So... How did they get the thing through the "security" checkpoint at the front gate?
The "Janus Project" is the brainchild of Kyle Williams of the Janus Wireless Security Research Group in Portland, Oregon.
Burning Man 2006 is now in full swing and Current TV has setup an online television station, TV Free Burning Man.Privacy International is calling for nominations to name and shame the worst offenders. The competition closes on October 31st 2006. The award categories are:
The competition will be judged by an international panel of well-known security experts, public policy specialists, privacy advocates and journalists.
The competition is open to anyone from any country. Nominations can be sent to stupidsecurity@privacy.org.
Details of previous award winners can be found below, or at http://www.privacyinternational.org/ssa2003winners.
Nice use for the cans from a favorite snack...Materials:
| Presentation Slides | Blackberry Attack Toolkit (Including BBProxy) |
Interesting source for wireless networking software, parts, supplies and info.
Easy way to make FBI-escque earphones. This is very useful if you ever want to listen to music but also have one ear free (for instance while biking in the city)
A security researcher has demonstrated how an unpatched vulnerability in Cisco?s PIX firewall appliances could allow outside attackers to gain access to corporate networks. On the final slide of his presentation at the Black Hat show on VoIP security, Hendrik Scholz, a developer with Freenet Cityline disclosed a technique for bypassing the firewalls, according to an audio recording of the talk obtained by IDG News. "You can open up whatever port you want... and access internal servers from the outside," he said "It's really easy to do and we're talking to Cisco about how to get it fixed." By now Black Hat is old hat for Cisco. Last year conference organisers were sued by the networking giant and had to literally rip a presentation by researcher Michael Lynn out of last year's conference materials because it disclosed flaws in its IOS software.
Weekend fun... Ck the blackbag blog for info from Hope # 6 and a look at the very nice Hope number six pickset...
Tuesday's Dilbert (quoted below, copyright Scott Adams, Inc) funny in a scary way...For a complete list of changes, please refer to the 0.99.2 release notes. Official releases are available right now from the download page.
The first ever case of using a man-in-the-middle attack against an online bank was reported by the Post's Brian Krebs on Tuesday.
"This is a collection of "spy equipment" we have found for sale around the internet. Everything here is completely real, is sold at online stores, and almost any item listed here costs less than $500, and often times can be bought for less than $200."
A federal appeals court upheld a nine-year prison term Monday for a hacker who tried and failed to steal customer credit-card numbers from the Lowe's chain of home improvement stores.
Floyd Rudmin, a professor at a Norwegian university, uses the mathematics of conditional probability, known as Bayes' Theorem, to demonstrate that the NSA's surveillance cannot effectively detect terrorists unless both the percentage of terrorists in the population and the accuracy rate of their identification are far higher than they are.
Book DescriptionTheir our lots of wurds in this book. Sum of the werds are big. They're are no pitchers in this book. If ewe like big wirds and no pitchers you will like this book.
The courier driver showed up at noon, today, with the box of author copies. So I can, with assurance (p. 13) state that the volume now actually exists in hardcopy. After four years of maintaining it mostly as a resource for those studying for the CISSP exam, it's now going to be available in bookstores for everyone.
It's been interesting, working with Syngress. Having worked with more traditional publishers, I was rather expecting the usual 2-3 months of contract negotiations, 2-3 months to get out the final manuscript (the book had, after all, already been basically finished: I'd been using it on the Website for some time), and the usual 4-6 months in copy editing and galley proofing. The contract negotiations took about a month and a half. I got the final contract May 18th. They wanted the manuscript on the 26th. I got the galley proofs on June 1st, and had them back to Syngress on June 4th. (Then there seems to have been some kind of hiccup with the printer: it's been "due" every day now for about three weeks.)
So now, I suppose, I'd better get a move on. I've already replaced the glossary page (http://victoria.tc.ca/techrev/secgloss.htm) with an errata page, and I've got about 60 entries that need to be added or corrected. So I hope you'll all actually buy the book, and Syngress will be moved to putting out a new edition fairly soon. (And
regularly, after that.)
copyright Robert M. Slade, 2006 BKDCINSC.RVW 20060528
You’ve probably heard the analogy that security is like having brakes on an automobile. Brakes allow the driver to go faster, have more control and go where they want to go safely. While brakes are an inhibitor, they actually allow the driver to reach their destination in a safe, yet quick manner.
