A list of the most hackable cars has been released on the eve of a highly anticipated Black Hat presentation, Mozilla developers get hacked, getting started with Linux and why a little video games can be good for kids.

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a supporter on Patreon:

Show Notes:

Least Secure Cars Revealed At Black Hat

Research by two security experts presenting at Black Hat this week has labeled the 2014 Jeep Cherokee, the 2015 Cadillac Escalade and the 2014 Toyota Prius as among the vehicles most vulnerable to hacking because of security holes that can be accessed through a car’s Bluetooth, telematics, or on-board phone applications. The most secure cars include the Dodge Viper, the Audi A8, and the Honda Accord, according to Researchers Charlie Miller and Chris Valasek. Millar and Valasek will reveal the full report on Wednesday, but spoke to Dark Reading today with some preliminary data.

The two security experts didn’t physically test the vehicles in question, but instead used information about the vehicles’ automated capabilities and internal network. “We can’t say for sure we can hack the Jeep and not the Audi,” Valasek told Dark Reading. “But… the radio can always talk to the brakes” because both are on the same network. According to the “Connected Car Cybersecurity” report from ABI Research, there have been “quite a few proof of concepts” demonstrating interception of wireless signals of tire pressure monitoring systems, impairing anti-theft systems, and taking control of self-driving and remote control features through a vehicle’s internal bus, known as controller area network (CAN).

• Researchers to name the most hackable cars at Black Hat – Computerworld

Thousands of Mozilla developers’ e-mail addresses, password hashes exposed | Ars Technica

About 76,000 e-mail addresses and 4,000 password hashes were left on a publicly accessible server for about 30 days beginning June 23, according to a blog post. There is no indication the data was accessed, but Mozilla officials investigating the disclosure can’t rule out the possibility.

The code Mozilla uses for their developer login site is open source and posted on GitHub. It looks like from the code they didn’t key stretch the hash. While the salt keeps things ‘safer’ (no rainbow tables, etc), against a GPU brute-forcing attempt, the fact these are straight hashes means they are a little weak against brute-forcing.

Introduction to Linux | edX

Beginning August 1st, The Linux Foundation, in conjunction with online education giant edX, is offering a free Introduction to Linux course.

This class, first announced in early March, is available for free. That’s not bad for a class that usually runs $2,400!

This massively open online course (MOOC) is being taught by Jerry Cooperstein. Cooperstein is a nuclear astrophysicist who’s been using Linux since 1994 and teaching it for almost that long.

According to Dice, the leading career site for technology and engineering professionals, nine out of ten IT hiring managers are looking for Linux pros.

This class looks at Linux from a very high level. You’ll be able to use Linux distributions from any of the three major Linux families, including Red Hat, with Fedora or CentOS; Debian, including Ubunt or Mint; and SUSE, including openSUSE.

This course will cover the various tools and techniques commonly used by Linux programmers, system administrators and end users to do day-to-day work in Linux.

• Linux Foundation’s free online intro to Linux class opens its doors | ZDNet

Could a Little Video Game Play Be Good for Kids?

Researchers found that kids who played video games for less than one hour a day were more likely to be happy, helpful and emotionally stable than kids who never grab a controller, according to findings published online Aug. 4 in the journal Pediatrics.

More than three hours daily of gaming had the opposite effect, however. Video game junkies were more likely to be moody, unhappy with their life and apt to act out in negative ways.

To examine both the positive and negative effects of gaming, researchers assessed the video game habits and emotional growth of nearly 5,000 British boys and girls aged 10 to 15.

The post BlackHat Carmageddon | Tech Talk Today 38 first appeared on Jupiter Broadcasting.

Could Netflix be classified as a cyber security threat, or is this being overblown? Having Dynamic DNS problems? You can thank Microsoft, they played cowboy and shut down the No-IP service.

