|Broadcast Date||April 18 2014|
Darren Kitchen is on the show today to talk about the latest frightening Heartbleed attack on VPN, and just how scared we all should appropriately be. Also a listener suggests using our hearts as passwords, thus making heartbleed possible IRL. Plus Len Peralta illustrates the show!
- The Next Web reports Facebook has made the first major update to its “Paper” app, the alternative way to access Facebook posts on a mobile device. Paper now has notifications for birthdays and events, the ability to add photos in comments, unread counts to groups, as well as nine new article covers for Bloomberg News, Mashable, FT, kottke, Fox News, Popular Science, The Hollywood Reporter, Vanity Fair, and Hacker News. Still no word on availability on Android or anywhere outside the U.S.
- Ars Technica reports security firm Mandiant says they found an attacker using the Heartbleed vulnerability to subvert a client’s VPN concentrator. Yeah you heard that, somebody used Heartbleed to bust into a VPN. The attacker used multiple attempts to gain active session tokens, meaning they could appear to be authenticated users, thus bypassing any authentication methods including multifactor. Once inside the attacker proceeded to attemtp to gain additional control over the network. In addition to patching systems as soon as possible, Manidant recommends companies implement network intrusion detection and historical reviews of logs. Attackers will send hundreds of attempts since Heartbleed only leaks 64KB of data at a time, and once in a VPN will appear alongside valid users from significantly different IP ranges and geographical locations.
- The Next Web reports that Samsung’s free ‘Milk Music’ service might soon include ads, and charge $3.99 a month for a premium ad-free version. The information appeared in an infographic about Milk published by Samsung. Milk Music launched in March and is only available to U.S.-based users.
- Android Headlines passes along that HTC’s head of imaging Symon Whiteburn told Vodafone DSLR-like optical zoom lens may begin to be common in smartphones within the next 18 months to 2 years.
- Geekwire reports Uber sent an email to its Seattle UberX drivers that a “Safe Rides Fee” of one dollar will be added to fares starting today. And yes, the fee will be paid by riders. The fee applies nationwide and will help pay the cost of background checks on drivers as well as insurance, education and safety monitoring. Uber will give drivers a dollar per trip until August 31st to ease the transition. However, in the cities where the company reduced the cut they take of fares to 5%, they’re raising it back up to 20% starting April 23.
- The Next Web reports Microsoft announced it has sold more than 5 million Xbox Ones compared to Sony’s 7 million. The PlayStation 4 is on sale in 72 countries and regions; the Xbox One in 13. Even with the console lagging behind, Microsoft’s Titanfall took the top spot in games sales last month according to the NPD group.
- Ars Technica reports DARPA is researching robotic pods that sit on the ocean floor and can release flying and floating drones to the surface to attack on command. In fact, DARPA has requested bids this week for the final two phases of its Upward Falling Payloads (UFP) program. Phase 2 will consist of the development of prototype systems testing and demonstrations at sea in 2015 and 2016. Phase three would test multiple distributed modules at full depth in spring 2017.
News From You
- Verge article about HTC hiring Samsung’s former Chief Marketing Officer, Paul Golden. Golden created and launched the Galxy brand and was in charge during the successful Samsung “Next Big Thing” ad campaigns. Golden is said to have been hired on a three-month contract at first, reporting directly to chairperson Cher Wang.
- Submitted by the_corley
- Amazon confirmed Fire TV will add unified voice search for Hulu Plus, Crackle, Vevo and Showtime apps sometime this summer
- Apple Insider story that Amazon confirmed Fire TV will add unified voice search for Hulu Plus, Crackle, Vevo and Showtime apps sometime this summer. Currently the voice search only displays options from Amazon. (the_corley submitted a similar link)
- Submitted by gullwingdmc
- Judge Claudia Wilken has ruled that Rockstar, the patent holding company of which Apple is majority shareholder, must conduct its suit against Google in California
- OS News article that Judge Claudia Wilken has ruled that Rockstar, the patent holding company of which Apple is majority shareholder, must conduct its suit against Google in California. Rockstart had filed the suit in the patent friendly Eastern District of Texas. Goolge had moved to have the suit in California because of Apple’s involvement and the fact that both companies are headquartered there. Judge Wilkens agreed.
- Submitted by metalfreak
- NASA has confirmed for the first time the existence of an Earth-sized planet that ALSO could hold liquid water
- CNET story that NASA has confirmed for the first time the existence of an Earth-sized planet that ALSO could hold liquid water. Kepler-186f was observed by NASA’s Kepler telescope circling in the habitable zone of the M-dwarf star Kepler-186. No, that does not make it an “M-Class planet” like in Star Trek.
- Submitted by rtwalz
- Heartbleed maliciously exploited to hack network with multifactor authentication
- Attackers Exploit the Heartbleed OpenSSL Vulnerability to Circumvent Multi-factor Authentication on VPNs
- Now there’s an easy way to flag sites vulnerable to Heartbleed
- It’s Time to Encrypt the Entire Internet?
- Netcraft Privacy Statement
- Heartbleed Bug Bit Before Patches Were Put in Place
- The Heartbleed Bug Is Mostly Fixed, but Not Entirely
Pick of the Day
| Preceded by:
"Love in the Time of Instagram"
|| Followed by:|
"Microsoft is Finnish-ed, Oy."