Slashdot Mirror

← Back to Domains

Domain: twitter.com

Stories and comments across the archive that link to twitter.com.

Comments · 4,251

  1. Nope... by KBehemoth · · Score: 2 · on What Sci-Fi Movies Teach Us About Project Management Skills

    Here are the real lessons of Sci-Fi movies.

  2. All of the documents by TubeSteak · · Score: 1 · on NSA Has No Clue As To Scope of Snowden's Data Trove

    Last month, the NSA said maybe 50,000 to 200,000 documents.
    Last night, 60 Minutes said it was 1.7 million documents
    Today it's "we may never know"

  3. Images from the surface by mbone · · Score: 5, Interesting · on Chinese Lunar Probe Lands Successfully

    There is a cool animated gif of the descent imager pictures of the landing, and a false color image of the surface.

  4. Re:The worst thing... by Wonko+the+Sane · · Score: 5, Insightful · on GitHub Takes Down Satirical 'C Plus Equality' Language

    Mostly I was talking about the multiple calls on Twitter to hunt down the people who dared to star the repository on GitHub and seek to get their employment terminated.

    Some people clearly can't take a joke, and are enraged that anyone else might, and will punish anyone who doesn't comply with their demands.

  5. While we're at it by FooAtWFU · · Score: 5, Interesting · on GitHub Takes Down Satirical 'C Plus Equality' Language

    It seems it was also too hot for Hacker News to discuss.

  6. A twitter feed of changes. by Malkin · · Score: 1 · on Ask Slashdot: To Publish Change Logs Or Not?

    Some people think we're crazy, but on the game "Card Hunter," we publish all of our check-in messages on Twitter.

    Here are some of the benefits:

    • 1.) We have taken up the discipline of writing check-in messages that are easy to digest.
    • 2.) Players have an opportunity to get excited about what we are doing before it is released, but after we have done the work.
    • 3.) Players can see that it's a living project -- that we are actively improving the game.
    • 4.) Players can see that bugs are being fixed -- that we care.

    Obviously, we make an effort not to post things that are going to compromise our security.

    Has there been a downside? It hasn't bitten us yet. There is usually no reason to hide what technologies you are using, unless you are using something that is highly vulnerable, or you are making other bad choices. Don't do that. There is no reason to hide that your software has bugs. Everyone knows you have bugs. It's only shameful if you aren't fixing them.

    Are we really crazy?

  7. Re:A simpler approach by Suomi-Poika · · Score: 2 · on Disqus Bug Deanonymizes Commenters

    Actually no.

    Researchgruppen is an ultra-leftist organization, run by people who have committed assaults. They are offering a 50 000 SKR bounty for someone to hack the Flashback site to de-anonymize their political opponents there.

    These "racist" sites are the ones which post news without Swedish white pixelization and political correctness. However it is true that there are comments which are negative - just like comments in any media outlet.

    What Expressen and Researchgruppen did was that they de-anonymized their political opponents. They are also targeting people who have nothing to do with Swedish Democrats, just ordinary people who disagree with the nation wide consensus of immigration and do not want lose their jobs for expressing their opinions.

    As a Finnish citizen I am very worried of the state of democracy in Sweden. Swedish media is hell bent to destroy Swedish Democrats and they use any means. Swedish ultra left is extremely violent and seems to enjoy total freedom. It is not the ultra right or racists who do the majority of political violence in Sweden.

    Outing political opponents and making a illegal registers of identities breaks Swedish and EU laws. Harassing people because of this also breaks laws, anonymous or not, people have right to express their opinions in the network and ordinary citizens can not expect to be chased by the media or extremely violent political groups because of that.

    We Finns always joke how Swedes "Diskuterar" so much of everything but it seems we are little bit outdated on that belief. Swedish media do not want to have civilized discussion and extremist groups are using violence to advance their cause.

  8. #badbios - probing for deeper looks at by Anonymous Coward · · Score: -1 · on The Quest To Build Xbox One and PS4 Emulators

    @Clive Robinson

    A lot of people are wondering why dragosr was the only one to run across this malware. In fact, he wasn't. The people who were before him were mocked and most threads closed and either deleted or shuffled to areas of message boards where Joe Q public couldn't see it and question this for themselves. [some] Major Anti-Virus companies included.

    Users didn't want to know, companies didn't want to know. Unless you were "known" in the field, like dragosr, and even then, you are handled like you may be retarded or just need a vacation.

    Here is one of dozens of reports:

    LCD Monitor Broadcasts Noise To Radio! Why? (FRS)
    http://forums.radioreference.com/computer/255488-lcd-monitor-broadcasts-noise-radio-why.html

    Final post in that thread:

    "BOTTOM LINE: No matter WHAT you do, all devices that use electricity will emit some sort of interference in the air and there's nothing you can do about it without unplugging/turning it off. "

    including:

    "Have you noticed any nondescript white vans or black helicopters in your neighborhood?

    What do you do or have you done to make "them" take such an interest in you that "they" have to bug you?

    You need a bigger tinfoil hat, perhaps a full body suit."

    Another thread:

    Gpu based paravirtualization rootkit, all os vulne

    http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html

    This:

    U.N. report reveals secret law enforcement techniques

    "Point 201: Mentions a new covert communications technique using software defined high frequency radio receivers routed through the computer creating no logs, using no central server and extremely difficult for law enforcement to intercept."

    http://www.unodc.org/documents/frontpage/Use_of_Internet_for_Terrorist_Purposes.pdf

    http://www.hacker10.com/other-computing/u-n-report-reveals-secret-law-enforcement-techniques/

    I think this is something which has been brewing for years, but "forces" beyond our sight have managed to stifle any serious investigation into the technology. Some have announced they are retreating to ancient technology of the 70's and 80's, others are looking towards open source hardware and software combinations.

