Microsoft will acquire the maker of the popular game Minecraft for $2.5 billion. The technology company said it will buy Stockholm-based game maker Mojang. Minecraft, which lets users build in and explore a virtual world, has been downloaded 100 million times on PC alone since its launch in 2009. It is the most popular online game on Xbox, and the top paid app for Apple’s iOS and Google’s Android operating system in the U.S. The deal is expected to close in late 2014. Microsoft expects the acquisition to be break-even in fiscal 2015. Microsoft is primarily known for business software like Word and Outlook. But this acquisition will help Microsoft expand its gaming division which also includes game franchises such as the Halo shooter game andForza racing game. CBC’s technology expert Jesse Wente says Microsoft isn’t buying a game so much as Minecraft’s network of users… Source: ~CBC
With Google expected to finally release the next iteration of its Nexus smartphone line, rumors continue to surface about the specs and design of the device. With so many leaked specifications, it can be hard to keep up and determine what is and is not realistic. Here’s some help: It was first rumored Google would be scrapping the Nexus line altogether in favor of a new project called “Project Silver.” It was then rumored that HTC would be making the next smartphone in the Nexus line, as well as a new tablet. However, latest rumors indicate Google’s own Motorola Mobility, soon to be acquired by Lenovo, will create the new Nexus smartphone. It seems as though HTC will still make the new Nexus tablet, called the Google Nexus 9… Source: TechTimes
Apple has unveiled two new iPhones and the Apple Watch at its launch event in California. The iPhone 6 and iPhone 6 Plus will be 50 per cent more energy-efficient than the previous iPhones, the technology giant says, and will be available on September 19. The two phones are the thinnest iPhones ever made. CityNews technology specialist Mike Yawney was at the event in Cupertino, Calif., where Apple has its headquarters… Source: CityNews
Burger King is in talks to buy Tim Hortons Inc. and form a new publicly listed company that would be based in Canada.
They said in a statement Sunday night that Canada would be the largest market of the combined company.
The statement said 3G Capital, the majority owner of Burger King, would continue to own the majority of the shares of the new company on a pro forma basis, with the remainder held by existing shareholders of Tim Hortons and Burger King.
The companies say Ontario-based Tim Hortons and Miami-based Burger King would operate as standalone brands… Source: CityNews
The year is 2001. Eighteen-year-old Rees Barnett impulsively walks into a tattoo parlour and picks the trendiest designs off the wall display: a tribal arm band and a shoulder tribal tattoo. But over the years, both those symbols quickly went from cool to cliché, leaving Barnett with tattoo regret. “Unfortunately, I can’t blame it on booze,” he said. “[It's] one of those bad decisions that you wake up and realize, oh crap, I’m stuck with these.”
Now, at age 32, the pension fund analyst is erasing this part of his past at Precision Laser Tattoo Removal in Toronto. A technician zaps his two tattoos with a laser while Barnett endures much more pain than when he got inked. “It almost feels like you’re getting electrocuted, pinched all at once and times that by 10.” There’s also the painful price tag. In total, he’ll spend an about $5,000 on multiple treatments over the course of about a year. The original tattoos cost him around $400.
It’s not hard to find electric supercars, but finding one that’s truly American is a challenge. Even Detroit Electric’s SP:01 borrows a British car body. Relief is in sight for patriotic EV buyers, however — Renovo has just unveiled the Coupe, billed as the first “all-electric American supercar.” It combines a Shelby CSX9000 chassis with eco-friendly guts, making it an odd blend of ’60s-era sports car looks with modern responsibility. That still makes it a pretty fearsome beast. Its twin electric motors put out the equivalents of 500HP and 1000lb/ft of torque, which is enough to catapult it to 60MPH in 3.4 seconds — that’s quicker than most exotic gas guzzlers, and substantially faster than American performance EVs like the SP:01 and Tesla Roadster (both of which take “just” 3.7 seconds). It’s quick to recharge, too, and can use a fast charger to top up in half an hour instead of the usual five.
There are some catches. The top speed is only listed as “over 120MPH,” so you probably won’t win any sustained drag races. There’s no mention of range, either, so you might not want to count on any lengthy adventures. And that’s if you can get a Coupe in the first place; the car doesn’t go into its limited production run in 2015, and word has it that the price may be a lofty $529,000. Even if that’s off, it makes Tesla’s highest-end Model S sound like the bargain of the century. Nonetheless, the Coupe may be the only game in town if you want the fastest possible green machine made on American soil.
Oscar winner and comedian Robin Williams died this morning at 63. While his publicist wouldn’t confirm that it was a suicide, they did issue this statement. “Robin Williams passed away this morning. He has been battling severe depression of late. This is a tragic and sudden loss. The family respectfully asks for their privacy as they grieve during this very difficult time.”
Williams, who won an Oscar for his supporting role in Good Will Hunting, will reprise his role as Theodore Roosevelt in the third installment of Night at the Museum this December. ~Source: IMDb
It’s been quite a few months since I have written a blog on here.
Any-who, on to the topic for this blog. I recently got an article from PC world, there has been a study conducted on residential routers issued by internet service providers dealing with security.