Imagine driving without them. You’d be a nervous wreck. (Okay, maybe not you, but most of us would be.) You’d go really slow; be afraid of changing directions; and feel stressed. Think: the only way to stop is to crash into something.In the paragraphs above, replace brakes with security (meaning security controls and processes) and driver with your organization’s name. Isn’t the concept the same? Security allows the user (driver) to reach their goal (destination) in a safe, yet quick manner. If you (security professionals) and your customers (users) are doing it right, security should allow the business to go faster, have control, and reach their goals safely without crashing.
The security team should be a stress reducer, not an inducer. Stress (in the negative connotation) comes when we feel out of control. Shouldn’t it be security’s job to introduce control and offer solutions for reducing risks and thereby reducing stress?
In recent years, the security group has gotten the bad reputation for being (a) a barrier to business, (b) an overhead without a quantifiable ROI, and (c) the hammer when there’s a breach or policy is not followed. In other words, they increased the stress for our organization. They weren’t being “good brakes.” This caused the organization to try to bypass security to get things done. (Don’t you try to avoid those things that cause you negative stress?)
Instead, we, the people in security need to be stress reducers. We need to be the brakes for our organization. However, there’s one difference: brakes are not normally seen, only felt; the security team needs to be both seen and felt. You do that by implementing proper controls and risk management processes.Security should collaborate with the business in identifying and assessing the risks and then implementing the proper controls to ensure the risk is appropriately mitigated for the business. (No more security for security sake.) This puts the business in control guided by security and reduces negative stress for everyone.
Security professionals: Next time you implementation a new technology, process or policy, ask yourself, “Am I being a ‘good brake’ or am I really adding negative stress?” You’d be surprised at how much better you will be received if you reduce your customer’s stress. Next week we’ll cover key steps you can take to become a security stress reducer.
By working together and helping each other, we all become stronger.
Here's a chronology of data breaches since the ChoicePoint theft in February 2005.
Total identities stolen: 88,794,619."It's pure laziness. There's actually no excuse for it," said Avivah Litan, a security analyst for Gartner Inc. "There's no good business reason for it."
If they absolutely need to analyze data out of the office, the employees should run programs that replace live credit card or Social Security numbers with random "dummy" figures whenever possible, since the actual numbers aren't always relevant.
In the Coke case, Joya Williams, 41, an administrative assistant who worked for the director of global brand marketing at Coca-Cola was the source of the trade secrets that were to be sold, prosecutors charged on Wednesday.
Not the safe, just the master key...Video surveillance showed Williams at her desk going through files in search of documents and stuffing them in her bags, prosecutors said.
While the episode highlights the importance of simple security measures such as locking up confidential documents, it also puts the spotlight on thorough background searches of employees of all levels, surveillance experts said.
"A lot of times companies say 'This person is just a secretary and I don't need to do everything on them as far as screening,"' said Jason Morris, president of employee screening firm Background Information Services. "Your secretary may not have the keys to the safe but he or she may have access to your CEO's e-mails, which could have the formula for a Coke product in them."
The Girl Tech Password Journal Jam 'n Shred Pen is a pen with a miniature shredder (just right for getting rid of evidence) and an FM radio (for jamming to tunes) built in.Over 100 speakers will have presentations on a variety of topics including computer hacking, phone phreaking, legal issues, wiretapping, cryptography, urban exploring, lockpicking, and spying. In addition we will present the return of a favorite panel: social engineering -- or how to get sensitive information from people who really ought to know better. A live demonstration of how to do this is planned.Also, Phil Torrone of Make will be speaking there, too. LinkAdditional talks include how to decode New York City's MetroCard, hacker filmmaking techniques, and even a discussion of hacker cooking. A panel of famous hackers who have gone to prison is also scheduled as is a study of the European hacker scene. And, in a first, there will be a "broadcast" of the WBAI hacker radio show "Off The Hook" in "indecent mode," designed to demonstrate the absurdity of current FCC policies.
Anything based on ubuntu is a winner... So thanks GP for this great find! nubuntu is a security distribution which is derived from the Ubuntu distribution, with added packages related to security testing and with unneeded packages, such as Gnome, Openoffice.org, and Evolution removed.1. Communicate - I think that this is the most important information security skill, without being able to communicate it is hard to move ahead anywhere. Even if you have the best ideas in the world, if you cannot communicate them, no one will ever know.
