The LifeBot 5 Telemedicine Tool Allows Doctors to Read Data and Send Instructions to Remote Medics in Real-Time

While people such as emergency medical technicians and army medics are true lifesavers, there are times when they could benefit from the resources or expertise of a hospital-based physician. That’s where all-in-one portable telemedicine units like the LifeBot 5 come into play.

Although the device isn’t the only one of its kind, the LifeBot company claims that it is “the world’s smallest, lightest, most advanced portable mobile telemedicine system.”

Weighing in at 15 pounds (6.8 kg), it is able to monitor a patient’s heart rate, blood pressure and body temperature, plus it is capable of performing electrocardiography and ultrasound. It can also transmit video and audio. Future versions may additionally include a defibrillator.

Data is sent securely via 4G, 3G, LTE, WiMax, cellular, Wi-Fi, satellite, and/or data radio connections – the machine automatically selects whatever system(s) work best for the given situation. Remotely-located doctors are then able to view a patient’s vital signs and other data with a delay of only a few seconds, and offer real-time guidance to the on-site medical personnel. Multiple LifeBot units can also communicate with one another, allowing for collaborative efforts on difficult procedures.

The original version of the device was developed using Department of Defense grants of US$14 million from the Telemedicine and Technology Research Center and U.S. Army Medical Research and Materiel Command.

Prices for the LifeBot 5 begin at under $20,000.

Source: LifeBot
Via: Gizmag


Android Malware Mimics Play, Performs DDoS Attacks, Sends Text Spam

Those of you with an Android device should be on the lookout, the security firm Dr. Web is warning users of a new trojan that disguises itself using the Google Play icon. Dubbed Android.DDoS.1.origin, the malware creates an application icon that looks just like the Google Play icon. When opened, the malware actually opens Google Play, helping disguise the malicious activity taking place in the background.

Once Android.DDoS.1.origin is running, it attempts to connect to a remote server and sends the device’s phone number down the pipeline. If successfully connected, the device is now compromised, and remains in a state awaiting commands from whoever is on the receiving end of the phone number. The cyber hooligans can then make the compromised device send SMS messages, or perform DDoS attacks on a specified target.

Aside from having your device compromised and responsible for a DDoS attack, the criminals controlling the device could also run up SMS and data charges depending on how frequently they send messages and perform DDoS attacks. Of course, the frequency and intensity of this malicious activity could affect the performance of a compromised device, based on simple processor and memory allocations and usage.

At the moment, Dr. Web reports that how the trojan spreads is unclear, but is most likely spread through social media tactics, getting users to download the code themselves in some manner.

As one might expect of a security company, Dr. Web notes that users running Dr. Web products for Android will be protected from the trojan. If you aren’t cool with that, just pay attention to what you download, or don’t enable the feature that allows you to download apps that didn’t come from the Google Play store.

Source: Dr. Web

Researchers Find Malware Targeting Java HTTP Servers

Security researchers from antivirus vendor Trend Micro have uncovered a piece of backdoor-type malware that infects Java-based HTTP servers and allows attackers to execute malicious commands on the underlying systems.

Security researchers from antivirus vendor Trend Micro have uncovered a piece of backdoor-type malware that infects Java-based HTTP servers and allows attackers to execute malicious commands on the underlying systems.

The threat, known as BKDR_JAVAWAR.JG, comes in the form of a JavaServer Page (JSP), a type of Web page that can only be deployed and served from a specialized Web server with a Java servlet container, such as Apache Tomcat.

Once this page is deployed, the attacker can access it remotely and can use its functions to browse, upload, edit, delete, download or copy files from the infected system using a Web console interface. This is similar to the functionality provided by PHP-based backdoors, commonly known as PHP Web shells.

“Aside from gaining access to sensitive information, an attacker gains control of the infected system thru the backdoor and can carry out more malicious commands onto the vulnerable server,” Trend Micro researchers said Thursday in a blog post.

