Nerval's Lobster writes "The remote-access management flaw that allowed TheMoon worm to thrive on Linksys routers is far from the only vulnerability in that particular brand of hardware, though it might be simpler to call all home-based wireless routers gaping holes of insecurity than to list all the flaws in those of just one vendor. An even longer list of Linksys (and Cisco and Netgear) routers were identified in January as having a backdoor built into the original versions of their firmware in 2005 and never taken out. Serious as those flaws are, they don't compare to the list of vulnerabilities resulting from an impossibly complex mesh of sophisticated network services that make nearly every router aimed at homes or small offices an easy target for attack, according to network-security penetration- and testing services. For example, wireless routers (especially home routers owned by technically challenged consumers) are riddled with security holes stemming from design goals that emphasize usability over security, which often puts consumers at risk from malware or attacks on devices they don't know how to monitor, but through which flow all their personal and financial information via links to online banking, entertainment, credit cards and even direct connections to their work networks, according to a condemnation of the Home Network Administration Protocol from Tenable Network Security. Meanwhile, a January 2013 study from Rapid7 found 40 million to 50 million network-enabled devices, including nearly all home routers, were vulnerable to exploits using UPnP. Is there any way to fix this target-rich environment?" If only there were an easily upgradeable open source router operating system to which vendors could add support for their hardware leaving long term maintenance to a larger community.
Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.
UnderAttack writes "A vulnerability in many Linksys routers, allowing for unauthenticated code execution, is being used to mass-exploit various Linksys routers right now. Infected routers will start scanning for vulnerable systems themselves, leading to a very fast spread of this 'worm.'"
the_newsbeagle writes "When surgeons set out to repair holes in the walls of the heart's chambers or in blood vessels, they often do invasive open-heart surgery and use sutures, staples, and glue to keep a patch in place. But the sutures and staples are a rough fix, and many of the glues on the market today don't work well on wet tissue that's continually flexed by the heart's contractions and the movement of pumping blood. Today biomaterial researchers announced a new light-activated glue that could make surgery less invasive, quicker, and easier. The adhesive was inspired by slugs' and sandcastle worms' sticky secretions, which work underwater, and it can be applied with slender tools during minimally invasive surgery. A flash of UV light then sets the glue, which bends and flexes with the tissue."
Rambo Tribble writes "An article in Current Biology (abstract) details the finding that minute particles of plastic waste are affecting marine worms, potentially having grave impacts on marine biodiversity (PDF) and leading to the accumulation of toxins in marine animals. 'The team found that the tiny bits of plastic, which measure 1mm or smaller, transferred pollutants and additive chemicals — such as flame-retardants — into the guts of lugworms (Arenicola marina). This process results in the chemical reaching the creatures' tissue, causing a range of biological effects such as thermal stress and the inability to consume as much sediment.' Unfortunately, policymakers have routinely treated such wastes as benign. The BBC provides more approachable coverage of the findings."
Hugh Pickens DOT Com writes "The Boston Globe reports that the pending use of GPS tracking devices, slated to be installed in Boston police cruisers, has many officers worried that commanders will monitor their every move. Boston police administrators say the system gives dispatchers the ability to see where officers are, rather than wait for a radio response and supervisors insist the system will improve their response to emergencies. Using GPS, they say, accelerates their response to a call for a shooting or an armed robbery. 'We'll be moving forward as quickly as possible,' says former police commissioner Edward F. Davis. 'There are an enormous amount of benefits. . . . This is clearly an important enhancement and should lead to further reductions in crime.' But some officers said they worry that under such a system they will have to explain their every move and possibly compromise their ability to court street sources. 'No one likes it. Who wants to be followed all over the place?' said one officer who spoke anonymously because department rules forbid police from speaking to the media without authorization. 'If I take my cruiser and I meet [reluctant witnesses] to talk, eventually they can follow me and say why were you in a back dark street for 45 minutes? It's going to open up a can of worms that can't be closed.' Meanwhile civil libertarians are relishing the rank and file's own backlash. 'The irony of police objecting to GPS technology for privacy reasons is hard to miss in the aftermath of United States v. Jones,' says Woodrow Hartzog. 'But the officers' concerns about privacy illustrate just how revealing GPS technology can be. Departments are going to have to confront the chilling effect this surveillance might have on police behavior.'"
