Distributing RSS/ATOM feeds displayed here.
An anonymous reader writes Guests at hundreds of hotels around the world are susceptible to serious hacks because of routers that many hotel chains depend on for their Wi-Fi networks. Researchers have discovered a vulnerability in the systems, which would allow an attacker to distribute malware to guests, monitor and record data sent over the network, and even possibly gain access to the hotel's reservation and keycard systems. The vulnerability, which was discovered by Justin W. Clarke of the security firm Cylance, gives attackers read-write access to the root file system of the ANTlabs devices. The discovery of the vulnerable systems was particularly interesting to them in light of an active hotel hacking campaign uncovered last year by researchers at Kaspersky Lab. In that campaign, which Kaspersky dubbed DarkHotel. Read more of this story at Slashdot.
An anonymous reader sends word that Amazon is now offering unlimited cloud storage plans to compete with Google Drive, and Microsoft OneDrive. "Last year, Amazon gave a boost to its Prime members when it launched a free, unlimited photo storage for them on Cloud Drive. Today, the company is expanding that service as a paid offering to cover other kinds of content, and to users outside of its loyalty program. Unlimited Cloud Storage will let users get either unlimited photo storage or "unlimited everything" — covering all kinds of media from videos and music through to PDF documents — respectively for $11.99 or $59.99 per year." Read more of this story at Slashdot.
rHBa writes The BBC reports that the UK mapping organization Ordnance Survey has added 4 new products to its open data portfolio: OS Local, Names, Rivers and Roads. Perhaps the most interesting of the free data sets is OS Local which provides a base map to identify "hotspots" such as property pricing, insurance risk, and crime. The OS are not creating a new Google Maps-style service of their own but rather are providing their data for use by other third-party apps and online tools. They expect developers and designers to use the data to enhance their own products and improve the information people can access via the web. Read more of this story at Slashdot.
Zothecula writes By cladding a living cell with graphene quantum dots, researchers at the University of Illinois at Chicago (UIC) claim to have created a nanoscale biomicrorobot (or cytobot) that responds electrically to changes in its environment. This work promises to lay the foundations for future generations of bio-derived nanobots, biomicrorobotic-mechanisms, and micromechanical actuation for a wide range of applications. "UIC researchers created an electromechanical device — a humidity sensor — on a bacterial spore. They call it NERD, for Nano-Electro-Robotic Device. The report is online at Scientific Reports, a Nature open access journal." Read more of this story at Slashdot.
ancientribe writes Once again, SSL/TLS encryption is getting dogged by outdated and weak options that make it less secure. This time, it's the weak keys in the older RC4 crypto algorithm, which can be abused such that an attacker can sniff credentials or other data in an SSL session, according to a researcher who revealed the hack today at Black Hat Asia in Singapore.A slice: Bar Mitzvah exploits the weak keys used by RC4 and allows an attacker to recover plain text from the encrypted information, potentially exposing account credentials, credit card data, or other sensitive information. And unlike previous SSL hacks, this one doesn't require an active man-in-the-middle session, just passive sniffing or eavesdropping on SSL/TLS-encrypted connections, [researcher Itsik] Mantin says. But MITM could be used as well, though, for hijacking a session, he says. Read more of this story at Slashdot.
msm1267 writes Students from M.I.T. have devised a new and more efficient way to scour raw code for integer overflows, the troublesome programming bugs that serve as a popular exploit vector for attackers and often lead to the crashing of systems. Researchers from the school's Computer Science and Artificial Intelligence Laboratory (CSAIL) last week debuted the platform dubbed DIODE, short for Directed Integer Overflow Detection. As part of an experiment, the researchers tested DIODE on code from five different open source applications. While the system was able to generate inputs that triggered three integer overflows that were previously known, the system also found 11 new errors. Four of the 11 overflows the team found are apparently still lingering in the wild, but the developers of those apps have been informed and CSAIL is awaiting confirmation of fixes. Read more of this story at Slashdot.
netbuzz writes In what may be a first for the technology industry, RSA Conference 2015 next month apparently will be bereft of a long-controversial trade-show attraction: "booth babes." New language in its exhibitor contract, while not using the term 'booth babe," leaves no doubt as to what type of salesmanship RSA wants left out of its event. Says a conference spokeswoman: "We thought this was an important step towards making all security professionals feel comfortable and equally respected during the show." Easier at a venue like RSA; the annual Consumer Electronics Show, not so much. Read more of this story at Slashdot.
An anonymous reader writes As nations compete to build the first operational autonomous car, German auto-manufacturers fear that current domestic laws limit their efforts to test the appropriate software for self-driving vehicles on public roads. German carmakers are concerned that these roadblocks are allowing U.S. competitors, such as Google, to race ahead in their development of software designed to react effectively when placed in real-life traffic scenarios. Car software developers are particularly struggling to deal with the ethical challenges often raised on the road. For example when faced with the decision to crash into a pedestrian or another vehicle carrying a family, it would be a challenge for a self-driving car to follow the same moral reasoning a human would in the situation. 'Technologically we can do fully automated self-driving, but the ethical framework is missing,' said Volkswagen CEO Martin Winterkorn. Read more of this story at Slashdot.
Let's kill the suspense right away by answering the title question, 'Probably not.' For one thing, according to interviewee Alfred Poor, the Apple Watch is in no way linked to the Apple Research Kit. Dr. Poor is editor of the Health Tech Insider website, so he follows this kind of thing more carefully than most people. And the Apple watch is not the only device mentioned in this video (or transcript, if you prefer reading to listening). If you want to ruminate about the possibility of direct mind control, for instance, you need to know about the Thync, whose vendor calls it 'A groundbreaking wearable device that enables you to shift your state of mind in minutes.' They say it 'induces on-demand shifts in energy, calm, or focus.' It even has a 'pleasure' setting. Crank that to 11 and you might happily spend your days prone, being fed by a drip and emptied by a catheter, moving only when an attendant turns you over to keep bedsores from developing -- not that you'll care if they do -- as ...
execution time : 0.251 sec