Open Source Software EDTC5325
Open Source Softward Screencast 3/
By: Chelsea Schauer
Continued here:
Open Source Software EDTC5325 - Video
Visual Cryptography – Video
Visual Cryptography
Hiding your images in style since 1994. Copyright Protection Scheme for Digital Images Using Visual Cryptography and Sampling Methods Ching-Sheng Hsu Young-C...
By: Matt Donato
Security lessons from RSA
Stay safe online with these recommendations from IT and Crypto professionals at RSA, the premier security conference.
The RSA Conference, the flagship meetup for cryptography, information security, and IT experts from around the world, just wrapped on Feb. 28. I attended panels, talked to professionals about security, and learned a couple of new lessons about personal protection in the age of big data.
There were a lot of lessons from RSA, most of them concerning IT Professionals. Some were about enterprise-level security, and a few were on the relationship of government and big data. But what can the average consumer cull from these discussions? Read on, and take control of your online security and digital privacy.
Hackers are no more evil than the average netizens, nor are they loners. Hackers have their own social communities around their illicit activities. Whether they're trying to make money off stolen data (cyber-criminal), taking a stance (hacktivist), or just keeping tabs (surveillance), hackers have turned hacking into a business, and data is their sole interest. Most hackers work together to pull off sophisticated attacks, mostly on organizations, companies, government sites, or other hacking groups.
If your info is out there for the taking, then be ready to call your credit card company at a moment's notice. But present them with a little difficulty, and they might just go after another, softer target. It is a numbers game after all. So create tougher passwords (Longer is always better!), get a two-step authentication system, edit out personal info from your Facebook/Google+ pages, and don't tweet things that can be used to phish data.
Keep your passwords safe with these apps:
Unlike proprietary software, open-source software has the benefit of letting users customize their own security privileges and allows anyone to look into the source code and report any vulnerabilities or flaws.
Always try to get the latest updates for any programs you may have, even the ones you don't often use (even Flash). Patches are designed to cover security flaws and remove abuse potential. Introduce a little open-source software to your life, and find open alternatives to your favorite programs. A good way to start is by checking out these trusted open-source apps.
Additional open-source apps:
Remove apps that you no longer use but never bothered to delete. Uninstallers like Revo or IObit can make cleanup easier. Do you really need 20 Chrome Extensions or ten different MP3 converters?
Original post:
Security lessons from RSA
Massive Linux security flaw dwarfs Apple’s cryptography problems of just last week
A newly discovered bug in the popular GnuTLS library has the potential to dwarf Apples SSL encryption problems of just last week, thanks to a similar error with error checks and notifications. Thats quite a feat, considering that the Apple Goto Fail bug impacted millions of devices running both iOS and OS X, but the bug in GnuTLS looks like it will be far bigger. Over 200 applications have been identified that depend on GnuTLS and the actual list is likely much, much higher.
According to Ars Technica, the problem here is similar in type to the issue that tripped up Apple. In both cases, incorrect code short-circuited the functions that are supposed to verify whether or not a proper SSL certification has actually been presented. Red Hat found the error during a security audit and describes it thus: It was discovered that GnuTLS did not correctly handle certain errors that could occur during the verification of an X.509 certificate, causing it to incorrectly report a successful verification. An attacker could use this flaw to create a specially crafted certificate that could be accepted by GnuTLS as valid for a site chosen by the attacker.
The good news is, patches are already in place for this problem. The bad news is, its going to take a long time to tease out exactly which products are affected. Because GnuTLS is open source, its not as if the organization has a checklist it can pull to contact every vendor that uses its software. Furthermore, the flaw may go all the way back to the initial code the organizations website states that anyone who uses certificate authentication in any version of GnuTLS is affected by the vulnerability.
The list of impacted software is enormous. Cryptographic code signing is thought to protect against exploits in most Linux distros, but Ciscos VPN software apparently relies on GnuTLS, to name just one company. Web hosts or online services that rely on GnuTLS will have to update their own software to guard users against man-in-the-middle attacks. Inevitably, there are going to be applications that arent ever updated, which will leave consumers vulnerable.
