CowboyRobot writes "As budgets are pinched by reduced tax collection, many U.S. states are facing a possibility of not being able to handle the ever-increasing number of data breaches. 70% of state chief information security officers (CISOs) reported a data breach this year, each of which can cost up to $5M in some states. 'Cybersecurity accounts for about 1 to 2 percent of the overall IT budget in state agencies. ... 82 percent of the state CISOs point to phishing and pharming as the top threats to their agencies, a threat they say will continue in 2013, followed by social engineering, increasingly sophisticated malware threats, and mobile devices.' The full 2012 Deloitte-National Association of State Chief Information Officers (NASCIO) Cybersecurity Study is available online (PDF)."
Navigate with confidence through the cloud. Sign up for the SlashCloud Update newsletter now.
An anonymous reader writes "Last night, the Internet Archive threw a party; hundreds of Internet Archive supporters, volunteers, and staff celebrated that the site had passed the 10,000,000,000,000,000 byte mark for archiving the Internet. As the non-profit digital library, known for its Wayback Machine service, points out, the organization has thus now saved 10 petabytes of cultural material." The announcement coincided with the release of an 80-terabyte dataset for researchers and, for the first time, the complete literature of a people: the Balinese.
jfruh writes "CoDeSys, a piece of software running on industrial control systems from hundreds of vendors, has been revealed to be easily hackable by security researchers, giving rise to a scenario where computer hacking could cross the line into the physical world. Worse, many of these systems are unneccessarily connected to the Internet, which is a terrible, terrible idea."
blackfrancis75 writes "An aspiring teenage journalist in B.C., Canada who witnessed a mall takedown and decided to photograph it (using a real-film camera), was told to 'delete' the photo by security guards. He (quite legally) refused to do so, and when local police arrived they assisted mall security in pushing him to the ground, handcuffing him, cutting off his backpack with a utility knife and searching it. 'He said the security guards held him, attempting to grab his camera, and he was pushed to the ground. He said he then tried to use his body to protect two cameras he carried in his bag. "They're just yelling and screaming, and just telling me to stop resisting," Markiewicz said.'"
SternisheFan sends this quote from an article at MIT's Technology Review: "In the event that a giant asteroid is headed toward Earth, you’d better hope that it’s blindingly white. A pale asteroid would reflect sunlight — and over time, this bouncing of photons off its surface could create enough of a force to push the asteroid off its course. How might one encourage such a deflection? The answer, according to an MIT graduate student: with a volley or two of space-launched paintballs. Sung Wook Paek, a graduate student in MIT’s Department of Aeronautics and Astronautics, says if timed just right, pellets full of paint powder, launched in two rounds from a spacecraft at relatively close distance, would cover the front and back of an asteroid, more than doubling its reflectivity, or albedo. The initial force from the pellets would bump an asteroid off course; over time, the sun’s photons would deflect the asteroid even more."
alphadogg writes "The $100 million price differential between the Alcatel-Lucent and Cisco proposals to refresh California State University's 23-campus network revealed earlier this week was based on an identical number of switches and routers in various configurations. CSU allowed Network World to review spreadsheets calculating the eight-year total cost of ownership of each of the five bidders for the project. 'Everybody had to comply with this spreadsheet,' said CSU's director of cyberinfrastructure. 'Alcatel-Lucent won the project with a bid of $22 million. Cisco was the high bidder with a cost just under $123 million. Not only was Cisco's bid more than five-and-a-half times that of Alcatel-Lucent's, it was three times that of the next highest bidder: HP, at $41 million.'"
An anonymous reader writes "A few months ago I stumbled across an interesting security hole with my webhost. I was able to access any file on the server, including those of other users. When I called the company, they immediately contacted the server team and said they would fix the problem that day. Since all you need when calling them is your username, and I was able to list out all 500 usernames on the server, this was rather a large security breach. To their credit, they did patch the server. It wasn't a perfect fix, but close enough that moving to a new web host was moved down on my list of priorities. Jump a head to this week: they experienced server issues, and I asked to be moved to a different server. Once it was done, the first thing I did was run my test script, and I was able to list out everyone's files again. The hosting company only applied the patch to old server. I'm now moving off this web host all together. However, I do fear for the thousands of customers that have no clue about this security issue. With about 10 minutes of coding, someone could search for the SQL connection string and grab the username/password required to access their hosting account. What's the best way to handle this type of situation?"
New submitter Atticus Rex writes "Reporters and security guards at the Windows 8 launch event weren't sure how to react when they were greeted by a real, live gnu. The gnu — which, on closer inspection, was an activist in a gnu suit — had come for some early trick-or-treating. But instead of candy, she had free software for the eager journalists. The gnu and the Free Software Foundation campaigns team handed out dozens of copies of Trisquel, a fully free GNU/Linux distribution, along with press releases and stickers. Once they got over their confusion, the reporters were happy to see us and hear our message — that Windows 8 is a downgrade, not an upgrade, because it steals users' freedom, security and privacy."
