This all depends on if they get the patchwaork dns server order extended. If they do then your infected pc will work fine. I hope they do not then these mahcines will cease to work and the infection will become obvious.
If your PC starts acting weird or totally goes offline on or after March 8th(for folks who keep their computers off) Please contact ECC for assistance.
Half of Fortune 500s, US Govt. Still Infected with DNSChanger Trojan — Krebs on Security.
There is another bill called ACTA which has been worked on behind closed doors and is set to assault everyone even more than SOPA. I have said SOPA was a misdirection and it was. Whether ACTA is the real beast or another deception remains to be seen. This bill needs to be fought harder on a global level than SOPA was. Considering how critical the internet is to the world in terms of business ACTA is even more dangerous than SOPA.
With the online community seemingly victorious in defeating the SOPA/PIPA bills in the US, you might think a collective sigh of relief would be in order.Attention on the SOPA fight is now quickly turning to another highly controversial attempt to protect intellectual property, which could allow for significantly greater powers to monitor web users. And the EU could be set to sign up despite strong opposition.The secretive Anti-Counterfeiting Trade Agreement ACTA might not be new, but it is shaping up to be the next target for protests by a galvanised online community. In fact, the ACTA treaty has been drawing condemnation from all manner of groups intent on protecting their rights, since it was leaked that the US, EU and various nations would negotiate treaty content.Australia, Canada, Japan, Republic of Korea, Morocco, New Zealand, Singapore, and the US have all signed up to ACTA, while the EU and others have indicated a commitment to do so at a later stage.There has been an air of secrecy about whats actually going into the bill. At first, it was thought that negotiations were mostly about physical goods. However, a series of leaks highlighted intentions to cover “internet distribution and information technology”, according to the Electronic Frontier Foundation.Under rules being put forward by the treaty, ISPs would be actively encouraged to monitor web users to make sure that IP infringement was not taking place. For the average web user it would be a catastrophic blow to freedom online.What is particularly is that it undermines the democratic debate of existing IP monitoring bodies such as the World Intellectual Property Organisation and the World Trade Organisation.Aside from a lack of transparency, controversy has also surrounded the relatively small group of countries involved in the ongoing talks, with many developing nations left out of discussions. This means that wealthy countries looking to push a hard line on IP laws will be able to decide which rules they want in place with little opportunity for change at a later date. Even in the nations in talks there is little inclusion by “civil society”, as the EFF puts it.
via Secret ACTA bill shakes the web – Online communities ready themselves for another fight | TechEye.
Federal prosecutors have shut down one of the world’s largest file-sharing sites, Megaupload.com, on charges of violating piracy laws — a day after a 24-hour blackout of popular websites such as Wikipedia drew national attention to the issue.
“This action is among the largest criminal copyright cases ever brought by the United States,” the Justice department said in a statement about the indictment.
The indictment accuses seven individuals and two corporations — Megaupload Limited and Vestor Limited — of costing copyright holders more than $500 million in lost revenue from pirated films and other content. It was unsealed on Thursday, and claims that at one point Megaupload was the 13th most popular website in the world.
Megaupload was unique not only because of its massive size and the volume of downloaded content, but also because it had high-profile support from celebrities, musicians and other content producers who are most often the victims of copyright infringement and piracy. Before the website was taken down, it contained endorsements from Kim Kardashian, Alicia Keys and Kanye West, among others.
via Feds Say 7 Behind Celeb-endorsed Megaupload.com Ran Massive, Worldwide Piracy Ring | Fox News.
This is exactly the truth. Read the entirety of the linked article please.
There’s been plenty of talk (and a ton of posts here on Techdirt) discussing both SOPA (originally E-PARASITE) and PROTECT IP (aka PIPA), but it seemed like it would be useful to create a single, “definitive” post to highlight why both of these bills are extremely problematic and won’t do much (if anything) to deal with the issues they’re supposed to deal with, but will have massive unintended consequences. I also think it’s important to highlight how PIPA is almost as bad as SOPA. Tragically, because SOPA was so bad, some in the entertainment industry have seen it as an opportunity to present PIPA as a “compromise.” It is not. Both bills have tremendous problems, and they start with the fact that neither bill will help deal with the actual issues being raised.
