Tag: 爱上海419新的连接

Camel finds home in Assam after long legal battle

first_imgA camel rescued from smugglers on the Bangladesh border has found a home in eastern Assam’s Sivasagar after a six-month legal battle for ownership between the State police and the authorities of the Assam State Zoo. The camel, an adult male, left the zoo in Guwahati in a truck on Monday morning for an “animal home” in eastern Assam’s Sivasagar district about 350 km away. His companion was Samiran Hatimuria, who runs the home called Aranyam.“The camel is a welcome addition to my family, whose members include emus, turkeys, guinea pigs, horses, 12 types of peafowls, five varieties of pigeons, and other animals. I hope the camel adapts to our 12-bigha home,” Mr. Hatimuria, 32, told The Hindu after reaching his village Talugaon, about 3 km from Sivasagar town.The police in western Assam’s Goalpara district had in mid-2018 rescued the camel while the animal was allegedly being transported for smuggling into Bangladesh.Like two more camels rescued from the same district in January that year, this camel, too, was shifted to the zoo.The first two camels were diagnosed as carriers of diseases that veterinarians said could put the caged animals in the zoo at risk. Zoo officials approached the Sessions Court in Goalpara after the two died six months ago.“We told the court that the zoo is not authorised to keep domestic animals and that the police should take back the third camel, which appeared healthy,” Tejas Marisamy, the zoo’s Divisional Forest Officer (DFO), said.In course of time, the local court asked the police to take the camel back. But the inability of the police to accommodate the animal left it in the zoo.In December, the zoo got in touch with Mr. Hatimuria, who had, since opening Aranyam in 2008, earned a reputation for letting his facility out to be used by the Sivasagar district wildlife officials to shelter rescued wild animals temporarily for treatment or rehabilitation in the wild.“The zoo paid for the camel’s transportation. Sustenance for the animal would be appreciated, but I can take care of him, like the others at Aranyam. My parents earn a decent living, I run a small business and we have some farm income, too,” he said.“The police should ideally provide for the camel’s fodder and care since they are legally its custodian. But we will try to work a way out,” Mr. Marisamy said.last_img read more

Filipino Muslims set to approve autonomy law

first_imgMoro Islamic Liberation Front (MILF) members secure Camp Darapanan in Sultan Kudarat, Maguindanao on the southern island of Mindanao on 29 July 2018. Nearly 100,000 members of the Philippines` largest Muslim rebel group gathered on 29 July to discuss a landmark law granting them autonomy, expressing hope it would make their `dream of peace` a reality. — AFPLeaders of the Philippines’ mainstream separatist group on Sunday urged Muslims in the country’s south to support a new autonomy law designed to tackle extremism and defuse a half-century of conflict in a referendum later this year.The Moro Islamic Liberation Front (MILF), which signed a peace deal with the government four years ago, gathered tens of thousands of supporters from all over the southern province of Mindanao to its base to begin a massive campaign for the law’s approval.President Rodrigo Duterte last signed the new autonomy legislation, called Bangsamoro Organic Law, allowing self-rule for Muslims in 2022, hoping to end a conflict that has killed more than 120,000 people and displaced 2 million.“Our real journey toward self-determination is just starting,” Mohagher Iqbal, the rebel group’s chief negotiator, told Reuters by telephone, saying there are still challenges ahead that could stop the implementation of the law.Speaking earlier to thousands of supporters, including women and children, he asked them to vote for the approval of the law expanding the territories covered by the Muslim autonomous area in the south, although he warned of some potential obstacles.“We still don’t know if there are groups or individuals who will question the new autonomy law before the Supreme Court,” he told a cheering crowd in a speech livestreamed on social media. Supporters chanted “Allahu Akbar” and “Yes to BOL” in the rebel camp in the middle of coconut and banana groves.In 2008, close to a million people were displaced in central Mindanao region when violence erupted after the Supreme Court canceled a deal on ancestral domain with the MILF. A small but more radical splinter rebel group has since emerged, and has aligned with pro-Islamic State militant forces.MILF leaders said they are trying to avoid a similar episode that could lead to extremist groups taking hold in the south. The rebel group is expected to dominate the 80-member Bangsamoro transition government that will be formed after the referendum.The Bangsamoro area includes part of the Philippines’ second-largest island of Mindanao, and a chain of dozens of small islands to the west notorious for piracy and banditry.An estimated five million Muslims live in the region, which has the predominantly Catholic nation’s lowest levels of employment, income, education and economic development.The United Nations, European Union, United States and Japan welcomed the passing of the new autonomy law, hoping for an end to violence and a start to the region’s economic reconstruction.last_img

