We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!
Tyketto writes The US Department of Justice has been using fake communications towers installed in airplanes to acquire cellular phone data for tracking down criminals, reports The Wall Street Journal. Using fix-wing Cessnas outfitted with DRT boxes produced by Boeing, the devices mimic cellular towers, fooling cellphones into reporting "unique registration information" to track down "individuals under investigation." The program, used by the U.S. Marshals Service, has been in use since 2007 and deployed around at least five major metropolitan areas, with a flying range that can cover most of the US population. As cellphones are designed to connect to the strongest cell tower signal available, the devices identify themselves as the strongest signal, allowing for the gathering of information on thousands of phones during a single flight. Not even having encryption on one's phone, like found in Apple's iPhone 6, prevents this interception. While the Justice Department would not confirm or deny the existence of such a program, Verizon denies any involvement in this program, and DRT (a subsidiary of Boeing), AT&T, and Sprint have all declined to comment.
msm1267 (2804139) writes Threats to the integrity of Internet voting have been a major factor in keeping the practice to a bare minimum in the United States. On the heels of the recent midterm elections, researchers at Galois, a computer science research and development firm in Portland, Ore., sent another reminder to decision makers and voters that things still aren't where they should be. Researchers Daniel M. Zimmerman and Joseph R. Kiniry published a paper called 'Modifying an Off-the-Shelf Wireless Router for PDF Ballot Tampering' that explains an attack against common home routers that would allow a hacker to intercept a PDF ballot and use another technique to modify a ballot before sending it along to an election authority. The attack relies on a hacker first replacing the embedded Linux firmware running on a home router. Once a hacker is able to sit in the traffic stream, they will be able to intercept a ballot in traffic and modify code strings representing votes and candidates within the PDF to change the submitted votes.
itwbennett writes A U.S. court has quashed an attempt to seize Iran's, Syria's and North Korea's domains as part of a lawsuit against those countries' governments. The plaintiffs in the case wanted to seize the domains after they successfully sued Iran, Syria and North Korea as state sponsors of terrorism. But the court found the domains have the nature of a contractual right, and ruled that rights arising under a contract cannot be seized as part of a judgment.
schwit1 provides this excerpt from an Associated Press report: "Nineteen automakers accounting for most of the passenger cars and trucks sold in the U.S. have signed onto a set of principles they say will protect motorists' privacy in an era when computerized cars pass along more information about their drivers than many motorists realize. The principles were delivered in a letter Wednesday to the Federal Trade Commission, which has the authority to force corporations to live up to their promises to consumers. Industry officials say they want to assure their customers that the information that their cars stream back to automakers or that is downloaded from the vehicle's computers won't be handed over to authorities without a court order, sold to insurance companies or used to bombard them with ads for pizza parlors, gas stations or other businesses they drive past, without their permission. The principles also commit automakers to 'implement reasonable measures' to protect personal information from unauthorized access."Also at the Detroit News. Adds schwit1: "It's a meaningless gesture without being codified into law. A greedy car manufacturer or NSL trumps any 'set of principles'." The letter itself (PDF) isn't riveting, but it's more readable than some such documents, and all the promises it makes are a good reminder of just how much data modern cars can collect, and all the ways that it can be passed on.
An anonymous reader writes According to a lawsuit filed Friday in a New York court, when Jeremy Zielinski signed up for Time Warner Internet service after seeing an ad that it was $34.99 a month, he didn't expect his first bill to be more than $94. He didn't expect he'd have to fight for weeks to resolve it. And he didn't expect that, Time Warner's next step would be to sell him faster speeds, not bother to tell him his modem couldn't handle them, send him a bill anyway, then demand that he drive to the local office at his own expense to get a compatible modem. So he's taking the cable giant to court, accusing it of false advertising and deceptive business practices. While a lone individual fighting in court against the second largest cable company in the world certainly doesn't have the odds in his favor, this could get interesting. According to the complaint, he opted out of TWC's binding arbitration clause a few days after he opened his account, so he might have a shot of keeping this issue in real court. Stay tuned for more.
