Beta

Slashdot: News for Nerds

×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Black Hat Researchers Actively Trying To Deanonymize Tor Users

Soulskill posted 1 hour ago | from the good-research-vs-bad-research dept.

Communications 41

An anonymous reader writes: Last week, we discussed news that a presentation had been canceled for the upcoming Black Hat security conference that involved the Tor Project. The researchers involved hadn't made much of an effort to disclose the vulnerability, and the Tor Project was scrambling to implement a fix. Now, the project says it's likely these researchers were actively attacking Tor users and trying to deanonymize them. "On July 4 2014 we found a group of relays that we assume were trying to deanonymize users. They appear to have been targeting people who operate or access Tor hidden services. The attack involved modifying Tor protocol headers to do traffic confirmation attacks. ...We know the attack looked for users who fetched hidden service descriptors, but the attackers likely were not able to see any application-level traffic (e.g. what pages were loaded or even whether users visited the hidden service they looked up). The attack probably also tried to learn who published hidden service descriptors, which would allow the attackers to learn the location of that hidden service." They also provide a technical description of the attack, and the steps they're taking to block such attacks in the future.

Ford, GM Sued Over Vehicles' Ability To Rip CD Music To Hard Drive

Soulskill posted 4 hours ago | from the i-buy-a-car-every-time-i-want-to-steal-some-music dept.

The Courts 213

Lucas123 writes: The Alliance of Artists and Recording Companies is suing Ford and General Motors for millions of dollars over alleged copyrights infringement violations because their vehicles' CD players can rip music to infotainment center hard drives. The AARC claims in its filing (PDF) that the CD player's ability to copy music violates the Audio Home Recording Act of 1992. The Act protects against distributing digital audio recording devices whose primary purpose is to rip copyrighted material. For example, Ford's owner's manual explains, "Your mobile media navigation system has a Jukebox which allows you to save desired tracks or CDs to the hard drive for later access. The hard drive can store up to 10GB (164 hours; approximately 2,472 tracks) of music." The AARC wants $2,500 for each digital audio recording device installed in a vehicle, the amount it says should have been paid in royalties.

Airbnb Partners With Cities For Disaster Preparedness

Soulskill posted 11 hours ago | from the going-wrong-the-right-way dept.

Communications 43

An anonymous reader writes: Every time a city- or state-wide disaster strikes, services to help the victims slowly crop up over the following days and weeks. Sometimes they work well, sometimes they don't. Today, city officials in San Francisco and Portland announced a partnership with peer-to-peer lodging service Airbnb to work out some disaster-preparedness plans ahead of time. Airbnb will locate hosts in these cities who will commit to providing a place to stay for people who are displaced in a disaster, and then set up alerts and notifications to help people find these hosts during a crisis. The idea is that if wildfires or an earthquake forces thousands of people to evacuate their homes, they can easily be absorbed into an organized, distributed group of willing hosts, rather than being shunted to one area and forced to live in a school gymnasium or something similar.

Senate Bill Would Ban Most Bulk Surveillance

Soulskill posted yesterday | from the assuming-they-can-pass-anything dept.

Government 169

An anonymous reader writes: Today Senator Patrick Leahy (D-VT) introduced a bill that would ban bulk collection of telephone records and internet data for U.S. citizens. This is a stronger version of the legislation that passed the U.S. House in May, and it has support from the executive branch as well. "The bill, called the USA Freedom Act, would prohibit the government from collecting all information from a particular service provider or a broad geographic area, such as a city or area code, according to a release from Leahy's office. It would expand government and company reporting to the public and reform the Foreign Intelligence Surveillance Court, which reviews NSA intelligence activities. Both House and Senate measures would keep information out of NSA computers, but the Senate bill would impose stricter limits on how much data the spy agency could seek."

A 24-Year-Old Scammed Apple 42 Times In 16 Different States

timothy posted yesterday | from the fool-me-42-times-won't-get-fooled-again dept.

Crime 367

redletterdave (2493036) writes "Sharron Laverne Parrish Jr., 24, allegedly scammed Apple not once, but 42 times, cheating the company out of more than $300,000 — and his scam was breathtakingly simple. According to a Secret Service criminal complaint, Parrish allegedly visited Apple Stores and tried to buy products with four different debit cards, which were all closed by his respective financial institutions. When his debit card was inevitably declined by the Apple Store, he would protest and offer to call his bank — except, he wasn't really calling his bank. So he would allegedly offer the Apple Store employees a fake authorization code with a certain number of digits, which is normally provided by credit card issuers to create a record of the credit or debit override. But that's the problem with this system: as long as the number of digits is correct, the override code itself doesn't matter."