Plus Newegg starts accepting Bitcoin, another big open source adoption and more!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a Tech Talk Today supporter on Patreon:

Show Notes:

Netflix Could Be Classified As a ‘Cybersecurity Threat’ Under New CISPA Rules | Motherboard

The cybersecurity bill making its way through the Senate right now is so broad that it could allow ISPs to classify Netflix as a “cyber threat,” which would allow them to throttle the streaming service’s delivery to customers.

“A ‘threat,’ according to the bill, is anything that makes information unavailable or less available. So, high-bandwidth uses of some types of information make other types of information that go along the same pipe less available,” Greg Nojeim, a lawyer with the Center for Democracy and Technology, told me. “A company could, as a cybersecurity countermeasure, slow down Netflix in order to make other data going across its pipes more available to users.”

The general uproar surrounding the bill could have led to the postponement of its markup—it was originally set to be discussed by Feinstein’s Intelligence Committee last week, but was pushed back. No word on when it’ll be taken up by the committee, but considering that the bill has been in the works behind closed doors for several months now, don’t expect it to die without first getting some very serious consideration on Capitol Hill.

Millions of dynamic DNS users suffer after Microsoft seizes No-IP domains

Millions of legitimate servers that rely on dynamic domain name services from No-IP.com suffered outages on Monday after Microsoft seized 22 domain names it said were being abused in malware-related crimes against Windows users.

Microsoft enforced a federal court order making the company the domain IP resolver for the No-IP domains. Microsoft said the objective of the seizure was to identify and reroute traffic associated with two malware families that abused No-IP services. Almost immediately, end-users, some of which were actively involved in Internet security, castigated the move as heavy handed, since there was no evidence No-IP officially sanctioned or actively facilitated the malware campaign, which went by the names Bladabindi (aka NJrat) and Jenxcus (aka NJw0rm).

In a complaint Microsoft filed under seal on June 19, Microsoft attorneys said No-IP is “functioning as a major hub for 245 different types of malware circulating on the Internet.” The document said abuse of the service has been the subject of recent blog posts by both OpenDNS and Cisco Systems.

Monday’s seizure was the tenth major malware disruption Microsoft has participated in. The actions typically combine surprise technical and legal procedures that eradicate or significantly disrupt major botnets.

South Korea gives up on Microsoft – Giving Open Sauce a chance

According to a government statement, South Korea wants to break from its Microsoft dependency and move to open source software by 2020″

In a statement the government said that it will invigorate open source software in order to solve the problem of dependency on certain software. The government has invested in Windows 7 to replace XP, but it does not want to go through the same process in 2020 when the support of the Windows 7 service is terminated.

Facebook Added ‘Research’ To User Agreement 4 Months After Emotion Manipulation Study

The study came to light recently when he and his two co-researchers from Cornell University and University of California-SF published their study describing how users’ moods changed when Facebook curated the content of their News Feeds to highlight the good, happy stuff (for the lucky group) vs. the negative, depressing stuff

Four months after this study happened, in May 2012, Facebook made changes to its data use policy, and that’s when it introduced this line about how it might use your information: “For internal operations, including troubleshooting, data analysis, testing, research and service improvement.”

Newegg.com – BITCOIN ACCEPTED

• Twitter / Newegg: We’re proud to announce…

We're proud to announce our acceptance of @Bitcoin via @BitPay. Learn more at https://t.co/2jxwhQQ92U #neweggbitcoin https://t.co/tRD4VO0MIU

— Newegg (Official) (@Newegg) July 1, 2014

We’re proud to announce our acceptance of @Bitcoin via @BitPay. Learn more at https://bit.ly/1qcn4Jo #neweggbitcoin

• 1-800-FLOWERS.COM Partners with Coinbase to Accept Bitcoin

Beginning this fall, 1-800-FLOWERS will be adding bitcoin as a payment option across its extensive family of gifting sites, including 1-800-FLOWERS.COM, FannieMay.com, Cheryl’s.com, ThePopcornFactory.com, 1-800-Baskets.com, FruitBouquets.com, and Stockyards.com.

