Jump to content


Most Liked Content


#48 HBO Goes After ‘Online’ Pirates in the Caribbean

Posted by Scorpion on 26 February 2017 - 07:52 PM

 
hbola.png

HBO’s daughter company in Latin America, HBO LA, is not happy with the rampant piracy that’s taking place in the Caribbean.
Earlier this month the company submitted its latest 301 ‘watch list’ submission to the U.S. Government, urging the authorities to take appropriate action. 
HBO is steadily expanding its services to the Caribbean and Central American regions. However, their efforts to roll out legitimate services are frustrated by local pirates. These aren’t just individual pirates, large cable operators are in on it too.
“…a lack of enforcement by Caribbean and Central American governments is allowing local cable operators to build substantial enterprise value by increasing their subscriber base through offering pirated content,” HBO LA writes (pdf). 
The same goes for hotels, which treat their visitors to prime HBO programming without paying a proper license. 
“In addition to piracy by large cable providers, non-U.S. owned hotel chains on a variety of islands are known to pirate content exclusively licensed to HBO LA by using their own onsite facilities or obtaining service from cable operators who pirate,” HBO LA informs the government. 
Piracy by cable operators and hotels is not new. HBO has reported these issues to the authorities before, but thus far little has changed. In the meantime, however, the company has started to notice another worrying trend.
Online piracy has started to become more prevalent, with many stores now selling IPTV boxes and other devices that allow users to access HBO content without permission. 
“In the past year, HBO LA continued to see a significant increase in the problem of online piracy of its service throughout all of HBO LA’s territory,” HBO LA writes.
“In the Caribbean, several brick-and-mortar stores customarily sell Roku or generic Android set-top devices (like the Mag250, Avov, and the MXIII) preinstalled with an unlicensed streaming service and offering a few hundred channels of content, including content for which HBO LA holds exclusive license in the territory.”
A Facebook ad highlighted by HBO LA


gizmos-e1487685074604.png
The company lists various examples of stores that offer these kinds of products including the Gizmos and Gadgets Electronics store in Guyana. This store sells Roku devices with an unlicensed streaming service called “ROKU TV” pre-installed.
By selling “pirate” subscriptions to thousands of customers the company is making over a million dollars per year, HBO estimates. And more recently the same store started to sell a subscription-less service as well.
“Additionally, Gizmos and Gadgets Electronics has recently started offering a second integrated hardware and service device known as the Gizmo TV BOX, which offers over 200 channels with no monthly fee,” HBO LA writes.
This is just one example of the many that are listed by the Latin American daughter of HBO.
The cable provider says it’s already taken various steps to stop the different types of infringements but hopes that U.S. authorities will help out where local governments fail. Towards the end of their submission, HBO LA encourages the United States Trade Representative to apply appropriate pressure and threats, to turn the tide.

 


  • RipperJack likes this


#47 Russia Drafts Legislation to Remove Pirate Sites From Search Engines

Posted by Scorpion on 26 February 2017 - 07:51 PM

 
searchman.jpg

Copyright holders all over the world believe that search engines play a crucial role in the piracy ecosystem. They argue that when seeking out content, people often use sites like Google, which can lead them to infringing material on pirate sites.
Entertainment companies can address the problem by sending takedown notices, but they insist that’s a very inefficient process. Pirate content is way too visible in search results, they argue, particularly when it appears in the first few pages of results.
With most countries continuing to grapple with the issue, it now appears that Russia intends to legislate against it. This week, Prime Minister Dmitry Medvedev submitted a draft bill to parliament that will force search engines to remove specified pirate sites from their results.
Developed by the Ministry of Communications, the bill will compel search companies such as Google and local giant Yandex to deindex sites that have failed to respond to takedown requests on several occasions, perhaps as little as twice.
One such example is huge torrent site RuTracker, which was blocked by local ISPs following an order from the Moscow City Court. RuTracker was effectively told to remove around 320,000 torrents to avoid a ban but chose not to do so after running a poll among its users. Under current legislation, RuTracker is now blocked for life, and if the new law is passed, all of its pages will disappear from search engines.
The draft bill also targets counter-measures employed by sites attempting to circumvent ISP blockades.
Often, when one domain is blocked, sites will buy new domains in an effort to keep going. Others will use proxy sites and even full-scale mirrors to stay one step ahead of the court. The bill refers to all of these options as “derivative sites” and will allow for them to be blocked without further court process.
The bill was approved during a government meeting on February 17 and will now pass through its various parliamentary stages before becoming law.