    Is it time Wireshark included audio monitoring as well? Off to play with a recording device and Audacity.

    https://www.schneier.com/blog/archives/2013/11/friday_squid_bl_402.html#c2751193

    ###

    Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
    ---
    Malware communicates at a distance of 65 feet using built-in mics and speakers.

    by Dan Goodin - Dec 2, 2013 7:29 pm UTC

    http://arstechnica.com/author/dan-goodin
    https://twitter.com/dangoodin001

    "Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."

    http://arstechnica.com/security/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/

    --------------------
    Topology of a covert mesh network that connects air-gapped computers to the Internet:

  9. bad BIOS saga continues - 12/2013 by Anonymous Coward · · Score: -1 · on Air Traffic Control "Telephone Glitch" Delays Hundreds of UK Flights

    Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
    ---
    Malware communicates at a distance of 65 feet using built-in mics and speakers.

    by Dan Goodin - Dec 2, 2013 7:29 pm UTC

    http://arstechnica.com/author/dan-goodin
    https://twitter.com/dangoodin001

    "Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."

    http://arstechnica.com/security/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/

    ---
    Topology of a covert mesh network that connects air-gapped computers to the Internet:

    http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg

    http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    ----

    "Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.

    The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.

    The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."

    [1] http://www.fkie.fraunhofer.de/en.html
    [2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    [3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

    ""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."

    The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied

  10. Re:Breach of contract, copyright infringement by David+Gerard · · Score: 1 · on Elsevier Going After Authors Sharing Their Own Papers

    Alicia would like your takedown notice to investigate. (Please do let the world know the results.)

  11. Help promote our WhiteHouse.Gov petition today! by bszoka6940 · · Score: 5 · on Ask TechFreedom's Berin Szoka About Govt. Policy and Privacy Online

    TechFreedom is part of a broad coalition of dozens of groups across the political spectrum are joining in a Day of Action TODAY to drive up the signature count on our WhiteHouse.gov petition: http://wh.gov/lBibY We've got nearly 45k signatures but need to hit 100k by December 12. That's the threshold the WhiteHouse requires for getting a response to a petition. (Remember, they raised it from 50k after that "Please build a Deathstar" petition got 50k.) So please take a moment to sign the petition and share it with your friends! Just use the #ECPA hashtag or reshare or retweet our posts: https://twitter.com/TechFreedom/status/408644380946599937 https://www.facebook.com/photo.php?fbid=701905029820560&set=a.621919951152402.1073741825.180669971944071&type=1&theater This infographic explains ECPA in more detail: http://tch.fm/IHzTtE

  12. bad BIOS saga continues - 12/13 by Anonymous Coward · · Score: -1 · on Tesla Would Be Proud: Wireless Charging For Electric Cars Gets Closer To Reality

    Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
    -
    Malware communicates at a distance of 65 feet using built-in mics and speakers.

    by Dan Goodin - Dec 2, 2013 7:29 pm UTC

    http://arstechnica.com/author/dan-goodin
    https://twitter.com/dangoodin001

    "Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."

    http://arstechnica.com/security/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/

    -
    Topology of a covert mesh network that connects air-gapped computers to the Internet:

    http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg

    http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    -

    "Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.

    The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.

    The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."

    [1] http://www.fkie.fraunhofer.de/en.html
    [2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    [3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

    ""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."

    The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops

  13. bad BIOS saga continues - 12/13 by Anonymous Coward · · Score: -1 · on eBay Founder Pleads For Leniency For the PayPal 14

    Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
    -
    Malware communicates at a distance of 65 feet using built-in mics and speakers.

    by Dan Goodin - Dec 2, 2013 7:29 pm UTC

    http://arstechnica.com/author/dan-goodin
    https://twitter.com/dangoodin001

    "Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."

    http://arstechnica.com/security/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/

    -
    Topology of a covert mesh network that connects air-gapped computers to the Internet:

    http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg

    http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    -

    "Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.

    The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.

    The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."

    [1] http://www.fkie.fraunhofer.de/en.html
    [2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    [3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

    ""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."

    The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique

  14. bad BIOS saga continues - 12/13 by Anonymous Coward · · Score: -1 · on NSA Tracking Cellphone Locations Worldwide

    bad BIOS saga continues - 12/13
    -
    Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
    -
    Malware communicates at a distance of 65 feet using built-in mics and speakers.

    by Dan Goodin - Dec 2, 2013 7:29 pm UTC

    http://arstechnica.com/author/dan-goodin
    https://twitter.com/dangoodin001

    "Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."

    http://arstechnica.com/security/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/

    -
    Topology of a covert mesh network that connects air-gapped computers to the Internet:

    http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg

    http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    -

    "Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.

    The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.

    The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."

    [1] http://www.fkie.fraunhofer.de/en.html
    [2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    [3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

    ""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."

    The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. Th

  15. bad BIOS saga continues - 12/13 by Anonymous Coward · · Score: -1 · on The Status of the Fukushima Clean-Up

    Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
    -
    Malware communicates at a distance of 65 feet using built-in mics and speakers.

    by Dan Goodin - Dec 2, 2013 7:29 pm UTC

    http://arstechnica.com/author/dan-goodin
    https://twitter.com/dangoodin001

    "Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."

    http://arstechnica.com/security/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/

    -
    Topology of a covert mesh network that connects air-gapped computers to the Internet:

    http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg

    http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    -

    "Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.

    The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.

    The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."

    [1] http://www.fkie.fraunhofer.de/en.html
    [2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    [3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

    ""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."

    The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied

  16. bad BIOS saga continues - 12/13 by Anonymous Coward · · Score: -1 · on The Status of the Fukushima Clean-Up

    Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
    -
    Malware communicates at a distance of 65 feet using built-in mics and speakers.

    by Dan Goodin - Dec 2, 2013 7:29 pm UTC

    http://arstechnica.com/author/dan-goodin
    https://twitter.com/dangoodin001

    "Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."

    http://arstechnica.com/security/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/

    -
    Topology of a covert mesh network that connects air-gapped computers to the Internet:

    http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg

    http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    -

    "Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.

    The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.

    The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."

    [1] http://www.fkie.fraunhofer.de/en.html
    [2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    [3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

    ""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."

