Geek Stuff

Researchers Discover SS7 Flaw, Allowing Total Access To Any Cell Phone, Anywhere

Slashdot -

krakman writes: Researchers discovered security flaws in SS7 that allow listening to private phone calls and intercepting text messages on a potentially massive scale – even when cellular networks are using the most advanced encryption now available. The flaws, to be reported at a hacker conference in Hamburg this month, are actually functions built into SS7 for other purposes – such as keeping calls connected as users speed down highways, switching from cell tower to cell tower – that hackers can repurpose for surveillance because of the lax security on the network. It is thought that these flaws were used for bugging German Chancellor Angela's Merkel's phone. Those skilled at the housekeeping functions built into SS7 can locate callers anywhere in the world, listen to calls as they happen or record hundreds of encrypted calls and texts at a time for later decryption (Google translation of German original). There is also potential to defraud users and cellular carriers by using SS7 functions, the researchers say. This is another result of security being considered only after the fact, as opposed to being part of the initial design.

Read more of this story at Slashdot.








Google Project Ara: Marvell, NVIDIA developing CPU modules

Liliputing -

Google plans to launch its modular smartphone code-named Project Ara in 2015. Eventually what Google hopes to sell is just the skeleton of a phone designed to run Android software. Customers will be able to choose their own screen, processor, camera, and other hardware by picking modules. Early prototypes have been powered by Texas Instruments OMAP […]

Google Project Ara: Marvell, NVIDIA developing CPU modules is a post from: Liliputing

Skeptics Would Like Media To Stop Calling Science Deniers 'Skeptics'

Slashdot -

Layzej writes: Prominent scientists, science communicators, and skeptic activists, are calling on the news media to stop using the word "skeptic" when referring to those who refuse to accept the reality of climate change, and instead refer to them by what they really are: science deniers. "Not all individuals who call themselves climate change skeptics are deniers. But virtually all deniers have falsely branded themselves as skeptics. By perpetrating this misnomer, journalists have granted undeserved credibility to those who reject science and scientific inquiry."

Read more of this story at Slashdot.








Scientists Discover That Exercise Changes Your DNA

Slashdot -

HughPickens.com writes The human genome is astonishingly complex and dynamic, with genes constantly turning on or off, depending on what biochemical signals they receive from the body. Scientists have known that certain genes become active or quieter as a result of exercise but they hadn't understood how those genes knew how to respond to exercise. Now the NYT reports that scientists at the Karolinska Institute in Stockholm have completed a study where they recruited 23 young and healthy men and women, brought them to the lab for a series of physical performance and medical tests, including a muscle biopsy, and then asked them to exercise half of their lower bodies for three months. The volunteers pedaled one-legged at a moderate pace for 45 minutes, four times per week for three months. Then the scientists repeated the muscle biopsies and other tests with each volunteer. Not surprisingly, the volunteers' exercised leg was more powerful now than the other, showing that the exercise had resulted in physical improvements. But there were also changes within the exercised muscle cells' DNA. Using technology that analyses 480,000 positions throughout the genome, they could see that new methylation patterns had taken place in 7,000 genes (an individual has 20–25,000 genes). In a process known as DNA methylation, clusters of atoms, called methyl groups, attach to the outside of a gene like microscopic mollusks and make the gene more or less able to receive and respond to biochemical signals from the body. In the exercised portions of the bodies, many of the methylation changes were on portions of the genome known as enhancers that can amplify the expression of proteins by genes. And gene expression was noticeably increased or changed in thousands of the muscle-cell genes that the researchers studied. Most of the genes in question are known to play a role in energy metabolism, insulin response and inflammation within muscles. In other words, they affect how healthy and fit our muscles — and bodies — become. Many mysteries still remain but the message of the study is unambiguous. "Through endurance training — a lifestyle change that is easily available for most people and doesn't cost much money," says Sara Lindholm, "we can induce changes that affect how we use our genes and, through that, get healthier and more functional muscles that ultimately improve our quality of life."

Read more of this story at Slashdot.








Colorado Sued By Neighboring States Over Legal Pot

Slashdot -

SternisheFan notes that Nebraska and Oklahoma are suing Colorado over marijuana legalization. The attorneys general of Nebraska and Oklahoma sued Colorado in the U.S. Supreme Court on Thursday, arguing state-legalized marijuana from Colorado is improperly spilling across state lines. The suit invokes the federal government's right to regulate both drugs and interstate commerce, and says Colorado's decision to legalize marijuana has been "particularly burdensome" to police agencies on the other side of the state line. In June, USA TODAY highlighted the flow of marijuana from Colorado into small towns across Nebraska: felony drug arrests in Chappell, Neb., just 7 miles north of the Colorado border have skyrocketed 400% in three years. "In passing and enforcing Amendment 64, the state of Colorado has created a dangerous gap in the federal drug control system enacted by the United States Congress. Marijuana flows from this gap into neighboring states, undermining plaintiff states' own marijuana bans, draining their treasuries, and placing stress on their criminal justice systems," says the lawsuit. "The Constitution and the federal anti-drug laws do not permit the development of a patchwork of state and local pro-drug policies and licensed distribution schemes throughout the country which conflict with federal laws."

