When crypto researchers set out to discover the best way to undermine encryption software, they did so believing it would help them eradicate backdoors in the future. Here’s what they found.
The post How to Sabotage Encryption Software (And Not Get Caught) appeared first on WIRED.
18 February 2014 by Leo Kelion – “BBC News”
Samsung’s smart TVs fail to encrypt voice commands. Samsung has acknowledged that some of its smart TV models are uploading their owner’s voices to the internet in an unencrypted form.
There are three buzzwords that, if we had our way, would be stricken completely from the world: “cloud,” “the Internet of Things,” and “big data.” Each of them was coined in an attempt to elegantly capture a complex concept, and each of them fails miserably. “Cloud” is a wreck of a term that has no fixed definition (with the closest usually being “someone else’s servers”); “Internet of Things” is so terrible and uninformative that its usage should be punishable by death; and then there’s “big data,” which doesn’t appear to actually mean anything.
We’re going to focus on that last term here, because there’s actually a fascinating concept behind the opaque and stupid buzzword. On the surface, “big data” sounds like it ought to have something to do with, say, storing tremendous amounts of data. Frankly it does, but that’s only part of the picture. Wikipedia has an extremely long, extremely thorough (and, overly complex) breakdown of the term, but without reading for two hours, big data as a buzzword refers to the entire process of gathering and storing tremendous amounts of data, then applying tremendous amounts of computing power and advanced algorithms to the data in order to pick out trends and connect dots that would otherwise be invisible and un-connectable within the mass.
For an even simpler dinner party definition: when someone says “big data,” they’re talking about using computers to find trends in enormous collections of information—trends that people can’t pick out because there’s too much data for humans to sift through.
Read 15 remaining paragraphs | Comments
Reddit changed its privacy policy to prohibit posting nude photos or videos of people engaged in sex acts without their prior consent to do have it posted.
With tax season in full swing, it’s time for the yearly reminder that the security practices of many tax-preparation services are lacking. Case in point: H&R Block’s reported failure to confirm the e-mail addresses of at least some of its online account holders.
The lapse was reported to Ars by reader Aaron Johnson, who said H&R Block in recent days has e-mailed him the name, address, and security question of a complete stranger. Johnson said he is confident he has everything he needs to access this person’s account, steal his most valuable personal data, and hijack any owed tax returns. We created an account at H&R Block and were not asked to authenticate the e-mail address we used.
The stranger happens to share Johnson’s first and last name, and for reasons that aren’t entirely clear, the alter ego occasionally uses Johnson’s e-mail address when creating accounts. At no point, Johnson said, did he receive an e-mail from H&R Block requiring him to confirm that his e-mail address was connected to the other person’s account.
Read 2 remaining paragraphs | Comments
Editor’s note: This story has been updated with UPS’s statement on its refusal to ship digital milling machines used to create firearms. The new generation of “maker” tools like 3-D printers and milling machines promises to let anyone make virtually anything—from prosthetic limbs to firearms—in the privacy and convenience of his or her own home. […]
The post FedEx And UPS Refuse to Ship a Digital Mill That Can Make Untraceable Guns appeared first on WIRED.
Business networking site LinkedIn has paid $1.25m (£810,000) to settle a legal claim filed after millions of passwords were stolen.
Facebook is accused of breaking European data-protection laws, in a report written for Belgium’s privacy watchdog.
When Kaspersky Lab revealed last week that it had uncovered a sophisticated piece of malware designed to plant malicious code inside the firmware of computers, it should have surprised no one. And that’s not just because documents leaked by Edward Snowden have shown that spy agencies like the NSA have an intense interest in hacking […]
The post Why Firmware Is So Vulnerable to Hacking, and What Can Be Done About It appeared first on WIRED.
Google warns users of its Blogger platform that blogs containing sexually explicit material will be made private on 23 March