Home grown terrorists strike in Texas, and “ISIS” is claiming responsibility. We break this story down and poke at the obvious & rather subtle flaws.

Plus a Stingray breakthrough, the NSA’s Big Data problem, a look at the unlikeliest for 2016 & much more!

Direct Download:

Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

Video Feed | MP3 Feed | OGG Feed | HD Torrent | Mobile Torrent | iTunes

Become an Unfilter supporter on Patreon:

Show Notes:

News:

NSA is so overwhelmed with data, it’s no longer effective, says whistleblower | ZDNet

A former National Security Agency official turned whistleblower has spent almost a decade and a half in civilian life. And he says he’s still “pissed” by what he’s seen leak in the past two years.

In a lunch meeting hosted by Contrast Security founder Jeff Williams on Wednesday, William Binney, a former NSA official who spent more than three decades at the agency, said the US government’s mass surveillance programs have become so engorged with data that they are no longer effective, losing vital intelligence in the fray.

That, he said, can — and has — led to terrorist attacks succeeding.

ISIS claim responsibility for shooting at Texas Muhammad cartoon contest | Fox News

The claim was made in an audio message on the group’s Al Bayan radio station, based in the Syria city of Raqqa, which ISIS has proclaimed to be the capital of its self-proclaimed caliphate. It is the first time ISIS has taken credit for an attack on U.S. soil, though it was not immediately clear whether the group’s claim was an opportunistic co-opting of a so-called “lone wolf” attack as its own.

How Western media would cover Baltimore if it happened elsewhere

If what is happening in Baltimore happened in a foreign country, here is how Western media would cover it:

International leaders expressed concern over the rising tide of racism and state violence in America, especially concerning the treatment of ethnic minorities in the country and the corruption in state security forces around the country when handling cases of police brutality. The latest crisis is taking place in Baltimore, Maryland, a once-bustling city on the country’s Eastern Seaboard, where an unarmed man named Freddie Gray died from a severed spine while in police custody.

Black Americans, a minority ethnic group, are killed by state security forces at a rate higher than the white majority population. Young, black American males are 21 times more likely to be shot by police than white American males.

The United Kingdom expressed concern over the troubling turn of events in America in the last several months. The country’s foreign ministry released a statement: “We call on the American regime to rein in the state security agents who have been brutalizing members of America’s ethnic minority groups. The equal application of the rule of law, as well as the respect for human rights of all citizens, black or white, is essential for a healthy democracy.” Britain has always maintained a keen interest in America, a former colony.

The post Inspired - Not Directed By | Unfilter 142 first appeared on Jupiter Broadcasting.

Chris and Noah argue over the practicality of IPv6 & if it will ever take off. Plus the big player that just got into Cyber security, Stingray’s big Baltimore outing & the big Google algorithm change this week.

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

Raytheon to Plow $1.7 Billion Into New Cyber Venture

Raytheon Co. RTN 0.89% is betting it can leverage the cybersecurity skills it honed for the U.S. military and intelligence agencies to sell to banks and retailers, investing almost $1.7 billion to establish a stand-alone business in an area where its defense peers have struggled to make money.

The company on Monday said it would buy control of Websense Inc. from private-equity firm Vista Partners LLC. Raytheon said Austin, Texas-based Websense, which has 21,000 data-security clients, half of them overseas, will form the core of a new cyber joint venture with forecast sales of $500 million this year and margins of around 20%.

Baltimore Police Used Stingrays For Phone Tracking Over 25,000 Times

The Baltimore Police Department is starting to come clean about its use of cell-phone signal interceptors — commonly known as Stingrays — and the numbers are alarming. According to recent court testimony reported by The Baltimore Sun, the city’s police have used Stingray devices with a court order more than 25,000 times. It’s a massive number, representing an average of nearly nine uses a day for eight years (the BPD acquired the technology in 2007), and it doesn’t include any emergency uses of the device, which would have proceeded without a court order.

Why the Journey To IPv6 Is Still the Road Less Traveled

The writing’s on the wall about the short supply of IPv4 addresses, and IPv6 has been around since 1999. Then why does the new protocol still make up just a fraction of the Internet? Though IPv6 is finished technology that works, rolling it out may be either a simple process or a complicated and risky one, depending on what role you play on the Internet. And the rewards for doing so aren’t always obvious. For one thing, making your site or service available via IPv6 only helps the relatively small number of users who are already set up with the protocol, creating a nagging chicken-and-egg problem.

