US seeks information on industry ability to hold bulk phone data

Posted on February 10, 2014 by mea

The RFI has been posted to the Federal Business Opportunities site that lists federal government procurement opportunities. The government is looking for information on whether commercially available services can, among other things, provide secure storage and high availability to U.S. telephone metadata records for a sufficient period of time, and ensure that there are no unauthorized queries of the database and no data is provided to the government without proper authorization.

via US seeks information on industry ability to hold bulk phone data | ITworld.

What happens with digital rights management in the real world?

Posted on February 9, 2014 by mea

An increase in the security of the companies you buy your media from means a decrease in your own security. When your computer is designed to treat you as an untrusted party, you are at serious risk: anyone who can put malicious software on your computer has only to take advantage of your computer’s intentional capacity to disguise its operation from you in order to make it much harder for you to know when and how you’ve been compromised.

via What happens with digital rights management in the real world? | Technology | theguardian.com.

Here is where DRM and your security work at cross-purposes. The DMCA’s injunction against publishing weaknesses in DRM means that its vulnerabilities remain unpatched for longer than in comparable systems that are not covered by the DMCA. That means that any system with DRM will on average be more dangerous for its users than one without DRM.

Unison File Synchronizer

Posted on February 8, 2014 by mea

Unison is a file-synchronization tool for Unix and Windows. It allows two replicas of a collection of files and directories to be stored on different hosts (or different disks on the same host), modified separately, and then brought up to date by propagating the changes in each replica to the other.

Unison shares a number of features with tools such as configuration management packages (CVS, PRCS, Subversion, BitKeeper, etc.), distributed filesystems (Coda, etc.), uni-directional mirroring utilities (rsync, etc.), and other synchronizers (Intellisync, Reconcile, etc).

via Unison File Synchronizer.

Renault’s Off-Roader Concept Launches a Drone Out of Its Roof

Posted on February 8, 2014 by mea

Forget taco-copters or same-day shipping — drones are the perfect companion for off-roaders. They can scout locations, keep tabs on terrain, and when you’re back on paved roads, give you a heads up about that tool that flipped his pickup on your morning commute. And that’s exactly what the Renault Kwid concept is promising.

The French automaker is looking to get back into the Indian market, where high-riding compact crossovers are the norm, and the Kwid is Renault’s attempt at getting up-and-coming younger buyers into the fold.

via Renault’s Off-Roader Concept Launches a Drone Out of Its Roof | Autopia | Wired.com.

Cisco moves to fend off Rockstar patent assault on its customers

Posted on February 7, 2014 by mea

Time Warner, Charter, and other cable companies are being sued by Rockstar for using Cisco equipment, like modems and cable boxes that run on standards such as DOCSIS.

“Cisco and Nortel were working and selling products in the same market for decades,” points out Cisco’s outside lawyer on the case, John Desmarais. “They never bothered each other, never sued each other, never threatened each other with infringement. If Nortel really thought those patents were infringed by Cisco, you think something would have been brought up.”

via Cisco moves to fend off Rockstar patent assault on its customers | Ars Technica.

Bitcoin Miners Building 10 Megawatt Data Center in Sweden

Posted on February 6, 2014 by mea

Bitcoin mining equipment company KnC Miner has begun construction on its new facility in Boden, about 10 miles down the road from Facebook’s server farm in Lulea. The data center is being built in a facility previously used as a helicopter hangar for the Swedish armed forces. It will be retrofitted to house thousands of custom Bitcoin mining rigs built by KnC Miner, one of a host of new vendors that has emerged to serve the growing market for Bitcoin hardware.

KnC Miner is based in Stockholm, Sweden and has established a leadership position in Bitcoin mining rigs powered by ASICs (Application Specific Integrated Circuits) to crunch data for creating and tracking bitcoins. The company says it has sold $75 million in hardware since June, with customers in 120 countries.

via Bitcoin Miners Building 10 Megawatt Data Center in Sweden.

Adobe to Require New Epub DRM in July, Expects to Abandon Existing Users

Posted on February 5, 2014 by mea

The tl;dr version is that Adobe is going to start pushing for ebook vendors to provide support for the new DRM in March, and when July rolls Adobe is going to force the ebook vendors to stop supporting the older DRM. (Hadrien Gardeur, Paul Durrant, and Martyn Daniels concur on this interpretation.)

This means that any app or device which still uses the older Adobe DRM will be cut off.

via Adobe to Require New Epub DRM in July, Expects to Abandon Existing Users – The Digital Reader.

CVE-2014-0497 – a 0-day vulnerability – Securelist

Posted on February 5, 2014 by mea

All of the exploits exploit the same vulnerability and all are unpacked SWF files. All have identical actionscript code, which performs an operating system version check. The exploits only work under the following Windows versions: XP, Vista, 2003 R2, 2003, 7, 7×64, 2008 R2, 2008, 8, 8×64. Some of the samples also have a check in place which makes the exploits terminate under Windows 8.1 and 8.1 x64.

via CVE-2014-0497 – a 0-day vulnerability – Securelist.

Hearings on community broadband services bill postponed

Posted on February 4, 2014 by mea

Senate Bill 304 would prohibit cities and counties from building public broadband networks. The Commerce Committee, which Lynn chairs, was scheduled to have a hearing Tuesday, but Lynn released a statement that hearings have been postponed indefinitely.

via Hearings on community broadband services bill postponed | Wichita Eagle.

Setting up a man-in-the-middle device with Raspberry Pi, Part 1

Posted on February 3, 2014 by mea

The regular install on a Raspberry Pi is NOOBS (new out-of-box software) and contains several pre-packaged operating systems. However for the purpose of our MITM device we’ll be using a different Linux distro for our Pi: PwnPi. PwnPi is a distribution of the Raspbian OS that contains many pre-installed packages for security and penetration testing which is naturally right up our alley. So, go ahead and download PwnPi. Once it’s downloaded we’ll need to load it onto our SD card. First, format your SD card using the SD card formatter from the SD association. If the “size” value shown in the formatter is less than the size of your card, be sure to choose “format size adjustment” in the card.

via Setting up a man-in-the-middle device with Raspberry Pi, Part 1 | jeffq, published.

Bucktown Bell

Cut to the chase.