Skip navigation
Help

Baltimore

warning: Creating default object from empty value in /var/www/vhosts/sayforward.com/subdomains/recorder/httpdocs/modules/taxonomy/taxonomy.pages.inc on line 33.

The National Security Agency wants your kids to know that it's cool to be "cyber smart."

As part of the agency's outreach to promote interest in technology and recruit a future generation of computer security experts, the NSA has links on its homepage to two sites targeted at children and adolescents. The "Kids Page," intended for elementary age children, appears to be down at the moment—either that, or the error code reference (Reference #97.887ffea5.1374616699.dc7bfc5) is an encoded message to grade school operatives that it's time to report in.

But the "Change The World" page, targeted at middle and high school students, is chock full of crypto-clearance fun. There's a word search, a PDF to print to make your own letter substitution code wheel, and a collection of tips on how to be a good cyber-citizen. Ironically, some of these tips might be useful for people concerned about how much data is being collected on them through broad metadata collection and FISA Court warranted PRISM probes.

Among the NSA's tips for kids is this sage wisdom: "Be cyber courteous! It is too easy to hide behind a computer! A cyber smart person never says anything online that they wouldn’t say in person. Remember that what you write in an e-mail can usually be retrieved and shared with others, so be responsible with e-mails, chats, and online communications." Especially since those e-mails, chats, and online communications could be getting captured in real-time by one of the NSA's network taps.

The NSA does offer kids some helpful password advice. "Try this: Take four random words…take the first three letters of each word, make some letters upper case and others lower case, then add any two or three numbers and then some character like @#$%&... the password should be at least 14 characters and memorable (or write it down but protect it). You should have a different password for each account that you have!" The NSA also suggests that kids only share their passwords with their parents. "No one else should have them—not your friends, teachers, or other family members."

The NSA wants kids to look out for software trojan horses and to play fair. "Do you download 'cheat' programs that promise information to how to perform better or beat a game?" the site asks. "Sometimes cheat downloads are used to implant a virus or malware on your computer!"

There's also some helpful information on protecting kids' identities online, including how to behave on social networks and in online games. "Do you use an avatar? You should. While cameras and webcams are popular, they also reveal who you are. When gaming, keep your true identity a mystery. Cyber sleuths never reveal their true identity except to trusted adults, like your parents!"

0
Your rating: None
Original author: 
Sean Gallagher


NSA Headquarters in Fort Meade, MD.

mjb

One organization's data centers hold the contents of much of the visible Internet—and much of it that isn't visible just by clicking your way around. It has satellite imagery of much of the world and ground-level photography of homes and businesses and government installations tied into a geospatial database that is cross-indexed to petabytes of information about individuals and organizations. And its analytics systems process the Web search requests, e-mail messages, and other electronic activities of hundreds of millions of people.

No one at this organization actually "knows" everything about what individuals are doing on the Web, though there is certainly the potential for abuse. By policy, all of the "knowing" happens in software, while the organization's analysts generally handle exceptions (like violations of the law) picked from the flotsam of the seas of data that their systems process.

I'm talking, of course, about Google. Most of us are okay with what Google does with its vast supply of "big data," because we largely benefit from it—though Google does manage to make a good deal of money off of us in the process. But if I were to backspace over Google's name and replace it with "National Security Agency," that would leave a bit of a different taste in many people's mouths.

Read 31 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Sean Gallagher


A frame of Timelapse's view of the growth of Las Vegas, Nevada.

Google, USGS

This story has been updated with additional information and corrections provided by Google after the interview.

In May, Google unveiled Earth Engine, a set of technologies and services that combine Google's existing global mapping capabilities with decades of historical satellite data from both NASA and the US Geological Survey (USGS). One of the first products emerging from Earth Engine is Timelapse—a Web-based view of changes on the Earth's surface over the past three decades, published in collaboration with Time magazine.

