camera [the Motorola Focus 73] which like many devices of its generation a) has an associated mobile app b) is quick to setup and c) presents new security threats to your network. From the article: This blog describes in detail how we were able to exploit the camera without access to the local network, steal secrets including the home networkâ(TM)s Wi-Fi password, obtain full control of the PTZ (Pan-Tilt-Zoom) controls and redirect the video feed and movement alerts to our own server; effectively watching the watchers.
Crime

Survey: Average Successful Hack Nets Less Than $15,000 (csoonline.com) 84

itwbennett writes: According to a Ponemon Institute survey, hackers make less than $15,000 per successful attack and net, on average, less than $29,000 a year. The average attacker conducts eight attacks per year, of which less than half are successful. Among the findings that will be of particular interest to defenders: Hackers prefer easy targets and will call off an attack if it is taking too long. According to the survey, 13 percent quit after a delay of five hours. A delay of 10 hours causes 24 percent to quit, a delay of 20 hours causes 36 to quit, and a majority of 60 percent will give up if an attack takes 40 additional hours. 'If you can delay them by two days, you can deter 60 percent of attacks,' said Scott Simkin, senior threat intelligence manager at Palo Alto Networks, which sponsored the study.
Bug

IRS Computer Problems Shut Down Tax Return E-file System (foxnews.com) 171

Mr.Intel writes: The IRS stopped accepting electronically filed tax returns Wednesday because of problems with some of its computer systems. The outage could affect refunds, but the agency said it doesn't anticipate "major disruptions." A "hardware failure" forced the shutdown of several tax processing systems, including the e-file system, the IRS said in a statement. The IRS.gov website remains available, but "where's my refund" and other services are not working. Some systems will be out of service at least until Thursday, the agency said. "The IRS is currently in the process of making repairs and working to restore normal operations as soon as possible," the IRS said.
Bug

Ask Slashdot: Fixing UVC Camera Issues Under Windows? 147

Khyber writes: I bought some cheap Chinese camera glasses with built-in microphones. These are (supposedly) UVC cameras manufactured in 2015. Under Windows XP, these cameras are seen perfectly fine and work as web cameras; even the microphones work. Under Windows 7, the camera appears to install just fine, however I get the 'This device can perform faster if you connect to USB 2.0' (which it is connected to) and when I try to load it up with any camera viewer such as manycam or any chat program's built-in previewer, I cannot receive any video from the camera. I can get audio from the camera microphones under Windows 7, so I am wondering if the camera device is having problems enumerating as a USB 2.0 device due to some change in Windows 7 (which it doesn't seem to have issues doing under XP,) or if the UVC driver for Windows 7 is missing something in comparison to the one used for Windows XP. Anybody else had issues getting newer UVC cameras to work in newer operating systems?
Programming

Winner of the 2015 Underhanded C Contest Announced (underhanded-c.org) 48

Xcott Craver writes: The Underhanded C contest results have now been announced. This time the contest challenge was to cause a false match in a nuclear inspection scenario, allowing a country to remove fissile material from a warhead without being noticed. The winner receives $1000 from the Nuclear Threat Initiative.

Slashdot Top Deals