Deekin_Scalesinger writes "More than eighteen months after being first brought to Cupertino's attention, Apple gets around to addressing insecure logins to the App Store. In theory, this could be used to view lists of installed apps and make unauthorized purchases." Yep, they were sending login information over plain http.
Migrate from GitHub to SourceForge quickly and easily with this tool. Check out all of SourceForge’s recent improvements.×
theodp writes "When it comes to tales of fake girlfriends, Manti Te'o can't hold a candle to theoretical particle physicist Paul Frampton. In November 2011, writes the NY Times' Maxine Swann in 'The Professor, the Bikini Model and the Suitcase Full of Trouble,' Frampton met who he says he thought was Czech bikini model Denise Milani on Mate1.com. A Yahoo Messenger romance bloomed, at least in the 68-year-old Frampton's mind (Frampton's ex-wife was a self-described 'physics groupie'). But before starting their perfect life together, fake Denise asked Frampton for one little favor — would he be so kind as to bring her a bag that she had left in La Paz, Bolivia? Yep, bad idea. The UNC Louis D. Rubin, Jr. Distinguished Professor of Physics and Astronomy soon found himself in a Buenos Aries prison, charged with transporting two kilos of cocaine into Argentina. Currently serving a four years and eight months sentence under house arrest, Frampton reportedly continues to supervise his two current PhD students by phone, and still finds time to post to the Physics archive."
An anonymous reader points out a story at The Register about a Microsoft-backed bill proposed by Massachusetts state representative Carlo Basil which seems aimed directly at Google's cloud apps. The bill, if it should be enacted, would require that "[a]ny person who provides a cloud computing service to an educational institution operating within the State shall process data of a student enrolled in kindergarten through twelfth grade for the sole purpose of providing the cloud computing service to the educational institution and shall not process such data for any commercial purpose, including but not limited to advertising purposes that benefit the cloud computing service provider."
First time accepted submitter FearTheFez writes "Social Engineering and poor DNS Security lead to a Bitcoin heist worth about $12000. Bitcoin broker Bitinstant was robbed after thieves managed to take over ownership of their domains. While Bitinstant claims that no customers lost any money, without 2 factor authentication all it took was a place of birth and a mothers maiden name to gain access. This looks like poor security from everyone involved."
New submitter nifty-c writes "Singapore has invested heavily in higher education partnerships with the U.S. and launched an ambitious program of high-tech research with Western countries, but recent events have opened these links to controversy. Prof. Cherian George at Nanyang Technological University (NTU), Singapore, is a communication and information school professor and an outspoken critic of his government's censorship of the Internet. NTU recently fired him, sparking an outcry from critics who claim political interference. This week a group of faculty and affiliates at Harvard's Berkman Center for Internet & Society has 'strongly caution[ed]...colleagues working in the area of Internet and society in any dealings with Singaporean universities.'"