London Police Placing Anti-Piracy Warning Ads On Illegal Sites

timothy posted yesterday | from the since-you're-here-anyhow dept.

Piracy 156

mrspoonsi (2955715) writes "The City of London police has started placing banner advertisements on websites believed to be offering pirated content illegally. The messages, which will appear instead of paid-for ads, will ask users to close their web browsers. The move comes as part of a continuing effort to stop piracy sites from earning money through advertising. Police said the ads would make it harder for piracy site owners to make their pages look authentic. "When adverts from well known brands appear on illegal websites, they lend them a look of legitimacy and inadvertently fool consumers into thinking the site is authentic," said Detective Chief Inspector Andy Fyfe from the City of London Police Intellectual Property Crime Unit (Pipcu). "This new initiative is another step forward for the unit in tackling IP crime and disrupting criminal profits. "Copyright infringing websites are making huge sums of money though advert placement, therefore disrupting advertising on these sites is crucial and this is why it is an integral part of Operation Creative.""

OKCupid Experiments on Users Too

Unknown Lamer posted 2 days ago | from the statistics-are-only-skin-deep dept.

Stats 158

With recent news that Facebook altered users' feeds as part of a psychology experiment, OKCupid has jumped in and noted that they too have altered their algorithms and experimented with their users (some unintentional) and "if you use the Internet, you’re the subject of hundreds of experiments at any given time, on every site. That’s how websites work." Findings include that removing pictures from profiles resulted in deeper conversations, but as soon as the pictures returned appearance took over; personality ratings are highly correlated with appearance ratings (profiles with attractive pictures and no other information still scored as having a great personality); and that suggesting a bad match is a good match causes people to converse nearly as much as ideal matches would.

The Misleading Fliers Comcast Used To Kill Off a Local Internet Competitor

Unknown Lamer posted 2 days ago | from the muni-broadband-madness! dept.

The Internet 245

Jason Koebler (3528235) writes In the months and weeks leading up to a referendum vote that would have established a locally owned fiber network in three small Illinois cities, Comcast and SBC (now AT&T) bombarded residents and city council members with disinformation, exaggerations, and outright lies to ensure the measure failed. The series of two-sided postcards painted municipal broadband as a foolhardy endeavor unfit for adults, responsible people, and perhaps as not something a smart woman would do. Municipal fiber was a gamble, a high-wire act, a game, something as "SCARY" as a ghost. Why build a municipal fiber network, one asked, when "internet service [is] already offered by two respectable private businesses?" In the corner, in tiny print, each postcard said "paid for by SBC" or "paid for by Comcast." The postcards are pretty absurd and worth a look.

Ask Slashdot: Preparing an Android Tablet For Resale?

timothy posted 2 days ago | from the link-free-cloth-and-a-.45 dept.

Privacy 110

UrsaMajor987 (3604759) writes I have a Asus Transformer tablet that I dropped on the floor. There is no obvious sign of damage but It will no longer boot. Good excuse to get a newer model. I intend to sell it for parts (it comes with an undamaged keyboard) or maybe just toss it. I want to remove all my personal data. I removed the flash memory card but what about the other storage? I know how to wipe a hard drive, but how do you wipe a tablet? If you were feeling especially paranoid, but wanted to keep the hardware intact for the next user, what would you do?

US States Edge Toward Cryptocoin Regulation

timothy posted 2 days ago | from the hey-these-still-smell-like-dollars dept.

Bitcoin 163

SonicSpike points out an article from the Pew Charitable Trusts' Research & Analysis department on the legislation and regulation schemes emerging in at least a few states in reaction to the increasing use of digital currencies like Bitcoin. A working group called the Conference of State Bank Supervisors’ Emerging Payments Task Force has been surveying the current landscape of state rules and approaches to digital currencies, a topic on which state laws are typically silent. In April, the task force presented a model consumer guidance to help states provide consumers with information about digital currencies. A number of states, including California, Massachusetts and Texas, have issued warnings to consumers that virtual currencies are not subject to “traditional regulation or monetary policy,” including insurance, bonding and other security measures, and that values can fluctuate dramatically. ... The article focuses on the high-population, big-economy states of New York, California and Texas, with a touch of Kansas -- but other states are sure to follow. Whether you live in the U.S. or not, are there government regulations that you think would actually make sense for digital currencies?

