Wednesday, 7 August 2013

Tor confirmed malicious code that grabbed user identification



The Malicious code was distributed over the web host Freedom Hosting; malicious code actually serves to identify Tor users. This was confirmed by the anonymous project. The malicious code is injected via vulnerability in Firefox. In an analysis of the Tor team has now confirmed that yesterday only came to the knowledge. The malicious code is used for identifying users of the Tor network and the information is sent to a company that works together with the secret. The malicious code targeting to grab used in the Tor Browser Bundle version of Firefox 17.0.6 on Windows. That is now known as the magnetosphere malicious code detected by analysis of the host name and MAC address of the attacked computer and transmits the collected information to the IP address 65.222.202.53, which is hard-coded into the malware. The command-and-control server belongs to the company Science Applications International Corporation, which is close to the FBI and the intelligence community. The IP address belongs to the Autonomous System (AS) the NSA. Mozilla was the weak point in Firefox ESR 17.0.7 and Firefox 22.0 which was later resolved on 25 June 2013. Updated versions of Firefox had been rolled out the next day in the Tor Browser Bundle 2.3.25-10 and 2.4.15-1-alpha, 30 June 2013 and 8 in 3.0alpha2 July 2013 entered into 2.4.15-alpha-1. The vulnerability in the browser is also available in versions for Mac OS X and Linux, but the malware grab apparently only Windows machine, then writes the Tor team in a statement.

It assumes that the attacker has a list of Tor users who use the hidden services of the web host Freedom Hosting. Freedom Hosting uses Tor Hidden Services among others for the provision of anonymous websites. There, among other Web sites with pedophile content provided. In addition, the web hosts connections to reputed Silkroad online drug market. The Tor team, meanwhile, advises users urged to update their Tor Browser Bundle. In addition, users should disable Javascript. In future releases, there will be an easy-to-use interface that allows the use of Javascript can be configured. Since the future also other may be vulnerabilities in Firefox, CSS or SVG are expected to users should also consider using a random MAC address. This is possible, for example, in virtual machines like VirtualBox or VMware. The Tor team also advises to use a firewall to prevent such compounds to command-and-control servers. As an alternative to Windows recommend the Tor makers the live distribution tails. The team also asks for help in the implementation of sandboxes and virtualized solutions for the Tor Browser Bundle.

Samsung Be The First Producing 3D Vertical NAND Flash With 1 Terabit



After more than ten years of research, Samsung managed to conventional flash memory with 3D structures to public. Even earlier the chips have only 16 GB of capacity, but that should change soon. Almost simultaneously with the crossbar of RRAM also flash leader Samsung has announced a breakthrough in the production of non-volatile semiconductor memories. The company continues to further increase capacity on three-dimensional structures, but they are configured differently than the Trigates from Intel. Said Samsung "3D NAND Vertical" or NAND V-method is based on the new etching method, can be constructed with up to 24 layers of the memory devices with conventional NAND flash. In this case, proprietary cell structures are used. That the cells are described but unlike most flash memory, Samsung has already mentioned. The company uses the method "Charge Trap Flash" already in some other chips is used since 2002. The cell is first filled with a load and is not directly, and then the controller would have to wait, but the information is previously stored in a charge trap.

Samsung expects this to double the write speed compared to NAND flash that works with the more widely used floating gates. But the main factor for the increase in storage density is the production of several layers. Previously scaled flash memory at this level was primarily through reductions of the structure width. Multiple layers were mainly problems with crosstalk between the lines to control and these will now have solved by Samsung. How many layers of the first fabricated chip in series with V-NAND is, and when it is available Samsung only knows. According to the company that he is already produced in large numbers with 20-nanometer technology, so it should still be available in 2013. Samsung will use the 128 Gigabit large chips, which corresponds to 16 GB, in all common areas of use of fast flash, including SSDs. In future versions it will be up to 1 Terabit can be accommodated on a single chip, which corresponds to 128 GB.

Firefox 23 is available now!



