Researcher Finds Tor Exit Node Adding Malware To Downloads
There have been several reports of Bitcoin users that use online wallets and exchanges, even over https, getting MITM attacked when using Tor. They visit the wallet site, get bad certificates but continue anyway, and poof, their Bitcoins in the service are gone and their passwords are known by the attacker. With recent SSL vulnerabilities or clever redirection, the cert errors could be avoided also. For other sites, users can be piped through a "universal phisher" to steal any credentials.
Clearly Tor users are under attack by exit nodes, many of them running automated tools against many web destinations.
Ubuntu 14.10 Released With Ambitious Name, But Small Changes
If you want a significantly modernized UI that hasn't been designed for dummies, have a look at KDE Plasma 5. Kubuntu was simultaneously released in 14.10 flavor, and there are tech preview ISOs available now with the new desktop. It has a new wallpaper, also.
Data From Windows 10 Feedback Tool Exposes Problem Areas
It works as designed, however it works against the interest of the user. A perfect example is the unmovable and unremovable search button next to the start button that opens Bing search. Just like on Windows phones with a physical search button made useless because it cannot be configured to do anything but open Bing, this is just another operating system iteration that does what Microsoft wants, users be damned.
The best reply and what every user actually wants: "be Windows 7 after I disable all the bloat and UI garbage, libraries, and homegroup cruft you put on that OS".
CenturyLink: Comcast Is Trying To Prevent Competition In Its Territories
Centurylink (which in this territory acquired Qwest, which was the local baby bell USWest after the AT&T breakup) does their own slimy anti-competitive tricks with their monopoly.
While DSL providers were required to allow third-party ISPs as a choice to customers (where the copper is Centurylink but the ISP is your choice), they limited the third party ISPs to 7mbps connections while rolling out their own ISP service at 30mbps. Whereas the ISPs provide professional and business class service, Centurylink's service is of course crummy PPPoE dialup with constant dropping and changing IP address, making it pretty much useless for anything except looking at web pages and impossible to use with most off the shelf network hardware.
They are hardly the ones to be speaking about preventing competition.
Plasma 5 Release Candidate Announced
Anyone else notice its starting to look more like XKCD?
Windows 9 To Win Over Windows 7 Users, Disables Start Screen For Desktop
Windows 8 has already made itself incompatible with most non-x64 processors anyway. It requires SSE2, PAE, and NX bit, which are features that CPUs, say a Pentium 4 Extreme Edition 3.46GHz or a Pentium 4 HT 571 3.8GHz, do not offer. Doesn't matter that you have 8GB of RAM and an SSD in them. Believe me, these CPUs are fine for just about any office task.
Windows 8 runs on crap tablet hardware but won't run on CPUs that can run MFLOPS around them due to a few CPU features.
Kingston and PNY Caught Bait-and-Switching Cheaper Components After Good Reviews
This has been happening for many years in computer monitors and televisions also. There will be an initial version sold for a few months that gets the reviews, and then the specs are changed - completely different LCD panels made by different manufacturers are substituted silently, often with different technology. Anecdotally early versions of an Acer monitor having a MPVA panel, and then the exact same model then shipping with TN panels that pale in performance compared to the original. With monitors, you are buying an AO Optronics panel in a box labeled Samsung, so when the same model gets you something inferior to both specifications and original reviews, it borders on fraud.
One Developer's Experience With Real Life Bitrot Under HFS+
The problem is, neither ZFS or Btrfs would have stopped an arbitrary bit inside an arbitrary file from becoming corrupt....
I think you should have a look at this 10 year old blog post: https://blogs.oracle.com/elowe...
ZFS can use single and double-parity (like RAID5 with two parity drives, but no failure if power is pulled during writing). In addition, it has bit scrubbing where all data is verified regularly.
GoDaddy Files For $100 Million IPO
And these scumbags even register and hold for ransom domain names put into their domain search tool. That's right - search to see if a domain is available using the Godaddy site, and it will be registered by Godady themselves or "partners", and sold off to the highest bidder, or suddenly have a $500 asking price. http://www.billhartzer.com/pag...
Whom Must You Trust?
