Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.
Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and learn more about it. Thanks for reading, and for making the site better!
mrspoonsi sends this BBC report: "A U.S. juggler facing child sex abuse charges, who jumped bail 14 years ago, has been arrested in Nepal after the use of facial-recognition technology. Street performer Neil Stammer traveled to Nepal eight years ago using a fake passport under the name Kevin Hodges. New facial-recognition software matched his passport picture with a wanted poster the FBI released in January. Mr Stammer, who had owned a magic shop in New Mexico, has now been returned to the U.S. state to face trial. The Diplomatic Security Service, which protects U.S. embassies and checks the validity of U.S. visas and passports, had been using FBI wanted posters to test the facial-recognition software, designed to uncover passport fraud. The FBI has been developing its own facial-recognition database as part of the bureau's Next Generation Identification program."
WIRED published a long piece on Edward Snowden today (worth a read on its own), and simultaneously broke news of "MonsterMind," an NSA program to monitor all network traffic and detect attacks, responding with a counterattack automatically. From the article: Although details of the program are scant, Snowden tells WIRED in an extensive interview with James Bamford that algorithms would scour massive repositories of metadata and analyze it to differentiate normal network traffic from anomalous or malicious traffic. Armed with this knowledge, the NSA could instantly and autonomously identify, and block, a foreign threat. More than this, though, Snowden suggests MonsterMind could one day be designed to return fire — automatically, without human intervention... Snowden raised two issues with the program: the source of an attack could be spoofed to trick the U.S. into attacking an innocent third party, and the violation of the fourth amendment since the NSA would effectively need to monitor all domestic network traffic for the program to work. Also in Bamford's interview are allegations that the NSA knocked Syria offline in 2012 after an attempt to install intercept software on an edge router ended with the router being bricked.
Lasrick writes: Although the complicity of scientists in the smuggling of radioactive materials has been a long-standing concern, smuggling-prevention efforts have so far failed to recognize a key aspect to the problem: scientists are often sought out to test the quality and level of the material well before it is taken to the black market. Egle Murauskaite of the U.S. National Consortium for the Study of Terrorism and Responses to Terrorism (START) describes why concentrating on this aspect of the smuggling process, long considered less egregious than the actual selling of the material, could really make a difference in keeping radioactive materials off the black market in the first place.
dcblogs writes: Mikey Dickerson, a site reliability engineer at Google, who was appointed Monday by the White House as the deputy federal CIO, will lead efforts to improve U.S. Websites. Dickerson, who worked on the Healthcare.gov rescue last year, said that one issue the government needs to fix is its culture. In describing his experience on the Healthcare.gov effort, he said the workplace was "not one that is optimized to get good work out of engineers." It was a shirt-and-tie environment, and while Dickerson said cultural issues may sound superficial, they are still real. "You don't have to think that the engineers are the creative snowflakes and rock stars that they think they are, you don't have to agree with any of that," Dickerson said in a recent conference presentation posted online. "I'm just telling you that's how they think of themselves, and if you want access to more of them, finding a way to deal with that helps a lot." Engineers want to make a difference, Dickerson said, and he has collected the names of more than 140 engineers who would be willing to take unpaid leave from their jobs to work on a meaningful project.
An anonymous reader writes: Phil Plait reports that a trio of U.S. Congressmen are asking NASA to investigate what they call "an epidemic of anomalies" at SpaceX. They sent a memo (PDF) demanding that SpaceX be held accountable to taxpayers for mission delays stemming from the development of new rockets. Plait notes, "[A]s a contractor, the rules are different for them than they would be if NASA themselves built the rockets, just as the rules are for Boeing or any other contractor. In fact, as reported by Space News, NASA didn't actually pay for the development of the Falcon 9; Elon Musk did." He adds, "Another reason this is silly is that every rocket ever made has undergone problems; they are fiendishly complex machines and no design has ever gotten from the drafting board to the launch pad without issues. Sure, SpaceX has experienced launch delays and other problems, but the critical thing to remember is that those problems are noted, assessed, and fixed sometimes within hours or minutes." Plait accuses the congressmen of trying to bury private spaceflight under red tape in order to protect established industries in their own states.
