Posts Tagged ‘security’

Strange antiparticles pop out of RHIC’s quark-gluon plasma

// March 4th, 2010 // No Comments » // Tech News

So far, the LHC has been spending its time ramming protons together, leaving Brookhaven’s Relativistic Heavy Ion Collider (RHIC) the king of the hill when it comes to smashing larger atomic nuclei. When the nuclei of gold atoms collide within RHIC, their components dissolve into a high-energy state called a quark-gluon plasma (the LHC will eventually smash lead atoms to similar effect). A paper in today’s Science describes some of the more exotic items that briefly emerge from the wreckage: the antiparticle equivalent of Deuterium, with strange quarks replacing some of the more familiar ones. The paper itself is a mindbending trip through families of particles that are similar to our familiar protons and neutrons (termed nucleons), but have at least one of their quarks replaced by a heavier, strange version, resulting in what’s termed a hyperon (four of these, Λ, Σ, Ξ, and Ω, have been observed). In the brief periods that the quark-gluon plasma exists, particles and antiparticles are equally probable, leading to a large collection of heavy and light nuclei and anti-nuclei. It also leads to some fantastic sentences, like the following: “Hypernuclei bring a third dimension into play, based on the strangeness quantum number of the nucleus, thus allowing the territory of antinuclei with nonzero strangeness.” The paper focuses on the hypertritons, atomic nuclei that consist of a proton, a neutron, and a Λ hyperon. RHIC has now produced around 200 hypertritons/antihypertritons, which survive for a couple hundred picoseconds. That’s enough to determine that they are probably being formed in the same way a standard atomic nucleus is, by the condensation of their component nucleons and hyperons. In fact, they were formed in similar numbers to their less-strange equivalents, 3 He and its antiparticle equivalent. The authors take that as an indication that, at the energies produced by RHIC, strange quarks are present in equivalent numbers to their more mundane counterparts, meaning that further collisions will provide us some indication of their binding interactions, which may help shape the interior of neutron stars. So, they’re gearing up to go for another round of collisions that will produce an order of magnitude more of these (literally) strange nuclei. Science , 2009. DOI: 10.1126/science.1183980 Read the comments on this post

Spanish arrests mark the end of dangerous botnet

// March 3rd, 2010 // No Comments » // Tech News

A massive botnet of up to 12.7 million infected PCs has been dismantled after Spanish police, working in conjunction with a Canadian security firm, have arrested the botnet’s operators. The Mariposa botnet first emerged in December 2008, and was used to steal credit card and bank details from infected PCs. The malware driving it was spread through instant messaging, USB thumbdrives, and peer-to-peer networking. Defence Intelligence, the Canadian firm involved in the bust, started investigating the botnet in spring 2009. The company discovered that the botnet had command and control servers based in Spain, and so joined forces with Spanish firm Panda Security. With their input, the authorities knocked the botnet offline around Christmas. Luck was on the investigators’ side; the Internet services used by the hackers were willing to cooperate with the investigation, and most critically, one of the botnet’s operators then tried to regain control of the botnet directly from his own PC. This mistake allowed the investigators to identify him and track him down. The arrest of the operators of such a large botnet is unusual. Operators of smaller networks are easier to identity (smaller networks have less traffic to hide in), so arrests are relatively common. Operations such as Microsoft’s recent disabling of the Waledac network may take the botnet offline, but the operators typically remain free to try again. The nature of the Mariposa network made catching the perpetrators particularly important; while botnets like Waledac and Conficker are used predominantly for spamming (annoying and illegal, but relatively harmless as these things go), Mariposa’s harvesting of financial information made it much more dangerous. The hackers themselves—unnamed, per Spanish privacy rules—appeared to be quite ordinary, far from the genius hacker stereotype. They were Spanish citizens with no prior criminal convictions, aged 31, 30, and 25. They depended on their connections in the criminal underworld to get them the resources necessary to start and operate the botnet. Though the network had likely made them rich—investigators are still examining bank records to determine just how much money was made—this was not reflected in their lifestyles. If convicted, they face up to six years in prison for hacking. Further arrests related to Mariposa are also expected. Read the comments on this post

