DonationCoder.com
Best Of Blog
view older items | view newer items

Friday September 26, 2014

Kevin Mitnick Is Now Selling Zero-Day Exploits

Kevin Mitnick Is Now Selling Zero-Day Exploits

Quote
As a young man, Kevin Mitnick became the world’s most notorious black hat hacker, breaking into the networks of companies like IBM, Nokia, Motorola, and other targets. After a stint in prison, he reinvented himself as a white hat hacker, selling his skills as a penetration tester and security consultant.

With his latest business venture, Mitnick has switched hats again: This time to an ambiguous shade of gray.

Late last week, Mitnick revealed a new branch of his security consultancy business he calls Mitnick’s Absolute Zero Day Exploit Exchange. Since its quiet inception six months ago, he says the service has offered to sell corporate and government clients high-end “zero-day” exploits, hacking tools that take advantage of secret bugs in software for which no patch yet exists. Mitnick says he’s offering exploits developed both by his own in-house researchers and by outside hackers, guaranteed to be exclusive and priced at no less than $100,000 each, including his own fee.

And what will his clients do with those exploits? “When we have a client that wants a zero-day vulnerability for whatever reason, we don’t ask, and in fact they wouldn’t tell us,” Mitnick tells WIRED in an interview. “Researchers find them, they sell them to us for X, we sell them to clients for Y and make the margin in between.”

Mitnick declined to name any of his customers, and wouldn’t say how many, if any, exploits his exchange has brokered so far. But the website he launched to reveal the project last week offers to use his company’s “unique positioning among security researchers and the hacker community” to connect exploit developers with “discerning government and corporate buyers.”

http://www.wired.com/2014...selling-zero-day-exploits


posted by app103 donate to app103 - September 26, 2014, 08:45:00 AM
discovered on http://www.sitepoint.com/versioning
social bookmark this story (permalink)
(read 11 comments)


Thursday September 25, 2014

Linux bash exploit discovered

"Akamai has validated the existence of the vulnerability in bash, and confirmed its presence in bash for an extended period of time. We have also verified that this vulnerability is exposed in ssh---but only to authenticated sessions. Web applications like cgi-scripts may be vulnerable based on a number of factors; including calling other applications through a shell, or evaluating sections of code through a shell.

There are several functional mitigations for this vulnerability: upgrading to a new version of bash, replacing bash with an alternate shell, limiting access to vulnerable services, or filtering inputs to vulnerable services. Akamai has created a WAF rule to filter this exploit; see "For Web Applications" below for details."

http://www.csoonline.com/...n-bash-cve-2014-6271.html

posted by mouser donate to mouser - September 25, 2014, 09:14:00 AM
social bookmark this story (permalink)
(read 33 comments)


Tuesday September 23, 2014

Huge awards for developing open source educational self-teaching software

This is a really intriguing project to award large monetary prizes for developing open source educational self-teaching software:

Quote
The United Nations estimates 58 million children from ages 6 to 11 don’t attend school, a number that has remained stubbornly stagnant since the middle of the last decade.

One nonprofit believes it has the solution: Create software so exciting to use that kids will want to teach themselves.

X-Prize is challenging entrepreneurs to develop open-source software that children can use to acquire basic literacy and arithmetic skills on their own.
This is a really intriguing project to award large monetary prizes for developing open source educational self-teaching software:

Quote
The United Nations estimates 58 million children from ages 6 to 11 don’t attend school, a number that has remained stubbornly stagnant since the middle of the last decade.

One nonprofit believes it has the solution: Create software so exciting to use that kids will want to teach themselves.

X-Prize is challenging entrepreneurs to develop open-source software that children can use to acquire basic literacy and arithmetic skills on their own.

"It’s based on the supposition, still unproven, that kids can teach themselves how to read and write," says Matt Keller, director of the Global Learning X-Prize.

The five best submissions will receive $1-million each to test their software in 100 villages in an English-speaking part of sub-Saharan Africa. The best of those five will receive a $10-million prize so long as the software improves learning....

"My guess is the team that wins is going to be the team that develops something so sticky, so dynamic, so engaging that kids are enthralled by it," says Mr. Keller. "They’re going to learn in spite of themselves."

http://philanthropy.com/a...Taps-the-Crowd-to/148949/

"It’s based on the supposition, still unproven, that kids can teach themselves how to read and write," says Matt Keller, director of the Global Learning X-Prize.