That main issue, we’re told over and over again, is “piracy” and specifically “rogue” websites. And, let’s be clear: infringement is a problem. But the question is what kind of problem is it? Much of the evidence suggests that it’s not an enforcement problem and it’s not a legal problem. Decades of evidence from around the globe all show the same thing: making copyright law or enforcement stricter does not work. It does not decrease infringement at all — and, quite frequently, leads to more infringement. That’s because the reason that there’s infringement in the first place is that consumers are being under-served. Historically, infringement has never been about “free,” but about indicating where the business models have not kept up with the technology.
Thus, the real issue is that this is a business model problem. As we’ve seen over and over and over again, those who embrace what the internet enables, have found themselves to be much better off than they were before. They’re able to build up larger fanbases, and to rely on various new platforms and services to make more money.
via The Definitive Post On Why SOPA And Protect IP Are Bad, Bad Ideas | Techdirt.
Once again Microsoft engages in anti-competitive and blatantly monopolistic behavior. Note this happens right after they are freed of the DOJ anti-trust oversight. If you are going to buy any kind of mobile device make sure it does NOT run windows or you won’t every be able to run anything but windows in it.
With Windows 8 coming out later this year, there has already been controversy about whether computers that ship with Windows 8 will have the ability to run Linux, either as a replacement for Windows or in a dual-boot setup. As weve reported, a process called UEFI secure booting prevents the booting of operating systems not signed by a trusted Certificate Authority—and hardware makers must enable the secure boot technology to qualify for a Designed for Windows 8 logo.This would make it difficult, but not impossible, for Linux operating systems to be installed on Windows 8 computers. Hardware manufacturers can still give users the option of disabling secure boot and running any operating system they wish. However, it now appears that flexibility will only be available to Windows 8 systems running on Intel chips, and not ARM ones.A Computerworld blog post points to a recent Microsoft document laying out the Windows 8 hardware certification requirements for client and server systems. This document mandates flexibility on Intel systems: “On non-ARM systems, it is required to implement the ability to disable Secure Boot via firmware setup,” Microsoft writes on page 116 of the document. But the opposite is true for ARM systems running Windows 8. “On an ARM system, it is forbidden to enable Custom Mode. … Disabling Secure MUST NOT be possible on ARM systems,” Microsoft states.This may still leave open the possibility that makers of Linux distributions can provide a signed version of the operating system, so that it can be installed alongside Windows 8 on ARM systems. But the prohibition on disabling secure boot does place another obstacle in the way. Weve reached out to Microsoft to see if the company has any further comment.
via Microsoft mandating Secure Boot on ARM, making Linux installs difficult.
Time for me to start recommending routers with dd-wrt and NO WPS capabilities. If turning it off doesn’t turn it off then security is non-existent for wireless network. Ick.
The attack took about six hours to properly guess the PIN and return the SSID and password for the target network. During that time, the router locked up once under load, as I was putting normal levels of network traffic through it from other devices. Some routers will also lock out WPS requests for five minutes or so when they detect multiple failed PIN submissions—mine stopped responding occasionally, generating a string of warnings, but Reaver picked back up where it left off once the Linksys started responding again.
Having demonstrated the insecurity of WPS, I went into the Linksys’ administrative interface and turned WPS off. Then, I relaunched Reaver, figuring that surely setting the router to manual configuration would block the attacks at the door. But apparently Reaver didn’t get the memo, and the Linksys’ WPS interface still responded to its queries—once again coughing up the password and SSID.
The tool also managed to repeatedly cause the router to stop responding to other computers on the network, essentially creating a denial of service attack—a great thing to remember for the next time my neighbors have a loud, all-night Call of Duty session.
In a phone conversation, Craig Heffner says that the inability to shut this vulnerability down is widespread. He and others have found it to occur with every Linksys and Cisco Valet wireless access point they’ve tested. “On all of the Linksys routers, you cannot manually disable WPS,” he said. While the Web interface has a radio button that allegedly turns off WPS configuration, “it’s still on and still vulnerable.”
It should read…you WILL see a HIGHER chance of billings errors if you go on autopay. Every time we have tried it there’s ALWAYS been a major error and getting it fixed is worse than pulling teeth.