This JSP backdoor can be installed by other malware already running on the system that hosts the Java-based HTTP server and Java servlet container or can be downloaded when browsing to malicious websites from such a system.

According to Trend Micro’s technical notes, the malware targets systems running Windows 2000, Windows Server 2003, Windows XP, Windows Vista and Windows 7.

“Another possible attack scenario is when an attacker checks for websites powered by Apache Tomcat then attempts to access the Tomcat Web Application Manager,” the Trend Micro researchers said. “Using a password cracking tool, cybercriminals are able to login and gain manager/administrative rights allowing the deployment of Web application archive (WAR) files packaged with the backdoor to the server.”

In order to protect their servers from such threats, administrators should use strong passwords that cannot be easily cracked by using brute force tools, should deploy all security updates available for their systems and software and should avoid visiting unknown and untrusted websites, the Trend Micro researchers said.

Source: IDG News Service

FBI Arrests Woman Who Claimed To Be Aunt Of Newtown Victim In Order To Collect Funeral Donations

It’s a sad reality of life that where there is tragedy, there will always be those who take advantage of such tragedies and try to make a buck off it. Almost as soon as news hit of the Sandy Hook shootings just two weeks ago, officials had to warn the public of scammers raking in cash with various schemes. Just yesterday, the FBI arrested the woman in New York City who was allegedly posing as the aunt of Noah Pozner, a child killed at Newtown Elementary to collect money for a funeral fund.

The family was able to get control of the domain name and shut down the scam. The woman has now been charged charged with making false statements to federal agents, and is facing a maximum five years in prison and a $250,000 fine.

Officials say the 37-year-old woman used her Facebook account and texted people as well to get donations for the fund of one of the 6-year-old victims, the first of the victims to be buried after the Dec. 14 massacre, reports USA Today.

According to the complaint, the woman set up a PayPal account to funnel the donations into, but then denied to the FBI agents who were onto her that she had accepted money using social media and said she’d refunded any money she’d received.

“It is unconscionable to think that the families of the victims in Newtown, and a sympathetic community looking to provide them some sort of financial support and comfort, have become the targets of criminals,” said FBI Special Agent in Charge Kimberly Mertz. “Today’s arrest is a stern message that the FBI will investigate and bring to justice those who perpetrate Internet fund raising scams, especially those scams that exploit the most vulnerable in their time of shared sorrow.”

The scam apparently started within an hour of the shooting, as the woman wrote on Facebook: “All we know is 18 kids have been killed…still no word on my nephew.”

A few days later she tugged at more heartstrings, writing: “We’ve set up a funeral fund for my brother …”

The boys (real) uncle told NBC News, which tracked the woman down and confronted her over the page: “I’m disgusted by it. I think it’s disgusting behavior.”

The FBI asks that information about Newtown-related fundraising schemes be reported to its Connecticut office at 203-777-6311.

One more time, for good measure, check out our tips for avoiding charity scams:

Don’t be shy about asking who wants your money:

    If you’re solicited for a donation, ask if the caller is a paid fundraiser, who they work for, and the percentage of your donation that will go to the charity and to the fundraiser. If you don’t get a clear answer — or if you don’t like the answer you get — consider donating to a different organization.

Call the charity:

    Find out if the organization is aware of the solicitation and has authorized the use of its name. If not, you may be dealing with a scam artist.

Ask for written information about the charity:

    This includes its full name, address, and telephone number.

Contact the office that regulates charitable organizations and charitable solicitations in your state:

    The National Association of State Charity Officials has contact information for regulators in each state available on its website. Your state office also can verify how much of your donation goes to the charity, and how much goes to fundraising and man­agement expenses.

You also can check out charities with the Better Business Bureau’s Wise Giving Alliance and GuideStar.

Trust your gut and check your records:

    Callers may try to trick you by thanking you for a pledge you didn’t make. If you don’t remember making the donation or don’t have a record of your pledge, resist the pressure to give.

