A 'Turkish Hacker' Is Giving Out Prizes For DDoS Attacks

Slashdot - 52 min 34 sec ago
Security firm Forcepoint has discovered a DDoS competition which requires participants install a DDoS software which contains a backdoor. An anonymous reader quotes CSO: A hacker in Turkey has been trying to encourage distributed denial-of-attacks by making it into a game, featuring points and prizes for attempting to shut down political websites... Users that participate will be given a tool known as Balyoz, the Turkish word for Sledgehammer, that can be used to launch DDoS attacks against a select number of websites... The attack tool involved is designed to only harass 24 political sites related to the Kurds, the German Christian Democratic Party -- which is led by Angela Merkel -- and the Armenian Genocide, and others... Forcepoint noticed that the DDoS attack tool given to the participants also contains a backdoor that will secretly install a Trojan on the computer.

Read more of this story at Slashdot.

Categories: Science

The DEA Has Been Secretly Paying Transport Employees To Search Travelers' Bags

Slashdot - 1 hour 52 min ago
There's a new reason you can be stopped by airport security: because the security officer who flagged you "was being secretly paid by the government...to uncover evidence of drug smuggling." schwit1 quotes The Economist: For years, officials from the Department of Justice testified, the DEA has paid millions of dollars to a variety of confidential sources to provide tips on travellers who may be transporting drugs or large sums of money. Those sources include staff at airlines, Amtrak, parcel services and even the Transportation Safety Administration... According to [a DOJ] report, airline employees and other informers had an incentive to search more travellers' bags, since they received payment whenever their actions resulted in DEA seizures of cash or contraband. The best-compensated of these appears to have been a parcel company employee who received more than $1 million from the DEA over five years. One airline worker, meanwhile, received $617,676 from 2012 to 2015 for tips that led to confiscations. But the DEA itself profited much more from the program. That well-paid informant got only about 12% of the amount the agency seized as a result of the his tips. The DEA had paid out $237 million to over 9,000 informants over five years towards the end of 2015, according to the report. The Economist writes that "travelers no doubt paid the price in increased searches," adding that the resulting searches were all probably illegal.

Read more of this story at Slashdot.

Categories: Science

5-Year-Old Critical Linux Vulnerability Patched

Slashdot - 2 hours 52 min ago
msm1267 quotes Kaspersky Lab's ThreatPost: A critical, local code-execution vulnerability in the Linux kernel was patched more than a week ago, continuing a run of serious security issues in the operating system, most of which have been hiding in the code for years. Details on the vulnerability were published Tuesday by researcher Philip Pettersson, who said the vulnerable code was introd in August 2011. A patch was pushed to the mainline Linux kernel December 2, four days after it was privately disclosed. Pettersson has developed a proof-of-concept exploit specifically for Ubuntu distributions, but told Threatpost his attack could be ported to other distros with some changes. The vulnerability is a race condition that was discovered in the af_packet implementation in the Linux kernel, and Pettersson said that a local attacker could exploit the bug to gain kernel code execution from unprivileged processes. He said the bug cannot be exploited remotely. "Basically it's a bait-and-switch," the researcher told Threatpost. "The bug allows you to trick the kernel into thinking it is working with one kind of object, while you actually switched it to another kind of object before it could react."

Read more of this story at Slashdot.

Categories: Science

Uber Asks Everyone To Stop Making It The New Tinder

Slashdot - 3 hours 52 min ago
Ride-sharers have been using Uber and Lyft "carpool" apps to meet dates -- and now Uber's trying to stop it. An anonymous reader quotes SFGate: This week Uber updated their community guidelines to discourage passengers from using the ride-sharing app as a hook-up opportunity. Some Uber and Lyft riders have been using the car-pooling option as a way to meet or hook up with others. But Uber is not pleased and has advised users to not flirt or touch passengers. "It's OK to chat with other people in the car. But please don't comment on someone's appearance or ask whether they are single," Uber's guidelines state. Their new policy now specifically states that "Uber has a no sex rule. That's no sexual conduct between drivers and riders, no matter what."

Read more of this story at Slashdot.

Categories: Science

New Bug In Windows 10 Anniversary Update Brings Wi-Fi Disconnects

Slashdot - 4 hours 52 min ago
Some Windows 10 PCs are now experiencing sudden drops in their Wi-Fi connections, with the Network Diagnostics tool reporting "Wi-Fi doesn't have a valid IP configuration." An anonymous reader quotes InfoWorld's Woody Leonhard: I've heard from many people who blame the Wi-Fi disconnect on Friday's KB 3201845, the patch (which still isn't documented on the Win10 update history site) that brings version 1607 up to build 14393.479. It's unlikely that the new patch brought on the bug because the large influx of complaints started on December 7 -- two days before the patch... Speculation at this point says the disconnect results when a machine performs a fast startup, setting the machine's IP address to 169.x.x.x. It's an old problem, but somehow it's come back in spades in the past two days. I have no idea what triggered the sudden outbreak, as there were no Win10 1607 patches issued on December 6, 7 or 8. Microsoft acknowledged the problem Thursday, recommending customers try restarting their PCs (or performing a clean start). Woody writes that it looks like Microsoft's latest Windows 10 patch "didn't cause the bug. But the patch didn't fix it, either."

Read more of this story at Slashdot.

Categories: Science

Building the James Webb Space Telescope: Hubble's Successor (Gallery)

Space.com - 5 hours 11 min ago
See photos of NASA's new space telescope, the James Webb Space Telescope, under construction.
Categories: Science

The Most Amazing Space Photos This Week!

