GE and Deepwater Wind, a developer of offshore turbines, are installing five massive wind turbines in the middle of the Atlantic Ocean. They will make up the first offshore wind farm in North America, called the Block Island Wind Farm.
Over the past several weeks, the teams have worked to install the turbines 30 miles off the coast of Rhode Island, and are expected to finish by the end of August 2016. The farm will be fully operational by November 2016.
Social Security Administration Now Requires Two-Factor Authentication
Sadly, it is still relatively easy for thieves to create an account in the name of Americans who have not already created one for themselves. All one would need is the target’s name, date of birth, Social Security number, residential address, and phone number. This personal data can be bought for roughly $3-$4 from a variety of cybercrime shops online.
After that, the SSA relays four multiple-guess, so-called “knowledge-based authentication” or KBA questions from credit bureau Equifax. In practice, many of these KBA questions — such as previous address, loan amounts and dates — can be successfully enumerated with random guessing. What’s more, very often the answers to these questions can be found by consulting free online services, such as Zillow and Facebook.
Source: Social Security Administration Now Requires Two-Factor Authentication — Krebs on Security
Disable WPAD now or have your accounts and private data compromised
WPAD is a protocol, developed in 1999 by people from Microsoft and other technology companies, that allows computers to automatically discover which web proxy they should use. The proxy is defined in a JavaScript file called a proxy auto-config (PAC) file.
The location of PAC files can be discovered through WPAD in several ways: through a special Dynamic Host Configuration Protocol (DHCP) option, through local Domain Name System (DNS) lookups, or through Link-Local Multicast Name Resolution (LLMNR).
Source: Disable WPAD now or have your accounts and private data compromised | CSO Online
The researchers recommended computer users disable the protocol. “No seriously, turn off WPAD!” one of their presentation slides said. “If you still need to use PAC files, turn off WPAD and configure an explicit URL for your PAC script; and serve it over HTTPS or from a local file.”
From Slashdot comments:
Rightscorp Threatens Every ISP in the United States
While Rightscorp was expected to make the most of BMG’s victory in its future dealings with ISPs, the level of aggression in its announcement still comes as a surprise. Essentially putting every provider in the country on notice, Rightscorp warns that ISPs will now have to cooperate or face the wrath of litigious rightsholders.
Source: Rightscorp Threatens Every ISP in the United States – TorrentFreak
Whether this week’s developments will help to pull Rightscorp out of the financial doldrums will remain to be seen. The company has been teetering on the edge of bankruptcy for a couple of years now, and its shares on Wednesday were worth just $0.038 each. Following the BMG news, they peaked at $0.044.
The Next Generation of Wireless — “5G” — Is All Hype.
“5G” is a marketing term. There is no 5G standard — yet. The International Telecommunications Union plans to have standards ready by 2020. So for the moment “5G” refers to a handful of different kinds of technologies that are predicted, but not guaranteed, to emerge at some point in the next 3 to 7 years. (3GPP, a carrier consortium that will be contributing to the ITU process, said last year that until an actual standard exists, “’5G’ will remain a marketing & industry term that companies will use as they
Source: The Next Generation of Wireless — “5G” — Is All Hype. — Backchannel
Image Kernels explained visually
An image kernel is a small matrix used to apply effects like the ones you might find in Photoshop or Gimp, such as blurring, sharpening, outlining or embossing. They’re also used in machine learning for ‘feature extraction’, a technique for determining the most important portions of an image. In this context the process is referred to more generally as “convolution” (see: convolutional neural networks.)
Source: Image Kernels explained visually
75 Percent of Bluetooth Smart Locks Can Be Hacked
Twelve out of 16 Bluetooth smart locks examined could be unlocked by a remote attacker, a researcher said at the DEF CON hacker conference.
Source: 75 Percent of Bluetooth Smart Locks Can Be Hacked
The problems didn’t lie with the Bluetooth Low Energy protocol itself, Rose said, but in the way the locks implemented Bluetooth communications, or with a lock’s companion smartphone app. Four locks, for example, transmitted their user passwords in plaintext to smartphones, making it easy for anyone with a $100 Bluetooth sniffer to pluck the passwords out of thin air.
From: http://xkcd.com/538/
Microsoft Live Account Credentials Leaking From Windows 8 And Above
Basically, the default User Authentification Settings of Edge/Spartan (also Internet Explorer, Outlook) lets the browser connect to local network shares, but erroneously fail to block connections to remote shares. To exploit this, an attacker would simply set up a network share. An embedded image link that points to that network share is then sent to the victim, for example as part of an email or website. As soon as the prepped content is viewed inside a Microsoft product such as Edge/Spartan, Internet Explorer or Outlook, that software will try to connect to that share in order to download the image. Doing so, it will silently send the user’s Windows login username in plaintext along with the NTLMv2 hash of the login password to the attacker’s network share.
Source: Microsoft Live Account Credentials Leaking From Windows 8 And Above | Hackaday
Facebook’s Filter Bubble Is Getting Worse
It wasn’t only about his News Feed list: He also tried to use the Facebook search function, also to no avail. It wasn’t that there were no posts about how great the Leave victory was. It was that Facebook, having identified him as a Remain voter, just wasn’t allowing him to see them.
Spybot Anti-Beacon for Windows
Anti-Beacon is small, simple to use, and is provided free of charge. It was created to address the privacy concerns of users of Windows 10 who do not wish to have information about their PC usage sent to Microsoft. Simply clicking “Immunize” on the main screen of Anti-Beacon will immediately disable any known tracking features included by Microsoft in the operating system.
Source: Spybot Anti-Beacon for Windows