 


  • RipperJack likes this


#46 TeraCopy 3.0 released,

Posted by Scorpion on 26 February 2017 - 07:51 PM

 


1480006034_teracopy_rc.jpg

After a long wait, the popular utility for transferring files on any Windows version, TeraCopy 3.0 has arrived. The newly released TeraCopy 3.0 brings several key improvements to the table including better UI, faster copy speed and easier usage. While TeraCopy 3.0 is supported by Windows 10, the developers have dropped the support for XP.
For years, TeraCopy has been the go-to tool for Windows users for transferring big files. Native file copying or transferring takes hours if not weeks in case of big GB files. TeraCopy could effortlessly do the task in minutes. However, over the years it was noticed that TeraCopy was slow in transferring files on certain computers. TeraCopy 3.0 seeks to correct that while continuously giving a better performance. The developers say that TeraCopy 3.0 allows Windows users including Microsoft Windows 10 users to copy and move data at the maximum possible speed. It skips the bad files during copying and provides an error log after completion of transfer job.


teracopy-3.0.png


Key Windows File Transfer Utility, TeraCopy 3.0 Features:


  • Faster copy process, especially to and from network locations, and with small files.
  • Option to create checksum file list after copy process (MD5, SFV, SHA, SHA256, SHA512)
  • Support for an unlimited number of files.
  • Support for Volume Shadow Copy and elevated Windows service.
  • Option to test files after copy.
  • Option to delete and wipe files.
  • Option to add entire drive to file list.
  • Support for moving files.
  • Support for cloning files.
  • New replace dialog. Displays small thumbnails for image files for better decision making.
  • New replace mode
  • Options to shutdown or hibernate when the transfer completes.
  • Option to queue transfers for the same physical drive.
  • Support for waiting for network or device recovery.
  • Support for Windows 8 and 10 notifications.
  • Faster logical to physical disk mapping.
  • Numerous bug fixes

 


  • RipperJack likes this


#45 This sys admin trashed his employer’s network and left a note saying he quit

Posted by Scorpion on 26 February 2017 - 07:50 PM

 


it_crowd_650px.jpg

An employee taking revenge on his/her employer is getting quite common nowadays. Yesterday we had reported how a sys admin used VPN to hack into his employer’s web server after being fired. The sys admin proceeded to cause a loss of $1.1 million loss to the paper making factory before being caught. What Michael Thomas did is more or less similar to what the above sys admin did to the paper factory. Actually, Thomas did what many sys admins secretly dream of doing: he trashed his employer’s network and left a note saying he quit.


The Register reports that way back in December 2011 Thomas completely trashed his employer ClickMotive’s entire network. Not only that, Thomas proceeded to delete ClickMotive’s backups and notification systems for network problems leaving them high and dry. He also cut their VPN access and deleted internal wiki pages, and removed contact details for the organization’s outside tech support. Thomas’ revenge left ClckMotive stranded and without any means to troubleshoot the chaos that Thomas caused.


After doing all of above, Thomas left his keys, laptop, and access card with a letter stating that he quit. Sensing that ClickMotive would be helpless after the mayhem he had caused, Thomas tongue in cheek also offered to stay on as a consultant to sort out his own created chaos.


