Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Comments

top

Cylance Hacks Google Office Building Management System

Gunkerty Jeb Re:Why??? (46 comments)

Can't WFH without remote access.

about a year ago
top

Teens Share Passwords As a Form of Intimacy

Gunkerty Jeb DON'T BE A PRUDE! (533 comments)

I'll show you mine if you show me your's...

more than 2 years ago
top

Phelps Clan Tweets Intent To Picket Jobs Funeral Via iPhone

Gunkerty Jeb Re:Her Defense Was Pretty Good Too (699 comments)

It's the lingering remains of crushing guilt from my Catholic upbringing that make me an acceptable human being. Thanks, Mom!

more than 2 years ago
top

Microsoft Disables Kelihos Botnet

Gunkerty Jeb Re:Explain (94 comments)

I propose a new rule: first you read the article, then you ask questions.

more than 2 years ago
top

"Wi-Fi Refugees" Shelter in West Virginia Mountains

Gunkerty Jeb Re:Just what WVa needs, a new variety of crazy (627 comments)

Slashdot is hardly the place for criticisms of tin-foil hat wearers. Talk about a pot calling the kettle black.
p.s. West Virginia's slogan is 'Wild and Wonderful' if anyone is curious, and it is as fine a state as any.

more than 2 years ago
top

Aaron Barr Talks About DEFCON, Anonymous Attacks

Gunkerty Jeb Re:Barr had it coming, but... (77 comments)

If that's is true, then why does Anonymous release a super melodramatic, self-important manifesto every time they deface a website? If it's for the Lulz then laugh. It's not for the lulz though, it's for the attention.

about 3 years ago
top

Why Your Dad's 30-Year-Old Stereo Sounds Better Than Yours

Gunkerty Jeb That's right. (674 comments)

I'll keep my old-school Cerwin Vega's thank you very much.

more than 3 years ago
top

IE9: by Far the Best at Blocking Malware

Gunkerty Jeb Re:Does anyone care? (2 comments)

I haven't used IE in years, but it still has the largest market share of any browser, and is, evidently, the best at detecting malicious downloads.

more than 3 years ago
top

McCain Asks For Committee On Wikileaks, Anonymous

Gunkerty Jeb Re:Repub? (268 comments)

INdeed.

more than 3 years ago
top

LastPass Password Service Hacked

Gunkerty Jeb I guess I'm just old school... (268 comments)

I use this thing called my brain to store passwords. Sometimes I lose one, but it never gets hacked.

more than 3 years ago
top

Why Does the US Cling To Imperial Measurements?

Gunkerty Jeb 'merica (2288 comments)

Because this is America dammit and we do what we want!

more than 3 years ago
top

Why Do Videogames Struggle With Sex?

Gunkerty Jeb obv (465 comments)

Probably for the same reasons that video-gamers struggle with sex. It has something to do with the intersection of infrequency and awkwardness.

more than 3 years ago
top

Employer Facebook Password Requests Suspended

Gunkerty Jeb Why? (209 comments)

What legitimate reason could an organization have for needing this information? As in, they say: "Would you voluntarily give us your Facebook username and password?" I say (because I am a man, not a sheep): "Why?"

more than 3 years ago
top

A Car You Can Drive With Your Thoughts

Gunkerty Jeb Bad idea. (137 comments)

I read a story a ways back informing me that first armless man to drive a car modified for men without arms dies in a car crash... Does that make sense?

more than 3 years ago
top

10% of IT Pros Can Access Previous Jobs' Accounts

Gunkerty Jeb FACT! (218 comments)

I know for a fact that a dev guy that left our company a month or so ago still has admin access all over the place. I have been removing him from accounts over which I have control, but I control nothing of any importance (twitter/facebook). Now, he was a nice guy who left on good terms and we still contact him for help from time to time, so I'm not really worried. But some weirdo who gets fired and has the same access could do some serious damage.

more than 3 years ago
top

Glen Beck Warns Viewers Not To Use Google

Gunkerty Jeb haha... (1276 comments)

I wonder how this relates to George Soros...

more than 3 years ago
top

Only 39% Curse At Their Computers?

