Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

  • Securing Networks In the Internet of Things Era

    An anonymous reader writes "Gartner reckons that the number of connected devices will hit 26 billion by 2020, almost 30 times the number of devices connected to the IoT in 2009. This estimate doesn't even include connected PCs, tablets and smartphones. The IoT will represent the biggest change to our relationship with the Internet since its inception. Many IoT devices themselves suffer from security limitations as a result of their minimal computing capabilities. For instance, the majority don't support sufficiently robust mechanisms for authentication, leaving network admins with only weak alternatives or sometimes no alternatives at all. As a result, it can be difficult for organizations to provide secure network access for certain IoT devices."

    4 comments | about half an hour ago

  • Researchers Made a Fake Social Network To Infiltrate China's Internet Censors

    Jason Koebler writes: In order to get inside China's notorious internet filter, Harvard researcher Gary King created his own fake social network to gain access to the programs used to censor content, so he could reverse-engineer the system. "From inside China, we created our own social media website, purchased a URL, rented server space, contracted with one of the most popular software platforms in China used to create these sites, submitted, automatically reviewed, posted, and censored our own submissions," King wrote in a study published in Science. "We had complete access to the software; we were even able to get their recommendations on how to conduct censorship on our own site in compliance with government standards."

    47 comments | yesterday

  • It's Easy To Hack Traffic Lights

    An anonymous reader notes coverage of research from the University of Michigan into the ease with which attackers can hack traffic lights. From the article: As is typical in large urban areas, the traffic lights in the subject city are networked in a tree-type topology, allowing them to pass information to and receive instruction from a central management point. The network is IP-based, with all the nodes (intersections and management computers) on a single subnet. In order to save on installation costs and increase flexibility, the traffic light system uses wireless radios rather than dedicated physical networking links for its communication infrastructure—and that’s the hole the research team exploited. ... The 5.8GHz network has no password and uses no encryption; with a proper radio in hand, joining is trivial. ... The research team quickly discovered that the debug port was open on the live controllers and could directly "read and write arbitrary memory locations, kill tasks, and even reboot the device (PDF)." Debug access to the system also let the researchers look at how the controller communicates to its attached devices—the traffic lights and intersection cameras. They quickly discovered that the control system’s communication was totally non-obfuscated and easy to understand—and easy to subvert.

    132 comments | yesterday

  • Heartbleed To Blame For Community Health Systems Breach

    An anonymous reader writes: The Heartbleed vulnerability is the cause of the data breach at Community Health Systems, which resulted in 4.5 million records (containing patient data) being compromised. According to a blog post from TrustedSec, the attackers targeted a vulnerable Juniper router and obtained credentials, which allowed them access to the network's VPN.

    86 comments | 2 days ago

  • Why Chinese Hackers Would Want US Hospital Patient Data

    itwbennett (1594911) writes In a follow-up to yesterday's story about the Chinese hackers who stole hospital data of 4.5 million patients, IDG News Service's Martyn Williams set out to learn why the data, which didn't include credit card information, was so valuable. The answer is depressingly simple: people without health insurance can potentially get treatment by using medical data of one of the hacking victims. John Halamka, chief information officer of the Beth Israel Deaconess Medical Center and chairman of the New England Healthcare Exchange Network, said a medical record can be worth between $50 and $250 to the right customer — many times more than the amount typically paid for a credit card number, or the cents paid for a user name and password. "If I am one of the 50 million Americans who are uninsured ... and I need a million-dollar heart transplant, for $250 I can get a complete medical record including insurance company details," he said.

    170 comments | 3 days ago

  • Knocking Down the Great Firewall of China

    New submitter Nocturrne writes: The FOSS project Lantern is having great success in unblocking the internet for many users in oppressive regimes, like China and Iran. Much like Tor and BitTorrent, Lantern is using peer-to-peer networking to overcome firewalls, but with the additional security of a trusted network of friends. "If you download Lantern in an uncensored region, you can connect with someone in a censored region, who can then access whatever content they want through you. What makes the system so unique is that it operates on the basis of trust. ... Through a process called consistent routing, the amount of information any single Lantern user can learn about other users is limited to a small subset, making infiltration significantly more difficult." The network of peers is growing, but we need more friends in uncensored countries to join us.

    167 comments | about a week ago

  • Leaked Documents: GCHQ Made Port-Scanning Entire Countries a Standard Spy Tool

    Advocatus Diaboli writes with this excerpt from Heise: Since the early days of TCP, port scanning has been used by computer saboteurs to locate vulnerable systems. In a new set of top secret documents seen by Heise, it is revealed that in 2009, the British spy agency GCHQ made port scans a "standard tool" to be applied against entire nations. Twenty-seven countries are listed as targets of the HACIENDA program in the presentation, which comes with a promotional offer: readers desiring to do reconnaissance against another country need simply send an e-mail. Also from the article: The list of targeted services includes ubiquitous public services such as HTTP and FTP, as well as common administrative protocols such as SSH (Secure SHell protocol – used for remote access to systems) and SNMP (Simple Network Management Protocol – used for network administration) (Figure 4). Given that in the meantime, port scanning tools like Zmap have been developed which allow anyone to do comprehensive scans, it is not the technology used that is shocking, but rather the gargantuan scale and pervasiveness of the operation.