    The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied

  17. bad BIOS saga continues - 12/13 by Anonymous Coward · · Score: -1 · on China Prefers Sticking With Dying Windows XP To Upgrading

    Scientist-developed malware prototype covertly jumps air gaps using inaudible sound
    -
    Malware communicates at a distance of 65 feet using built-in mics and speakers.

    by Dan Goodin - Dec 2, 2013 7:29 pm UTC

    http://arstechnica.com/author/dan-goodin
    https://twitter.com/dangoodin001

    "Dan is the IT Security Editor at Ars Technica, which he joined in 2012 after working for The Register, the Associated Press, Bloomberg News, and other publications."

    http://arstechnica.com/security/2013/12/scientist-developed-malware-covertly-jumps-air-gaps-using-inaudible-sound/

    -
    Topology of a covert mesh network that connects air-gapped computers to the Internet:

    http://cdn.arstechnica.net/wp-content/uploads/2013/12/acoustical-mesh-network.jpg

    http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    -

    "Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.

    The proof-of-concept software-or malicious trojans that adopt the same high-frequency communication methods-could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.

    The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics[1], recently disclosed their findings in a paper published in the Journal of Communications[2]. It came a few weeks after a security researcher said his computers were infected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps[3]. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware."

    [1] http://www.fkie.fraunhofer.de/en.html
    [2] http://www.jocm.us/index.php?m=content&c=index&a=show&catid=124&id=600
    [3] http://arstechnica.com/security/2013/10/meet-badbios-the-mysterious-mac-and-pc-malware-that-jumps-airgaps/

    ""In our article, we describe how the complete concept of air gaps can be considered obsolete as commonly available laptops can communicate over their internal speakers and microphones and even form a covert acoustical mesh network," one of the authors, Michael Hanspach, wrote in an e-mail. "Over this covert network, information can travel over multiple hops of infected nodes, connecting completely isolated computing systems and networks (e.g. the internet) to each other. We also propose some countermeasures against participation in a covert network."

    The researchers developed several ways to use inaudible sounds to transmit data between two Lenovo T400 laptops using only their built-in microphones and speakers. The most effective technique relied on sof

  18. Re:If I had to guess who the founder of bitcoin wa by thatkid_2002 · · Score: 1 · on Is GWU Econ Prof. Nick Szabo Satoshi Nakamoto?
    Oh yeah, Zed Shaw saw that guy today. https://twitter.com/zedshaw/status/408018099284090880

    Asian guy with dreds walks in with a car battery and a charger, sits down, plugs the charger in, and hangs out while the battery charges.

  19. Similarity with Linux by DrYak · · Score: 1 · on Bitcoin Miners Bundled With PUPs In Legitimate Applications Backed By EULA

    Man, the future of FOREX is going to make the Linux DE holy wars look like minor doctrinal differences...

    I think the parallel with Linux is valid on a lot of point.
    Not only have recent history seen an explosion of variants:
    (There are many alt-coins just as there are many linux distributions).
    But on the long term, probably is will resolve itself in the same way:
    A couple of widespread mainstream variants (like Debian, Redhat, Ubuntu, openSUSE) (same in the crypto-coin world: Bitcoin and Litecoin are apparently here to stay, and happy at their position)
    A few others for more specialist uses (like Gentoo, Knoppix, SystemRescueCD) (probably in the crypto world some *actually anonymous* coin will emerge).
    And then a whole bunch of entries that nobody has ever heard of and are almost not used.

    But there's a small difference:
    - Low popularity linux distro, end up usually abandonned
    - Whereas, low use coins end up being the playground for troll-traders.

  20. Zerocoin Efficiency Problems Solved by thatkid_2002 · · Score: 2 · on RMS Calls For "Truly Anonymous" Payment Alternative To Bitcoin
    From the creator of Zerocoin: https://twitter.com/imichaelmiers/status/407529344626864128

    Richard Stallman's calls for anonymous Bitcoin. Good thing we've fixed the main efficiency limitations of Zerocoin

    and

    Spends are now about 300 bytes and take about 10ms to verify. Took a completely different set of crypto primitives to get there.

  21. Cowtan & Way 2013 trend is inside HadCRUT4 err by khayman80 · · Score: 4, Interesting · on Siberia's Methane Release Larger Than Previously Thought

    Cowtan and Way 2013 compensated for missing HadCRUT4 surface temperature measurements in places like the Arctic and Africa by using the spatial pattern of satellite data to produce a hybrid satellite/surface dataset. Jane and Lonny ponder the differences between Cowtan and Way's hybrid dataset and HadCRUT4:

    I keep asking: what's wrong with my basic premise: that if your measurements are shown to be off by 100%, there's something wrong with your science? That was my point. [Jane Q. Public]

    ... They are saying that it is not the 0.05 degrees C per decade that the AR5 report gives for the last 15 years, but that it is, instead, 0.12 degrees C. Which is actually a difference of not 100% but 140%, for the most recent 15 years. [Jane Q. Public]

    @ScienceChannel @jimmygle PLEASE tell the Anthropogenic Global Warmists! Yet another report surfaced saying their "science" was off by 140% [Lonny Eachus]

    Jane and Lonny's basic premise wrongly ignores the large error bars on these noisy, short-term trends. The SkS trend calculator can calculate the trends and error bars from 1997 through (including) 2012 for both HadCrut4 and Cowtan and Way's hybrid dataset:

    1997-2013 HadCRUT4 Trend: 0.049 0.126 C/decade
    1997-2013 HadCRUT4 hybrid Trend: 0.119 0.150 C/decade

    The hybrid dataset's central estimate is inside the error bars of the original HadCRUT4 estimate.

    ... they haven't been right yet... They admit that they have no explanation why their models, which projected continued if not increased warming, do not explain why it has dropped by more than half (0.12 to 0.05 deg. C / decade) over the last 15 years. Or, for that matter, why their margin of error (-0.05 to +0.15 deg. C) for the last decade and a half is 4 times the size of their actual estimated warming. Nope... it's pretty damned clear. Something is wrong with their science. [Jane Q. Public]

    I calculated error bars on UAH trends. The black line on the second page shows the UAH trend ending in 2012, for different starting years. The error bars are shown in red; they're 95% confidence uncertainty bounds. Note that error bars on longer trends are smaller than the large error bars on shorter trends.

