news.buyenne.com

A Google Chrome bug in the DRM that handles encrypted streaming video, such as Netflix streams, is allowing pirates to rip and download decrypted videos.

Originally reported by Wired, the bug came to light after security researchers David Livshits (Cyber Security Research Center at Ben-Gurion University in Israel) and Alexandra Mikityuk (Telekom Innovation Laboratories in Berlin, Germany) discovered the bug, which could have been present for more than five years.

The researchers have already informed Google of the bug, and have uploaded a proof of concept video online to YouTube, but have withheld key information until Google can come up with a fix.

The bug exists within Google's Widevine DRM module, and the bug is allowing copies of decrpyted videos to be made, instead of only making the video available for streaming.

Boing Boing's Cory Doctorow also points out an interesting side note, suggesting that by pointing out the security flaw, Germany's Mikityuk could in fact be breaking anti-circumvention laws in his country, possibly facing criminal and civil liability. Doctorow contends that this could be the reason why this and other similar bugs are often not reported, for fear of liabilities resulting from anti-circumvention laws around the world.

It's unknown if the exploit has been used in the wild by pirates to rip Netflix streams in the past.

Mike Huckabee's Republican presidential campaign is long over, but newly revealed records show that the former candidate had to make a $25,000 payment for a copyright mistake he made at a rally last year.

Kim Davis, Clerk of Courts in Rowan County, Kentucky, made headlines when she refused to give same-sex couples gay marriage licenses. She served five days in jail for resisting court orders. Huckabee turned her release into a campaign event, holding a rally on the steps of the Kentucky jail where Davis was held.

As Davis approached the dais, Huckabee's campaign blasted the tune "Eye of the Tiger," the 1982 hit by Survivor. That led Survivor frontman Frankie Sullivan to take to Facebook, where he wrote: "NO! We did not grant Kim Davis any rights to use 'My Tune -The Eye Of The Tiger. I would not grant her the rights to use Charmin! C'mom Mike, you are not The Donald but you can do better than that. See Ya really SoooooooonnnnnnN!!!!!!"

The evening before Volkswagen Group and the US Department of Justice (DOJ) are supposed to submit a settlement to San Francisco District Judge Charles Breyer, Bloomberg’s sources have leaked new details about that supposed settlement.

Last week, VW Group was rumored to offer a settlement of $10.2 billion, with $1,000- $7,000 per car affected by the diesel emissions scandal that’s rocked the company since September. Today, Bloomberg is reporting that that number has gone up to a total of about $15 billion, with affected diesel owners potentially getting up to $10,000 in compensation.

Bloomberg’s sources specify that VW Group will set aside $10.03 billion to pay back the owners of nearly 500,000 Volkswagen and Audi 2.0 L diesel engine vehicles in the United States. “Those figures could rise if VW misses certain deadlines,” the news outlet writes.

Researchers have encountered a denial-of-service botnet that's made up of more than 25,000 Internet-connected closed circuit TV devices.

The researchers with Security firm Sucuri came across the malicious network while defending a small brick-and-mortar jewelry shop against a distributed denial-of-service attack. The unnamed site was choking on an assault that delivered almost 35,000 HTTP requests per second, making it unreachable to legitimate users. When Sucuri used a network addressing and routing system known as Anycast to neutralize the attack, the assailants increased the number of HTTP requests to 50,000 per second.

The DDoS attack continued for days, causing the Sucuri researchers to become curious about the origins of the attack. They soon discovered the individual devices carrying out the attack were CCTV boxes that were connected to more than 25,500 different IP addresses. The IP addresses were located in no fewer than 105 countries around the world.

Microsoft has paid a California woman $10,000 over an unwanted Windows 10 upgrade, reports the Seattle Times.

Teri Goldstein's computer, used to run her travel agency business, was apparently upgraded to Windows 10 shortly after Microsoft made the free upgrade available to Windows 7 and 8.1 users last year. Goldstein said this update was so problematic that it left her computer crashing and unusable for days at a time. After Microsoft's tech support was unable to assist, Goldstein sued the software company, asking the court to award her compensation for lost wages and the cost of a new computer.

Goldstein won and was awarded a $10,000 judgement. Microsoft appealed this decision but then dropped this appeal. According to a Microsoft spokesperson, the company still denies any wrongdoing but dropped the appeal to avoid the expense of further litigation.

This article was originally published on Adam Leventhal's blog and is reprinted here with his permission.

I attended my first WWDC in 2006 to participate in Apple's launch of its DTrace port to the next version of Mac OS X (Leopard). Apple completed all but the fiddliest finishing touches without help from the DTrace team. Even when Apple did meet with us, we had no idea that it was mere weeks away from the finished product being announced to the world. DTrace was a testament both to Apple's engineering acumen as well as its storied secrecy.

At that same WWDC, Apple announced Time Machine, a product that would record file system versions through time for backup and recovery. How was it doing this? We were energized by the idea that there might be another piece of adopted Solaris technology. When we launched Solaris 10, DTrace shared the marquee with ZFS, a new filesystem that was to become the standard against which other filesystems are compared. Key among the many features of ZFS were snapshots that made it simple to capture the state of a filesystem, send the changes around, recover data, etc. Time Machine looked for all the world like a GUI on ZFS (indeed, the GUI that we had imagined but knew to be well beyond the capabilities of Sun).

Because of its popularity, a great deal of research has been devoted to understanding the impact of chocolate on our health and well-being. There are several positive effects of chocolate. Cocoa has been found to be a rich source of antioxidants, and certain types of chocolate (eaten in moderation) reduce blood pressure and positively affect the circulatory system.

Sadly, most chocolates on the market today are also rather unhealthy due to their extremely high fat content. Rising obesity rates worldwide make it hard to recommend chocolate as a health food. Reducing the fat levels in chocolate would help address this concern.

Unfortunately, no adequate solution has ever been found. In a new study recently published in Proceedings of the National Academy of Sciences, researchers investigated the basic science behind liquid chocolate suspensions that makes it so difficult to get rid of the fat.