Gunkerty Jeb Ill believe it on one condition... (286 comments)

Perhaps 61% of the world has come to accept that it is rarely the computer's fault when things go wrong.

more than 3 years ago
top

19-Year-Old Makes Homemade Solar Death Ray

Gunkerty Jeb whoa (317 comments)

This is simultaneously awesome and horrifying. What do you think this kid's parents said when he told them he wanted to build a solar death ray?

more than 2 years ago
top

WikiLeaks Nominated For 2011 Nobel Peace Prize

Gunkerty Jeb Absurd (495 comments)

The Nobel Committee is losing it. I'd love to receive the Nobel Peace Prize for telling people a bunch of shit they already know.

more than 3 years ago
top

Teachers Back Away From Evolution In Class

Gunkerty Jeb Re:Science is being bullied (947 comments)

I've said it before and I'll say it again. We are doing an excellent job preparing our children to be the future slaves of China. I just hope I'm dead before I see their economy surpass ours.

more than 3 years ago

Submissions

top

RSA's Coviello Calls for Surveillance Reform, Enhanced Privacy

Gunkerty Jeb Gunkerty Jeb writes  |  about 6 months ago

Gunkerty Jeb (1950964) writes "RSA Security executive chairman Art Coviello today at RSA Conference 2014 made his first public comments about the security company’s relationship with the National Security Agency, painting the landmark firm as a victim of the spy agency’s blurring of the lines between its offensive and defensive missions.

A Reuters report in December alleged RSA Security was paid $10 million in a secret contract with the NSA to use encryption software—specifically the Dual EC DRBG random number generator—that the spy agency could easily crack as part of its surveillance programs. The deal goes back nearly a decade to 2006, and according to Reuters, represented one third of the company’s crypto revenue at the time."

Link to Original Source
top

New 'Mask' APT Campaign Called Most Sophisticated Yet

Gunkerty Jeb Gunkerty Jeb writes  |  about 7 months ago

Gunkerty Jeb (1950964) writes "A group of high-level, nation-state attackers has been targeting government agencies, embassies, diplomatic offices and energy companies with a cyber-espionage campaign for more than five years that researchers say is the most sophisticated APT operation they’ve seen to date. The attack, dubbed the Mask, includes a number of unique components and functionality and the group behind it has been stealing sensitive data such as encryption and SSH keys and wiping and deleting other data on targeted machines."
Link to Original Source
top

Verizon Transparency Report: Govt Requests Increasing

Gunkerty Jeb Gunkerty Jeb writes  |  about 7 months ago

Gunkerty Jeb (1950964) writes "After months of public calls from privacy advocates and security experts, Verizon on Wednesday released its first transparency report, revealing that it received more than 164,000 subpoenas and between 1,000 and 2,000 National Security Letters in 2013. The report, which covers Verizon’s landline, Internet and wireless services, shows that the company also received 36,000 warrants, most of which requested location or stored content data."
Link to Original Source
top

NSA Says Snowden Used Legit Access to Steal Data

Gunkerty Jeb Gunkerty Jeb writes  |  about 9 months ago

Gunkerty Jeb (1950964) writes "It’s taken more than six months, but top officials at the National Security Agency are finally discussing some of the details of how former agency contractor Edward Snowden got access to all of the documents he stole and what kind of damage they believe the publication of the information they contain could do. A senior NSA employee tasked with investigating what Snowden did and how he did it said that Snowden simply used the legitimate access he had as a systems administrator to steal and store the millions of documents he’s been slowly leaking to the media, and that the information in those documents could give U.S. enemies a “road map” of the country’s intelligence capabilities and blind spots."
Link to Original Source
top

The Infamous Zeus Banking Trojan has Gone 64-Bit

Gunkerty Jeb Gunkerty Jeb writes  |  about 9 months ago

Gunkerty Jeb (1950964) writes "Researchers at Kaspersky Lab’s Global Research and Analysis Team spotted a new, 64-bit version of the Zeus trojan that behaves much like its 32-bit contemporaries: it too uses Web injects to steal banking credentials to drain online accounts, steal digital certificates and even log keystrokes. Unlike its contemporaries, this new variety of Zeus is — of course — 64-bit compatible, but also communicates with its command and control server over the Tor anonymity network."
Link to Original Source
top

Ruby on Rails CookieStore Bug Plagues Prominent Sites

Gunkerty Jeb Gunkerty Jeb writes  |  about 9 months ago

Gunkerty Jeb (1950964) writes "A lingering security issue in Ruby on Rails that stems from a setting in the framework’s cookie-based storage mechanism is still present in almost 2,000 websites.

Sites using an old version of Ruby on Rails that relies on CookieStore, the framework’s default cookie storage mechanism, are at risk. CookieStore saves each user’s session hash in the cookie on the client side, something that keeps each cookie valid for life. This makes it possible for an attacker to glean a user’s log-in information – either via cross-side scripting or session sidejacking – and log in as them at a later date."