The five best submissions will receive $1-million each to test their software in 100 villages in an English-speaking part of sub-Saharan Africa. The best of those five will receive a $10-million prize so long as the software improves learning.

http://philanthropy.com/a...Taps-the-Crowd-to/148949/


posted by mouser donate to mouser - September 23, 2014, 07:24:00 PM
social bookmark this story (permalink)
(leave a comment)


Sunday September 21, 2014

MakeUseOf: Understanding How Open Source Software Developers Make Money

Nothing groundbreaking but may be informative to some:
Understanding How Open Source Software Developers Make Money
http://www.makeuseof.com/...re-developers-make-money/

"There are many myths about open source software (OSS) and perhaps the most common is this: open source and profit are mutually exclusive...The truth is: many OSS developers and projects do generate revenue. Some earn just enough money to survive while others produce so much money that they put proprietary alternatives to shame. How’s that for irony?"

posted by mouser donate to mouser - September 21, 2014, 06:24:00 AM
social bookmark this story (permalink)
(leave a comment)


Wednesday September 17, 2014

Android: Beware Old Android Browser (CVE-2014-6041)

This looks pretty serious for folks that still use the old Android Browser (or apps that might use some of the contained code):

Quote
...a flaw that enables malicious sites to inject JavaScript into other sites. Those malicious JavaScripts can in turn read cookies and password fields, submit forms, grab keyboard input, or do practically anything else.

via:

  http://arstechnica.com/se...or-half-of-android-users/

More at:

  https://community.rapid7....cy-disaster-cve-2014-6041

posted by ewemoa donate to ewemoa - September 17, 2014, 08:56:00 AM
social bookmark this story (permalink)
(leave a comment)


Sunday September 14, 2014

Stephens Weekly Tech/Science News Roundup

As usual, here is a bit of a roundup of this weeks Tech and Science news.  I decided not to do what most news agencies have done, and shove the Apple iPhone 6 down your throats ^_^



SanDisk SD memory card 'largest ever'

Memory specialist SanDisk has created an SD card with 512 gigabytes (GB) of storage space - the highest capacity ever released.

The card, which is the size of a postage stamp, will go on sale for $800 (£490).

The launch comes a decade after the firm released a 512-megabyte (MB) SD card with one-thousandth of the space.

Read more at: http://www.bbc.co.uk/news/technology-29175093

Facebook experiments with vanishing posts

Facebook is following in the footsteps of messaging app Snapchat by testing a feature that allows users to schedule the automatic deletion of their posts.

The social network said the option, which offers expiration settings ranging from one hour to seven days, was "a small pilot" for its iOS app.

Facebook often tests new capabilities.

It faced criticism in June for one experiment that "manipulated" the content of nearly 700,000 users' news feeds, to gauge emotional responses.

Read more at: http://www.bbc.co.uk/news/technology-29156436

Google buys firm behind spoon for Parkinson's patients

Google has bought a biotech company that has developed a spoon designed to make life easier for people with diseases such as Parkinson's.

It is part of its ambitious foray into health technology, spurred in part by the personal interest of co-founder Sergey Brin.

Last year, Google became the main investor in Calico, a firm dedicated to developing medicines to extend life.

Latest acquisition Lift Labs will join Google's research division Google X.

The spoon developed by Lift Labs is equipped with sensors that detect tremors and cancels them out by as much as 70%, according to the firm.

The technology it uses is similar to image stabilisation features in cameras that compensate for shaky hands when taking a photo.

Read more at: http://www.bbc.co.uk/news/technology-29155888

In this Chinese city, phone addicts get their own sidewalk lane

Some places have lanes for bicycles, others for motorcycles, but there's a place in mainland China that boasts a different type of lane altogether: one for phone addicts glued to their screens. According to a Chinese publication, the cellphone lane above was spotted along a place called Foreigner Street in Chongqing city, one of the five major cities in the country. The sidewalk was most likely painted on for everyone's safety, because, hey, if there's distracted driving, there's also distracted walking, as perfectly demonstrated by the woman in this video. If the idea sounds familiar, it's because the National Geographic did something similar back in July as an experiment. The society stenciled "NO CELLPHONES" on one-half of a DC sidewalk and "CELLPHONES: WALK IN THIS LANE AT YOUR OWN RISK" on the other half. The result? Well, among other things, they found that the people actually glued to their phones didn't even notice the markings at all. Typical.