Microsoft open-sources clever U-Prove identity framework

// March 3rd, 2010 // No Comments » // Tech News

More and more personal, private information is being used and stored online than ever before, and at the same time, attacks on that information are increasing in frequency and sophistication. Phishing is a growth industry—it’s very profitable to trick people into handing over names, passwords, credit card numbers, and so on, so that their finances can be pillaged. Important activities like banking and filing tax returns are being performed, and these need strong proof of identity. On the other hand, there’s no reason why a storefront like, say, iTunes, needs to know your identity; it only needs to know that the money being handed over is yours to hand over.  Ultimately, we want to be able to securely make transactions without giving third parties the ability to masquerade as us; we want to be able to visit websites and make purchases without those sites being able to track us or combine different pieces of information to draw a more complete picture of us; we want to be able to be able to disclose some information about ourselves, but not everything. The U-Prove framework, released as a CTP today by Microsoft , aims to solve these problems. Read the comments on this post

The beta for Blur on the 360 starts March 8; we have keys

// March 3rd, 2010 // No Comments » // Tech News

The last time we tried to give away beta keys for a game the beta was pushed back, but hope springs eternal. Activision has given us 300 keys for the multiplayer beta of Blur on the Xbox 360, and we would like you to have them. How do you get one? Very simple. Just e-mail giveaways@arstechnica.com with the subject line “I liked them better than Oasis anyway.” Sure, it’s obscure, but being obvious is boring! We do have a few more instructions for you. When you receive your key, you need to enter it into this site , not into Xbox Live. When the beta begins, you’ll receive a code that you can put into your Xbox 360 to access the game. The beta begins March 8, and features the multiplayer portion of the game. See you online! Read the comments on this post

TiVo turns the DVR into a Flash-based app platform

// March 3rd, 2010 // No Comments » // Tech News

TiVo may have pioneered the home DVR market, but its leading position hasn’t helped it stave off competition from cable providers, who have offered bundled services that integrate with their broadcast offerings, and avoid the up-front investment in hardware. The company announced on Tuesday a revamped hardware and software combination that it hopes will help it regain some momentum. The new products feature greater integration with Internet content, increased interactivity, and better support for HDTVs, all run by an interface developed using Adobe Flash. The new hardware comes in 320GB and 1TB capacities, and features cable card and coax inputs, plus a standard array of video outputs, along with support for a nice range of resolutions: 480i, 480p, 720p, 1080i, and 1080p. Both of the new units include optical audio out, but the Premier XL, in addition to the larger drive, is THX certified, and comes with software that enables fine-grained adjustment of the home theater experience. Ethernet, USB 2.0, and eSATA connectors allow communication with a wide range of additional devices (a wireless N adaptor will be sold separately). Read the comments on this post

Apple loses one, gains one in employee shuffle

// March 2nd, 2010 // No Comments » // Tech News

Long-time Apple executive Pablo Calamera has left Apple in favor of a CTO gig elsewhere, while former Mozilla security chief Window Snyder started work at 1 Infinite Loop on Monday. Pablo will become the CTO at Thumbplay, a company specializing in ringtones and streaming music, while Snyder will work as a senior security product manager at Apple. According to the Thumbplay announcement, Calamera served as director of MobileMe service while at Apple. Despite the service’s less-than-stellar reputation during his time there. Thumplay saw fit to scoop up Calamera. The newly branded CTO spent time at Danger Inc. and WebTV Networks, among others, before joining Apple. As noted by PC World , the Snyder hire comes on the heels of her time managing security consultants at Microsoft and working on Windows XP and 2003 Server. What Snyder will do at Apple remains unclear, but the two variants of Safari (Windows and Mac) or the iPhone OS seem to be likely candidates for her expertise. Read the comments on this post