Read more of this story at Slashdot.








Kepler Makes First Exoplanet Discovery After Mission Reboot

Slashdot -

astroengine writes NASA's Kepler space telescope has detected its first new extrasolar planet after mission engineers were able to save the mission from a premature death after two of the exoplanet hunter's four stabilizing reaction wheels failed last year. Called "K2," the extended mission arose from an "innovative idea" that appears to have given the prolific telescope a new lease on life. "Last summer, the possibility of a scientifically productive mission for Kepler after its reaction wheel failure in its extended mission was not part of the conversation," said Paul Hertz, NASA's astrophysics division director at the agency's headquarters in Washington D.C. "Today, thanks to an innovative idea and lots of hard work by the NASA and Ball Aerospace team, Kepler may well deliver the first candidates for follow-up study by the James Webb Space Telescope to characterize the atmospheres of distant worlds and search for signatures of life."

Read more of this story at Slashdot.








Review: The BlackBerry Classic Is One of the Best Phones of 2009

Slashdot -

Molly McHugh writes When Apple launched the iPhone in 2007, and I owned a BlackBerry Curve. To me, my BlackBerry was close to being the absolute perfect smartphone. Today, BlackBerry revealed the Classic, a phone that is designed to make me—and everyone who owned a BlackBerry before the touchscreen revolution—remember how much we loved them.

Read more of this story at Slashdot.








FBI Confirms Open Investigation Into Gamergate

Slashdot -

v3rgEz writes In a terse form letter responding to a FOIA request, the FBI has confirmed it has an open investigation into Gamergate, the loose but controversial coalition of gamers calling for ethics in gaming journalism — even as some members have harassed and sent death threats to female gaming developers and critics.

Read more of this story at Slashdot.








Satellite Captures Glowing Plants From Space

Slashdot -

sciencehabit writes About 1% of the light that strikes plants is re-emitted as a faint, fluorescent glow—a measure of photosynthetic activity. Today, scientists released a map of this glow as measured by the Orbiting Carbon Observatory-2, a NASA satellite launched in July with the goal of mapping the net amount of carbon in the atmosphere. The map reveals that tropical rainforests near the equator are actively sucking up carbon, while the Corn Belt in the eastern United States, near the end of its growing season, is also a sink. Higher resolution fluorescence mapping could one day be used to help assess crop yields and how they respond to drought and heat in a changing climate.

Read more of this story at Slashdot.








Investigation: Apple Failing To Protect Chinese Factory Workers

Slashdot -

mrspoonsi writes with the findings of an investigation into working conditions at a factory that makes Apple products. Poor treatment of workers in Chinese factories which make Apple products has been discovered by an undercover BBC Panorama investigation. Filming on an iPhone 6 production line showed Apple's promises to protect workers were routinely broken. It found standards on workers' hours, ID cards, dormitories, work meetings and juvenile workers were being breached at the Pegatron factories. Apple said it strongly disagreed with the programme's conclusions. Exhausted workers were filmed falling asleep on their 12-hour shifts at the Pegatron factories on the outskirts of Shanghai. One undercover reporter, working in a factory making parts for Apple computers, had to work 18 days in a row despite repeated requests for a day off. Another reporter, whose longest shift was 16 hours, said: "Every time I got back to the dormitories, I wouldn't want to move. Even if I was hungry I wouldn't want to get up to eat. I just wanted to lie down and rest. I was unable to sleep at night because of the stress."

Read more of this story at Slashdot.








Critical Git Security Vulnerability Announced

Slashdot -

An anonymous reader writes Github has announced a security vulnerability and has encourage users to update their Git clients as soon as possible. The blog post reads in part: "A critical Git security vulnerability has been announced today, affecting all versions of the official Git client and all related software that interacts with Git repositories, including GitHub for Windows and GitHub for Mac. Because this is a client-side only vulnerability, github.com and GitHub Enterprise are not directly affected. The vulnerability concerns Git and Git-compatible clients that access Git repositories in a case-insensitive or case-normalizing filesystem. An attacker can craft a malicious Git tree that will cause Git to overwrite its own .git/config file when cloning or checking out a repository, leading to arbitrary command execution in the client machine. Git clients running on OS X (HFS+) or any version of Microsoft Windows (NTFS, FAT) are exploitable through this vulnerability. Linux clients are not affected if they run in a case-sensitive filesystem....Updated versions of GitHub for Windows and GitHub for Mac are available for immediate download, and both contain the security fix on the Desktop application itself and on the bundled version of the Git command-line client."

Read more of this story at Slashdot.








EFF 2014 Holiday Wish List

EFF's Deeplinks -

For the last three years, EFF has greeted the holiday season by publishing a list of things we'd like to see happen in the coming year. Sometimes these are actions we'd like to see taken by companies, and sometimes our wishes are aimed at governments, but we also include actions everyday people can take to advance our digital civil liberties. This year has seen great progress in areas such as transparency reports and encrypting digital communications. We want to build on that progress in 2015.