Time Machine:

Today in Tech:

23 Years ago In 1991 — Finnish Prime Minister Harri Holkeri made the world’s first GSM call over a privately operated network to Vice Mayor Kaarina Suonio in Tampere. The Prime Minister used Nokia gear on GSM’s original 900MHz band.

The post Microsoft Cyber Terrorism | Tech Talk Today 18 first appeared on Jupiter Broadcasting.

Facebook admits to manipulating users emotions for research, the first review of the privacy protecting Blackphone hits the web and how you can create your own secure phone today.

Plus a quick review of The Internet’s Own Boy: The Story of Aaron Swartz and more!

Direct Download:

MP3 Audio | OGG Audio | Video | HD Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | Torrent Feed

Become a Tech Talk Today supporter on Patreon:

Show Notes:

— Headlines —

Facebook Manipulated 689,003 Users’ Emotions For Science – Forbes

A recent study shows Facebook playing a whole new level of mind gamery with its guinea pigs users. As first noted by The New Scientist and Animal New York, Facebook’s data scientists manipulated the News Feeds of 689,003 users, removing either all of the positive posts or all of the negative posts to see how it affected their moods. If there was a week in January 2012 where you were only seeing photos of dead dogs or incredibly cute babies, you may have been part of the study.

The researchers, led by data scientist Adam Kramer, found that emotions were contagious. “When positive expressions were reduced, people produced fewer positive posts and more negative posts; when negative expressions were reduced, the opposite pattern occurred,”

“These results indicate that emotions expressed by others on Facebook influence our own emotions, constituting experimental evidence for massive-scale contagion via social networks.”

The experiment ran for a week — January 11–18, 2012 — during which the hundreds of thousands of Facebook users unknowingly participating may have felt either happier or more depressed than usual, as they saw either more of their friends posting ’15 Photos That Restore
Our Faith In Humanity’ articles or despondent status updates about losing jobs, getting screwed over by X airline, and already failing to live up to New Year’s resolutions. “Probably nobody was driven to suicide,” tweeted one professor linking to the study, adding a “#jokingnotjoking” hashtag.

In it’s initial response to the controversy around the study — a statement sent to me late Saturday night — Facebook doesn’t seem to really get what people are upset about, focusing on privacy and data use rather than the ethics of emotional manipulation and whether Facebook’s TOS lives up to the definition of “informed consent” usually required for academic studies like this.

“This research was conducted for a single week in 2012 and none of the data used was associated with a specific person’s Facebook account,” says a Facebook spokesperson. “We do research to improve our services and to make the content people see on Facebook as relevant and engaging as possible.

Serious Android crypto key theft vulnerability affects 10% of devices

The vulnerability resides in the Android KeyStore, a highly sensitive region of the Google-made operating system dedicated to storing cryptographic keys and similar credentials, according to an advisory published this week by IBM security researchers.

By exploiting the bug, attackers can execute malicious code that leaks keys used by banking and other sensitive apps, virtual private network services, and the PIN or finger patterns used to unlock handsets.

There are several technical hurdles an attacker must overcome to successfully exploit the vulnerability. Android is fortified with modern software protections, including data execution prevention and address space layout randomization, both of which are intended to make it much harder for hackers to execute code when they identify security bugs.

Exclusive: A review of the Blackphone, the Android for the paranoid

The Blackphone is the first consumer-grade smartphone to be built explicitly for privacy. It pulls together a collection of services and software that are intended to make covering your digital assets simple—or at least more straightforward. The product of SGP Technologies, a joint venture between the cryptographic service Silent Circle and the specialty mobile hardware manufacturer Geeksphone, the Blackphone starts shipping to customers who preordered it sometime this week. It will become available for immediate purchase online shortly afterward.

• A two-year subscription to Silent Circle’s secure voice and video calling and text messaging services, plus three one-year “Friend and Family” Silent Circle subscriptions that allow others to install the service on their existing smartphones;
• Two years of 1GB-per-month Disconnect virtual private network service, plus Disconnect’s anonymizing search as part of the phone’s web browser;
• Two years of SpiderOak cloud file storage and sharing, with a limit of five gigabytes a month.