2. Application Penetration Skills - being able to despin and understand how applications work, what protocols they use to communicate, what information is input and output from those applications, and best of all, how to make those applications do things that the programmer did not intend the application to do. This is the next major battle front in information security, and being able to move effectively in this space is important for future job success
3. Network Penetration Skills - being able to understand and use network properties like ARP, ICMP and TCP/IP to map, understand, and find vulnerable nodes on the network is a core skill.
4. Knowing what is a viable attack and what is not - tools that we use often spit out false positives, IDS systems, IPS systems, even our network and application penetration test tools all spit out false positives. Knowing which attacks against what target are viable and then being able to prove that viability to the developers and users of the system is a core skill.
5. Knowing how data migrates around the network - how is data used, where is it used, and who uses it in normal day to day patterns allows the Information security person to know when data is being misused, or someone who should not have access is trying to get access to it.
6. Network engineering skills - just enough to know how each component works on the network, what its function is, what its strengths and weaknesses are, and how it can be exploited.
7. IDS/IPS interpretation of results - being able to work with the IDS/IPS that is on the network and knowing how to find out more information about the data presented is a core skill. There is no sense in spinning up the whole department for a false positive, know how that IDS/IPS works, and what its limitations are.
8. System Administration - know enough about system administration that if presented with a series of computers, you can safely secure them allowing the applications to run that need to be on the box.
9. Risk Management skills - being able to understand the concepts of risk management, and how they are applied in regards to the companies culture. Not all companies are the same when it comes to risk management; each company has their own tolerance to risk. Be able to work within the confines of the companies tolerance for risk
10. Be creative - of all the top 10 skills that I am looking for, the ability to be creative when doing work makes the employee much more flexible, and easier to go forth and do good things.
Ove the last few months, I have taken an interest in web browser security flaws. This interest has resulted in my collaboration on a few fuzzing tools (Hamachi, CSS-Die, DOM-Hanoi), a blog post, and a SecurityFocus article. The vendors have been notified and the time has come to start publishing the results. I will publish one new vulnerability each day during the month of July as part of the Month of Browser Bugs project. This information is being published to create awareness about the types of bugs that plague modern browsers and to demonstrate the techniques I used to discover them. Enjoy!
Unprecedented number of Israeli websites hacked: Hundreds of websites were damaged by hackers in recent hours, following IDF activity in the Gaza Strip. The hackers are members of the Moroccan “Team Evil” group, responsible for most of the website damage in Israel in the past year. This is the largest, most concentrated attack on Israeli websites in recent years.
A Ynet investigation revealed that more than 750 Israeli websites, on a number of different domains, were hacked into and damaged in recent days. Prominent among them were the Soldier’s Treasury Bank, Bank Hapoalim (not the main page), Rambam Hospital, the Society for Culture and Housing, BMW Israel, Subaru Israel, Jump Fashion, non-profit organization “Yedid,” Kadima’s youth website, and the Globus Group ticket center. Many of these sites have not yet returned to normal.
Hackers left the message: You’re killing Palestinians, we’re killing servers.
Internet Urinal
Why do people pick up a USB stick and then insert it into their computer during a security audit as was written about here? Are USB sticks that cool? What else would you just pick up and insert?
China Makes Ultimate Punishment Mobile
The country that executed more than four times as many convicts as the rest of the world combined last year is slowly phasing out public executions by firing squad in favor of lethal injections. Unlike the United States and Singapore, the only two other countries where death is administered by injection, China metes out capital punishment from specially equipped “death vans” that shuttle from town to town.
Makers of the death vans say the vehicles and injections are a civilized alternative to the firing squad, ending the life of the condemned more quickly, clinically and safely. The switch from gunshots to injections is a sign that China “promotes human rights now,” says Kang Zhongwen, who designed the Jinguan Automobile death van in which “Devil” Zhang took his final ride.
The sa account is created during the installation process and the sa account has full rights in the SQL Server environment. By default, the sa password is blank (NULL), unless you change the password when you run the MSDE Setup program. To conform with the best security practices, you must change the sa password to a strong password at the first opportunity.
1. On the computer that is hosting the instance of MSDE to which you are connecting, open a command prompt window.
2. At the command prompt, type the following command, and then press ENTER:
osql -U sa
This connects you to the local, default instance of MSDE by using the sa account. To connect to a named instance installed on your computer type:
osql -U sa -S servername\instancename
You are now at the following prompt:
Password:
3. Press ENTER again. This will pass a NULL (blank) password for sa.
If you are now at the following prompt, after you press ENTER, then you do not have a password for the sa account:
1>
We recommend that you create a non-NULL, strong password to conform with security practices.