lrosen (attorney Lawrence Rosen) writes with a response to an article that appeared on Opensource.com late last month, detailing a court case that arose between Versata Software and Ameriprise Financial Services; part of the resulting dispute hinges on Versata's use of GPL'd software (parsing utility VTD-X, from Ximpleware), though without acknowledging the license. According to the article's author, attorney Aaron Williamson (former staff attorney for the Software Freedom Law Center), "Lawyers for commercial software vendors have feared a claim like this for essentially the entire 20-odd-year lifetime of the GPL: a vendor incorporates some GPL-licensed code into a product—maybe naively, maybe willfully—and could be compelled to freely license the entire product as a result. The documents filed by Amerprise in the case reflect this fearful atmosphere, adopting the classically fear-mongering characterization of the GPL as a 'viral' license that 'infects' its host and 'requires it to become open source, too.'" Rosen writes: I want to acknowledge Aaron's main points: This lawsuit challenges certain assumptions about GPLv2 licensing, and it also emphasizes the effects of patents on the FOSS (and commercial) software ecosystem. I also want to acknowledge that I have been consulted as an expert by the plaintiff in this litigation (Ximpleware vs. Versata, et al.) and so some of what I say below they may also say in court. Read on for the rest (and Williamson's article, too, for a better understanding of this reaction to it). An important take-away: it's not just the license that matters.
An anonymous reader writes "Criminals smuggle an estimated $30 billion in U.S. currency into Mexico each year from the United States, most of it laundered drug money. But researchers say help is on the way for border guards in the form of a portable device that identifies specific vapors given off by U.S. paper money. "We're developing a device that mimics the function of trained dogs 'sniffing' out concealed money, but without the drawbacks, such as expensive training, sophisticated operators, down time and communication limitations," says Suiqiong Li, Ph.D., a member of the research team behind the technology. When developing the device, the researchers first had to figure out which gases money emits and how fast that happens. It turned out that the gases are a set of trace chemicals, including aldehydes, furans and organic acids." What do bitcoins smell like?
metasonix (650947) writes On Sunday the 2014 Wikimania conference in London closed. Wikimania is the major annual event for Wikipedia editors, insiders and WMF employees to meet face-to-face, give presentations and submit papers. Usually they are full of "Wiki-Love" and good feelings; but this year, as the Wikipediocracy blog summarized, Wikipedia and its "god-king" Jimmy Wales came under considerable fire from the UK media — a very unusual occurrence. And much of it was direct criticism of Wales himself, including a very hostile interview by BBC journalist James O'Brien, who had been repeatedly defamed in his Wikipedia biography by persons unknown.
concertina226 (2447056) writes Scientists at China's Southwest University in Chongqing are working on a new type of camera that takes Big Brother to a whole new level – the camera is meant to detect highly stressed individuals so that police can catch them before they commit a crime. The camera makes use of hyperspectral imaging, i.e. a 'stress sensor' that measures the amount of oxygen in blood across visible areas of the body, such as the face. Chinese authorities are deeply concerned about the recent spate of deadly attacks occurring in public places, such as the mass stabbing attack by eight knife-wielding extremists in the city of Kunming, Yunnan in March, which left 29 civilians dead and over 140 others injured.
An anonymous reader writes In yet another example of the quality of Comcast's customer service, a story surfaced today of a Comcast customer who was over-charged for a service that was never provided. At first, the consumer seemed to be on the losing end of a customer service conversation, with Comcast insisting that the charges were fair. But then, the consumer whipped out a recording of a previous conversation that he had with another Comcast representative in which not only was the consumer promised that he wouldn't be charged for services not rendered, but the reason why was explained. Suddenly Comcast conceded, and the fees were dropped. But most telling of all, the Comcast rep implied that she only dropped them because he had taped his previous interaction with Comcast customer service. I wish I had recordings of every conversation that I've ever had with AT&T, the USPS, and the landlord I once had in Philadelphia. Lifehacker posted last year a few tips on the practicality of recording phone calls, using Google Voice, a VoIP service, or a dedicated app. Can anyone update their advice by recommending a good Android app (or iOS, for that matter) designed specifically to record sales and service calls, complete with automated notice?
