Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Days After Shooting, Canada Proposes New Restrictions On and Offline

timothy posted 6 hours ago | from the absolute-security dept.

Canada 168

New submitter o_ferguson writes As Slashdot reported earlier this week, a lone shooter attacked the war memorial and parliament buildings in Ottawa, Canada on Wednesday. As many comments predicted, the national government has seized this as an opportunity to roll out considerable new regressive legislation, including measures designed to* increase data access for domestic intelligence services, institute a new form of extra-judicial detention, and, perhaps most troubling, criminalize some forms of religious and political speech online. As an example of the type of speech that could, in future, be grounds for prosecution, the article mentions that the killer's website featured "a black ISIS flag and rejoiced that 'disbelievers' will be consigned to the fires of Hell for eternity." A government MP offers the scant assurance that this legislation is not "trauma tainted," as it was drafted well prior to this week's instigating incidents. Needless to say, some internet observes remain, as always, highly skeptical of the manner in which events are being portrayed. (Please note that some articles may be partially paywalled unless opened in a private/incognito browser window.)

Verizon Injects Unique IDs Into HTTP Traffic

Soulskill posted 8 hours ago | from the doing-the-wrong-thing-badly dept.

Verizon 136

An anonymous reader writes: Verizon Wireless, the nation's largest wireless carrier, is now also a real-time data broker. According to a security researcher at Stanford, Big Red has been adding a unique identifier to web traffic. The purpose of the identifier is advertisement targeting, which is bad enough. But the design of the system also functions as a 'supercookie' for any website that a subscriber visits. "Any website can easily track a user, regardless of cookie blocking and other privacy protections. No relationship with Verizon is required. ...while Verizon offers privacy settings, they don’t prevent sending the X-UIDH header. All they do, seemingly, is prevent Verizon from selling information about a user." Just like they said they would.

Researcher Finds Tor Exit Node Adding Malware To Downloads

Soulskill posted 11 hours ago | from the at-least-it's-anonymous-malware dept.

Security 101

Trailrunner7 writes: A security researcher has identified a Tor exit node that was actively patching binaries users download, adding malware to the files dynamically. The discovery, experts say, highlights the danger of trusting files downloaded from unknown sources and the potential for attackers to abuse the trust users have in Tor and similar services. Josh Pitts of Leviathan Security Group ran across the misbehaving Tor exit node while performing some research on download servers that might be patching binaries during download through a man-in-the middle attack.

What Pitts found during his research is that an attacker with a MITM position can actively patch binaries–if not security updates–with his own code. In terms of defending against the sort of attack, Pitts suggested that encrypted download channels are the best option, both for users and site operators. "SSL/TLSis the only way to prevent this from happening. End-users may want to consider installing HTTPS Everywhere or similar plugins for their browser to help ensure their traffic is always encrypted," he said via email.

Incapacitating Chemical Agents: Coming Soon To Local Law Enforcement?

samzenpus posted yesterday | from the and-stay-down dept.

Crime 139

Lasrick writes To this day, Russian authorities refuse to disclose the incapacitating chemical agent (ICA) they employed in their attempt, 12 years ago, to save 900 hostages held in a theater by Chechen fighters. Malcom Dando elaborates on a new report (PDF) that Russia, China, Israel, and a slew of other countries are continuing research into ICAs, and the apparent indifference of the international community into such research. Proponents of ICAs have long promoted their use in a variety of scenarios, including that of law enforcement, because in theory these chemicals incapacitate without permanent disability. Critics, however, point out that these weapons rely on exact dosage to prevent fatality, and that the ability to 'deliver the right agent to the right people in the right dose without exposing the wrong people, or delivering the wrong dose' is a near-impossible expectation. ICAs represent the further misuse and militarization of the life sciences and a weakening of the taboo against the weaponization of toxic substances, and the idea that they could be used in law enforcement situations is a disturbing one."

Tracking a Bitcoin Thief

samzenpus posted yesterday | from the naming-names dept.