Read more at: http://www.engadget.com/2...alk-lane-china/#continued

The Big Picture: NASA gets ready to build the 'next great rocket'

See the gargantuan structure above that dwarfs that line of puny humans at the bottom (bet you didn't even notice them at first glance, huh)? It's a welding tool -- the biggest one built for spacecraft, in fact, that's slated to help Boeing build the core stage of NASA's Space Launch System at the agency's Michoud Assembly Facility in New Orleans. The structure's officially called the Vertical Assembly Center, and it stands 170 feet tall with a width that measures 78 feet: not exactly surprising, considering the SLS is a 200-foot-tall behemoth. It's but one of the many tools Boeing intends to use to build the core stage of NASA's "most powerful rocket ever" after the two organizations finalized their $2.8 billion deal in July. The core stage will house cryogenic liquid hydrogen and liquid oxygen used to power the rocket's four engines, and building it brings the SLS much closer to the launch pad for deep space exploration.

Read more at: http://www.engadget.com/2...rocket-welding/#continued

eBay DROPS DEAD AGAIN - tat bazaar says sorry, scrambles to resurrect site

eBay went titsup earlier today, and the company is now attempting to bring its site back to life.

The online tat bazaar coughed to an unexplained technical blunder preventing an unknown number of its subscribers from accessing the site, which many buyers and sellers of used goods enjoy using in their spare time on the weekends.

eBay posted this miserable statement on its service page about 90 minutes ago:

Quote
We are aware that some users may experience problems when using the eBay Site. We are actively working on restoring the issue and apologize for any inconvenience caused.

But plenty of folk were still complaining that they were unable to access the site, at time of writing.

    Click here to read the full edition now..

posted by Stephen66515 donate to Stephen66515 - September 14, 2014, 06:34:00 PM
social bookmark this story (permalink)
(read 6 comments)


Friday September 12, 2014

Software patents are crumbling thanks to the Supreme Court

Tim Lee has written a nice write up for recent legal progress in rolling back the software patent madness of recent years.  It's good news for those of us who spend our time coding and don't want to get wrapped up in frivolous lawsuits designed to extort money.

Quote
Now a series of decisions from lower courts is starting to bring the ruling's practical consequences into focus. And the results have been ugly for fans of software patents. By my count there have been 11 court rulings on the patentability of software since the Supreme Court's decision — including six that were decided this month.  Every single one of them has led to the patent being invalidated.

http://www.vox.com/2014/9...anks-to-the-supreme-court

posted by mouser donate to mouser - September 12, 2014, 07:09:00 PM
discovered on Techdirt
social bookmark this story (permalink)
(leave a comment)


Thursday September 11, 2014

One Chance: A game you can only play once

Here's an interesting looking game called One Chance which only allows you to play it once.

One Chance is a game quite unlike any you have ever played online. It is about a scientist who created a pathogen that is inadvertantly wiping out all mankind on Earth. You then have six in-game days to decided how you will spend the rest of your life. Will you stay at the office and do all you can to find a cure? Will you finally step away from the office and spend some time with the family you have been neglecting? Or will the madness and impending doom jusr cause you to lose your mind?

What really sets One Chance apart is that you really only have One Chance to play it. The game picks up on your I.P and unless you have multiple computers with multiple I.P's, you really only do get one chance in One Chance, which is part of what makes it so spectacular.

(It actually just stores a cookie, so you can play it again if you clear your cookies or use Incognito/Private browsing mode.)

http://www.newgrounds.com/portal/view/555181

posted by Deozaan donate to Deozaan - September 11, 2014, 02:26:00 PM
discovered on Neatorama
social bookmark this story (permalink)
(read 2 comments)


SigCheckGui: A Tool that scans and lists digitally signed files from a folder/disk

DC Member skwire, in responding to a request on our Coding Snacks request section, has written a beautiful GUI front end to the excellent SigCheck commandline utility by Mark Russinovich from Sysinternals.

The tool will recursively scan folders (or active processes) and produce a nice grid (sortable of course) of results, showing the digitial secure signatures of applications and DLLs.

In addition to being a useful security tool, it's a neat way to find out more information about the applications installed on your pc.

Website | Download

blogimage

    Click here to read and participate in the discussion thread about this program..

posted by mouser donate to mouser - September 11, 2014, 11:00:00 AM
social bookmark this story (permalink)
(read 47 comments)


Saturday September 06, 2014

Tech/Science News + Some Other Things (From Around The Web)

Well!...It seems that my last couple of news posts went down well enough for me to be asked to do more, so here we go!!!  If you guys find any interesting stories and want me to post them in next weeks 'issue' then private message me links and such and I will get them included!