Via Ars Technica comes news that an Amtrak employee was paid nearly $900,000 over the last ten years to give the DEA passenger lists outside of normal channels. Strangely enough, the DEA already had access to such information through official channels. From the article: The employee, described as a "secretary to a train and engine crew" in a summary obtained by the AP, was selling the customer data without Amtrak's approval. Amtrak and other transportation companies collect information from their customers including credit card numbers, travel itineraries, emergency contact info, passport numbers, and dates of birth. When booking tickets online in recent years, Amtrak has also collected phone numbers and e-mail addresses. ... Amtrak has long worked closely with the DEA to track drug trafficking activity on its train lines. The Albuquerque Journal reported in 2001 that "a computer with access to Amtrak's ticketing information sits on a desk in the [DEA]'s local office," wrote the ACLU.
wabrandsma (2551008) writes From The Economist: "The patent system, which was developed independently in 15th century Venice and then in 17th century England, gave entrepreneurs a monopoly to sell their inventions for a number of years. Yet by the 1860s the patent system came under attack, including from The Economist. Patents, critics argued, stifled future creativity by allowing inventors to rest on their laurels. Recent economic research backs this up."
SpzToid writes Following up an earlier story here on Slashdot, now Xiaomi has apologized for collecting private data from its customers. From the article: "Xiaomi Inc said it had upgraded its operating system to ensure users knew it was collecting data from their address books after a report by a computer security firm said the Chinese budget smartphone maker was taking personal data without permission. The privately held company said it had fixed a loophole in its cloud messaging system that had triggered the unauthorized data transfer and that the operating system upgrade had been rolled out on Sunday. The issue was highlighted last week in a blog post by security firm F-Secure Oyg. In a lengthy blogpost on Google Plus, Xiaomi Vice President Hugo Barra apologized for the unauthorized data collection and said the company only collects phone numbers in users' address books to see if the users are online."
McGruber writes An internal investigation by the U.S. Patent and Trademark Office found that some of its 8,300 patent examiners repeatedly lied about the hours they were putting in and many were receiving bonuses for work they did not do. While half of the USPTO's Patent Examiners work from home full time, oversight of the telework program — and of examiners based at the Alexandria headquarters — was "completely ineffective," investigators concluded. The internal investigation also unearthed another widespread problem. More than 70 percent of the 80 managers interviewed told investigators that a "significant" number of examiners did not work for long periods, then rushed to get their reviews done at the end of each quarter. Supervisors told the review team that the practice "negatively affects" the quality of the work. "Our quality standards are low," one supervisor told the investigators. "We are looking for work that meets minimal requirements." Patent examiners review applications and grant patents on inventions that are new and unique. They are experts in their fields, often with master's and doctoral degrees. They earn at the top of federal pay scale, with the highest taking home $148,000 a year.
An anonymous reader writes Have you heard of personalized postage stamps? You pay the value of the stamps plus a fee and the post office prints official stamps usable for postage which show (almost) anything you can put into a jpeg file. An Austrian Tibet supporter found out what 'almost' means. He submitted a picture of the Dalai Lama with the text 'His Holiness the Dalai Lama,' but the Austrian post office refused to produce these stamps. Stampnews and the Neue Zuercher Zeitung (autotranslation) reported that this had been due to pressure from the Chinese embassy in Vienna. Now there is a video showing how visual cryptography has been used to get around this attempt at censorship [caution: organ music] .
Def Con shows no mercy. As gleefully reported by sites several Blackberry-centric sites, researcher Justin Case yesterday demonstrated that he could root the much-heralded Blackphone in less than five minutes. From n4bb.com's linked report: "However, one of the vulnerabilities has already been patched and the other only exploitable with direct user consent. Nevertheless, this only further proves you cannot add layers of security on top of an underlying platform with security vulnerabilities." Case reacts via Twitter to the crowing: "Hey BlackBerry idiots, stop miss quoting me on your blogs. Your phone is only "secure" because it has few users and little value as a target."