While what Thomas did may endear him with other like-minded sysadmins, he did break the law and authorities charged him with a felony count of “intentionally causing damage without authorization, to a protected computer.” The judge and the jury also agreed with the authorities and sentenced Thomas to time served plus three years of supervised release. He was also penalized a hefty fine of $130,000 to recoup ClickMotive’s losses.


Thomas has filed an appeal against the sentence in the Fifth Circuit Court of Appeals in New Orleans. In his appeal, Thomas says that while he did intentionally cause damage it wasn’t “without authorization.” In fact, he was expressly authorized to access all the systems he accessed, and he was expressly authorized to carry out the deletions he did – every sysadmin in the world deletes backups, edits notification systems and adjusts email systems. Thomas says that he did what he was paid to do and none of his actions were forbidden by ClickMotive under its own policies.


Here is Thomas’ version of what went down at ClickMotive:


Thomas was hired to ClickMotive by a friend of his – Andrew Cain. It so happens that before Thomas, Cain was the only IT employee of ClickMotive and also the company’s first employee. One fine day, ClickMotive fired Cain without assigning any reason. Cain suspected the reason for his firing was the founders were looking to sell the company and didn’t want to pass on the benefits eligible to Cain. On the other hand, ClickMotive offered a hefty bonus to Thomas to stay on and look after Cain’s work.


Cain informed Thomas that he would be suing the company for wrongful dismissal and proceeded to launch DDoS attacks against ClickMotive website. Thomas says that he did what a normal sysadmin would do after such attacks.


While Thomas’ alibi for deleting the backup looks solid on paper, the appeals court has to agree to it. The Register says that if the Appeals court goes on to agree with Thomas, it may have severe implications for sysadmins across the entire United States and in some degrees, around the world.

 


  • RipperJack likes this


#44 Hackers Can Hack Your Computer If It Has Blinking LED Lights

Posted by Scorpion on 26 February 2017 - 07:50 PM

 


rz8w8g68d269.jpg

Researchers at the Ben-Gurion University of the Negev, Israel have found a way to hack into isolated “air-gapped” computer’s hard disk drives (HDDs) by aiming drones at the blinking LEDs found on most of the desktops, laptops and servers. On February 22, 2016, the team released a YouTube video showing the ‘hack’ in action.






“Air-gapped” computers are isolated – separated both logically and physically from public networks – ostensibly so that they cannot be hacked over the Internet or within company networks.





The LED indicators of the isolated computers are taken control of, which are then forced to blink up to 6,000 times a second to send a signal containing data to a camera mounted on a drone near the targeted computer.


“Sensitive information can be encoded and leaked over the LED signals, which can then be received remotely by different kinds of cameras and light sensors,” the team, led by Dr Mordechai Guri, head of R&D at the Cyber Security Research Centre, said in its paper.





“We show how the malware can indirectly control the status of the LED, turning it on and off for a specified amount of time, by invoking hard drive’s ‘read’ and ‘write’ operations,” the paper continued.


“Our method is unique in two respects: it is covert and fast.”


The LED control method, which makes it possible to steal data from isolated computers while raising minimum suspicion, was devised by researchers of the Negev (BGU) Cyber Security Research Center at Ben-Gurion University.


“The LED is always blinking as it’s doing searching and indexing, so no one suspects, even in the night. It’s very covert, actually,” Guri said.





In a demonstration video, a drone with a camera is flown up multiple storeys outside of an office building until it locates the blinking HDD LED. Once it is in the line of sight of the LED, it records the blinks and steals the data.


According to the researchers, the data can be transferred at rate as fast as 4,000 bits per second with a specialized Siemens photodiode sensor on the drone. Later, the blinking can be recorded by a camera and deciphered.


The LED can be forced to blink at up to 6,000 blinks per second, which is a rate that isn’t able to be perceived by the human eye, but potentially readable for light sensors.