Big Google algorithm change this week will usher in a new mobile era

The change has been a long time coming — Google first announced it back in November — but starting Tuesday, companies that haven’t made the switch will start feeling the hit in Google’s search results. The changes will favor sites that avoid technologies like Flash that don’t work on phones, have layouts that automatically scale so that users don’t have to scroll side-to-side or zoom, and have links placed far enough apart that they can be easily tapped with a finger.

The post IPv6 The Road Never Taken | Tech Talk Today 160 first appeared on Jupiter Broadcasting.

The elementary OS project makes waves by calling out their users for not donating, the FBI really doesn’t want anyone to know about “stingray” & Facebook wants to know about your Cyber threats.

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Video Feed | Torrent Feed

Become a supporter on Patreon

Show Notes:

FBI really doesn’t want anyone to know about “stingray” use by local cops

The newest revelation about the FBI comes from a June 2012 letter written by the law enforcement agency to the Minnesota Bureau of Criminal Apprehension. It was first acquired and published by the Minneapolis Star Tribune in December 2014—similar language likely exists between the FBI and other local authorities that use stingrays.

Facebook launches ThreatExchange, an API-based platform that lets companies share security threat info | VentureBeat | Security | by Emil Protalinski

Facebook today launched ThreatExchange, described as “an API-based clearinghouse for security threat information.” It’s really a social platform, which Facebook naturally excels at building, which allows companies to share with each other details about malware and phishing attacks.

Pinterest, Tumblr, Twitter, and Yahoo participated in ThreatExchange and gave feedback as Facebook was developing it. New contributors Bitly and Dropbox have also recently joined, bringing the initial participant list to seven major tech companies.

Samsung Plans 3-Sided Screen in New Galaxy Smartphone – Bloomberg Business

Samsung Electronics Co. plans to release two
new versions of its top-tier Galaxy smartphone next month,
including a model with a display covering three sides, according
to people with direct knowledge of the matter.

Google reveals smaller version of Boston Dynamics’ robo-dog Spot | Daily Mail Online

It has already been tested in its first live military trial with Marines in Hawaii.

Officially known as the ‘Legged Squad Support System’, it has taken five years to develop.

It can walk and run over rugged terrain, following a soldier while carrying 400lbs of their kit and weapons.

Mark your calendars: Google I/O 2015 is happening May 28-29, 2015 at Moscone Center West | 9to5Google

Google has today announced the dates for this year’s Google I/O developers’ conference, with the annual event being set for May 28th and 29th, 2015. According to the event’s website (which is notably completely plastered with Material Design), registration begins March 17th, 2015 at 9 AM PDT.

The post Funding is Elementary! | Tech Talk Today 131 first appeared on Jupiter Broadcasting.

Samsung files to block Nvidia chips from entering the US, a judge unseals 500+ Stingray records potentially by mistake. Plus Comcast’s big plans to get you to use the Internet less.

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Samsung Files Complaint to Block Nvidia Chips From U.S. – Bloomberg

Samsung filed a complaint yesterday against Nvidia with the
U.S. International Trade Commission in Washington, according to
a notice on the agency’s website. A copy of the complaint wasn’t
immediately available.

The legal battle began in September when Nvidia filed its
own ITC complaint against Qualcomm Inc. and Samsung over
patented ways to improve graphics. It’s asking the agency to
block imports of the latest Galaxy phones and tablets that use
Qualcomm’s Snapdragon graphics processing units or Samsung’s
Exynos processors.

Samsung retaliated Nov. 4 with a patent-infringement suit
in federal court in Richmond, Virginia. In that case, Suwon,
South Korea-based Samsung claims Nvidia and one of its customers
infringe as many as eight patents. That lawsuit targets Nvidia’s
Shield tablet computers.

Each company has denied using the other’s technology. In a
Nov. 11 statement, Nvidia called Samsung’s lawsuit “a
predictable tactic.”

‘We have not seen the complaint so can’t comment, but we
look forward to pursuing our earlier filed ITC action against
Samsung products,” Hector Marinez, a spokesman for Santa Clara,
California-based Nvidia, said in an e-mailed statement.

Judge Unseals 500+ Stingray Records

A judge in Charlotte, North Carolina, has unsealed a set of 529 court documents in hundreds of criminal cases detailing the use of a stingray, or cell-site simulator, by local police. This move, which took place earlier this week, marks a rare example of a court opening up a vast trove of applications made by police to a judge, who authorized each use of the powerful and potentially invasive device

According to the Charlotte Observer, the records seem to suggest that judges likely did not fully understand what they were authorizing. Law enforcement agencies nationwide have taken extraordinary steps to preserve stingray secrecy. As recently as this week, prosecutors in a Baltimore robbery case dropped key evidence that stemmed from stingray use rather than fully disclose how the device was used.