wiredmikey writes "According to a recent survey of malware analysts at U.S. enterprises, 40% of the time a device used by a member the senior leadership team became infected with malware was due to executives visiting a pornographic website. The study, from ThreatTrack Security, also found that nearly six in 10 of the malware analysts have investigated or addressed a data breach that was never disclosed by their company. When asked to identify the most difficult aspects of defending their companies' networks from advanced malware, 67% said the complexity of malware is a chief factor; 67% said the volume of malware attacks; and 58% cited the ineffectiveness of anti-malware solutions."
First time accepted submitter calinduca writes "Artificial blood that could one day be used in humans without side effects has been created by scientists in Romania. The blood contains water and salts along with a protein known as hemerythrin which is extracted from sea worms. Researchers from Babe-Bolyai University in Cluj-Napoca, Romania, hope it could help end blood supply shortages and prevent infections through donations." Wikipedia's entry on hemerythrin explains its unusual oxygen binding mechanism.
sciencehabit writes "When you drop a whale backbone into Antarctic waters and retrieve it a year later, you'll find it covered with a pelt of wriggling, rosy-hued worms. Drop a chunk of wood in the same spot, and you'll discover that it's hardly changed. That's the result of a simple experiment to find out if some of the world's weirdest worms also live in Antarctic waters. The discovery extends the range of bone-eating worms to the Southern Ocean and suggests that Antarctic shipwrecks may be remarkably intact."
New submitter m.alessandrini writes "I've been using Debian for a long time, and I'm not a novice at all; I install system updates almost daily, I avoid risky behaviors on Internet, and like all Linux users I always felt safe. Yesterday my webcam suddenly turned on, and turned off after several minutes. I'm pretty sure it was nothing serious, but I started thinking about malware. At work I use noscript and other tools, but at home I have a more relaxed browser to be used by other family members, too. Here I'm not talking about rootkits or privilege escalation (I trust Debian), I think more of normal user compromise. For example, these days much malware come from malicious scripts in sites, even in advertising banners inside trusted sites, and this is more 'cross-platform' than normal viruses. So, what about non-root user malware? How much could this be real? And how can you diagnose it?"
An anonymous reader writes "German IT magazine Heise reports (original in German) that the Ministry of Education in Schwerin had a Conficker virus infection on 170 machines, that was dealt with by simply throwing them on the trash. Other German authorities have now decided that 'the approach taken is not up to the principle of efficiency and economy' and that the 187,300 Euro invested in this radical form of virus removal were inappropriate. The ministry had earlier estimated the cost of cleaning their desktops and servers by more conventional means to 130,000 Euro."
chicksdaddy writes "To paraphrase a quote attributed to F. Scott Fitzgerald: 'Rich countries aren't like everyone else. They have less malware.' That's the conclusion of a special Security Intelligence Report from Microsoft, anyway. The special supplement, released on Wednesday, investigated the links between rates of computer infections and a range of national characteristics including the relative wealth of a nation, observance of the rule of law and the rate of software piracy. The conclusion: cyber security (by Microsoft's definition: low rates of malware infection) correlated positively with many characteristics of wealthy nations – high Gross Income Per Capita, higher broadband penetration and investment in R&D and high rates of literacy. It correlated negatively with characteristics common in poorer nations – like demographic instability, political instability and lower levels of education.'"
Iranian state TV is claiming that the country has successfully sent a monkey into space and back, bringing Iran one step closer to its goal of a manned space flight. According to the report, the rocket named Pishgam, or Pioneer in Farsi, reached a height of 120km. From the article: "Iran has long said it seeks to send an astronaut into space as part of its ambitious aerospace program, including plans for a new space center announced last year. In 2010, Iran said it launched an Explorer rocket into space carrying a mouse, a turtle and worms."
