Chaos Computer Club Claims It Can Reproduce Fingerprints From People's Photos Slashdotby timothy on security at January 1, 1970, 1:00 am (cached at December 28, 2014, 11:33 pm)

An anonymous reader writes Chaos Computer Club, Europe's largest association of hackers, claims it can reproduce your fingerprints from a couple of photos that show your fingers. At the 31st annual Chaos Computer Club convention in Hamburg, Germany, Jan Krissler, also known by his alias "Starbug," explained how he copied the thumbprint of German Defense Minister Ursula von der Leyen. Because these fingerprints can be used for biometric authentication, Starbug believes that after his talk, "politicians will presumably wear gloves when talking in public." Even better than gummi bears.

Read more of this story at Slashdot.








Chaos Computer Club Claims It Can Reproduce Fingerprints From People's Photos Slashdotby timothy on security at January 1, 1970, 1:00 am (cached at December 28, 2014, 11:33 pm)

An anonymous reader writes Chaos Computer Club, Europe's largest association of hackers, claims it can reproduce your fingerprints from a couple of photos that show your fingers. At the 31st annual Chaos Computer Club convention in Hamburg, Germany, Jan Krissler, also known by his alias "Starbug," explained how he copied the thumbprint of German Defense Minister Ursula von der Leyen. Because these fingerprints can be used for biometric authentication, Starbug believes that after his talk, "politicians will presumably wear gloves when talking in public." Even better than gummi bears.

Read more of this story at Slashdot.








Hundreds stranded off Greece after ferry fire AL JAZEERA ENGLISH (AJE)(cached at December 28, 2014, 11:30 pm)

At least 190 rescued, but hundreds more await evacuation from Italian ferry that caught fire off Greek island of Corfu.
Bahrainsk oppositionsledare gripen SvD Utrikes(cached at December 28, 2014, 11:03 pm)

Ledaren för det shiitiska ledande oppositionspartiet al-Wefaq i Bahrain, schejk Ali Salman, har omhändertagits av myndigheter. Salman var en av flera framstående politiska ledare som ledde en demonstration i närheten av huvudstaden Manama i fredags. Demonstrationen hölls i protest mot förra månadens val, som oppositionen bojkottade.
Rwandiska rebeller ger sig i Kongo SvD Utrikes(cached at December 28, 2014, 11:03 pm)

En grupp på 155 rwandiska rebeller har överlämnat sig till myndigheter i östra Kongo-Kinshasa, efter hot om ingripande från FN:s fredsstyrkor och kongolesisk militär. Rebellerna kom från hutumilisen Demokratiska styrkorna för Rwandas befrielse (FDLR), som misstänkts ha medlemmar som deltog i folkmordet i Rwanda 1994.
Snowden Documents Show How Well NSA Codebreakers Can Pry Slashdotby timothy on government at January 1, 1970, 1:00 am (cached at December 28, 2014, 11:03 pm)

Der Spiegel has published today an excellent summary of what some of Edward Snowden's revelations show about the difficulty (or, generally, ease) with which the NSA and collaborating intelligence services can track, decrypt, and correlate different means of online communication. An interesting slice: The NSA and its allies routinely intercept [HTTPS] connections -- by the millions. According to an NSA document, the agency intended to crack 10 million intercepted https connections a day by late 2012. The intelligence services are particularly interested in the moment when a user types his or her password. By the end of 2012, the system was supposed to be able to "detect the presence of at least 100 password based encryption applications" in each instance some 20,000 times a month. For its part, Britain's GCHQ collects information about encryption using the TLS and SSL protocols -- the protocols https connections are encrypted with -- in a database called "FLYING PIG." The British spies produce weekly "trends reports" to catalog which services use the most SSL connections and save details about those connections. Sites like Facebook, Twitter, Hotmail, Yahoo and Apple's iCloud service top the charts, and the number of catalogued SSL connections for one week is in the many billions -- for the top 40 sites alone. ... The NSA also has a program with which it claims it can sometimes decrypt the Secure Shell protocol (SSH). This is typically used by systems administrators to log into employees' computers remotely, largely for use in the infrastructure of businesses, core Internet routers and other similarly important systems. The NSA combines the data collected in this manner with other information to leverage access to important systems of interest.

