Tutorial: Facebook 2-factor authentication, step-by-step; Before Heartbleed: Worst vulnerabilities ever? SANS warns end users against Heartbleed patch panic; Install any Windows desktop gadget in Windows 8.x with 8GadgetPack; How to clean the crap off your PC; Sony warns users its Vaio Fit 11A may burst into flames; 44 percent of Twitter users have never tweeted; Meet Ballistic, a full first-person shooter that runs right in your browser; Free KeePass Password Safe; Free World of Warplanes; How to tell if your Android device is vulnerable to Heartbleed.
Before Heartbleed: Worst vulnerabilities ever? – There have been some pretty bad vulnerabilities before Heartbleed. Is it really any more severe than CodeRed or Blaster? In this gallery we have collected 15 of the most severe vulnerabilities in tech history. All the vulnerabilities are in software. One purely hardware vulnerability suggested to us — the thermal exhaust port on the Death Star — was deemed out of scope, even though it was a relatively critical bug.
SANS warns end users against Heartbleed patch panic – While Heartbleed client-side attacks are possible, the SANS Institute warns that home users rushing to patch are more at risk of falling for scams — but change passwords regardless.
Private keys may be inaccessible to Heartbleed – Research by CloudFlare indicates that Heartbleed can be used to obtain contents of server memory, but not private keys.
Heartbleed bug: What you need to know (FAQ) – CNET has compiled a list of Frequently Asked Questions to help users learn more about the bug and protect themselves. The Heartbleed situation is ongoing, and we’ll update this FAQ as new issues arise. Check back for new information.
How to tell if your Android device is vulnerable to Heartbleed – Believe it or not, some Android devices are susceptible to the Heartbleed bug. Here’s what you need to know.
Beat it, bloatware: How to clean the crap off your PC – Boot up a new PC for the first time, and you should be able to watch it fly. Instead, it may sputter and struggle to get off the ground, thanks all the preinstalled junk that vendors habitually dump onto new PCs. Bloatware—also known as crapware—is more than annoying, because it actively consumes your computer’s resources. It’s worth your time to clean it off a new PC so you can use it to its full potential. Here’s how to do that with minimal headaches.
Windows 8.1 Update might change your mind about Windows 8 – With the second major revision to Windows 8, somewhat confusingly named Windows 8.1 Update, Microsoft seems to have finally remembered that there are PC users out there who still work with a monitor, keyboard, and mouse. With Windows 8.1 Update, you now get a computing environment that feels flexible enough to work on 8-inch tablets as well as 27-inch desktops.
Install any Windows desktop gadget in Windows 8.x with 8GadgetPack – Greg Shultz takes a look at 8GadgetPack, a free tool that reinstalls the original desktop gadget program files in Windows 8.x. Find out how to use 8GadgetPack to install any Windows desktop gadget.
Sony warns users its Vaio Fit 11A may burst into flames – If you own or have access to a Sony Vaio Fit 11A then you need to stop using it immediately, and stop anyone else using it, too. Sony has shipped over 25,000 units of the Fit 11A to some 52 countries, but it is now warning owners that the hybrid laptop is in danger of catching fire. The reason, as usual, is the battery.
44 percent of Twitter users have never tweeted, says report – As reported by the Wall Street Journal, Twitter analytics company Twopcharts says that, according to its data, 44 percent of Twitter accounts have never tweeted. No “Trying out this Twitter thing.” No “Just setting up my tweetz.” Not even “Hi.” The Journal places Twitter’s userbase at 974 million accounts, so if you do the math, that’s roughly 429 million accounts that have been silent.
Google gives strong signal a Chrome tablet is indeed on the way – Even though there are those of us who don’t believe a Chrome tablet is a viable product, speculation that we’ll soon see one announced has recently surfaced. This is due to a press invite to an Acer event that leads one to believe a tablet may be announced. This week, Google quietly updated Chrome OS, and one of things added in the update sure implies it is getting ready for a tablet. One look at the release notes and it jumps out.
Facebook Reveals Which Countries Censor Citizens’ News Feeds – This is the first time the social network has disclosed how often it allows governments to remove or restrict content for legal reasons. While India leads the pack, it was followed by Turkey, which restricted 2,014 pieces of content primarily because it defamed or criticized Ataturk or the Turkish state, which is illegal. Germany was allowed to censor 84 pieces of content because local laws prohibit Holocaust denial. That law also exists in France (80 restrictions) and Austria (78 restrictions). A map chronicling how much was banned and why can be seen here. Facebook didn’t include information it would have removed anyway because it violated its community standards.
Firefox OS 2.0 starts emerging from its cocoon – Mozilla’s modernized mobile OS is catching up to Apple and Google rivals with improvements necessary to carry Firefox OS beyond its bare-bones roots. Copy-paste and find-my-phone tools patch significant shortcomings.