    Anyone can reproduce my results by downloading the free "R" programming language used by professional statisticians. Then save this code as "significance.r":

    # run using R CMD BATCH significance.r
    # outputs to Rplots.pdf and significance.r.Rout
    # load custom functions

    # for generalised least squares
    library(nlme)

    # options
    xunits="year"
    textsize=1.4
    titlesize=1.8
    colfit="red"
    pch1=20#points

    # read basin data
    indata = read.table("greenland2013/GIS_climate.nasa.txt",header=T)
    title="Greenland mass"
    yunits="gigatons"
    tlims=c(-350,-190)
    alims=c(-60,0)
    #indata = indata[which(indata$x>2002.0),]

    # remove mean
    indata$y = indata$y - mean(indata$y)

    n = length(indata$x)
    n

    midpoint=(indata$x[n]-indata$x[1])/2.0+indata$x[1]

    # fit model
    fit=gls(y~x,data=indata,corr=corARMA(p=1,q=1))
    #fit=gls(y~x+sin(2*pi*x)+cos(2*pi*x),data=indata,corr=corARMA(p=1,q=1))
    #fit=gls

  22. Re:Just imagine by Anonymous Coward · · Score: 1 · on No Shirt, No Shoes, No Service — and No Google Glass, Either

    This tweet is the best:

    I cannot wait to see my therapist next week. I started seeing her bc of Google Glass tensions at work. Now my story is international.

  23. Re:Just imagine by Anonymous Coward · · Score: 5, Informative · on No Shirt, No Shoes, No Service — and No Google Glass, Either

    The guy who complained is a complete douche who demanded that the manager get fired. He's also #GlassExplorer! And look at his haircut. The self-entitled rich tech geek boy force is strong in this one. His poor rights were violated and he's going to complain to everybody.

  24. Re:Sell now. by Anonymous Coward · · Score: 0 · on Bitcoin Tops $1,000 For the First Time

    a) It wasn't, the trend was going there for days
    b) 7500BTC is 0.06% of current BTC in circulation (~12M)
    c) It's "alleged loss of 7500BTC", not "loss of $7.5M in BitCoin" - after reading this tweet by the guy who "lost" them it just sounds like a BTC equivalent of Nigerian Prince.

  25. Sungrazer Twitter feed -- a useful source by jeffb+(2.718) · · Score: 3, Informative · on Comet ISON Approaches Perihelion

    I've never been much of a Twitter fan, but this feed has been excellent for links to timely information and discussion:

    SungrazerComets on Twitter

  26. Re:Other Fields? by AlternativeIdeas · · Score: 0 · on Code.org: More Money For CS Instructors Who Teach More Girls

    You'll love these feminist quotes:

    https://twitter.com/AxeCo2Tax/status/399489435416674304/photo/1

  27. Re:Isn't the data public anyway? by Anonymous Coward · · Score: 1 · on Twitter Implements Forward Secrecy For Connections

    "In boundaries of my imagination, the user account password is pretty much the only private data that Twitter stores."

    Twitter messages are public but users can also send private messages.
    Source: http://en.wikipedia.org/wiki/Twitter#Privacy_and_security

    Also, it's possible to "protect" tweets. The Twitter account will say:
    "Only confirmed followers have access to @username's Tweets and complete profile. Click the "Follow" button to send a follow request."
    Source: https://support.twitter.com/articles/14016-about-public-and-protected-tweets

    You could've Google'd that. I did. Took me 2 minutes to search and write this reply.

  28. Re:Stats by Narishma · · Score: 1 · on Blue Light of Death Plagues PlayStation 4

    To be honest I'd be amazed if any new device shipping tens, maybe hundreds of thousands of units wasn't subject to some rate of failure. I hate Sony as much as the next guy but we basically know nothing at this point.

    Make that million+ units.

  29. Re:"Celebrity?" by guttentag · · Score: 2 · on LeVar Burton On Google Glass

    You've never heard of Geordi La Forge from Star Trek?

    He just didn't recognize Geordi without his Visual Instrument and Sensory Organ Replacement. Happens all the time, and Burton likes it that way. If everyone wore Google Glass he'd be recognized everywhere he goes, like poor Patrick Stewart. He couldn't ring the bell at the NYSE the other day for Twitter without people yelling, "Look, it's Captain Picard! Make it so! Come on, say it!" The guy dressed up as Nerval's Lobster for Halloween, but people still recognized him. Burton has plenty of reason to value his visual anonymity.

  30. Re:Furloughed workers by nbauman · · Score: 1 · on "War Room" Notes Describe IT Chaos At Healthcare.gov

    I don't know the specifics of where you live or what your insurance policy is.

    If your insurance company is telling you that you have to pay more for worse insurance after the ACA, then you should talk to somebody who knows a lot about health insurance, who isn't making money out of you, and who can give you objective advice about how to get insurance cheaper.

    If you can't find anybody else, ask Eric Stern. https://twitter.com/_ericstern He was able to show people in your situation how to save thousands of dollars a year.

    Here's the Kaiser subsidy calculator. http://kff.org/interactive/subsidy-calculator/

  31. Check Twitter while you're at it by Pope · · Score: 1 · on Credit Card Numbers Still Google-able

    People post pictures of their credit and debit cards all the freakin' time.

    https://twitter.com/NeedADebitCard

  32. Re:And the response is... by ifiwereasculptor · · Score: -1, Flamebait · on Canonical Targets Ubuntu Privacy Critic

    Well, YMMV on what constitutes an appropriate response. Me, I'd just swap the original logo for something like this: https://twitter.com/voodooKobra/status/398602765405917185/photo/1

  33. Re:As an outsider. by Anonymous Coward · · Score: 0 · on Healthcare.gov Official Resigns, Website Still a Disaster

    Some citations please. How many millions are finding out that their cheapest options under the ACA costs twice as much, and have higher deductibles? All I've seen are anecdotal stories on Fox News, that turn out to be either making deceitful claims, or, perhaps more charitably, are greatly mistaken about their options when 3rd parties not associated with the propaganda network examine their circumstances.

    An Economics professor at UMich made a chart based on estimates from Jon Gruber, a former economics advisor to Mitt Romney that lays out how people are "Obamacare Losers vs. Winners" The only conclusion I can draw is that the media, driven by profit-motive sensationalism under a 24/7 news cycle, has focused their attention on a disproportionate number of stories where people end up paying more... while glossing over the fact that their coverages are getting better, with no possibility of being cheated by the insurance industry for 'pre-existing conditions'.

