Considering that mechanical beings will be fighting our real wars here in just a few years, it's no shock to see more focus placed on the areas where actual humans will still be the ones waging. DARPA is looking to create what it calls a National Cyber Range, which would essentially act as a training ground for cyber warriors. The setup would enable defense gurus to simulate battle against attacks our on nation's most highly prized data, and of course, give victors over virtual phishing scams immense bragging rights. Come to think of it, Estonia could have totally benefited from something like this last year.

[Via Information Week, image courtesy of Sandia]

Ever peered up in a dimly lit parking lot only to spot a smattering of cameras peering at your every move? Now you too can have such a sophisticated monitoring system right around your own home thanks to QNAP's NVR-1012. The network surveillance kit is designed to provide "professional grade" live video recording abilities in homes and offices where hoodlums and malefactors tend to linger. The entire system is Linux-based and comes with a single NVR-101 server and a pair of IP cameras; reportedly, the solution is a breeze to install and every recording function can be carried out via an Internet Explorer window. Best of all, you'll even find 2-way audio capabilities, so you can have a quick chat with any caught-red-handed crooks or mischievous youngsters right before the fuzz / man of the house swarms in for capture. Talk about a thrilling way to spend a Thursday evening.

Kingston's got a thing for über-secure flash drives, and its latest DataTraveler definitely keeps the trend alive. The waterproof BlackBox is the outfit's first Federal Information Processing Standard (FIPS)-validated drive, which means that it was given the seal of approval from the National Institute of Standards and Technology and the Communications Security Establishment of the Government of Canada. More specifically, you'll find "256-bit hardware-based AES encryption via a dedicated processor which automatically encrypts and decrypts data on the fly" and it'll also enter lock down mode if you happen to forget your password ten consecutive times. Of course, Kingston's pretty proud of this thing, so don't be shocked when you see the $165 (2GB), $242 (4GB) and $424 (8GB) price tags, alright? Alright.

[Via Electronista]

Automated paintball machines have been spotted holding down a-many of forts, but it's still been relatively hard to find one pre-built and ready for purchase. Enter Evolution Model Technology, whose Paintball Sentry Turret is mighty enough to mow down even the deepest of crosstown rival cliques trying to get up in your area. Arriving in wired and wireless versions, the unit is available with water- or winter-proof armor, can be controlled remotely and features a head that rotates 350-degrees and tilts 90-degrees. Best of all, the cold blooded plastering machine can be customized to the hilt for those living in seriously dodgy locales, but considering the $1,399.50 (and way, way up) price tag, you better have one incredible stash of valuables to protect before pulling the proverbial trigger.

[Via technabob]

Like having control of your connection to the internet? Don't tell Dan Kaminsky that -- the researcher has developed a method of DNS attack utilizing typical D-Link or Linksys routers that can allow hackers to gain command of your gear. The winner-takes-all maneuver, which is called a "DNS rebinding attack," functions by putting JavaScript into play that fools your browser into altering your router's configuration, thus letting the operator remotely administer the device. The concept isn't water-tight, as it takes advantage of easily-guessable router admin passwords, though Kaminsky says the enabling bug exists as a "core issue" for browsers. The attack will be showcased at tomorrow's RSA security conference, where it's hoped the demonstration will raise awareness about router security vulnerability. In the meantime, we suggest you change that default password.

Laptop LoJack's number might be up, Intel's apparently gearing up to start pushing its so-called Anti-Theft Technology for laptops. Details are still sparse, but apparently it provides boot-time lockout of unauthorized users (presumably among other things) upon occasion of theft, and is being picked up by partner companies like Lenovo, Fujitsu, Phoenix, and McAffee for release later this year. It'd be really nice if we could get some connected GPS to phone home when your laptop takes off without you, but it's nice to know the industry's finally starting to take this stuff on instead of leaving hapless theft victims to fend for themselves.

[Via Ars Technica]

Details are still sparse (and primarily in Japanese), but our Tokyo bureau just let us know that Sony's announced a fairly severe security vulnerability on the PlayStation Network, which would actually allow an attacker to access your account, personal information, and Wallet -- but not your credit card on file -- as well as change your password. Damn. More on this as it develops; in the mean time, keep a close eye on that account.

Update: More information is on the US PS3 site. Apparently the issue has been resolved and "security is restored." Thanks, luckydude76.