The paper explained what a theoretical attack would look like once infection had taken place. The team wrote: “The malware gathers sensitive information from the user’s computer, e.g., keystrokes, password, encryption keys, and documents.


“Eventually it starts transmitting the binary data through the blinking HDD LED using a selected encoding scheme. A hidden video camera films the activity in the room, including the LED signals. The attacker can then decode the signals and reconstruct the modulated data.”


It added: “We examined the physical characteristics of HDD LEDs […] and tested remote cameras, extreme cameras, security cameras, smartphone cameras, drone cameras, and optical sensors. Our results show that it is feasible to use this optical channel to efficiently leak [data].”


“It’s possible for the attacker to do such fast blinking that a human never sees it,” Guri noted.


The researchers found they could read the signal from 20 meters away from outside a building. That range could be even longer with an optical zoom lens.


“The fact that headphones, earphones and speakers are physically built like microphones and that an audio port’s role in the PC can be reprogrammed from output to input creates a vulnerability that can be abused by hackers,” says Prof. Yuval Elovici, director of the BGU Cyber Security Research Center (CSRC) and member of BGU’s Department of Information Systems Engineering.


Of course, the technique depends on the computer being infected prior to the transmission, which can be accomplished using a USB stick or SD card.


While this type of attack is novel and hard to detect, it has one obvious drawback: the computer’s LEDs can simply be covered with black tape. Also, you can restrict staff access to such air gapped computers or ban all forms of video cameras near the computer.

 


  • RipperJack likes this


#43 Cloudflare Bug Leaks Sensitive Data

Posted by Scorpion on 26 February 2017 - 07:49 PM

 


cloudflare_cloudbleed.png

The Cloudflare content delivery network for months has been leaking customer data, everything from private messages to encryption keys and credentials belonging to users of some of the Internet’s biggest properties.
The vulnerability has been addressed, Cloudflare CTO John Graham-Cumming said, but not before sensitive data was exposed belonging to users of a number of web-based services including Uber, Fitbit, OK Cupid and others.

Google Project Zero researcher Tavis Ormandy privately disclosed the issue last Friday to Cloudflare, which said that three “minor” features were to blame and had since been turned off. The first of the features, Graham-Cumming said, was turned on last Sept. 22, but he said that the time of greatest potential impact started Feb. 13 and lasted until Ormandy’s disclosure last Saturday.
Ormandy said in a bug report posted to the Project Zero feed that he saw some unexpected data surface during an unrelated project. The data was uninitialized memory among valid data that he determined was coming from a Cloudflare reverse proxy.
“It looked like that if an html page hosted behind Cloudflare had a specific combination of unbalanced tags, the proxy would intersperse pages of uninitialized memory into the output (kinda like Heartbleed, but Cloudflare-specific and worse for reasons I’ll explain later),” Ormandy said in his report. “My working theory was that this was related to their ‘ScrapeShield’ feature which parses and obfuscates html – but because reverse proxies are shared between customers, it would affect *all* Cloudflare customers.”
The issue has been informally called Cloudbleed given its similarities to Heartbleed, a major OpenSSL vulnerability in 2014 that also leaked sensitive information in memory.
Ormandy said it didn’t take long during an analysis of some live samples to see encryption keys, cookies, passwords, POST data and HTTPS requests for other Cloudflare-hosted sites among the data coming from other users.
Ormandy shared what he had found with Cloudflare and yesterday disclosed in a tweet that the service was leaking customer HTTPS sessions including those from Uber, Fitbit, 1Password, OKCupid and others.



