Month: November 2016

Shazam listens to you on macs, even when you turn the mic off

Posted on by Robin Edgar

Once installed, Shazam automatically begins listening for music, Most (security-conscious) users probably don’t want Shazam listening all the time. Shazam appears to oblige, seemingly providing an option to disable this listening: However, sliding the selector to ‘OFF’ did not generate the expected, “Mic was deactivated” OverSight alert. My first thought was perhaps OverSight had ‘missed’ Read more about Shazam listens to you on macs, even when you turn the mic off[…]

Chemical traces on your phone reveal your lifestyle, scientists say

Posted on by Robin Edgar

Scientists say they can deduce the lifestyle of an individual, down to the kind of grooming products they use, food they eat and medications they take, from chemicals found on the surface of their mobile phone. Experts say analysis of someone’s phone could be a boon both to healthcare professionals, and the police. “You can Read more about Chemical traces on your phone reveal your lifestyle, scientists say[…]

Britain must send its F-35s to Italy for heavy overhauls, decrees US, engines overhauled in Turkey

Posted on by Robin Edgar

Britain will have to send its supersonic F-35 fighter jets to Italy for heavy overhauls, the UK Ministry of Defence has confirmed to The Register. BAE Systems will maintain an airframe maintenance, repair, overhaul and upgrade (MRO&U) capability at RAF Marham in Norfolk, according to a US announcement earlier this week. However, that will only Read more about Britain must send its F-35s to Italy for heavy overhauls, decrees US, engines overhauled in Turkey[…]

Spotify is writing massive amounts of junk data to storage drives

Posted on by Robin Edgar

For almost five months—possibly longer—the Spotify music streaming app has been assaulting users’ storage devices with enough data to potentially take years off their expected lifespans. Reports of tens or in some cases hundreds of gigabytes being written in an hour aren’t uncommon, and occasionally the recorded amounts are measured in terabytes. The overload happens Read more about Spotify is writing massive amounts of junk data to storage drives[…]

5 major Russian banks repel massive DDoS attack

Posted on by Robin Edgar

At least five Russian major banks came under a continuous hacker attack, although online client services were not disrupted. The attack came from a wide-scale botnet involving at least 24,000 computers, located in 30 countries. The attack began Tuesday afternoon, and continued for two days straight, according to a source close to Russia’s Central Bank Read more about 5 major Russian banks repel massive DDoS attack[…]

AdultFriendFinder was hacked, together with affiliates. 400m users data out there

Posted on by Robin Edgar

Adultfriendfinder.com 339,774,493 users “World’s largest sex & swinger community” Cams.com 62,668,630 users “Where adults meet models for sex chat live through webcams” Penthouse.com 7,176,877 users Adult magazine akin to Playboy Stripshow.com 1,423,192 users Another 18+ webcam site iCams.com 1,135,731 users “Free Live Sex Cams” Unknown domain 35,372 users Total: 412,214,295 aff Source: AdultFriendFinder was hacked Read more about AdultFriendFinder was hacked, together with affiliates. 400m users data out there[…]

BlackNurse: Ping of death is back, DoS using only a laptop

Posted on by Robin Edgar

Remember the days back in the 90s when you could cripple someones Internet connection simply by issuing a few PING command like “ping -t [target]”? This type of attack was only successful if the victim was on a dial-up modem connection. However, it turns out that a similar form of ICMP flooding can still be Read more about BlackNurse: Ping of death is back, DoS using only a laptop[…]

Facebook Will Let Brands Send You Ads If You’ve Messaged Them Before

Posted on by Robin Edgar

According to Facebook, if you send a message to a company, they then have permission to send you sponsored messages—or as we humans call them, ads. These will be unprompted “highly targeted, in-context” ads. Businesses that already have chat bots set up can start using the new feature immediately. Source: Facebook Will Let Brands Send Read more about Facebook Will Let Brands Send You Ads If You’ve Messaged Them Before[…]

Lipreading software is 93.4% accurate

Posted on by Robin Edgar

Traditional approaches separated the problem into two stages: designing or learning visual features, and prediction. More recent deep lipreading approaches are end-to-end trainable (Wand et al., 2016; Chung & Zisserman, 2016a). All existing works, however, perform only word classification, not sentence-level sequence prediction. Studies have shown that human lipreading performance increases for longer words (Easton Read more about Lipreading software is 93.4% accurate[…]

IoT Goes Nuclear – Creating a ZigBee Chain Reaction / How they hacked your Philips Hue and made a worm

Posted on by Robin Edgar

In this paper we describe a new type of threat in which adjacent IoT devices will infect each other with a worm that will spread explosively over large areas in a kind of nuclear chain reaction, provided that the density of compatible IoT devices exceeds a certain critical mass. In particular, we developed and verified Read more about IoT Goes Nuclear – Creating a ZigBee Chain Reaction / How they hacked your Philips Hue and made a worm[…]

‘Trust it’: Results of Signal’s first formal crypto analysis are in

Posted on by Robin Edgar

As explained in a paper titled A Formal Security Analysis of the Signal Messaging Protocol (PDF) from the International Association for Cryptologic Research, Signal has no discernible flaws and offers a well-designed and compromise-resistant architecture. Signal uses a double rachet algorithm that employs ephemeral key exchanges continually during each session, minimising the amount of text Read more about ‘Trust it’: Results of Signal’s first formal crypto analysis are in[…]

