IT-Networks

SecureMac releases PrivacyScan for Mac App Store

ITN News — Thu, 02 Feb 2012 18:45:11 +0000

PrivacyScan, Privacy Protection for Your Mac, is now available on the Mac App Store. PrivacyScan protects online and offline privacy by shredding files that can be used to track your web browsing and computer usage. Going above and beyond United States DoD (Department of Defense) government standards, PrivacyScan's shred feature can overwrite data with up to 35 passes! January 26, 2012 - Las Vegas, Nevada - SecureMac.com is excited to announce the release of PrivacyScan, Privacy Protection for your Mac. The company's first Mac App Store release, PrivacyScan is a utility designed for people who value privacy and want to keep their online and offline experiences private. Every time you surf the web or use your computer, bits of information are left behind -- information that could compromise your privacy. PrivacyScan provides protection against these threats by scanning your Mac for files containing sensitive information and offering multiple levels of shredding to securely erase them from your system. With PrivacyScan, you can safely and securely destroy these hidden threats -- saving space on your system and keeping your personal information from prying eyes. PrivacyScan works by searching for known applications which leave files on your computer that could lead to privacy concerns. PrivacyScan offers support for a wide range of items, including popular web browsers such as Camino, Chrome, Firefox, Flock, iCab, OmniWeb, Opera, Safari, SeaMonkey, and Shiira, privacy threats presented by Flash Cookies, as well as standard apps such as Finder, Preview, and QuickTime. Once a scan has run its course and privacy threats have been detected, PrivacyScan offers a variety of choices for cleaning -- from a standard quick delete to one of the many secure delete shredding options. SecureMac's president, Nicholas Raba, describes a recent experience: "Over the holidays, all of the relatives were in town. The little kids ended up sneaking onto the computer and looking up the purchase history from all of the recent online shopping, and managed to ruin the surprise by finding out what all of the presents were before they even opened them! PrivacyScan can help you avoid situations like this." With PrivacyScan, you can rest assured that your tracks remain covered, your private information remains private, and deleted items stay that way. To learn more about PrivacyScan visit http://privacyscan.securemac.com/ Pricing and Availability: PrivacyScan 1.0 is available at a introductory price of $4.99 USD (or equivalent amount in other currencies) and is available worldwide through the Mac App Store in the Utilities category. http://itunes.apple.com/us/app/privacyscan/id494950833?ls=1&mt=12 By: Nicholas Raba

IT-Networks - Latest Security and Tech News

Zuckerberg describes FB’s ‘hacker way’

ITN News — Thu, 02 Feb 2012 18:40:14 +0000

In Facebook's regulatory filing for an initial public offering of stock, CEO Mark Zuckerberg included a letter to potential investors about the company's thinking. He described it as a social mission to make the world more open and connected. He also discussed Facebook's approach to culture and management: "As part of building a strong company, we work hard at making Facebook the best place for great people to have a big impact on the world and learn from other great people. We have cultivated a unique culture and management approach that we call the Hacker Way. "The word 'hacker' has an unfairly negative connotation from being portrayed in the media as people who break into computers. In reality, hacking just means building something quickly or testing the boundaries of what can be done. Like most things, it can be used for good or bad, but the vast majority of hackers I've met tend to be idealistic people who want to have a positive impact on the world. "The Hacker Way is an approach to building that involves continuous improvement and iteration. Hackers believe that something can always be better, and that nothing is ever complete. They just have to go fix it - often in the face of people who say it's impossible or are content with the status quo. "Hackers try to build the best services over the long term by quickly releasing and learning from smaller iterations rather than trying to get everything right all at once. To support this, we have built a testing framework that at any given time can try out thousands of versions of Facebook. We have the words 'Done is better than perfect' painted on our walls to remind ourselves to always keep shipping. "Hacking is also an inherently hands-on and active discipline. Instead of debating for days whether a new idea is possible or what the best way to build something is, hackers would rather just prototype something and see what works. There's a hacker mantra that you'll hear a lot around Facebook offices: 'Code wins arguments.' "Hacker culture is also extremely open and meritocratic. Hackers believe that the best idea and implementation should always win - not the person who is best at lobbying for an idea or the person who manages the most people. "To encourage this approach, every few months we have a hackathon, where everyone builds prototypes for new ideas they have. At the end, the whole team gets together and looks at everything that has been built. Many of our most successful products came out of hackathons, including Timeline, chat, video, our mobile development framework and some of our most important infrastructure like the HipHop compiler. "To make sure all our engineers share this approach, we require all new engineers - even managers whose primary job will not be to write code - to go through a program called Bootcamp where they learn our codebase, our tools and our approach. There are a lot of folks in the industry who manage engineers and don't want to code themselves, but the type of hands-on people we're looking for are willing and able to go through Bootcamp."

