Gaming 19 - Come Knife With Me
Posted on 17th Dec 2010 at 15:08 by Podcast with 3 comments
To catch a criminal, sometimes you have to think like one.
So researchers on the trail of cybercrooks that use armies of infected computers, known as botnets, to send out spam e-mail or to attack websites are building botnets of their own. Fortunately, the new approach is being tested using a high-powered computing cluster that is safely isolated from the Internet.
"We set up what we thought would be the closest to a botnet in the wild," says Pierre-Marc Bureau, a researcher with computer security firm ESET, part of the project led by a team at Ecole Polytechnique de Montreal with collaborators at Nancy University, France, and Carlton University, Canada. "To our knowledge, this is the first such realistic experiment," he says.
Over 3,000 copies of Windows XP were installed on a cluster of 98 servers at Ecole Polytechnique. Each virtual computer system was wrapped in software that linked it up to the others as if it were an individual computer connected to the Internet or a local network. Every system was also infected with the Waledac worm, a piece of now well understood and largely vanquished software that at the start of 2010 was estimated by Microsoft to control hundreds of thousands of computers and to send out 1.5 billion spam messages a day.
The team mimicked the control structure needed to take charge of a Waledac botnet, in which a central command-and-control server sends orders to a handful of bots that then spread those instructions to other machines.
In recent years, researchers have developed techniques to eavesdrop on live botnet communications and even to inject messages into these communications. Building a complete botnet in an experimental environment allows much more freedom, though, says Bureau. "When you experiment on a live botnet, you may provoke a bad reaction from its owner that harms infected machines," he explains, and then "you are also potentially controlling the machines of innocent users, which has ethical and legal problems."
Having their own botnet also gave the researchers the luxury of being able to observe it inside and out as it operated normally or was attacked by someone trying to disable the network, and also to run multiple trials that yielded statistically significant results.
It was, Bureau says, something of a challenge to convince the owner of a cluster worth around $1 million that installing malware onto it was a good idea.
Source: http://feeds.technologyreview.com/click.phdo?i=2c7213c7c480ffbd6e89a828108c51e7
bellagio robbery nicole richie wedding dress weather nashville tn rock and roll hall of fame
From: Thomas Plunkett
Subject: The Gawker Media security breach ? status and moving forward
To: [Gawker staff]
Date: Friday, December 17, 2010, 4:43 PMEveryone -
As you know, this has been the Gawker tech team?s most difficult week ever. This note has been too long coming, but the following is meant to communicate several things: what happened, our current activities, and our plans for moving forward. I suggest you read all of this as I am making several recommendations below, and we are implementing some changes that will affect all of you.
What Happened
Gawker Media servers and some company email accounts were compromised by hackers at some time during the last few weeks; the compromise was made public to us (and everyone else) this past weekend. In recent weeks, intruders were able to gain access to our web servers by exploiting a vulnerability in our source code, allowing them to gain access to user data and passwords. With this information, they were able to gain access to the editor wiki, some Gawker Media email accounts, and other external resources.It is clear that the Gawker tech team did not adequately secure our platform from an attack of this nature. We were also not prepared to respond when it was necessary. These things can be attributed to several factors.
First, we never planned for such an event, and therefore had no systems, or processes in place to adequately respond. Our focus as a team (and company) has been on moving forward. This put up blinders on several fronts. As a result, numerous wrong decisions were made by me this past weekend in responding to the security breach.
Further, attention to completed work is every bit as important as attention to upcoming work. Our development efforts have been focused on new product while committing relatively little time to reviewing past work. This is often a fatal mistake in software development and was central to this vulnerability.
Finally, we have not only seen tremendous growth as a company, we have never been afraid to take an unpopular or controversial stance with regard to individuals or organizations. Let?s face it: we draw the ire of many. This creates a unique set of demands to meet rapid growth as well as threats that often specifically target us. We did not establish standards and practices to handle growth and the fact that we have a target on our back.
On several fronts ? technically, as well as customer support and communication ? we found ourselves unprepared to handle this eventuality. The tech team should have been better prepared, committed more time to perform thorough audits, and grown our team?s technical expertise to meet our specific business needs. As a result of not having done these things, we have not adhered to standards expected of us, and our response was inadequate. The remedy to this situation will not be immediate, but it will be swift as possible.