Eyes-on with Streaming Photoshop: Adobe’s plan to bring PS to the cloud | Ars Technica

“Streaming Photoshop” is Adobe and Google’s plan to bring the incomparable photo editor to Chrome OS and the Chrome Browser.

“Streaming Photoshop” is a Chrome App that you download from the Chrome store (provided you are whitelisted). The app opens in a window that looks just like a local version of Photoshop—there’s no browser UI of any kind. Photoshop lives on a computer in the cloud, and a video feed of it is streamed to the Chrome app. The app captures clicks and sends them to the server. It sounds like using it would be a clunky mess, but the whole process looked indistinguishable from a local install of Photoshop.

Chrome OS has taken off as a competitor to Windows—the NPD’s last estimate put it at 35% of commercial notebook sales—but it lacks a few killer apps like Photoshop. The other benefit is that you can now run Photoshop on just about any computer without having to worry about RAM and CPU usage, since all the computer has to display is a video stream. Adobe says even the $200 Chromebooks on the market today should be fast enough to handle Streaming Photoshop.

Three to 4MB/s will get you the best results, and Adobe says Streaming Photoshop should still be usable on connections as slow as 1MB/s. There’s no offline support, of course.

Streaming Photoshop runs version 15.2.1 (the latest version) on a Windows box from Google Compute Engine.

That means you’ll be getting the Windows title bar and menus regardless of what your host OS is. The app will remap hotkeys, though, so other than a few minor visual differences, it shouldn’t feel too weird. Right now there’s no GPU support, so things like 3D functions are currently off-limits—the whole menu was grayed-out. There’s also no way to print directly from Photoshop.

Storage used Google Drive—it does not currently work with Creative Cloud—and if your file is in Google’s cloud, it opens instantly, no uploading required. We’d imagine most people have their Photoshop files backed up 24/7 in Creative Cloud, Dropbox, or Google Drive, so this shouldn’t be a big change for most people. Adobe says Creative Cloud support is coming, but for now, on Google’s platform, Drive support comes free.

What XFINITY Internet Data Usage Plans will Comcast be Launching?

In the Tucson, Arizona market, we announced in 2012 that the data amount included with Economy Plus through Performance XFINITY Internet tiers would increase from 250 GB to 300 GB. Those customers subscribed to the Blast! Internet tier, have received an increase in their data usage plan to 350 GB; Extreme 50 customers have received an increase to 450 GB; Extreme 105 customers have received an increase to 600 GB. As in our other trial market areas, we offer additional gigabytes in increments/blocks of 50 GB for $10.00 each in the event the customer exceeds their included data amount.

In Huntsville and Mobile, Alabama; Atlanta, Augusta and Savannah, Georgia; Central Kentucky;Maine;Jackson,Mississippi;Knoxville and Memphis, Tennessee and Charleston,South Carolina, we have begun a trial which will increase our data usage plan for all XFINITY Internet tiers to 300 GB per month and will offer additional gigabytes in increments/blocks (e.g., $10.00 per 50 GB). In this trial, XFINITY Internet Economy Plus customers can choose to enroll in the Flexible-Data Option to receive a $5.00 credit on their monthly bill and reduce their data usage plan from 300 GB to 5 GB. If customers choose this option and use more than 5 GB of data in any given month, they will not receive the $5.00 credit and will be charged an additional $1.00 for each gigabyte of data used over the 5 GB included in the Flexible-Data Option.

The post Dark Age of the Internet | Tech Talk Today 96 first appeared on Jupiter Broadcasting.

We recap Uber’s really bad week & their recent changes in response. Thanks to the Apple Watch SDK we now have an idea of what using one will be like & it’s limitations become more clear.

Plus Viber takes chats public & we ponder why, the Stingray mystery & more!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

“God View”: Uber Investigates Its Top New York Executive For Privacy Violations

Uber said Tuesday that it is investigating its top New York executive for tracking a BuzzFeed News reporter without her permission in violation of what the transit giant says has long been its privacy policy. The company also published its privacy policy for the first time on Tuesday, though it said the policy had always been in effect.

