Articles about Paper Pdf

Facebook laser receptor

Raving mad: Glow sticks are secret weapon in Facebook's 2.1Gbps laser internet drones

At Facebook's F8 Developer Conference this year, Mark Zuckerberg revealed more details about his laser-firing drones that will encircle the world and relay Facebook, sorry, the internet to far-flung places, reaching potentially all seven billion of us. The first solar-powered Aquila autonomous drones to do that job have now …
Iain Thomson, 20 Jul 2016
Pic: Shutterstock

Meet Riffle, the next-gen anonymity network that hopes to trounce Tor

Next week, top eggheads will unveil a new anonymizing internet tool that they claim is snoop-proof and faster and more reliable against attack than Tor. Dubbed Riffle, the system was developed by MIT and the École Polytechnique Fédérale de Lausanne in Switzerland. It uses the same onion-encryption system as Tor, which wraps …
Iain Thomson, 13 Jul 2016
Boy with a backpack hides his eyes and cries. Pic by Shutterstock

A bad day for DBAs: MIT boffins are replacing you with a mere spreadsheet

MIT boffins reckon they've cracked one of the tough nuts of usability, creating an easy-to-use SQL interface for non-database administrators. The tool, SIEUFERD, has been in gestation since at least 2013 (Oracle mentions it here), but considering the problem it addresses has been around since the 1970s, let's not be harsh …
Container ship, photo via Dmitry Chulov Shutterstock

Rolls-Royce reckons robot cargo ships are the future of the seas

Comment Rolls-Royce and the Advanced Autonomous Waterborne Applications Initiative (AAWA) believe the future of cargo transportation is autonomous – and they have published an 88 page white paper (PDF) to prove it. The company outlined its vision of remote controlled cargo ships at the Autonomous Ship Technology Symposium in Amsterdam …
Matthew Griffin, 08 Jul 2016

FBI's iPhone paid-for hack should be barred, say ex-govt officials

The FBI's purchase of a hack to get into the San Bernardino shooter's iPhone should not have been allowed. That's according to a new paper from two former US government cybersecurity officials, Ari Schwartz and Rob Knake. In their paper [PDF] they dig into the current vulnerability equities process (VEP), disclosed in 2014, …
Kieren McCarthy, 17 Jun 2016
Police search

Your comms metadata is super-revealing but the law doesn't protect it

America's legal world needs to rethink what it considers people's private information so it can get a grip on today's spying techniques. Stemming from 1970s telephone laws, communications metadata – which details who you talk to, when and where etc – is considered by the courts to be separate from the actual contents of your …
Shaun Nichols, 08 Jun 2016

Flashy startup Apeiron wipes Splunk floor with XtremIO... says Apeiron

All-flash array startup Apeiron claims it blows EMC’s XtremIO away when it comes to Splunk speed testing. Splunk's software searches and analyses Big Data. Apeiron has an ADS1000 NVMe over fabrics-connected flash array built from NVMe flash drives. It does not use Fibre Channel or iSCSI switches to connect to accessing servers …
Chris Mellor, 07 Jun 2016
Selection of Australian banknotes

Oz infosec boffins call for mature threat debate

The University of NSW / Australian Defence Force Academy-run Australian Centre for Cybersecurity reckons the government needs to tip AU$1 billion annually into cyber-security. The centre reckons the AU$230 million the government intends to spend isn't enough. The reasoning is that our allies, such as the US and the UK, are …

FCC swivels to online privacy, gets bitten in the ass by net neutrality

Analysis When America's comms watchdog the FCC passed its net neutrality rules despite an onslaught of criticism from telcos, the world rejoiced. But, as many of us noted at the time, the Open Internet Order was achieved through an imperfect approach: equating internet providers with phone companies by deciding they are Title II …
Kieren McCarthy, 27 May 2016
Speedometer by Nathan E Photography, Flickr under CC2.0

