By Soulskill from
Slashdot's not-my-fault-i-promise department:
Hamsterdan notes that
Apple has posted an update to its investigation into the recently celebrity
photo leak, which was attributed to a breach of iCloud. Apple says the leak was not due to any flaw in iCloud or Find My iPhone, but rather the result of "a targeted attack on user names, passwords and security questions." Despite this, Wired reports that hackers on an anonymous web board have been openly discussing a piece of software designed for use by law enforcement. Whether it was involved in the celebrity attacks or not,
it's currently being used to impersonate a user's device in order to download iCloud backups.
"For Apple, the use of government forensic tools by criminal hackers raises questions about how cooperative it may be with Elcomsoft. The Russian company’s tool, as Zdziarski describes it, doesn't depend on any 'backdoor' agreement with Apple and instead required Elcomsoft to fully reverse engineer Apple’s protocol for communicating between iCloud and its iOS devices. But Zdziarski argues that Apple could still have done more to make that reverse engineering more difficult or impossible." Meanwhile, Nik Cubrilovic has waded into the data leak subculture that led to this incident and
provides insight into the tech and the thinking behind it.
Read Replies (0)
By timothy from
Slashdot's password-is-stevedore department:
Czech37 writes
SELinux lead Dan Walsh wrote last month that Docker "containers do not contain" and that the host system isn't completely protected. Today, Walsh details the steps that Docker, Red Hat, and the open source community are taking to make Docker more secure: "Basically, we want to put in as many security barriers to break out as possible. If a privileged process can break out of one containment tool, we want to block them with the next. With Docker, we are want to take advantage of as many security components of Linux as possible. If "Docker" isn't a familiar word,
the project's website is informative; the very short version is that it's a Linux-based "open platform for developers and sysadmins to build, ship, and run distributed applications";
Wikipedia has a good explanation, too.
Read Replies (0)
By Soulskill from
Slashdot's building-the-next-espn department:
Randy Davis sends analysis of Amazon's
acquisition of Twitch.tv, a move that indicates higher ambitions than simply another avenue for putting products in front of consumers. The Daily Herald think this is a sign
Amazon is bulking up for a fight with cable companies, strengthening is bargaining position for getting (and maintaining) access to subscribers. "There are very few places in the U.S. where these four giant carriers allow independent networks carrying traffic from the data centers run by Amazon (and future Twitch.tv successors) to put that data on the carriers' controlled networks."
A related article at the NY Times argues
Amazon is "betting on content," not wanting to fall behind the surge of new media productions from companies like Netflix. "There is a huge land grab for nontraditional models of programming. DreamWorks Animation bought AwesomenessTV, a popular YouTube channel, last year, and in March, Disney snatched up Maker Studios, a video supplier for YouTube, while Peter Chernin, formerly president of News Corporation, has invested in Crunchyroll, a streaming hub of anime. All of these deals are about content, but they are also a hedge, a way of exploring other production protocols that don’t involve prominent stars, agents and expensive producers." A different piece at The Motley Fool takes the acquisition as
confirmation Amazon is developing its own ad network.
Read Replies (0)
By Soulskill from
Slashdot's sleep-is-for-the-weak department:
An anonymous reader writes:
As id Software aims for a larger, more mainstream audience for its free-to-play shooter Quake Live (based on 1998's Quake III Arena) on Steam, big changes are afoot. A new update was pushed out last week which adds some new, more beginner-friendly features to the game. These include weapon loadouts, which grant players a weapon of their choice when they spawn, timer icons, which indicate when the all-important powerup items will spawn, and an automatic bunny-hop to gain extra speed. The changes have been met with hostility from longtime players who prefer the "purist" rules of old and the duel format. As the writer points out, however, if the update helps attract more elite players to the gamer, it could breathe new life into a very old game.Read Replies (0)