TweakTown NewsRefine News by Category:
Earlier this week, Facebook publicly denied a bounty that was claimed by a Palestinian researcher over a security flaw found in Facebook's code. Basically the flaw allowed Khalil Shreateh to post on any Facebook user's wall regardless of their security settings, whether he was their friend or not.
After reporting the bug to Facebook several times, the white hat hacker took matters into his own hands and managed to post on Mark Zuckerberg's wall. This obviously got the attention of Facebook's support staff, but they denied Shreateh's penalty claim saying that by hacking posts onto users walls, he actually violated Facebook's terms of service.
This is where Marc Maiffret, CTO of BeyondTrust comes into the picture. He feels that Shreateh's efforts to inform the social network of a serious security flaw should not go unnoticed and should be compensated accordingly. He has turned to crowdfunding site GoFundMe to raise $10,000 to compensate the hacker for his efforts. Maiffret put his money where his mouth is and started the campaign with $3000 out of his own pocket.
The owners of the popular "Open Source" legal advice website Groklaw announced today that they will follow in the footsteps of Lavabit and close their doors forever. The official announcement says that Groklaw planned to shut down after Lavabit's owner announced that he had stopped using email and that if we "knew what he knew then we would stop too."
That announcement must have shook the Groklaw owners to the core as they say that without secure email there is no way their website can continue to exist. The official announcement goes on to hit on topics such as Scripture, 9/11, and even into the personal break-in and burglary of the owner's home. I feel like Groklaw is taking the situation as an easy way out and using recent events as a scapegoat to justify the closure of their website.
Over 100 miles of Britain's historic canals and waterways will soon make their way onto Google's Street View project as the UK Canals and River Trust has managed to borrow one of the company's Trekker backpacks for the project.
The 4-foot, 40-pound photographic backpack will capture the 200-year-old canals in their full 360-degree glory at a rate of one photo every 2.5 seconds. The trek will begin with the Regents Canal in London this week. On this journey, the group will capture the 3.25-mile-long Standedge Tunnel in Yorkshire as well as the Grand Union Canal in Stoke Bruerne.
The Trust's Wendy Hawk said: "We're delighted to be the first people in the UK to get the Trekker on our backs - it's fantastic that our 200-year old network is being given a different lease of life thanks to cutting edge, 21st-century technology. The footage we get will allow millions of people from all over the world to see our canals, rivers and towpaths, and will hopefully encourage some people to make a trip to see them."
Edward Snowden, who you should know by now is one of the biggest whistleblowers ever, has said that the NSA targeted reporters who wrote 'critically' about the government over the September 11, 2001 attacks in the US and warned it was "unforgivably reckless" for journalists to use unencrypted e-mail when discussing sensitive matters.
This is coming from an interview between Snowden and the New York Times Magazine, where Snowden said he came to trust Laura Poitras, a documentary filmmaker who helped report his disclosure of the NSA's spying programs along with Guardian reporter, Glenn Greenwald, because she herself had been targeted by the US spy agency.
Snowden said in the article: "Laura and [Guardian reporter] Glenn [Greenwald] are among the few who reported fearlessly on controversial topics throughout this period, even in the face of withering personal criticism, and resulted in Laura specifically becoming targeted by the very programs involved in the recent disclosures."
On Friday, LG held an event called LG In The Clouds in one of the outdoor parks in Seoul, South Korea, to promote its new G2 smartphone launch. During the event, LG released 100 helium filled balloons with a voucher for a free G2 inside each balloon.
Guests arrived with BB guns, knives, sticks, and pointed staffs that would be used to shoot down the balloons containing the vouchers that are worth about KRW 950,000 or $851 USD. As you can expect, things did not go as planned and at least 20 attendees were injured in the mad dash to grab one of the vouchers.
LG has agreed to cover the medical costs of those injured who went to the hospital on Friday and in a statement said that similar planned events have been canceled due to safety concerns. One TV channel in Seoul dubbed the event "World War G," making a comparison to the movie World War Z in which zombies climb over each other in order to reach a wall.
Today, Newegg announced that it will be opening its first ever "pop-up" retail store in the US. The store is located inside The Oaks shopping center in Thousand Oaks, California, and will be open for three days only on the dates of August 16-18. Newegg says that the store will feature over 70 products from big-name brands, including Intel, Samsung, Sony, Western Digital, and many more.