Be wary of charities that spring up overnight:

    This is especially true after natural disasters. They may make a compelling case for your money, but as a practical matter, they probably don’t have the infrastructure to get your donation to the affected area or people.

Watch out for similar sounding names:

    Some phony charities use names that closely resemble those of respected, legitimate organizations. If you notice a small difference from the name of the charity you intend to deal with, call the organization you know to check it out.

Be wary of charities eager to collect cash:

    If they say they are sending a courier or offering overnight delivery service to collect your donation immediately, you have to wonder whether the charity is legitimate.

Know the difference between “tax exempt” and “tax deductible.”

    Tax exempt means the organization doesn’t have to pay taxes. Tax deductible means you can deduct your contribution on your federal income tax return.

Do not send or give cash donations:

    Cash can be lost or stolen. For security and tax record purposes, it’s best to pay by credit card. If you’re thinking about giving online, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL that begins “https:” (the “s” stands for “secure”)

Via: The Consumerist

Security Researcher Announces Serious Vulnerability in Popular WordPress Plugin

A security researcher has announced a serious vulnerability in the default configuration of a popular WordPress plugin.

According to Jason Donenfield in this Full Disclosure list, claims the WordPress plugin “W3 Total Cache”, which boasts high-traffic sites like Mashable and Lockergnome among its users, has serious vulnerabilities.

In the default setup, when users simply choose “add plugin” from the WordPress catalogue leaves cache directory listings enabled, according to Donenfield.

He said this allows database cache keys to be downloaded on vulnerable installations and that could expose password hashes. “A simple google search of “inurl:wp-content/plugins/w3tc/dbcache” and maybe some other magic reveals this wasn’t just an issue for me”, he writes.

The search term was later amended by Donenfield to “inurl:wp-content/w3tc”.

“Even with directory listings off,” he continues, “cache files are by default publicly downloadable, and the key values / file name of the database cache items are easily predictable.”

Donenfield says the developer of the plug-in intends to release a fix “soon”. In the meantime, he notes that “deny from all” should be set in the .htaccess file.

NFC-enabled Smartphones to Replace Cars Keys By 2015

NFC-enabled smartphones have the potential to replace nearly everything else in your pockets, so why not your car keys? Hyundai is working to do just that, with an embedded NFC tag that allows you to open your car, start the engine and link up to the touchscreen with a simple swipe.

Hyundai outfitted its i30 compact hatch (aka the Elantra in the States) with NFC technology in its “Connectivity Concept” recently shown at its European headquarters in Frankfurt, Germany. The idea is simple: Nix the key fob and let your smartphone handle it all.

According to the Korean automaker, the driver can swipe their phone across an embedded NFC chip to unlock the car, and once inside, the place the phone in the center console, allowing the car to start, while an inductive charging plate keeps the juice flowing without needing to plug in.

“With this technology, Hyundai is able to harness the all-in-one functionality of existing smartphone technology and integrate it into everyday driving in a seamless fashion,” says Allan Rushforth, senior vice president and COO of Hyundai Motor Europe.

But unlocking and starting the car is only part of a wider connectivity solution for Hyundai.

Because the system can recognize different smartphones, it can customize the in-car experience to suit each driver’s seat, mirror and infotainment settings.

Once the phone is in the console, it links up with the 7-inch touchscreen mounted in the dash, and Hyundai is employing the Car Connectivity Consortium’s MirrorLink standard to automatically import contacts, navigation destinations, streaming audio and apps.

Despite forging dozens of automaker partnerships, MirrorLink hasn’t caught on with many manufacturers yet. That’s mainly due to concerns about driver distraction and how certain apps would be ported to the integrated screen, modifying the user interface to suit a more driver-focused experience. But that’s about to change as MirrorLink begins gaining momentum.