Nokia offers up 10 Gbps HFC demo

Nokia Networks has applied the paddles to the chest of cable broadband, pumped in the volts, and sent it sprinting at 10 Gbps. While the company says the proof-of-concept work demonstrates the viability of CableLabs' DOCSIS 3.1 roadmap, it's not yet working directly with the group. The company showed off a demo of its XG- …
Image by EcoPrint http://www.shutterstock.com/gallery-60660p1.html

Archaeologists find oldest ever ground-edge stone axe

The world's oldest known ground-edge axe has been discovered in Australia's remote north Kimberley region, pushing back the date of the invention to some 49,000 years. It is estimated to be 10,000 years older than the previous oldest axe of its type, also found in Australia in 2010. The oldest so-called hafted axes - those …
Darren Pauli, 11 May 2016
Silhouette of spy discerning password from code uses a command on graphic user interface

SS7 spookery on the cheap allows hackers to impersonate mobile chat subscribers

Flaws in the mobile signalling protocols can be abused to read messaging apps such as WhatsApp and Telegram. Security researchers at Positive Technologies found they can intercept messages and respond as if they were the intended recipient in services such as WhatsApp or Telegram. This is not a man in the middle attack: …
John Leyden, 10 May 2016
image byemo http://www.shutterstock.com/gallery-2659924p1.html

Daisy-chained research spells malware worm hell for power plants and other utilities

BlackHat Asia A world-first proof-of-concept worm - if unleashed - could spell disaster for the world’s critical infrastructure, including power utilities by making attacks exponentially more difficult to detect and stop. It is a stand-alone attack but The Register has confirmed a realistic stealthy end-to-end attack scenario can be …
Darren Pauli, 05 May 2016
dunce_cap_648

TLS proxies: insecure by design say boffins

Have you ever suspected filters that decrypt traffic of being insecure? Canadian boffins agree with you, saying TLS proxies – commonly deployed in both business and home networks for traffic inspection – open up cans of worms. In their tests, “not a single TLS proxy implementation is secure with respect to all of our tests, …
space view of australia in arty green

Australia copies UK's Google tax on 'contrived' dodges

Australia has copied the United Kingdom's Government Digital Service and has now decided the UK's Google-busting Diverted Profits tax is also worth replicating. Australia's national budget was delivered on Tuesday and treasurer* Scott Morrison's speech introducing the year's planned government expenditure promised “a new …
Simon Sharwood, 05 May 2016

Big Cable threatens to sue FCC: You can't stop us ripping off customers

The US National Cable & Telecommunications Association (NCTA) has threatened to sue the Federal Communications Commission (FCC) if it pushes ahead with plans to open up cable boxes. Speaking at a press conference Thursday, the NCTA's president – and former FCC chair – Michael Powell said that the plan to force cable companies …
Kieren McCarthy, 21 Apr 2016
retro cartoon featuring two men fighting against cloud backdrop

Intel bins ESXi in in-house private cloud revamp

Intel's decided it can do without VMware's ESXi hypervisor as part of a big upgrade of its private cloud. Chipzilla's a Platinum Member of the OpenStack Foundation and therefore has a seat on the project's board. The company's also been building an OpenStack private cloud since around 2011, but built a customised …
Simon Sharwood, 14 Apr 2016
Canada's CHIME Telescope

Canada's CHIME telescope taps AMD for GPU-based super

Canada's under-construction CHIME telescope has taken a big step towards completion, announcing a contract that will put in place the high performance computing it needs. And AMD is over the moon about it: in line with the Canadian telescope's hope to use consumer-derived technology wherever possible, the project has anointed …
Godzila

Apeiron reckons it's the Godzilla of upstart flash arrays

Storage upstart Apeiron's array is a Godzilla of all-flash arrays, delivering up to 3PB of capacity, 120-plus million IOPS and less than three microseconds' latency from a rackful of its ADS1000 array built from separate, scale-out, compute and storage nodes. Apeiron Data Systems has boldly stepped out from behind the stealth …
Chris Mellor, 29 Mar 2016

