New "top secret" slides released by The Washington Post on Saturday shed further light on the U.S. National Security Agency's (NSA) PRISM program, which was first publicly disclosed through a series of leaks by former government contractor turned whistleblower Edward Snowden earlier this month.
Tags: NSAPRISMIndustry NewsPrivacyl33tdawgIn the wake of the recent NSA / Prism debacle, there has been a large push for secure, encrypted communications for the average user. This essentially means employing cryptography solutions in order to protect private communications from eavesdroppers (government or otherwise).
Tags: EncryptionSecurityIndustry Newsl33tdawgNorton has pinged Facebook for slurping Android users' phone numbers without their consent. The findings, posted here, were announced along with a new version of the company's Android security app.
Norton, which once famously blocked Facebook as a phishing site, says the updated Mobile Insight flagged Facebook for Android as leaking the device phone numbers, affecting a “significant portion” of the hundreds of millions of people who have downloaded the app from Google Play.
Tags: FacebookPrivacyl33tdawgBooz Allen Hamilton, the United States company that employed NSA bulk surveillance whistleblower Edward Snowden, is looking for a quantum information physicist.
Quantum information technology is currently intensely researched, among other things, to provide secure encryption that is capable of discovering eavesdropping when wiretapping changes the state of the communications link.
Tags: Industry Newsl33tdawgBlackBerry's total market value plunged by more than one-fourth on Friday after the smartphone maker reported dismal quarterly results, prompting ever-deeper skepticism about a long-promised turnaround.
BlackBerry, which has struggled to claw back market share from the likes of Apple Inc's iPhone, Samsung Electronics Co Ltd's Galaxy phones and other devices powered by Google Inc's Android operating system, reported a loss in the fiscal first quarter ended June 1, and sales of its make-or-break new line of devices were softer than expected.
Tags: BlackBerryRIMIndustry Newsl33tdawgExpect to see a number of unhappy faces at Nintendo headquarters this weekend – at least, wherever Nintendo's legal team sits – as the company has officially lost an appeal with the World Intellectual Property Organization over the rights to the domain name wiiu.com.
Didn't expect to see that one coming, eh?
Tags: NintendoIndustry NewsLaw and Orderl33tdawgToday, German magazine Der Spiegel reported that it got a look at slides detailing the systematic bugging of European Union offices in the US. The news from the paper cited top-secret documents “that Spiegel has in part seen,” which were dated from 2010 and were recently obtained by Edward Snowden. The paper did not publish any of the documents it claims to have reviewed.
Tags: USGermanyPrivacyl33tdawgInformation security professionals need to keep an eye on the always-evolving cyber threat landscape. Accomplishing this involves understanding how changes in people’s use of technology influence the opportunities and techniques pursued by criminals on-line. Below are 5 tech trends that have affected the evolution of threats.
Mainstream adoption of the Internet into daily activities. The Internet has become so interwoven into our lives that we often don’t notice when activities make use of Internet-connected resources. Technology that allows people and businesses to utilize Internet connectivity has become so convenient, that even non-technical people, old and young, are able to harness the power of the web. As the result:
The increase in usefulness and popularity of mobile devices. Powerful pocket-sized computers with always-on Internet connectivity, also known as phones„ have become so common, that we rarely make a distinction between a regular and a “smart" phone. Overall, mobile devices have become as integral to the modern way of life as glasses, wallets and shoes. As the result:
The popularity and acceptance of online social networking. While initially seen as serving the needs of niche groups, websites such as Twitter, Facebook and LinkedIn, have been joined by numerous others to support new ways in which people socialize online. Social networking sites have become the backbone of modern interactions. As the result:
The connectivity between “physical" and “virtual" worlds. Objects, tools and other constructs (e.g., thermostats, industrial control systems, home automation devices) in the “physical" world are increasingly connected to the web, giving rise to the concept of the "Internet of things." As the result:
The acceptance of cloud computing. The use of external, virtualized and/or outsourced IT resources has gained mainstream adoption for not only personal, but also enterprise applications. The cloud is permeating all aspects of modern life. It is becoming increasingly difficult and unnecessary to make a distinction between traditional and cloud-based technologies. As the result:
Though I’ve broken out technology trends as distinct observations, they are interrelated within a system that comprises the modern way of life, which incorporates phones, social exchanges, interconnectedness and cloud services into its very fabric. Similarly, the trends in attack strategies, targets and rewards are intertwined to create the reality that infosec professionals need to understand and safeguard.
(author unknown)This week, you've joined us for the liveblogs and heard the many different announcements from Microsoft's Build developer conference. We got an extensive hands-on look at the new features in Windows 8.1 and its many interface changes. We also touched on Windows' new out-of-the-box 3D printing capabilities and took a stroll through the vastly improved Windows Store. After all that, we perused the miniature show floor, which was mostly a showcase of some of the latest Windows products. Take a peek.