apexcp writes Senate Majority Leader (for now) Harry Reid announced he will be taking the USA FREEDOM Act to a floor vote in the Senate as early as next week. While the bill, if passed, would be the first significant legislative reform of the NSA since 9/11, many of the act's initial supporters have since disavowed it, claiming that changes to its language mean it won't do enough to curb the abuses of the American surveillance state
An anonymous reader writes The EU Passenger Name Record (PNR) proposal which was defeated in April of last year has returned to consideration in the European Parliament today. The law would require that airlines provide extensive personal details of anyone flying into or out of Europe. The information would include name, address, phone numbers, credit card information and travel itinerary. Director of Europol Rob Wainwright says that PNR is within the bounds of "reasonable measures" in the struggle against terrorism, and that possible threats against Europe have increased in the more than 12 months since the law was last rejected. Dutch MEP Sophie In't Veld is arguing that the Data Protection Directive should be put into place before any such systematized disclosure be ratified. "They want unlimited powers," she said. "they don't want to be bound by rules or data protection authorities and that's the reality."
An anonymous reader writes AT&T says it will halt its investment on broadband Internet service expansion until the federal rules on open Internet are clarified. "We can't go out and just invest that kind of money, deploying fiber to 100 cities other than these two million [covered by the DirecTV deal], not knowing under what rules that investment will be governed," AT&T Chief Randall Stephenson said during an appearance at a Wells Fargo conference, according to a transcript provided by AT&T. "And so, we have to pause, and we have to just put a stop on those kind of investments that we're doing today."
Daniel_Stuckey writes A London-based programmer has set up a new hidden service for anyone using Tor to submit anonymous tips to the FBI. With the new .onion hidden service link, which accesses the FBI's tips page through a reverse proxy, Mustafa Al-Bassam told me in an IRC chat that he's engineered a "proof-of-concept," demonstrating how the bureau might go about setting up a more secure system for receiving crime tips.
KentuckyFC writes During the Chinese New Year earlier this year, some 3.6 billion people traveled across China making it the largest seasonal migration on Earth. These kinds of mass movements have always been hard to study in detail. But the Chinese web services company Baidu has managed it using a mapping app that tracked the location of 200 million smartphone users during the New Year period. The latest analysis of this data shows just how vast this mass migration is. For example, over 2 million people left the Guandong province of China and returned just a few days later--that's equivalent to the entire population of Chicago upping sticks. The work shows how easy it is to track the movement of large numbers of people with current technology--assuming they are willing to allow their data to be used in this way.
jfruh writes: Last year, a bipartisan coalition helped get the Main Street Fairness Act approved by the U.S. Senate. The bill would have allowed state and local governments to collect sales taxes on Internet sales by companies in different jurisdictions. But House Speaker John Boehner, a longtime opponent of Internet taxes, won't bring the matter to a vote in the House before the end of the year, which should kill it for the immediate future.
An anonymous reader writes: After extended talks on the issue of climate change, the U.S. and China have reached a landmark accord to curb emissions in the near future. The two countries are the top carbon polluters, so their actions are likely to have a major effect on world pollution levels and also set the standard for other countries. The agreement includes China's first-ever commitment to stop the growth of its emissions by 2030. They plan on shifting a big chunk of their energy production to renewables in that time. The U.S. agreed to emit 26-28% less carbon in 2025 than it did in 2005. Their efforts could spur greater enthusiasm for a new global climate agreement in 2015.
Reader jones_supa adds details of another interesting part of the U.S.-China talks:
Technology products look likely to gain more access to international markets as a result of upgrade between the U.S. and China on a 1996 tariff-eliminating trade agreement that President Obama announced Tuesday in Beijing. The agreement is expected to lower prices on a raft of new technology products by eliminating border tariffs — a price impact that's expected to be larger outside the United States, since U.S. tariffs on high-tech goods are generally lower than those overseas. "This is a win-win-win agreement for information and communication technology industries in the U.S., Europe, Japan and China, for businesses and consumers who purchase IT products and for the global economy."
apexcp writes: A week ago, Silk Road 2.0 was theatrically shut down by a global cadre of law enforcement. This week, the dark net is realigning. "In the wake of the latest police action against online bazaars, the anonymous black market known as Evolution is now the biggest Dark Net market of all time. Today, Evolution features 20,221 products for sale, a 28.8 percent increase from just one month ago and an enormous 300 percent increase over the past six months."
Presto Vivace points out this troubling new report from the Electronic Frontier Foundation:
Recently, Verizon was caught tampering with its customer's web requests to inject a tracking super-cookie. Another network-tampering threat to user safety has come to light from other providers: email encryption downgrade attacks. In recent months, researchers have reported ISPs in the U.S. and Thailand intercepting their customers' data to strip a security flag — called STARTTLS — from email traffic. The STARTTLS flag is an essential security and privacy protection used by an email server to request encryption when talking to another server or client.