US Postal Service patches an API exploit that impacted 60 million USPS

first_imgEarly this week, the U.S.Postal Service patched an API exploit that could allow users with an account on USPS.com to view other users’ account details and also modify account details on their behalf. This exploit had an impact on 60 million USPS users. KrebsOnSecurity was contacted last week by a researcher who discovered the problem, but who asked to remain anonymous. According to KrebsOnSecurity, “The researcher said he informed the USPS about his finding more than a year ago yet never received a response. After confirming his findings, KrebsOnSecurity contacted the USPS, which promptly addressed the issue.” The problem was discovered from an authentication weakness in a USPS Web component- API, which was a part of the USPS “Informed Visibility” program designed to help mail senders with near real-time tracking data. According to KrebsOnSecurity, “the flaw let any logged-in usps.com user query the system for account details belonging to any other users, such as email address, username, user ID, account number, street address, phone number, authorized users, mailing campaign data and other information.” “Many of the API’s features accepted ‘wildcard’ search parameters, meaning they could be made to return all records for a given data set without the need to search for specific terms. No special hacking tools were needed to pull this data, other than knowledge of how to view and modify data elements processed by a regular Web browser like Chrome or Firefox”, according to KrebsOnSecurity. Nicholas Weaver, a researcher at the International Computer Science Institute and lecturer at UC Berkeley, said, “This is not even Information Security 101, this is Information Security 1, which is to implement access control. It seems like the only access control they had in place was that you were logged in at all. And if you can access other people’s data because they aren’t enforcing access controls on reading that data, it’s catastrophically bad and I’m willing to bet they’re not enforcing controls on writing to that data as well.” Following this flaw, the USPS included a validation step to prevent unauthorized changes. If anyone tries to modify the email address associated with a user’s USPS account via the API, a confirmation message will be sent to the email address tied to that account. KrebsOnSecurity states, “It does not appear USPS account passwords were exposed via this API, although KrebsOnSecurity conducted only a very brief and limited review of the API’s rather broad functionality before reporting the issue to the USPS. The API at issue resides here; a copy of the API prior to its modification on Nov. 20 by the USPS is available here as a text file.” Robert Hansen, chief technology officer at Bit Discovery, a security firm in Austin, Texas, said, “This could easily be leveraged to build up mass targeted spam or spear phishing. It should have been protected via authentication and validated against the logged in user in question.” In a statement shared with KrebsOnSecurity, the USPS said it currently has no information that this vulnerability was leveraged to exploit customer records, and that the information shared with the USPS allowed it to quickly mitigate the vulnerability. Here’s the rest of their statement: “Computer networks are constantly under attack from criminals who try to exploit vulnerabilities to illegally obtain information.  Similar to other companies, the Postal Service’s Information Security program and the Inspection Service uses industry best practices to constantly monitor our network for suspicious activity.” “Any information suggesting criminals have tried to exploit potential vulnerabilities in our network is taken very seriously. Out of an abundance of caution, the Postal Service is further investigating to ensure that anyone who may have sought to access our systems inappropriately is pursued to the fullest extent of the law.” To know more about this news in detail, visit KrebsOnSecurity website. Read Next Linux 4.20 kernel slower than its previous stable releases, Spectre flaw to be blamed, according to Phoronix Microsoft fixes 62 security flaws on Patch Tuesday and re-releases Windows 10 version 1809 and Windows Server 2019 Final release for macOS Mojave is here with new features, security changes and a privacy flawlast_img read more