    I'm sure you are dead set against the ACA regardless whether or not you think people are getting a fair deal. And your confirmation bias leads you to believe that any evidence that supports your views is valid and any evidence that refutes it is part of some left wing conspiracy... but did you ever stop and think that the same industry that disqualifies paying customers for coverage of births due to a finding that the pregnancy was a pre-existing condition.. that they might not be playing fairly?

    A lot of these people that are being told their plans are canceled and that their other options are more expensive are being told that by their insurance companies, who aren't offering them anything of comparable price, yes, but also aren't informing them that they could find less expensive options on the open exchanges set up by the ACA. They are just telling the customer about other options offered under their brand.

    People living as high as 400% of the federal poverty line ($78,000 for a family of 3, or $46K for an individual) get tax credits. Meaning that 6/7 people expected to sign up for the exchange are expected to save in the neighborhood of $5300 per year ion their taxes.

  34. Re: what about freeze tag? by Grishnakh · · Score: 1 · on Elementary School Bans Students From Touching Each Other

    Don't forget about Florida Man.

  35. Re:Stupid bastards, serves them right. by heypete · · Score: 2 · on Twitter Marks Clean Sites As Harmful, Breaks Links

    Twitter's article about their shortener lists 3 reasons for why they do it:

    1. Shortened links allow you to share long URLs in a Tweet while maintaining the maximum number of characters for your message.

    That's reasonable. Still, if that was the only reason why it existed then one should have the ability not to use it or use a different one.

    2. Our link service measures information such as how many times a link has been clicked, which is an important quality signal in determining how relevant and interesting each Tweet is when compared to similar Tweets.

    That information is valuable, I get that. Still, not really enough to justify requiring all links go through their shortener.

    3. Having a link shortener protects users from malicious sites that engage in spreading malware, phishing attacks, and other harmful activity. A link converted by Twitter’s link service is checked against a list of potentially dangerous sites. Users are warned with the error message below when clicking on potentially harmful URLs.

    In my view, this is what makes the mandatory use of t.co worthwhile -- malicious links can spread really quickly on Twitter and having a mechanism to help minimize the damage of malicious links is a good thing. Not all third-party shorteners have such checking, so it makes sense for Twitter to enforce the use of their shortener that does the checks.

  36. Re:Censorship? by number17 · · Score: 1 · on Twitter Marks Clean Sites As Harmful, Breaks Links
    I think Twitter covered all that when saying:
    https://twitter.com/tos

    We reserve the right at all times (but will not have an obligation) to remove or refuse to distribute any Content on the Services, to suspend or terminate users, and to reclaim usernames without liability to you.

    It would be an interesting case study for a company to explicitly state the content of your list. Users left Instagram when their TOS changed. Would users leave other services if they explicitly stated that they block content from group A because group B paid them to?

  37. #BadBIOS - BIOS Malware 1/2 by Anonymous Coward · · Score: -1 · on France Moves To Protect Independent Booksellers From Amazon

    #BadBIOS - BIOS Malware

    #

    - Copernicus: Question Your Assumptions about BIOS Security

    http://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/copernicus-question-your-assumptions-about

    - "Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed."

    https://twitter.com/dragosr/status/388512915742937089

    =

    - #BadBIOS

    https://twitter.com/search?q=%23BadBIOS

    =

    - "More on my ongoing chase of #badBIOS malware."

    https://plus.google.com/103470457057356043365/posts/9fyh5R9v2Ga
    https://plus.google.com/103470457057356043365

    =

    - Nobody Seems To Notice and Nobody Seems To Care: Government & Stealth Malware

    http://slexy.org/view/s2otvoDuKW

    =

    - Gpu based paravirtualization rootkit, all os vulne

    http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html

    =

    - #badBIOS (and lotsa paranoia, plus fireworks)

    https://kabelmast.wordpress.com/2013/10/23/badbios-and-lotsa-paranoia-plus-fireworks/

    =

    - Air-Gap-Breaching BIOS Rootkits with SDRs Inside (and smartphones, Snowden, NSA, Wikileaks)

    "A little while back I covered a paper on FPGAs that could turn themselves into SDRs. I suspected this would be one way to breach an air gap.

    It seems I was right on the money. If a little behind the times.

    Researchers have found an incredibly persistent BIOS rootkit in the wild that includes SDR functionality⦠literally turning your computer into a radio transmitter to exfiltrate data even if youâ(TM)re not connected to the Internet." [..]

    "The researchers were using a new tool, Copernicus, which sadly seems to be Windows-only. Nevertheless a number of you might be interested in checking it out.

    There is one enduring mystery of this rootkit⦠how does it survive BIOS reflashes?" [..]

    https://kabelmast.wordpress.com/2013/10/11/air-gap-breaching-bios-rootkits-with-sdrs-inside-and-smartphones-snowden-nsa-wikileaks/

    https://twitter.com/dragosr/status/388511686744764416

    - IMHO Copernicus is the most important security tool in recent history. Already found persistent BIOS malware (survives reflashing) here.

    https://twitter.com/dragosr/status/388512915742937089

    - and thatâ(TM)s not even interesting part. Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed.

    https://twitter.com/dragosr/status/388521551693217792

    - Copernicus BIOS verification. Also if tool is mysteriously failing or weird output full of FFs you may have problem. http://goo.gl/AHLwbD

    https://twitter.com/dragosr/status/388534580493287424

    - This particular BIOS persistent malware sample seems use TLS encrypted DHCP HostOptions as a command and control.

    https://twitter.com/drago

  38. #BadBIOS - BIOS Malware 1/2 by Anonymous Coward · · Score: -1 · on France Moves To Protect Independent Booksellers From Amazon

    #BadBIOS - BIOS Malware

    #

    - Copernicus: Question Your Assumptions about BIOS Security

    http://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/copernicus-question-your-assumptions-about

    - "Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed."

    https://twitter.com/dragosr/status/388512915742937089

    =

    - #BadBIOS

    https://twitter.com/search?q=%23BadBIOS

    =

    - "More on my ongoing chase of #badBIOS malware."

    https://plus.google.com/103470457057356043365/posts/9fyh5R9v2Ga
    https://plus.google.com/103470457057356043365

    =

    - Nobody Seems To Notice and Nobody Seems To Care: Government & Stealth Malware

    http://slexy.org/view/s2otvoDuKW

    =

    - Gpu based paravirtualization rootkit, all os vulne

    http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html

    =

    - #badBIOS (and lotsa paranoia, plus fireworks)

    https://kabelmast.wordpress.com/2013/10/23/badbios-and-lotsa-paranoia-plus-fireworks/

    =

    - Air-Gap-Breaching BIOS Rootkits with SDRs Inside (and smartphones, Snowden, NSA, Wikileaks)

    "A little while back I covered a paper on FPGAs that could turn themselves into SDRs. I suspected this would be one way to breach an air gap.