1Password quickly refuted that the Cloudflare bug affected its data, and said it designed 1Password to protect against incidents like this when TLS fails.
An Uber representative said the impact against its users was minimal.
“Very little Uber traffic actually goes through Cloudflare,” Uber told Threatpost. “Only a handful of tokens were involved and have since been changed. Passwords were not exposed.”
OKCupid also said it’s investigating.
“Cloudflare alerted us last night of their bug and we’ve been looking into its impact on OkCupid members. Our initial investigation has revealed minimal, if any, exposure,” an OKCupid representative told Threatpost. “If we determine that any of our users has been impacted we will promptly notify them and take action to protect them.”
Fitbit told Threatpost that affected users should consider changing their passwords.
“We are currently investigating the issue reported with Cloudflare’s service to understand how it impacts our users. We encourage anyone who believes they have an issue to notify our team at security@fitbit.com,” Fitbit told Threatpost. “Concerned users can change their account password, followed by logging out and in to the mobile application with the new password. We recommend that users avoid reusing passwords associated with their email address or any other accounts, as this practice leaves them more vulnerable to malicious behavior.”
None of the other implicated services have made public statements. Meanwhile, there is a tracker available on Github listing some 4.3 million sites potentially affected by Cloudbleed.


cloudbleed-uber.png


cloudbleed-okcupid.png
Cloudflare’s Graham-Cumming said that in some circumstances, the company’s edge servers ran past the end of a buffer and returned memory containing private information. He clarified that no customer SSL keys were leaked because SSL connections are terminated at an isolated NGINX instance.
Graham-Cumming blamed an HTML parser present in three features for the leakage. He said that between Feb. 13 and 18, 1 in 3.3 million HTTP requests resulted in memory leakage, 0.00003 percent of all requests.
Cloudflare said it replaced its Ragel HTML parser a year ago with a homemade parser called cf-html. The underlying bug, it said, was in the Ragel parser as well but was never triggered because of the way the NGINX buffers were used. The new parser, however, changed the buffering and caused the leakage. The three features using the parser: Automatic HTTP Rewrites (enabled Sept. 22), Server-Side Excludes (enabled Jan. 30), and Email Obfuscation (enabled Feb. 13) were globally disabled or patched upon learning of the bug.
“Once we knew that the bug was being caused by the activation of cf-html (but before we knew why) we disabled the three features that caused it to be used. Every feature Cloudflare ships has a corresponding feature flag, which we call a ‘global kill’. We activated the Email Obfuscation global kill 47 minutes after receiving details of the problem and the Automatic HTTPS Rewrites global kill 3h05m later,” Graham-Cumming said. “The Email Obfuscation feature had been changed on February 13 and was the primary cause of the leaked memory, thus disabling it quickly stopped almost all memory leaks.
“Within a few seconds, those features were disabled worldwide,” he said. “We confirmed we were not seeing memory leakage via test URIs and had Google double check that they saw the same thing.”
A lingering issue is that search engines have cached the leaked memory, and Cloudflare is working with Google and other providers to scrub those leaks from caches.
“We’ve been trying to help clean up cached pages inadvertently crawled at Google. This is just a Band-Aid, but we’re doing what we can. Cloudflare customers are going to need to decide if they need to rotate secrets and notify their users based on the facts we know,” Ormandy said on Sunday. “I don’t know if this issue was noticed and exploited, but I’m sure other crawlers have collected data and that users have saved or cached content and don’t realize what they have, etc. We’ve discovered (and purged) cached pages that contain private messages from well-known services, PII from major sites that use Cloudflare, and even plaintext API requests from a popular password manager that were sent over https (!!).”

 


  • RipperJack likes this


#40867 Sask. Premier Scott Moe welcomes 'difficult discussions' on racism fo...

Posted by RipperJack on 12 February 2018 - 07:30 PM

Saskatchewan Premier Scott Moe says the province has "difficult discussions" ahead on racism, rural crime, and the justice system following the acquittal of a farmer charged with murdering a Cree man. 

The premier was speaking at a news conference Monday after a jury on Friday found Gerald Stanley, 56, not guilty of  second-degree in the death of Colten Boushie, 22.

Boushie was shot and killed after he and four others from the Red Pheasant Cree Nation drove onto Stanley's rural property in Biggar, Sask., in August 2016.