The fact that similar code errors have been found in critical software that secures a great deal of back-end infrastructure as well as personal devices hopefully means that more companies are examining the guts of their security code more thoroughly. The NSA revelations of the past 12 months have been light on technical details, but the NSA clearly has sophisticated access to certain systems thanks to security flaws and hidden capabilities. Hopefully patching issues like this removes a few arrows from the governments quiver though if the NSA was, in fact, aware of either bug, it would mean the government deliberately left consumers and businesses exposed to potential malware to suit its own purposes. That wouldnt surprise many people in todays climate, but it would be a far cry from the 1970s when the NSA deliberately improved the DES standard to better guard against a then-unknown attack vector it felt might emerge in the future.
View original post here:
Massive Linux security flaw dwarfs Apple’s cryptography problems of just last week
Julian Assange – NNDB
Julian Assange
AKA Julian Paul Assange
Born: 3-Jul-1971 [1] Birthplace: Townsville, Australia
Gender: Male Religion: Atheist [2] Race or Ethnicity: White Sexual orientation: Straight Occupation: Hacker, Journalist
Nationality: Australia Executive summary: Founder of Wikileaks
Computer programmer and secretive hacker Julian Assange is the public spokesman for Wikileaks, an online publisher of classified documents, founded in December 2006. The site's funding is shadowy, its staff unpaid; it claims to be propagated on twenty separate servers worldwide, making it difficult to muzzle. According to Assange, the site's key collaborators know each other only by initials which might or might not represent their true names.
In its first few years, the site's major scoops included an operations manual from the US prison at Guantanamo, emails hacked from Sarah Palin's Yahoo account, interoffice communications from climate researchers at the University of East Anglia, secret Scientology texts. Their biggest media splash came in April 2010 with the release of Collateral Murder, a first-person video of American soldiers killing Reuters journalists from a gunship over Baghdad. It was followed over the next few months by several large leaks, coordinated with major newspapers, of American military reports from Iraq and Afghanistan, and a slow leak of 250,000 classified American embassy cables.
Wikileaks is believed to have received more than a quarter of a million classified embassy cables from a 22-year-old soldier, Bradley Manning, who was casually outed after confiding in ex-hacker Adrian Lamo in May 2010 and is now facing charges in a military prison. In 2010, Wikileaks published a secret American intelligence document assessing the perceived risk the site presents to US national security. Assange has said that the site's occasional technical difficulties are a consequence of on-line attacks launched by US operatives.
Beginning in 2010, Assange battled extradition to Sweden, where he faces charges of rape and sexual assault, charges he claims are "without basis". On 30 May 2012, he lost an appeal before the Supreme Court of the United Kingdom, leaving his extradition a near certainty. A few weeks later, on 19 June 2012, Assange sought asylum in the Ecuadorian embassy in London, where he has remained for more than a year.
[2] Per OkCupid profile.
See the original post here:
Julian Assange - NNDB
Behold Arscoin, our own custom cryptocurrency!
Aurich Lawson
Recently, I became the first person in the history of Ars Technica to have a goldrather than blackuser name.
How did I get this blinged-out honor? I bought it for the low, low price of 500 Arscoinsthe latest digital cryptocurrency to hit the Internet. Arscoin is one of around 100 or so "altcoins," or alternative bitcoins, derived from the same source code as the original cryptocurrency.
Everything you need to know to mine Arscoins with your CPU or GPU.
But other altcoin creators are true believers in anarcho-capitalism, or they simply find Bitcoin and its derivatives new and interesting. And not all altcoins are quite as ridiculous as they may seem; even Dogecoin, which was jokingly based on an image meme, has an on-paper market capitalization of more than $60 million.
As the new year began, I found myself writing about several new (and often ridiculous) altcoins:Coinye,Norris Coin, and yes,Koindashian. It got me thinking: if anyone can just up and create a new altcoin, how hard can it be? Arscoin is our attempt to find out. Here's how we created our own digital currency, how you can do it too, and what it all means.
The Arscoin project is for those who want to experiment with digital currenciesand buy some fun hats and colored usernames along the way. In other words, it is foreducational use only; we have centralized the system in order to prevent it from developing into a real-money economy.
