Security

Lizard Squad Hits Malaysia Airlines Website 41

Posted by Soulskill
from the kicking-them-when-they're-down dept.
An anonymous reader writes: Lizard Squad, the hacking collaborative that went after the PlayStation Network, Xbox Live, and the North Korean internet last year, has now targeted Malaysia Airlines with an attack. Bloomberg links to images of the hacks (including the rather heartless 404 jab on its home page) and columnist Adam Minter wonders why Malaysia Airlines, which has had so much bad press in the past 12 months, was worthy of Lizard Squad's ire. In apparent answer, @LizardMafia (the org's reputed Twitter handle) messaged Mr. Minter this morning: "More to come soon. Side Note: We're still organizing the @MAS email dump, stay tuned for that."
Opera

Opera Founder Is Back, WIth a Feature-Heavy, Chromium-Based Browser 158

Posted by timothy
from the sink-within-a-sink dept.
New submitter cdysthe writes Almost two years ago, the Norwegian browser firm Opera ripped out the guts of its product and adopted the more standard WebKit and Chromium technologies, essentially making it more like rivals Chrome and Safari. But it wasn't just Opera's innards that changed; the browser also became more streamlined and perhaps less geeky. Many Opera fans were deeply displeased at the loss of what they saw as key differentiating functionality. So now Jon von Tetzchner, the man who founded Opera and who would probably never have allowed those drastic feature changes, is back to serve this hard core with a new browser called Vivaldi. The project's front page links to downloads of a technical preview, available for Linux, Mac OS X, and Windows. Firefox users who likewise prefer a browser with more rather than fewer features (but otherwise want to stick with Firefox) might also consider SeaMonkey, which bundles not just a browser but email, newsgroup client and feed reader, HTML editor, IRC chat and web development tools.
Social Networks

Twitter Moves To Curb Instagram Links 114

Posted by timothy
from the breaking-the-habit dept.
Hammeh writes According to a report on Mashable, Twitter have sent out messages to some of their high profile users prompting them to share images using Twitter's own service rather than Instagram links. The news comes 2 years since Instagram pulled support for Twitter cards and has been part of the continuing battle between the two social networks. With Instagram now having overtaken Twitter in terms of users, this may be a move to try and use high profile users to show off Twitter's own image and content tools.
Facebook

Facebook Will Let You Flag Content As 'False' 224

Posted by Soulskill
from the things-that-definitely-certainly-won't-ever-be-abused-at-all dept.
jfruh writes: If you're tired of seeing fake or misleading news articles posted by your friends to Facebook and then spreading like wildfire, you might be in luck. In a system that's something like Slashdot comment moderation on a grand scale, you'll now be able to flag a story as false. Links that have been flagged this way by many users will appear less frequently in people's newsfeeds, or with a disclaimer attached.
Cellphones

Moscow To Track Cell-phone Users In 2015 For Traffic Analysis 63

Posted by timothy
from the why-do-you-hate-freedom? dept.
An anonymous reader links to this story at The Stack (based on this translated report) that "The Moscow authorities will begin using the signal from Muscovites' cell-phones in 2015 to research patterns of traffic and points of congestion, with a view to changes in travel infrastructure including roads, the Moscow metro and bus services. The tracking, which appears to opt all users in unilaterally, promises not to identify individual cell-phone numbers, and will use GSM in most cases, but also GPS in more densely-constructed areas of the old city. The system is already in limited use on the roads, but will be extended to pedestrians and subway users in 2015. The city of 11.5 million people has three main cell providers, all of whom cooperate fully with authorities' request for information. A representative of one, Beeline, said: "We prepare reports that detail where our subscribers work, live, move, and other aspects."
Government

NSA Hack of N. Korea Convinced Obama NK Was Behind Sony Hack 181

Posted by timothy
from the that's-how-clever-it-was dept.
Mike Lape links to a NYTimes piece which says "The evidence gathered by the 'early warning radar' of software painstakingly hidden to monitor North Korea's activities proved critical in persuading President Obama to accuse the government of Kim Jong-un of ordering the Sony attack, according to the officials and experts, who spoke on the condition of anonymity about the classified N.S.A. operation." From the linked article: For about a decade, the United States has implanted “beacons,” which can map a computer network, along with surveillance software and occasionally even destructive malware in the computer systems of foreign adversaries. The government spends billions of dollars on the technology, which was crucial to the American and Israeli attacks on Iran’s nuclear program, and documents previously disclosed by Edward J. Snowden, the former security agency contractor, demonstrated how widely they have been deployed against China. ... The extensive American penetration of the North Korean system also raises questions about why the United States was not able to alert Sony as the attacks took shape last fall, even though the North had warned, as early as June, that the release of the movie “The Interview,” a crude comedy about a C.I.A. plot to assassinate the North’s leader, would be “an act of war.”
Education

