May 23

Verizon HTC One tipped for “later” by HTC ROM creator

Posted in: Today's Chili

As this week’s hope for an HTC One from Verizon is dashed by none other than Jennifer Lopez, fans of the device turn to a developer of ROMs for the manufacturer. In a bit of a cryptic announcement by the developer known only as LLabTooFeR, confirmed HTC addict and insider here and there, it would appear that “it will be announced later” is all that we’ll be getting.

htc_one_live_sg_181-580x398

This developer has been accurate with leaks in the past and has provided the public access to RUU files galore – almost as if he (or she) works with HTC in some way or another. It’s important to take any anonymous source’s words with a grain of salt, but in this case, there’s little reason to doubt it.

The only thing you, as a consumer, should be worried about at this moment is if the Verizon HTC One will be prepared in time for it to be marketable. There’s always the chance that a device is made – and even announced – then pulled from release. Case in point: the HTC First.

This device was announced for release internationally, is currently available for sale with AT&T, but has been pulled from possible release for sale in the UK. At the moment, the idea is that developers with Facebook are improving the software before it gets a push, but it’s more likely that the device simply hasn’t been selling well enough to warrant another market chance.

The HTC One for Verizon, on the other hand – that’s a good bet. With all the interest we, as a publication, have seen in the possibility of this phone being released, it’s gotten to the point where it seems like it would be foolish not to release this device on this carrier. And we want it, too – bring it!


Verizon HTC One tipped for “later” by HTC ROM creator is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

No Comments | Tags: , , , , , , , ,
May 23

Google Glass gains ClockworkMod Recovery for future hacks: have a peek!

Posted in: Today's Chili

This week the folks at CyanogenMod, far and away the most popular 3rd party ROM development group, have revealed their first shot at ClockworkMod Recovery for Google Glass. This interface is one of the bare-bones first steps toward creating a slew of customized user interfaces for Google Glass, starting here with the Explorer Edition of the device. CyanogenMod developer Brint Kriebel (aka bekit) has been so kind as to provide us with some up-close photos of the software on his own Glass device, too.

_DSC3548-Edited

Now before you get too pumped up about this situation, you should mind the fact that if you do unlock your Glass device, you’ll be voiding your warrantee provided by Google. This is the same for most devices on the market today running Android, so keep a weather eye when you’re hacking along.

_DSC3512-Edited

What you’re seeing here is a screen rather similar to that which you’d see if you were working with ClockworkMod Recovery on an Android smartphone or tablet. Here with Glass, the user will be using the camera shutter to scroll through menus and the power button to select items inside Recovery – on a smartphone, this is done with a device’s volume buttons and power button.

_DSC3529-Edited

Kriebel has tested several elements inside this version of Recovery, but notes that he’s not yet tested any installations – since none yet exist. Once developers begin to create odd packages for Glass and zip them up real nice, Recovery will be able to flash them to the device with a button tap.

I have successfully tested the following:
  access via adb (including Koush’s new adb backup)
  wipe data/factory reset
  mount/unmount partitions
  backup/restore
  auto disable of stock recovery re-flash
  auto root
– Kriebel (bekit)

_DSC3520-Edited

Users wishing to work with this custom Recovery for Google Glass can head over to Brint Kriebel’s Google+ post to grab the link to the file image. If you’re feeling brave, let us know how it all goes – and if you’ve got any fabulous customized bits and pieces you’ve installed with Recovery, too!

_DSC3512-Edited
_DSC3551-Edited
_DSC3548-Edited
_DSC3532-Edited
_DSC3529-Edited
_DSC3520.NEF
_DSC3517-Edited
_DSC3520-Edited


Google Glass gains ClockworkMod Recovery for future hacks: have a peek! is written by Chris Burns & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

No Comments | Tags: , , , , , , , , , ,
May 22

Twitter Account Two Factor Authentication Is Finally Live

Posted in: Today's Chili

Twitter account two step verification has finally gone live. The microblogging network is called it “login verification.”

Like It , +1 , Tweet It , Pin It Original content from Ubergizmo.

    

No Comments | Tags: , , ,
May 20

Anonymous operation sends Guantanamo’s wifi into shutdown

Posted in: Today's Chili

Reports have been surfacing for awhile now regarding hunger strikes at Guantanamo Bay by prisoners over indefinite imprisonment – without trial – which has resulted in force feeding. To show their support for the cause behind the hunger strikes, hacking collective Anonymous threatened to take Guantanamo down, prompting a shutdown of its wireless Internet network.