Uber took both actions in the wake of a BuzzFeed News story that revealed that the reporter’s ride had been tracked without her permission and that another Uber executive had suggested the company might smear journalists who wrote critically of Uber. The executive who suggested digging into the private lives of journalists, Emil Michael, said his comments were “wrong” and that he regrets them.

Tracking customers is easy using an internal company tool called “God View,” two former Uber employees told BuzzFeed News. They said God View, which shows the location of Uber vehicles and customers who have requested a car, was widely available to corporate employees. Drivers, who operate as contractors, do not have access to God View.

Early this November, one of the reporters of this story, Johana Bhuiyan, arrived to Uber’s New York headquarters in Long Island City for an interview with Josh Mohrer, the general manager of Uber New York. Stepping out of her vehicle — an Uber car — she found Mohrer waiting for her. “There you are,” he said, holding his iPhone and gesturing at it. “I was tracking you.”

Mohrer never asked for permission to track her.

11 things we just learned about how the Apple Watch works | The Verge

An iPhone is required — at (almost) all times. In Apple’s own words, Watch apps extend iOS apps. “You begin your Watch app development with your existing iOS app, which must support iPhone.”

Native apps are coming next year. Important footnote from the press release: “Starting later next year, developers will be able to create fully native apps for Apple Watch.”

There could be more Watch sizes later. “Unlike iOS, where you place views at a coordinate on the screen,” Apple says, “with WatchKit, objects automatically flow downward from the top left corner of the screen, filling the available space.”

There are two types of Apple Watch notifications. The “Short Look” is only seen briefly when you raise your wrist — it’s an app icon, an app name, and some brief information. If the wearer keeps their wrist raised long enough — “after a moment,” according to Apple — the screen changes to a “Long Look” notification, which provides more information and is more customizable. For Long Looks, the app icon and name move to the top of the screen, and wearers can scroll down through the interface to use custom actions (such as “comment” or “favorite”) or dismiss the notification.

Glances. We already knew some of this, but now it’s well documented. In addition to the app itself and the notification, developers can make “Glances” for quick view of information (e.g. time, weather, tasks left). All the information must fit on a single screen and is read-only, but you’ll be able to tap it to enter the corresponding app.

No custom gestures. The interface is more or less locked to what Apple wants: vertical swipes scrolls through the screen, horizontal swipes go between pages, taps indicate selection, “force touch” opens up a context menu, and that digital crown scrolls through pages way faster. Additionally an edge swipe left goes back or up a page (“back to the parent interface controller,” if we’re being technical), and an edge swipe up opens the “Glance” view.

Messaging App Viber Takes A Step Into Social Networking With New Public Chats Feature | TechCrunch

Today Viber, the messaging app with 209 million users, is taking a different approach: it is launching Public Chats, giving users a way of using its direct messaging and voice services app to broadcast to the world at large.

Public Chats will see the introduction of live conversation streams — from celebrities, or as CEO Talmon Marco told me, other interesting people “like taxi drivers!” — that will be open for any follower to see, but not necessarily participate in. Users will only be able to jump in and talk in Public Chats if the account in question is in their contacts.

Baltimore Police balk when pressed by judge on phone tracking capabilities – Baltimore Sun

Baltimore prosecutors withdrew key evidence in a robbery case Monday rather than reveal details of the cellphone tracking technology police used to gather it.

The surprise turn in Baltimore Circuit Court came after a defense attorney pressed a city police detective to reveal how officers had tracked his client.

City police Det. John L. Haley, a member of a specialized phone tracking unit, said officers did not use the controversial device known as a stingray. But when pressed on how phones are tracked, he cited what he called a “nondisclosure agreement” with the FBI.

Defense attorney Joshua Insley still believes that police used a stingray to find Taylor. He cited a letter in which prosecutors said they were prohibited by the Department of Justice from disclosing information about methods used in their investigation.

The portable device was developed for the military to help zero in on cellphones. It mimics a cellphone tower to force nearby phones to connect to it.

Records shows that the Baltimore Police Department purchased a stingray for $133,000 in 2009.

The post Uber's God Complex | Tech Talk Today 95 first appeared on Jupiter Broadcasting.

Home Depot is breached, and the scale could be much larger than the recent Target hack & we discuss the explosion of fake cell towers in the US, and whats behind it. Then the tools used in the recent celebrity photo leak & the steps that need to be taken.

Plus a great batch of your questions, our answers & much more!