Here is how it works basically, there are numerous specially built servers, they are the managers of all the routers that are provided by the ISP. So basically, someone can gain access to those servers could possibly compromise millions of routers, typically routers on home networks.
The protocol TR-069 has been the primary protocol for this most often used to assist with remote troubleshooting the configurations of each router.
Referring to the statistics from 2011, there are 147 (probably a lot more then that 3 years later) routers with TR-069 enabled, approximately 70% are gateways. Analyses of the IPv4 address space indicates that TR-069 runs on port 7547, note that it is the second most encountered port next to HTTP (port 80)
The TR-069 enabled routers connect to the Auto Configuration Servers (ACS), which are operated by these ISP’s. The ACS is designed to configure the routers, also monitor for faults and malicious activity, perform diagnostics and update the firmware in the background.
There are many consumers that don’t even know that the ISP’s had this type of control with their routers. Many of the firmwares don’t display the TR-069 page on the configuration page in your web browser, nor is there an option to disable it.
Here is where how the weakness of TR-069 takes place. Say like if a person attacks an ACS, that certain attacker can obtain a lot of information such as:
- Wireless Network Names
- MAC Addresses
- VoIP Creditials
- Administrator Usernames and Passwords
Even worse, the attacker can reconfigure the router to be a rouge DNS server, this would allow him/her to construct a route internet tunnel; setup hidden wireless networks and/or remove the password from your network. This is to top the cake, the attacker can put a custom written firmware that contains malware and/or a backdoor.
There were some tests conducted by Shahar Tal and some of his colleagues, roughly 80% of the real world deployments aren’t even encrypted. TR-069 specs have highly recommended that HTTPS be implemented. There is still a concern about that however, there is equipment that accept self-signed certificates from a ACS. The reason behind this concern is clear right here, what would happen if one of the ACS’s got compromised? Simple, the attacker could and will impersonate a ACS.
The TR-069 protocol also has authentication from a device on the ACS, however that can be easily captured because that key is shared across all devices.
Tal and his colleagues continued their research, this time testing several ACS software that the ISP’s are using. They recently found a highly critical vulnerability. It is a remote code execution that would allow the attacker to hijack the management servers that are open on the internet. GenieACS had two of those vulnerabilities, and there is another software that was not named, Tal had permission from this ISP to conduct this test, they discovered that this one security hole could allow the take over 500,000 or more devices.
The problem here is that the consumers don’t have the option to shut off the TR-069 protocol unless they find a way to get root access to their routers, there was one suggestion, the consumer could hook up a 2nd router to the ISP router. However, that won’t negate all the risks.
TR-069 is designed to run on a wide are network connection. Tal recommended that the ISP’s should restrict access to these servers putting them on a separate network segments, he also recommended that the ACS software vendors should consider writing more secure coding practices and run security tests along side.
Tal and his colleagues stated that they have checkpointed the investigation on the server side and will be conducting tests on the device side.
The attacks have went up significantly within the past year. the attackers have been allocating different ways to access devices.
My tip would be to ditch your router that your ISP has issued you and get your own modem and router. That will make your network much more secure. I’m thinking about starting a petition telling the ACS developers and ISP’s to implement more security measures to keep our information more secure.
Thanks for reading!
Source: Click Here
When the apocalypse arrives (zombie or otherwise), you’ll need to be prepared for anything. Part of said preparedness should certainly involve transportation, and thanks to the folks at Motopeds, there’s a legit option. The Survival Bike: Black Ops Edition hits the trail with a compound crossbow, fuel storage, shovel, tomahawk, harpoon, blade saw, climbing gear, lights and a smattering of tools and knives. To keep you on the correct (read: covert) path, there’s a handlebar mount for that trusty smartphone or GPS unit needed to navigate. Unfortunately, there’s no word on pricing, but the company’s regular chassis kit includes everything you’ll need minus the 4-stroke engine for $1,999. ~Source: Engadget
Other Mopeds from Motoped… Friggin awesome if ya ask me! MORE PICS
Speak Freely – It’s Person to Person.
The BitTorrent Bleep Pre-Alpha will be available on Windows desktop to start. Easy to use, Bleep offers freedom to communicate over text and voice, person to person.
Hoping for early access to BitTorrent’s first serverless chat client? We have good news. Today, we will begin letting testers try out the Pre-Alpha. We are also unveiling its name: BitTorrent Bleep.
Why Bleep, you might ask? Well, basically, we never see your messages or metadata. As far as we’re concerned, anything you say is “bleep” to us.
And with the susceptibility of communications platforms to snooping and hacking, reminders of which seems to surface every week, we realized that we were uniquely qualified to build a better platform and application.
Our big idea was to apply distributed technology to conversations. That means no servers required. This enables people using Bleep to make a direct, decentralized connection to someone they trust. Bleep offers the freedom to communicate without the risk of metadata being exposed.
Consider Bleep your personal redaction pen controlled by you and only you. Anything you say is Bleep-ed out to us and everyone else for that matter.
This unique approach to communicating will be a great tool for:
Friends keeping conversations amongst friends
Journalists communicating with sources without exposing their identity or their content
Members of the diplomatic corps sharing private dispatches
Businesses keeping communications confidential, safe from leaks, and safe from industrial espionage…