Anonymous

According to the Associated Press, the military issued a shutdown of the wireless network at the Guantanamo Bay Naval Base, also blocking access to social media websites, including Twitter and Facebook, via the base’s computers. No cyberattacks have happened thus far; the shutdown was initiated merely as a precaution due to the posted threats.

The threats were made on May 6 via Anon Insiders, where Anonymous published a press release regarding “Operation Guantanamo.” According to the statement, May 18 represented the 100th day the prisoners had been on the hunger strike, the same time the hackers’ 3-day operation would take place. The public was called to initiate “twitterstorms, email bombs, and fax bombs” nonstop to show their support.

The press release also included numbers to the White House, U.S. Southern Command, and Department of Defense, urging the public to call the numbers and demand a change in conditions and eradication of the force-feedings, as well as demands that the Obama Administration close Guantanamo, as was the original plan. People were also asked to call their representatives and senators to petition for its closure.

It is worth noting the press release doesn’t say anything about hacking or cyberattacking the network, instead urging the public to bombard the powers that be with denouncements of the prison’s conditions, actions, and continued existence. As such, it has been pointed out on the Operation Guantanamo’s Twitter account that the base has taken itself offline, with the hacking collective not having to do anything, seemingly fulfilling the purpose it was assumed Anonymous sought to achieve.

There’s no word on when the network will be available again.

SOURCE: Associated Press


Anonymous operation sends Guantanamo’s wifi into shutdown is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

No Comments | Tags: , , , , , , , ,
May 17

Syrian Electronic Army cyberattacks The Financial Times

Posted in: Today's Chili

Another day, another cyberattack by the Syrian Electronic Army. This time the hacktivist collective targeted The Financial Times, making a nuisance of itself by taking over several of the company’s Twitter accounts, as well as changing the titles of posts on The Financial Times‘ blog posts to “Hacked by the Syrian Electronic Army.” While the actions themselves are annoying, one message in particular crossed the line when it sent readers to a video of an execution.

SEA

The Syrian Electronic Army has attacked a variety of media companies, including CBS, The Guardian, E! Online, and even The Onion. Often times, the hackers take control of the company’s Twitter account(s) and use it/them to post messages, some of them coming across as nonsense, others as fake news (such as Justin Bieber coming out of the closet), and sometimes things of a more serious nature, such as the link to a video execution on YouTube posted on one of the Financial Times’ Twitter accounts.

The Financial Times confirmed the hacks to The New York Times in an email, according to the latter company. While the company didn’t specify how the hackers gained access to their system, there’s a good chance it was accomplished the same way its other breaches have been achieved, which was detailed by The Onion earlier this month.

According to a blog post published on May 10, The Onion’s attack was the result of a rather conventional phishing scheme that involved sending links to a few of the company’s employees. The links purported to be of an interesting story, but instead took the recipient to a page requesting Google Apps login information. When someone falls for the ruse, their email is then used to try to message other workers for additional login information.

When someone in possession of the company’s social media accounts takes the bait, the hackers can then log into the account, change the password, and begin wrecking havoc. A similar attack was performed on The Associated Press, with one of the hackers revealing that 50 of the company’s employees had revealed their login information. Such attacks reaffirm that companies should train their employees on how to recognize phishing attempts, as well as taking measures to reduce the amount of damage that can result if someone does provide their credentials.

SOURCE: The New York Times


Syrian Electronic Army cyberattacks The Financial Times is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

No Comments | Tags: , , , , , , , ,
May 16

LulzSec hackers sentenced in London court

Posted in: Today's Chili

In April, LulzSec members Ryan Ackroyd, Jake Davis, and Mustafa al-Bassam plead guilty to various charges in London for their roles in cyberattacks against Sony, the NHS, News International, and more. Today the three of them – plus Ryan Cleary – were sentenced in the same court, with all but one getting prison sentences. This follows other members who have already been sentenced, including Cody Kretsinger, who was known as Recursion.

Lulzy

Last month, 20-year-old Jake Davis, 26-year-old Ryan Ackroyd, and 18-year-old Mustafa al-Bassam plead guilty to charges of cyberattacking the NHS, News International, and Sony. On top of those, Ackroyd in particular also plead guilty to plotting attacks on other websites in addition to a computer hacking charge. Al-Bassam and Davis, in addition to the aforementioned, plead guilty to conspiring to attack various law enforcement agencies in both the US and UK.