Last week, you asked questions of Eugene Kaspersky; below, find his answers on a range of topics, from the relationship of malware makers to malware hunters, to Kasperky Labs' relationship to the Putin government, as well as whitelisting vs. signature-based detection, Internet ID schemes, and the SCADA-specific operating system Kaspersky is working on. Spoiler: There are a lot of interesting facts here, as well as some teases.
derekmead writes "Billions worldwide still don't have access to proper sanitation, and those that do still require a ton of water and electricity to keep waste flowing. A French company is offering one solution: Use turd-eating worms to compost waste right at the source. Ecosphere Technologies has developed an outhouse that, rather than relying on chemicals like a port-a-john, relies on about a pound of red wiggler worms. A new installation in Quebec uses imported worms, placed inside of a mixture of dung and straw underneath to toilet, to devour feces delivered to them by a conveyor belt system. (When someone uses the toilet, pee filters through sand to wash away, while a pedal allows the user to transport their poo to the worm space.) The whole system uses no water or electricity, and a series of passive vents allegedly keeps the toilet smelling great. The company claims it can be used 10,000 times without servicing, which is far better than what a port-a-potty can boast, although with a current price tag of $40k for the worm system, port-a-potties are still a lot cheaper."
New submitter The name is Dave. Ja debuts on the front page with the most dismal news of our time: "This is truly 'Stuff That Matters'. Where would civilization be today without bacon? I don't mean to be alarmist but ... sound the alarms! This is big — it could lead to civil unrest." Yes, a bacon shortage. Hopefully what bacon there is will be more delicious after being fed with gummi worms.
PolygamousRanchKid writes "As the worst drought in half a century has ravaged this year's U.S. corn crop and driven corn prices sky high, the market for alternative feed rations for beef and dairy cows has also skyrocketed. Brokers are gathering up discarded food products and putting them out for the highest bid to feed lot operators and dairy producers, who are scrambling to keep their animals fed. In the mix are cookies, gummy worms, marshmallows, fruit loops, orange peels, even dried cranberries. Cattlemen are feeding virtually anything they can get their hands on that will replace the starchy sugar content traditionally delivered to the animals through corn. Operators must be careful to follow detailed nutritional analyses for their animals to make sure they are getting a healthy mix of nutrients, animal nutritionists caution. But ruminant animals such as cattle can safely ingest a wide variety of feedstuffs that chickens and hogs can't. The candy and cookies are only a small part of a broad mix of alternative feed offerings for cattle. Many operators use distillers grains, a byproduct that comes from the manufacture of ethanol."
submeta writes "Researchers at MIT and the University of Pennsylvania have genetically engineered skeletal muscle cells to respond to light. The hope is that this 'bio-integrated' approach may lead to 'highly articulated, flexible robots.' The technique, known as optogenetics, has previously been used to stimulate neurons in worms to fire."
hypnosec tipped us to reports that Demonoid is still down after a suffering a massive DDoS last week, and that the domain is now redirecting to a malware-ridden spam site. Notable for surviving a CRIA mandated shutdown, this may be lights out for the torrent tracker: "To begin, while Demonoid’s admin told us that he would eventually bring the site back online, he clearly has other things on his mind. A really important family event puts a torrent site nowhere near the top of his priorities. ... Demonoid has been experiencing staffing issues this year. As we mentioned in an earlier article, there were rumors that one or maybe more Demonoid staffers had been questioned by authorities about their involvement in the site."
astroengine writes "A microscopic worm used in experiments on the space station not only seems to enjoy living in a microgravity environment, it also appears to get a lifespan boost. This intriguing discovery was made by University of Nottingham scientists who have flown experiments carrying thousands of tiny Caenorhabditis elegans (C. elegans) to low-Earth orbit over the years. It turns out that this little worm has genes that resemble human genes and of particular interest are the ones that govern muscle aging. Seven C. elegans genes usually associated with muscle aging were suppressed when the worms were exposed to a microgravity environment. Also, it appears spaceflight suppresses the accumulation of toxic proteins that normally gets stored inside aging muscle. Could this have implications for understanding how human physiology adapts to space?"