However, if you receive the following error message, you have entered an incorrect password. This error message indicates that a password has been created for the sa account:
"Login Failed for user 'sa'."
The following error message indicates that the computer that is running SQL Server is set to Windows Authentication only:
Login failed for user 'sa'. Reason: Not associated with a trusted SQL Server connection.
You cannot verify your sa password while in Windows Authentication mode. However, you can create a sa password so that your sa account is secure in case your authentication mode is changed to Mixed Mode in the future.
If you receive the following error message, SQL Server may not be running or you may have provided an incorrect name for the named instance of SQL Server that is installed:
[Shared Memory]SQL Server does not exist or access denied.
[Shared Memory]ConnectionOpen (Connect()).
1. On the computer that is hosting the instance of MSDE to which you are connecting, open the command prompt window.
2. Type the following command, and then press ENTER:
osql -U sa
At the Password: prompt, press ENTER if your password is blank or type the current password. This connects you to the local, default instance of MSDE by using the sa account. To connect by using Windows authentication, type this command:
use osql -E
Note If you are using SQL Server 2005 Express, avoid using the Osql utility, and plan to modify applications that currently use the Osql feature. Use the Sqlcmd utility instead.
3. Type the following commands, on separate lines, and then press ENTER:
sp_password @old = null, @new = 'complexpwd', @loginame ='sa'
go
Note Make sure that you replace "complexpwd" with the new strong password. A strong password includes alpha-numeric and special characters, and a combination of upper and lower case characters.
You will receive the following informational message, which indicates that your password was changed successfully:
Password changed.
"The U.S. military has concluded its investigation into a video that appeared to show private security contractors shooting at civilian vehicles on highways in Iraq and determined that no one involved will be charged with a crime, a military spokesman in Baghdad said. The investigation, which officials have not released publicly, began after the video was posted on an Internet site purportedly run by employees of Aegis Defense Services, a London-based firm with a $293 million U.S. government security contract."
Try this under Windows:
Right-click on the Desktop
Create a new Shortcut
Point the location of the item to any executable... such as: c:\windows\system32\calc.exe
Name the shortcut, for example, www.microsoft.com
Start Internet Explorer (IE5 and IE6 work best)
Type "www.microsoft.com" into the address bar
Enjoy.
More info can be found from here.
These Japanese shredding scissors provide a low-tech way to discard of docs at your home or office desk.
The Register can again exclusively confirm the loss of the Hotels.com customer information after having received a copy of a letter mailed out jointly by the web site and Ernst & Young. A Hotels.com spokesman also confirmed the data breach, saying Ernst & Young notified the company of the laptop loss on May 3. The laptop in question was stolen from an Ernst & Young worker's car in Texas and did have some basic data protection mechanisms such as, erm, the need for a password.
In Waldo, people have held prayer vigils and protests aimed at an adult bookstore along US 301, trying to keep the "Cafe Risque" from opening its doors on time."Ubuntu" is an ancient African word, meaning "humanity to others". Ubuntu also means "I am what I am because of who we all are". The Ubuntu Linux distribution brings the spirit of Ubuntu to the software world.
A man found guilty of sexually assaulting a child has been given 10 years of probation by a judge who said the man was too small to survive prison.Nothing bad happened to me, but it could have, for two reasons.
The first reason is that whenever you do something “unnecessary”, such as reporting a vulnerability, police wonder why, and how you found out. Police also wonders if you found one vulnerability, could you have found more and not reported them? Who did you disclose that information to? Did you get into the web site, and do anything there that you shouldn’t have? It’s normal for the police to think that way. They have to. Unfortunately, it makes it very uninteresting to report any problems.
The second reason that bad things could have happened to me is that I’m stubborn and believe that in a university setting, it should be acceptable for students who stumble across a problem to report vulnerabilities anonymously through an approved person (e.g., a staff member or faculty) and mechanism. Why anonymously? Because student vulnerability reporters are akin to whistleblowers.
At least two St. Louis gas station owners or managers say somebody is breaking into gas pumps, reprogramming interior keypads and instructing the machines to dispense fuel at no charge.
Free gas is certainly not what the gas station owners had in mind.
Kevin Tippit is manager of the Phillips 66 at Lindell and Boyle in St. Louis. Tippit says his boss lost between $6,000 and $10,000 worth of gas Friday before a regular customer tipped-off an employee.