IT-Networks - Latest Security and Tech News

DARPA Researchers Design Eye-Enhancing Virtual Reality Contact Lenses

ITN News — Thu, 02 Feb 2012 17:53:29 +0000

Currently being developed by DARPA researchers at Washington-based Innovega iOptiks are contact lenses that enhance normal vision by allowing a wearer to view virtual and augmented reality images without the need for bulky apparatus. Instead of oversized virtual reality helmets, digital images are projected onto tiny full-color displays that are very near the eye. These novel contact lenses allow users to focus simultaneously on objects that are close up and far away. This could improve ability to use tiny portable displays while sill interacting with the surrounding environment. Developed as part of DARPA’s Soldier Centric Imaging via Computational Cameras (SCENICC) program, SCENICC’s objective is to eliminate the ISR capability gap that exists at the individual Soldier level. The program seeks to develop novel computational imaging capabilities and explore joint design of hardware and software that give warfighters access to systems that greatly enhance their awareness, security and survivability.

IT-Networks - Latest Security and Tech News

Sandia Labs Engineers Create ‘Self-Guided’ Bullet

ITN News — Thu, 02 Feb 2012 17:15:03 +0000

Figuring out how to pack a processor and other sophisticated equipment into a machine gun bullet has been a challenge, but engineers at Sandia National Laboratories say the miniature guidance system they’ve developed is a breakthrough. A bullet that directs itself like a tiny guided missile and can hit a target more than a mile away has the potential to change the battlefield for soldiers without costing too much, engineers said Wednesday. Sandia technical staff member Red Jones said the .50-caliber bullets are being designed to work with military machine guns, so soldiers could hit their mark faster and with precision. “Everybody thought it was too difficult to make things small enough. We knew we could deal with that. The other thing was it was going to be too complicated and expensive,” he said. “We came up with an innovative way around that to make it stupid and cheap and still pretty good.” Developing more precise weaponry has been a mission for government and industry scientists for decades. Most recently, the research arm of the U.S. Department of Defense has awarded tens of millions of dollars in contracts to companies to develop guided ammunition for snipers and special scopes that account for crosswinds and other environmental variables. The idea behind Sandia Labs’ bullet is rooted more in the M2, a belt-fed machine gun that became standard issue in the U.S. Army nearly 80 years ago. Pairing the M2 with the guided bullet would allow soldiers to hit their mark faster and with precision. At 4 inches long and a half-inch in diameter, the bullet is designed to twist and turn, making up to 30 corrections per second. Jones and his fellow researchers had initial success testing the design in computer simulations and in field tests of prototypes, built from commercially available parts. With most of the hard science done, Jones said the next step is for Sandia to partner with a private company to complete testing of the prototype and bring a guided bullet to the marketplace. More than $1 million in research and development grants have taken the project this far. Computer simulations showed an unguided bullet under real-world conditions could miss a target more than a half mile away by nearly 10 yards. But according to the patent, a guided bullet would get within eight inches. The design for the bullet includes an optical sensor to detect a laser beam on a target. The sensor sends information to guidance and control electronics that use an algorithm in an eight-bit central processing unit to command electromagnetic actuators. The actuators steer the fins that guide the bullet. Jones said there are still some engineering problems to be sorted out that will make the bullet more practical – for example, it will have to be tough enough to be dropped off the back of a truck and still work. Even more innovation is needed for the manufacturing process. What we want to do is make it cheap enough to make it cost effective for the military to use in a machine gun,” he said. “It’s not going to be millions of dollars, but it’s not going to be a buck a piece either.” The technology has captured the interest of weapons experts, both for the successful miniaturization of guidance systems that are usually reserved for missiles and for the potential benefits of precision. “All of a sudden now you’ve got a way to eliminate the collateral damage issues. From that perspective, this starts to get interesting,” said Adam Firestone, an Army veteran, instructor and a weapons system engineer. Firestone and other experts said the battlefield of the future will surely include more capabilities for guiding bullets and bombs, but what will make the difference will be communication improvements and intelligence sharing systems that take advantage of the high-tech weapons while linking each soldier together. Defense department researchers and contractors are already developing flying nano-bots that can stream live video, contact lenses that would allow soldiers to focus simultaneously on virtual digital images and their surroundings, and smartphone apps that help with tactical operations. “Where we’re going is to a world where the individual soldier, Marine, sailor or airman lives in a bath of knowledge. The world would be surreal in the original sense of super real. When you look at something, you see what you need to see when you need to see it,” Firestone said. “They will have the ability to make decisions more accurately and that will have a significant impact.” KLwVVYV3_K4

