Facebook does Tor

You can now SSL connect to Facebooks "onion" address if you are using Tor.

Drupal 7 critical vulnerability

If you run version 7, make sure you update.

Google's Project Ara

Modular cellphone now has an intro video...

Software "Black Box" recorder for e-commerce

User Replay got $3m in funding to record user transactions.

YouTube now supports 60fps

You'll have to use HD setting when viewing.

Google's DeepMind

A "neural network" that can access external memory.

Microsoft Band (wrist) $200

Microsoft has announced a new hardware worn on the wrist that connects to the Microsoft Health service.  10 sensors including heart rate.

CurrentC has been hacked..

The proposed replacement for ApplePay/GoogleWallet etc, backed by Walmart and others, has been hacked.  Tester's email info stolen.

US Govt. sues AT&T over throttling

"Unlimited" customers throttled too much says US.

Scanbox keylogger

More malware targeted at a variety of businesses.

Google's new "I AM" latino-centric domain .SOY

Aiming at the latino markets....

OS X saving "unsaved data" to iCloud, it is encrypted but they have the key

If you work with OS X and sensitive data, you might want to read this article.

Windows 10 to get Mac like trackpad gestures

Making the trackpad a first class input device.

apt-get for Windows 10?

New powershell interface allows users to download applications from the Windows Store?

World's fastest network, 255Tbps

Multifiber, multimode, and 1Km long.

Tor exit node adding malware

A Russian exit node was adding malware to http traffic.

Samsung KNOX stores PIN in cleartext?

"Specifically, a pin.xml file stored in the ContainerApp stored on the device during setup contains the unencrypted PIN number."

 

Require-Recipient-Valid-Since (RRVS) SMTP header

Yahoo and Facebook add to the SMTP header to help eliminate abandoned email spoofing.

Retailers avoiding Apple Pay

Walmart, CVS, and others are backing CurrentC, a payment method that avoids credit card companies to avoid swipe charges.

Cryptowall surge

The ransomware has infected 800k+ PCs last month.

Google Inbox

A redesigned email interface with Android/IOS clients.  Google Now + Gmail + a few more features.

Using Windows Update to "brick" fake USB-to-Serial controllers

A chip company, FTDI, has delivered a driver via Windows Update that detects and neutralized counterfeit chips.

What is Magic Leap?

Google and others have invested in Magic Leap, wearable technology that hasn't had a public demo.  Remember the Segway?

Apple posts info about iCloud security

After China was reportedly interfering, Apple wants you to be sure that you are connecting to the proper server.

Koler android ransomware

Demands money, can spread via SMS to evil link.  Make sure you only download Apps from Google/Amazon and only very popular ones with brand name appeal.

Tesla releases all its patents

You can use them in "good faith."

Google adds USB "key" to security lineup

Via a <$30 usb key that does crypto you can now log into your Google account more securely.

New Windows 0-Day delivered via Powerpoint

A new 0-day vulnerability has been found in Windows OLE (object linking and embedding) interpreter.  The attack is being delivered as an OLE object embedded in a PowerPoint file.

Apple releases Security Patch 2014-005

Fixes the POODLE flaw in SSL.

Microsoft recalls KB 2949927 patch

Patch from last Tuesday is causing problems.

Microsoft Loves Linux?

Take a look at the slides at this Microsoft Cloud Briefing.

OS X 10.10 Review

Yosemite is out and a free upgrade.

Firefox 33

Mozilla has updated its browser, fixing some critical bugs.  Upgrade if you use it.

SSLv3 POODLE Attack

Google Security Engineers have detailed an attack on the outdated SSLv3 protocol.  Most browsers will re-negotiate to the older protocol if asked.  Quickest solution is to disable SSLv3.

Veracrypt, Truecrypt's successor

Fixes problems, more secure.  Windows Only.

Oct 2014 Patch Tuesday

Microsoft is releasing patches today, make sure to update your PCs.  Oracle is also releasing patching Java.  Check your Adobe products too.

Hundreds of Dropbox user passwords posted on Reddit

Company says it wasn't hacked and that passwords were stolen from "third party services."  Says most passwords are "expired."   You should change your Dropbox password.

Twitter files lawsuit, wants to be able to post gov't requests for data

Trying to pressure the US Govt into letting it post the request it receives for user data from the US Govt.

Samsung promises 4.6 Gbps WiFi

"Beam Forming Antenna" to avoid interference.

Dairy Queen breach, credit card data accessed

Chattanooga stores haven't been hit.

Google, Oracle Java API lawsuit reaches Supreme Court

Google wants a ruling on the copyright issue.

US doesn't need warrant to hack foreign servers

According to filings during Silk Road trial.

Google Chrome Updated

Over 100 security fixes, Chrome automatically updates itself.

AT&T force to pay back $80m

Due to the practice of "cramming" its users with confusingly labeled subscription charges for such things as ringtones.

Google Now vs. Cortana vs. Siri

Guess who wins.....

Google Boss, "Spying scares will break the Internet"

Eric Schmidt worries that NSA spying will cause ecommerce to fail as well as other services based on the Internet.

Ads on Snapchat

Ads coming soon.

Google Voice now supports MMS on most carriers

Except for Verizon......

Return of the Crypto Wars

Apple will no longer be able to hand the "keys" to your encrypted files to Law Enforcement, and that's causing some problems.

Facebook "changing" ways it performs social research

Now going to have groups containing a variety of professionals review requests to use Facebook data for research.

New OS X botnet, "communicates" via Reddit

Dr. Web has discovered a new botnet composed of 17000 Macs that can find command servers via Reddit.  Apple has updated "Xprotect" to prevent infection.