PrivatOS’ main innovation is its Security Center, an interface that allows the user to explicitly control just what bits of hardware functionality and data each application on the phone has access to. It even provides control over the system-level applications—you can, if you wish for some reason, turn off the Camera app’s access to the camera hardware and turn off the Browser app’s access to networks.

The good

• Excellent Security Center feature of PrivatOS does what stock Android should do, giving you fine control over app permissions.
• Bundled Silent Voice and Silent Text services anonymize and encrypt communications so no one can eavesdrop on voice, video, and text calls at all.
• Bundled Kismet Smart Wi-Fi Manager keeps phone from connecting to unfriendly networks.
• Disconnect VPN and Search keep web trackers away from your phone, anonymize your searches and Internet traffic.

The bad

• The phone’s performance, while acceptable, is mediocre (even though it isn’t the phone’s selling point).
• Silent Phone calling ran into trouble when network switched between calls, and the user interface may baffle some users.

The ugly

• A custom OS means no Google Play library or any of the other benefits of the Google ecosystem, spotty support for sideloaded apps, and reliance on Amazon or other third-party app stores. Such is the price of privacy.

The first units of the $629 handset to ship are for European LTE users, and U.S. units will follow. In both cases, preorder production runs come first, then units for those who have not already ordered the device.

M66B/XPrivacy

XPrivacy – The ultimate, yet easy to use, privacy manager

https://www.xprivacy.eu/

Xposed Installer | Xposed Module Repository

Xposed is a framework for modules that can change the behavior of the system and apps without touching any APKs. That’s great because it means that modules can work for different versions and even ROMs without any changes (as long as the original code was not changed too much). It’s also easy to undo. As all changes are done in the memory, you just need to deactivate the module and reboot to get your original system back. There are many other advantages, but here is just one more: Multiple modules can do changes to the same part of the system or app. With modified APKs, you to decide for one. No way to combine them, unless the author builds multiple APKs with different combinations.

Smarter Wi-Fi Manager – Android Apps on Google Play

Smarter Wi-Fi Manager improves the security and privacy of your device by only enabling Wi-Fi in locations where you actually use it. Instead of letting your device advertise the name of your home network or try to connect to anyone who has left an access point set to the default name just because you once used a friends network who didn’t configure it, Smarter Wi-Fi Manager will turn it off when you’re not near somewhere you’ve used Wi-Fi before.

The Internet’s Own Boy: The Story of Aaron Swartz

The Internet’s Own Boy depicts the life of American computer programmer, writer, political organizer and Internet activist Aaron Swartz. It features interviews with his family and friends as well as the internet luminaries who worked with him. The film tells his story up to his eventual suicide after a legal battle, and explores the questions of access to information and civil liberties that drove his work.

The post Facebook Manipulates YOU! | Tech Talk Today 17 first appeared on Jupiter Broadcasting.

The media is moving quick to blame video games as the propellent to the violent event in Newtown, Connecticut. We’ll expose their tired approach, and ask the hard questions about gun control and mental health.

PLUS: We’ll pull into focus the stories that slipped between the cracks in the wake of the tragic shooting this week.

Then in ACT3: We’ll cover your feedback, and much more in this episode of, Unfilter.

Direct Download:

HD Video | Mobile Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

HD Feed | Mobile Feed | MP3 Feed | OGG Feed | HD Torrent | Mobile Torrent | iTunes

Get Unfilter on your Android:

• Callisto – Android App
• Jupiter Broadcasting – Android App by ShaneQful

Browser Affiliate Extension:

• Jupiter Broadcasting Affiliate Extensions for Chrome and Firefox

Show Notes:

ACT ONE:

• Hillary Clinton Concussion is Not Fake, Says State Department
• No Protest Prior’ to Benghazi Attack

• Briefing on the Accountability Review Board Report – YouTube

• Obama Notifies Congress of Troops Deployed to Libya and Yemen

• Patriot Missile Parts Arrive in Turkey

• US: Release Report that Addresses CIA Torture

Drone Update:

• Obama Adminstration asks the court to dismiss lawsuit over Americans killed by drones

ACT TWO:

• Are Video Games Connected to Real-Life Tragedies? – YouTube

• Video Games Targeted By Senate In Wake Of Sandy Hook Shooting

• Sandy Hook Shooting: Video Game Violence Isn\’t to Blame | TIME.com

• On the View: Ban Violent Video Games

• U.S. Senator Seeks New Study of Violent Videogames

• Obama appoints Biden to take charge on gun control

• Adam Lanza Taking Antipsychotics

• Dianne Feinstein Wants to Ban Assault Weapons

ACT THREE: FEEDBACK

• I am also a union member I thought I\’d throw in my opinion on the matter

• Why did you apologize about the using a clip from The Young Turks

• Upset we played Young Turks clip

• [Suggestion] Time For a Gun-Regulation Episode : unfilter

• Perspective on Guns

• Libor connection between the fathers of the Newtown and Aurora shooters

  • Old video of a San Jose police officer explaining the truth about \”Assault Weapons\” : unfilter

• Confidential File: Horror Comic Books! – YouTube

OFF the 27th. BACK Jan 3rd 2013.

Follow the Team:

Call us: 1.425.312.1756

• Unfilter on Reddit
• Chris on Twitter
• Chase’s Geek and Gaming Network
• Chase on Twitter

The post Killer Video Games | Unfilter 30 first appeared on Jupiter Broadcasting.

Mike and Chris discuss their favorite things from 2012. And do developers really need monster rigs to get their jobs done? Plus our thoughts on Github vs code.google.com, the XPS 13…

And more!

Direct Download:

MP3 Audio | OGG Audio | Video | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | Video Feed | Torrent Feed | iTunes Audio | iTunes Video

Show Notes:

Feedback

• Michael wants to know why Github > code.google.com
• David wants our thoughts on the Dell XPS 13 developer edition
• Luke asks: “How do I bring my independent study into focus, such that I have a clearer perspective of how to get from idea to app? “
• Jack reccomends Lynda.com
• Johan’s experience on the Ubuntu Software Center. Johan from Sweden
• Russel shares re code academy:

“Ultimately we came to the conclusion that learning from a book or a more rigorous source is far better for actually learning a language, but Codecademy is still useful for a quick reminder on stuff like syntax. I used Code School to learn Ruby and didn\’t have any of these issues, I suppose the lesson is that you get what you pay for.”

John writes:

“After your last C++ show I got all fired up to learn C++. I\’ve heard many times how bad Java guys are C++ so I am trying my best not to suck too much. One thing I don\’t quite understand is where C++ coders go for much of the API that I am used to using with Java. i.e stuff like HTTP libraries, XML/XSLT manipulation, database integration etc. I know Qt has a lot of that but so far all my C++ applications have just turned into Qt applications and I feel i\’m somewhat missing the point. “

Pick:

[asa]B009X3UW2G[/asa]

Follow the show

• Email the show
• Live Monday 9am PDT
• Music by: Ronald Jenkees
• Mike on Twitter
• Mike on Google+
• Mike’s website
• Chris on twitter
• Chris on Google+

The post Few of Our Favorite Things | CR 28 first appeared on Jupiter Broadcasting.

The recent introduction of full body x-ray scanners to several airports around the USA has gotten several folks up in a stink over it. It’s an invasion of privacy! A violation of 4th Amendment rights! Stop checkin’ out my junk!

We’re here to tell you why folks be hatin’ and what they’re doing about it, as well as lay out some truth on your faces and give you the skinny behind why this whole ordeal is even going down.

Show Feeds:

• HD Video RSS
• Large Video RSS
• iPod Video RSS
• MP3 RSS
• iTunes Feeds

Download:

Download:

The post Don't Touch My Junk | J@N | 11.16.10 first appeared on Jupiter Broadcasting.