"They (the thieves) have a key to the pump and then after they open up the pump they go in and they reprogram the pump, so they can have free gas. And then everybody behind them sees what they're doing, and they continue," says Tippit.
Narcotics officers found the Professional Ordnance Carbon-15 Type-97 pistol in the car of a drug suspect in Newark and noticed it was a cut above the usual weaponry employed by local drug dealers, Fontoura said.
Per a BBC report, The Times and The Register the judge who presided over the failed Da Vinci Code plagiarism case at London's High Court hid his own secret code in his written judgement.Policies requiring regular password changes (e.g., monthly) are an example of exactly this form of infosec folk wisdom.
From a high-level perspective, let me observe that one problem with any widespread change policy is that it fails to take into account the various threats and other defenses that may be in place. Policies should always be based on a sound understanding of risks, vulnerabilities, and defenses. “Best practice” is intended as a default policy for those who don’t have the necessary data or training to do a reasonable risk assessment.
Full story here.It was like a scene from a horror film: A 27-year-old man plummeted into a gaping hole that suddenly opened beneath a house, trapping him beneath foundation rubble and killing him.
"It's unbelievable," Placer County Sheriff's Department spokeswoman Dena Erwin said. "From the front of the house, it's absolutely normal. Then, in the middle of the house, is this enormous hole."
The victim was awake and on the ground floor about 9:30 p.m. Friday when the concrete foundation near the kitchen gave way, sending him plunging into to the ground, Erwin said.
From F-Secure Blog...
Lazy phishers are often simply making a copy of the original bank site with some malicious modifications. As an example, take a look at this currently active phishing site targeting Chase Bank.
This phishing site is running on an infected home computer in Spain. Only the html is hosted there; all the images are actually loaded directly from a real chase.com server.
Now, activity like this could be detected by the website of the bank automatically. How about modifying the logic of the bank web server to do something along these lines:
If somebody
a) loads my images but
b) does not load the corresponding html file and
c) has http referrer -values outside of my domain
then, for this user, lets change this image:
to this image:
This could be activated only after the activity has happened from, say, 10 different IP addresses, to make it harder for the attackers to spot it until it's too late.
And, in most cases the REFERRER fields would directly point the bank staff to the real phishing site which they could now start closing down.
Eventually, attackers would move to host their own images, but for now they still typically don't.
In a press release today, Redspin, an independent auditing firm based in Carpinteria, CA, suggests that the recent mandated upgrades of ATMs to support triple DES encryption of PINs has introduced new vulnerabilities into the ATM network environment - because of other changes that were typically made concurrently with the triple DES upgrades.
In a rare news conference, the designer of Russia's intercontinental ballistic missiles dismissed on Thursday a warning that Russia was falling behind the United States in the number of active nuclear warheads it has and said his Topol-M and Bulava missiles would serve as a sufficient deterrent until at least 2040.
"I assure you that the number of active warheads the strategic nuclear forces will have in 2015 and even in 2020 will be no less than 2,000," said Yury Solomonov, head and chief designer at the Moscow Institute of Thermal Technology, Russia's leading designer of intercontinental missiles.
Maps, charts, and intelligence reports on computer drives smuggled out of a US base and sold at a local bazaar describe how Taliban and Al Qaeda leaders have been using southwestern Pakistan as a key planning and training base for attacks in Afghanistan.
The documents, marked ''secret," appear to be raw intelligence reports based on conversations with Afghan informants, and official briefings given to high-level US military officers. Together, they outline how the US military came to focus its search for members of Taliban, Al Qaeda, and other terrorist groups on the border region with Pakistan and Pakistani territory.
American investigators have paid thousands of dollars to buy back the stolen drives, according to shopkeepers outside the major military base here, but many were still on sale yesterday.
Included on some drives were the Social Security numbers of hundreds of US soldiers, including four generals, and lists of troops who completed nuclear, chemical, and biological warfare training, the Associated Press reported.
Windows registry contains lots of information that are of potential evidential value or helpful in aiding forensic examiners on other aspects of forensic analysis. This paper discusses the basics of Windows XP registry and its structure, data hiding techniques in registry, and analysis on potential Windows XP registry entries that are of forensic values.
A sheriff's deputy used a Taser to stop a 92-year-old man from allegedly beating his roommate with his aluminum cane at a Florida assisted living center.
Both men suffer from Alzheimer's disease, the center at Hudson, Fla., said. When struck by the Taser, Olin Holcombe's lone comment was, "Wow! That smarts."