Jesuscoin and Snoochyboochy
While the creator of Bitcoin remains a mystery, the currency's digital underpinnings are not; its famously open source. One of its first major competitors, Litecoin, used the Bitcoin source code in late 2011, changing a few key parameters before releasing its own source code. That, in turn, has spawned more recent clones like BBQCoin, Dogecoin, and Namecoin. According to Coinmarketcap.com, 75 mineable altcoins currently exist, with market capitalizations ranging from $38,000 (FedoraCoin) to $10.3 billion (Bitcoin). Even other journalists have started their own altcoins (see Joe Weisenthal's Stalwartbucks).
Go here to read the rest:
Behold Arscoin, our own custom cryptocurrency!
Digging for cryptocurrency: The newbie’s guide to mining altcoins
Play your cards right, and you could be swimming in Arscoins.
Disney
A few weeks ago, whenour own "Arscoin" cryptocurrencywas first minted, it looked like Senior Reviews Editor Lee Hutchinson would control the majority of the coins. He started mining early, and he has a crowd of Linux servers sitting in his closet that can outrun the all-in-one desktops and power-sipping Ultrabooks most of us have on hand.
Send coins to a friend or buy a silly hat for the Ars Technica forums.
When our little experiment began, I knew enough about Bitcoin and Litecoin mining to know that there are more efficient ways to rack up coins than using the default miner, but I had never actually mined either of those currencies myself. Coingen.io, which we used to produce the Arscoin code, provides no explicit documentation and little post-creation support for newly minted cryptocurrencies, so it was up to me to feel my way forward. I couldn't out-muscle Lee's closet full of computers, but I've worked with him for long enough to know that I could outsmart him. (See me after class, Mr. Cunningham. -Ed.)
My research led me down a rabbit hole that ran through several wikis and dozens of half-helpful forum posts, but when I finally climbed back out, I knew enough to overpower Lee's computer closet using only a 2012 iMac. To save you from having to follow my dusty path, we'll walk you through the best ways to mine out Arscoinsand other altcoinswith your existing hardware.
A couple of notes before we begin.In these directions, we'll try not to assume any knowledge about mining on your part, but the most straightforward mining utilities use the Windows, OS X, and Linux command lines. We'll cover graphical utilities where appropriate, but you Linux users in particular should make sure you know your way around a Terminal window, especially if you intend to GPU mine. We will also require you to download some files from external siteswe haven't encountered any problems with any of the tools we're about to recommend, but we assume no responsibility for anything you do to your hardware or software while mining Arscoins or any other cryptocurrency.
Second, while you'll be able to mine plenty of Arscoins with your CPU and GPU (thereby securing yourself somesweet fake hats for the comment section), folks who are serious about actual Bitcoin mining have long since moved to dedicated mining devices like the Butterfly Labs ASIC box we tested out last summer. ASIC-based mining devices are much, much faster than CPUs or GPUs, and they use less power to boot. As of this writing, ASICs that can run the scrypt algorithm used to encrypt Litecoin, Arscoin, and other altcoins aren't in widespread circulation, but it's only a matter of time.
Finally, the Arscoin project is for those who want to experiment with digital currenciesand buy some fun hats and colored usernames along the way. In other words, it is for educational use only; we have centralized the system in order to prevent it from developing into a real-money economy.
Your wallet page will track your most recent payments, including deposits from the pool.
Read more here:
Digging for cryptocurrency: The newbie’s guide to mining altcoins
Flashback: WikiLeaks Cables Show Ukraine Worried About Russian Incursion in 2006
While were all flashing back to the olden days when various officials warned of Russias potential push into Ukraines Crimea peninsula, heres an interesting tidbit via the International Business Times: Diplomatic cables from 2006 and 2009, unearthed by WikiLeaks in 2011, show Ukrainian officials fretting over an emboldened Russia, asking for help to stem the potential for an invasion.
With Ukraine under intense pressure from Russia, any appearance of U.S. disengagement from the region will embolden Russia further, then-U.S. diplomat Alexander Vershbow wrote from the Ukrainian capital of Kiev.
At another point, Vershbow wrote that Ukrainian security official Raisa Bohatyrova told him that the Kremlin is directly interfering in its former territorys political affairs. Bohatryova said she believes Russian intelligence has devised plans for the dismemberment of Ukraine, the U.S. diplomat explained.