Build had a show floor with all sorts of the latest hardware running Microsoft software.
23 more images in gallery
Video story on Animal Planet.
As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered.
The recent leak of source code for a powerful piece of bank-fraud malware may spawn a surge of advanced botnet attacks carried out by copycat hackers who previously didn't have the skill to pull off such feats, security researchers warned.
Carberp, as the botnet-creation toolkit is known, previously sold in underground crime forums for as much as $40,000 a license. In the last week, source code for the crimeware began circulating online for free and can now be acquired by many people who have a few hours to poke around. While the leak is a boon for researchers who want to know as much as possible about the inner workings of sophisticated malware, it also comes with a dark side: it isn't that hard for malware newcomers to get their hands on the 1.88 GB package of code.
"In short, it does not take a genius to get a copy of the leaked source code, which makes this whole thing dangerous," Christopher Elisan, principal malware scientist in security firm RSA's FirstWatch department, wrote in a blog post published Friday. "Any script kiddie, who probably does not understand the technology, can use this which may result in dire consequences. It's like handing a bazooka to a child."
Another audio interview; this one is mostly about security and power.
schneierLast week, I gave a talk at Google. It's another talk about power and security, my continually evolving topic-of-the-moment that could very well become my next book. This installment is different than the previous talks and interviews, but not different enough that you should feel the need to watch it if you've seen the others.
There are things I got wrong. There are contradictions. There are questions I couldn't answer. But that's my process, and I'm okay with doing it semi-publicly. As always, I appreciate comments, criticisms, reading suggestions, and so on.
schneierAmid a new wave of attacks hitting government and media networks in South Korea, researchers have uncovered yet another piece of malware that destroys sensitive hard drive data and renders computers unusable.
Trojan.Korhigh, as the new wiper program is called by security firm Symantec, contains the same kind of functionality that simultaneously shut down the networks of a half-dozen banks and broadcasters in March. Like the earlier Jojka malware, Korhigh can permanently destroy stored data and overwrite a hard drive's master boot record, which contains information required for computers to reboot.
Korhigh accepts several commands that allow attackers to inflict additional damage. One "switch" changes passwords on compromised computers to "highanon2013" according to a blog post published Thursday by Symantec. Another wipes specific types of files, including those that end in .gif, .php, .dll, and 21 other extensions. Korhigh's discovery on Thursday came a day after Symantec researchers said they had identified the hacking group responsible for the March attacks. The newly identified DarkSeoul group is also responsible for a new wave of attacks that hit South Korea on Tuesday and were timed to coincide with the 63rd anniversary of the state of the Korean War.
Adding a remote kill switch to cell phones would deter theft.
Here we can see how the rise of the surveillance state permeates everything about computer security. On the face of it, this is a good idea. Assuming it works -- that 1) it's not possible for thieves to resurrect phones in order to resell them, and 2) that it's not possible to turn this system into a denial-of-service attack tool -- it would deter crime. The general category of security is "benefit denial," like ink tags attached to garments in retail stores and car radios that no longer function if removed. But given what we now know, do we trust that the government wouldn't abuse this system and kill phones for other reasons? Do we trust that media companies won't kill phones it decided were sharing copyrighted materials? Do we trust that phone companies won't kill phones from delinquent customers? What might have been a straightforward security system becomes a dangerous tool of control, when you don't trust those in power.
schneierThere's more to be announced very shortly, but we thought we'd kick things off with a taster on some extraordinarily talented acts we've managed to get a hold of. These are in no particular order. There should be something for eeeeveryone here.
****************************************************************
First up: Left/Right
Video: Santogold - L.E.S. Artistes (Left/Right Remix)
https://www.youtube.com/watch?v=_j-evh5FiKM
Chris Lund aka Left/Right has spent over 12 years working from Dallas as a dj, producer, and teacher... and even longer as a musician. His music has garnered support from Rolling Stone, DJ Mag, BT, The Crystal Method, Excision, and DJ Icey, charted in the top 10 at Beatport, Juno, TrackItDown, Hype Machine, and received airplay in scores of countries around the world.
With degrees in both music composition and audio engineering, Chris loves to create music. His exciting singles, remixes, and dj mixes feature his signature broken beat, future garage, and unique bass sound and drive his energetic performances. L/R is regularly booked coast to coast and internationally to move dancefloors- including sets at Fabric (London), Burning Man, SXSW, Meltdown festivals, and his resident FUTURE events.