Hugh Pickens writes "The NY Times reports that some experts say it is almost certain that the U.S. will soon face a year or more without crucial weather satellites that provide invaluable data for predicting storm tracks. This is because the existing polar satellites are nearing or beyond their life expectancies, and the launching of the next replacement, known as JPSS-1, has slipped until early 2017. Polar satellites provide 84 percent of the data used in the main American computer model tracking the course of Hurricane Sandy, which at first was expected to amble away harmlessly, but now appears poised to strike the mid-Atlantic states. The mismanagement of the $13 billion program to build the next generation weather satellites was recently described as a 'national embarrassment' by a top official of the Commerce Department. A launch mishap or early on-orbit failure of JPSS 1 could lead to a data gap of more than 5 years. The second JPSS satellite — JPSS 2 — is not scheduled for launch until 2022. 'There is no more critical strategic issue for our weather satellite programs than the risk of gaps in satellite coverage,' writes Jane Lubchenco, the under-secretary responsible for the Commerce Department's National Oceanic and Atmospheric Agency. 'This dysfunctional program that had become a national embarrassment due to chronic management problems.' As a aside, I know from personal experience that this isn't the first time NOAA has been in this situation. 'In 1992 NOAA's GOES weather satellites were at the end of their useful lives and could have failed at any time,' I wrote as a project manager for AlliedSignal at that time. 'So NOAA made an agreement with the government of Germany to borrow a Meteosat Weather Satellite as a backup and drift it over from Europe to provide weather coverage for the US's Eastern seaboard in the event of an early GOES failure.'"
Penurious Penguin writes "Last year a Slashdot story mentioned the case of Daniel David Rigmaiden, or 'the Hacker.' With the help of an IMSI-catcher device, law enforcement had been able to locate and arrest the elusive 'Hacker,' leading to U.S. v. Rigmaiden. But far more elusive than the 'Hacker,' is the IMSI-catcher device itself — particularly the legalities governing its use. The secrecy and unconstitutionality of these Man In The Middle devices, i.e. 'stingrays,' has caught some attention. The EFF and ACLU have submitted an amicus brief in the Rigmaiden case; and EPIC, after filing an FOIA request in February and receiving a grossly redacted 67 out of 25,000 (6,000 classified) pages on the "stingray" devices, has now requested a district judge expedite disclosure of all documents. Some Judges also seem wary of the 'stingray,' having expressed concerns that their use violates the Fourth Amendment; and additionally, that information explaining how the technology is used remains too obscure. Perhaps the most controversial aspect of ISMI-catchers is their several-kilometer range. When a "stingray" is used to spoof a cellphone tower, thousands of innocent users may be collaterally involved. And while the government claims to delete all gathered data unrelated to the target, it also means no one else can know what that data really was. The government claims that because only attributes of calls — but not their content — are captured in the attack, search warrants aren't necessary." (More, below.)
Registered Coward v2 writes "The U.S. Supreme Court is set to hear a case to determine how copyright law and the doctrine of first sale applies to copyrighted works bought overseas, then imported to the U.S. and then re-sold. The case involves a foreign student who imported textbooks from Asia and the resold them in the U.S. to help fund his education. He was sued by the publisher, lost, and was ordered to pay $600,000 in damages. Now SCOTUS gets to weigh in on the issue. 'The idea -- upheld by the Supreme Court since 1908 -- is that once a copyright holder legally sells a product initially, the ownership claim is then exhausted, giving the buyer the power to resell, destroy, donate, whatever. It's a limited idea -- involving only a buyer's distribution right, not the power to reproduce that DVD or designer dress for sale. ... The tricky part is whether that first-sale doctrine applies to material both manufactured and first purchased outside the United States. Federal law gives that authority to a purchaser's work "lawfully made under this title." Does "this title" apply to any copyrighted work — whether manufactured all or in part in the United States and around the world?"
SternisheFan points out an article at Wired arguing that game consoles and the business model that sustained them are now "obsolete." Quoting: "Years from now, 225 million devices will almost certainly be seen as the point at which the console business peaked. Gamers are going elsewhere for their fix. The console’s time at the top of the heap is drawing to an end, and these machines won’t survive without radical change. ... Consoles used to do everything best, but those strengths are now being wiped away. Unlike PC games, which may require finicky custom settings, consoles 'just work,' fans have long pointed out. Well, so does the iPad. Consoles are cheaper than PCs? Not when you factor in the growing disparity in game prices. Consoles have all the good content? Well, if you want Nintendo- or Sony-exclusive games, you’ll need to buy their hardware. But for many gamers, Angry Birds is becoming more attractive than Mario.
whoever57 writes "In an interview in Der Spiegel, Craig Mundie blames Microsoft's failure in mobile on cyber criminals. Noting that Microsoft had a music player before the iPod and a touch device before the iPad, he claims a failure to execute within Microsoft resulted in Microsoft losing its 'leadership.' The reason for the failure to execute, in his words: 'During that time, Windows went through a difficult period where we had to shift a huge amount of our focus to security engineering. The criminal activity in cyberspace was growing dramatically ten years ago, and Microsoft was basically the only company that had enough volume for it to be a target. In part because of that, Windows Vista took a long time to be born.'"
MojoKid writes "After its conference call last week, AMD is jonesing for some positive news to toss investors and is planning a major announcement on Monday to that effect. Rumor suggests that a number of statements may be coming down the pipe, including the scope of the company's layoffs, new CPUs based on Piledriver Opterons, and possibly an ARM server announcement. The latter would be courtesy of AMD's investment in SeaMicro. SeaMicro built its business on ultra-low power servers and their first 64-bit ARMv8 silicon is expected in the very near future. However, there's always a significant lag between chip announcements and actual shipping products. Even if AMD announces Monday, it'd be surprising to see a core debut before the middle of next year."