Pocket-sized downloads: Ars explores DSiWare and PSP Minis

// March 2nd, 2010 // No Comments » // Tech News

With the release of the PSP Go and the DSi , both Sony and Nintendo brought small, downloadable games to traditional gaming handhelds. It’s a concept that has been met with mixed success on the iPhone and other mobile platforms, spawning both a refreshing wave of creative new games and a glut of shovelware. But several months after the launch of the DSiWare shop and PSP Minis on the PlayStation Network, both services are still struggling to find their legs. Ars spoke with several developers to get their perspectives on the burgeoning marketplaces. Read the comments on this post

Microsoft rivals push to send browser ballot on world tour

// March 2nd, 2010 // No Comments » // Tech News

The lobbying group European Committee for Interoperable Systems (ECIS) today called on antitrust regulators worldwide to follow the European Commission and pressure Redmond into offering a browser ballot, similar to what the company began serving yesterday to European customers via Windows Update, everywhere. The ballot is offered to consumers on Windows XP, Windows Vista, and Windows 7. ECIS members include Adobe Systems, Corel, IBM, Nokia, Opera, Oracle, RealNetworks, Red Hat, and Sun Microsystems. It was Norwegian browser maker Opera that first filed a complaint with the European Union in December 2007 , accusing Microsoft of violating EU antitrust law by bundling IE with Windows. And the company isn’t satisfied yet. “Opera is a member of ECIS, which supported the complaint to the European Commission because it promoted the ECIS core values of competition, interoperability and consumer choice,” reads a statement in an ECIS press release today. “Microsoft agreed to change its business practices in the face of formal charges from the Commission. Consumers deserve the same unbiased browser choice on all the world’s more than 1 billion personal computers.” Of course, Opera doesn’t rule the ECIS alone, but given that the lobbying group is mainly composed of Microsoft rivals, we doubt any of them would object to Opera’s proposition. Meanwhile, Microsoft has dismissed the ECIS’ call to arms. “The issues in the Internet Explorer case have already been the subject of extensive legal action in several other countries around the world, including the United States, which have each developed their own legal solutions which are different than the browser choice screen pursued by the European Commission after years of litigation,” a Microsoft spokesperson told Ars. Microsoft is not obligated to take the ballot screen outside the boundaries of the EU, but the push from ECIS could spur other consumer groups, competition agencies, and antitrust regulators to band together against the software giant. It worked in Europe, but will it work in the rest of the world? Read the comments on this post

Coming to a P2P network near you: your medical records

// March 1st, 2010 // No Comments » // Tech News

A team of Canadian medical researchers have inadvertently provided a very clear picture of the current state of the security risks posed by P2P networks. The authors intended to determine whether P2P clients were exposing personal health information, but their approach—downloading all files from a set of common document formats—provided them a clear picture of just what’s being made available on Gnutella and eDonkey: personal identification, health, and medical information, and a healthy collection of trojans. The motivation for the work is pretty simple. With the increasing digitization of health records, individual users are more likely to exchange e-mails and files with their doctors, insurers, and other health care officials. An obvious consequence is that personal health information (PHI) will end up on the users’ hard drives, which creates a potential security hole. In the past, the research team has found that they could scrounge PHI from roughly 10 percent of the used hard drives available through second-hand computing vendors. Read the comments on this post

Coding error leads to uneven EU browser ballot distribution

// March 1st, 2010 // No Comments » // Tech News

The Windows Browser Ballot , the browser selection screen that is being offered to Windows users in Europe  starting this month, is already coming under fire. Slovakian IT news site DSL.sk decided to test the ballot and found that its distribution was very peculiar , with Internet Explorer appearing in the rightmost position almost 50 percent of the time when the ballot was viewed from within IE. Notable ODF proponent and IBM employee Rob Weir took a closer look at the ballot to determine why it was acting in this way. It turns out that the problem is more likely than not a bad programming decision rather than some deliberate ploy by Microsoft to pick a particular spot. Read the comments on this post

« Older Entries
Newer Entries »


eXTReMe Tracker