'Millions' of Android mobes vulnerable to new Stagefright exploit

A group of Israeli researchers reckon they've cracked the challenge of crafting a reliable exploit for the Stagefright vulnerability that emerged in Android last year. In a paper [PDF] that's a cookbook on how to build the exploit for yourself, they suggest millions of unpatched Android devices are vulnerable to their design, …
Dragster by Brett Levin, Flickr, CC 2.0 License

Web servers should give browsers a leg-up, say MIT boffins

Latency plus complexity, rather than bandwidth, are what strangles Web performance, and a bunch of MIT boffins reckon browsers haven't kept up. To get around that, they've proposed a scheme called Polaris – not the same thing as the Mozilla browser privacy project – to focus on the order in which page objects are loaded. The …
Fingerprint spoof kit

Boffins bust biometrics with inkjet printer

Boffins from Michigan State University have loaded up an inkjet printer with cartridges designed for printing electronic circuits, and used the output to fool smartphone fingerprint sensors. All that's needed is a scan of the victim's fingerprint (reversed so it presents the right way when printed), and a suitable inkjet …
EXtreme_Pro

Commodity flash just as good as enterprise drives, Google finds

If you're loading up a heap of flash drives for your data centre, don't bother with “enterprise-class” SLC (single level cell) technology, because cheaper MLC (multi-level cell) drives will do the job just as well. However, the data centre biz needs new techniques to predict drive failures, because the unrecoverable bit error …
Hard disk repair by William Warby https://www.flickr.com/photos/wwarby/ cc 2.0 attribution generic https://creativecommons.org/licenses/by/2.0/

Google wants new class of taller 'cloud disk' with more platters and I/O

Google has shared a White Paper (PDF) in which it calls for major revisions to disk drive design. Titled “Disks for Data Centers”, the paper is unashamedly Google-centric inasmuch as it calls for disk-makers to rethink their products to suit the ad giant's needs. As the paper explains, those needs are very substantial: just …
Simon Sharwood, 26 Feb 2016
Tor

Tor users are actively discriminated against by website operators

Computer scientists have documented how a large and growing number of websites discriminate against people who browse them using Tor. Tor is an anonymity service that is maintained with assistance from the US State Department and designed in part to allows victims of censorship in countries like China and Iran to surf the web …
John Leyden, 25 Feb 2016
hacker

Defence white paper lands: Cyber-threat is huge, spend is small

The Australian government has revealed its Defence White Paper and it seems most of the AU$25 billion discussed in the context of all-the-cybers is going to be spent on drones. The electronic warfare and electronic security spend is much more modest, both in systems and in personnel. In total, the white paper devotes nine per …

Thanks for the extra memories, folks: Say hi to GridGain

GridGain Systems software provides an in-memory facility for running transactions, streaming and analytics applications using clustered x86 server nodes in a grid defined by a distributed, massively parallel architecture. It says its software enables such applications to run thousands of times faster than on disk-based systems …
Chris Mellor, 15 Feb 2016
shutterstock_197375177-doctor

UK NHS-backed health apps 'riddled with security flaws'

As if striking junior doctors weren’t enough, the UK's NHS also has technology worries, according to a study by app security firm Arxan. All of the NHS-approved apps Arxan audited lacked binary protection against code tampering, and most also lacked adequate protection in the transport layer. Flaws also emerged in FDA-approved …
John Leyden, 13 Jan 2016

The sloth is coming! Quick, get MD5 out of our internet protocols

The outdated and crackable MD5 hash function is still lingering in critical parts of the internet's infrastructure and could undermine security, researchers have warned. In a paper [PDF] published in time for a cryptography conference in Silicon Valley this week, the authors from French research institute INRIA note that while …
Kieren McCarthy, 06 Jan 2016
Joanna Rutkowska of Invisible Things Labs gives talk "Towards (reasonably) trustworthy x86 laptops" at ccc - still from youtube