Chicago E-Learning Scheme Embraces Virtual Badges For Public Schoolers 46

Posted by timothy
from the credit-for-hooky dept.
theodp (442580) writes "Over at the Chicago City of Learning, children are asked to join the CPS Connects initiative and instructed to provide their Chicago Public School (CPS) student ID to "connect your learning experiences in your school and around the city". Doing so, explains the website, will allow kids to "earn digital badges that unlock new, related opportunities and can give access to live learning experiences throughout Chicago from program partners," which will serve as "an indicator of achievement to colleges and employers." The initiative aims to "get 80% of all 3rd-12th grade students to claim their accounts by January 30th." Before you scoff at the idea that a child's future could depend on his or her Digital Badge collection, consider that the supporters helping government make it happen include the MacArthur Foundation, Gates Foundation, and Mozilla, and a number of business and education partners have made public pledges committing to help accelerate the spread and scale of digital badges for learning. Digital badge-based employment has also earned a thumbs-up from the White House. It's unclear, but might make sense that Chicago kids' digital badges will be collected and shared in the citywide data warehouse being built by the 'cradle-to-career' Thrive Chicago initiative, which is working with the Mayor's Office and CPS to develop a "data system that integrates data from multiple partner agencies, links program participation data to other youth data, and provides a web interface where partner agencies can access youth data targeted on improving youth outcomes at the individual and aggregate levels." After all, the data collected will include "student demographics, school attendance, grades, student behavior, out of school time program participation, and progress to graduation." Not only that, Thrive Chicago's Leadership Council includes the interim President of the MacArthur Foundation (as well as Microsoft and IBM employees)." Update: 01/12 15:52 GMT by T : An earlier version of this story misstated the name of the MacArthur Foundation, which has now been corrected.
Space

Hubble Takes Amazing New Images of Andromeda, Pillars of Creation 97

Posted by Soulskill
from the my-god-it's-full-of-stars dept.
The Hubble Space Telescope was launched in April, 1990. In 1995, it presented us with one of its most iconic images: a close-up of gas pillars in the Eagle Nebula, dubbed the "Pillars of Creation." Now, as HST approaches its 25th anniversary, astronomers have re-shot the pillars at a much higher resolution. Here are direct images links: visible light, comparison with old image, near-infrared light. "The infrared view transforms the pillars into eerie, wispy silhouettes seen against a background of myriad stars. That's because the infrared light penetrates much of the gas and dust, except for the densest regions of the pillars. Newborn stars can be seen hidden away inside the pillars."

That's not the only new image from Hubble today: NASA has also released the most high definition view of the Andromeda Galaxy that we've ever seen. Here's a web-friendly image, but that doesn't really do it justice. The full image is 69,536 px by 22,230 px. To see Andromeda in all its glory, visit the ESA's dedicated, zoomable site that contains all the image data. At the highest zoom levels, you can make out a mind-blowing number of individual stars. Andromeda is over 2 million light-years distant.
Open Source

Slashdot Asks: The Beanies Return; Who Deserves Recognition for 2014? 299

Posted by timothy
from the for-contributions-and-general-awesomeness dept.
It's been a long time since Slashdot has awarded the Beanies -- nearly 15 years, in fact. But there's no time like the present, especially since tomorrow edges on the new year, and in early 2015 we'd like to offer a Beanie once again, to recognize and honor your favorite person, people (or project; keep reading) of the past year. Rather than a fine-grained list of categories like in 2000, though, this time around we're keeping it simple: we can always complicate things later, if warranted. So, please nominate below whoever you think most deserves kudos for the last twelve months. Is it ...

Read on below to see how you can take part, and then nominate your favorite in the comments below.