Hyundai and its connectivity partners at Broadcom are working to get this NFC- and MirrorLink-driven technology to market in its next generation of products, with the automaker claiming to have many of these systems in place by 2015.

Via: Wired

Regulators Propose Mandatory Black Boxes In All Automobiles

While some car manufacturers are voluntarily installing black boxes in their cars now, it seems that federal regulators are proposing that after September 2014, all automobiles sold in the US will have to come with a black box installed. The National Transportation Safety Agency is looking to hear from residents of the US by the 11th of February on this proposed plan. Obviously the installation of these black boxes are for the safety of drivers on the road so in the event of an accident or emergency, the relevant authorities will know what went wrong and whether it might be related to the manufacturing of the vehicle, the driver and etc.

The proposed black boxes will trigger for about 30 seconds when events such as sudden braking or acceleration occur, swerving or any other act that could lead to an accident. The data can then be downloaded either remotely or physically whereby it would be used “primarily for the purpose of post-crash assessment of vehicle safety system performance.” While this sounds perfectly reasonable, there are privacy advocates who are worried about the data being collected and are asking the data to be anonymized to prevent the selling of it to third parties, such as insurance companies who might use it for risk evaluation.

Via: Ubergizmo

SpaceX’s Entry Into $70 Billion U.S. Launch Market to Take On Lockheed Martin and Boeing

Space Exploration Technologies, led by billionaire Elon Musk, is poised to break into the U.S. military’s $70 billion launch market after winning its first missions from the Pentagon.

The Defense Department on Nov. 27 directed the Air Force to end a launch monopoly held by the government’s two biggest contractors, Lockheed Martin and Boeing. A week later, the service awarded the trial missions to Musk’s firm, known as SpaceX.

The Lockheed-Boeing venture has had a lock on the business for six years. SpaceX, which recently showed it could fly to the international space station, now has the opportunity to prove that its rockets are capable of launching satellites serving Pentagon planners, ground troops and the nation’s spies.

“The one market they have really yet to crack so far is the military launch market,” said Jeffrey Foust, a senior analyst at Futron, a technology consulting firm based in Bethesda. “They’re just starting to do that now.”

The two launches were awarded to Hawthorne, Calif.-based SpaceX under an Air Force contract valued at as much as $900 million. The missions, scheduled for 2014 and 2015, are designed to help the company become certified to carry the military and spy satellites.

Musk, who also leads electric automaker Tesla Motors, in a Dec. 5 statement called the Air Force’s decision a “vote of confidence.’’

SpaceX twice this year flew its Falcon 9 rocket carrying a Dragon spacecraft, which delivered cargo to the space station. With the new military business, executives see the firm’s total launch business as stable, if not growing, company President Gwynne Shotwell said at a Dec. 11 space industry luncheon in Washington.

“Now, I think a big challenge is for us to do this hard job and produce the vehicles and launch them reliably,’’ she said.

Robert Stevens, chairman and chief executive of Lockheed, poked fun at SpaceX’s inexperience.

The Lockheed-Boeing venture, known as United Launch Alliance, has launched “hundreds of billions of dollars’’ of satellites on 66 consecutive missions, Stevens said at a Dec. 14 Bloomberg Government breakfast in Washington.

“I’m hugely pleased with 66 in a row from ULA, and I don’t know the record of SpaceX yet,’’ he said. “Two in a row?’’

Although Centennial, Colo.­­based United Launch Alliance has a successful launch record, it has struggled to control costs.

The average price of its Delta 4 and Atlas 5 rockets is estimated at $464 million a launch, more than double a previous estimate of $230 million, according to the Pentagon.

“Cost doesn’t matter at all if you don’t put the ball into orbit,’’ said Lockheed’s Stevens, who is retiring as chief executive and will be replaced by Chief Operating Officer Marillyn Hewson on Jan. 1. “You can thrift on cost. You can take cost out of a rocket. But I will guarantee you, in my experience, when you start pulling a lot of costs out of a rocket, your quality and your probability of success in delivering a payload to orbit diminishes.’’

