AbrasiveCat writes "In an update to an earlier Slashdot story, the Portland Oregon man who was arrested after stripping naked at a TSA checkpoint at Portland Airport was acquitted of indecent exposure charges. He successfully argued that he was protesting TSA actions, and his actions were protected speech under the Oregon Constitution."

judgecorp writes "The Grum botnet has been finally put out of action by a co-ordinated international effort. After Dutch servers were taken out, the remaining C&C servers in Russia and Panama were removed, with help from ISPs and their upstream providers."

hypnosec writes "The newly unveiled productivity suite from Microsoft, Office 2013, won't be running on older operating systems like Windows XP and Vista it has been revealed. Office 2013 is said to be only compatible with PCs, laptops or tablets that are running on the latest version of Windows i.e. either Windows 7 or not yet released Windows 8. According to a systems requirements page for Microsoft for Office 2013 customer preview, the Office 2010 successor is only compatible with Windows 7, Windows 8, Windows Server 2008 R2 or Windows Server 2012. This was confirmed by a Microsoft spokesperson. Further the minimum requirements states that systems need to be equipped with at least a 1 GHz processor and should have 1 GB of RAM for 32-bit systems or 2 GB for 64-bit hardware. The minimum storage space that should be available is 3 GB along with a DirectX 10-compatible graphics card for users wanting hardware acceleration."

hal9000(jr) writes "While IPv6 day was a successful marketing campaign, is anyone really moving to IPv6? On World Launch Day, Arbor Networks noted a peak of only .2% of IPv6 network traffic. It appears that IPv4 addresses are still valuable and are driving hosting acquisitions. Windows 8 will actually prefer IPv6 over IPv4. If you want IPv6, here's what to do about it."

ananyo writes "The Norfolk Constabulary has closed its investigation into the November 2009 release of private emails between researchers at the Climatic Research Centre at the University of East Anglia in Norwich after failing to identify those responsible. Despite not being able to prosecute any offenders, the police have confirmed that the data breach 'was the result of a sophisticated and carefully orchestrated attack on the CRU's data files, carried out remotely via the internet.' The investigation has also cleared anyone working at or associated with UEA from involvement in the crime. The hacking resulted in the release of more than 1,000 emails and shook the public's trust in climate science, though independent investigations after the breach cleared the scientists of wrongdoing."

An anonymous reader writes "In a bizarre turn of events, the Senate would prefer that the DoD use software not written by the government for the government. Quoting: 'Like Google, the agency needed a way of storing and retrieving massive amounts of data across an army of servers, but it also needed extra tools for protecting all that data from prying eyes. They added 'cell level' software controls that could separate various classifications of data, ensuring that each user could only access the information they were authorized to access. It was a key part of the NSA’s effort to improve the security of its own networks. But the NSA also saw the database as something that could improve security across the federal government — and beyond. Last September, the agency open sourced its Google mimic, releasing the code as the Accumulo project. It’s a common open source story — except that the Senate Armed Services Committee wants to put the brakes on the project. In a bill recently introduced on Capitol Hill, the committee questions whether Accumulo runs afoul of a government policy that prevents federal agencies from building their own software when they have access to commercial alternatives. The bill could ban the Department of Defense from using the NSA’s database — and it could force the NSA to meld the project’s security tools with other open source projects that mimic Google’s BigTable.'"

The idea behind the United States Space Camp is to give kids (and some adults) a chance to do astronaut training-type things that will get them jazzed on science and technology, in addition to getting away from home for a while. Security Camp is sort of like that that, says instigator Marc Tobias, but is about security stuff rather than space, and somehow interviewer Timothy Lord didn't ask Tobias about plans to teach security, computer or otherwise, for space travelers, when he talked with Tobias at HOPE (Hackers on Planet Earth) in New York. Since Tobias is an expert in physical security (locks), and locksmithing is going to be taught at Security Camp along with electronic/hacking-type security skills, it's a good thing all participants will be checked for criminal records and tendencies before they're allowed to participate. If there are plans to make a movie about Security Camp, which Tobias didn't mention one way or the other during this interview, we hope it's better than the 1986 movie, Space Camp.