Report: Google Beta Testing Android App for Chrome Remote Desktop – Get excited, Chrome fans: Google is still beta testing an Android app for its popular (to us, at least) Chrome Remote Desktop feature, and word is that the app’s launch is going to hit sooner than later. For those who haven’t had the chance to partake in Chrome Remote Desktop, the name is pretty self-explanatory. Install the extension into your browser for the world’s easiest Virtual Network Computing (VNC) setup.
Translate foreign menus – Nothing bums out my travel gluttony more than a menu I can’t decipher. Fortunately, whether you have an iPhone or Android phone, there are some useful apps out there that can help you translate a menu in seconds. None are perfect, but having a couple on hand could keep you from eating the wrong part of a bull.
Intel unveils Education 2-in-1 convertible laptop – As with many other hybrid notebooks, the Education 2-in-1 allows students to detach the display from the keyboard in order to use it as a standalone tablet. You can also flip the screen around to have it face the front to show content off to the rest of the classroom. It includes a stylus to ease input for kids still making their way around a keyboard, and also comes with educational accessories like a snap-on magnifying lens and a temperature sensor probe.
In Heartbleed’s wake, Comodo cranks out fresh SSL certificates – One of New Jersey-based Comodo’s main business lines is issuing the digital certificates that encrypt traffic between users and a Web service, a critical shield that protects users from spying by third parties. Over the last day or so, Comodo has seen a huge uptick in requests for new digital certificates from website operators, said Robin Alden, Comodo’s chief technology officer.
U.S. charges nine with distributing Zeus malware – Two defendants face arraignment in federal court Friday, charged with distributing the malware that helped siphon millions of dollars from U.S. accounts. How the NSA shot itself in the foot by denying prior knowledge of Heartbleed – In admitting it didn’t know about a massive security flaw in one of the Web’s most used encryption libraries, the NSA inadvertently revealed a massive institutional failure.
Tutorial: Facebook 2-factor authentication, step-by-step – Setting up Facebook authentication can be a bit of a pain, but this step-by-step, screenshot-by-screenshot article by our own David Gewirtz should make it easy.
Dropbox CEO defends Rice despite ‘Drop Dropbox’ privacy backlash – CEO Drew Houston cites Rice’s international experience, as users fume over the appointment of a known wiretapping advocate to the Board of the cloud storage company.
Amazon will pay workers up to $5000 to quit – Not getting much actual fulfillment out of your job in the Amazon fulfillment center? It’s not all bad. The company might just pay you $5,000 to quit your job. Why would Amazon want to do this? Well, it turns out that Amazon has a rather serious problem with employee turnover. In fact, Amazon has the second worst turnover rate of any of the Fortune 500 companies.
Samsung set to “kapture” the media’s attention on April 29 – Samsung has just given word that it plans to hold a media event in Singapore near the end of the month. And if previous rumors are to be given credence, the “Kapture the Moment” slogan in the teaser could very well be referring to the company’s next photography-centric smartphone, the Galaxy S5 Zoo
Microsoft’s board sued by shareholder, not happy with IE fine by EU – Microsoft’s massive 2013 fine from the European Union is the center of a new lawsuit against the company’s board of directors. Reuters states that the lawsuit was filed on Friday by a shareholder of Microsoft, Kim Barovic, who claims that the board and company executives mismanaged the situation that led to the fine, which involved Microsoft breaking its 2009 agreement with the EU over its Internet Explorer web browser.
Games and Entertainment:
Telltale’s ‘Walking Dead’ game ready for Android users’ braaains – The popular episodic adventure finally makes its way to Android, and you can play the first episode for free.
Meet Ballistic, a full first-person shooter that runs right in your browser – Web games sure have evolved since I was a kid. Even five years ago, trapped at a receptionist job, the best I could do was a really high-level Flash game to whittle the hours away. Crush the Castle. Worms clones. This is what I considered a web game. And then I took a look at Ballistic. Here, why don’t you take a look at Ballistic.
Trailer: Firaxis Announces ‘Sid Meier’s Civilization: Beyond Earth’ – If you’re one of the many gamers who has spent countless hours building empires, crushing barbarians, and getting annoyed at the enemy AI’s horrible diplomacy in Sid Meier’s turn-based Civilization strategy games, then it’s time to get a little excited: You’re going to be pulling a Richard Branson soon. Which is to say, you’re going to be heading off to space for “just one more turn.”
Off Topic (Sort of):
The road to the 60TB hard drive – Within the next six years, hard disk drives will go from 6TB of storage to 60TB. Here are the technological advancements that will make that possible.
Brace yourself, here comes the mobile appsplosion – Companies are engaged in a kind of arms race with competitors to see how many apps they can get everyone to use. But this aggressive push for more apps is going to end up giving users app fatigue.
Origami DNA robots intelligently control drug delivery in living animals – The lines between biology and engineering are blurring further every day. Mechanical implants can carry signals across gaps in severed nerves, while microorganisms push steadily into manufacturing and materials synthesis. Still, in a new study published this week, the use of the phrase “nano-robot” is a bit overzealous. What we have here is an exquisitely accurate way of targeting drugs within a living body, and a new model for control of injected material — but robots?