While those three plead guilty last month, 21-year-old Ryan Cleary, who was also sentenced today, had already plead guilty in his own legal spat, which consisted of six various related charges. The guilty pleas were entered about two years after the attacks for which they were sentenced took place. Out of the four, Ackroyd had been the only to initially maintain his innocence.

Now that the sentencing is complete, we see that Cleary was given a 32-month prison sentence, Ackroyd a 30-month sentence, and Davis a 24-month sentence. Al-Bassam was the only one to side-step a prison sentence, instead receiving a 20-month suspended sentence because – though now an adult – he was only 16-years-old when he committed the cyberattacks, making him a minor. Instead, he will perform 300 hours of community service.

Crown Prosecution Service lawyer Andrew Hadik said: “The harm they caused was foreseeable, extensive and intended. Indeed, they boasted of how clever they were with a complete disregard for the impact their actions had on real people’s lives. This case should serve as a warning to other cybercriminals that they are not invincible.”

SOURCE: BBC News


LulzSec hackers sentenced in London court is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

No Comments | Tags: , , , , , , ,
May 16

Google Glass installed with Ubuntu in warranty-voiding demonstration

Posted in: Today's Chili

It has been a busy couple days, and we’ve seen a lot so far at Google‘s I/O event, including quite a bit of Glass news. Earlier today, the Internet giant held a Voiding your Warranty session detailing the process of putting Ubuntu on Glass, showing the process with a screencast from the device beneath the Terminal. The process isn’t terribly involved, but does take a few steps for those willing to risk messing something up and rendering Glass effectively bricked.

Ubuntu Glass

It’s not likely anyone would want to run Ubuntu on Glass as a full-time deal, but seeing it done and knowing it is possible is certainly intriguing. The process involves using Launcher, Notepad, and Settings via adb, along with some apps like Complete Linux Installer and Android Terminal Emulator. Likewise, a Bluetooth keyboard and trackpad will need to be paired to the device. Taking it a step further, the bootloader can be unlocked after this and the device flashed with a different image, providing root access.

If such a prospect is making you excited and you’re not a current Explorer edition owner, don’t get your hopes too high. The folks over at Geek report that, during the session, employees suggested the version set to hit shelves in the coming months won’t make the process this easy, and that the ease with which current owners can achieve such things is to foster as much development progress as possible.

Other Glass information that has surfaced at the event includes word from Sergey Brin that Glass will receive a software update in the future that brings stabilization to the wearable’s camera, helping combat the shakiness/unsteadiness issue that results from a head-mounted camera. No details about how that will be accomplished were provided, but we’re guessing it’ll involve the device’s various sensors and gyroscopes to offer digital stabilization.

Earlier today it was announced that Glass will be getting more apps, including ones for Facebook, Twitter, and Evernote. The design aspects of the device were also covered today via a talk by Glass’s lead industrial designer Isabelle Olsson, who showed off one of the original prototypes in all its bulky, heavy strangeness.

SOURCE: Engadget


Google Glass installed with Ubuntu in warranty-voiding demonstration is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

No Comments | Tags: , , , , , , ,
May 16

Google Glass rooted and hacked to run Ubuntu live at Google I/O

Posted in: Today's Chili

Google Glass rooted and hacked to run Ubuntu live at Google IO

Today at Google I/O the company held a session entitled “Voiding your Warranty” where employees demonstrated how to root and install Ubuntu on Google Glass.

Gallery: Glass hacking at Google I/O 2013

Developing…

Filed under: , ,

Comments

No Comments | Tags: , , , , , , , , , , , , ,
May 15

Security expert details how he nabbed millions of dollars from a bank

Posted in: Today's Chili

Bank heists – they’re the subject of movies, books, and, in some cases, real-world news. While not every mission goes as planned, many have managed to gain ill-gotten wealth from lax security systems, prompting banks to step up their game and stay on top of ever-changing technologies. The best ways to find out you have a security vulnerability is to have someone exploit it, which is what one bank hired a security expert to do. Having successfully accomplished his mission, Nisha Bhalla has detailed how he managed to “steal” $14 million.