Current Activity: Regaining Control
The tech team have moved our operation to the third floor of the Gawker Media office in order to focus on the work that needs to be done. We are currently in the process of performing a complete review of what happened with an independent security firm.Here?s what we?ve done so far to regain control:
We have been able to establish a fairly complete timeline of intrusion activity, and have identified compromised assets within Gawker. We have re-established control of compromised systems including our Google Apps accounts. As a result, you will have to reconfigure your Google Apps access (more on this below).
In addition, we have addressed all known vulnerabilities and will continue auditing our system for security flaws, and we have made appropriate changes to administrative accounts to our web and application infrastructure. There are many people reviewing our code base, and because of this, we will also reach out to members of the technical community to harness their expertise. This process will continue as we move to an entirely new, hardened web infrastructure.
We have introduced a help desk to address commenter concerns related to the breach. This will continue to exist as long as it is needed. Scott, Greg, Jeremy, Nick and a host of interns, and many of you, have been active in the threads, and communicating as much as possible as we work through this event.
Moving Forward
We?ve learned many lessons from this experience, both as a tech team, as a company, and as individuals. If there?s one lesson nearly all of us learned, it?s that we can and must be smarter with passwords. Lifehacker is a great resource for password advice (and there are many others). I suggest you start here: http://lifehacker.com/184773/geek-to-live?choose-and-remember-great-passwords.Efffective immediately, we have enabled SSL, a more secure method of communicating over the internet, for all users with Gawker Media accounts on Google Apps (this does not affect your personal Gmail). Those of you not using web-based Gmail will have to reconfigure your clients (this includes any desktop mail client as well as other devices). The attached document provides instructions to make this easier, and includes information to configure different devices including iPhone, Android and Blackberry phones.
Also effective immediately: If you require access to sensitive materials (legal, financial, or accounting documents) on Google Docs, you must have two-factor authentication setup on your account. No documents will be shared with personal Gmail accounts. We are also strongly encouraging all staff to setup two-factor authorization even if you do not require access to sensitive material.
We will enforce a policy that sensitive information not be posted to the editor wiki. This policy will also apply to chat communications (e.g., Campfire, AIM).
On all of our sites, we will be introducing several new features to our commenting system to acknowledge the reality that we have lost the commenters? trust and don?t deserve it back. We should not be in the business of collecting and storing personal information, and our objective is to migrate our platform away from any personal data dependencies (like email & password). We will push further integration of external account verification sources using OAuth (like Facebook, Twitter, and Google) for those that want to use them, and we?ll also be introducing disposable accounts. Disposable accounts are similar to the service a pre-paid phone offers to drug dealers (a disposable, untraceable communication device). Commenters seeking anonymity will be able to do so confident that when necessary they can simply toss out the account and there will be no connection to the individual. They will work like this:
- no password will be stored
- no email will be stored
- account can be used as long as you have the key code; lose or delete it, the account is abandoned.In addition, we are establishing a public Gawker Tech & Product blog (a long time coming) from which we will communicate product information as well as product plans to our readers. You can expect to see it by early next week.
This has been a very unfortunate event in Gawker Media history, and we have learned much from it. Above all, this has been an enormous inconvenience for everyone affected, and for this I apologize. You can expect a much more responsive and proactive technology and product team for 2011. You can also expect a much more public me ? if there is one critical thing that has been missing, it is a lack of consistent communication from me. That will change.
Regards,
Tom Plunkett
Source: http://thenextweb.com/media/2010/12/18/the-internal-memo-sent-to-gawker-staff-after-the-attack/
rock and roll hall of fame whnt 19 weather robin williams panama city shooting
"Work is under way: System designers are actively considering ARM architectures," Warren East, chief executive officer of ARM Holding, told Bloomberg. "We don't want to raise expectations that next year there are going to be a lot of ARM servers. Of course, there aren't."
This hasn't stopped rumors from running wild. ARM is supposedly close to introducing a new 64-bit micro-architecture that will be able to target servers. The micro-architecture alone is not enough to compete in the server world; ARM needs to build technologies that offer a favorable performance-per-watt ratio, security, virtualization, various input/output functionality, and so on.
ARM-based chips are known for their efficiency, suggesting that the company's entry point would be low-cost and low-power servers. That being said, it still won't be easy for the company, given that both Intel and AMD are working hard to decrease power consumption of their chips.
Source: http://www.techspot.com/news/41633-arm-to-take-on-intel-and-amd-servers-in-2014.html
robin williams panama city shooting wsmv weather news channel 5 weather
Shoppers may notice an increased number of electronic displays around them this holiday season?flickering advertisements that can change instantly and show video. Obviously, they're meant to grab shoppers' attention, lure them into stores, and encourage them to buy more. Retailers would like to know how well the signs succeed.