Space.com - 5 hours 26 min ago
See the best photos on Space.com this week.
Categories: Science

US Think Tank Wants To Regulate The Design of IoT Devices For Security Purposes

Slashdot - 6 hours 26 min ago
New submitter mikehusky quotes a report from The Register: Washington D.C. think tank the Institute for Critical Infrastructure Technology is calling for regulation on "negligence" in the design of internet-of-things (IoT) devices. If the world wants a bonk-detecting Wi-Fi mattress, it must be a malware-free bonk-detecting Wi-Fi mattress. The report adds: "Researchers James Scott and Drew Spaniel point out in their report Rise of the Machines: The Dyn Attack Was Just a Practice Run [PDF] that IoT represents a threat that is only beginning to be understood. The pair say the risk that regulation could stifle market-making IoT innovation (like the Wi-Fi cheater-detection mattress) is outweighed by the need to stop feeding Shodan. 'Regulation on IoT devices by the United States will influence global trends and economies in the IoT space, because every stakeholder operates in the United States, works directly with United States manufacturers, or relies on the United States economy. Nonetheless, IoT regulation will have a limited impact on reducing IoT DDoS attacks as the United States government only has limited direct influence on IoT manufacturers and because the United States is not even in the top 10 countries from which malicious IoT traffic originates.' State level regulation would be 'disastrous' to markets and consumers alike. The pair offer their report in the wake of the massive Dyn and Mirai distributed denial of service attacks in which internet of poorly-designed devices were enslaved into botnets to hammer critical internet infrastructure, telcos including TalkTalk, routers and other targets."

Read more of this story at Slashdot.

Categories: Science

Here's How NASA's Hurricane Satellite Fleet Will Work

Space.com - 7 hours 26 min ago
Eight specialized microsatellites, slightly larger than carry-on suitcases, will launch from beneath an airplane Dec. 12 to begin monitoring hurricanes and cyclones in the tropics, piercing through rainfall to measure wind speeds at a storm's heart.
Categories: Science

Watch Live @ 1 pm ET: NASA CYGNSS Hurricane Satellite Mission Briefings

Space.com - 7 hours 26 min ago
NASA will webcast two press conferences today to showcase the science and tech behind its CYGNSS hurricane satellite mission, which will launch Monday, Dec. 12. Here's how to watch.
Categories: Science

Tech’s Biggest Showdown Is Unfolding in Your Living Room

Wired News - 8 hours 25 min ago
The tech behind the Amazon Echo, Google Home, and Microsoft's Project Evo is at the heart of a three-way rivalry that will define the industry for years. The post Tech's Biggest Showdown Is Unfolding in Your Living Room appeared first on WIRED.
Categories: Science

22 Gifts That Will Give You Serious Design Cred

Wired News - 8 hours 25 min ago
A good gift is a thoughtful gift---and a thoughtfully designed one, too. The post 22 Gifts That Will Give You Serious Design Cred appeared first on WIRED.
Categories: Science

14 Gift Ideas Every New Parent Would Love

Wired News - 8 hours 25 min ago
You can't put sleep in a box, so try one of these instead. The post 14 Gift Ideas Every New Parent Would Love appeared first on WIRED.
Categories: Science

Security News This Week: Russian Hackers Are Targeting Germany Now, Too

Wired News - 8 hours 26 min ago
Each weekend we round up the news stories that we didn't break or cover in depth but that still deserve your attention. The post Security News This Week: Russian Hackers Are Targeting Germany Now, Too appeared first on WIRED.
Categories: Science

Let’s Make Morphing Cars That Double as SUVs

Wired News - 8 hours 26 min ago
What if, instead of choosing one kind of car, you could simply extend your truck or SUV at the touch of a button? The post Let's Make Morphing Cars That Double as SUVs appeared first on WIRED.
Categories: Science

Space Photos of the Week: A Wonky Spiral Galaxy Has an Identity Crisis

Wired News - 8 hours 26 min ago
Space photos of the week, December 4 — 10, 2016. The post Space Photos of the Week: A Wonky Spiral Galaxy Has an Identity Crisis appeared first on WIRED.
Categories: Science

Loss of a Legend and 'Star in a Jar' Fusion: The Week's Top Space Stories

Space.com - 8 hours 26 min ago
The world loses a space legend, a crucial cargo ship launches, the world spins slowly and researchers make progress toward a "star in a jar" fusion reactor in Space.com's top stories of the week.
Categories: Science

Wishlist 2016: Festive Gift Ideas for Holiday Entertaining

Wired News - 8 hours 28 min ago
The best stuff for throwing a party, or to get as a gift for the party animal in your life. The post Wishlist 2016: Festive Gift Ideas for Holiday Entertaining appeared first on WIRED.
Categories: Science

While You Were Offline: The Weather Channel Rains on Breitbart’s Parade of Delusion

Wired News - 9 hours 56 min ago
The Weather Channel would like Breitbart to know that climate change is real. The post While You Were Offline: The Weather Channel Rains on Breitbart's Parade of Delusion appeared first on WIRED.
Categories: Science

Autonomous Shuttle Brakes For Squirrels, Skateboarders, and Texting Students

Slashdot - 10 hours 26 min ago
Tekla Perry writes: An autonomous shuttle from Auro Robotics is picking up and dropping off students, faculty, and visitors at the Santa Clara University Campus seven days a week. It doesn't go fast, but it has to watch out for pedestrians, skateboarders, bicyclists, and bold squirrels (engineers added a special squirrel lidar on the bumper). An Auro engineer rides along at this point to keep the university happy, but soon will be replaced by a big red emergency stop button (think Staples Easy button). If you want a test drive, just look for a "shuttle stop" sign (there's one in front of the parking garage) and climb on, it doesn't ask for university ID.

Read more of this story at Slashdot.

Categories: Science