How to mitigate tracking risks: wrap your phone in tinfoil, quit Google – in new book, Julia Angwin wants to live a modern life while frustrating the NSA. When author Julia Angwin has to post a photo of herself online, she now prefers to use a stencil image of her face in order to avoid detection by facial recognition software. Welcome to her paranoid world of trying to frustrate increasingly sophisticated snoops.
Something to think about:
“In the province of the mind, what one believes to be true either is true or becomes true.”
– John Lilly
Today’s Free Downloads:
KeePass Password Safe – KeePass is a free/open-source password manager or safe which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key-disk. So you only have to remember one single master password or insert the key-disk to unlock the whole database. The databases are encrypted using the best and most secure
World of Warplanes – The main game mode in World of Warplanes organizes battles between two teams of 15 players who meet in air battle over a variety of locations. Victory can be achieved by destroying all the opposing planes or earning advantage points by eliminating the enemy’s ground targets. At the same time, both approaches to victory — teamwork and a player’s individual contribution — are important, because any pilot has the power to turn the tables in World of Warplanes. The period represented in the game is one of the most captivating and challenging in the history of aircraft engineering. One may start a piloting career with biplanes of the 1930s, move on to legendary WWII warplanes, and end up with jet fighters of the Korean War, predecessors of modern aircrafts.
In Pursuit of Freedom – The Pushback Continues:
NSA denies it knew about Heartbleed flaw – The U.S. National Security Agency, which has a cybersecurity mission in addition to surveillance, has disputed a report that it knew about the Heartbleed security vulnerability for at least two years before other researchers disclosed the flaw this month. The NSA used Heartbleed to gather intelligence, according to a report from Bloomberg, quoting two anonymous sources. Heartbleed is a flaw in OpenSSL that could allow attackers to monitor all information passed between a user and a Web service. But an NSA spokeswoman called the report incorrect. “NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private-sector cybersecurity report,” she said by email. “Reports that say otherwise are wrong.” At the same time that the NSA was accused of using Heartbleed to conduct surveillance, another agency was trumpeting its efforts to share information about the bug.
Obama reportedly lets NSA keep some security flaws secret – While President Obama has decided that the National Security Agency should reveal most major flaws it discovers in Internet security, a loophole exists that could allow the agency to exploit flaws for surveillance purposes, The New York Times reported Saturday. After a three-month review of recommendations made by a presidential task force on how to reform the agency, Obama decided that some flaws could kept secret in the event of “a clear national security or law enforcement need,” senior administration officials told the newspaper. While the president’s decision has never been publicly detailed, the exception came to light Friday when the White House denied a report that it knew of the Heartbleed bug for at least two years, keeping it secret to gather intelligence. The bug, which was introduced into OpenSSL more than two years ago by a developer, allows sensitive data to be scraped from affected servers. In its denial Friday, the Office of the Director of National Intelligence said it learned of the vulnerability’s existence when it was made public in a cybersecurity report last week. The office also said the president’s review of the task force’s recommendations had led to “reinvigorated” process for deciding when to publicly disclose vulnerabilities. “Unless there is a clear national security or law enforcement need, this process is biased toward responsibly disclosing such vulnerabilities,” the office said in a statement.
Sweden won’t enforce data retention law against ISP that deleted metadata – The Swedish authorities won’t take action against an ISP that erased all retained communications metadata, even though there is still a law in place compelling providers to retain such data, the Swedish Post and Telecom Authority (PTS) said Friday. Swedish ISP Bahnhof decided earlier this week to delete retained records and stop collecting data about its customers’ communications in the wake of a ruling from the Court of Justice of the European Union (CJEU). On Tuesday, the court invalidated the EU’s Data Retention Directive that requires telecommunications and Internet providers to retain their customer’s location and traffic data for investigatory purposes. It found that the directive seriously interferes with fundamental privacy rights. Sweden, like other EU member states, has transposed the directive into national law. As a result of the CJEU ruling, Bahnhof and other ISPs can stop collecting data and delete records without consequence because PTS stopped enforcing the law, a PTS spokesman said.
Turkey’s prime minister says he’ll pursue Twitter for ‘tax evasion’ – “Twitter, YouTube, and Facebook are international companies established for profit and making money. Twitter is at the same time a tax evader. We will go after it,” Prime Minister Recep Tayyip Erdogan said, according to a report by news agency AFP. “These companies, like every international company, will abide by my country’s constitution, laws, and tax rules.” Twitter was banned by Erdogan’s government last month in a runup to elections, but the ban was later lifted after Turkey’s supreme court ruled that it interfered with free speech and individual rights. The court also ordered that a YouTube ban be lifted (with 15 videos to remain inaccessible), but so far the government hasn’t stopped blocking that site.