    It seems I was right on the money. If a little behind the times.

    Researchers have found an incredibly persistent BIOS rootkit in the wild that includes SDR functionality⦠literally turning your computer into a radio transmitter to exfiltrate data even if youâ(TM)re not connected to the Internet." [..]

    "The researchers were using a new tool, Copernicus, which sadly seems to be Windows-only. Nevertheless a number of you might be interested in checking it out.

    There is one enduring mystery of this rootkit⦠how does it survive BIOS reflashes?" [..]

    https://kabelmast.wordpress.com/2013/10/11/air-gap-breaching-bios-rootkits-with-sdrs-inside-and-smartphones-snowden-nsa-wikileaks/

    https://twitter.com/dragosr/status/388511686744764416

    - IMHO Copernicus is the most important security tool in recent history. Already found persistent BIOS malware (survives reflashing) here.

    https://twitter.com/dragosr/status/388512915742937089

    - and thatâ(TM)s not even interesting part. Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed.

    https://twitter.com/dragosr/status/388521551693217792

    - Copernicus BIOS verification. Also if tool is mysteriously failing or weird output full of FFs you may have problem. http://goo.gl/AHLwbD

    https://twitter.com/dragosr/status/388534580493287424

    - This particular BIOS persistent malware sample seems use TLS encrypted DHCP HostOptions as a command and control.

    https://twitter.com/drago

  39. #BadBIOS - BIOS Malware 1/2 by Anonymous Coward · · Score: -1 · on France Moves To Protect Independent Booksellers From Amazon

    #BadBIOS - BIOS Malware

    #

    - Copernicus: Question Your Assumptions about BIOS Security

    http://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/copernicus-question-your-assumptions-about

    - "Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed."

    https://twitter.com/dragosr/status/388512915742937089

    =

    - #BadBIOS

    https://twitter.com/search?q=%23BadBIOS

    =

    - "More on my ongoing chase of #badBIOS malware."

    https://plus.google.com/103470457057356043365/posts/9fyh5R9v2Ga
    https://plus.google.com/103470457057356043365

    =

    - Nobody Seems To Notice and Nobody Seems To Care: Government & Stealth Malware

    http://slexy.org/view/s2otvoDuKW

    =

    - Gpu based paravirtualization rootkit, all os vulne

    http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html

    =

    - #badBIOS (and lotsa paranoia, plus fireworks)

    https://kabelmast.wordpress.com/2013/10/23/badbios-and-lotsa-paranoia-plus-fireworks/

    =

    - Air-Gap-Breaching BIOS Rootkits with SDRs Inside (and smartphones, Snowden, NSA, Wikileaks)

    "A little while back I covered a paper on FPGAs that could turn themselves into SDRs. I suspected this would be one way to breach an air gap.

    It seems I was right on the money. If a little behind the times.

    Researchers have found an incredibly persistent BIOS rootkit in the wild that includes SDR functionality⦠literally turning your computer into a radio transmitter to exfiltrate data even if youâ(TM)re not connected to the Internet." [..]

    "The researchers were using a new tool, Copernicus, which sadly seems to be Windows-only. Nevertheless a number of you might be interested in checking it out.

    There is one enduring mystery of this rootkit⦠how does it survive BIOS reflashes?" [..]

    https://kabelmast.wordpress.com/2013/10/11/air-gap-breaching-bios-rootkits-with-sdrs-inside-and-smartphones-snowden-nsa-wikileaks/

    https://twitter.com/dragosr/status/388511686744764416

    - IMHO Copernicus is the most important security tool in recent history. Already found persistent BIOS malware (survives reflashing) here.

    https://twitter.com/dragosr/status/388512915742937089

    - and thatâ(TM)s not even interesting part. Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed.

    https://twitter.com/dragosr/status/388521551693217792

    - Copernicus BIOS verification. Also if tool is mysteriously failing or weird output full of FFs you may have problem. http://goo.gl/AHLwbD

    https://twitter.com/dragosr/status/388534580493287424

    - This particular BIOS persistent malware sample seems use TLS encrypted DHCP HostOptions as a command and control.

    https://twitter.com/drago

  40. #BadBIOS - BIOS Malware 1/2 by Anonymous Coward · · Score: -1 · on France Moves To Protect Independent Booksellers From Amazon

    #BadBIOS - BIOS Malware

    #

    - Copernicus: Question Your Assumptions about BIOS Security

    http://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/copernicus-question-your-assumptions-about

    - "Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed."

    https://twitter.com/dragosr/status/388512915742937089

    =

    - #BadBIOS

    https://twitter.com/search?q=%23BadBIOS

    =

    - "More on my ongoing chase of #badBIOS malware."

    https://plus.google.com/103470457057356043365/posts/9fyh5R9v2Ga
    https://plus.google.com/103470457057356043365

    =

    - Nobody Seems To Notice and Nobody Seems To Care: Government & Stealth Malware

    http://slexy.org/view/s2otvoDuKW

    =

    - Gpu based paravirtualization rootkit, all os vulne

    http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html

    =

    - #badBIOS (and lotsa paranoia, plus fireworks)

    https://kabelmast.wordpress.com/2013/10/23/badbios-and-lotsa-paranoia-plus-fireworks/

    =

    - Air-Gap-Breaching BIOS Rootkits with SDRs Inside (and smartphones, Snowden, NSA, Wikileaks)

    "A little while back I covered a paper on FPGAs that could turn themselves into SDRs. I suspected this would be one way to breach an air gap.

