“Adam sits down with Richard Garriott about money, games, cryptocurrency, the intersection between MMO developers and national governments, Valve’s publish-as-a-protocol.”
http://letstalkbitcoin.com/e86-virtual-worlds-real-money/
“A critical iOS vulnerability that Apple patched on Friday gives attackers an easy way to surreptitiously circumvent the most widely used technology for preventing eavesdropping on the Internet. That made the security bug about as dire as one can be. Now, there’s strong evidence that the same flaw also exposes sensitive e-mail and Web communications on fully patched versions of OS X, with no indication that there is a patch currently available for the millions of people who use the Mac operating system. Confirmed in iOS versions 6.1.5, 7.0.4, and 7.0.5, and OS X 10.9.0 and 10.9.1, it has silently exposed the sensitive communications of millions of people for weeks or months.”
“Researchers said they have identified a flaw in Apple’s iOS that makes it possible for attackers to surreptitiously log every touch a user makes, including characters typed into the keyboard, TouchID presses, and adjustments to the volume control. The vulnerability affects even non-jailbroken iPhones and iPads running iOS versions 7.0.4, 7.0.5, and 7.0.6, as well as those running on 6.1.x, researchers from security firm FireEye wrote in a blog post published Monday night. They said attackers could carry out the covert monitoring using an app that bypasses Apple’s stringent app review process. The app uses multitasking capabilities built into iOS to capture user inputs.”
“Security researchers managed to bypass the protections offered by Microsoft’s EMET (Enhanced Mitigation Experience Toolkit), a utility designed to detect and block software exploits, and concluded that the tool would not be effective against determined attackers. EMET can be used to apply 12 different security mitigations to other programs running on the computer. These mitigations are designed to block common techniques used in software exploits, like ROP (Return Oriented Programming). Researchers from Bromium investigated the protections offered by EMET and found that all of them can be bypassed if the attacker is determined enough.”
“A gang of cyber criminals using an army of infected computers made off with at least $220,000 worth of Bitcoins and other virtual currencies, security researchers said Monday. The researchers from the security firm Trustwave said the heist was accomplished by a botnet of computers using malware that has been dubbed ‘Pony’. The Pony botnet has infected an estimated 700,000 people or computers, allowing the criminals to control those accounts. The botnet stole 600,000 website login credentials, 100,000 email account credentials and other secure account information.”
http://phys.org/news/2014-02-cyber-thieves-blamed-bitcoin-heist.html
“There are 420,000 ATMs in the U.S., and on April 8, a deadline looms for nearly all of them that underscores how sluggishly the nation’s cash delivery system moves forward. That’s the day Microsoft cuts off tech support for Windows XP, meaning that ATMs running the software will no longer receive regular security patches and won’t be in compliance with industry standards. Microsoft’s 12-year-old Windows XP dominates the ATM market, powering more than 95 percent of the world’s machines and a similar percentage in the U.S. ATMs whose operators ignore the deadline will continue to function; they’ll just become more vulnerable to malware and other attacks.”
http://www.businessweek.com/articles/2014-01-16/atms-face-deadline-to-upgrade-from-windows-xp
“BrainControl takes things several steps further by being one of the first fully-functional 100% browser-based Bitcoin wallets that does not store any Bitcoins or private keys anywhere – thus making them near-on impossible to steal. It features a mobile first fully responsive layout and can even function from your desktop without a server. It has also been packaged as a FirefoxOS Application, a WordPress Theme, a Windows Desktop Application and a Mac OSX Desktop Application. It can be [embedded] into anything with a web-connection and browser that supports LocalStorage. Did I mention that everything is entirely OpenSource?”
http://betanomics.asia/blog/store-and-send-bitcoin-directly-from-your-brain-using-braincontrol
“Hidden within the open-source OS X bitcoin wallet app StealthBit, CoinThief.A monitors users’ web traffic to steal login credentials for software wallets and popular bitcoin sites, including BTC-e, Mt. Gox, and Blockchain.info. The StealthBit app had been available on GitHub both as source code and a precompiled download, but the page has now been removed. Suspicion arose when investigators discovered the precompiled version did not match the source (which more knowledgeable users could examine for themselves and needed to compile before using). The precompiled version contained the malware, whereas the open-source code did not.”
http://www.coindesk.com/cointhief-mac-malware-steals-bitcoins/
“As for why Linux is now mostly developed by well-paid engineers, the possible reasons are myriad. The most obvious and compelling reason is that these big companies have a commercial interest in the continued good health of Linux. 10 years ago, Linux was the plaything of hobbyists and supercomputer makers — today, it powers everything from smartphones (Android) to wireless routers to set-top boxes. The continuing commercial interest in Linux is highlighted by another statistic from The Linux Foundation report: In mid-2011, only 191 companies were involved in the Linux kernel; by the end of 2013, that number was up to 243.”
“Budovsky said his problems began in 2011, when the FBI asked him for the source code of the software that powered the online currency transfer business. Budovsky suggested that U.S. authorities wanted to use it to undermine his business, the Associated Press reported. ‘I refused. It’s like asking Coca-Cola for their secret formula,’ he told the court through an interpreter. Budovsky said that the confiscation of Liberty Reserve’s servers allowed the United States to access financial information on some 800,000 users and 44 million transactions. He also suggested that his decision to renounce his U.S. citizenship may have labeled him a ‘traitor’ and played a role in his arrest.”