Join our Folding@Home team:
Main F@H site
Our team page
Support us: Subscribe Here
and buy SoylentNews Swag
We always have a place for talented people, visit the Get Involved section on the wiki to see how you can make SoylentNews better.
The Federal Bureau of Investigation has shut down a "major computer hacking forum" called Darkode. The Darkode site now displays a banner with a message from the FBI, Department of Justice, and many foreign police agencies.
U.S. authorities working with law enforcement partners abroad have shut down the Darkode online forum used by cybercriminals around the world and charged 12 people linked to the site, the Justice Department said on Wednesday.
U.S. Attorney David Hickton announced the charges in Pittsburgh and called Darkode "a cyber hornet's nest of criminal hackers."
"Of the roughly 800 criminal Internet forums worldwide, Darkode represented one of the gravest threats to the integrity of data on computers in the United States," he said.
The Justice Department said the FBI and U.S. attorney's office in Pittsburgh led the investigation, known as Operation Shrouded Horizon. It included authorities from Europol and 20 countries in Europe and Latin America and included Israel, Nigeria and Australia.
12 individuals have been charged:
As of this morning, NASA's New Horizons spacecraft has flown by Pluto. Early images (here and here) are the best glimpses we have had of the dwarf planet. More detailed pictures are expected to be released this afternoon and over the next 16 months.
Update: New Horizons is expected to call home at 8:53 PM EDT.
Update: Contact with New Horizons re-established! Telemetry download has begun.
Update: New Horizons team unveils its first findings from the Pluto flypast – that briefing is on Wednesday at 3pm ET [sic] (8pm BST/Thursday 5am AEST) [updated at 14:59 UTC 15 July]
According to the White House:
After many months [Ed: years?] of principled diplomacy, the P5+1 -- the United States, the United Kingdom, France, China, Russia and Germany -- along with the European Union, have achieved a long-term comprehensive nuclear deal with Iran that will verifiably prevent Iran from acquiring a nuclear weapon and ensure that Iran's nuclear program will be exclusively peaceful going forward.
Reported at BBC, NYT, Reuters, and everywhere else. President Obama spoke about the deal for 15 minutes this morning.
The deal has been praised by Syrian President Bashar Assad and slammed by the Israeli Prime Minister Benjamin Netanyahu.
Text of the "Joint Comprehensive Plan of Action."
The Wall Street Journal, Washington Post, Time and several other news sources are reporting that Ellen Pao is resigning as CEO of Reddit. Pao will be replaced by Steve Huffman, a Reddit co-founder and its first CEO.
Pao has had a stormy and controversial stint as interim chief executive officer of Reddit which culminated in a mass user protest in recent weeks, as previously reported on SN.
Hacking Team has issued a statement confirming that its code and zero-day software vulnerabilities were leaked:
It is now apparent that a major threat exists because of the posting by cyber criminals of HackingTeam proprietary software on the Internet the night of July 6. HackingTeam's investigation has determined that sufficient code was released to permit anyone to deploy the software against any target of their choice.
Before the attack, HackingTeam could control who had access to the technology which was sold exclusively to governments and government agencies. Now, because of the work of criminals, that ability to control who uses the technology has been lost. Terrorists, extortionists and others can deploy this technology at will if they have the technical ability to do so.
Adobe has patched a security bug in flash, and Microsoft is working on a vulnerable kernel driver. Discussed at The Register and Motherboard.
The Intercept has detailed Hacking Team's demonstration to a Bangladesh "death squad," the use of Hacking Team software by the DEA to spy on all Colombian ISPs from the U.S. embassy in Bogota, and more. In one email, CEO David Vincenzetti unwittingly predicts the current fallout while warning employees not to leak the company's secrets: "Imagine this: a leak on WikiLeaks showing YOU explaining the evilest technology on earth! :-)" he wrote. "You will be demonized by our dearest friends the activists, and normal people will point their fingers at you."
Privacy International's Deputy Director Eric King has called the leaks "the equivalents of the Edward Snowden leaks for the surveillance industry." Nevertheless, Hacking Team plans to continue its operations. PhineasFisher, a hacker who penetrated Hacking Team's competitor Gamma International last year and leaked 40 GB of internal data, has claimed responsibility for this hack.
Finland-based Jolla Oy, developer of the Linux-based Sailfish OS for mobile devices as well as the creator of their namesake Jolla Phone and the soon-to-be-released Jolla Tablet, have announced that it will be restructuring the company. As per their official press release [pdf], the company has placed former Chairman of Board Dr. Antti Saarnio as its new leader, while former CEO Tomi Pienimäki has been appointed to a position outside of the company.
The press release states that a new company will be created to continue their hardware business while Jolla Oy (referred to as Jolla Ltd. in the press release) will be focusing its attention solely toward developing and licensing Sailfish OS itself.