A nurse reported hearing a "thud" shortly after midnight Thursday and she found Roland Casanova, 81, on the floor, defending himself from Holcombe's cane, the Tampa Tribune reported. The sheriff's deputy who answered the call said Holcombe swung the cane at him also before the officer drew his Taser.
"Wow! That smarts." ?! That's it? This guy's gets hit with a freekin' Taser, his pacemaker is probably vibrating faster than the toy-of-the-month on Sue Johanson's Sunday Night Sex Show, and all he says is "Wow! That smarts."
That guy is TUFF. I would've been laid out on the floor crying and wimpering, feeling something like a Mike Tyson cell mate after lights out.
A red-faced Australian nudist who tried to set fire to what he thought was a deadly funnel web spider's nest ended up with badly burnt buttocks, emergency officials said on Monday.
The 56-year-old man was at a nudist colony near Bowral, about 100 km (62 miles) southwest of Sydney, on Sunday when he spotted what he believed to be a funnel web spider hole.
Ambulance workers, including a helicopter crew, were called to the scene after the man poured petrol down the hole and then lit a match in an attempt to kill the offending arachnid.
"The exploding petrol fumes left the man with burns to 18 percent of his body, on the upper leg and buttocks," the NRMA Careflight helicopter rescue service said in a statement.
It said the man's lack of clothing probably contributed to the extent of his burns.
The deputy press secretary for the U.S. Department of Homeland Security was charged with using a computer to seduce a child after authorities said he struck up sexual conversations with an undercover detective posing as a 14-year-old girl.
Bruce Schneier is starting a contest:
"It is in this spirit I announce the (possibly First) Movie-Plot Threat Contest. Entrants are invited to submit the most unlikely, yet still plausible, terrorist attack scenarios they can come up with.
Your goal: cause terror. Make the American people notice. Inflict lasting damage on the U.S. economy. Change the political landscape, or the culture. The more grandiose the goal, the better.
Assume an attacker profile on the order of 9/11: 20 to 30 unskilled people, and about $500,000 with which to buy skills, equipment, etc."
You can post your movie plots on his blog here.
ABC News suspended the executive producer of the weekend edition of "Good Morning America" yesterday over a pair of leaked e-mails in which he used inflammatory language to slam President Bush and Madeleine Albright.
In one of the e-mails, written during the first presidential debate in 2004 and leaked to the Drudge Report, Green wrote to a colleague on his BlackBerry: "Are you watching this? Bush makes me sick. If he uses the 'mixed messages' line one more time, I'm going to puke."
It is widely believed at ABC News that the e-mails were leaked by a former employee who has a vendetta against Green.
The covered topics are:
Looking for that special family activity this weekend? Look no further, hop over to EBAY and grab a copy of "BIG FOOT Snow Monster Board Game" - Milton Bradley 1977.
In this episode of The Code Room watch the White Hats and Black Hats battle for the security of Las Vegas. Jessi Knapp and Microsoft Security Guru Joe Stagner narrate as the Hackers try to gain control of The Plaza's online money management system and our Security Team tries to stay one step ahead
Sure blame the browser. The bug report makes for a fun read..."Because they know they can't do it," he said last week.
Originally Released in 1973
The You're In Control system uses an array of piezoelectric sensors mounted to the back of a urinal to detect the position of a stream of water, allowing a person to play a video game while peeing. A video monitor is mounted above the urinal, and position on the back of the urinal corresponds to position on the screen. We created a custom video game (our interpretation of the carnival game "whack-a-mole") in which the player attempted to hit hamsters as they flew out of one hole and into another hole in the ground. A successful hit would turn the hamster yellow, make it scream and spin out of control, and give the player ten points.
The first computer circuit to be built on a single molecule has been unveiled by researchers in the US.Parents have more to worry about than their child grazing their knee in the playground -- they now should be concerned their toddlers are being kept "cybersafe" as well, an internet safety group said today.
A campaign to keep preschoolers safe when playing on the internet and with other modern technology is to be launched this week.
"In addition to young children inadvertently finding inappropriate material or being exposed to online predators and cyber bullies, they observe and copy the online behaviour of their parents and older siblings to an extent often not realised by their families," Ms Balfour said.
She cited the example of a New Zealand family that was surprised to receive a parcel of videos ordered online by their four-year-old.
"This experience just goes to show how well youngsters can copy behaviour."
"Young children may appear skilled in internet use, but they will not have yet developed the understanding and judgment to always keep themselves cybersafe," Ms Balfour said.