Verizon says users wont have to pay the fee if they enroll in autopay or pay via electronic check. Users on autopay have a higher chance of not seeing bill errors. Thats a real problem given that antiquated and incompatible billing systems have given Verizon a bit of a consumer reputation for math mistakes and billing gaffes with both their landline and wireless products. Verizons not alone in imposing fees just to pay your bill. A significant number of ISPs, including Comcast, now charge users a fee if they want to pay their bill in person or over the phone while speaking either to a real person or automated system
I figured it was a matter of time before this was exposed. The pins are usually 8 digits which it has been known for quite some time that you need at least 12 sufficiently random characters for any kind of protection against brute force attacks. Of course the lack of a lockout system makes it even more trivial.
WiFi Protected Setup Flaw Can Lead to Compromise of Router PINs | threatpost.
Subway itself wasn’t nailed but it franchisees were. Most franchise holders are SMB’s and many of them don’t think they are vulnerable due to their size. However criminals are banking on that thinking now to hijack everything from computers to POS systems(many of which are simply windows computers with POS overlays running on them). this means proper security for all of these systems are important. If you are a small business please contact ECC for a security audit if you have never had one done.
For thousands of customers of Subway restaurants around the US over the past few years, paying for their $5 footlong sub was a ticket to having their credit card data stolen. In a scheme dating back at least to 2008, a band of Romanian hackers is alleged to have stolen payment card data from the point-of-sale (POS) systems of hundreds of small businesses, including more than 150 Subway restaurant franchises and at least 50 other small retailers. And those retailers made it possible by practically leaving their cash drawers open to the Internet, letting the hackers ring up over $3 million in fraudulent charges.
In an indictment unsealed in the US District Court of New Hampshire on December 8, the hackers are alleged to have gathered the credit and debit card data from over 80,000 victims.
“This is the crime of the future,” said Dave Marcus, director of security research and communications at McAfee Labs in an interview with Ars. Instead of coming in with guns and robbing the till, he said, criminals can target small businesses, “root them from across the planet, and steal digitally.”
The tools used in the crime are widely available on the Internet for anyone willing to take the risks, and small businesses’ generally poor security practices and reliance on common, inexpensive software packages to run their operations makes them easy pickings for large-scale scams like this one, Marcus said.
While the scale of this particular ring may be significant, the methods used by the attackers were hardly sophisticated. According to the indictment, the systems attacked were discovered through a targeted port scan of blocks of IP addresses to detect systems with a specific type of remote desktop access software running on them. The software provided a ready-made back door for the hackers to gain entry to the POS systems—which is why remote access software is banned from systems that handle payment cards by the PCI Security Standards Council, which governs credit card and debit card payment systems security.
“With PCI compliance, those apps shouldn’t be on those systems,” said Konrad Fellmann, audit and compliance manager for SecureState, an IT security firm with a practice in retail security auditing, in an interview with Ars. But because small retailers who don’t store credit card data, they’re not required to have the same level of auditing as larger companies, Fellmann said.
via How hackers gave Subway a $30 million lesson in point-of-sale security.
Not too long after the market punished the Hard Disk industry for dropping warranties before the industry is now moving to cratering hard disk warranties again. I bet they are going to be introducing a new technology for manufacturing hard disks and they are dropping the warranties until the industry works the bugs out. Be forewarned and check the length of the warranty of any hard disk you buy. If it isn’t at least 3 years i would not buy it.
Some desktop and notebook barebones drives will have their warranties slashed from 5 years to 1 year.
Last week, Western Digital revealed that it was cutting the warranty on its Caviar Blue/Green and Scorpio Blue drives from three years to two years. Now, it looks like Seagate just couldn’t stand by and let Western Digital have all fun when it comes to cutting hard drive warranties.
The Register is reporting that Seagate is upping the ante by slashing some warranties from five years down to one year. Here are some of the “highlights” of the warranty cuts:
Constellation 2 and ES.2 drives: 5 years reduced to 3 years
Barracuda and Barracuda Green drives: 5 years reduced to 1 year
Barracuda XT: 5 years reduced to 3 years
Momentus 2.5-inch (5400 and 7200rpm): 5 years reduced to 1 year
Momentus XT: 5 years reduced to 3 years