Absent solid information, many stores are hesitant to invest in electronic signage because installation and maintenance are expensive. A startup recently acquired by Intel could provide the analytics that retailers need to decide if these signs are worth the money.
The company, CognoVision, has developed face-recognition software that can determine a person's gender and approximate age. This, along with cameras added to the digital displays, could give retailers a better sense of whether the ads are getting shoppers' attention. The software could also become a new source of shopper demographics and enable advertisements to be tailored to the people looking at the screen. Within the next year, says Jose Avalos, director of digital signage at Intel, the chipmaker expects to have some "high-profile" stores demonstrating the technology.
Intel began focusing on electronic signage two years ago, Avalos says. "When we first started working in it, it was a very fragmented market," he says. Last January Intel and Microsoft partnered to promote a platform for smart digital signs that include Windows software and Intel's Core i5 and i7 processors. In November, NEC, a software and hardware company, joined in, supplying software to simplify content management across display systems.
With the purchase of CognoVision, Avalos says, Intel is putting energy into improving the analytics side of digital signs. "What's needed is metrics and analytics about the effectiveness of signage," he says. "We think this can promote adoption."
Currently, there are 2.4 million large digital displays used in out-of home settings in the United States, says Chris Connery, an analyst focusing on the commercial display market at DisplaySearch, a research firm. By 2016, Connery says, the number of screens should reach 9.2 million. "It's one of the fastest areas of growth in all flat-panel displays," he says. "Everyone's trying to crack into [the market] and replace Mylar poster boards with flat panels," Connery adds, "But the 'gotcha' for the industry is metrics, and that's what Intel's trying to do."
CognoVision's technology includes machine vision algorithms that analyze facial features to generate demographic information. Cameras mounted next to a sign find the faces that are looking at the screen, and the software collects information on the size and shape of the face and the distance between features, and compares those data points with information previously categorized in a database. Within a range of certainty, the algorithm determines the person's gender and age. This demographic information, not facial images, is stored and used by the retailer, stresses Avalos. "One of the things we've being very careful with is to make sure we address privacy up front," adds Avalos.
Source: http://feeds.technologyreview.com/click.phdo?i=96272e434b915ec7430bd1f89b1b9c3b
nicole richie wedding dress weather nashville tn rock and roll hall of fame whnt 19 weather
The Netflix app has been upgraded so that users can search, browse, and watch any movie or show in the Netflix streaming catalog. You can even add these titles to your DVD queue if you want them mailed to you or ask the app to give you personalized recommendations based on what you've watched before. As for the movies part, Google TV now has a movie results page (with a summary, photos, and the cast list) that lets you see all films associated with the title so you can quickly watch it wherever it's available: TV, Netflix, or Amazon Video on Demand. The dual view feature allows you to watch TV and browse your favorite website at once, and now it has been improved to allow you to resize and move the window.
As demonstrated in the video above, the remote control app for Android phones lets you control your TV with your voice. The Google TV Remote will reportedly arrive for other platforms in the near future. Google TV users should start seeing the update roll out to their devices throughout the week. The Google TV Remote app is available now on the Android Market though not all the features will work until your device has received the update.
If you want a Google TV device for free, Google is running a contest on YouTube. All you have to do is submit a video explaining why you should receive one and you might just end up with a 46" HDTV next year.
Source: http://www.techspot.com/news/41627-google-tv-gets-first-update-voiceenabled-android-app.html
robin williams panama city shooting wsmv weather news channel 5 weather
The Apple money-making machine shows no sign of slowing down. Its hardware is selling like hotcakes and now we get word that the iTunes Store holds a 66.2% share of the digital downloads market, up from 63.2% from last year.
The figures from NPD and first reported by the Wall Street Journal, see Apple?s dominance of the market continue. Meanwhile, competitor Amazon is struggling to compete. The retailer?s digital music market share rose in Q3 2010, up too 13.3% from 11% at the same time last year.
The news could be especially galling to Amazon as it appears that its chief method of competing with iTunes, price, isn?t having a significant effect. Amazon offers ?Daily Deal? discount albums, which the WSJ reports it often sells at a loss. Meanwhile, it appears Apple?s tightly integrated ecosystem of hardware and music store continues to pay off with consumers seemingly unswayed by cheaper prices on rival stores.
Overall, the digital market continues to grow.CD sales have fallen 20% this year, with digital sales up 13%, to over 75 million.
