Active Response

WiMax: Just Another Security Challenge?

News, Infocus, Columns, Vulnerabilities, Bugtraq ...

akaru writes "Using common DSLR cameras, some creative individuals have created an example of true HDR video. Instead of pseudo-HDR, they actually used multiple cameras and a beam splitter to record simultaneous video streams, and composited them together in post. Looks very intriguing."

Read more of this story at Slashdot.

An anonymous reader writes "The Swedish police, who have been instrumental in various raids against file-sharing sites, may have a bit of a piracy problem on their own hands. It seems they wanted to put together a database of shoe print information for matching crime scene shoe prints to particular shoe types. To do so, they used images found online, and some Swedish copyright experts have noted that this appears to violate Swedish copyright law. The police claim there's an exception for police investigations, but people (and some shoe companies) are pointing out that creating a database isn't about an investigation."

Read more of this story at Slashdot.

Trailrunner7 writes "There appears to be an actual email worm in circulation right now, using the tried-and-true infection method of sending emails containing malicious executables to all of the names in a user's email address book. The worm arrives via emails with the subject line 'Here You Have' or something similar, and the messages contain a link to a site that will download a malicious file to the victim's PC. The malware then drops itself into the Windows directory with a file name of CSRSS.EXE, which is identical to a legitimate Windows file. From there, it's 2001 all over again, as the worm attempts to mail itself to all of the contacts in the victim's Outlook address book."

Read more of this story at Slashdot.

Gadgetank writes "Researchers out of the Australian National University have created a device, working in conjunction with other necessary devices, that can literally move small particles with light. And only light. The way it works is by shining a hollow laser beam around some tiny glass particles. The researchers heat the air around the particles, and therefore cause the dark center of the beam to remain cool."

Read more of this story at Slashdot.

I'm Not There (1956) writes "Broadcom, the world's largest manufacturer of Wi-Fi transceivers, open sources its Linux device drivers. This is a big win for Linux users, as there are a lot of users that face Wi-Fi problems when they use Linux on their laptops. With these device drivers now open source, distributions can ship them out-of-the-box, and that means no Linux Wi-Fi problems for new devices and upcoming distributions at all."

Read more of this story at Slashdot.

An anonymous reader writes "Mozilla has published the first Firefox 4 build that integrates a new JavaScript engine that aims to match the performance in IE9 and reduces the gap to Safari, Opera and Chrome. This is really the big news we have been waiting for all along with Firefox 4 and it appears that the JavaScript performance is pretty dramatic and seems to beat IE9 at least as far as ConceivablyTech shows. Good to see Mozilla back in the game." The Mozilla blog gives a good overview of the improvements this brings; Tom's Hardware also covers the release.

Read more of this story at Slashdot.

Stoobalou writes "The people behind VLC, quite probably the most useful media player available right now, have submitted an iPod version to the Apple software police. VLC — which is rightfully famous for having a go at playing just about any kind of audio or video file you care to throw at it — should appear some time next week, if it makes it through the often unfathomable approval process implemented by Apple. The Open Source Video Lan Client has been tweaked to run on the iPod by software developer Applidium."

Read more of this story at Slashdot.

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Groupwise Internet Agent.

-

Make your website safer. Use external penetration testing service. First report ready in one hour!

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe's Acrobat Reader.

-

Make your website safer. Use external penetration testing service. First report ready in one hour!

cgriffin21 writes "T-Mobile Thursday finally confirmed what it's been hinting at for a while: The HTC G2, T-Mobile's HSPA+ successor to the HTC G1, is on the way. It'll be an Android 2.2 phone and run on T-Mobile's HSPA+ data network, which while not a 4G network offers what T-Mobile is calling 4G-like speeds up to 21 Mbps. T-Mobile hasn't confirmed pricing or exact availability but said it would open the G2 to presales for existing customers at the end of September."

Read more of this story at Slashdot.

A vulnerability was discovered in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system.

-

Make your website safer. Use external penetration testing service. First report ready in one hour!

A vulnerability was discovered in GIGABYTE Dldrv2 ActiveX Control, which can be exploited by malicious people to compromise a user's system.

-

Make your website safer. Use external penetration testing service. First report ready in one hour!

A vulnerability was discovered in GIGABYTE Dldrv2 ActiveX Control, which can be exploited by malicious people to compromise a user's system.

-

Make your website safer. Use external penetration testing service. First report ready in one hour!

Tootech writes "In a case of 'physician, heal thyself,' the agency — which forms the operational arm of DHS's National Cyber Security Division, or NCSD — failed to keep its own systems up to date with the latest software patches. Auditors working for the DHS inspector general ran a sweep of US-CERT using the vulnerability scanner Nessus and turned up 1,085 instances of 202 high-risk security holes. 'The majority of the high-risk vulnerabilities involved application and operating system and security software patches that had not been deployed on computer systems located in Virginia,' reads the report from assistant inspector general Frank Deffer."

Read more of this story at Slashdot.

Rahmmp writes "Adobe has sounded an alarm for a new zero-day flaw in its PDF Reader/Acrobat software, warning that hackers are actively exploiting the vulnerability in-the-wild. An Adobe spokeswoman described the attacks as 'limited' but warned that that could change with the availability of public samples and exploit code."

Read more of this story at Slashdot.

wiedzmin writes "This month, officials from the Unique Identification Authority of India (UIDAI), armed with fingerprinting machines, iris scanners and cameras hooked to laptops, will fan out across the towns and villages of southern Andhra Pradesh state in the first phase of the project whose aim is to give every Indian a lifelong Unique ID (UID) number for 'anytime, anywhere' biometric authentication. While enrolling with the UIDAI may be voluntary, other agencies and service providers might require a UID number in order to transact business. Usha Ramanathan, a prominent legal expert who is attached to the Center for the Study of Developing Societies in the national capital, said that, 'taken to its logical limit, the UID project will make it impossible, in a couple of years, for an ordinary citizen to undertake a simple task such as traveling within the country without a UID number.' Next step, tying that UID number and biometric information to to their RIM BlackBerry PIN number."

Read more of this story at Slashdot.

coondoggie writes "Talk about finding a needle in a cosmic haystack. Scientists this week said they found microscopic shrapnel in a meteorite of a star they say exploded around the birth of our solar system 4.5 billion years ago."

Read more of this story at Slashdot.

wiredmikey writes "In a recent investigation, it was discovered that cybercriminals are creating 57,000 new 'fake' websites each week looking to imitate and exploit approximately 375 high-profile brands. eBay and Western Union were the most targeted brands, making up 44 percent of exploited brands discovered. Visa, Amazon, Bank of America and PayPal also heavily targeted by cybercriminals. Banks comprise the majority of fake websites by far with 65 percent of the total. Online stores and auction sites came in at 27 percent, with eBay taking the spot as the No. 1 most targeted brand on the Web today."

Read more of this story at Slashdot.