Crime 61

An anonymous reader writes A small group of researchers were able to publish an investigative report on the hacking of a popular Bitcoin exchange earlier this year by the name of CryptoRush.in. Close to a million dollars stolen in crypto currency lead the group to discover evidence, track down the attacker and put together a timeline of what exactly happened. A captivating read for a community desensitized by thefts, hackings and lack of reporting. With pictures, and logs to prove it all.

Tech Firm Fined For Paying Imported Workers $1.21 Per Hour

samzenpus posted yesterday | from the was-that-wrong? dept.

Businesses 277

An anonymous reader sends in news about a company that was fined for flying in "about eight employees" from India to work 120-hour weeks for $1.21 per hour. Electronics for Imaging paid several employees from India as little as $1.21 an hour to help install computer systems at the company's Fremont headquarters, federal labor officials said Wednesday. "We are not going to tolerate this kind of behavior from employers," said Susana Blanco, district director of the U.S. Labor Department's wage and hour division in San Francisco.... An anonymous tip prompted the U.S. Department of Labor to investigate the case, which resulted in more than $40,000 in back wages paid to the eight employees and a fine of $3,500 for Electronics for Imaging.

Assange: Google Is Not What It Seems

timothy posted yesterday | from the mixed-motivations dept.

Privacy 261

oxide7 (1013325) writes "In June 2011, Julian Assange received an unusual visitor: the chairman of Google, Eric Schmidt. They outlined radically opposing perspectives: for Assange, the liberating power of the Internet is based on its freedom and statelessness. For Schmidt, emancipation is at one with U.S. foreign policy objectives and is driven by connecting non-Western countries to Western companies and markets. These differences embodied a tug-of-war over the Internet's future that has only gathered force subsequently. Assange describes his encounter with Schmidt and how he came to conclude that it was far from an innocent exchange of views."

German Publishers Capitulate, Let Google Post News Snippets

timothy posted yesterday | from the ja-ja-gut dept.

The Media 95

itwbennett writes German publishers said they are bowing to Google's market power, and will allow the search engine to show news snippets in search results free of charge — at least for the time being. The decision is a step in an ongoing legal dispute between the publishers and Google in which, predictably, publishers are trying to get compensation from the search engine for republishing parts of their content and Google isn't interested in sharing revenue. The move follows a Google decision earlier this month — and which was to go into effect today — to stop using news snippets and thumbnails for some well-known German news sites.

We Need Distributed Social Networks More Than Ello

timothy posted yesterday | from the pick-your-battles dept.

Facebook 253

Frequent contributor Bennett Haselton writes: Facebook threatened to banish drag queen pseudonyms, and (some) users revolted by flocking to Ello, a social network which promised not to enforce real names and also to remain ad-free. Critics said that the idealistic model would buckle under pressure from venture capitalists. But both gave scant mention to the fact that a distributed social networking protocol, backed by a player large enough to get people using it, would achieve all of the goals that Ello aspired to achieve, and more. Read on for the rest.

Austin Airport Tracks Cell Phones To Measure Security Line Wait

timothy posted yesterday | from the making-a-list-checking-it-twice dept.

Privacy 165

jfruh writes If you get into the TSA security line at Austin-Bergstrom International Airport, you'll see monitors telling you how long your wait will be — and if you have a phone with Wi-Fi enabled, you're helping the airport come up with that number. A system implemented by Cisco tracks the MAC addresses of phones searching for Wi-Fi networks and sees how long it takes those phones to traverse the line, giving a sense of how quickly things are moving. While this is useful information to have, the privacy implications are a bit unsettling.

Ello Formally Promises To Remain Ad-Free, Raises $5.5M

timothy posted 2 days ago | from the now-how-much-would-you-pay? dept.