Security

Norse Security IDs 6, Including Ex-Employee, As Sony Hack Perpetrators 158

Posted by timothy
from the enough-blame-to-go-around dept.
chicksdaddy writes Alternative theories of who is responsible for the hack of Sony Pictures Entertainment have come fast and furious in recent weeks -- especially since the FBI pointed a finger at the government of North Korea last week. But Norse Security is taking the debate up a notch: saying that they have conclusive evidence pointing to group of disgruntled former employees as the source of the attack and data theft. The Security Ledger quotes Norse Vice President Kurt Stammberger saying that Norse has identified a group of six individuals — in the U.S., Canada, Singapore and Thailand — that it believes carried out the attack, including at least one 10-year employee of SPE who worked in a technical capacity before being laid off in May. Rather than starting from the premise that the Sony hack was a state sponsored attack, Norse researchers worked their investigation like any other criminal matter: starting by looking for individuals with the "means and motive" to do the attack.

HR files leaked in the hack provided the motive part: a massive restructuring in Spring, 2014, in which many longtime SPE employees were laid off. After researching the online footprint of a list of all the individuals who were fired and had the means to be able to access sensitive data on Sony's network, Norse said it identified a handful who expressed anger in social media posts following their firing. They included one former employee — a 10-year SPE veteran who he described as having a "very technical background." Researchers from the company followed that individual online, noting participation in IRC (Internet Relay Chat) forums where they observed communications with other individuals affiliated with underground hacking and hacktivist groups in Europe and Asia. According to Stammberger, the Norse investigation was eventually able to connect an individual directly involved in conversations with the Sony employee with a server on which the earliest known version of the malware used in the attack was compiled, in July, 2014.
Sony

US Links North Korea To Sony Hacking 182

Posted by samzenpus
from the who's-to-blame dept.
schwit1 writes Speaking off the record, senior intelligence officials have told the New York Times, CNN, and other news agencies that North Korea was "centrally involved" in the hack of Sony Pictures Entertainment. It is not known how the US government has determined that North Korea is the culprit, though it is known that the NSA has in the past penetrated North Korean computer systems. Previous analysis of the malware that brought down Sony Pictures' network showed that there were marked similarities to the tools used in last year's cyber-attack on South Korean media companies and the 2012 "Shamoon" attack on Saudi Aramco. While there was speculation that the "DarkSeoul" attack in South Korea was somehow connected to the North Korean regime, a firm link was never published.
Electronic Frontier Foundation

Federal Court Nixes Weeks of Warrantless Video Surveillance 440

Posted by timothy
from the if-you-watch-someone-long-enough dept.
An anonymous reader writes with this news from the EFF's Deep Links: The public got an early holiday gift today when a federal court agreed with us that six weeks of continually video recording the front yard of someone's home without a search warrant violates the Fourth Amendment. In United States v. Vargas local police in rural Washington suspected Vargas of drug trafficking. In April 2013, police installed a camera on top of a utility pole overlooking his home. Even though police did not have a warrant, they nonetheless pointed the camera at his front door and driveway and began watching every day. A month later, police observed Vargas shoot some beer bottles with a gun and because Vargas was an undocumented immigrant, they had probable cause to believe he was illegally possessing a firearm. They used the video surveillance to obtain a warrant to search his home, which uncovered drugs and guns, leading to a federal indictment against Vargas.
Movies

Blade Runner 2 Script Done, Harrison Ford Says "the Best Ever" 299

Posted by timothy
from the you're-in-a-desert-walking-along-in-the-sand dept.
BarbaraHudson (3785311) writes "It's been more than 30 years, but finally the script for Blade Runner 2 is done. Original interview with Ridley Scott on MTV. Links for those who don't want to watch the interview. If you're worried that the upcoming Blade Runner sequel won't measure up to the 1982 sci-fi cult classic, rest assured. Harrison Ford apparently thinks the script is "the best thing (he's) ever read." Although Scott is debating whether or not he'll direct the sequel, it looks like Ford will most certainly be reprising his role as Rick Deckard."
Piracy

