(via Major glitch in Bitcoin network sparks sell-off; price temporarily falls 23% | Ars Technica)

A technical glitch in the core Bitcoin software forced developers to call for a temporary halt to Bitcoin transactions, sparking a sharp sell-off. The currency’s value briefly fell 23 percent to $37 before regaining much of its value later in the evening.
The core of the Bitcoin network is a shared transaction register known as the blockchain. Approximately every 10 minutes, a new block is created containing a record of all Bitcoin transactions that occurred since the previous block. Nodes in the network, known as miners, race to “discover” this next block by solving a cryptographic puzzle. The winner of this race announces the new block to the other nodes. The other nodes verify that it complies with all the rules of the Bitcoin protocol and then accepts it as the next official entry in the block chain, starting the race anew.
It’s essential for all miners to enforce exactly the same rules about what counts as a valid block. If a client announces a block that half the network accepts and the other half rejects, the result could be a fork in the network. Different nodes could disagree about which transactions have occurred, potentially producing chaos.
That’s what happened on Monday evening. A block was produced that the latest version of the Bitcoin software, version 0.8, recognized as valid but that nodes still running version 0.7 or earlier rejected…

fascinated by this - seems both very clever and very dangerous…

(via Major glitch in Bitcoin network sparks sell-off; price temporarily falls 23% | Ars Technica)

A technical glitch in the core Bitcoin software forced developers to call for a temporary halt to Bitcoin transactions, sparking a sharp sell-off. The currency’s value briefly fell 23 percent to $37 before regaining much of its value later in the evening.

The core of the Bitcoin network is a shared transaction register known as the blockchain. Approximately every 10 minutes, a new block is created containing a record of all Bitcoin transactions that occurred since the previous block. Nodes in the network, known as miners, race to “discover” this next block by solving a cryptographic puzzle. The winner of this race announces the new block to the other nodes. The other nodes verify that it complies with all the rules of the Bitcoin protocol and then accepts it as the next official entry in the block chain, starting the race anew.

It’s essential for all miners to enforce exactly the same rules about what counts as a valid block. If a client announces a block that half the network accepts and the other half rejects, the result could be a fork in the network. Different nodes could disagree about which transactions have occurred, potentially producing chaos.

That’s what happened on Monday evening. A block was produced that the latest version of the Bitcoin software, version 0.8, recognized as valid but that nodes still running version 0.7 or earlier rejected…

fascinated by this - seems both very clever and very dangerous…

(via DSL modem hack used to infect millions with banking fraud malware | Ars Technica)
Millions of Internet users in Brazil have fallen victim to a sustained attack that exploited vulnerabilities in DSL modems, forcing people visiting sites such as Google or Facebook to reach imposter sites that installed malicious software and stole online banking credentials, a security researcher said.
The attack, described late last week during a presentation at the Virus Bulletin conference in Dallas, infected more than 4.5 million DSL modems, said Kaspersky Lab Expert Fabio Assolini, citing statistics provided by Brazil’s Computer Emergency Response Team. The CSRF (cross-site request forgery) vulnerability allowed attackers to use a simple script to steal passwords required to remotely log in to and control the devices. The attackers then configured the modems to use malicious domain name system servers that caused users trying to visit popular websites to instead connect to booby-trapped imposter sites.
"This is the description of an attack happening in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, which affected 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained and silent mass attack on DSL modems," Assolini wrote in a blog post published on Monday morning. “This enabled the attack to reach network devices belonging to millions of individual and business users, spreading malware and engineering malicious redirects over the course of several months…”

(via DSL modem hack used to infect millions with banking fraud malware | Ars Technica)

Millions of Internet users in Brazil have fallen victim to a sustained attack that exploited vulnerabilities in DSL modems, forcing people visiting sites such as Google or Facebook to reach imposter sites that installed malicious software and stole online banking credentials, a security researcher said.

The attack, described late last week during a presentation at the Virus Bulletin conference in Dallas, infected more than 4.5 million DSL modems, said Kaspersky Lab Expert Fabio Assolini, citing statistics provided by Brazil’s Computer Emergency Response Team. The CSRF (cross-site request forgery) vulnerability allowed attackers to use a simple script to steal passwords required to remotely log in to and control the devices. The attackers then configured the modems to use malicious domain name system servers that caused users trying to visit popular websites to instead connect to booby-trapped imposter sites.

"This is the description of an attack happening in Brazil since 2011 using 1 firmware vulnerability, 2 malicious scripts and 40 malicious DNS servers, which affected 6 hardware manufacturers, resulting in millions of Brazilian internet users falling victim to a sustained and silent mass attack on DSL modems," Assolini wrote in a blog post published on Monday morning. “This enabled the attack to reach network devices belonging to millions of individual and business users, spreading malware and engineering malicious redirects over the course of several months…”

(via New study, same authors: patent trolls cost economy $29 billion yearly | Ars Technica)

…The $29 billion number comes from measuring the more straightforward costs associated with fighting off patent troll suits: those include legal fees going to lawyers, and the licensing fees paid in tribute to make the trolls go away (which nearly always get paid). The findings come from a relatively small sample of 83 companies, both small and large.
The study paints one of the clearest pictures yet of the impact patent trolls—more politely called non-practicing entities or “NPEs”—are having on the economy.
Even if the numbers are inflated, there’s little doubt those costs are significant. The total spending of US businesses on research and development is $247 billion per year. So even if one only considers the direct costs of patent trolls, they may be sucking up more than 10 percent of the money that could be spent on R&D.
Bessen and Meurer are the authors of Patent Failure, a 2008 book criticizing the patent system that has become a bête noire in some quarters of the patent bar…

(via New study, same authors: patent trolls cost economy $29 billion yearly | Ars Technica)

The $29 billion number comes from measuring the more straightforward costs associated with fighting off patent troll suits: those include legal fees going to lawyers, and the licensing fees paid in tribute to make the trolls go away (which nearly always get paid). The findings come from a relatively small sample of 83 companies, both small and large.

The study paints one of the clearest pictures yet of the impact patent trolls—more politely called non-practicing entities or “NPEs”—are having on the economy.

Even if the numbers are inflated, there’s little doubt those costs are significant. The total spending of US businesses on research and development is $247 billion per year. So even if one only considers the direct costs of patent trolls, they may be sucking up more than 10 percent of the money that could be spent on R&D.

Bessen and Meurer are the authors of Patent Failure, a 2008 book criticizing the patent system that has become a bête noire in some quarters of the patent bar…