Ye Ole Slug: May 2014

Friday, May 30, 2014

YouTube Releases the Google Video Quality Report

'The Google Video Quality Report is available to people in the U.S. and Canada, where it launched in January. It compares your streaming video quality to three standards

Thursday, May 29, 2014

Google launches right-to-be-forgotten application form

The company has been inundated with take-down requests after Europe’s top court supported the controversial right to be forgotten in a landmark ruling.

DuckDuckGo Compared to Google, Bing, Yandex

An additional side effect of DuckDuckGo’s lack of user tracking, be it positive or negative, is that all users across the globe will see the same search results for a given query.

Wednesday, May 28, 2014

Samsung's new 1TB SSD is based on latest 3D technology

and the drive is based on Samsung's second generation V-NAND technology, in which storage chips are stacked vertically

‘Using TrueCrypt Is Not Secure’

That page includes instructions for helping Windows users transition drives protected by TrueCrypt over to BitlLocker, the proprietary disk encryption program that ships with every Windows version since Vista.

Monday, May 26, 2014

iPhones, iPads Hacked And Held For Ransom In Australia

Those affected discovered a message on the screen reading "Device hacked by Oleg Pliss" and a demand of between $50 and $100 to unlock it.

Registry hack enables continued updates for Windows XP

The security updates that could be installed are intended for Windows Embedded and Windows Server 2003 customers and do not fully protect Windows XP customers. Windows XP customers also run a significant risk of functionality issues with their machines if they install these updates, as they are not tested against Windows XP.

Thursday, May 22, 2014

Apple patches Safari

Apple has released a pair of software updates for its Safari web browser following the discovery of multiple vulnerabilities that could leave users at risk of remote attacks.

Wednesday, May 21, 2014

New Internet Explorer 8 0-day

The specific flaw exists within the handling of CMarkup objects. The allocation initially happens within CMarkup::CreateInitialMarkup. Nothing in the wild yet.

iCloud Hacked?

This is still in the rumor category. "iCloud security has reportedly been compromised by a pair of hackers who have been able to unlock as many as 30,000 stolen iPhones just in the last few days. "

eBay asks users to reset passwords

After conducting extensive tests on its networks, the company said it has no evidence of the compromise resulting in unauthorized activity for eBay users, and no evidence of any unauthorized access to financial or credit card information, which is stored separately in encrypted formats. However, changing passwords is a best practice and will help enhance security for eBay users.

Tuesday, May 20, 2014

‘Blackshades’ Trojan

The U.S. Justice Department today announced a series of actions against more than 100 people accused of purchasing and using “Blackshades,” a password-stealing Trojan horse program

Monday, May 19, 2014

Android "police warning" ransomware

Note that because Koler has not made it into the Google Play Store, you need to have "Allow installation of apps from unknown sources" enabled in your Android security settings to be at risk.

Beware Tech Support Scams

The company she had reached, PCCare247, was based in India but had built a lucrative business advertising over the Internet to Americans, encouraging them to call for tech support.

Don't stop attackers getting in, stop them getting out

Banks and financial institutions are increasingly the target of cyber attack and it is becoming more and more apparent that those out to stop such attacks have accepted that you can’t stop them getting in. You have to stop them getting out.

Sunday, May 18, 2014

Soylent 1.0 arrives at Ars: We mix it up and slurp it down

The liquid only diet.

Thursday, May 15, 2014

Google Apps Message Encryption (GAME)

Google is making available a service to allow its enterprise customers to send and receive encrypted email to users of non-Google mail systems, including Yahoo and Microsoft Exchange.

Microsoft Security Intelligence Report 16

This volume of the Microsoft Security Intelligence Report focuses on the third and fourth quarters of 2013, with trend data for the last several quarters presented on a quarterly basis. Because vulnerability disclosures can be highly inconsistent from quarter to quarter and often occur disproportionately at certain times of the year, statistics about vulnerability disclosures are presented on a half-yearly basis.

OS X Mavericks 10.9.3 Update

All Mavericks users should upgrade.

Tuesday, May 13, 2014

Google Chrome Update

This update includes 3 security fixes. Below, we highlight fixes that were either contributed by external researchers or particularly interesting. Please see the Chromium security page for more information.

Adobe Patch Tuesday

Six critical vulnerabilities for Adobe Flash. Update now.

Microsoft Patch Tuesday

Microsoft has released patches for May. Please update your Windows PCs via "Check for Updates."

Porn threatens network security of public institutions

Many free porn sites secretly sell their ability to spread malware, Nelson continued, and this poses a risk to government departments.

Monday, May 12, 2014

Microsoft gives Windows 8.1 users a reprieve

Consumers now have until June 10 to get off Windows 8.1 and on Windows 8.1 Update to keep receiving patches

Lectures Aren't Just Boring, They're Ineffective, Too, Study Finds

Although there is no single definition of active learning approaches, they include asking students to answer questions by using handheld clickers, calling on individuals or groups randomly, or having students clarify concepts to each other and reach a consensus on an issue.

Teen Arrested for 30+ Swattings, Bomb Threats

The false alarms — two of which targeted this reporter — involved calling in phony bomb threats and multiple attempts at “swatting” — a hoax in which the perpetrator spoofs a call about a hostage situation or other violent crime in progress in the hopes of tricking police into responding at a particular address with deadly force.

Sunday, May 11, 2014

Mozilla tries to placate Firefox users over sponsored tab page

that it isn't planning on turning the web browser into an ad-fest

Microsoft Windows 8.1 Surface Mini vs. iPad Mini

No words about pricing are out yet but we are expecting it to be priced somewhere between $300-$350 for 32GB Wi-Fi only variant if Microsoft is really looking to give iPad Mini some competition.

Thursday, May 8, 2014

Apple Can Extract Texts, Photos, Contacts From Locked iPhones

If law enforcement gets hold of your locked iPhone and has some interest in its contents, Apple can pull all kinds of content from the device

Flash and Java still as vulnerable as ever, says Microsoft

Microsoft's latest Security Intelligence Report for the second half of 2013 sees Java and Flash as the top attack vectors, with Java being nearly the default

Wednesday, May 7, 2014

Google Maps gets an upgrade

Update tells you which lane to drive in and even lets you download maps to use offline

Microsoft and Google among tech firms demanding net neutrality in FCC letter

Despite FCC chairman Tom Wheeler's proclamation that it is "flat out wrong" to say that the suggested framework, which would see implementation of "fast lanes" for premium paying customers, would spell the end of net neutrality, there is a significant discomfort across the IT sector.

In late April, Chris Poole, aka moot, the founder of 4chan, announced that the image-based bulletin board had suffered a data breach. To prevent future incidents, the company has not only implemented additional security measures, but it has also launched a bug bounty program.

Tuesday, May 6, 2014

Google cooperating with NSA?

National Security Agency head and Internet giant’s executives have coordinated through high-level policy discussions

Dropbox told about vulnerability in November 2013

Dropbox was contacted yesterday by the media, investigating the claims being made by Intralinks – a file sharing and collaboration service for enterprises – after it revealed that it had stumbled across individuals’ mortgage applications and income tax returns

Friday, May 2, 2014

Serious security flaw in OAuth and OpenID discovered

serious vulnerability "Covert Redirect" flaw can masquerade as a login popup based on an affected site's domain. Covert Redirect is based on a well-known exploit parameter.