An anonymous reader writes with a link to a story in the LA Times: "Few places in the country are so warm and bright as Mary Wilkerson's property on the beach near St. Petersburg, Fla., a city once noted in the Guinness Book of World Records for a 768-day stretch of sunny days. But while Florida advertises itself as the Sunshine State, power company executives and regulators have worked successfully to keep most Floridians from using that sunshine to generate their own power. Wilkerson discovered the paradox when she set out to harness sunlight into electricity for the vintage cottages she rents out at Indian Rocks Beach. She would have had an easier time installing solar panels, she found, if she had put the homes on a flatbed and transported them to chilly Massachusetts. While the precise rules vary from state to state, one explanation is the same: opposition from utilities grown nervous by the rapid encroachment of solar firms on their business."
They may be well reviewed and China's new top selling phone, but reader DavidGilbert99 writes with reason to be cautious about Xiaomi's phones: Finnish security firm F-Secure has seemingly proven that Xiaomi smartphones do in fact upload user data without their permission/knowledge despite the company strongly denying these allegations as late as 30 July. Between commercial malware and government agencies, how do you keep your phone's data relatively private?
John McAfee made a surprise appearance at Def Con to talk about privacy: he's for it. Trouble is, he says, lots of companies feel otherwise, and he took the stage to single out "don't be evil" Google: “Google, or at least certain people within Google, I will not mention names because I am not a rude gentleman, would like us to believe that if we have nothing to hide, we should not mind if everybody knows everything that we do,” he said from the podium. “I have to take serious issue with that.” The BBC has video. McAfee also announced his new complaints website, The Brown List. (Good usernames are still available, and your complaint can be about anything, not just privacy violations by humongous corporations.)
Around the world, American schools' long summer break is viewed as an anomaly, and the long summer seems to be getting shorter. While most American primary and secondary schools used to start after Labor Day, more and more of them now open sometime in August (and that's not counting the ones that have gone to a year-round schedule). Some of my younger relatives started a new school year last week (in Indiana), while Baltimore schools start later this month. Both Seattle and Portland's kids have until after Labor Day (with start dates of the 3rd and 4th of September, respectively). The 4th is also the start date for students in New York City's public schools, the country's largest district. Colleges more often start in September, but some get a jump start in August, especially with required seminars or orientation programs for new students. Whether you're in school, out of school, or back in school by proxy (packing lunches or paying tuition), what time does (or did) your school-year start? Would you prefer that your local public schools run all year round, if they're of the long-summer variety? (And conversely, if your local schools give short shrift to summer, whether that's in the U.S. or anywhere else, do you think that's a good idea?)
An anonymous reader writes "On Friday, the Federal Communications Commission (FCC) voted to require all U.S. wireless carriers and popular messaging applications to support texting to emergency response units via 911. AT&T, Verizon, Sprint, and T-Mobile implemented this capability back in 2012; the FCC's vote will make it mandatory for all carriers that operate in the country as well as all messaging applications that interconnect with the SMS structure in the U.S. to follow suit. One technological hurdle this mandate faces is the difficulty of tracing "the exact physical origin of a text message, particularly in residences with multiple floors."" Somehow I doubt that cellphone calls are consistently traceable to that degree, either, and I've lived in houses with extensions spread over several floors, too.
An anonymous reader writes with this news from Reuters: A U.S. district judge on Friday ruled that the $324.5 million settlement negotiated by Apple, Google, Intel, and Adobe with the tech workers who brought an antitrust lawsuit against them was too low. The judge cited the settlement amount of a similar lawsuit brought against Disney and Intuit last year which resulted in plaintiffs obtaining proportionally more for lost wages. And yet, according to the judge, the current plaintiffs have "much more leverage". She cited evidence clearly showing Apple's Steve Jobs strong-arming the other companies in the suit into agreeing to a no-employee-poaching agreement, and in one instance, of Google failing to rope in Facebook into a similar agreement which resulted in a 10% increase of all Google employee salaries. In other words, clear evidence that the no-poaching agreement effectively suppressed the salaries of these companies' tech workers. Another hearing is scheduled for September 10.
Advocatus Diaboli writes Software created by the controversial UK-based Gamma Group International was used to spy on computers that appear to be located in the United States, the UK, Germany, Russia, Iran, and Bahrain, according to a leaked trove of documents analyzed by ProPublica. It's not clear whether the surveillance was conducted by governments or private entities. Customer e-mail addresses in the collection appeared to belong to a German surveillance company, an independent consultant in Dubai, the Bosnian and Hungarian Intelligence services, a Dutch law enforcement officer, and the Qatari government.