Attackers Install DDoS Bots On Amazon Cloud

timothy posted 2 days ago | from the fully-buzzword-compliant dept.

Security 25

itwbennett (1594911) writes "Attackers are exploiting a vulnerability in distributed search engine software Elasticsearch to install DDoS malware on Amazon and possibly other cloud servers. Last week security researchers from Kaspersky Lab found new variants of Mayday, a Trojan program for Linux that's used to launch distributed denial-of-service (DDoS) attacks. The malware supports several DDoS techniques, including DNS amplification. One of the new Mayday variants was found running on compromised Amazon EC2 server instances, but this is not the only platform being misused, said Kaspersky Lab researcher Kurt Baumgartner Friday in a blog post."

Google's Mapping Contest Draws Ire From Indian Government

timothy posted 2 days ago | from the you-can't-look-there dept.

Censorship 95

hypnosec writes with news that India's Central Bureau of Investigation has ordered a preliminary enquiry (PE) against Google for violating Indian laws by mapping sensitive areas and defence installations in the country. As per the PE, registered on the basis of a complaint made by the Surveyor General of India's office to the Union Home Ministry, Google has been accused of organizing a mapping competition dubbed 'Mapathon' in February-March 2013 without taking prior permission from Survey of India, country's official mapping agency. The mapping competition required citizens to map their neighbourhoods, especially details related to hospitals and restaurants. The Survey of India (SoI), alarmed by the event, asked the company to share its event details. While going through the details the watchdog found that there were several coordinates having details of sensitive defence installations which are out of the public domain."

Valencia Linux School Distro Saves 36 Million Euro

timothy posted 2 days ago | from the oh-no-big-deal dept.

Education 153

jrepin (667425) writes "The government of the autonomous region of Valencia (Spain) earlier this month made available the next version of Lliurex, a customisation of the Edubuntu Linux distribution. The distro is used on over 110,000 PCs in schools in the Valencia region, saving some 36 million euro over the past nine years, the government says." I'd lke to see more efforts like this in the U.S.; if mega school districts are paying for computers, I'd rather they at least support open source development as a consequence.

SpaceX Executive Calls For $22-25 Billion NASA Budget

timothy posted 3 days ago | from the only-tax-dollars-after-all dept.

NASA 113

MarkWhittington (1084047) writes "While participating in a panel called "The US Space Enterprise Partnership" at the NewSpace Conference that was held by the Space Frontier Foundation on Saturday, SpaceX Chief Operating Officer Gwynne Shotwell opined that NASA's budget should be raised to $22-25 billion, according to a tweet by Space Policy Online's Marcia Smith. The theory is that a lot of political rancor has taken place in the aerospace community because of the space agency's limited budget. If the budget were to be increased to pay for everything on the space wish list, the rancor will cease.

The statement represents something of a departure of the usual mutual antagonism that exists between some in the commercial space community and some at NASA. Indeed Space Politics' Jeff Foust added a tweet, "Thought: a panel at a Space Frontier Foundation conf is talking about how to increase NASA budget. Imagine that in late 90s." The Space Frontier Foundation has been a leading voice for commercializing space, sometimes at the expense of NASA programs."

In France, Most Comments on Gaza Conflict Yanked From Mainstream News Sites

timothy posted 3 days ago | from the national-brotherhood-week dept.

The Internet 499

An anonymous reader writes with an unpleasant statistic from France, quoting David Corchia, who heads a service employed by large French news organizations to sift through and moderate comments made on their sites. Quoting YNet News: Corchia says that as an online moderator, generally 25% to 40% of comments are banned. Moderators are assigned with the task of filtering comments in accordance with France's legal system, including those that are racist, anti-Semitic or discriminatory. Regarding the war between the Israelis and Hamas, however, Corchia notes that some 95% of online comments made by French users are removed. "There are three times as many comments than normal, all linked to the Israeli-Palestinian conflict," added Jeremie Mani, head of another moderation company Netino. "We see racist or anti-Semitic messages, very violent, that also take aim at politicians and the media, sometimes by giving journalists' contact details," he added. "This sickening content is peculiar to this conflict. The war in Syria does not trigger these kinds of comments."

Bose Sues New Apple Acquisition Beats Over Patent Violations

timothy posted 3 days ago | from the stick-it-in-your-ear dept.