    58 comments | about a week ago

  • Groundwork Laid For Superfast Broadband Over Copper

    itwbennett writes: Telecom equipment vendor Adtran has developed a technology that will make it easier for operators to roll out broadband speeds close to 500Mbps over copper lines. Adtran's FDV (Frequency Division Vectoring), enhances the capabilities of two technologies — VDSL2 with vectoring and G.fast — by enabling them to better coexist over a single subscriber line, the company said. VDSL2 with vectoring, which improves speeds by reducing noise and can deliver up to 150Mbps, is currently being rolled out by operators, while G.fast, which is capable of 500Mbps, is still under development, with the first deployments coming in mid-2015. FDV will make it easier for operators to roll out G.fast once it's ready and expand where it can be used, according to Adtran. Meanwhile, Ars Technica has an article about how Verizon is letting its copper network rot in order to passively encourage customers to switch to fiber.

    93 comments | about a week ago

  • Supervalu Becomes Another Hacking Victim

    plover sends this news about another possible exposure of customer data: Supervalu is the latest retailer to experience a data breach, announcing today that cybercriminals had accessed payment card transactions at some of its stores. The Minneapolis-based company said it had "experienced a criminal intrusion" into the portion of its computer network that processes payment card transactions for some of its stores. There was no confirmation that any cardholder data was in fact stolen and no evidence the data was misused, according to the company. The event occurred between June 22 and July 17, 2014 at 180 Supervalu stores and stand-alone liquor stores. Affected banners include Cub Foods, Farm Fresh, Hornbacher's, Shop 'n Save and Shoppers Food & Pharmacy.

    27 comments | about a week ago

  • Watch a Cat Video, Get Hacked: the Death of Clear-Text

    New submitter onproton writes: Citizen Lab released new research today on a targeted exploitation technique used by state actors involving "network injection appliances" installed at ISPs. These devices can target and intercept unencrypted YouTube traffic and replace it with malicious code that gives the operator control over the system or installs a surveillance backdoor. One of the researchers writes, "many otherwise well-informed people think they have to do something wrong, or stupid, or insecure to get hacked—like clicking on the wrong attachments, or browsing malicious websites...many of these commonly held beliefs are not necessarily true." This technique is largely designed for targeted attacks, so it's likely most of us will be safe for now — but just one more reminder to use https.

    166 comments | about a week ago

  • DARPA Contemplates Vast Ocean Network

    coondoggie writes Probably one of the last and perhaps unforgiving areas of the world not truly "wired" is above and below the ocean. Researchers at the Defense Advanced Research Projects Agency (DARPA) want to explore the possibility of seriously changing that notion and develop what it calls "a system-of-systems architecture and critical components to support networked maritime operations, to include undersea, surface, and above surface domains."

    12 comments | about a week ago

  • Kevlar Protects Cables From Sharks, Experts Look For Protection From Shark Week

    Brandon Butler writes As an ode to Shark Week: Sharks have been known to show an appetite for fiber cables underwater, and last week a Google official said to prevent sharks from wreaking havoc on the company's trans-Pacific fiber lines, it wraps them in Kevlar. It's believed that the emission of electrical currents from the fiber piping is mistaken by sharks occasionally as prey. In related news, a growing number of scientists are becoming disgruntled with the Discovery network's sensationalist programs. Many shark experts are refusing to work with the channel after such programs as their Megalodon "documentary" and their latest Shark of Darkness (not to mention the mermaid special, which was sadly missing a singing crab.)

    Sockatume writes The Verge has an article on Discovery's hugely successful Shark Week, discussing how the increasing sensationalist special event misrepresents science and exploits nature and local history for shock value. Scientists who appeared in and were misrepresented by the channel's programming are beginning to encourage their peers to stay away from the Discovery network, which stands by the programming 's viewing figures.

    103 comments | about a week ago

  • T-Mobile To Throttle Customers Who Use Unlimited LTE Data For Torrents/P2P

    New submitter User0x45 writes: Here's a nicely transparent announcement: "T-mobile has identified customers who are heavy data users and are engaged in peer-to-peer file sharing, and tethering outside of T-Mobile’s Terms and Conditions (T&C). This results in a negative data network experience for T-Mobile customers. Beginning August 17, T-Mobile will begin to address customers who are conducting activities outside of T-Mobile’s T&Cs." Obviously, it's not a good announcement for people with unlimited plans, but at least it's clear. T-mobile also pulled the backwards anti-net neutrality thing by happily announcing 'Free Streaming' from select music providers... which is, in effect, making non-select usage fee-based.