Link to Original Source
top

Senate Debates Surveillance Transparency Act, NSA Spying

Gunkerty Jeb Gunkerty Jeb writes  |  about 10 months ago

Gunkerty Jeb (1950964) writes "In a Senate hearing debating the NSA's contentious surveillance programs and a proposed bill that would impose more transparency onto those practices, Sen. Patrick Leahy of (D-Vt.) asked Google's director for law enforcement and information security matters, Richard Salgado, if government imposed gag orders on requests for user data were making the country safer. Salgado answered that he did not believe that his inability answer questions about data requests had any impact on national security.

In addition, the general counsel for the Director of National Intelligence claimed enumerating the exact number of U.S. citizens monitored under NSA surveillance programs would be too difficult and resource-intensive.

The general consensus of those not advocating for the NSA was that the bill introduced by Sen. Al Franken (D-Mich.) would be a great step forward, but that transparency alone would not undo the damages done to U.S. companies and its government by PRISM and other similar surveillance programs. Nor, they seemed to agree, would the addition of transparency make the NSA’s programs lawful or constitutional."

Link to Original Source
top

Microsoft to Broaden its Base of Bug Bounty Submitters

Gunkerty Jeb Gunkerty Jeb writes  |  about 10 months ago

Gunkerty Jeb (1950964) writes "Having found some initial success with its first foray into the bug bounty world, Microsoft is expanding the program to open up payments of up to $100,000 to incident response teams and forensics experts who come across active attacks in the wild that include new techniques that bypass exploit mitigations in place on the newest version of Windows."
Link to Original Source
top

Google Malaysia Site Hijacked

Gunkerty Jeb Gunkerty Jeb writes  |  about a year ago

Gunkerty Jeb (1950964) writes "The Google domain for Malaysia was hijacked on Thursday night, redirecting visitors to a page that said a group called Madleets from Pakistan had performed the attack. The domain has been restored now, but the name servers for the domain had been changed to a pair controlled by the attackers."
Link to Original Source
top

Bitcoins Make Following Money Near Impossible

Gunkerty Jeb Gunkerty Jeb writes  |  about a year ago

Gunkerty Jeb (1950964) writes "The good news is that cooperation between the various law enforcement agencies in different countries all over the world is at an all time high; the bad news is that cybercriminals have embraced a potent combination of the anonymous online currency Bitcoin and equally anonymous, Web-based currency exchanges located outside U.S. jurisdiction that allow them to turn those Bitcoins into real money, making it more difficult than ever to track the bad actors down.

Such are the realities of the world we live in. The once-tried-and-true law enforcement method of following the money in order to get to the bottom of organized criminal operations is made more difficult by the emergence of digital currency, international wire transfers, and Web-based currency exchange services, shielded from U.S. law by their locations and hidden from sight with layers upon layers of obfuscation, Kaspersky Lab principle security researcher Kurt Baumgartner explained in an interview with Threatpost Wednesday."

Link to Original Source
top

Behind the South Korean Government DDoS Attacks

Gunkerty Jeb Gunkerty Jeb writes  |  about 10 months ago

Gunkerty Jeb (1950964) writes "In the last few years, there have been a series of DDoS attacks and intrusions on government networks in South Korea that have resulted in the loss of untold amounts of data. The four attacks haven’t been linked together or attributed to the same attackers, but there are some similarities in the methods and results. In a presentation at Virus Bulletin in Berlin yesterday, Fortinet's Christy Chung explained that attack similarities included the use of malware overwriting the master boot record and massive DDoS attacks targeting DNS providers and individual sites."
Link to Original Source
top

Given Recent Crypto Revelations, 'Everything is Suspect'

Gunkerty Jeb Gunkerty Jeb writes  |  about a year ago

Gunkerty Jeb (1950964) writes "So now that RSA Security has urged developers to back away from the table and stop using the maligned Dual Elliptic Curve Deterministic Random Bit Generation (Dual EC DRBG) algorithm, the question begging to be asked is why did RSA use it in the first place?

Going back to 2007 and a seminal presentation at the CRYPTO conference by Dan Shumow and Niels Ferguson, there have been suspicions about Dual EC DRBG primarily because it was backed by the National Security Agency, which initially proposed the algorithm as a standard. Cryptographer Bruce Schneier wrote in a 2007 essay that the algorithm contains a weakness that “can only be described as a backdoor.”