Site link: http://www.facebook.com/leftrightmusic
****************************************************************
Next: Bil Bless (a.k.a. Son of the Electric Ghost a.k.a. SOTEG)
Video: Bil Bless - Nas Says
https://www.youtube.com/watch?v=ThnDMl2oP5w
I'm going to make up a bio for him. If you took Richard D. James/Aphex Twin, gave him an American accent, demanded he use more dance-floor-oriented beats, had him master for a number of well-known stateside heavies, and shoved him into some dark dank underground lair where no one could possibly ever find him or hear of him except the most dedicated of cool-hunters, you'd get out the ever so enigmatic Bil Bless a.k.a. Son of the Electric Ghost a.k.a. SOTEG. We don't know how we pulled it off, but we got him to agree to come thread some of the most technical and yet beautiful bassy glitchy music through your head. I'm going to insert a personal bias here, and say that he put on the best live show I've ever seen or heard. Ever. (Sorry everyone else).
PS: No one has apparently yet found his real tune from our DCXX compilation last year (it's supposed to be a scavenger hunt...).
Site link: http://bilbless.bandcamp.com/
****************************************************************
Next: BlakOpz
Video: BlakOPz - Hunted
https://www.youtube.com/watch?v=f9_ndeqcnug
BlakOPz.....
Clandestine.
Covert.
Their shadowy presence on our roster has been confirmed only to a select few up to now – but with their first major mission alongside AESTHETIC PERFECTION and X-RX about to take place across America, the time has come for us to publicly identify BLAKOPZ as the new tactical unit in DWA's ever-more-powerful army of artists.
With collective field experience of over 20 years in the rave, industrial and related music scenes, veteran DJ/producer Mike Weir (codename "Mindbender") and producer Alex King (codename "Kill The Alex") joined forces in just 2010 to form the BLAKOPZ unit – yet have already been deployed in surgical strikes throughout America opening for the likes of FGFC820, GOD MODULE, HANZEL UND GRETYL, IMPERATIVE REACTION and AYRIA.
Site link: https://www.facebook.com/BlakOPzBAND
****************************************************************
Next: Psymbionic
Video: Beastie Boys - Intergalactic (Psymbionic Remix)
https://www.youtube.com/watch?v=vks7Yfq3cT0
As a part of the upcoming generation of electronic music producers, Psymbionic creates aural experiences that demonstrate the possibility for multi-tempo Bass Music and culture to exist within a range of more divergent influences. Passion and innovation drives this young producer, facilitating his forthcoming and past releases on labels such as Muti Music, MalLabel, and Gravitas Recordings, just to name a few.
With this latest project, John Burcham has been moving bodies and turning heads for several years, playing with acts such as Bassnectar, STS9, Beats Antique, ill.Gates, Excision, EOTO, and Tipper. In addition to festival appearances that include Nocturnal, Wakarusa, and Sonic Bloom, Psymbionic demonstrates heavy involvement both on the stage and behind the scenes at electronic showcases such as his local SXSW in Austin, TX. Burcham's work informs his repertoire with roots in the furthest reaches of the electronic music scene, and grants him a unique perspective on each crowd through the latest developments of the industry.
In a live show context, Psymbionic confronts mixes that are limited to the scope of the build and release, avoiding an industry epidemic of drop-monotony that overpowers the flow of music. Burcham seeks to prove that there are more powerful influences in moving a crowd than simple anticipation, providing an interwoven dynamic that relies on the strength of his blend, rather than the sole force or familiarity of the apex.
Psymbionic's theory of music is a journey that doesn't visit the same place twice, building excitement for what's next not because you can anticipate it, but because you've never been there before.
Site link: http://psymbionicmusic.com/
****************************************************************
Next: Au5 & Fractal
Video: Au5 & Fractal - Halcyon
https://www.youtube.com/watch?v=HXhTKddTt0o
What happens when you take trance music and merge it with glitch-hop? With a proper execution, you get the upstarts Au5 + Fractal, an east-coast duo from New Jersey + Maryland. You know how everyone has that older relative who talks about having seen The Stones, or The Beatles, etc before they got massively huge? If you see them at DEF-CON, you'll be the one telling your future kids/grand-kids that same old story about these guys. Site links: https://soundcloud.com/au5 and https://soundcloud.com/officialfractal
(author unknown)This is an interesting article about a new breed of malware that also hijack's the victim's phone text messaging system, to intercept one-time passwords sent via that channel.
schneierWhile you’re trying to come up with an idea for your next project this guy’s been building his own helicopter from whatever parts he can find. He’s just one of the aeronautical hackers featured in a story in the Daily Mail. The article’s narrative leaves us with many questions, but there’s enough info to make it worth a look.
Tags: HackersHardwareAfricaIndustry Newsl33tdawg