Summary
Your bitcoins are safe if you received them in transactions confirmed before 2015-07-04 15:00 UTC.
However, there has been a problem with a planned upgrade. For bitcoins received later than the time above, confirmation scores are significantly less reliable then they usually are for users of certain software:
- Lightweight (SPV) wallet users should wait an additional 30 confirmations more than you would normally wait.
- Bitcoin Core 0.9.4 or earlier users should wait an additional 30 confirmations more than you would normally wait or upgrade to Bitcoin Core 0.10.2.
- Web wallet users should wait an additional 30 confirmations more than you would normally wait, unless you know for sure that your wallet is secured by Bitcoin Core 0.9.5 or later.
- Bitcoin Core 0.9.5 or later users are unaffected. (Note: upgrade to 0.10.2 is recommended due to denial-of-service vulnerabilities unrelated to this alert.)
[More after the break.]
The incident status page describes the cause of the problem:
For several months, an increasing amount of mining hash rate has been signaling its intent to begin enforcing BIP66 strict DER signatures. As part of the BIP66 rules, once 950 of the last 1,000 blocks were version 3 (v3) blocks, all upgraded miners would reject version 2 (v2) blocks.
Early morning UTC on 4 July 2015, the 950/1000 (95%) threshold was reached. Shortly thereafter, a small miner (part of the non-upgraded 5%) mined an invalid block--as was an expected occurrence. Unfortunately, it turned out that roughly half the network hash rate was mining without fully validating blocks (called SPV mining), and built new blocks on top of that invalid block.
It further describes the impact of this on Bitcoin users:
All software that assumes blocks are valid (because invalid blocks cost miners money) is at risk of showing transactions as confirmed when they really aren't. This particularly affects lightweight (SPV) wallets and software such as old versions of Bitcoin Core which have been downgraded to SPV-level security by the new BIP66 consensus rules
There has already been lost revenue as a result of this incident, with the status page stating "several large miners have lost over $50,000 dollars worth of mining income so far." The status page will be updated as this situation unfolds. There is currently a big red warning message at the top of their status page that prominently states: "many wallets currently vulnerable to double-spending of confirmed transactions."
[Update: corrected links to 0.10.2 - Ed.]
A plane powered by the sun's rays has landed in Hawaii after a record-breaking five-day journey across the Pacific Ocean from Japan.
http://westhawaiitoday.com/news/state-wire/solar-powered-plane-lands-hawaii-after-flight-japan
Solar Impulse, the aeroplane that is powered only by the sun, has landed in Hawaii after making a historic 7,200km flight across the Pacific from Japan. Pilot Andre Borschberg brought the vehicle gently down on to the runway of Kalaeloa Airport at 05:55 local time (15:55 GMT; 16:55 BST).
The distance covered and the time spent in the air - 118 hours - are records for manned, solar-powered flight. The duration is also an absolute record for a solo, un-refuelled journey. Mr Borschberg's time betters that of the American adventurer Steve Fossett who spent 76 hours aloft in a single-seater jet in 2006.
Despite being in the cockpit for so long, the Swiss pilot told the BBC that he did not feel that tired: "Interestingly, not really. "I am also astonished. We got so much support during the flight from so many people; it gave me so much energy."
Pretty amazing feat. Not only the longest solo flight, but also without burning a drop of fuel.
To add to the other Greece Breaking News story (Greece Defaults, Still Wants Bailout)....
The Ars Writes:
Thom Feeney, a London shoe shop worker who started a campaign to raise €1.6 billion (that's US $1.78 billion). Feeney's IndieGoGo campaign, started just two days ago, has already raised an astonishing €478,575 (or $533,010) from more than 30,000 people.
"All this dithering over Greece is getting boring," Feeney wrote on his IndieGoGo page. "Why don't we the people just sort it instead?" He added that to come up with the €1.6 billion, every member of Europe would only have to give €3 each (well, technically you'd only need to collect from members of the European Union; that's not even counting any potentially generous Swiss or Norwegian people.)
The campaign has six days left to raise money. If €1.6 billion isn't raised, all the donors will get back their money.
This afternoon, the International Monetary Fund (IMF) declared that Greece was officially in arrears, but it has not yet declared that Greece is in default. Technically, the IMF could offer Greece an extension of its debt repayment obligation. On July 5, the country will hold a national referendum on whether to sign a deal demanding even stricter austerity from the nation.
But, if Europeans all chip in, maybe we can just put this silly bailout business behind us.
Elon Musk's SpaceX rocket explodes:
A SpaceX Falcon 9 rocket bound for the International Space Station exploded a couple of minutes after lift off Sunday morning. It was the third cargo mission to the space station to be lost in recent months.
SpaceX tweeted: "The vehicle experienced an anomaly on ascent. Team is investigating. Updates to come."