IsoHunt Unofficially Resurrects the Pirate Bay 116

Posted by Soulskill
from the they're-spartacus dept.
An anonymous reader writes: Torrent site isoHunt appears to have unofficially resurrected The Pirate Bay at oldpiratebay.org. At first glance, The Old Pirate Bay seems to be just a commemorative site for The Pirate Bay, which went down this week after police raided its data center in Sweden. Upon further inspection, however, it turns out the site is serving new content. This is much more than just a working archive of The Pirate Bay; it has a functioning search engine, all the old listings, and working magnet links.
Education

2014 Geek Gift Guide 113

Posted by Soulskill
from the watch-out-for-robot-santa dept.
With the holidays coming up, Bennett Haselton has updated his geek-oriented gift guide for 2014. He says: Some of my favorite gifts to give are still the ones that were listed in several different previously written posts, while a few new cool gift ideas emerged in 2014. Here are all my current best recommendations, listed in one place. Read on for the list, or to share any suggestions of your own.
Security

FBI: Wiper Malware Has Korean Language Packs, Hard Coded Targets 81

Posted by Soulskill
from the brace-for-cyber-impact dept.
chicksdaddy sends news that the FBI has issued a warning to U.S. businesses over a "destructive" malware campaign using advanced tools. They don't name specific targets, but the information fits with the details from last week's attack on Sony Pictures, which led to the leak of several unreleased movies. A copy of the FBI's recent five-page FLASH alert reveals that the malware alleged to have wiped out systems at Sony Pictures Entertainment deployed a number of malicious modules, including a version of a commercial disk wiping tool on target systems. Samples of the malware obtained by the FBI were also found to contain configuration files created on systems configured with Korean language packs. The use of Korean could strengthen theories that the destructive cyber attacks have links to North Korea, though it is hardly conclusive. It does appear that the attack was targeted at a specific organization. The malware analyzed by the FBI contained a hard coded list of IP addresses and computer host names.
Open Source

Critical XSS Flaws Patched In WordPress and Popular Plug-In 41

Posted by timothy
from the switch-to-slashcode dept.
itwbennett writes The WordPress development team on Thursday released critical security updates that address an XSS vulnerability in the comment boxes of WordPress posts and pages. An attacker could exploit this flaw to create comments with malicious JavaScript code embedded in them that would get executed by the browsers of users seeing those comments. 'In the most obvious scenario the attacker leaves a comment containing the JavaScript and some links in order to put the comment in the moderation queue,' said Jouko Pynnonen, the security researcher who found the flaw.
Science

CMI Director Alex King Talks About Rare Earth Supplies (Video 2) 11

Posted by Roblimo
from the the're-still-looking-for-unobtanium dept.
Yesterday we ran video #1 of 2 about the Critical Materials Institute (CMI) at the Iowa State Ames Laboratory in Ames, Iowa. They have partners from other national laboratories, universities, and industry, too. Obviously there is more than enough information on this subject that Dr. King can easily fill two 15-minute videos, not to mention so many Google links that instead of trying to list all of them, we're giving you one link to Google using the search term "rare earths." Yes, we know Rare Earth would be a great name for a rock band. But the mineral rare earths are important in the manufacture of items ranging from strong magnets to touch screens and rechargeable batteries, so please watch the video(s) or at least read the transcript(s). (Alternate Video Link)
Hardware

CMI Director Alex King Talks About Rare Earth Supplies (Video) 27

Posted by Roblimo
from the we're-talking-about-minerals-not-the-band dept.
CMI in this context is the Critical Materials Institute at the Iowa State Ames Laboratory in Ames, Iowa. They have partners from other national laboratories, universities, and industry, too. Rare earths, while not necessarily as rare as the word "rare" implies, are hard to mine, separate, and use. They are often found in parts per million quantities, so it takes supercomputers to suss out which deposits are worth going after. This is what Dr. King and his coworkers spend their time doing; finding concentrations of rare earths that can be mined and refined profitably.

On November 3 we asked you for questions to put to Dr. King. Timothy incorporated some of those questions into the conversation in this video -- and tomorrow's video too, since we broke this into two parts because, while the subject matter may be fascinating, we are supposed to hold video lengths down to around 10 minutes, and in this case we still ended up with two videos close to 15 minutes each. And this stuff is important enough that instead of lining up a list of links, we are giving you one link to Google using the search term "rare earths." Yes, we know Rare Earth would be a great name for a rock band. But the mineral rare earths are important in the manufacture of items from strong magnets to touch screens and rechargeable batteries. (Alternate Video Link)