This Mechanical Keyboard Switch Sampler Is My New Favorite Desk Toy

Enter the Max Keyboard Cherry MX Switch Pro Sampler, a ~$20 customizable kit that simulates what using each of the switch types actually feels like. The set includes red, black, blue, brown, green, gray, clear, and white switches, along with sound dampening rings, and an acrylic base to test the switches on.

Aside from being an extremely useful tool for choosing your keyboard, the Sampler is a cool addition to your desktop to fidget with, and makes for a great little gift for anyone into this sort of thing. There's even a cheaper ~$10 model that comes with just the 4 more common switch colors.



Read more at http://lifehacker.com/thi...s-my-new-favor-1630606204


Run Competitions On Your Website Simply and Easily, With Gleam.io

There’s something about getting stuff for free that ignites a frenzy in anyone, and it’s that compulsive fact of human nature which makes competitions so effective for any website. Gleam.io is the newest, and best way to run a promotional competition on a web project.



Read more at http://www.makeuseof.com/...and-easily-with-gleam-io/

Test Ebola treatments to be rushed to West Africa

In an extraordinary move, the World Health Organization plans to rush experimental Ebola vaccines and drugs to workers and patients in West Africa in the coming weeks and months. The move reflects a sense of urgency to get the epidemic there under control.

First on the agenda is immediate use of “convalescent serum,” an untested treatment that involves transfusion of blood from an Ebola survivor to a patient. Donors would first be tested for serious diseases such as HIV. Ebola survivors carry antibodies against the virus, but the value of a transfusion containing them is unknown.

    Click here to read more and comment..

posted by Stephen66515 donate to Stephen66515 - September 06, 2014, 04:55:00 PM
social bookmark this story (permalink)
(read 7 comments)


Thursday September 04, 2014

Your favorite podcasts?

I have seen Marc Maron on tv a few times and have never been a fan, but a friend recently turned me on to his podcast around the time that Robin Williams died (he had a pretty heavy interview with Robin Williams).

He has now done more than 500 podcasts -- which are 30-60 minutes in length and are mostly just one on one interviews with someone in comedy or music business.  I've been really impressed with them -- they are adult discussions, at times funny, sad, vulnerable, deep, etc.

Most of the podcasts are surprisingly deep and frank discussions with comedians, moving between discussions of personal struggles, work ethic, and the theory of comedy.  Really fascinating stuff.

http://www.wtfpod.com/

Highly recommended.  What other podcasts do you guys listen to?



    Click here to comment..

posted by mouser donate to mouser - September 04, 2014, 05:24:00 PM
social bookmark this story (permalink)
(read 15 comments)


Saturday August 30, 2014

Rest in Peace my Dearest Cat Saffron 1996-2014

Saffron, my cat and constant companion and friend of 17+ years passed away this week.

I have no words to describe how much I miss her.  There is huge hole in my heart that I don't know how to fill.

Rest in peace my dear cat. I miss you so much.

blogimage



posted by mouser donate to mouser - August 30, 2014, 09:59:00 AM
social bookmark this story (permalink)
(read 61 comments)


Sunday August 24, 2014

Let's have some weekend Science and Tech! (A bit of a roundup!)

As some of you may know, I used to do some Tech News here at DC, but as the days went on, time got a little more constrained and real life slowly took over.  However...even though I can't promise a full time thing, what I can promise, is one for you right now!!

So...Here goes!



Windowless Planes Offer Passengers Spectacular Panoramic Views:

An international design agency has come up with an intriguing and innovative new aviation concept that has won them a prestigious award - windowless jets.

Technicon Design’s idea is not to ruin your views while cruising through the air, but to enhance them. This would be achieved by filming the exterior environment and displaying it on inside surfaces throughout the cabin. Rather than being restricted to a small window, passengers would experience a spectacular panoramic views of the world. Of course, it would also be possible to display other things on the screen besides the sky, such as movies.