IT-Networks - Latest Security and Tech News

Notorious Hacker TinKode Arrested In Romania

ITN News — Thu, 02 Feb 2012 16:42:46 +0000

Romanian police have arrested the hacker who gained notoriety for hacking into Pentagon and NASA computer systems. Razvan Manole Cernaianu, a 20-year-old who goes by the Internet name TinKode, allegedly revealed security holes and published information about SQL injection vulnerabilities he discovered. The Romanian Directorate for Investigating Organized Crime and Terrorism (DIICOT) said the hacker also offered a computer program to hack into websites on his blog, and published a video showing Internet attacks he had orchestrated against the U.S. government. In November 2010, TinKode also allegedly hacked into the British Royal Navy’s official website and exposed the site’s passwords. A report by the Associated Press said the U.S. Embassy in Bucharest claimed Cernaianu is an IT student who used “used sophisticated hacking tools to gain unauthorized access to government and commercial systems.” Cernaianu allegedly was the hacker who tapped into a computer server at NASA’s Goddard Space Flight Center last April, and posted a screen grab of an FTP server containing files connected to confidential satellite data. TinKode also hacked into websites of the European Space Agency and MySQL. He ended up exploiting an SQL injection flaw after hacking into MySQL. Officers for the FBI and NASA helped play a role in the investigation that led to the arrest of Cernaianu.

IT-Networks - Latest Security and Tech News

Ukraine Shuts Down Leading File-Sharing Site

ITN News — Wed, 01 Feb 2012 20:11:27 +0000

Ukrainian authorities have shut down a popular file-sharing website saying it violates copyright laws, officials said Wednesday. Interior Ministry Spokesman Volodymyr Polishchuk said that Ex.ua was closed Tuesday after complaints from Microsoft, Adobe and other companies. The ministry said it has confiscated 200 servers that were used to support the website and law enforcement agents were questioning 16 of its employees. The Recording Industry Association of America has named Ex.ua among the world’s worst Internet piracy sites. Shortly after Ex.ua went down Tuesday, the Interior Ministry’s own website became inoperable. Polishchuk said this was likely a work of hackers. Ex.ua representatives could not be immediately reached for comment. Millions of Ukrainians have uploaded and downloaded music, movies, and software from the website since it was founded in 2009.

IT-Networks - Latest Security and Tech News

Swarm of Autonomous Robots Flies Complicated Formations

ITN News — Wed, 01 Feb 2012 20:09:22 +0000

Forget the Blue Angels — these nano quadrotors from the University of Pennsylvania’s GRASP Laboratory can fly in some pretty stunning formations. You might remember these robots from other YouTube videos where they’ve autonomously built structures and shown incredible dexterity by doing flips and darting through tiny windows. If you find the idea of a buzzing swarm of autonomous robots that look like escapees from Space Invaders disconcerting, too bad, because robot swarms are gaining in popularity among researchers. Some, like the Kilobots from Harvard’s Wyss Institute for Biologically Inspired Engineering, are used to study collective algorithms. Others, like the Swarming Micro Air Vehicle Network from Switzerland’s Ecole Polytechnic Federale de Lausanne, are designed to create instant communication networks in disaster areas for rescue workers. What’s stunning about GRASP Laboratory’s project is just how dexterous the swarm is. For a swarm to operate in the real world, it has to navigate a host of obstacles not found in a lab: wind, trees, birds, children with lawyers for parents. What’s more, any final model is bound to be expensive, meaning the military won’t be pleased if one of these things hits a power line. So next time you hear a deafening buzzing sound coming from the sky, don’t worry: It’s not a swarm of bees coming for you, it’s just a swarm of unfeeling, autonomous robots.

IT-Networks - Latest Security and Tech News

Hacker defaces EA forums

ITN News — Wed, 01 Feb 2012 18:49:59 +0000

EA was forced to shut down its forums yesterday due to a hacker attack. The intruder “defaced” the forum’s front page, though it is not believed that any personal data was accessed or lost. EA thinks it has identified and repaired the vulnerability that permitted the actions and the forums are now back online. “As some of you noticed the homepage of the forums was defaced by a hacker yesterday using a very new exploit for the software which runs the forums,” EA community manager Dan Sheridan stated. “This was noticed quickly and we took the action to take the forums offline while we investigated the details. This work is now complete and the vulnerability we believe was used has now been fixed. “There is no evidence that any personal data was compromised and as passwords aren't stored in a recoverable manor, we are confident they remain secure.”