Source: http://thenextweb.com/media/2010/12/17/apple-dominates-us-digital-music-market-with-66-2-share/
robin williams panama city shooting wsmv weather news channel 5 weather
Posted on 17th Dec 2010 at 15:08 by Podcast with 3 comments
Source: http://feedproxy.google.com/~r/bit-tech/blog/~3/Rql8OXo5h6I/
wsmv weather news channel 5 weather weather richmond va bellagio robbery
Ofcom, the UK?s communications regulator, is to submit new proposals stopping mobile operators charging customers for making calls to 0800 numbers, looking to make calls to these numbers free like they are from landlines.
Changes to 0800 call charges are just one of a number of sweeping changes Ofcom is looking to make to reduce customer confusion and uncertainty when making calls. It proposes to make calls easier to understand, simultaneously lowering costs.
With this in mind, Ofcom intends to simplify number ranges to so that 01, 02, 03 will be geographic rates, 07 for mobile rates, 0800 will be free for for both mobile and landlines, with 083/4/5, and 0871/2/3 being a lower cost business rate and 090, 091 and 098 becoming higher cost premium numbers.
The regulator will seek to change the pricing structure of non-geographic calls, separating the phone company?s charge and the charges made by businesses. By doing this, customers would then be able to see the differences between phone packages, obtaining a better sense of value as a result. The pricing of 118 services would also come under review.
A review of phone charges would help organisations, especially charities. Rekha Wadhwani, chief executive of The Helplines Association notes:
?We welcome Ofcom?s plans to tackle these issues and agree there is significant confusion around call costs.
We have been campaigning on the cost of calling freephone numbers, especially charity helplines, from mobile phones since 1999. It is also important that answering calls from mobiles remains affordable for charities.?
Source: http://thenextweb.com/uk/2010/12/17/ofcom-looking-to-abolish-0800-number-call-charges-from-mobiles/
panama city shooting wsmv weather news channel 5 weather weather richmond va
Shoppers may notice an increased number of electronic displays around them this holiday season?flickering advertisements that can change instantly and show video. Obviously, they're meant to grab shoppers' attention, lure them into stores, and encourage them to buy more. Retailers would like to know how well the signs succeed.
Absent solid information, many stores are hesitant to invest in electronic signage because installation and maintenance are expensive. A startup recently acquired by Intel could provide the analytics that retailers need to decide if these signs are worth the money.
The company, CognoVision, has developed face-recognition software that can determine a person's gender and approximate age. This, along with cameras added to the digital displays, could give retailers a better sense of whether the ads are getting shoppers' attention. The software could also become a new source of shopper demographics and enable advertisements to be tailored to the people looking at the screen. Within the next year, says Jose Avalos, director of digital signage at Intel, the chipmaker expects to have some "high-profile" stores demonstrating the technology.
Intel began focusing on electronic signage two years ago, Avalos says. "When we first started working in it, it was a very fragmented market," he says. Last January Intel and Microsoft partnered to promote a platform for smart digital signs that include Windows software and Intel's Core i5 and i7 processors. In November, NEC, a software and hardware company, joined in, supplying software to simplify content management across display systems.
With the purchase of CognoVision, Avalos says, Intel is putting energy into improving the analytics side of digital signs. "What's needed is metrics and analytics about the effectiveness of signage," he says. "We think this can promote adoption."
Currently, there are 2.4 million large digital displays used in out-of home settings in the United States, says Chris Connery, an analyst focusing on the commercial display market at DisplaySearch, a research firm. By 2016, Connery says, the number of screens should reach 9.2 million. "It's one of the fastest areas of growth in all flat-panel displays," he says. "Everyone's trying to crack into [the market] and replace Mylar poster boards with flat panels," Connery adds, "But the 'gotcha' for the industry is metrics, and that's what Intel's trying to do."
CognoVision's technology includes machine vision algorithms that analyze facial features to generate demographic information. Cameras mounted next to a sign find the faces that are looking at the screen, and the software collects information on the size and shape of the face and the distance between features, and compares those data points with information previously categorized in a database. Within a range of certainty, the algorithm determines the person's gender and age. This demographic information, not facial images, is stored and used by the retailer, stresses Avalos. "One of the things we've being very careful with is to make sure we address privacy up front," adds Avalos.
Source: http://feeds.technologyreview.com/click.phdo?i=96272e434b915ec7430bd1f89b1b9c3b
wsmv weather news channel 5 weather weather richmond va bellagio robbery
As the House began to take up the tax deal, it hit a procedural snag. Liberal Democrats skirmished with party leaders over a proposed vote on an amendment to tax more wealthy estates and at a higher rate than was included in a provision agreed to by the Obama administration.