Advertising 164

Social media site Ello is presented as the anti-Facebook, promising an ad-free social network, and that they won't sell private data. Today, they've also announced that Ello has become a Public Benefit Corporation, and that the site's anti-advertising promise has been enshrined in a corporate charter. The BBC reports on the restrictions that Ello has therefore entered into, which mean the site cannot, for monetary gain,

  1. Sell user-specific data to a third party
  2. Enter into an agreement to display paid advertising on behalf of a third party; and
  3. In the event of an acquisition or asset transfer, the Company shall require any acquiring entity to adopt these requirements with respect to the operation of Ello or its assets.

While that might turn off some potential revenue flows (the company says it will make money by selling optional features), as the linked article points out, it hasn't turned off investors; Ello has now raised $5.5 million from investors.

Sale of IBM's Chip-Making Business To GlobalFoundries To Get US Security Review

timothy posted 2 days ago | from the asking-permission-is-the-new-liberty dept.

Government 94

dcblogs writes IBM is an officially sanctioned trusted supplier to the U.S. Defense Dept., and the transfer of its semiconductor manufacturing to GlobalFoundries, a U.S.-based firm owned by investors in Abu Dhabi, will get U.S. scrutiny. Retired U.S. Army Brig. Gen. John Adams, who authored a report last year for an industry group about U.S. supply chain vulnerabilities and national security, said regulators will have to look closely. "I don't want cast aspersions unnecessarily on Abu Dubai — but they're not Canada," said Adams "I think that the news that we may be selling part of our supply chain for semiconductors to a foreign investor is actually bad news."

Proposed Penalty For UK Hackers Who "Damage National Security": Life

timothy posted 2 days ago | from the draconian-by-example dept.

Crime 164

An anonymous reader writes with this excerpt from The Guardian: Government plans that mean computer users deemed to have damaged national security, the economy or the environment will face a life sentence have been criticised by experts who warn that the new law could be used to target legitimate whistleblowers. The proposed legislation would mean that any British person deemed to have carried out an unauthorised act on a computer that resulted in damage to human welfare, the environment, the economy or national security in any country would face a possible life sentence. Last week the Joint Committee on Human Rights raised concerns about the proposals and the scope of such legislation.

Will Fiber-To-the-Home Create a New Digital Divide?

samzenpus posted 2 days ago | from the have-and-have-nots dept.

The Internet 289

First time accepted submitter dkatana writes Having some type of fiber or high-speed cable connectivity is normal for many of us, but in most developing countries of the world and many areas of Europe, the US, and other developed countries, access to "super-fast" broadband networks is still a dream. This is creating another "digital divide." Not having the virtually unlimited bandwidth of all-fiber networks means that, for these populations, many activities are simply not possible. For example, broadband provided over all-fiber networks brings education, healthcare, and other social goods into the home through immersive, innovative applications and services that are impossible without it. Alternatives to fiber, such as cable (DOCSYS 3.0), are not enough, and they could be more expensive in the long run. The maximum speed a DOCSYS modem can achieve is 171/122 Mbit/s (using four channels), just a fraction the 273 Gbit/s (per channel) already reached on fiber.

Michigan Latest State To Ban Direct Tesla Sales

samzenpus posted 2 days ago | from the not-in-my-town dept.

Government 255

An anonymous reader writes As many expected, Michigan Governor Michigan Governor Rick Snyder signed a bill that bans Tesla Motors from selling cars directly to buyers online in the state. When asked what Tesla's next step will be, Diarmuid O'Connell, vice president of business development, said it was unclear if the company would file a lawsuit. "We do take at their word the representations from the governor that he supports a robust debate in the upcoming session," O'Connell said. "We've entered an era where you can buy products and services with much greater value than a car by going online."

Judge Says EA Battlefield 4 Execs Engaged In "Puffery," Not Fraud

timothy posted 2 days ago | from the anything-they-say-they-set-their-minds-to dept.