Linking to a story at Reuters, reader WilliamGeorge writes "Russia is further constraining access to the internet and freedom of speech, with new laws regarding public use of WiFi. Nikolai Nikiforov, the Russian Communications Minister, tweeted that "Identification of users (via bank cards, cell phone numbers, etc.) with access to public Wifi is a worldwide practice." This comes on top of their actions recently to block websites of political opponents to Russian president Vladimir Putin, require registration of prominent bloggers, and more. The law was put into effect with little notice and without the input of Russian internet providers. Sergei Plugotarenko, head of the Russian Electronic Communications Association, said "It was unexpected, signed in such a short time and without consulting us." He added, "We will hope that this restrictive tendency stops at some point because soon won't there be anything left to ban." In addition to the ID requirement to use WiFi, the new law also requires companies to declare who is using their web networks and calls for Russian websites to store their data on servers located in Russia starting in 2016." That's not the only crackdown in progress, though: former Slashdot code-wrestler Vlad Kulchitski notes that Russian users are being blocked from downloading Java with an error message that reads, in essence, "You are in a country on which there is embargo; you cannot download JAVA." Readers at Hacker News note the same, though comments there indicate that the block may rely on a " specific and narrow IP-block," rather than being widespread. If you're reading this from Russia, what do you find?
Daniel_Stuckey writes You've maybe heard a bit about Stingray. Over the past couple of years, it has emerged that police forces in the US have been using the powerful surveillance tool, which tricks phones into connecting to a dragnet, to track mobile devices, and intercept calls and text messages. Meanwhile, the London Metropolitan Police Service (MPS) continue to remain tight lipped about their use of the technology, leaving citizens in the dark on what privacy protections, if any, are in place for those who may get swept up by the broad surveillance techniques.
itwbennett writes China is tightening control over mobile messaging services with new rules that limit their role in spreading news. Under the new regulations, only news agencies and other groups with official approval can publish whatever the government considers political news via public accounts. "All other public accounts that have not been approved cannot release or reprint political news," the regulations said. Users of the instant messaging services will also have to register with their official IDs, and agree to follow relevant laws.
First time accepted submitter PotatoHead (12771) writes "This is a big win for Open Hardware Proponents! The Parallax Propeller Microcontroller VERILOG code was released today, and it's complete! Everything you need to run Open Code on an Open CPU design. This matters because you can now build a device that is open hardware, open code all the way down to the CPU level! Either use a product CPU, and have access to its source code to understand what and how it does things, or load that CPU onto a suitable FPGA and modify it or combine it with your design."
Sonny Yatsen (603655) writes A California man with nothing better to do has launched a class-action lawsuit against Sony because he claims he was harmed because Killzone: Shadowfall's multiplayer mode doesn't have native 1080p resolution as Sony originally claimed. He now demands 'all economic, monetary, actual, consequential, statutory and compensatory damages' as well as punitive damages from Sony.
SiggyRadiation writes Edward Snowden is allowed to stay in Russia for three more years. According to the NYPost:"His lawyer, Analtoly Kucherena, was quoted by Russian news agencies on Thursday as saying Snowden now has been granted residency for three more years, but that he had not been granted political asylum. That status, which would allow him to stay in Russia permanently, must be decided by a separate procedure, Kucherena said, but didn't say whether Snowden is seeking it." The question that remains, of course, is did the Russians use this as leverage over him to get to more information or influence him? Or is the positive PR in itself enough for the Russians in the current climate of tensions and economic sanctions relating to the Ukraine crisis?"
mrspoonsi writes Apple and Samsung have agreed to withdraw all legal cases against each other outside the United States. The two rivals have sued each other over a range of patent disputes in nine countries outside the US, including the UK, South Korea, Japan and Germany. A joint statement said the agreement "does not involve any licensing arrangements", and they would continue to pursue existing cases in US courts. The two firms are the biggest players in the smartphone and tablet PC market. But they have been involved in a bitter legal battle, spread across various countries, which has escalated in recent years.
stephendavion writes A legal scholar says he and colleagues have developed an algorithm that can predict, with 70 percent accuracy, whether the US Supreme Court will uphold or reverse the lower-court decision before it. "Using only data available prior to the date of decision, our model correctly identifies 69.7 percent of the Court's overall affirm and reverse decisions and correctly forecasts 70.9% of the votes of individual justices across 7,700 cases and more than 68,000 justice votes," Josh Blackman, a South Texas College of Law scholar, wrote on his blog Tuesday.