The liberals, many of them angry about the prospect of continuing the tax policies of President George W. Bush, complained that party leaders had structured the debate so that they could not vote in favor of the amendment to the estate tax provision without also voting in favor of the entire package.
Representative Charles B. Rangel, Democrat of New York, said he supported the change in the estate tax, which he said would save $23 billion. But, he complained, ?in order to do that I would have to accept the remainder of the Senate bill.?
By Thursday evening, however, an accommodation had been reached and floor action resumed. In a key test, the House voted 214 to 201 to approve the new terms of debate.
The bill extends for two years all of the income tax cuts enacted under Mr. Bush and provides a one-year payroll tax cut for most American workers, delivering what economists predict would be a needed lift for the struggling economy.
The tax deal marked the start of a new dynamic in Washington, with Republicans set to hold a majority in the House as result of their big victories in the midterm elections.
The package was negotiated directly by Vice President Joseph R. Biden Jr. and the Senate Republican leader, Mitch McConnell of Kentucky, who has positioned himself as a broker between the White House and Republicans.
Some officials, including Mr. Obama, have hailed the tax agreement as a prototype for hard-bargained compromises in the era of divided government.
But the tax accord also showed Washington policymakers locked in an unsustainable cycle of cutting taxes and raising spending that has proved politically palatable in the short term but could seriously threaten the nation?s fiscal stability in years ahead.
?Republicans are talking a lot about certainty and there is some good data about this, that policy uncertainty is bad for an economy,? said Matthew Mitchell, a research fellow and tax policy expert at George Mason University in Virginia.
?But even if they had won some sort of a victory where they got the current tax rates written in stone,? he said, ?spending is on such an unsustainable path in terms of entitlements, it really isn?t certain at all.?
The temporary nature of the deal, however, could lend momentum to broader efforts to overhaul the tax code and tackle the long-term deficit. With the tax debate now scheduled to resume at the height of the 2012 presidential election, some lawmakers say they hope the fiscal landscape can be redrawn and the cycle of lower taxes and higher spending brought to a halt.
Or, as Herbert Stein, the chairman of the Council of Economic Advisers under Presidents Richard M. Nixon and Gerald R. Ford put it: ?If something cannot go on forever, it will stop.?
Some fiscal experts said they were heartened that lawmakers in both parties had expressed unhappiness with the tax agreement, and that there appeared to be an increasing recognition of a need to tackle the long-term problems.
Recently, 22 senators ? 12 Democrats, 9 Republicans and 1 independent ? signed on to a resolution pledging to ?devise a comprehensive plan for addressing the fiscal concerns of our nation? by focusing on ?tax reform, spending restraint and debt and deficit reduction? in 2011.
?The era of deficit denial is over,? said Bruce Reed, the executive director of Mr. Obama?s bipartisan commission on reducing the national debt. ?They?re just having a big year-end close-out.?
Senator Tom Coburn, Republican of Oklahoma, for example, voted in favor of the debt commission?s plan earlier this month. But he voted against the tax deal on Wednesday even as his colleagues approved it overwhelmingly by a vote of 81 to 19. Mr. Coburn had proposed an alternative seeking to reduce the cost of the tax plan.
As the House debated the tax plan, some Democrats said it would do too much for the wealthy, and warned that the payroll tax cut could undermine the stability of Social Security. Some Republican critics said the package was too costly.
?This legislation creates too few jobs and too much debt,? said Representative Peter Welch, Democrat of Vermont.
Representative Jerrold Nadler, Democrat of New York, said he feared the one-year cut in the Social Security payroll tax, to 4.2 percent from 6.2 percent on income up to $106,800, would weaken Social Security because Republicans would insist on the cut being made permanent, and Democrats would relent.
?We know that, politically, once you make that tax cut it will be impossible to restore it,? Mr. Nadler said.
In the Senate, Democrats on Thursday night abandoned efforts to pass a $1.2 trillion spending bill to finance the federal government through Sept. 30, and said they would accede to Republicans demands for a short-term stop-gap measure instead.
Senators said the stop-gap bill would run through the early part of next year. At that point, Republicans will control a majority in the House and six additional seats in the Senate, giving them greater leverage over any spending decisions.
Source: http://feeds.nytimes.com/click.phdo?i=1379aa30d15127330f2be1bc9901e107
nicole richie wedding dress weather nashville tn rock and roll hall of fame whnt 19 weather