While this may sound gimmicky, removing windows has the added benefit of weight reduction and would also simplify plane construction. It would also allow greater flexibility when designing the interior of the plane.

blogimage

Read more at http://www.iflscience.com...views#k77557fLHpV346hZ.99

Scientists Find Traces Of Ancient Star From The Beginning Of The Universe:

An ancient star has revealed traces thought to be from one of the Milky Way’s first supernovae. The discovery may help us understand the nature of the giant stars that once populated the universe.

blogimage

Read more at http://www.iflscience.com...space#8OLKpVM1kS4ZzgMm.99

NSA and GCHQ agents 'leak Tor bugs':

The Tor Project says it believes some NSA and GCHQ agents are surreptitiously leaking it information to protect anonymity on the net.

blogimage

Read more at http://www.bbc.co.uk/news/technology-28886462

Super-famous Instagranimals and their owners:

Wired.co.uk speaks to the people behind some of the most popular social media animals to find out how they build their audiences and what opportunities have arisen

blogimage

Read more at http://www.wired.co.uk/ne...ranimals-and-their-owners

Android web apps get extra security with privacy wrapper:

On a mobile application, users typically have a single choice to protect their privacy: install the application or not...

blogimage

Read more at http://www.wired.co.uk/ne...2/privacy-wrapper-android

Hacking our ears: how Dolby is bringing Atmos into the home:

Since Dolby Atmos arrived on the cinema scene in 2012, the technology has set a precedent for movie sound.
The intricate but sparse sonic landscape of Gravity, Godzilla's guttural roar, the rain-soaked urban jungle of Dawn of the Planet of the Apes... all of these have benefitted from the Dolby Atmos Cinema Processor and its support of up to 128 discrete audio tracks.

blogimage

Read more at http://www.techradar.com/...mos-into-the-home-1262350

Gmail app hack works 92 percent of the time:

Computer scientists have discovered a method of hacking smartphone apps across Android, iOS and Windows devices that is effective up to 92 percent of the time on six of seven popular apps, including Gmail.

blogimage

Read more at http://www.wired.co.uk/ne...21/gmail-hacks-92-percent

Heart failure patients healthier after ear stimulation:

Heart failure patients could live healthier lives by having nerves in their ears stimulated with a portable Tens machine.

Transcutaneous electrical nerve stimulation (Tens) machines are commonly used to alleviate back pain and are even used during labour. Now a team from the University of Leeds wants to adapt it to tackle health problems that are impacted by changes in the sympathetic nervous system, including heart disease and hypertension. The technique works by altering the signals that can make a heart beat too hard, by stimulating the vagus nerve.

blogimage

Read more at http://www.wired.co.uk/ne...in-heart-disease-patients

Hackers easily seize control of nearly 100 traffic lights:

Taking over a city's intersections and making all the lights green to cause chaos is a pretty bog-standard Evil Techno Bad Guy tactic on TV and in movies, but according to a research team at the University of Michigan, doing it in real life is within the realm of anyone with a laptop and the right kind of radio. In a paper published this month, the researchers describe how they very simply and very quickly seized control of an entire system of almost 100 intersections in an unnamed Michigan city from a single ingress point.

blogimage

Read more at http://www.wired.co.uk/ne...08/21/traffic-light-hacks



In Other News

Ebola crisis: The economic impact:

With more than 1,300 reported deaths from Ebola in West Africa, the virus continues to be an urgent health crisis, but it is also having a devastating impact on the economies of Guinea, Liberia and Sierra Leone.

"The economy has been deflated by 30% because of Ebola," Sierra Leone's Agriculture Minister Joseph Sam Sesay told the BBC.

blogimage

Read more at http://www.bbc.co.uk/news/business-28865434

Ice Bucket Challenge ALS Donations Break $50 Million Mark:

The organization raised $64 million in all of 2013

The Ice Bucket Challenge is the gift that keeps on giving for the ALS Association. The organization raised more than $10 million on Thursday alone, it said, bringing its total haul since July 29 to $53 million. For comparison’s sake, the group raised $2.2 million during the same period last year.

blogimage

Read more at http://time.com/3159673/a...cket-challenge-donations/ (Warning: Contains a video that Auto-Started on my browser.)

Giant Crack Appears In Earth In Mexico:

Video footage has emerged of a kilometre-long crack thought to have been triggered by an underground stream in northwest Mexico.

The eight-metre (26ft) deep trench opened up last week and severed Highway 26 between Hermosillo and the coast.

Captured by Hermosillo Desde El Cielo, the footage was shot by a drone flying along the length of the trench, which is up to five metres (16ft) across.

blogimage

Read more at http://news.sky.com/story...ppears-in-earth-in-mexico


posted by Stephen66515 donate to Stephen66515 - August 24, 2014, 01:14:00 PM
social bookmark this story (permalink)
(read 14 comments)


view older items | view newer items

Where are the ads? DonationCoder.com is funded by donations from readers like you. If you find this site useful, please consider becoming a supporting member by making a small one-time donation, in the amount of your choice.

DonationCoder.com | About Us