Read more of this story at Slashdot.








Snowden Documents Show How Well NSA Codebreakers Can Pry Slashdotby timothy on government at January 1, 1970, 1:00 am (cached at December 28, 2014, 11:03 pm)

Der Spiegel has published today an excellent summary of what some of Edward Snowden's revelations show about the difficulty (or, generally, ease) with which the NSA and collaborating intelligence services can track, decrypt, and correlate different means of online communication. An interesting slice: The NSA and its allies routinely intercept [HTTPS] connections -- by the millions. According to an NSA document, the agency intended to crack 10 million intercepted https connections a day by late 2012. The intelligence services are particularly interested in the moment when a user types his or her password. By the end of 2012, the system was supposed to be able to "detect the presence of at least 100 password based encryption applications" in each instance some 20,000 times a month. For its part, Britain's GCHQ collects information about encryption using the TLS and SSL protocols -- the protocols https connections are encrypted with -- in a database called "FLYING PIG." The British spies produce weekly "trends reports" to catalog which services use the most SSL connections and save details about those connections. Sites like Facebook, Twitter, Hotmail, Yahoo and Apple's iCloud service top the charts, and the number of catalogued SSL connections for one week is in the many billions -- for the top 40 sites alone. ... The NSA also has a program with which it claims it can sometimes decrypt the Secure Shell protocol (SSH). This is typically used by systems administrators to log into employees' computers remotely, largely for use in the infrastructure of businesses, core Internet routers and other similarly important systems. The NSA combines the data collected in this manner with other information to leverage access to important systems of interest.

Read more of this story at Slashdot.








Math-Matrix-MaybeGSL-0.007 search.cpan.orgby Alberto Manuel Brandão Simões at January 1, 1970, 1:00 am (cached at December 28, 2014, 10:32 pm)

Uniform use of Math::MatrixReal and Math::GSL::Matrix.
Test-Simple-1.301001_096 search.cpan.orgby Chad Granum at January 1, 1970, 1:00 am (cached at December 28, 2014, 10:32 pm)

Basic utilities for writing tests.
List-Gather-0.11 search.cpan.orgby Karen Etheridge at January 1, 1970, 1:00 am (cached at December 28, 2014, 10:32 pm)

Construct lists procedurally without temporary variables
App-TemplateCMD-v0.5.5 search.cpan.orgby Ivan Wills at January 1, 1970, 1:00 am (cached at December 28, 2014, 10:32 pm)

Sets up an interface to passing Template Toolkit templates
Map-Tube-NizhnyNovgorod-0.01 search.cpan.orgby Michal Špaček at January 1, 1970, 1:00 am (cached at December 28, 2014, 10:32 pm)

Interface to the NizhnyNovgorod Metro Map.
Kraftig tågförsening efter lokfel SvD Inrikes(cached at December 28, 2014, 10:03 pm)

Ett tåg på väg från Göteborg till Stockholm med 550 passagerare ombord blev stillastående på rälsen strax norr om Alingsås på söndagskvällen. Orsaken var ett lokfel, skriver gp.se.
Kraftig tågförsening efter lokfel SvD Inrikes(cached at December 28, 2014, 10:03 pm)

Ett tåg på väg från Göteborg till Stockholm med 550 passagerare ombord blev stillastående på rälsen strax norr om Alingsås på söndagskvällen. Orsaken var ett lokfel, skriver gp.se.
Net-Async-UWSGI-0.003 search.cpan.orgby Tom Molesworth at January 1, 1970, 1:00 am (cached at December 28, 2014, 10:02 pm)

IO::Async support for dealing with UWSGI requests