This PC monitor hack can manipulate pixels for malicious effect

Don’t believe everything you see. It turns out even your computer monitor can be hacked.On Friday, researchers at DEF CON presented a way to manipulate the tiny pixels found on a computer display.Ang Cui and Jatin Kataria of Red Balloon Security were curious how Dell monitors worked and ended up reverse-engineering one.They picked apart a Dell U2410 monitor and found that the display controller inside can be used to change and log the pixels across the screen.During their DEF CON presentation, they showed how the hacked monitor could seemingly alter the details on a web page. In one example, they changed a PayPal’s account balance from $0 to $1 million, when in reality the pixels on the monitor had simply been reconfigured.To read this article in full or to leave a comment, please click here

This PC monitor hack can manipulate pixels for malicious effect

Don’t believe everything you see. It turns out even your computer monitor can be hacked.On Friday, researchers at DEF CON presented a way to manipulate the tiny pixels found on a computer display.Ang Cui and Jatin Kataria of Red Balloon Security were curious how Dell monitors worked and ended up reverse-engineering one.They picked apart a Dell U2410 monitor and found that the display controller inside can be used to change and log the pixels across the screen.During their DEF CON presentation, they showed how the hacked monitor could seemingly alter the details on a web page. In one example, they changed a PayPal’s account balance from $0 to $1 million, when in reality the pixels on the monitor had simply been reconfigured.To read this article in full or to leave a comment, please click here

Bigfoot data: Disney patent to track visitors by their shoes

We are truly in the era of all-encompassing analytics. Today, everything you click on, everything you post, where you go, what you purchase, and who you’re connected to are all data points to be captured, categorized, cross-indexed, tabulated, and analyzed. “O! M! G!” you may be muttering “Will surveillance never end?” Sure it will end. When hell freezes over. Nope, the surveillance cat is out of the bag, the monitoring pigeon has flown the coup, and the privacy bridge has been burnt. Welcome to the future. As if to underline that reality, the latest foray into quantifying you, has just been patented by Disney. In a recent filing titled System and method using foot recognition to create a customized guest experience, the company that bought you “a people trap run by a rat” (I kid you with love, Disney) has raised (lowered?) the bar on knowing who you are by proposing that they will track you by looking at ... wait for it ... your footwear.To read this article in full or to leave a comment, please click here

Bigfoot data: Disney patent to track visitors by their shoes

We are truly in the era of all-encompassing analytics. Today, everything you click on, everything you post, where you go, what you purchase, and who you’re connected to are all data points to be captured, categorized, cross-indexed, tabulated, and analyzed. “O! M! G!” you may be muttering “Will surveillance never end?” Sure it will end. When hell freezes over. Nope, the surveillance cat is out of the bag, the monitoring pigeon has flown the coup, and the privacy bridge has been burnt. Welcome to the future. As if to underline that reality, the latest foray into quantifying you, has just been patented by Disney. In a recent filing titled System and method using foot recognition to create a customized guest experience, the company that bought you “a people trap run by a rat” (I kid you with love, Disney) has raised (lowered?) the bar on knowing who you are by proposing that they will track you by looking at ... wait for it ... your footwear.To read this article in full or to leave a comment, please click here

SDxCentral Weekly News Roundup — August 5, 2016

Big Switch Networks announced the company’s launch in Australia.

Best Deals of the Week, August 1-5 – Deal Alert

Best Deals of the Week - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week, the week of August 1st. All items are highly rated, and dramatically discounted!53% off Inateck USB 3.0 Dual-Bay Hard Drive Cloning StationThis gadget from Inateck will duplicate any 2.5 inch or 3.5 inch SATA HDD/SSD drive quickly and automatically without the need for a computer, by just pushing a button. The unit currently averages 4.5 out of 5 stars on Amazon from over 530 customers (read reviews). With a typical list price of $69.99, this 53% off deal puts it at just $32.99. See the discounted Inateck HDD/SSD cloning station now on Amazon.To read this article in full or to leave a comment, please click here

Worth Reading: Top performance items to watch

What’s eating your network? What is (quietly) killing performance? What performance items should you be watching, but probably are not? I’m a big fan of appropriate network management data, with the right tool(s). If you don’t monitor absolutely every interface, and capture historical data, you’re flying blind. —Netcraftsmen

The post Worth Reading: Top performance items to watch appeared first on 'net work.

IoT security suffers from a lack of awareness

As consumers we have become obsessed with connected devices. We like the idea of smart homes, smart cars, smart TVs, smart refrigerators or any machine that can be automated with sensors and an IP address. Yet fewer tasks in IT today inspire more fear than the prospect of protecting corporate networks from this proliferating wave of connected devices. The internet of things phenomenon expands the threat surface exponentially, in turn boosting business risk.But CIOs often aren’t aware of all of the devices that make inviting targets for hackers. "One of the fundamental issues that faces the internet of things is knowing that they're there and giving them some identity,” says Gartner analyst Earl Perkins. "You can't manage what you can't see."To read this article in full or to leave a comment, please click here

IoT security suffers from a lack of awareness

As consumers we have become obsessed with connected devices. We like the idea of smart homes, smart cars, smart TVs, smart refrigerators or any machine that can be automated with sensors and an IP address. Yet fewer tasks in IT today inspire more fear than the prospect of protecting corporate networks from this proliferating wave of connected devices. The internet of things phenomenon expands the threat surface exponentially, in turn boosting business risk.But CIOs often aren’t aware of all of the devices that make inviting targets for hackers. "One of the fundamental issues that faces the internet of things is knowing that they're there and giving them some identity,” says Gartner analyst Earl Perkins. "You can't manage what you can't see."To read this article in full or to leave a comment, please click here

Buenos Aires

The post Buenos Aires appeared first on 'net work.

