Prosecutors suspect man hacked lottery computers to score winning ticket

Posted on April 14, 2015 by mea

In court documents filed last week, prosecutors said there is evidence to support the theory Tipton used his privileged position inside the lottery association to enter a locked room that housed the random number generating computers and infect them with software that allowed him to control the winning numbers. The room was enclosed in glass, could only be entered by two people at a time, and was monitored by a video camera. To prevent outside attacks, the computers aren’t connected to the Internet. Prosecutors said Tipton entered the so-called draw room on November 20, 2010, ostensibly to change the time on the computers. The cameras on that date recorded only one second per minute rather than running continuously like normal.

via Prosecutors suspect man hacked lottery computers to score winning ticket | Ars Technica.

New bill would invalidate FCC’s net neutrality rules

Posted on April 13, 2015 by mea

The legislation, introduced by Representative Doug Collins, a Georgia Republican, is called a resolution of disapproval, a move that allows Congress to review new federal regulations from government agencies, using an expedited legislative process.

via New bill would invalidate FCC’s net neutrality rules | PCWorld.

Cool, but obscure unix tools

Posted on April 12, 2015 by mea

Just a list of 20 (now 28) tools for the command line. Some are little-known, some are just too useful to miss, some are pure obscure — I hope you find something useful that you weren’t aware of yet! Use your operating system’s package manager to install most of them. (Thanks for the tips, everybody!)

via Cool, but obscure unix tools :: Software architect Kristof Kovacs.

Infamous “podcasting patent” knocked out

Posted on April 11, 2015 by mea

The ‘504 patent has a priority date of 1996, but as the EFF showed during its challenge to the patent office, that’s hardly the beginning of “episodic content” on the Internet. The EFF relied on two key examples of earlier technology to beat the patent: one was CNN’s “Internet Newsroom,” which patent office judges found fulfilled the key claims of having “(1) episodes; (2) an updated compilation file; and (3) a ‘predetermined URL’ for the compilation file.”

via Infamous “podcasting patent” knocked out | Ars Technica.

Don’t Be Fodder for China’s ‘Great Cannon’

Posted on April 10, 2015 by mea

“It only intercepts traffic to a certain set of Internet addresses, and then only looks for specific script requests. About 98 percent of the time it sends the Web request straight on to Baidu, but about two percent of the time it says, ‘Okay, I’m going to drop the request going to Baidu,’ and instead it directly provides the malicious reply, replying with a bit of Javascript which causes the user’s browser to participate in a DOS attack, Weaver said.

via Don’t Be Fodder for China’s ‘Great Cannon’ — Krebs on Security.

Interestingly, this type of attack is not unprecedented. According to documents leaked by National Security Agency whistleblower Edward Snowden, the NSA and British intelligence services used a system dubbed “QUANTUM” to inject content and modify Web results for individual targets that appeared to be coming from a pre-selected range of Internet addresses.

IoT Hubs Expose Connected Homes to Hackers

Posted on April 7, 2015 by mea

Many of the most serious flaws revealed a kind of sloppiness in the design and production of the devices, Brandon Creighton, Veracode’s research architect, told The Security Ledger. For example: both the Ubi and Wink Relay devices left debugging interfaces exposed and unsecured in their shipped product. That could provide an avenue for attackers who had access to the same network as the device to steal information or bypass other security controls.

Exposed debugging interfaces are useful during product testing, but have little or no utility to consumers. That suggests that the companies merely forgot to restrict access to them before shipping, Creighton said.

via Research: IoT Hubs Expose Connected Homes to Hackers | The Security Ledger.

10 Years of Git: An Interview with Git Creator Linus Torvalds

Posted on April 6, 2015 by mea

Ten years ago this week, the Linux kernel community faced a daunting challenge: They could no longer use their revision control system BitKeeper and no other Software Configuration Management (SCMs) met their needs for a distributed system. Linus Torvalds, the creator of Linux, took the challenge into his own hands and disappeared over the weekend to emerge the following week with Git. Today Git is used for thousands of projects and has ushered in a new level of social coding among programmers.

via 10 Years of Git: An Interview with Git Creator Linus Torvalds | Linux.com.

So git was basically designed and written for my requirements, and it shows.

AT&T’s plan to watch your Web browsing—and what you can do about it

Posted on April 4, 2015 by mea

If you have AT&T’s gigabit Internet service and wonder why it seems so affordable, here’s the reason—AT&T is boosting profits by rerouting all your Web browsing to an in-house traffic scanning platform, analyzing your Internet habits, then using the results to deliver personalized ads to the websites you visit, e-mail to your inbox, and junk mail to your front door.

via AT&T’s plan to watch your Web browsing—and what you can do about it | Ars Technica.

Use https. They may know which sites you visit but they won’t know any of the http fields because that is all encrypted. Most big sites like Google and Facebook use https by default nowadays.

TrueCrypt doesn’t contain NSA backdoors

Posted on April 3, 2015 by mea

A security audit of TrueCrypt has determined that the disk encryption software does not contain any backdoors that could be used by the NSA or other surveillance agencies. A report prepared by the NCC Group for Open Crypto Audit Project found that the encryption tool is not vulnerable to being compromised.

via TrueCrypt doesn’t contain NSA backdoors.

Graphics from the command line

Posted on March 31, 2015 by mea

This article shows how to perform image manipulation using command-line tools. I do this job quite often, since I’ve picked up a some digital cameras and now manage a library of several thousand happy snaps. For Web developers and administrators who frequently have to batch-process large numbers of images, command line tools are an especially attractive option, because the developer can incorporate them into scripts. But even if you only want to perform a manipulation once or twice, a command-line alternative can save time.

The command line tools discussed in this article are part of the excellent ImageMagick suite, which ships with Red Hat Linux and is freely available online (see Resources). ImageMagick can also be accessed via C, C++, Perl, Python, Java, and several other languages, which Linux programmers will appreciate.

via Graphics from the command line.

Bucktown Bell

Cut to the chase.

Author Archives: mea