By stripping out this flag, these ISPs prevent the email servers from successfully encrypting their conversation, and by default the servers will proceed to send email unencrypted. Some firewalls, including Cisco's PIX/ASA firewall do this in order to monitor for spam originating from within their network and prevent it from being sent. Unfortunately, this causes collateral damage: the sending server will proceed to transmit plaintext email over the public Internet, where it is subject to eavesdropping and interception.
blottsie writes: The Federal Communications Commission will abandon its earlier promise to make a decision on new net neutrality rules this year. Instead, FCC Press Secretary Kim Hart said, "there will not be a vote on open internet rules on the December meeting agenda. That would mean rules would now be finalized in 2015." The FCC's confirmation of the delay came just as President Barack Obama launched a campaign to persuade the agency to reclassify broadband Internet service as a public utility.
Opensource.com is also running an interview with a legal advisor at the FCC. He says, "There will be a burden on providers. The question is, 'Is that burden justified?' And I think our answer is 'Yes.'"
An anonymous reader writes: The folks at the USPS have responded to the recent breach that exposed data on 800K employees and another some 2.8 million customers. They have suspended telecommuting for all employees until further notice while they replace their VPN with a more secure version. "Additionally, the postal service will upgrade some of its equipment and systems in the coming weeks and months as part of a broad security overhaul in response to the breach."
blindbat writes: A new YouTube account is pushing local police agencies to reconsider their use of body-mounted cameras. Poulsbo Police have been wearing body cameras for about a year, and the department says the results have been good. But last month reality hit, in the form of a new YouTube user website, set up by someone under the name, "Police Video Requests." The profile says it posts dash and body cam videos received after public records requests to Washington state police departments. "They're just using it to post on the internet," said Chief Townsend, "and I suspect it's for commercial purposes." In September, "Police Video Requests" anonymously asked Poulsbo PD for every second of body cam video it has ever recorded. The department figures it will take three years to fill that request. And Chief Townsend believes it is a huge privacy concern, as officers often see people on their worst days. "People with mental illness, people in domestic violence situations; do we really want to have to put that video out on YouTube for people? I think that's pushing it a little bit," he said.
Drinking Bleach writes Groupon has released a tablet-based point of sale system called Gnome, despite the well-known desktop environment's existence and trademark status. This is also not without Groupon's internal knowledge of the GNOME project; they were contacted about the infringement and flatly refused to change the name of their own product, in addition to filing many new trademark applications for theirs. The GNOME project is seeking donations to help them in a legal battle against these trademark applications, and to get Groupon to stop using their name. They are seeking at least $80,000 to challenge a first set of ten trademark applications from Groupon, out of 28 applications that have been filed.
chicksdaddy writes: How bad is the gridlock in Washington D.C.? So bad that the nation's retailers are calling for federal legislation on cyber security and data protection to protect consumer information — even though they would bear the brunt of whatever legislation is passed. The Security Ledger notes that groups representing many of the nation's retailers sent a letter (PDF) to Congressional leaders last week urging them to pass federal data protection legislation that sets clear rules for businesses serving consumers.
"The recent spate of news stories about data security incidents raises concerns for all American consumers and for the businesses with which they frequently interact," the letter reads. "A single federal law applying to all breached entities would ensure clear, concise and consistent notices to all affected consumers regardless of where they live or where the breach occurs."
Retailers would likely bear the brunt of a new federal data protection law. The motivation for pushing for one anyway may be simplicity. Currently, there are 47 different state-based security breach notification laws, as well as laws in the District of Columbia and Guam. There is broad, bi-partisan agreement on the need for a data breach and consumer protection law. However, small differences of opinion on its scope and provisions, exacerbated by political gridlock in Congress since 2010 have combined to stay the federal government's hand.
Meanwhile, reader schwit1 points out that banks are now starting to demand that retailers pay for all the financial damage their security breaches cause.
itwbennett writes: Germany's foreign intelligence agency reportedly wants to spend €300 million (about $375 million) in the next five years on technology that would let it spy in real time on social networks outside of Germany, and decrypt and monitor encrypted Internet traffic. The agency, which already spent €6.22 million in preparation for this online surveillance push, also wants to use the money to set up an early warning system for cyber attacks, the report said (Google translation of German original). A prototype is expected to be launched next June with the aim of monitoring publicly available data on Twitter and blogs.