The linked article, which I did read, seems to have no thesis. It meanders from "C compilers can be subverted" to "see if people leave their purses out to judge if a neighborhood is safe". It is as if a high schooler had to write a paper on trust, and cut a paragraph out of each of the top 20 web search results.
Testing 65 Different GPUs On Linux With Open Source Drivers
The open source driver needs to be good; the latest version of the ATI proprietary driver has dropped support for relatively new cards - anything before HD 5000 series. This means that cards that include very good h.264 decoding engines such as the AMD Radeon HD 3850 256MB reviewed can no longer use the latest driver. In Ubuntu 14.04 this also means that trying the older last-supporting driver version no longer works, one would need to downgrade the x server version used in the distro.
This is one of the few cases where hardware on Linux becomes "obsolete" far sooner than it should because of lacking manufacturer's driver support (as opposed to many hardware devices like gameports, scanners, and printers that lost their Windows support in Vista but continue working on Linux). This will make me more wary not of Linux, but of the manufacturers that pull such shenanigans.
Firefox OS Powered Flame Available For Pre-order; Ships Globally
You can get an almost identically-specified Windows 8.1 Nokia Lumia 520 for $59.99, no contract. The only thing it's missing is a camera flash and a front-facing camera for video chats (Skype still works, it just points the wrong way.)
The latest developer rev of Windows Phone has word flow keyboard, which turns touch-screen typing from painfully intolerable to pretty cool.
Even Blackberry, giving it's Playbooks away to developers, couldn't get the adoption jump-started, so I don't know how an overpriced Firefox phone will succeed, although I would hope it would. Every other smartphone except for Blackberry wants to own your personal data and your life in their cloud and profit from everything sold in their store.
It's Time For the Descent Games Return
I have a Logitech Cyberman II controller still (can be seen here). It has a true six-axis knob and eight buttons - you never have to touch the keyboard. Twist the knob right to look right, twist down to look down; push forward to move forward, pull knob up to move up - revolutionary. I don't think most understand how awesome these controllers are, or how disappointing it is that game port support was completely removed by Windows 7 (and previously took a hack to add back into Vista) and that these controllers disappeared from Logitech joystick software updates before that.
Descent had several direct-to-metal ports, pre-directx or OpenGL, for video cards such as the Rendition Verite and S3 Virge. I tossed all my CDs of games unplayable without the old hardware a while ago. None of these cards won though, as the 3dfx Voodoo stomped them all for Quake.
Should Microsoft Be Required To Extend Support For Windows XP?
The main reason so much needs to be rewritten and the reason that new drivers were required on Windows Vista (making it's initial release a fustercluck) is that big media got to Microsoft.
Vista, 7, and 8 have end-to-end DRM encryption support, required for logo compliance with Blu-ray, where the data comes out of the disc encrypted, and goes to the monitor encrypted. The DRM audio comes from Microsoft encrypted, and only comes out of your Zune's headphone jack unencrypted. This fundamentally broke the audio framework, digital audio workstations, video card drivers, imaging devices, etc, because none of these drivers or applications were previously written to prevent users from using data on their own computers.
Dyn.com Ends Free Dynamic DNS
Most don't change your IP address capriciously, but some do. Some ISPs, such as Centurylink DSL (Qwest) aggressively change IP with every DHCP renew or PPPoE session, specifically to frustrate users into paying more for a static IP address to run any kind of service that expects that a response should return to the same IP address a few minutes later.
This particular scumbag company has also tried to ace out other DSL Internet providers by limiting them to 7mbps while selling their own ISP service at 20mbps+.
Used IT Equipment Can Be Worth a Fortune (Video)
sing along..."Spam Spam Spam Spam"
A Tech Entrepreneur's Guide To Visiting Shenzhen
Expect to be defrauded buying anything that can be faked. 16GB SD cards that are 256MB of looping flash, hard drives filled with bolts, walnuts filled with concrete, food made out of rats and glue and sewer scrapings. This is a place where the goal of any business transaction is to swindle to the maximum extent possible.
Ask Slashdot: What Software Can You Not Live Without?
Solitaire was initially included with Windows to train people how to use a mouse, now it's not included to train people how to use the Microsoft store and get them to enter their trackable credentials.