Thanks to:

Become a supporter on Patreon:

— Show Notes: —

Krebs: Banks report breach at Home Depot. Update: Almost all home depot stores hit

• Sources from multiple banks have reported to Brian Krebs that the common retailer in a series of stolen credit cards appears to be Home Depot
• Home Depots Spokesperson Paula Drake says: “I can confirm we are looking into some unusual activity and we are working with our banking partners and law enforcement to investigate,” Drake said, reading from a prepared statement. “Protecting our customers’ information is something we take extremely seriously, and we are aggressively gathering facts at this point while working to protect customers. If we confirm that a breach has occurred, we will make sure customers are notified immediately. Right now, for security reasons, it would be inappropriate for us to speculate further – but we will provide further information as soon as possible.”
• “Several banks contacted by this reporter said they believe this breach may extend back to late April or early May 2014. If that is accurate — and if even a majority of Home Depot stores were compromised — this breach could be many times larger than Target, which had 40 million credit and debit cards stolen over a three-week period”
• “The breach appears to extend across all 2,200 Home Depot stores in the United States. Home Depot also operates some 287 stores outside the U.S. including in Canada, Guam, Mexico, and Puerto Rico”
• Zip-code analysis shows 99.4% overlap between stolen cards and home depot store locations
• This is important, as the fraud detection system at many banks is based on proximity
• If a card is used far away from where the card holder normally shops, that can trigger the card being frozen by the bank
• By knowing the zip code of the store the cards were stolen from, the criminal who buys the stolen card information to make counterfeit cards with, can use cards that are from the same region they intent to attack, increasing their chance of successfully buying gift cards or high value items that they can later turn into cash
• The credit card numbers are for sale on the same site that sold the Target, Sally Beauty, and P.F. Chang’s cards
• “How does this affect you, dear reader? It’s important for Americans to remember that you have zero fraud liability on your credit card. If the card is compromised in a data breach and fraud occurs, any fraudulent charges will be reversed. BUT, not all fraudulent charges may be detected by the bank that issued your card, so it’s important to monitor your account for any unauthorized transactions and report those bogus charges immediately.”
• Some retailers, including Urban Outfitters, say they do not plan to notify customers, vendors or the authorities if their systems are compromised

Fake cell towers found operating in the US

• Seventeen mysterious cellphone towers have been found in America which look (to your phone) like ordinary towers, and can only be identified by a heavily customized handset built for Android security – but have a much more malicious purpose. Source: Popular Science
• Mobile Handsets are supposed to warn the user when the tower does not support encryption, as all legitimate towers do support encryption, and the most likely cause of a tower not supporting encryption, is that it is a rogue tower, trying to trick your phone into not encrypting calls and data, so they can be eavesdropped upon
• The rogue towers were discovered by users of the CryptoPhone 500, a Samsung SIII running a modified Android that reports suspicious activity, like towers without encryption, or data communications over the baseband chip without corresponding activity from the OS (suggesting the tower might be trying to install spyware on your phone)
• “One of our customers took a road trip from Florida to North Carolina and he found eight different interceptors on that trip. We even found one near the South Point Casino in Las Vegas.”
• “What we find suspicious is that a lot of these interceptors are right on top of U.S. military bases.” says Goldsmith. “Whose interceptor is it? Who are they, that’s listening to calls around military bases? The point is: we don’t really know whose they are.”
• Documents released last week by the City of Oakland reveal that it is one of a handful of American jurisdictions attempting to upgrade an existing cellular surveillance system, commonly known as a stingray.
• The Oakland Police Department, the nearby Fremont Police Department, and the Alameda County District Attorney jointly applied for a grant from the Department of Homeland Security to “obtain a state-of-the-art cell phone tracking system,” the records show.
• Stingray is a trademark of its manufacturer, publicly traded defense contractor Harris Corporation, but “stingray” has also come to be used as a generic term for similar devices.
• According to Harris’ annual report, which was filed with the Securities and Exchange Commission last week, the company profited over $534 million in its latest fiscal year, the most since 2011.
• Relatively little is known about how stingrays are precisely used by law enforcement agencies nationwide, although documents have surfaced showing how they have been purchased and used in some limited instances.
• Last year, Ars reported on leaked documents showing the existence of a body-worn stingray. In 2010, Kristin Paget famously demonstrated a homemade device built for just $1,500.
• According to the newly released documents, the entire upgrade will cost $460,000—including $205,000 in total Homeland Security grant money, and $50,000 from the Oakland Police Department (OPD). Neither the OPD nor the mayor’s office immediately responded to requests for comment.
• One of the primary ways that stingrays operate is by taking advantage of a design feature in any phone available today. When 3G or 4G networks are unavailable, the handset will drop down to the older 2G network. While normally that works as a nice last-resort backup to provide service, 2G networks are notoriously insecure.
• Handsets operating on 2G will readily accept communication from another device purporting to be a valid cell tower, like a stingray. So the stingray takes advantage of this feature by jamming the 3G and 4G signals, forcing the phone to use a 2G signal.
• Cities scramble to upgrade “stingray” tracking as end of 2G network looms