Boushie was shot in the head after an altercation between Stanley, his son and his wife. During the trial, Stanley testified he never meant to kill anyone and the handgun he was holding accidentally went off.

boushie-family-lawyer-chris-murphy.jpg

Boushie family lawyer Chris Murphy spoke at a rally in Saskatoon on the weekend. 'There is a darkness in this country and Colten’s death can help shine a light on that darkness,' he said. (Guy Quenneville/CBC)

On Friday, a jury in North Battleford found Stanley not guilty. Boushie's family has raised concerns that there were no visibly Indigeneous people on the jury (CBC has no way of independently determining whether any of the jurors have Indigenous backgrounds).

The jury's verdict touched off a series of rallies across Canada about what many see as systematic racism within the justice system and called for change.

'We will find a way forward' 

Moe would not address the verdict in Stanley case, but said he's met members of Boushie's family and hears the concerns that they have with the justice system.   

"I listened," he said. "The minister of justice and I sat with them for a few hours and we listened to them about their experience over the last year and a half. It was a good meeting and I was fortunate to be invited to it." 

A dialogue about racism and crime in Saskatchewan is something that needs to happen, even if it's not easy, he said. 

"These are difficult discussions for us to have, whether it's on racism, or crime. This is a challenge," Moe said. "I can commit to the people of Saskatchewan that we will have those discussions."

"It won't be easy, it won't be done quickly, but we will find a way forward," he said. "We will find a way forward."

sask-farm-shooting-20180208.jpg

A sign and photo of Colten Boushie sits in front of the Court of Queen's Bench in North Battleford on the first day of jury deliberation in the trial of Gerald Stanley, the farmer accused of killing the 22-year-old Indigenous man. (Liam Richards/Canadian Press)

Moe also discussed racist comments against Indigenous people that appeared on social media following the verdict.

"I've been made aware of a number of comments that are racist. There's no place for that in the province of Saskatchewan," he said. "This isn't an easy thing to talk about for anybody, but it's something we have to talk about."

The premier is expected to meet with the leadership of the FSIN and Tribal Council Chiefs from across Saskatchewan today.


View the full article
  • hottwhls likes this


#40847 Virginia museum to auction off letter by Alexander Hamilton

Posted by RipperJack on 04 February 2018 - 08:37 PM

PORTSMOUTH, Va. –  A letter written by Alexander Hamilton will go to the highest bidder at an auction to raise money for restoration work at a Virginia museum.

The Virginian-Pilot reports the letter, written by a Founding Father of the United States and the first secretary of the Treasury, was written Sept. 14, 1794.

In the letter, Hamilton makes a military request for wagons during the Whiskey Rebellion. That was a violent uprising in the 1790s in western Pennsylvania that arose in response to a federal tax on whiskey production.

The newspaper says the money raised by auctioning the letter will benefit the Hill House Museum, a historic home in Portsmouth furnished with family belongings collected through generations.

The auction will take place March 22 at Quinn's Auction Galleries in Falls Church.

___

Information from: The Virginian-Pilot, http://pilotonline.com


View the full article
  • hottwhls likes this


#40846 Baltimore parking ticket amnesty program nets $2M in 2 days

Posted by RipperJack on 04 February 2018 - 08:47 PM

BALTIMORE –  A parking ticket amnesty program in Baltimore has netted more than $2.1 million for city coffers over a two-day period.

The Baltimore Sun reports that the totals collected as of Friday evening only reflected electronic payments.

The newspaper says there were also lines at city offices as residents came to pay outstanding tickets in person but those amounts have not yet been calculated.

Baltimore Mayor Catherine Pugh announced the initiative last month. It's the first parking ticket amnesty program the mid-Atlantic city has organized in roughly 15 years.

___

Information from: The Baltimore Sun, http://www.baltimoresun.com


View the full article
  • hottwhls likes this