Bitcoin Plunges After Mt. Gox Exchange Halts Trades
Please attempt to use the Beta site. Try using it as your only view of Slashdot. You will then realize is an abomination, a huffington-post web 1.9 where a big picture is plopped on a windows 8 tile, with a comment section that looks like a discus outsourcing.
When Slashdot is NO comments on the posted news stories, and ALL comments on the death of slashdot by evil committee, maybe then the idea will be abandoned - Dice should know that we will not use the new site, and we are willing to not use the current site to prove it.
20% of Neanderthal Genome Survives In Humans
Lesbians. Vandals (used about 20 posts above). A moor by the time of Shakespeare meant black person. Language is capricious, and the correct usage is that which is canonical.
Google drops authorship with picture from search results.
qubezz (520511) writes "Did you notice the pictures of "experts" in your Google search results over the last few years? If a webmaster wanted a site to appear fancy and stand out in search results, a Google Plus profile had to link to your site, and pages recognized as articles needed continuous creation.
The "Authorship" feature, which rolled out in 2011 as another part of the Google+ social and real name marketing push, had its author profile pictures pulled from the search results in June this year. The remainder of the feature is now finally dead, with little fanfare.
Emil Protalinski at thenextweb.com (note the importance of author?) reports:
Google today stopped showing authorship in search results, meaning articles will no longer include a link to the Google+ profile of their author. The company says that it found the information isn’t as useful to its users as it hoped, and in some cases even distracts from the overall search results.
Blizzard sues Starcraft II cheat authors in US Court
qubezz (520511) writes "The torrent news site TorrentFreak was first to report that Monday this week Blizzard filed a lawsuit in US District court in California against the programmers behind the popular Starcraft II cheat “ValiantChaos MapHack.”
The complaint seeks relief from "direct copyright infringement", "contributory copyright infringement", "vicarious copyright infringement", "trafficking in circumvention devices", etc. The suit seeks the identity of individuals, as it fishes for names of John Does 1-10, in addition to seeking an injunction against the software (which remains on sale) and punitive damages. Blizzard claims losses from diminished user experiences, and also that "when users of the Hacks download, install, and use the Hacks, they directly infringe Blizzard’s copyright in StarCraft
II, including by creating unauthorized derivative works"."
Link to Original Source
Facebook, Twitter, Google opening URLs in your email
qubezz (520511) writes "You have emailed someone a confidential email with a URL that gives them secure access to your site — well guess what, your email provider is logging into it also. Several email and messaging platforms are reading message contents and following web links in the messages.
Security firm High-Tech Bridge set up a dedicated server to see which of the services picked up and used a unique URL they added to emails sent through various services. During the 10 days of the experiment, only six services out of the 50 took the bait, but they included four of the biggest and most used social networks: Facebook, Twitter, Google+ and Formspring."
Link to Original Source
iPhone's Siri Suffers Nationwide Five-Hour Outage
qubezz (520511) writes "iPhone4S owners attempting to use the Siri voice recognition feature were greeted with widespread network outage messages Thursday starting around 11am PST, reports Venture Beat and others. Comments started coming in from the twitter-verse of the outage, and Apple hasn't yet made a statement about the cause.
Siri still provided humor after service was restored: "I asked her, "Siri, where you been all day?" Her response? A number of day spas and hair salons""
Link to Original Source
Buying 259684 Bitcoins For $2613 During Mtgox Hack
qubezz (520511) writes "The firsthand report from a trader about the mtgox.com flash-crash shows the impact to mtgox.com may be much deeper, and gives an insider perspective that throws doubt on mtgox's account of events. The Mt Gox bitcoin exchange remains shut down after it was disclosed that a hacker compromised a trading account and sold all it's bitcoins, crashing the exchange price. Mtgox reports that the hacker was able to transfer less than $1000 out of the hacked account.
This trader has an interest in doubting the hacker story behind the big sell-off — during the fire sale, because when the market crashed, he was able to buy over 250,000 BTC for less than $3000 (at a price of a $0.0101 each), and even transferred 643 BTC off the exchange to his personal wallet, where it is untouchable (and now worth about $10,000). When the exchange rolls back the transactions wiping his remaining 250,000 BTC balance ($4 million at previous exchange prices), will he be getting his $2613 USD back?"