Mr_Silver writes TorrentFreak is reporting that the City of London Police (a private police force in government-backed livery with an authority that does not go beyond the corporate-controlled City of London area — so not to be confused with the Metropolitan Police) has seized control of a number of domains including Immunicity, a general proxy server that was set up as a censorship circumvention tool. This appears to be their next step after placing banner adverts on websites.
coondoggie writes Can a tool or technology be applied to the brain and accurately predict out of a given group of people who will be the smartest? The research arm of the Office of the Director of National Intelligence, Intelligence Advanced Research Projects Activity (IARPA) is looking for exactly those kinds of tools."IARPA is looking to get a handle on the state of the art in brain-based predictors of future cognitive performance. In particular, IARPA is interested in non-invasive analyses of brain structure and/or function that can be used to predict who will best learn complex skills and accomplish tasks within real-world environments, and with outcome measures, that are relevant to national security.
First time accepted submitter jaeztheangel writes Ecuador's government has approved plans to start a new Digital Currency backed by the state. With defaults in recent history, and dwindling oil reserves it will be interesting to see how this decision turns out. From the article: "Congress last month approved legislation to start a digital currency for use alongside the U.S. dollar, the official tender in Ecuador. Once signed into law, the country will begin using the as-yet-unnamed currency as soon as October. A monetary authority will be established to regulate the money, which will be backed by 'liquid assets.'”
v3rgEz (125380) writes As part of MuckRock's Drone Census, the San Jose Police twice denied having a drone in public records requests — until the same investigation turned up not only a signed bid for a drone but also a federal grant giving them money for it. Now, almost a full year after first denying they had a drone, the department has come clean and apologized for hiding the program, promising more transparency and to pursue federal approval for the program, which the police department had, internally, claimed immunity from previously.
MojoKid (1002251) writes "China seems to be on a mission to isolate itself from the world, at least in terms of technology. After banning Windows 8 on government PCs and raiding several of Microsoft's offices in China as part of an anti-trust investigation, Chinese officials have now prohibited purchase of several Apple products for government use. The list of banned Apple products include the iPad, iPad Mini, MacBook Air, MacBook Pro, and half a dozen other items, all of which were left off of a final government procurement list distributed in July. This is a potentially big hit to Apple, which generated around 16 percent of its $37.4 billion in revenue last quarter from China. Apple saw its iPad sales jump 51 percent and Mac sales boosted 39 percent in China."
New submitter socheres (1771002) writes I keep a Slackware server hosted at various datacenters on leased hardware for personal / freelance business use. I have been doing this for the last 10 years and during this time I moved my stuff to several datacenters, some small and some big name companies. No matter the hosting company, since I choose to install my own OS and not take a pre-installed machine, I always got the hardware delivered with the previous guys' data stored on the hard drives. It was also the case with spare drives, which were not installed new if I did not ask specifically for new ones. Has this happened to you? How often?
netbuzz (955038) writes The Wikimedia Foundation this morning reports that 50 links to Wikipedia from Google have been removed under Europe's "right to be forgotten" regulations, including a page about a notorious Irish bank robber and another about an Italian criminal gang. "We only know about these removals because the involved search engine company chose to send notices to the Wikimedia Foundation. Search engines have no legal obligation to send such notices. Indeed, their ability to continue to do so may be in jeopardy. Since search engines are not required to provide affected sites with notice, other search engines may have removed additional links from their results without our knowledge. This lack of transparent policies and procedures is only one of the many flaws in the European decision." Wikimedia now has a page listing all notifications that search listing were removed. itwbennett also wrote in with Wikimedia news this morning: the Wikimedia foundation published its first ever transparency report, detailing requests to remove or alter content (zero granted, ever) and content removed for copyright violations.