Hack

Bhalla is the CEO of security company Security Compass, which specializes in breaking into the security sytems of organizations and companies, exposing any vulnerabilities and issues that compromise data – or, in this case, allow someone to run off with millions of dollars. A bank located in the United States – name not provided – hired Bhalla’s company to test its system.

As we noted, the system wasn’t secure, and as a result Bhalla set himself up a checking account and funded it with $14 million that didn’t exist – money generated on the fly, so to speak. He then went over to the ATM machine and grabbed a receipt, which you can see an image of above, confirming that he was now – temporarily, at least – a multi-millionaire. Needless to say, such a massive infiltration “shocked” the bank, and it closed down his account before sprucing up its network security.

Not stopping there, he spoke to the folks over at CNN, detailing how the process of acquiring the funds went, and, in doing so, demonstrated how other stores, banks, and organizations could potentially suffer at the hands of the technically-inclined unscrupulous. The first step, as you likely guessed, was gaining access to the bank’s network, which Bhalla says it is simple to do by latching on to its wireless network – something many banks provide for its customers to use as a courtesy.

From there, it was only a matter of using freely available sniffer software to map the bank’s computer network, followed by flooding the network’s switches to gather data. He found log-in information for a teller’s computer, which didn’t use encryption when sending data to the bank’s main database. As such, Bhalla had free reign, and used it to create a bank account with $14 million in funds, something that would likely go undetected until well after he transferred the funds overseas and left the country.

Such a revelation comes only days after eight individuals were charged with swiping $45 million from ATM machines.

SOURCE: CNN Money


Security expert details how he nabbed millions of dollars from a bank is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

No Comments | Tags: , , , , , ,
May 10

The Onion pegs Syrian Electronic Army hacks on phishing schemes

Posted in: Today's Chili

Over the last several weeks the Syrian Electronic Army has made a nuisance of itself (again), serving as a sort of annoying prankster who is repeatedly ordered to go stand in the corner. The organization is reportedly responsible for quite a number of hacks, with The Onion having been one of its unlucky victims. The humor website pinpointed the source of its infiltration and has revealed precisely how it happened, adding in a few pieces of advice for other media outlets to help combat the attacks.

SEA

Last month, the Syrian Electronic Army claimed credit for a few different compromised accounts. On April 21, the organization said it was responsible for the hacking of several CBS Twitter accounts, and a week later it went after The Guardian’s Twitter accounts, sending out tweets in its own favor. It didn’t take long for another compromised account to surface, this time being E! Online’s Twitter account, where the hackers spread false information about singer Justin Bieber before proclaiming in another tweet that fans had been trolled.

Its latest target was The Onion, which was digitally infiltrated this past Monday by the SEA, something that was originally suspected to be a joke given the nature of the company. That notion was laid to rest on Wednesday when The Onion posted a series of screenshots and URLs detailing precisely how the organization compromised its Twitter account, revealing that the hack – as with previous ones – had been accomplished via a few different phishing methods.

The attack was initiated via emails sent to The Onion employees containing a link that, with a quick glance, appeared to be from The Washington Post on content about The Onion. When clicked, however, the link took the recipient to the URL “hackwordpresssite.com/theonion.php,” which then redirected again to one requesting Google App login information, after which point it took the victim full circle back to Gmail. Only a few employees received the emails, and at least one was fooled by it, resulting in the second phase of the attack.

Using the employee’s compromised email, the SEA sent messages to other The Onion employees early in the morning containing another link that again requested Google login information. Of those targeted, one of the individuals who fell for it had the login information for The Onion’s social media accounts, including Twitter.

The Onion notified employees of the breech and sent emails instructing workers to reset their passwords, unaware that one of their accounts was still compromised. Via that account, the SEA sent an email to all but those involved in the IT department with a link said to be a password-reset URL. A couple people fell for the second link, with both of their accounts then being used by the hackers to take control of The Onion’s Twitter account. Because of this, the company required all Google Apps passwords to be reset company wide, but not before posting a humorous jab at the SEA.

In summary, The Onion advises other media companies to avoid such attacks by taking such steps as employee education on phishing, isolating social media account logins, feeding tweets through a third-party application, and having access to all employees outside of corporate email accounts.

SOURCE: The Onion


The Onion pegs Syrian Electronic Army hacks on phishing schemes is written by Brittany Hillen & originally posted on SlashGear.
© 2005 – 2012, SlashGear. All right reserved.

No Comments | Tags: , , , , , , ,