The "Global Timelapse" images are also viewable through the Earth Engine site, which allows you to pan and zoom to any location on the planet and watch 30 years of change, thanks to 66 million streaming video tiles. The result is "an incontrovertible description of what's happened on our planet due to urban growth, climate change, et cetera," said Google Vice President of Research and Special Initiatives Alfred Spector.

Read 19 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Sean Gallagher


MWE Lab's Emperor 1510 LX—don't call it a chair.

MWE Labs

Science fiction is filled with cherished seats of power, workstations that put the universe a finger-touch or a mere thought away. Darth Vader had his meditation pod, the Engineers of Prometheus had their womb-like control stations, and Captain Kirk has the Captain's Chair. But no real-life workstation has quite measured up to these fictional seats of power in the way that Martin Carpentier's Emperor workstations have.

The latest "modern working environment" from Carpentier's Quebec City-based MWE Lab is the Emperor 1510 LX. With a retractable monitor stand that can support up to five monitors (three 27-inch and two 19-inch), a reclining seat with thigh rest, a Bose sound system, and Italian leather upholstery, the Emperor 1510 LX looks more like a futuristic vehicle than a workstation.  And it's priced like a vehicle, too—it can soon be yours for the low, low price of $21,500.

Tale of the Scorpion

In 2006, Carpentier was slaving away as a web designer when he reached a breaking point. He was tired of his tangle of cables, the struggle to manage multiple monitors, and the horrible ergonomics that came with a standard computer desk. Inspired by the emperor scorpion, Carpentier modeled his workstation after its tail, with the monitors suspended at the stinger.

Read 12 remaining paragraphs | Comments

0
Your rating: None
Original author: 
timothy

Madwand writes "The NetBSD Project is pleased to announce NetBSD 6.1, the first feature update of the NetBSD 6 release branch. It represents a selected subset of fixes deemed important for security or stability reasons, as well as new features and enhancements. NetBSD is a free, fast, secure, and highly portable Unix-like Open Source operating system. It is available for a wide range of platforms, from large-scale servers and powerful desktop systems to handheld and embedded devices. Its clean design and advanced features make it excellent for use in both production and research environments, and the source code is freely available under a business-friendly license. NetBSD is developed and supported by a large and vibrant international community. Many applications are readily available through pkgsrc, the NetBSD Packages Collection."

Share on Google+

Read more of this story at Slashdot.

0
Your rating: None
Original author: 
Sean Gallagher


Alpha.data.gov, an experimental data portal created under the White House's Open Data Initiative.

Data.gov

President Barack Obama issued an executive order today that aims to make "open and machine-readable" data formats a requirement for all new government IT systems. The order would also apply to existing systems that are being modernized or upgraded. If implemented, the mandate would bring new life to efforts started by the Obama administration with the launch of Data.gov four years ago. It would also expand an order issued in 2012 to open up government systems with public interfaces for commercial app developers.

"The default state of new and modernized Government information resources shall be open and machine readable," the president's order reads. "Government information shall be managed as an asset throughout its life cycle to promote interoperability and openness, and, wherever possible and legally permissible, to ensure that data are released to the public in ways that make the data easy to find, accessible, and usable." The order, however, also requires that this new "default state" protect personally identifiable information and other sensitive data on individual citizens, as well as classified information.

Broadening the “open” mandate

The president's mandate was initially pushed forward by former Chief Information Officer of the United States Vivek Kundra. In May of 2009, Data.gov launched with an order that required agencies to provide at least three "high-value data sets" through the portal.

Read 6 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Sean Gallagher

Original photo by Michael Kappel / Remixed by Aurich Lawson

Have a plan to steal millions from banks and their customers but can't write a line of code? Want to get rich quick off advertising click fraud but "quick" doesn't include time to learn how to do it? No problem. Everything you need to start a life of cybercrime is just a few clicks (and many more dollars) away.

Building successful malware is an expensive business. It involves putting together teams of developers, coordinating an army of fraudsters to convert ill-gotten gains to hard currency without pointing a digital arrow right back to you. So the biggest names in financial botnets—Zeus, Carberp, Citadel, and SpyEye, to name a few—have all at one point or another decided to shift gears from fraud rings to crimeware vendors, selling their wares to whoever can afford them.