Feds need to do a better job of measuring telecommuting benefits

With one of the largest telecommuting communities – over 1 million -- in the country many of the Federal agencies that support it have little information to show about its benefits.Watchdogs at the Government Accountability Office this week issued a report that found that many agencies “had little data to support the benefits or costs associated with their telework programs. All of the selected agencies could provide some supporting documentation for some of the benefits and only two could provide supporting documentation for some of the costs.”+More on Network World: Black Hat: Quick look at hot issues+To read this article in full or to leave a comment, please click here

Feds need to do a better job of measuring telecommuting benefits

With one of the largest telecommuting communities – over 1 million -- in the country many of the Federal agencies that support it have little information to show about its benefits.Watchdogs at the Government Accountability Office this week issued a report that found that many agencies “had little data to support the benefits or costs associated with their telework programs. All of the selected agencies could provide some supporting documentation for some of the benefits and only two could provide supporting documentation for some of the costs.”+More on Network World: Black Hat: Quick look at hot issues+To read this article in full or to leave a comment, please click here

Rackspace Nears a Private Equity Buyout, Report Says

Apollo Global is reportedly negotiated a $3.5B price for the firm.

Why the ‘cyber kill chain’ needs an upgrade

One of the most popular models for analyzing cyberattacks doesn’t focus  enough on what to do after adversaries break into networks successfully, which they inevitable will do, Black Hat 2016 attendees were told this week in Las Vegas.“Every attacker will become an insider if they are persistent enough,” says Sean Malone, a security consultant who spoke at the conference. “We need to operate under a presumption of breach.”MORE: 'Mayhem" wins $2M first prize at DARPA Cyber Grand ChallengeTo read this article in full or to leave a comment, please click here

Why the ‘cyber kill chain’ needs an upgrade

One of the most popular models for analyzing cyberattacks doesn’t focus  enough on what to do after adversaries break into networks successfully, which they inevitable will do, Black Hat 2016 attendees were told this week in Las Vegas.“Every attacker will become an insider if they are persistent enough,” says Sean Malone, a security consultant who spoke at the conference. “We need to operate under a presumption of breach.”MORE: 'Mayhem" wins $2M first prize at DARPA Cyber Grand ChallengeTo read this article in full or to leave a comment, please click here

Python versus Go – Fighting in Prime Time

Which is faster, Python or Go? And by how much? This is the question I found myself asking earlier this week after troubleshooting a script that my son had written in Python to calculate prime numbers.

In The Red Corner – Python

My son worked out a fairly simple algorithm to generate prime numbers which we tweaked slightly to optimize it (things like not bothering to check even numbers, not checking divisors that are larger than 1/3 of the number, not checking any number ending in 5, and so on). I’m not saying that this is production-ready code, nor highly optimized, but it does appear to work, which is what matters. The resulting code looks like this:

#!/usr/bin/python

max = 100000

for tens in xrange(0,max,10):
    for ones in (1, 3, 7, 9):
        a = tens + ones

        halfmax = int(a/3) + 1
        prime = True

        for divider in xrange (3, halfmax, 2):
            if a % divider == 0:
                # Note that it's not a prime
                # and break out of the testing loop
                prime = False
                break

        # Check if prime is true
        if prime == True:
            print(a)

        # Fiddle to print 2 as prime
        if a == 1:
             Continue reading

Show 300: The IETF Is The Best We’ve Got & A Packet Pushers Update

Its Weekly Show 300! Time for an update about how show is doing, our public appearances, and then some tech news on Greg s trip to IETF 96 in Berlin. The post Show 300: The IETF Is The Best We’ve Got & A Packet Pushers Update appeared first on Packet Pushers.

Risk management: Picking the right tool for the job

At the DEFCON hacking conference's Lockpick Village, CSO's Steve Ragan chats with Austin Appel (aka Scorche), from TOOOL, about physical locks, lockpicking and risk management associated with locks.

UK government hit with new complaint about hacking abroad

A group of privacy advocates and internet providers has filed a new challenge to the U.K. government's use of bulk hacking abroad. U.K.-based Privacy International and five internet and communications providers aim to "bring the government's hacking under the rule of law," they said in a case lodged Friday with the European Court of Human Rights. Their application challenges the U.K. Investigatory Powers Tribunal's (IPT's) February refusal to rule on whether hacking efforts outside the U.K. by the GCHQ British intelligence service comply with the European Convention on Human Rights. That decision was part of a case brought by Privacy International against GCHQ back in 2014, and it effectively meant that the U.K. government could lawfully conduct bulk hacking of computers, mobile devices, and networks located anywhere outside of the UK, the group said.To read this article in full or to leave a comment, please click here

UK government hit with new complaint about hacking abroad

A group of privacy advocates and internet providers has filed a new challenge to the U.K. government's use of bulk hacking abroad. U.K.-based Privacy International and five internet and communications providers aim to "bring the government's hacking under the rule of law," they said in a case lodged Friday with the European Court of Human Rights. Their application challenges the U.K. Investigatory Powers Tribunal's (IPT's) February refusal to rule on whether hacking efforts outside the U.K. by the GCHQ British intelligence service comply with the European Convention on Human Rights. That decision was part of a case brought by Privacy International against GCHQ back in 2014, and it effectively meant that the U.K. government could lawfully conduct bulk hacking of computers, mobile devices, and networks located anywhere outside of the UK, the group said.To read this article in full or to leave a comment, please click here