Patents 161

Bose has taken issue with some of the technology embodied in products in Apple's newly acquired Beats line of headphones. As Ars Technica reports, Bose is suing Apple, claiming that the Beats products violate five Bose patents, covering noise cancellation and signal processing Although Bose never mentions Apple in the 22-page complaint, the acquisition price of the private company may have played a part in spurring Bose to sue. The suit doesn't include a specific damage demand. Bose has also filed a complaint with the US International Trade Commission against Beats over the same infringement claims. That means the patent lawsuit filed in federal court will be stayed while the ITC case gets resolved first.

On Forgetting the Facts: Questions From the EU For Google, Other Search Engines

timothy posted 3 days ago | from the here's-a-description-of-the-thing-you-want-undescribed dept.

Censorship 183

The Wall Street Journal lists 26 questions that Google and other search providers have been asked (in a meeting in Brussels earlier this week) to answer for EU regulators, to pin down what the search engine companies have done to comply with European demands to implement a "right to be forgotten." Some questions were asked directly of representatives of Microsoft, Yahoo and Google, while the regulators want answers to the others in short order. From the article: Regulators touched on some hot-button issues in six oral questions and another 26 written ones, with answers due by next Thursday. They asked Google to describe the “legal basis” of its decision to notify publishers when it approves right-to-be-forgotten requests, something that has led to requesters’ being publicly identified in some cases. They also asked search engines to explain where they take down the results, after complaints from some regulators that Google does not filter results on google.com. That means that anyone in Europe can switch from, say, google.co.uk to Google.com to see any removed links. Among the questions: "2. Do you filter out some requests based on the location, nationality, or place of residence of the data subject? If so, what is the legal basis for excluding such requests?" and "16. Does your company refuse requests when the data subject was the author of the information he/she posted himself/herself on the web? If so, what is the basis for refusing such requests?"

When Spies and Crime-Fighters Squabble Over How They Spy On You

timothy posted 3 days ago | from the we-may-or-may-not-have-done-that dept.

United States 120

The Washington Post reports in a short article on the sometimes strange, sometimes strained relationship between spy agencies like the NSA and CIA and law enforcement (as well as judges and prosecutors) when it comes to evidence gathered using technology or techniques that the spy agencies would rather not disclose at all, never mind explain in detail. They may both be arms of the U.S. government, but the spy agencies and the law enforcers covet different outcomes. From the article: [S]sometimes it's not just the tool that is classified, but the existence itself of the capability — the idea that a certain type of communication can be wiretapped — that is secret. One former senior federal prosecutor said he knew of at least two instances where surveillance tools that the FBI criminal investigators wanted to use "got formally classified in a big hurry" to forestall the risk that the technique would be revealed in a criminal trial. "People on the national security side got incredibly wound up about it," said the former official, who like others interviewed on the issue spoke on condition of anonymity because of the topic’s sensitivity. "The bottom line is: Toys get taken away and put on a very, very high shelf. Only people in the intelligence community can use them." ... The DEA in particular was concerned that if it came up with a capability, the National Security Agency or CIA would rush to classify it, said a former Justice Department official.

Bad "Buss Duct" Causes Week-long Closure of 5,000 Employee Federal Complex

timothy posted 3 days ago | from the something-to-be-indignant-about dept.

Bug 124

McGruber (1417641) writes In Atlanta, an electrical problem in a "Buss Duct" has caused the Sam Nunn Atlanta Federal Center to be closed for at least a week. 5,000 federal employees work at the center. While many might view this as another example of The Infrastructure Crisis in the USA, it might actually be another example of mismanagement at the complex's landlord, the General Service Administration (GSA). Probably no one wants to go to work in an Atlanta July without a working A/C.

Private Data On iOS Devices Not So Private After All

timothy posted 4 days ago | from the it's-totally-intuitive dept.

IOS 100

theshowmecanuck (703852) writes with this excerpt from Reuters summarizing the upshot of a talk that Jonathan Zdziarski gave at last weekend's HOPE conference: Personal data including text messages, contact lists and photos can be extracted from iPhones through previously unpublicized techniques by Apple Inc employees, the company acknowledged this week. The same techniques to circumvent backup encryption could be used by law enforcement or others with access to the 'trusted' computers to which the devices have been connected, according to the security expert who prompted Apple's admission. Users are not notified that the services are running and cannot disable them, Zdziarski said. There is no way for iPhone users to know what computers have previously been granted trusted status via the backup process or block future connections. If you'd rather watch and listen, Zdziarski has posted a video showing how it's done.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Create a Slashdot Account

Loading...