    It seems I was right on the money. If a little behind the times.

    Researchers have found an incredibly persistent BIOS rootkit in the wild that includes SDR functionality⦠literally turning your computer into a radio transmitter to exfiltrate data even if youâ(TM)re not connected to the Internet." [..]

    "The researchers were using a new tool, Copernicus, which sadly seems to be Windows-only. Nevertheless a number of you might be interested in checking it out.

    There is one enduring mystery of this rootkit⦠how does it survive BIOS reflashes?" [..]

    https://kabelmast.wordpress.com/2013/10/11/air-gap-breaching-bios-rootkits-with-sdrs-inside-and-smartphones-snowden-nsa-wikileaks/

    https://twitter.com/dragosr/status/388511686744764416

    - IMHO Copernicus is the most important security tool in recent history. Already found persistent BIOS malware (survives reflashing) here.

    https://twitter.com/dragosr/status/388512915742937089

    - and thatâ(TM)s not even interesting part. Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed.

    https://twitter.com/dragosr/status/388521551693217792

    - Copernicus BIOS verification. Also if tool is mysteriously failing or weird output full of FFs you may have problem. http://goo.gl/AHLwbD

    https://twitter.com/dragosr/status/388534580493287424

    - This particular BIOS persistent malware sample seems use TLS encrypted DHCP HostOptions as a command and control.

    https://twitter.com/drago

  41. #BadBIOS - BIOS Malware 1/2 by Anonymous Coward · · Score: -1 · on France Moves To Protect Independent Booksellers From Amazon

    #BadBIOS - BIOS Malware

    #

    - Copernicus: Question Your Assumptions about BIOS Security

    http://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/copernicus-question-your-assumptions-about

    - "Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed."

    https://twitter.com/dragosr/status/388512915742937089

    =

    - #BadBIOS

    https://twitter.com/search?q=%23BadBIOS

    =

    - "More on my ongoing chase of #badBIOS malware."

    https://plus.google.com/103470457057356043365/posts/9fyh5R9v2Ga
    https://plus.google.com/103470457057356043365

    =

    - Nobody Seems To Notice and Nobody Seems To Care: Government & Stealth Malware

    http://slexy.org/view/s2otvoDuKW

    =

    - Gpu based paravirtualization rootkit, all os vulne

    http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html

    =

    - #badBIOS (and lotsa paranoia, plus fireworks)

    https://kabelmast.wordpress.com/2013/10/23/badbios-and-lotsa-paranoia-plus-fireworks/

    =

    - Air-Gap-Breaching BIOS Rootkits with SDRs Inside (and smartphones, Snowden, NSA, Wikileaks)

    "A little while back I covered a paper on FPGAs that could turn themselves into SDRs. I suspected this would be one way to breach an air gap.

    It seems I was right on the money. If a little behind the times.

    Researchers have found an incredibly persistent BIOS rootkit in the wild that includes SDR functionality⦠literally turning your computer into a radio transmitter to exfiltrate data even if youâ(TM)re not connected to the Internet." [..]

    "The researchers were using a new tool, Copernicus, which sadly seems to be Windows-only. Nevertheless a number of you might be interested in checking it out.

    There is one enduring mystery of this rootkit⦠how does it survive BIOS reflashes?" [..]

    https://kabelmast.wordpress.com/2013/10/11/air-gap-breaching-bios-rootkits-with-sdrs-inside-and-smartphones-snowden-nsa-wikileaks/

    https://twitter.com/dragosr/status/388511686744764416

    - IMHO Copernicus is the most important security tool in recent history. Already found persistent BIOS malware (survives reflashing) here.

    https://twitter.com/dragosr/status/388512915742937089

    - and thatâ(TM)s not even interesting part. Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed.

    https://twitter.com/dragosr/status/388521551693217792

    - Copernicus BIOS verification. Also if tool is mysteriously failing or weird output full of FFs you may have problem. http://goo.gl/AHLwbD

    https://twitter.com/dragosr/status/388534580493287424

    - This particular BIOS persistent malware sample seems use TLS encrypted DHCP HostOptions as a command and control.

    https://twitter.com/drago

  42. #BadBIOS - BIOS Malware 1/2 by Anonymous Coward · · Score: -1 · on France Moves To Protect Independent Booksellers From Amazon

    #BadBIOS - BIOS Malware

    #

    - Copernicus: Question Your Assumptions about BIOS Security

    http://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/copernicus-question-your-assumptions-about

    - "Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed."

    https://twitter.com/dragosr/status/388512915742937089

    =

    - #BadBIOS

    https://twitter.com/search?q=%23BadBIOS

    =

    - "More on my ongoing chase of #badBIOS malware."

    https://plus.google.com/103470457057356043365/posts/9fyh5R9v2Ga
    https://plus.google.com/103470457057356043365

    =

    - Nobody Seems To Notice and Nobody Seems To Care: Government & Stealth Malware

    http://slexy.org/view/s2otvoDuKW

    =

    - Gpu based paravirtualization rootkit, all os vulne

    http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html

    =

    - #badBIOS (and lotsa paranoia, plus fireworks)

    https://kabelmast.wordpress.com/2013/10/23/badbios-and-lotsa-paranoia-plus-fireworks/

    =

    - Air-Gap-Breaching BIOS Rootkits with SDRs Inside (and smartphones, Snowden, NSA, Wikileaks)

    "A little while back I covered a paper on FPGAs that could turn themselves into SDRs. I suspected this would be one way to breach an air gap.

    It seems I was right on the money. If a little behind the times.

    Researchers have found an incredibly persistent BIOS rootkit in the wild that includes SDR functionality⦠literally turning your computer into a radio transmitter to exfiltrate data even if youâ(TM)re not connected to the Internet." [..]

    "The researchers were using a new tool, Copernicus, which sadly seems to be Windows-only. Nevertheless a number of you might be interested in checking it out.