Similarly, a 2006 cable from U.S. State Department official Sheila Gwaltney relays Ukrainian concerns that the overall degradation of Kyivs ability to assert central power and authority in the past two years has provided a conducive climate for destabilizing efforts, particularly in Crimea.
Russian troops moved into the Crimean peninsula last Friday, drawing international concerns and condemnation.
More from the WikiLeaks-obtained 2006 cable, via the IBTimes report:
Gwaltney reported that her Ukrainian counterparts said Russia was trying to slowly take control of the ethnically divided peninsula by increasing communal tensions. Russia, they said, is attempting to destabilize Crimea, weaken Ukraine, and prevent Ukraines movement west into institutions like NATO and the EU.
[S]everal Crimean journalists referred to as Ukraines soft underbelly, the U.S. official wrote at the time.
[h/t David Kashi/IBTimes] [Image via CBS]
>> Follow Andrew Kirell (@AndrewKirell) on Twitter
View original post here:
Flashback: WikiLeaks Cables Show Ukraine Worried About Russian Incursion in 2006
Putin Nominated for Nobel Peace Prize
The controversial Russian president is one of 278 nominees for the honor, a list that includes Pope Francis and whistleblowers Edward Snowden and Chelsea Manning.
Vladimir Putin
Vladimir Putin has been nominated for the Nobel Peace Prize. The Russian president, who has generated worldwide controversy in past months by signing antigay laws and seizing the Crimean peninsula from Ukraine, is one of 231 individuals and 47 organizations nominated for the 2014 prize, which in past years has been awarded to Nelson Mandela and Elie Wiesel for their contributions to humanity.
The Committee reports this year as having the highest number of candidates ever, according to NPR. It must narrow this pool of 278 nominees to about 12 candidates by April.
In addition to Putin, whistleblowers Edward Snowden and Chelsea Manning (the imprisoned trangender veteran) were among the nominees, as well as Pope Francis, whom The Advocate titled Person of the Year for his evolving views on gays and lesbians.
Geir Lundestad, the director of the Nobel Committee, told Reuters that recent events would be taken into consideration when selecting a winner, which is set to be announced on October 10, 2014. The prize will be officially conferred on December 10, the date of founder Alfred Nobels death.
"Part of the purpose of the committee's first meeting is to take into account recent events, and committee members try to anticipate what could be the potential developments in political hotspots," Lundestad said.
Anyone can be nominated for the Nobel Peace Prize, but only those approved by the Nobel Committee have the power to nominate, reports the Peace Research Institute Oslo, which monitors the Nobel Committee. Thousands, including members of national assemblies and government worldwide, are eligible to submit candidates for consideration.
According to the will of Alfred Nobel, the Peace Prize should be awarded to the person who shall have done the most or the best work for fraternity between nations, the abolition or reduction of standing armies and for the holding and promotion of peace congresses.
Read the original here:
Putin Nominated for Nobel Peace Prize
Nobel Shortlist: Putin, Snowden, Manning
politics Nobel Shortlist: Putin, Snowden, Manning Posted by George Prentice on Wed, Mar 5, 2014 at 9:04 AM
Forget the Oscars. The real who's who is the list of 278 people and organizations nominated for the 2014 Nobel Peace Prizea record number of candidates.
The Nobel selection committee met for the first time March 4 to narrow their prospects. They have their work cut out for them before revealing the winner of the $1.24 million award on Oct. 10 in Oslo, Norway.
Each year, the Peace Research Institute Oslo creates its own shortlist for the prize. Among 2014's prospects are Russian President Vladimir Putin, master leaker Edward Snowden, Pope Francis, Chelsea Manning (the former Bradley Manning who leaked U.S. military documents), Uruguay President Jose Mujica, the International Space Station Partnership and 16-year-old Malala Yousafazi, the young Pakistani girl who survived a Taliban assassination attempt only to become a global advocate for education opportunities and human rights.
Last year, the Organization for the Prohibition of Chemical Weapons won the Nobel Peace Prize. This year, 47 organizations are nominated
Tags: Nobel Peace Prize, Image
View original post here:
Nobel Shortlist: Putin, Snowden, Manning