Here are some of the things we're wishing for this holiday:

  • News organizations and individual journalists should make it easy to securely accept documents from anonymous sources by setting up their own instances of SecureDrop.
  • President Obama should stand up for the privacy rights of people all over the world and amend Executive Order 12333 to prohibit mass surveillance. Most people have never heard of it, but Executive Order 12333 is "the primary authority under which the country’s intelligence agencies conduct the majority of their operations." So while the U.S. Congress is considering bills to curtail mass telephone surveillance, the NSA’s primary surveillance authority will be left unchallenged. Let's change that in 2015.
  • Congress should pass meaningful reform to the Computer Fraud and Abuse Act and the Electronic Communications Privacy Act.
  • Companies that provide digital communications services should enable real end-to-end encryption for users, without backdoors for law enforcement--we're looking at you Verizon! There have been some great steps in this direction already, but we want to see a race to the top.
  • Websites should honor Do Not Track.
  • Facebook should follow the lead of Google+ and drop its harmful "real names" policy.
  • Congress should defend users and refuse to put secret trade agreements, like the Trans-Pacific Partnership (TPP) agreement, on the fast track to ratification. Deals like TPP include provisions that threaten digital rights for Internet users everywhere in the name of intellectual property protection.
  • US policymakers should strongly advocate for the benefits of a flexible fair use system. When they are involved in international policymaking, they should propose safeguards for users to counteract extreme copyright restrictions. They should start by supporting a legally binding treaty for copyright exceptions and limitations for libraries and archives.
  • All Internet sites should adopt cryptographic best practices for every connection, every time, including PFS, STARTTLS, HSTS, and encrypted traffic between data centers.
  • Companies should offer clear guidelines and a path for the disclosure of vulnerabilities that will not get security researchers sued.
  • The NSA and the Office of the Director of National Intelligence should disclose its Vulnerability Equities Process. All that they've told us so far is that this process is used to determine whether to disclose software security flaws known as "zero days" or to keep them secret for their own use, but we've had to file a FOIA lawsuit to get the details.
Related Issues: Free SpeechAnonymityPrivacyNSA SpyingSocial NetworksSecurity
Share this:   ||  Join EFF

Marissa Mayer's Reinvention of Yahoo! Stumbles

Slashdot -

schnell writes The New York Times Magazine has an in-depth profile of Marissa Mayer's time at the helm of Yahoo!, detailing her bold plans to reinvent the company and spark a Jobs-ian turnaround through building great new products. But some investors are saying that her product focus (to the point of micromanaging) hasn't generated results, and that the company should give up on trying to create the next iPod, merge with AOL to cut costs and focus on the unglamorous core business that it has. Is it time for Yahoo! to "grow up" and set its sights lower?

Read more of this story at Slashdot.








Ars Reviews Skype Translator

Slashdot -

Esra Erimez writes Peter Bright doesn't speak a word of Spanish but with Skype Translator he was able to have a spoken conversation with a Spanish speaker as if he was in an episode of Star Trek. He spoke English. A moment later, an English language transcription would appear, along with a Spanish translation. Then a Spanish voice would read that translation.

Read more of this story at Slashdot.








Extracting Data From the Microsoft Band

Slashdot -

An anonymous reader writes The Microsoft Band, introduced last month, hosts a slew of amazing sensors, but like so many wearable computing devices, users are unable to access their own data. A Brown University professor decompiles the app, finds that the data is transmitted to the Microsoft "cloud", and explains how to intercept the traffic to retrieve the raw minute-by-minute data captured by the Band.

Read more of this story at Slashdot.








"Team America" Gets Post-Hack Yanking At Alamo Drafthouse, Too

Slashdot -

Slate reports that even old movies are enough to trigger a pretty strong knee jerk: Team America, World Police , selected as a tongue-in-cheek replacement by Dallas's Alamo Drafthouse Theater for the Sony-yanked The Interview after that film drew too much heat following the recent Sony hack, has also been pulled. The theater's tweet, as reprinted by Slate: "due to circumstances beyond our control,” their Dec. 27 Team America screening has also been canceled." If only I had a copy, I'd like to host a viewing party here in Austin for The Interview, which I want to see now more than ever. (And it would be a fitting venue.)

Read more of this story at Slashdot.








Grinch Vulnerability Could Put a Hole In Your Linux Stocking

Slashdot -

itwbennett writes In a blog post Tuesday, security service provider Alert Logic warned of a Linux vulnerability, named grinch after the well-known Dr. Seuss character, that could provide attackers with unfettered root access. The fundamental flaw resides in the Linux authorization system, which can inadvertently allow privilege escalation, granting a user full administrative access. Alert Logic warned that Grinch could be as severe as the Shellshock flaw that roiled the Internet in September.

Read more of this story at Slashdot.








Microsoft releases Denim Update for select Lumia phones

Liliputing -

Microsoft is starting to roll out the Denim software update for Lumia phones that the company first unveiled in September. The new software is based on Windows 8.1, but it adds improvements to the camera and Cortana voice assistant, among other things. The Denim update is initially available for the Lumia 830, Lumia 930, Lumia 1520, […]

Microsoft releases Denim Update for select Lumia phones is a post from: Liliputing

Pages

Subscribe to debianHELP aggregator - Geek Stuff