The Courts 91

DemonOnIce writes with a story, as reported by Ars Technica, that a federal judge in San Francisco has dismissed a proposed securities fraud class action lawsuit connected to Battlefield 4's bungled rollout. From the report: EA and several top executives were sued in December and were accused of duping investors with their public statements and concealing issues with the first-person shooter game. The suit claimed executives were painting too rosy of a picture surrounding what ultimately would be Battlefield 4's disastrous debut on various gaming consoles beginning last October, including the next-generation Xbox One. But US District Judge Susan Illston of San Francisco said their comments about EA and the first-person shooter game were essentially protected corporate speak. "The Court agrees with defendants that all of the purported misstatements are inactionable statements of opinion, corporate optimism, or puffery," Illston ruled Monday.

Microsoft, Ask.com, Oracle Latest To Be Sued Over No-Poach Deal

timothy posted 2 days ago | from the all-in-the-same-gang-but-mostly-west-coast dept.

Microsoft 47

itwbennett (1594911) writes Oracle, Microsoft and Ask.com are facing suits alleging that they conspired to restrict hiring of staff. The suits appear to refer to a memo that names a large number of companies that allegedly had special arrangements with Google to prevent poaching of staff and was filed as an exhibit on May 17, 2013 in another class action suit over hiring practices. The former employees filing lawsuits against Microsoft, Ask.com and Oracle have asked that the cases be assigned to Judge Koh as there were similarities with the case against Google, Apple and others — and it maybe doesn't hurt that Judge Koh thought the $324.5 million settlement in that case was too low.

Shooting At Canadian Parliament

Soulskill posted 2 days ago | from the be-safe dept.

Canada 521

CBC reports that a man pulled up to the War Memorial in downtown Ottawa, got out of his car, and shot a soldier with a rifle. The Memorial is right next to the Canadian Parliament buildings. A shooter (reportedly the same one, but unconfirmed) also approached Parliament and got inside before he was shot and killed. "Scott Walsh, who was working on Parliament Hill, said ... the man hopped over the stone fence that surrounds Parliament Hill, with his gun forcing someone out of their car. He then drove to the front doors of Parliament and fired at least two shots, Walsh said." Canadian government officials were quickly evacuated from the building, while the search continues for further suspects. This comes a day after Canada raised its domestic terrorism threat level. Most details of the situation are still unconfirmed -- CBC has live video coverage here. They have confirmed that there was a second shooting at the Rideau Center, a shopping mall nearby.

DHS Investigates 24 Potentially Lethal IoT Medical Devices

Soulskill posted 2 days ago | from the but-they're-fine-with-mcdonald's-so-don't-get-your-hopes-up dept.

Medicine 78

An anonymous reader writes: In the wake of the U.S. Food and Drug Administration's recent recommendations to strengthen security on net-connected medical devices, the Department of Homeland Security is launching an investigation into 24 cases of potential cybersecurity vulnerabilities in hospital equipment and personal medical devices. Independent security researcher Billy Rios submitted proof-of-concept evidence to the FDA indicating that it would be possible for a hacker to force infusion pumps to fatally overdose a patient. Though the complete range of devices under investigation has not been disclosed, it is reported that one of them is an "implantable heart device." William Maisel, chief scientist at the FDA's Center for Devices and Radiological Health, said, "The conventional wisdom in the past was that products only had to be protected from unintentional threats. Now they also have to be protected from intentional threats too."

Hungary To Tax Internet Traffic

Soulskill posted 2 days ago | from the how-to-kill-your-youtube-habit dept.

The Internet 324

An anonymous reader writes: The Hungarian government has announced a new tax on internet traffic: 150 HUF ($0.62 USD) per gigabyte. In Hungary, a monthly internet subscription costs around 4,000-10,000 HUF ($17-$41), so it could really put a constraint on different service providers, especially for streaming media. This kind of tax could set back the country's technological development by some 20 years — to the pre-internet age. As a side note, the Hungarian government's budget is running at a serious deficit. The internet tax is officially expected to bring in about 20 billion HUF in income, though a quick look at the BIX (Budapest Internet Exchange) and a bit of math suggests a better estimate of the income would probably be an order of magnitude higher.

Slashdot Login

Need an Account?

Forgot your password?