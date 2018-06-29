Language Selection

Security: LTE, Ticketmaster, Equifax and the "51% Attack"

Submitted by Roy Schestowitz on Sunday 1st of July 2018 11:30:10 PM Filed under
Security
  • LTE wireless connections used by billions aren’t as secure as we thought

    The attacks work because of weaknesses built into the LTE standard itself. The most crucial weakness is a form of encryption that doesn’t protect the integrity of the data. The lack of data authentication makes it possible for an attacker to surreptitiously manipulate the IP addresses within an encrypted packet. Dubbed aLTEr, the researchers’ attack causes mobile devices to use a malicious domain name system server that, in turn, redirects the user to a malicious server masquerading as Hotmail. The other two weaknesses involve the way LTE maps users across a cellular network and leaks sensitive information about the data passing between base stations and end users.

  • LTE (4G) Flaw Allows Attackers To Redirect Browsers And Spy On You

    The Long Term Evolution (LTE) standard for mobile communication, also known as 4G was designed to overcome security flaws of its predecessor standards and is used by millions of people across the globe.

    However, researchers have now uncovered weaknesses in LTE that allows attackers to hijack browsing session which redirects users to malicious websites and spy on their online activity to find out which sites they visit through their LTE device.

  • UK researcher says one line of code caused Ticketmaster breach

    Well-known British security researcher Kevin Beaumont says the breach of the British operations of American multinational ticket sales and distribution company Ticketmaster, that has led to the possible leak of tens of thousands of credit card details, was caused by the incorrect placement of a single line of code.

    As iTWire reported, Ticketmaster UK blamed third-party supplier Inbenta Technologies for the incident. Inbenta, in turn, said that the breach had been caused by Ticketmaster directly applying a customised piece of JavaScript without notifying its (Inbenta's) team.

  • Plant Your Flag, Mark Your Territory

    Some examples of how being a modern-day Luddite can backfire are well-documented, such as when scammers create online accounts in someone’s name at the Internal Revenue Service, the U.S. Postal Service or the Social Security Administration.

    Other examples may be far less obvious. Consider the case of a consumer who receives their home telephone service as part of a bundle through their broadband Internet service provider (ISP). Failing to set up a corresponding online account to manage one’s telecommunications services can provide a powerful gateway for fraudsters.

  • Former Equifax Manager Allegedly Took Advantage of Data Breach Crisis with Insider Trading Scheme

    Federal prosecutors and the Securities and Exchange Commission (SEC) announced charges Thursday against a former software development manager who allegedly took advantage of the chaos in order to run an insider trading scheme. The defendant is Sudhakar Reddy Bonthu, 44.

  • Former Equifax manager is charged with insider trading for selling shares before data breach was disclosed

    Sudhakar Reddy Bonthu allegedly made more than US$75,000 after betting that his company’s shares would fall when the breach was revealed

  • Cryptocurrencies Have Limits

    The Economic Limits Of Bitcoin And The Blockchain by Eric Budish is an important analysis of the economics of two kinds of "51% attack" on Bitcoin and other cryptocurrencies, such as those becoming endemic on Bitcoin Gold and other alt-coins:

Games Leftovers

KDE Development: Konsole, Falkon and More

  • KDE Finally Offers An Easy Global Shortcut To Launch The Konsole
    KDE finally has an on-by-default easy way global shortcut for launching the Konsole terminal application. Beginning with KDE Applications 18.08 due out next month, Ctrl + Alt + T will launch the Konsole. There had been an off-by-default option for this functionality in KHotKeys while now Konsole itself will expose this global launching shortcut.
  • [Falkon] Seventh week of coding phase, GSoC'18
    The Events API exposes the Key, Mouse and Wheel events. The properties like mousePress, mouseDoubleClick, keyPress, etc are added to QmlPluginInterface class which on set to a JavaScript function will register the plugin for that event & will call the function with proper arguments (containing event & object on which the event is triggered) when the event is triggered.
  • This week in Usability & Productivity, part 25
  • Second Weekly Post
    To make the code easier to manage, I created a class called KoColorSetEntryGroup to handle an actual matrix of colors. This was done in KoColorSet, but that is kind of illogical. As a KoColorSet has several matrices of colors; it should be a containter of matrices of colors instead of colors themselves. KoColorSetEntryGroup is too long a name to use, so I renamed it to be KisSwatchGroup. KoColorSetEntry should be renamed to KisSwatch, too, of course, but KoColorSetEntry is used in too many places in the code base. I don’t want to do the renaming now. Lots of the usages of KoColorSetEntry are going to be changed while I’m modifying the data management of a KoColorSet, and that means if I do the renaming now, lots of the renaming will eventually be lost. Therefore, currently KisSwatch is just a placeholder. It’s now an empty subclass of KoColorSetEntry, waiting for everything to be moved from its parent into it.

OpenShot 2.4.2 Released | More Effects, More Stable, More Fun!

  • OpenShot 2.4.2 Released | More Effects, More Stable, More Fun!
    Happy summer! Version 2.4.2, the latest and greatest OpenShot Video Editor is now available (after a long wait), and we have lots of great improvements to share! We have exciting new effects, tons of bug fixes, and more stability and performance enhancements! Let's dive right in!
  • OpenShot 2.4.2 Released For Many Improvements To This Open-Source Linux Video Editor
    After a relatively long period of silence, OpenShot 2.4.2 was released today as the latest version of this open-source, non-linear video editing software. The OpenShot 2.4.2 release features new video effects, automatic audio mixing, improved audio playback, better stability, new codec support, a better build system, AAC is now the default audio codec, experimental codec improvements via FFmpeg/Libav, and other enhancements.
  • Free Video Editor OpenShot 2.4.2 Released With 7 New Effects, Improved Stability
    OpenShot, the free and open source video editor for Linux, FreeBSD, Windows, and MacOS, was updated to version 2.4.2, which includes new effects as well as better stability and increased performance. OpenShot is an easy to use yet quite powerful video editor, great to cut, slice and edit videos. The application makes use of the FFmpeg library, being able to read and write most video and image formats.