Nvidia Tracking you on Windows now – and how to stop it (for now)

Posted on by Robin Edgar

In the case of Nvidia, Telemetry gets installed alongside the driver package. While you may — and should — customize the installation of the Nvidia driver so that only the bits that you require are installed, there is no option to disable the Telemetry components from being installed. These do get installed even if you Read more about Nvidia Tracking you on Windows now – and how to stop it (for now)[…]

Mimicking nature turns sewage into biocrude oil in minutes

Posted on by Robin Edgar

the US Department of Energy’s Pacific Northwest National Laboratory (PNNL) has found a way to potentially produce 30 million barrels of biocrude oil per year from the 34 billion gal (128 billion liters) of raw sewage that Americans create every day. According to PNNL, the problem with using sewage as a source material for biocrude Read more about Mimicking nature turns sewage into biocrude oil in minutes[…]

Turkey Doubles Down on Censorship With Block on VPNs, Tor

Posted on by Robin Edgar

In what’s a significant escalation in its censorship efforts, the Turkish government now wants to block the very same tools that tech-savvy citizens use to get around the government-imposed social media blocks. On Friday, the Turkish information technologies and communications authority, or BTK, ordered internet providers in the country to block Tor and several other Read more about Turkey Doubles Down on Censorship With Block on VPNs, Tor[…]

Teen in the dock on terror apologist charge for naming Wi-Fi network ‘Daesh 21’

Posted on by Robin Edgar

An 18-year-old broke France’s anti-terror laws by naming his home Wi-Fi network “Daesh 21” – after the medieval murder bastards ISIS. The unnamed teen was given a three-month jail sentence, suspended for now, after he was found guilty of essentially publicly condoning a terrorist act or group. Source: Teen in the dock on terror apologist Read more about Teen in the dock on terror apologist charge for naming Wi-Fi network ‘Daesh 21’[…]

Atlas Recall will slurp your data and allow you to find it back from any (cough) device

Posted on by Robin Edgar

The page tells you they take privacy seriously, but with that I guess they mean they seriously don’t think you should have any. I guess this is the reason it’s only available for OSX or iphone – only Apple people would be dumb enough to send literally all their data to some company. Source: Atlas Read more about Atlas Recall will slurp your data and allow you to find it back from any (cough) device[…]

Buy Call of Duty Infinite Warfare from the Windows 10 Store: don’t get to play with Xbox or Steam players

Posted on by Robin Edgar

According to an official Activision support page, both games will be available for separate purchase through Microsoft’s storefront. These will be entirely separate products from the Xbox One versions of the game and won’t take advantage of the Xbox Play Anywhere initiative. This eliminates both cross-platform multiplayer and purchases between Windows 10 and Xbox One, Read more about Buy Call of Duty Infinite Warfare from the Windows 10 Store: don’t get to play with Xbox or Steam players[…]

Cisco’s job applications site leaked personal data

Posted on by Robin Edgar

Cisco has fixed a vulnerability in its Professional Careers portal that may have exposed truckloads of personal information. The networking giant has sent an email to affected users in which it says a “limited set of job application related information” was leaked from the mobile version of the website, blaming an “incorrect security setting” placed Read more about Cisco’s job applications site leaked personal data[…]

MechWarrior: Living Legends Community Edition 0.8 released

Posted on by Robin Edgar

Almost a decade ago, a talented team started working on what was to become the favorite game for many of us. Version 0.7.1, released in 2013, was to be the final version of MechWarrior: Living Legends by Wandering Samurai Studios. Our community has stayed loyal and active since then, bringing us amazing events such as Read more about MechWarrior: Living Legends Community Edition 0.8 released[…]

New, more-powerful IoT botnet infects 3,500 devices in 5 days

Posted on by Robin Edgar

Linux/IRCTelnet, as the underlying malware has been named, borrows code from several existing malicious IoT applications. Most notably, it lifts entire sections of source code from Aidra, one of the earliest known IoT bot packages. Aidra was discovered infecting more than 30,000 embedded Linux devices in an audacious and ethically questionable research project that infected Read more about New, more-powerful IoT botnet infects 3,500 devices in 5 days[…]

“You’re all going to die”: A scientifically proven pep-talk for winning

Posted on by Robin Edgar

For the study, Greenberg and colleagues first recruited basketball players to play two back-to-back, one-on-one games with lead researcher Colin Zestcott, another psychologist at the University of Arizona. (The players didn’t know that Zestcott was a researcher; they thought he was another study participant.) After the first game, half of the participants were randomly assigned Read more about “You’re all going to die”: A scientifically proven pep-talk for winning[…]

Mirai botnet attackers are trying to knock an entire country (Liberia) offline

Posted on by Robin Edgar

The nation state has a single point of failure fiber, recently installed in 2011, and it could spell disaster for dozens of other countries The attack was said to be upwards of 1.1Tbps — more than double the attack a few weeks earlier on security reporter Brian Krebs’ website, which was about 620Gbps in size, Read more about Mirai botnet attackers are trying to knock an entire country (Liberia) offline[…]