The Nude Celebrity Photo Leak Was Made Possible By Law Enforcement Software That Anyone Can Get

• Elcomsoft Phone Password Breaker requires the iCloud username and password, but once you have it you can impersonate the phone of the valid user, and have access to all of their iCloud information, not just photos
• “If a hacker can obtain a user’s iCloud username and password, he or she can log in to the victim’s iCloud.com account to steal photos. But if attackers instead impersonate the user’s device with Elcomsoft’s tool, the desktop application allows them to download the entire iPhone or iPad backup as a single folder, says Jonathan Zdziarski, a forensics consult and security researcher. That gives the intruders access to far more data, he says, including videos, application data, contacts, and text messages.”
• “It’s important to keep in mind that EPPB doesn’t work because of some formal agreement between Apple and Elcomsoft, but because Elcomsoft reverse-engineered the protocol that Apple uses for communicating between iCloud and iOS devices. This has been done before —Wired specifically refers to two other computer forensic firms called Oxygen and Cellebrite that have done the same thing — but EPPB seems to be a hacker’s weapon of choice. As long as it is so readily accessible, it’s sure to remain that way”
• All of this still requires the attacker to know the celebrities username and password
• This is where iBrute came in
• A simple tool that takes advantage of the fact that when Apple built the ‘Find My iPhone’ service, they failed to implement login rate limiting
• An attacker can sit and brute force the passwords at high speed, with no limitations
• The API should block an IP address after too many failed attempts. This has now been fixed
• Another way to deal with this type of attack is to lockout an account after too many failed attempts, to ensure a distributed botnet cannot do something like try just 3 passwords each from 1000s of different IP addresses
• When it becomes obvious that an account is under attack, locking it so that no one can gain access to it until the true owner of the account can be verified and steps can be taken to ensure the security of the account (change the username?)
• The issue with this approach is that Apple Support has proven to be a weak link in regards to security in the past. See TechSNAP Episode 70 .
• Obviously, the iPhone to iCloud protocol should not depend of obscurity to provide security either. We have seen a number of different attacks against the iPhone based on reverse engineering the “secret” Apple protocols
• Security is often a trade-off against ease-of-use, and Apple keeps coming down on the wrong side of the scale

Feedback:

• Server Setup: Windows Man Gone To The Darkside.

• ZFS Snapshots

• Puppet or CFEngine

• Question about online banking security

• PFSense Bandwidth Limiters Don’t Work with Squid Web Cache Package

Round Up:

• Watch Infected Windows Machines Interact with Each Other in a “Virus Farm” – We Can Has The Technology
• Prolexic (owned by Akamai) sounding alarm about IptabLes and IptabLex infections. Attackers are using unmaintained servers to launch large DDoS attacks
• WordPress 4.0 “Benny”
• Stick Figure’s guide to AES encryption
• Twitter now pays bounties for vulnerabilities
• Another WPS flaw, crack some wireless routers in a single try
• IEEE publishes paper “Avoiding the top 10 software security design flaws”
• Technical Difficulties with home delivery by drones
• Microsoft still struggling with last months patch tuesday patches
• Shortage of skilled security people leads to hiring problems for enterprises. Skilled people change jobs every 2-3 years for large pay bumps, leads to a lack of retained ‘institutionalized security’ and ‘operational knowledge’
• NameCheap reports bit russian list of usernames and passwords being used against accounts, some successful logins
• Intel announces new i7-5960x processor and new X99 chipset. 8 cores (16 with hyperthreading), 3ghz (turbo boost to 3.5ghz), 20mb cache, support for up to 64 gigabytes of DDR4 across 4 channels, 40 lanes of PCI-E 3.0, 10 SATA3 ports, 6 USB3 and 8x USB2
• Microsoft to defy federal court order and not turn over emails stored in europe to US authorities

The post Home Depot Credit Repo | TechSNAP 178 first appeared on Jupiter Broadcasting.