We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!
prxp (1023979) writes "Recent riots in Brazil have taken the Brazilian Government completely by surprise, since most of its intelligence personnel have been assingned to work on the security of Fifa's Confederations Cup, according to "O Estado de São Paulo" (Google translation), one of Brazil's major newspapers. This is particularly ironic, since protesting against the way Fifa has managed Confederations Cup in Brazil accompanied with overspending by the brazilian Government is in the heart of these riots. Because of that, ABIN (the brazilian equivalent to CIA) "has assembled a last minute operation to monitor the Internet" where intelligence officials have been tasked to monitor protesters' every move "though Facebook, Twitter, Instagram, and WhatsApp" in order to "antecipate intineraries and size of riots" among other intel. The legality of such action is unknown, since Brazilian laws prohibit this kind of wiretapping." top
Open Letter to the InfoSec Community - Help Brazilian Security Researchers
prxp writes "Brazil is a wonderful country that has many problems. When it comes to information security, many will recognize that Brazil has good and bad examples. We have no cybercrime law in Brazil and it is close to a consensus that we need one. It has been more than 10 years that our Congress is trying to pass laws on this regard with no success. This unsuccessful path is due mostly to a lack of proximity between politicians and the Brazilian information security community and internet freedom activists. Usually lawyers and law enforcement agents are the ones to provide the theoretical support for building these law proposals that end up facxing strong opposition from society for not seeing their true interests being held (e.g. Azeredo cybercrime law proposal, known as “AI5 Digital”). This political standoff between cybercrime law proposals and society rebellion has been broken last May/2012 when a well cherished Brazilian actress had her email account breached, leaking many intimate pictures depicting her nude body. That was the case of actress Carolina Dieckmann and because of her popularity Brazilian Congress has been pushed into action (and society into passive acceptance) to pass any cybercrime law, no matter how incorrect it was. Because of that Congress has been pushing forward without the due transparency and discussion a new cybercrime law proposal altering Brazilian Federal Penal Code in order to include the definition for the crime of breaching computer security. This proposal has already been approved by Brazilian House of Representatives under the code PL2793/2011 (http://www.camara.gov.br/proposicoesWeb/fichadetramitacao?idProposicao=529011), sent to and already approved by Brazilian Senate under the code PLC35/2012 (http://www.senado.gov.br/atividade/materia/detalhes.asp?p_cod_mate=105612), and sent back to the House for final approval. This letter is a cry for help to the international community to help us Brazilians change this law proposal, for it has been advancing inexplicably fast, already reaching its last legislative stage in less than six months (being voted definitely next November 6th 2012) and when passed into law it will criminalize the building and dissemination of any tool, computer software or hardware, that might be used as means of breaching computer security, no matter who uses it or if it will be used at all. You read it right: simply writing PoC’s, sniffers, scanners, payloads, etc; giving talks about them, selling them or simply giving them away will be a crime in Brazil after this law is in effect. Please, read on, it is important that you do." Link to Original Source top
prxp writes "Today, as every ordinary Monday, I went to my e-mail box and checked messages from the security community in Full-Disclosure. As usual I came across an advisory pointing out some web security vulnerabilities that differently from usual certainly had my attention. I could say the post called my attention for its organization (not so common among web vuln disclosers), or because it included not only one but a myriad of different vulnerabilities, or maybe because these vulnerabilities included some unusual (and potentially dangerous) stuff like server side source code disclosure, or even because these vulnerabilities were not patched by the the vendor even after 15 full days it was informed about them. But no, those were not the reasons I had my eyes rolling. The thing that really got me is that all of this is not about any vendor, it is about Mcafee, a vendor well known by its anti-virus software but also by its web security service McAfee Secure. This service provides customers with the label “Verified by McAfee Secure” so they can put in their website as a mark of safety. According to McAfee: “The McAfee SECURE trustmark only appears when the website has passed our intensive, daily security scan. We test for possible personal information access, links to dangerous sites, phishing, and other online dangers.” In other words, the presence of this label means that the website is not vulnerable to the exact same vulnerabilities McAfee currently has." Link to Original Source top
prxp writes "Engadget is running a story on a company named iPhoneSIMfree.com that has been able to SIM-unlock the iPhone via software. The iPhoneSIMfree.com team is planning on selling the solution for a small (?) fee. According to the story the unlock is legitimately and works even after you fully restore your iPhone. Although Engadget is claiming "they're officially the first to break Apple's SIM locks on the iPhone", earlier this week George Hotz, a 17-year old former member of the iPhone Development Team, has also been able to SIM-unlock the iPhone, but his technique was hardware based and too complicated for the non-expert. It seems the race is over now. Who came first after all?" Link to Original Source top
First Fully Unlocked Iphone done via Hardware Hack
prxp writes "One of the iPhone Dev Team Members, GeoHot, has successfully unlocked the iPhone for use with any carrier's SIM card. According to GeoHot's web site: "The current method involves taking apart your phone and doing some complicated soldering, with a high probablity of a bricked phone. Although after the phone is unlocked all the hardware can be removed. We hope to find a software unlock very soon." GeoHot also uploaded a video in you tube showing his unlocked iPhone. Though this might seen quite unbelievable at the moment since several Scams about unlocked iPhones are flying around, GeoHot has a very good reputation on these matters which could be attested by the Dev Team's forum members." Link to Original Source