Link to Original Source
First Bitcoin Theft? $500,000 in BTC Stolen
qubezz (520511) writes "A Bitcoin user has lost 25,000 Bitcoins, the digital peer-to-peer currency that is all the rage in digital peer-to-peer currencies these days, which at current exchange rates is around $470,000. For doubters, here is the lo-fi (but still very slow) version of the discussion thread where user "allinvain" has posted the info about the transfers. Theories are still out there about how his wallet got hacked. Lesson: spread your savings, and perhaps transfer your earnings from pools to a super-locked-down non-pool account with an offline key.
Quote from victim: Hi everyone. I am totally devastated today. I just woke up to see a very large chunk of my bitcoin balance gone to the following address:
1KPTdMb6p7H3YCwsyFqrEmKGmsHqe1Q3jg. Transaction date: 6/13/2011 12:52 (EST). I feel like killing myself now. This get me so f'ing pissed off. If only the wallet file was encrypted on the HD. I do feel like this is my fault somehow for now moving that money to a separate non windows computer. I backed up my wallet.dat file religiously and encrypted it but that does not do me much good when someone or some trojan or something has direct access to my computer somehow."
Companies outsourcing work verification calls
qubezz (520511) writes "Didn't get approved for that recent rental? Maybe it's because your company has outsourced their work verification! I recently discovered this nefarious new world order approving renters for my property (BTW, it was VOLT, a temp agency for tech companies like Microsoft, Intel, and others.) If you work for a company that has outsourced their work verification, the caller will be instructed to call another company with an account code, and sit through a phone tree and wait time with bad accent outsourced call center that rivals the worst tech support. That company will then want to set up the caller with an internet account to their service and charge $18 per verification. The biggest outsourcer is Talx (theworknumber.com), which was acquired for $1.4 billion in 2007 by Equifax. They are also infamous for getting your unemployment claims denied for your previous employer. So now your weekly paycheck is being directly reported to a credit agency by your company, and your employer now has a company cajoling money from places you want to rent (denying you is free though). Among other services they are now able to sell to lenders is a complete earning history from your SSN."
Digitally filtering out the drone of the World Cup
qubezz (520511) writes "World Cup soccer fans may think a hornet's nest has infiltrated their TVs. However the buzz that is the background soundtrack of the South African-hosted games comes from tens of thousands of plastic horns called Vuvuzelas, that are South Africa's version of ringing cowbells or throwing rats. It looks like the horns won't be banned anytime soon though.
A savvy German hacker, 'Tube' discovered that the horn sound can be effectively filtered out by applying a couple of digital notch filters to the audio at the frequencies the horn produces (another summary in English). Now it looks like even broadcasters like the the BBC and others are considering using such filters on their broadcasts."
114,000 iPad user emails exposed in breach
qubezz (520511) writes "Gawker.com is reporting an exclusive — that a hacker group 'Goatse security' has discovered the account numbers and user email addresses for what seems to be every early-adopter of the iPad 3G.
The site reports:
"Goatse Security obtained its data through a script on AT&T's website, accessible to anyone on the internet. When provided with an ICC-ID as part of an HTTP request, the script would return the associated email address, in what was apparently intended to be an AJAX-style response within a Web application."
Among the email addresses revealed are several .mil addresses and entertainment personalities..."
Link to Original Source
700MB of MediaDefender internal emails leaked
qubezz (520511) writes "The company MediaDefender which works with the RIAA and MPAA against piracy (setting up fake torrents and trackers and disrupting p2p) had earlier set up a fake internet video download site designed to catch and bust users. They denied the entrapment charges. Now 700MB of internal emails from the company from the last 6 months leaked onto BitTorrent trackers detail their entire plan, how they intended to distance themselves from the fake company they set up, future strategies, and reveal other company information such as logins and passwords, wage negotiations, and numerous other aspect of their internal business! torrentfreak.com details some of the jems!"
Link to Original Source
qubezz has no journal entries.