    There is one enduring mystery of this rootkit⦠how does it survive BIOS reflashes?" [..]

    https://kabelmast.wordpress.com/2013/10/11/air-gap-breaching-bios-rootkits-with-sdrs-inside-and-smartphones-snowden-nsa-wikileaks/

    https://twitter.com/dragosr/status/388511686744764416

    - IMHO Copernicus is the most important security tool in recent history. Already found persistent BIOS malware (survives reflashing) here.

    https://twitter.com/dragosr/status/388512915742937089

    - and thatâ(TM)s not even interesting part. Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed.

    https://twitter.com/dragosr/status/388521551693217792

    - Copernicus BIOS verification. Also if tool is mysteriously failing or weird output full of FFs you may have problem. http://goo.gl/AHLwbD

    https://twitter.com/dragosr/status/388534580493287424

    - This particular BIOS persistent malware sample seems use TLS encrypted DHCP HostOptions as a command and control.

    https://twitter.com/drago

  43. #BadBIOS - BIOS Malware 1/2 by Anonymous Coward · · Score: -1 · on France Moves To Protect Independent Booksellers From Amazon

    #BadBIOS - BIOS Malware

    #

    - Copernicus: Question Your Assumptions about BIOS Security

    http://www.mitre.org/capabilities/cybersecurity/overview/cybersecurity-blog/copernicus-question-your-assumptions-about

    - "Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed."

    https://twitter.com/dragosr/status/388512915742937089

    =

    - #BadBIOS

    https://twitter.com/search?q=%23BadBIOS

    =

    - "More on my ongoing chase of #badBIOS malware."

    https://plus.google.com/103470457057356043365/posts/9fyh5R9v2Ga
    https://plus.google.com/103470457057356043365

    =

    - Nobody Seems To Notice and Nobody Seems To Care: Government & Stealth Malware

    http://slexy.org/view/s2otvoDuKW

    =

    - Gpu based paravirtualization rootkit, all os vulne

    http://forum.sysinternals.com/gpu-based-paravirtualization-rootkit-all-os-vulne_topic26706.html

    =

    - #badBIOS (and lotsa paranoia, plus fireworks)

    https://kabelmast.wordpress.com/2013/10/23/badbios-and-lotsa-paranoia-plus-fireworks/

    =

    - Air-Gap-Breaching BIOS Rootkits with SDRs Inside (and smartphones, Snowden, NSA, Wikileaks)

    "A little while back I covered a paper on FPGAs that could turn themselves into SDRs. I suspected this would be one way to breach an air gap.

    It seems I was right on the money. If a little behind the times.

    Researchers have found an incredibly persistent BIOS rootkit in the wild that includes SDR functionality⦠literally turning your computer into a radio transmitter to exfiltrate data even if youâ(TM)re not connected to the Internet." [..]

    "The researchers were using a new tool, Copernicus, which sadly seems to be Windows-only. Nevertheless a number of you might be interested in checking it out.

    There is one enduring mystery of this rootkit⦠how does it survive BIOS reflashes?" [..]

    https://kabelmast.wordpress.com/2013/10/11/air-gap-breaching-bios-rootkits-with-sdrs-inside-and-smartphones-snowden-nsa-wikileaks/

    https://twitter.com/dragosr/status/388511686744764416

    - IMHO Copernicus is the most important security tool in recent history. Already found persistent BIOS malware (survives reflashing) here.

    https://twitter.com/dragosr/status/388512915742937089

    - and thatâ(TM)s not even interesting part. Seems to have a BIOS hypervisor, SDR functionality that bridges air gaps, wifi card removed.

    https://twitter.com/dragosr/status/388521551693217792

    - Copernicus BIOS verification. Also if tool is mysteriously failing or weird output full of FFs you may have problem. http://goo.gl/AHLwbD

    https://twitter.com/dragosr/status/388534580493287424

    - This particular BIOS persistent malware sample seems use TLS encrypted DHCP HostOptions as a command and control.

    https://twitter.com/drago

  44. Yeah... by thevirtualcat · · Score: 1 · on Top US Lobbyist Wants Broadband Data Caps

    What they say: "This will reduce costs for most users! Only the top users will have to pay more."

    What they mean: "We're going to keep our pricing structures exactly the same and continue increasing them by 10-20% every year. With usage caps, if you actually use the service for anything more than checking your email and updating facebook, you'll be assessed additional fees."

    And if you think they're not all tooled up to implement caps already, I present you with this: https://pic.twitter.com/kbGNJiMIWU
    (To see if your area has that, sign into your Comcast account, click "My Account" and then "My Services." It's in the sidebar under "Equipment.")

  45. Re:In English by LourensV · · Score: 1 · on NVIDIA's G-Sync Is VSync Designed For LCDs (not CRTs)

    Exactly, and that is especially a problem for the Oculus Rift and other virtual reality headsets that are coming onto the market, because it becomes really noticeable when you move your head quickly. I think that that is what they're mainly targeting here, although according to John Carmack, G-Sync won't work on the Rift. Anyway, for those interested in the technical details, graphics programming legend Michael Abrash (currently at Valve) wrote an excellent technical piece about the frame timing issues you get with VR headsets some time ago.

  46. Corrected by Anonymous Coward · · Score: 2, Informative · on No, the Earth (almost Certainly) Won't Be Hit By an Asteroid In 2032

    Phil Plait just posted a correction, 99.998% chance of a miss.

  47. Re:Interac by KJE · · Score: 1 · on Square Debuts New Email Payment System

    One big difference is that Square isn't taking a buck fifty off the top, no fees at all to transfer money. As I mentioned earlier on twitter, they are probably eating the transaction costs to encourage people to sign up and put in their banking info so that the square network grows.

  48. Re:Waitaminit... by Anonymous Coward · · Score: 1 · on Security Researchers Want To Fully Audit Truecrypt

    The real reason why open source practically always beats closed source in security applications is that the authors have to presume that someone else will take a look at the code later and therefore want to avoid too messy and unclean coding.

    Except OpenSSL...

  49. Re:Deep down.. by LF11 · · Score: 1 · on Ask Slashdot: Why Isn't There More Public Outrage About NSA Revelations?

    That's going to go over real well when they turn off EBT in a few days. https://twitter.com/search?q=EBT&src=typd

  50. Finally some hard Sci-Fi by KBehemoth · · Score: 1 · on Gravity: Can Film Ever Get the Science Right?

    Hard Sci-Fi Movies on Twitter