“I wrote about it in 2007 and said it was suspect. I didn’t like it back then because it was from the government,” Schneier told Threatpost today. “It was designed so that it could contain a backdoor. Back then I was suspicious, now I’m terrified."

Link to Original Source
top

$14k and Counting for iPhone 5S Touch ID Hack

Gunkerty Jeb Gunkerty Jeb writes  |  about a year ago

Gunkerty Jeb (1950964) writes "A group of researchers, hackers, and other security enthusiast are pooling their money and offering it as a bounty to the first person that can successfully crack the Touch ID fingerprint authentication mechanism on Apple’s recently released iPhone 5S."
Link to Original Source
top

No Telecom Ever Challenged Metadata Collection Orders

Gunkerty Jeb Gunkerty Jeb writes  |  about a year ago

Gunkerty Jeb (1950964) writes "A newly declassified opinion from the Foreign Intelligence Surveillance Court from this summer shows the court’s interpretation of the controversial Section 215 of the USA PATRIOT Act that’s used to justify the National Security Agency’s bulk telephone metadata collections, and reveals that none of the companies that have been served with such orders has ever challenged one."
Link to Original Source
top

IETF: Protecting Internet From Pervasive Surveillance

Gunkerty Jeb Gunkerty Jeb writes  |  about a year ago

Gunkerty Jeb (1950964) writes "The IETF is considering a range of options to help reengineer some of the fundamental protocols that underpin the Internet in response to revelations that the NSA and other intelligence agencies are conducting widespread, dragnet-style surveillance online.

The group, which is responsible for developing the standards that govern much of the technical workings of the Internet, has been looking at all of the information revealed by the documents leaked by former NSA contractor Edward Snowden with dismay and officials said that they’re already at work on some changes that could help make the Internet more resistant to pervasive surveillance. The IETF is not putting out a huge amount of detail on the changes, but said that regardless of the modifications, they won’t matter if the devices people use or the people they communicate with aren’t trustworthy."

Link to Original Source
top

Kelihos Relying on CBL Blacklists to Evaluate New Bots

Gunkerty Jeb Gunkerty Jeb writes  |  1 year,5 days

Gunkerty Jeb (1950964) writes "Kelihos, the peer-to-peer botnet with nine lives, keeps popping up with new capabilities that enable it to sustain itself and make money for its keepers by pushing spam, harvesting credentials and even stealing Bitcoins.

According to a number of sources, Kelihos is now leveraging legitimate and freely available security services that manage composite blocking lists (CBLs) to determine if a potential victim’s IP address has previously been flagged as a spam source or as a proxy. A CBL is a blacklist of IP addresses known to be participating in spreading spam or malware."

Link to Original Source
top

Researchers Hack GPS, $80M Yacht Veers Off Course

Gunkerty Jeb Gunkerty Jeb writes  |  about a year ago

Gunkerty Jeb (1950964) writes "A 213-foot luxury yacht veered off course while cruising in the Mediterranean Sea this summer after a radio navigation research team led by global positioning systems expert Todd Humphreys of the University of Texas Austin built a custom-made device capable of overriding the ship’s GPS receivers with spoofed signals."
Link to Original Source
top

Long-Range RFID Hacking Tool to be Released at Black Hat

Gunkerty Jeb Gunkerty Jeb writes  |  about a year ago

Gunkerty Jeb (1950964) writes "Next week at the Black Hat Briefings in Las Vegas, Fran Brown will release a modified RFID reader that can capture data from 125KHz low frequency RFID badges from up to three feet away. Previous RFID hacking tools must be within centimeters of a victim to work properly; Brown’s tool would allow an attacker or pen-tester to store the device inside a backpack and it would silently grab card data from anyone walking close enough to it."
Link to Original Source
top

College Student Gets Year in Prison for Election Fraud

Gunkerty Jeb Gunkerty Jeb writes  |  about a year ago

Gunkerty Jeb (1950964) writes "A former Cal State San Marcos student was sentenced to a year in prison this week for election tampering by using keystroke loggers to grab student credentials and then vote for himself.

Matthew Weaver, 22, of Huntington Beach, Calif., stole almost 750 students’ identities to try and become president of the San Diego County college’s student government. His plan went awry when the school’s computer technicians noticed an anomaly in activity and caught Weaver with keystroke loggers as he sat in front of the suspicious computer."

Link to Original Source

Journals

Gunkerty Jeb has no journal entries.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>