Tag Archives: Software

States Ask Feds for Bigger Budgets to Fix Obamacare Exchanges

Posted on by

“Few states have embraced the ideas behind the Affordable Care Act (ACA) with more enthusiasm than Maryland and Massachusetts, which adopted many of them years before the passage of the federal law. But the two now find themselves trying to fix their malfunctioning health insurance exchanges and seeking federal approval to spend more money to do so.  When states first applied for what are called Establishment Grants to build their online marketplaces, they had to predict the costs. Going over those costs requires them to resubmit plans to spend money that would have either returned to the federal government or gone to future changes.”

http://www.governing.com/topics/health-human-services/gov-maryland-massachusetts-exchange-repair-plans.html

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Adobe Shockwave bundles Flash that’s 15 mo. behind on security fixes

Posted on by

“The advisory about the risk from Shockwave, which was published in late 2012 by security researcher Will Dormann for Carnegie Mellon University’s CERT, escaped public notice until Wednesday, when it was reported by KrebsOnSecurity. In the 15 months since the initial post, Adobe has made little progress. According to reporter Brian Krebs, the current version of Shockwave for both Windows and Mac systems lacks any of the Flash security fixes released since January 2013. That includes almost 20 different patches for security holes, some that fixed critical holes that real-world hackers exploited in the wild to commandeer end users’ computers.”

http://arstechnica.com/security/2014/05/adobe-shockwave-bundles-flash-thats-15-months-behind-on-security-fixes/

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Chilling Effect: Oracle Wins Appeal Against Google to Copyright Java APIs

Posted on by

“The federal appeals court that handles U.S. intellectual property cases ruled that APIs can be copyrighted, a finding that may have significant consequences for cloud computing, software interoperability and innovation in general.  The decision came as part of a ruling in Oracle’s favor in its appeal against Google over the use of Java APIs in Android. The U.S. Court of Appeals for the Federal Circuit today overturned an earlier ruling in the Oracle-Google fight over whether or not software application programming interfaces, or APIs, are subject to copyright.  Judge William Alsup ruled in Google’s favor in 2012, stating that APIs were purely functional.”

http://readwrite.com/2014/05/09/google-oracle-java-copyright-appeals-court

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Mozilla caves to pressure, will enable HTML5 DRM in Firefox

Posted on by

“The organization is partnering with Adobe to make the change. Mozilla will provide the hooks and APIs in Firefox to enable Web content to manipulate DRM-protected content, and Adobe will provide a closed source Content Decryption Module (CDM) to handle the decryption needs.  In a more technical post, Mozilla CTO Andreas Gal outlines some of the ways that the Firefox developers have tried to isolate the Adobe CDM to ensure that this closed source black box cannot breach user privacy or undermine system security. HTML5’s DRM system also includes a unique identifier that content providers can use to identify devices. Mozilla has taken pains to make this as minimally invasive as possible.”

http://arstechnica.com/information-technology/2014/05/driven-by-necessity-mozilla-to-enable-html5-drm-in-firefox/

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Skype communications prove “vital” to NSA surveillance

Posted on by

“‘PRISM has a new collection capability: Skype stored communications,’ a previously confidential NSA memo from 2013 declared. ‘Skype stored communications will contain unique data which is not collected via normal real-time surveillance collection.’ The data includes buddy lists, credit card information, call records, user account data, and ‘other material’ that is of value to the NSA’s special source operations.  Microsoft has remained vague about the extent of encryption protecting Skype communications. The memo suggests that those protections are limited, at least as far as buddy lists, credit card data, call records, and user account information are concerned.”

http://arstechnica.com/security/2014/05/encrypted-or-not-skype-communications-prove-vital-to-nsa-surveillance/

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

‘Dark Wallet’ wants to make Bitcoin even harder to trace

Posted on by

“Dark Wallet is a browser app for bitcoin payments that uses both encryption and CoinJoin technology.  CoinJoin essentially mixes multiple bitcoin transactions, selected at random, as one transfer of funds and conceals the original payers.  Dark Wallet offers anonymous transactions by default.  The political orientation of Dark Wallet’s backers unSystem attracted attention to the app when it was launched on the Indiegogo crowdfunding website, where it raised more than $52,000 last December.  ‘Bitcoin is the next battle ground in the fight against supranational political domination,’ wrote the backers, including Cody Wilson, known for creating the world’s first 3D-printed gun.”

http://www.pcworld.com/article/2150480/dark-wallet-promises-anonymity-for-bitcoin-transactions.html

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Heartbleed vulnerability exploited months before patch?

Posted on by

“Usernames and passwords on some systems may have been exposed for months or years by the vulnerability, which has been part of every OpenSSL release since March 2012. There are signs that exploits for the vulnerability were in use by someone for some time before the vulnerability was revealed.  Terrence Koeman of MediaMonks told Ars he found signs of attempts dating back to November 2013. He used the packet content of a successful exploit of the Heartbleed vulnerability to check inbound packets logged by his servers and found a number of incoming packets from a network suspected of harboring a number of ‘bot’ servers that were apparently scans for the vulnerability.”

http://arstechnica.com/security/2014/04/heartbleed-vulnerability-may-have-been-exploited-months-before-patch/

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Fandango, Credit Karma exposed millions of smartphone users’ data

Posted on by

“Developers of two popular smartphone apps—Fandango and Credit Karma—have been caught transmitting passwords, social security numbers, birth dates, and other highly sensitive user data over the Internet without properly encrypting it first, officials with the Federal Trade Commission said.  As a result, it was trivial for hackers to intercept the data when people used the apps on both Apple’s iOS and Google’s Android mobile operating systems, complaints filed by the FTC alleged. The complaints leveled charges of other shortcomings in the developers’ security, including the failure to properly test and audit the safety of apps before making them available for download.”

http://arstechnica.com/security/2014/03/how-fandango-and-credit-karma-exposed-millions-of-smartphone-users-data/

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Critical crypto bug exposes Yahoo Mail, other passwords

Posted on by

“Lest readers think ‘catastrophic’ is too exaggerated a description for the critical defect affecting an estimated two-thirds of the Internet’s Web servers, consider this: at the moment this article was being prepared, the so-called Heartbleed bug was exposing end-user passwords, the contents of confidential e-mails, and other sensitive data belonging to Yahoo Mail and almost certainly countless other services.  The two-year-old bug is the result of a mundane coding error in OpenSSL, the world’s most popular code library for implementing HTTPS encryption in websites, e-mail servers, and applications.”

http://arstechnica.com/security/2014/04/critical-crypto-bug-exposes-yahoo-mail-passwords-russian-roulette-style/

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet

Researchers Find NSA Planted Two Spy Tools through RSA

Posted on by

“Both tools were part of RSA’s BSafe software security package, and both are assumed to have provided back-door access to communications and software encrypted with BSafe tools.  The Reuters news agency reported Monday that a team of academic researchers from several universities, including Johns Hopkins, the University of Wisconsin and the University of Illinois, has discovered the NSA was involved with the second tool. It’s called an ‘Extended Random’ extension, and it can be used to crack the RSA’s Dual Elliptic Curve random number generator software — the other NSA developed tool that had been withdrawn — tens of thousands of times faster than other methods.”

http://www.toptechnews.com/news/2nd-NSA-Spy-Tool-in-RSA-BSafe/story.xhtml?story_id=13300C848Y22

Scan to Donate Bitcoin to Freedomwat.ch Staff
Did you like this?
Tip Freedomwat.ch Staff with Bitcoin
Donate via Installed Wallet