IT-Networks - Latest Security and Tech News

“Slain” Kelihos botnet still spams from beyond the grave

ITN News — Wed, 01 Feb 2012 18:17:47 +0000

A botnet capable of delivering almost four billion spam messages per day has been confirmed resurrected—more than four months after Microsoft celebrated its untimely demise. Researchers with Kaspersky Lab reported on Tuesday that Kelihos, a peer-to-peer botnet that also goes by the name Hlux, continues to spew spam in a variety of languages. A new version of the underlying malware appeared as early as September 28, 2011, a day after Microsoft took credit for disrupting the rogue network by commandeering the infected computers and obtaining a court order seizing the Internet addresses used to help control them. The resurrection highlights the difficulty of permanently severing botnets from the Internet. Because Kelihos used peer-to-peer technology, it was disrupted—or "sinkholed," in takedown parlance—by seeding the network with machines that caused their peers to take orders from benign channels under the control of white hats. The takedown process never actually removed the underlying malware from infected machines, making it possible for the attackers to one day regain control of them. “It is impossible to neutralize a botnet by taking control over the controller machines or substituting the controller list without any additional actions,” Kaspersky Lab expert Maria Garnaeva wrote in Tuesday's blog post. “The botnet master might know the list of active router IPs, can connect to them directly and push the bot update again along with the new controllers list.” Word of the revival contrasts with comments made back in September by Microsoft senior attorney Richard Domingues Boscovich. “When Microsoft takes a botnet down, we intend to keep it down," he said at the time, "and we will continue to to take action to protect our customers and platforms and hold bot herders accountable for their actions.” The software maker took particular offense to Kelihos because it bore a strong resemblance to Waledac, another spam botnet that Microsoft disabled in early 2010. By contrast, in a post a day or two after Boscovich's comments, Kaspersky Lab Researcher Tillman Werner warned that it was impossible to kill Kelihos unless the compromised PCs received instructions that disinfected them. Legal concerns have so far mostly dissuaded authorities and researchers from issuing such commands without the explicit permission of the machines's owners, although last year the FBI crippled the notorious Coreflood botnet by disabling the malware until the next reboot. The use of government-run servers to deliver such commands was unprecedented.

IT-Networks - Latest Security and Tech News

Did the FBI use spyware on Megaupload?

ITN News — Wed, 01 Feb 2012 17:35:10 +0000

In one exchange, Megaupload managers fretted via Skype IM chat in 2007 that founder Kim Dotcom wasn't "safe with his money" and "the current situation is a bit risky", according to documents US authorities filed with a New Zealand court this month as part of their criminal pursuit of the embattled cyberlocker service. While it's still not clear how federal investigators gained access to the conversations of founder Kim Dotcom and other top managers, there are hints that the FBI managed to place government-issued spyware on the defendants' computers. The FBI cites alleged conversations between Dotcom and his top lieutenants, including email and Skype instant-messaging logs. Some of the records go back nearly five years, to Megaupload's earliest days as a cyberlocker service — even though Skype says "IM history messages will be stored for a maximum of 30 days" and the criminal investigation didn't begin until a few months ago. Sources told ZDNet Australia's sister site CNET yesterday that Skype, the internet phone service now owned by Microsoft, was not asked by the feds to turn over information and was not served with legal process. The US Department of Justice told CNET that it obtained a judge's approval before securing the correspondence, which wouldn't have been necessary in the case of an informant. "Electronic evidence was obtained through search warrants, which are reviewed and approved by a US court," a spokesperson for the US Attorney for the Eastern District of Virginia said. In 2007, the FBI obtained court approval to implant spyware called CIPAV on a suspect's computer, which transmitted to government computers an ongoing log of the user's outbound connections. Documents obtained by CNET through the Freedom of Information Act in 2009 show that CIPAV has been used in investigations designed to nab extortionists, database-deleting hackers, child molesters and hitmen. Skype saves chat records with contacts in a directory on the local hard drive, which could be accessed by FBI-planted spyware. It's not only the FBI that uses spyware to intercept communications. Last year, the Chaos Computer Club discovered that German police were using spyware that could activate the suspect's microphone and webcam. The Megaupload indictment is unusually long and detailed, weighing in at over 70 pages, and was drafted last year. US officials filed additional documents with the New Zealand court during Dotcom's bail hearing. Dotcom (aka Kim Schmitz) wasn't arrested in New Zealand until 19 January. Yesterday, Megaupload users learned that their data would not be deleted for at least two weeks. The feds allege that Dotcom and six other Megaupload employees enabled millions of people to use the company's cyberlockers to store pirated TV shows and films and then share them with each other without compensating creators. The government accuses Megaupload's administrators of pocketing millions and has charged them with money laundering, racketeering and piracy. Ira Rothken, Megaupload's attorney, declined to comment yesterday about how his client's internal documents were obtained by the government, but said the government's "allegations are flimsy under the law". New Zealand police raided the home of Dotcom in a rural area outside of Auckland. The US Government is seeking to extradite Dotcom; a local judge denied bail and an extradition hearing is scheduled for 22 February. Via CNET

IT-Networks - Latest Security and Tech News