Language Selection

English French German Italian Portuguese Spanish

Security

Does Your Wi-Fi Hotspot Have an Evil Twin?

Filed under
Security

Identity thieves are going wireless in their quest to steal your personal info.

You may want to think twice before logging into a public wireless hotspot. Sure, grabbing a few minutes of connectivity is convenient, but identity thieves are discovering that, through "evil twin" attacks, hotspots are a great way to steal unsuspecting users' private information. So how does an evil twin attack work?

Report finds surge in on-line attacks

Filed under
Security

Internet attacks on businesses and other organizations increased by about 28 per cent in the second half of 2004 compared with the first six months of the year, and hackers are setting their sights on the rapidly emerging mobile-computing market, warns a report on Internet security to be released Monday.

US Advisory panel recommends more federal R&D spending

Filed under
Security

The Presidential IT Advisory Committee (PITAC) has recommended the federal government sharply increase its spending on cybersecurity R&D and shift the focus to fundamental, long-term solutions to security challenges.

"The IT infrastructure is highly vulnerable to premeditated attacks with potentially catastrophic effects," PITAC warned in a letter submitting the report, titled Cyber Security: A Crisis in Prioritization, to the president. "These vulnerabilities put the nation's entire critical infrastructure at risk."

The strange decline of computer worms

Filed under
Security

Although windows-centric, theregister has published an article on the lessening numbers of "Slammer-style worms". They attribute this decline to "the widespread use of XP SP2 and greater use of personal firewall" rendering "worms far less potent in the same way that boot sector viruses died out with Windows 95 and the introduction of Office 2000 made macro viruses far less common."

Linux Kernel Multiple Vulnerabilities

Filed under
Security

secunia.com has published "some vulnerabilities have been reported in the Linux kernel. One has an unknown impact, and the others can be exploited to cause a DoS (Denial of Service) and potentially compromise a vulnerable system."

Have hackers recruited your PC?

Filed under
Security

BBC news has posted an article relating a study "by security researchers who have spent months tracking more than 100 networks of remotely-controlled machines. They discovered 'bot nets [were]used to launch 226 distributed denial-of-service attacks on 99 separate targets.'"

KDE DCop DoS Vulnerability prior to 3.4

Filed under
KDE
Security

Sebastian Krahmer has reported a vulnerability in KDE, which can be exploited by malicious, local users to cause a DoS (Denial of Service).

The vulnerability is caused due to an error in the authentication process in the DCOP (Desktop Communication Protocol) daemon dcopserver. This can be exploited to lock the dcopserver for arbitrary local users. Successful exploitation may result in decreased desktop functionality for the affected user.

The vulnerability has been reported in versions prior to 3.4.

Solution: Upgrade to KDE 3.4 or apply patch.

Click for more information and links to patches.

Original information on dot.kde.org.

US cyber-security 'nearly failing'

Filed under
Security

Cyber-security in the US is "nearly failing" and has been given a "must try harder" D+ rating by the Federal government.

The US Office of Management and Budget set forth cyber-security standards in the Federal Security Management Act 2002, encouraging federal agencies to tighten their IT systems.

Windows Media Player Digital Rights Management Spy

Filed under
Microsoft
Security

This is something really nasty in the XP filing system... it's in Windows Media Player, and it not only has all the information about Digital Rights Management, it also has all the information about your local police force..... QED... Not only is microsoft spying on you, they are also telling the cops what you have got on your system....

US DHS buys more name analysis tools

Filed under
Security

The Homeland Security Department's Customs and Border Protection agency, an arm of the Border and Transportation Security Directorate, has signed a sole-source contract with Language Analysis Systems Inc. of Herndon, Va., for additional software to help analyze names of people.

The software is particularly useful in winnowing the names of terrorists out of lists of passengers or other data sources.

Syndicate content

More in Tux Machines

Red Hat News/Leftovers

Cloudgizer: An introduction to a new open source web development tool

Cloudgizer is a free open source tool for building web applications. It combines the ease of scripting languages with the performance of C, helping manage the development effort and run-time resources for cloud applications. Cloudgizer works on Red Hat/CentOS Linux with the Apache web server and MariaDB database. It is licensed under Apache License version 2. Read more

James Bottomley on Linux, Containers, and the Leading Edge

It’s no secret that Linux is basically the operating system of containers, and containers are the future of the cloud, says James Bottomley, Distinguished Engineer at IBM Research and Linux kernel developer. Bottomley, who can often be seen at open source events in his signature bow tie, is focused these days on security systems like the Trusted Platform Module and the fundamentals of container technology. Read more

TransmogrifAI From Salesforce

  • Salesforce plans to open-source the technology behind its Einstein machine-learning services
    Salesforce is open-sourcing the method it has developed for using machine-learning techniques at scale — without mixing valuable customer data — in hopes other companies struggling with data science problems can benefit from its work. The company plans to announce Thursday that TransmogrifAI, which is a key part of the Einstein machine-learning services that it believes are the future of its flagship Sales Cloud and related services, will be available for anyone to use in their software-as-a-service applications. Consisting of less than 10 lines of code written on top of the widely used Apache Spark open-source project, it is the result of years of work on training machine-learning models to predict customer behavior without dumping all of that data into a common training ground, said Shubha Nabar, senior director of data science for Salesforce Einstein.
  • Salesforce open-sources TransmogrifAI, the machine learning library that powers Einstein
    Machine learning models — artificial intelligence (AI) that identifies relationships among hundreds, thousands, or even millions of data points — are rarely easy to architect. Data scientists spend weeks and months not only preprocessing the data on which the models are to be trained, but extracting useful features (i.e., the data types) from that data, narrowing down algorithms, and ultimately building (or attempting to build) a system that performs well not just within the confines of a lab, but in the real world.