Trustworthy x86 laptops? There is a way, says system-level security ace

32c3 Security concerns around Intel's x86 processors – such as the company's decision to force the secretive Management Engine microcontroller onto its silicon – have raised fundamental questions about trust in personal computers, whatever architectures they may be based upon. Youtube Video The founder of Invisible Things Labs, …
D-Wave chip

Google says its quantum computer is 100 million times faster than PC

Two years ago Google and NASA bought a D-Wave 2X quantum computing system and the Chocolate Factory has now pronounced itself very pleased with the results. "We found that for problem instances involving nearly 1000 binary variables, quantum annealing significantly outperforms its classical counterpart, simulated annealing. It …
Iain Thomson, 09 Dec 2015
schoolchildren_kids_victorian_cropped

Australian test finds robot essay assessors on par with human teachers

Software has emerged as the equal of humans when it comes to marking essays in an Australian study. The test of test-marking software was conducted by the Australian Curriculum, Assessment and Reporting Authority, which administers standardised tests called the National Assessment Program – Literacy and Numeracy (NAPLAN). …
Simon Sharwood, 01 Dec 2015

Glowing dust doughnut circles white dwarf

Extremely patient astroboffins have put together the first image of debris rings around a white dwarf, obtained over 12 years of Very Large Telescope observations. Researchers led by Christopher Manser of the University of Warwick’s Astronomy and Astrophysics Group used Doppler tomography* to snap the rings of SDSS1228+1040, …
Lester Haines, 11 Nov 2015
Lovely reject by Flickr user c0t0s0d0 CC 2.0 attribution https://www.flickr.com/photos/c0t0s0d0/

Most developers have never seen a successful project

Most software professionals have never seen a successful software development project, continuous delivery evangelist Dave Farley said, and have “built careers on doing the wrong thing”. Farley, kicking off the Continuous Lifecycle conference in Mannheim, said study after study had shown that a small minority of software …
Joe Fay, 11 Nov 2015

How do you anonymize personal databases and protect people's privacy – over to you, NIST

Analysis How do you protect people's privacy when you have big databases of personal records you want to share? That's the question that the US National Institute of Standards and Technology (NIST) has dug into in an extensive review [PDF] of the different methods that government departments and other organizations use when publishing …
Kieren McCarthy, 02 Nov 2015

Android Security: How's BlackBerry going to fix it?

Analysis “Android Security” sounds like an oxymoron, perhaps the biggest since “friendly fire”. So what’s BlackBerry, which has forged a reputation on enterprise security, thinking with the new Priv device? BlackBerry's handset division is promising to create a business-friendly secure 'droid, and it’s recently been explaining just how …
Andrew Orlowski, 26 Oct 2015
WD_My_Passport_Grip_Pack

Western Digital's hard drive encryption is useless. Totally useless

The encryption systems used in Western Digital's portable hard drives are pretty pointless, according to new research. It appears anyone getting hold of the vulnerable devices can easily decrypt them. WD's My Passport boxes automatically encrypt data as it is written to disk and decrypt the data as it is read back to the …
Iain Thomson, 20 Oct 2015

SYNful Knock is no Stuxnet, says researcher

Yet another set of shivers is running up spines at Cisco, with a researcher from Grid32 claiming that “rooting” the company's IOS firmware isn't as hard as people think. The issue of compromised firmware arose in August when the company first warned that its ROMMON firmware images could be replaced with a compromised version …
android logo

Android users left at risk... and it's not even THEIR FAULT this time!