Firefox 23 is available for download. The new version of the browser brings a redesigned logo which is something safe and supports the setup menu. The three options "always load images", "remove JavaScript" and "Always show tab bar" have been removed. Since the first two values by default are active, it is no longer possible to turn off the automatic loading of images and JavaScript directly. The change is justified by the fact that websites - and to satisfy many users; therefore the browser would look broken without images and JavaScript. To disable JavaScript, however, enter into the URL bar of Firefox "about: config", search for "javascript.enabled" and set the value by double clicking on "false". The sharing of content is simplified with Firefox 23: Instead of having to search each website for a Share button, you do it immediately through the Firefox Share button. Facebook has helped in the development of the social API and is the first social network where you can share links via the new button. Since the API is freely available, the usage is expected to increase more in near future. A small change takes Firefox 23 in terms of safety. The loading of "mixed-content content" is automatically blocked and difficult to man-in-the-middle attacks in which an attacker can read your traffic to a Web service. Videos can be played on websites significantly better performance in Firefox 23: clips in H.264 format to be accelerated by the graphics card by default. This is done via the Firefox DirectX Video Acceleration 2 (DXVA2) - and thus only on Windows 7 and 8 Last changes Firefox 23 also own Logo: Three years after the introduction of the last icons icon appears simpler than ever on taskbar and desktop.

Sony unveils a 3D HMD for surgeons



Sony has been around for several years, video glasses on offer with which movies and games can be viewed in 3D. The same technique will now also Surgeons can use the endoscopy, but with a heavily modified device. The 3D glass from Sony, which is intended for endoscopy, is equipped with two 720p OLED displays, which are also used in the glasses HMZ-T2 from Sony. However, medical video glasses HMM-3000MT is somewhat different. The HMM-3000MT is balanced differently, according to Sony, so the doctor can work standing up and align the head forward and down. Anyone who wants can rotate the image shown in unfavorable camera position or use a picture-in-picture function to compare multiple photographs. In addition to the 3D representation of a classical two-dimensional representation is possible, depending on what type endoscope is used. According to the manufacturer, it is also conceivable that several doctors in the operating room using data glasses. To the image processing unit which is connected to the endoscope, two glasses can be connected. In addition, among other things SDI connections DVI are available. The glasses are currently approved for medical use only in Japan, Sony said. Whether the approval is also sought for other countries, is not yet known. The video glasses HMZ-T2 had already presented in May 2012 Sony. Unlike, for example, the VR goggles Oculus Rift it does not fill the entire field of vision of the wearer.

What To Look For When Choosing a Data Center Colocation

Has maintaining your company server become a full-time job, taking you away from your other responsibilities? These days, more and more businesses are looking into data center colocation to handle their server needs. These centers offer equipment space and bandwidth for rent, and will provide the server maintenance for you. This can be particularly helpful if yours is an Internet-related business because it allows you and your IT staff to focus on actual work instead if constantly providing support. But remember: not all data centers are created equal. You need to thoroughly research the center you’re considering to make sure that they can adequately meet your server needs. Here are some things to add to your data center build checklist:
  • Power: Can they guarantee an adequate power supply? This is vital to avoiding failures and downtime with your server. These days, between 8kW-10kW is required to power the average server rack. That doesn’t include power needed for the climate control and security systems. Ask for specifications on how much power the center supports, and about the performance capability of its uninterrupted power supply (UPS) should the primary power fail.
  • Security: One of the more important considerations of data center colocation is how the center is equipped to handle emergencies. Are they located in an area that would easily be comprised in the event of a natural disaster, such as a flood or earthquake? Just as important are how their premises are designed to handle such an event, and what their protocols are.
  • Climate Control: Learn about how their cooling system works. Does it have adequate power to keep the servers at an optimum temperature? The rule of thumb generally is that for every 100 watts a serves expends, 50 watts is required to cool it. Find out if the center has an adequate water supply for the cooling system, and how their sprinkler system works in the event of a fire.
  • Load: When looking into data center colocation, many are only concerned with the center’s critical load capacity. While that is important, another load aspect that’s just as vital is how often the center will load test its generators. Failing to test at least on a quarterly basis could mean that the center will remain unaware of any generator issues until an actual failure.
  • SLA compliance: While all centers will guarantee optimum output at all times, no center is immune from at the very least minor level issues. Find out the details of their service level agreement (SLA) and ask to see at least their last 5 SLA compliance reports. That will help give an accurate gauge on what their response times are and what level of transparency they offer to customers when outages occur.
  • Support: Do they offer quick response for support issues? Your server can have problems at any time of the day or night, so to meet your data center colocation needs, whoever you go with needs to be equipped to handle any of those issues in a timely manner.
Choosing the right firm to handle your colocation data center is vital to your server running optimally, and, by extension, to your business’ operational effectiveness. Asking the right question when looking for your next data center will help ensure that your needs are met.
Nick specializes in the building and leasing of data centers world wide. He often blogs about this and other computer and tehcnology related topics in his spare time.