DavidGilbert99 writes "Following the discovery of the highly-complex Flame virus in May, two security companies (Seculert and Kaspersky Lab) have uncovered a new cyber-espionage threat against the Middle East. Madi, or Madhi, is an information-stealing trojan which is technically a lot simpler than Flame or Stuxnet but is specifically targeting people in critical infrastructure companies, financial services and government embassies, which are mainly located in Iran, Israel and Afghanistan. The Madi creators use social engineering techniques to spread, embedding the malware in various documents including text files and PowerPoint presentations. It is unclear if the malware is state-sponsored or not, but it has already stolen several gigabytes of information and is still active."

kierny writes "Hackers/crackers who get arrested are typically male and young adults — if not minors. Why is that? According to research by online psychology expert Grainne Kirwan, it's because the typical hacker 'ages out' once they get a girlfriend, job, kids, and other responsibilities that make it difficult to maintain their hacking/cracking/hacktivist lifecycle. Could that finding offer a way to help keep more young hacking enthusiasts out of jail?"

wiredmikey writes "Dutch authorities have pulled the plug on two secondary servers used by the Grum botnet, a large botnet said to produce about 17% of the world's spam. According to researchers from FireEye, the backup C&C servers were located in the Netherlands, and once word of their existence was released, Dutch authorities quickly seized them. While any C&C server takedown is a win, the impact may be minimal, as the two primary servers are fully active, and the datacenters hosting them are unresponsive to fully documented abuse reports. That being said, FireEye's Atif Mushtaq noted that the botnet does has some weak spots, including the fact that Grum has no failback mechanism, has just a few IPs hardcoded into the binaries, and the botnet is divided into small segments, so even if some C&Cs are not taken down, part of botnet can still remain offline. The removal of the C&C servers shines light on how quickly some law enforcement agencies work, given that proof of their existence is just over a week old."

yahoi writes "AT&T has teamed up with an 11-year-old hacker and DefCon Kids to host a hacking contest during the second annual conference that runs in conjunction with the adult Def Con hacker show later this month in Las Vegas. The kid who finds the most zero-day bugs in mobile apps wins $1,000 and an IPad, courtesy of DefCon Kids. The contest was inspired by the mini-hacker's discovery last year of a whole new class of mobile app vulnerabilities."

New submitter SternisheFan tips this quote from an article at Ars: "The latest release of Google's Android mobile operating system has finally been properly fortified with an industry-standard defense. It's designed to protect end users against hack attacks that install malware on handsets. In an analysis published Monday, security researcher Jon Oberheide said Android version 4.1, aka Jelly Bean, is the first version of the Google-developed OS to properly implement a protection known as address space layout randomization. ASLR, as it's more often referred to, randomizes the memory locations for the library, stack, heap, and most other OS data structures. As a result, hackers who exploit memory corruption bugs that inevitably crop up in complex pieces of code are unable to know in advance where their malicious payloads will be loaded. When combined with a separate defense known as data execution prevention, ASLR can effectively neutralize such attacks."

Sparrowvsrevolution writes "In a workshop Friday at the Hackers On Planet Earth conference in New York, a German hacker and security consultant who goes by the name 'Ray' showed that he could open high-security handcuffs from manufacturers Chubb and Bonowi with plastic copies of keys that he cheaply produced with a laser-cutter and a 3D printer. Both companies attempt to control the distribution of their keys to keep them exclusively in the hands of authorized buyers such as law enforcement. Lasercut plexiglass versions of the Chubb key, which opens handcuffs like the ones used in passenger airline restraints, were selling for $4 at the conference. Ray plans to post the CAD file for the key on the 3D printing site Thingiverse after LockCon later this week."

snydeq writes "Ever since the first beta editions of Windows 8 appeared, rumors have circulated over how Microsoft would revamp its other flagship consumer product, Office, to be all the more useful in the new OS. Would Office become touch-oriented and Metro-centric, to the exclusion of plain old Windows users? A first look at Office 2013 provides the short answer: No. 'Office 2013 has clearly been revised to work that much better in Windows 8 and on touch-centric devices, but the vast majority of its functionality remains in place. The changes made are mostly cosmetic — a way to bring the Metro look to Office for users of versions of Windows other than 8. Further, Office 2013 has been designed to integrate more closely with online storage and services (mainly Microsoft's), although those are thankfully optional and not mandatory.'"

alphadogg writes "A host of small modifications and a large number of system-on-a-chip and PowerPC fixes inflated the size of release candidate No. 7 for Version 3.5 of the Linux kernel, according to curator Linus Torvalds' RC7 announcement, made on Saturday. Torvalds wasn't happy with the extensive changes, most of which he said he received Friday and Saturday, saying 'not cool, guys' in the announcement. However, the occasionally combustible kernel curator didn't appear to view this as a major setback. 'Now, admittedly, most of this is pretty small. The loadavg calculation fix patch is pretty big, but quite a lot of that is added comments,' he wrote, referring to the subroutine that measures system workload."