Tardiness in providing security updates is leaving the vast majority of Android devices hopelessly insecure, according to researchers at the University of Cambridge. Over the last four years, an average of 87 per cent of Android devices were vulnerable to attack by malicious apps, according to the research, which blames a …
John Leyden, 12 Oct 2015
Gorillas by Thomas Wildmann Flickr https://creativecommons.org/licenses/by-sa/2.0/

Intel, Nokia, Ericsson square off against Chinese IoT threat

US and European vendors have linked arms in an effort to set low-bandwidth mobile communications standards. Intel, Ericsson and Nokia have thrown their weight behind a standard proposal called Narrow-Band LTE (NB-LTE) to support the comms requirements of Internet of Things devices. If adopted – there's a vote on narrowband …

Security bods jab pins at encrypted database system balloons

Developers of encrypted databases and security researchers are at loggerheads – and it's over a study that claims property-preserving encrypted databases may be vulnerable to attack. The researchers – Muhammad Naveed of the University of Illinois at Urbana-Champaign, Charles Wright of Portland State University, and Seny Kamara …
John Leyden, 11 Sep 2015

ICANN has $60m burning a hole in its pocket – and it needs your help blowing it all

Domain-name overseer ICANN wants your suggestions for how it should spend the $60m it made from auctioning off new dot-words. In a discussion paper [PDF] published today, the wannabe-master-of-the-internet notes that it has $58.8m in a special bank account. Just under half of it stemmed from Google, which paid $25m for the …
Kieren McCarthy, 09 Sep 2015

IoT baby monitors STILL revealing live streams of sleeping kids

Internet-connected baby monitors are riddled with security flaws that could broadcast live footage of your sleeping children to the world and his dog, according to new research. Mark Stanislav, a security researcher at Rapid7, discovered numerous security weaknesses and design flaws after evaluating nine different devices from …
John Leyden, 03 Sep 2015
Imperva switcher attack illustration

Imperva demos cloudy man-in-the-middle attack

Dropbox, OneDrive, Google Drive, and Box can be raided via a man-in-the-middle attack, without an attacker needing access to users' plaintext credentials, according to security bods at Imperva. Instead, in this paper [PDF] presented to BlackHat, the company's Application Defense Center says users' local sync folders serve just …
shutterstock_215940778

W3C's bright idea turned your battery into a SNITCH for websites

Website owners keen on tracking netizens, but thwarted by AdBlock or similar, could instead look at the battery charge in people's devices to identify them. How so? A feature the W3C added to HTML5 that lets a website interrogate the state of a visitor's battery. According to security boffins writing for the International …
Internet email sign. Pic: @mattw1lson, Twitter

Next-gen secure email using internet's own DNS – your help needed

A group of researchers from the US government and dot-com operator VeriSign are working on a new system for secure email: using domain names. Highlighting the problems and security holes associated with current mail systems, the team from the National Institute of Standards and Technology (NIST), a subset of the US Department …
Kieren McCarthy, 03 Aug 2015

Secretive trade pact the TTIP: Death of the web – or a brave new horizon?

Analysis The trinity of trans-Atlantic trade deals that have been under negotiation for two years appear to be heading toward some kind of initial conclusion. The free-trade deals between the US and various nations have become renowned for being negotiated in secret and for efforts to open the process resulting in ludicrous …
Kieren McCarthy, 27 Jul 2015
shutterstock_225964027-pizz

The modest father of SMS, who had much to be modest about

Matti Makkonen died last week and was celebrated as the father of SMS. He’s been described as being too modest to acknowledge his involvement. It seems, however, that the story of how Short Messaging came to be is far more complicated than we originally thought, and the system has many fathers. In fact, not only did Makkonen …
Simon Rockman, 08 Jul 2015
America

Security gurus deliver coup de grace to US govt's encryption backdoor demands

With congressional hearings due on Wednesday to discuss US government plans to force tech companies to install backdoors in their encryption systems, some of the leading minds in the security world have published a paper on how, and if, such a system would work. The authors of the 34-page paper [PDF] read like a who's who of …
Iain Thomson, 08 Jul 2015
Red-haired child in glasses looks thoughtful. Image via Shutterstock -  Copyright: Sofi photo

Export control laws force student to censor infosec research

An ethical hacking student at the University of Northumbria has claimed that the university's ethics board and the Wassenaar Arrangement have forced him to delete some references to exploits from his final year dissertation. Grant Willcox, a BSc student studying Ethical Hacking for Computer Security, claimed in a blog post …