Responding to Stevens, Musk said in an e-mailed statement that “all of SpaceX’s Falcon 9 missions have reached orbit and completed all primary mission objectives.”

On the cost issue, Musk said: “The fundamental reason SpaceX’s rockets are lower cost and more powerful is that our technology is significantly more advanced than that of the Lockheed-Boeing rockets, which were designed last century.”

SpaceX’s October launch to the space station was the first of at least a dozen cargo flights under a NASA contract valued at $1.6 billion.

Although SpaceX’s Falcon 9 rocket successfully lifted a cargo ship to the space station, the mission wasn’t flawless. Less than two minutes after liftoff, one of the rocket’s nine engines shut off, causing the loss of a communications satellite made by Orbcomm.

SpaceX is investigating what caused the engine failure. The company will need to avoid these kinds of malfunctions to get a piece of the Defense Department’s biggest launch program, said Foust, the Futron analyst.

“They need to build up a track record of success and allay any concerns at the Pentagon about turning over very expensive and very important national security business to anyone other than ULA,’’ Foust said.

The program, known in military parlance as the Evolved Expendable Launch Vehicle, is estimated to cost $70 billion through fiscal 2030.

SpaceX lists the Falcon 9 at $54 million a liftoff. The company is building a bigger rocket, called the Falcon Heavy, which it says will be second in size only to the Apollo-era Saturn V and cost between $80 million and $125 million a liftoff. It plans to launch it for the first time in the second half of 2013.

Shotwell said the military launch costs will be higher in part because of the additional requirements. She didn’t elaborate on the prices.

SpaceX officials want the company to get its military certification in 2014. It will need to launch each version of a rocket successfully three times before it can receive the Defense Department’s approval, Shotwell said.

Air Force Major Eric Badger, a Pentagon spokesman, said the service is “making great progress with SpaceX.’’

The military next year plans to evaluate the design and engineering of SpaceX’s upgraded Falcon 9 rocket to verify it “has the reliability required to launch high-value national security spacecraft,’’ Badger said in an e-mail.

Via: Washington Post

XDA University Has Officially Launched

If you’ve always been interested in creating apps or developing for smartphones but had trouble finding the resources to learn it, you might recall a couple of months back that XDA Developers announced that they would be launching XDA University to help people with that.

This is basically a website where all the tutorials and resources required to develop are consolidated into one location, making it easy and convenient for beginning developers to find what they need.

Good news is that the website has been officially launched and you can visit the website to start learning now.

There are tutorials separated into user-based and developer-based:

    • User-based tutorials will teach regular beginners how to flash their Android devices, recovery and etc.

    • Developer-based tutorials will dive into the more technical aspects of things, for those who have always wanted to flash custom ROMs and tweak ROMs.

This is a great service the XDA developers are providing here, and I hope a lot of you take advantage of it!

U.S. Air Force Enlists Help from ESPN for Drone Footage Analysis

The Air Force has enlisted the help of ESPN in order to go through and perform a thorough analysis on the copious amounts of video footage recorded from drone missions. Considering how the total number of UAVs (Unmanned Aerial Vehicles) there are scouring the world, with a ton of footage being transmitted back to base in real-time, the Air Force has an unenviable task of poring over the data. They have then decided to enlist some assistance from the outside world, and this is where ESPN comes in.

David Deptula, a former Air Force lieutenant general, reportedly mentioned to USA Today, “We need to be careful we don’t drown in the data.” In 2011 alone, drone video transmissions amounted to some 327,384 hours of surveillance, where the majority of them comprise of “pattern of life” missions, where they involve recording compounds for days in a stretch. ESPN’s role would see them fall back on their expertise in sorting through the large amounts of game footage every single day, but bear in mind that no new technological breakthroughs were achieved.

Source: Ubergizmo