The event is designed to give customers the unique opportunity to test drive the latest back-to-school technology products including PCs, laptops, tablets, monitors, and external hard drives. Newegg says that staff will be on hand to answer any questions consumers may have. Store hours will be 10am-9pm PDT on the 16th and 17th and 11am-7pm on the 18th.
"Showrooming is a reality today, so this back-to-school season, we wanted to give our customers a chance to interact with some of our most popular products in person in a traditional in-store environment," said Soren Mills, chief marketing officer at Newegg. "Newegg has already built an outstanding reputation for being a trusted online retailer of computers and electronics. We're thrilled to open Newegg's first ever pop-up store and hope our customers enjoy this special opportunity."
A document on the NSA.gov website has stated that the government spy agency "touches" 1.6% of the huge 1,826 petabytes of data that crosses the data cables that makes up the Internet each day.
Of this data, the NSA flicks through 29PB of it, or 29 million gigabytes, which is quite the insane number. The NSA says that just 0.025% of that data is selected for review. The document states: "The net effect is that NSA analysts look at 0.00004 percent of the world's traffic in conducing their mission - that's less than one part in a million. Put another way, if a standard basketball court represented the global communications environment, NSA's collection would be represented by an area smaller than a dime on that basketball court."
Throughout the document, the NSA defends its legal basis, dismissing claims that it was conducting dragnet-style operations, except for the instances that fall under the umbrella of counter-terrorism and involve telephone metadata. You can read more on the document here, which is just filled with "it's okay, American citizens, we're not spying on you..."
We've been covering as much of the Edward Snowden news as possible, but it looks like there are plenty of other people and groups who think he's being treated unfairly. Over 150 civil society organizations from around the world are pressuring President Obama to end the prosecution of the NSA whistleblower.
Human rights, digital rights and media freedom campaigners from across the globe have joined together to call on the US administration to acknowledge Snowden as a whistleblower. They're wanting him protected, not persecuted. At the end of the day, all he has done has exposed the truth - something the US government and its various agencies have been using billions of dollars of tax payers' money to build, and then spy on those citizens with.
If Snowden is persecuted, it's going to stop other "whistleblowers" in the future from stepping forward. The US is already a police state, but if people are hunted down and murdered (Michael Hastings, for example), then we need to redefine the word "freedom."
One would think this is fear mongering, but it's real, and it's here. Security experts are now warning website operators to test their HTTPS traffic, as it might be vulnerable to a new crypto attack that can be used to take users' information.
The attack is called Browser Reconnaissance and Exfiltration via Adaptive Compression of Hypertext, or BREACH, and was detailed in a Department of Homeland Security (DHS) "BREACH vulnerability in compressed HTTPS" advisory issued on Friday. The DHS warned that "a sophisticated attacker may be able to derive plaintext secrets from the ciphertext in an HTTPS stream."
The vulnerability was exposed last Thursday at the Black Hat conference in Las Vegas by Salesforce.com Lead Product Security Engineer, Neal Harris, along with Salesforce.com Lead Security Engineer, Yoel Gluck. Their HTTPS crypto attack can watch "the size of the cipher text received by the browser while triggering a number of strategically crafted requests to a target site" according to exploit details provided to the DHS by Prado.
I've said it once, and I'll say it again, there is no privacy anymore. If you're connected to an electronic device, or live in a country with electricity and technology, then you're monitored in one way or another. But just how bad can it get?
Well, the Drug Enforcement Administration (DEA) have been receiving tips from the National Security Agency (NSA). DEA officials in a highly secret office dubbed the Special Operations Division (SOD) are assigned to handle tips from the NSA. These tips are added to a DEA database that includes "intelligence intercepts, wiretaps, informants and a massive database of telephone records."
The SOD's work is completely classified, so that DEA cases that started from NSA tips can't be tracked back to the NSA as its source. But what exactly does the DEA do? Well, they create a story of how they came to the case, in something they call "parallel construction," reports Reuters. Reuters explains this: "Some defense lawyers and former prosecutors said that using "parallel construction" may be legal to establish probable cause for an arrest. But they said employing the practice as a means of disguising how an investigation began may violate pretrial discovery rules by burying evidence that could prove useful to criminal defendants."