NASA officials said it was not clear what caused the explosion. SpaceX was carrying more than 4,000 pounds of food and supplies to the space station, where American Scott Kelly is spending a year in space. The failure follows two earlier mishaps. An Orbital Antares rocket blew up in October, and then a Russian Progress 59 spun out of control after reaching orbit. Before the launch, Stephanie Schierholz, a NASA spokeswoman, said that the station had plenty of supplies on board and that the crew would be fine even if there was another failure.
@SpaceX on Twitter, The Guardian, The Register
Pre-launch article: Elon Musk's SpaceX is on a roll, but here's why the pressure is really on
Security researchers of the security group at the Free University of Amsterdam found a hole in Android. The scoop in Dutch - news is 10hrs old at time of writing, I didn't find an English source yet. Heck, the university hasn't even put out a press release, even though this is currently making a splash in the Dutch news.
In short, the researchers hacked the user's (desktop) browser and then installed (via this browser) a malicious app on the phone.This gave them basically full control over the phone: turning camera on/off, replacing installed apps with malicious versions, intercepting text messages, etc. In fact, they used this to reduce a common version of two-factor authentication (know password and have phone) to only one factor: they managed to intercept verification codes (text messages) sent by a bank.
The problem is not in a specific version of Android, but in the deep integration between Google's websites and Android. Google has been made aware of the problems late 2014, but has yet to publicly reply.
Many Cisco security appliances contain default, authorized SSH keys that can allow an attacker to connect to an appliance and take almost any action he chooses. The company said all of its Web Security Virtual Appliances, Email Security Virtual Appliances, and Content Security Management Virtual Appliances are affected by the vulnerability.
This bug is about as serious as they come for enterprises. An attacker who is able to discover the default SSH key would have virtually free reign on vulnerable boxes, which, given Cisco's market share and presence in the enterprise worldwide, is likely a high number. Threatpost.com writes that the default key was inserted into the software for support reasons.
Cisco says, "The vulnerability is due to the presence of a default authorized SSH key that is shared across all the installations of WSAv, ESAv, and SMAv. An attacker could exploit this vulnerability by obtaining the SSH private key and using it to connect to any WSAv, ESAv, or SMAv. An exploit could allow the attacker to access the system with the privileges of the root user."
The Daily Beast reports
Escaped murderer Richard Matt was shot and killed by a Border Patrol agent Friday after he and fellow escapee David Sweat tried to carjack a camper vehicle, law-enforcement [said]. [...] The camper's driver called 911 and authorities finally caught up to the men since they broke out of prison on June 6.
Matt was shot in the vicinity of Lake Titus, approximately 10 miles west of Owl's Head, where police said Monday they had found evidence that Matt and Sweat had broken into a cabin this week.
[...] A trail camera outside of nearby Whippleville [...] photographed both men and showed Matt holding a shotgun. [...] Matt was convicted for kidnapping, killing, and dismembering his boss in 1997 before fleeing to Mexico--where he fatally stabbed an American and was serving a 20-year sentence.
Related: How Two Escaped Killers Could Completely Disappear Off the Grid
In a 5-4 decision, the United States Supreme Court has ruled that states can not prevent same-sex couples from marrying and must recognize their marriages from other states. In the majority opinion by Justice Kennedy it is stated:
The Court, in this decision, holds same-sex couples may exercise the fundamental right to marry in all States. It follows that the Court also must hold—and it now does hold—that there is no lawful basis for a State to refuse to recognize a lawful same-sex marriage performed in another State on the ground of its same-sex character.
...and:
It would misunderstand these men and women to say they disrespect the idea of marriage. Their plea is that they do respect it, respect it so deeply that they seek to find its fulfillment for themselves. Their hope is not to be condemned to live in loneliness, excluded from one of civilization's oldest institutions. They ask for equal dignity in the eyes of the law. The Constitution grants them that right. The judgment of the Court of Appeals for the Sixth Circuit is reversed. It is so ordered.
Reuters reports that the US Supreme Court has ruled 6 - 3 in favor of the nationwide availability of tax subsidies that are crucial to the implementation of President Barack Obama's signature healthcare law, handing a major victory to the President. It marked the second time in three years that the high court ruled against a major challenge to the law brought by conservatives seeking to gut it. "Congress passed the Affordable Care Act to improve health insurance markets, not to destroy them," wrote Chief Justice Roberts, who added that nationwide availability of the credits is required to "avoid the type of calamitous result that Congress plainly meant to avoid." The ruling will come as a major relief to Obama as he seeks to ensure that his legacy legislative achievement is implemented effectively and survives political and legal attacks before he leaves office in January 2017.
Justice Antonin Scalia took the relatively rare step of reading a summary of his dissenting opinion from the bench. "We really should start calling the law SCOTUScare," said Scalia, referencing the court's earlier decision upholding the constitutionality of the law (SCOTUS is the acronym for the Supreme Court of the United States).