No, we don't recommend testing out your lock bumping skills on any building which you don't own, but just in case you've fallen victim to a bumper in the past, Kwikset is out to put you back in charge of whatever's behind door number three. Available in handsets, deadbolts, knobs and levers, the SmartKey technology effectively eliminates the possibility of using a rigged key to exploit the lock, and better still, the included Learn Tool enables owners to re-key a lock in under half a minute if necessary. Reportedly, the side-locking bar deadbolt system features ANSI Grade 1 certification and has passed "the most stringent lock picking standard." 'Course, it's only a matter of time before the tinkerers of the world have even this all figured out, but hey, at least SmartKey puts you ever-so-slightly ahead of the curve, right?

[Via Apartment Therapy]

We've seen paintball guns destined for robot mounting, but darkback2 reckoned it was entirely more wicked to actually construct his own paintballing overlord from scratch. Apparently, Gepetto wasn't born to a be a killer (nor a lover, for that matter), but the idea of remotely controlling a security guard outside your domicile really gets our gears turning. Head on past the break to catch a couple of videos of this creature in action -- oh, and Gepetto, we hear there's a street down in Atlanta that could use someone like you.

[Via Technabob]

Oh yeah, we've seen GPS devices intended to sit secretively within the confines of a motorcar and beam back real-time tracking data to the powers that be, but typically, they're fairly subtle about their purpose. Not so with the brashly named GPS Snitch, which makes no bones about its intentions of helping you catch that unfaithful SO or your rebellious teenager. As expected, this unit simply hides within one's vehicle and can notify administrators via SMS / e-mail as soon as motion is detected or a pre-determined perimeter is exceeded. Additionally, you can track the vehicle's progress through BlackLine's website, and just in case the week of battery life isn't enough, it can be hardwired to the car battery for logging extra long road trips. Ready to quell your suspicions? Grab one now for $399 plus applicable service plan fees.

All of the sudden we're starting to see more and more attacks take advantage of what's stored on your computer's RAM -- the latest, from New Zealand's Adam Boileau, allows an attacker to unlock Windows passwords in a just a few seconds using a Linux machine connected over Firewire. Unlike those disk encryption attacks we saw that required a reboot, Boileu's attack works while the target computer is running, tricking Windows into allowing full write access to RAM and then corrupting the password protection code. That's a little scary -- but other researchers say that it's not a traditional vulnerability, since direct memory access is a feature of Firewire. Still, we're sealing up all of our ports with Silly Putty starting today, that ought to stop 'em.

Update: Apparently this has been demonstrated on OS X as well -- it looks like Firewire's direct memory access is the common vector here.

[Thanks, Drew]

Ruh roh, Shaggy -- you remember that disk encryption attack that involved cooling off your target's RAM and yanking it to get a bitdump before the contents faded? Well, it looks like things just got a lot simpler for would-be attackers -- check out this USB flash key designed by security researcher Robert Wesley McGrew, which can boot your machine and dump the RAM to itself without altering its contents. That means you no longer need to actually pull the DIMMs or carry around an air duster; all an attacker needs is enough time to reboot your machine and copy the contents of your RAM. Of course, that takes time -- McGrew says things are running quite slowly right now, but he suspects his test machine is dropping down to USB 1.0 speeds. That's still not too reassuring -- looks like we'll be spending even more time with our machines from now on.

[Via Hack a Day]

Rufus Terrill's stocky handmade robot is more than your average drinking buddy -- in fact, the four-foot tall, 300-pound robotic security guard makes it his job to discourage vandals and vagabonds from marring the streets of Atlanta. The inventor is an engineer-turned-bar owner who got tired of drifters and thieves hanging around his business undeterred. Rather than calling in the professionals, he constructed a remote controlled robot that can flash a spotlight, blast out water and resist even the toughest of 40oz. cans that inevitably come its way. Best of all, he can even make the creature talk, and apparently, its array of scare tactics has been fairly effective thus far. Talk about protecting and serving.

[Via MetaFilter]

It's an old adage that no security measure is worth anything if an attacker has physical access to the machine, but things like heavy-duty disk encryption are supposed to at least slow things down. Sadly, that may not actually be the case, as a group of Princeton researchers has just published a paper detailing an exploit that requires little more than a spray duster and a screwdriver. Since the encryption key for systems like BitLocker and FileVault lives in RAM, all an attacker has to do to get it is cool the RAM modules with the air duster held upside down, yank the DIMM, and insert it into another machine, where it can then be read to access the key. Of course, this assumes that you've already typed in your password, but check the video after the break to see how long bits in RAM stay written -- even if you've turned off your computer, there's a chance the key can still be read. Looks like there's an actual benefit to MacBook Air's soldered-in RAM after all, eh?