In the process, these big botnet platforms have created a whole ecosystem of software and services in an underground market catering to criminals without the skills to build it themselves. As a result, the tools and techniques used by last years' big professional bank fraud operations, such as the "Operation High Roller" botnet that netted over $70 million last summer, are available off-the-shelf on the Internet. They even come with full technical support to help you get up and running.

Read 63 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Sean Gallagher


The MT.Gox lookalike site that delivered malware to unwitting Bitcoiners.

In another example of the security mantra of "be careful what you click," at least one Bitcoin trader has been robbed in a forum "phishing" attack designed specifically to ride the hype around the digital currency. The attack attempts to use Java exploits or fake Adobe updates to install malware, and it's one of the first targeted attacks aimed at the burgeoning business of Bitcoin exchanges.

The bait for the attack was a post to a Bitcoin traders' forum announcing that MT.Gox was going to start handling exchanges of Litecoins, a Bitcoin alternative. The post advertised a live chat on the topic at a link provided to mtgox-chat.info. That site, which used stolen code and style to masquerade as the legitimate MT.Gox site, then prompted victims to update their Java plugin and offered a forged Adobe updater.

The scam was first reported on reddit earlier this week, when a redditor reported spotting the fake site and its attempt to drop malware. While the attack was originally described by one of its victims as a "Java zero-day" exploit, it actually uses either a Java exploit or a fake Adobe updater to deliver its malware payload. That payload is DarkComet, a fairly common "remote administration tool" and keylogger. The attackers not only stole credentials for the victim's MT.Gox account, but they took other passwords as well.

Read 8 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Sean Gallagher

Think mobile devices are low-power? A study by the Center for Energy-Efficient Telecommunications—a joint effort between AT&T's Bell Labs and the University of Melbourne in Australia—finds that wireless networking infrastructure worldwide accounts for 10 times more power consumption than data centers worldwide. In total, it is responsible for 90 percent of the power usage by cloud infrastructure. And that consumption is growing fast.

The study was in part a rebuttal to a Greenpeace report that focused on the power consumption of data centers. "The energy consumption of wireless access dominates data center consumption by a significant margin," the authors of the CEET study wrote. One of the findings of the CEET researchers was that wired networks and data-center based applications could actually reduce overall computing energy consumption by allowing for less powerful client devices.

According to the CEET study, by 2015, wireless "cloud" infrastructure will consume as much as 43 terawatt-hours of electricity worldwide while generating 30 megatons of carbon dioxide. That's the equivalent of 4.9 million automobiles worth of carbon emissions. This projected power consumption is a 460 percent increase from the 9.2 TWh consumed by wireless infrastructure in 2012.

Read 1 remaining paragraphs | Comments

0
Your rating: None
Original author: 
Sean Gallagher

Over a year after the arrest of eight of its members in Russia, the alleged leader of the original Carberp botnet ring that stole millions from bank accounts worldwide has been arrested, along with about 20 other members of the ring who served as its malware development team. The arrests, reported by the news site Kommersant Ukraine, were a collaboration between Russian and Ukrainian security forces. The alleged ringleader, an unnamed 28-year-old Russian citizen, and the others were living throughout Ukraine.

Initially launched in 2010, Carberp primarily targeted the customers of Russian and Ukrainian banks and was novel in the way it doctored Java code used in banking apps to commit its fraud. Spread by the ring through malware planted on popular Russian websites, the Carberp trojan was used to distribute targeted malware that modifies the bytecode in BIFIT's iBank 2 e-banking application, a popular online banking tool used by over 800 Russian banks, according to Aleksandr Matrosov, senior malware researcher at ESET. The botnet that spread the malware, which was a variant of the Zeus botnet framework, also was used to launch distributed denial of service attacks.

In February of 2011 the group put its malware on the market, selling it to would-be cybercriminals for $10,000 per kit—but it pulled the kit a few months later.

Read 1 remaining paragraphs | Comments

0
Your rating: None