    147 comments | about two weeks ago

  • Snowden: NSA Working On Autonomous Cyberwarfare Bot

    WIRED published a long piece on Edward Snowden today (worth a read on its own), and simultaneously broke news of "MonsterMind," an NSA program to monitor all network traffic and detect attacks, responding with a counterattack automatically. From the article: Although details of the program are scant, Snowden tells WIRED in an extensive interview with James Bamford that algorithms would scour massive repositories of metadata and analyze it to differentiate normal network traffic from anomalous or malicious traffic. Armed with this knowledge, the NSA could instantly and autonomously identify, and block, a foreign threat. More than this, though, Snowden suggests MonsterMind could one day be designed to return fire — automatically, without human intervention... Snowden raised two issues with the program: the source of an attack could be spoofed to trick the U.S. into attacking an innocent third party, and the violation of the fourth amendment since the NSA would effectively need to monitor all domestic network traffic for the program to work. Also in Bamford's interview are allegations that the NSA knocked Syria offline in 2012 after an attempt to install intercept software on an edge router ended with the router being bricked.

    194 comments | about two weeks ago

  • Xbox One Will Play Media from USB Devices, DLNA Servers

    New submitter Mauro sends word that Microsoft has announced upcoming Xbox One support for streaming media both from attached USB devices, such as flash drives, and DLNA media servers. Compatibility with a broad list of media formats will be added by the end of the year, including .MKV files. They also followed up last week's announcement of a digital TV tuner with an interesting twist: it will be able to stream broadcasts over a local network to devices running the Smartglass app, which is available on Windows, Android, and iOS.

    112 comments | about two weeks ago

  • Network Hijacker Steals $83,000 In Bitcoin

    An anonymous reader writes with news that bogus BGP announcements can be used to hijack work done by cryptocurrency mining pools. Quoting El Reg: Researchers at Dell's SecureWorks Counter Threat Unit (CTU) have identified an exploit that can be used to steal cryptocurrency from mining pools — and they claim that at least one unknown miscreant has already used the technique to pilfer tens of thousands of dollars in digital cash. The heist was achieved by using bogus Border Gateway Protocol (BGP) broadcasts to hijack networks belonging to multiple large hosting companies, including Amazon, Digital Ocean, and OVH, among others. After sending the fake BGP updates miners unknowingly contributed work to the attackers' pools.

    101 comments | about two weeks ago

  • Facebook Acquires Server-Focused Security Startup

    wiredmikey writes In a move to bolster the security of its massive global server network, Facebook announced on Thursday it was acquiring PrivateCore, a Palo Alto, California-based cybersecurity startup. PrivateCore describes that its vCage software transparently secures data in use with full memory encryption for any application, any data, anywhere on standard x86 servers. "I'm really excited that Facebook has entered into an agreement to acquire PrivateCore," Facebook security chief Joe Sullivan wrote in a post to his own Facebook page. "I believe that PrivateCore's technology and expertise will help support Facebook's mission to help make the world more open and connected, in a secure and trusted way," Sullivan said. "Over time, we plan to deploy PrivateCore's technology directly into the Facebook server stack."

    18 comments | about two weeks ago

  • The Hidden Cost of Your New Xfinity Router

    An anonymous reader writes "The battle over Comcast's public WiFi network that is hosted on your cable modem continues. Comcast responded to Speedify's earlier power measurements by rushing them a new Cisco cable modem. The new modem proved to be more power hungry than the last, and also introduced some tricky IPv6 problems that caused major headaches for the team."

    224 comments | about two weeks ago

  • Why Bhutan Might Get Drone Delivery Copters Before Seattle Does

    From Quartz comes the story of a Silicon Valley start-up trying to kickstart a delivery system using package-laden drones to overfly gridlocked traffic — in Bhutan. Bhutanese roads are slow, the weather can be brutal, and there are very few physicians to go around. That’s why, earlier this year, the Bhutanese government and the World Health Organization reached out to Matternet, a Palo Alto company backed by some big name American investors that develops transportation networks using unmanned aerial vehicles to reach hard-to-access places. ... The project in Bhutan, however, is the first big test for the startup. Matternet is aiming to build a network of low-cost quadcopters to connect the country’s main hospitals with rural communities. Matternet uses small quadcopters that can carry loads of about four pounds across 20 km at a time, to and from pre-designated landing stations. The company is able to track these flights in real-time, and aims to eventually deploy fully-automated landing stations that replace drone batteries, giving them extended range and flight time. The drones it uses typically cost between $2,000-5,000.

    102 comments | about two weeks ago

  • Expensive Hotels Really Do Have Faster Wi-Fi

    OpenSignal, by means of mobile apps for iOS and Android, has been amassing data on Wi-Fi and cell-network signal strength. They released yesterday a few of their findings on the speed of Wi-Fi available at U.S. chain hotels (download speeds, specifically). Though it shouldn't be surprising that (as their data shows) more expensive hotels generally have faster speeds, I know it hasn't always matched my own experience. (Hotel chains also vary, even within brands, in whether the in-room Wi-Fi is free, cheap, or exorbitant.) If the in-room connection is flaky or expensive, though, from the same report it seems you'll do better by popping into a Google-networked Starbucks location than one fed by AT&T, and McDonalds beats Panera Bread by quite a bit.

    72 comments | about two weeks ago

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>