I Ate A Candle (3762149) writes Aaron's Law, named after the late internet activist Aaron Swartz, was supposed to fix U.S. hacking laws, which many deem dated and overly harsh. But the bill looks certain to wither in Congress, thanks to corporate lobbying, disagreements in Washington between key lawmakers and a simple lack of interest amongst the general population for changes to the Computer Fraud and Abuse Act. Representative Zoe Lofgren blamed inactivity from the House Judiciary Committee headed up by Representative Bob Goodlatte, which has chosen not to discuss or vote on Aaron's Law. There is still an appetite for CFAA reform, thanks to complaints from the security community that their research efforts have been deemed illegal acts, perversely making the internet a less secure place. But with the likes of Oracle trying to stop it and with Congress unwilling to act, change looks some way away.
New submitter Rigodi (1000552) writes "The New York Times reported on August 5th that a massive collection of stolen email passwords and website accounts have been accumulated by an alleged Russian "crime ring". Over 1.2 billion accounts were compromised ... the attack scheme is essentially the old and well known SQL injection tactic using a botnet. The Information has been made public to coincide with the Blackhat conference to cause a debate about the classic security account and password system weaknesses, urging the industry to find new ways to perform authentication. What do Black Hat security conference participants have to say about that in Vegas?
Advocatus Diaboli (1627651) writes with the chilling, but not really surprising, news that the U.S. government is aware that many names in its terrorist suspect database are not linked to terrorism in any way. From the article: Nearly half of the people on the U.S. government's widely shared database of terrorist suspects are not connected to any known terrorist group, according to classified government documents obtained by The Intercept. Of the 680,000 people caught up in the government's Terrorist Screening Database — a watchlist of "known or suspected terrorists" that is shared with local law enforcement agencies, private contractors, and foreign governments — more than 40 percent are described by the government as having "no recognized terrorist group affiliation." That category — 280,000 people — dwarfs the number of watchlisted people suspected of ties to al Qaeda, Hamas, and Hezbollah combined.
An anonymous reader writes with the news that Hackaday published an article on the poor security of the add-on modules that Tektronix sells as expensive add-ons to unlock features in certain of its oscilloscopes. The reader writes: "It has come to attention of Tek's legal eagles and they now want the article to be taken down. Perhaps they can ask Google to forget that page?"
An anonymous reader writes About a week ago, the Federal Communications Commission (FCC) asked for Verizon's justification on its policy of throttling users who pay for unlimited data usage. "I know of no past Commission statement that would treat 'as reasonable network management' a decision to slow traffic to a user who has paid, after all, for 'unlimited' service," the FCC wrote. In its response, Verizon has indicated that its throttling policy is meant to provide users with an incentive to limit their data usage. The company explained that "a small percentage of the customers on these [unlimited] plans use disproportionately large amounts of data, and, unlike subscribers on usage-based plans, they have no incentive not to do so during times of unusually high demand....our practice is a measured and fair step to ensure that this small group of customers do not disadvantage all others."
bobbied (2522392) writes Apparently Edward Snowden is not alone. CNN is reporting that recent leaked documents published by The Intercept (a website that has been publishing Snowden's leaked documents) could not have been leaked by Snowden because they didn't exist prior to his fleeing the USA and he couldn't possibly have accessed them. Authorities are said to be looking for a new leaker.
The EFF is only today able to release details of an attempt by the government to alter the historical record in the case brought by the EFF against the NSA in Jewel v. NSA. "On June 6, the court held a long hearing in Jewel in a crowded, open courtroom, widely covered by the press. We were even on the local TV news on two stations. At the end, the Judge ordered both sides to request a transcript since he ordered us to do additional briefing. But when it was over, the government secretly, and surprisingly sought permission to "remove" classified information from the transcript, and even indicated that it wanted to do so secretly, so the public could never even know that they had done so." As you'd expect of the EFF, they fought back with vigorous objections, and in the end the government did not get its way, instead deciding that it hadn't given away any classified information after all. "The transcript of a court proceeding is the historical record of that event, what will exist and inform the public long after the persons involved are gone. The government's attempt to change this history was unprecedented. We could find no example of where a court had granted such a remedy or even where such a request had been made. This was another example of the government's attempt to shroud in secrecy both its own actions, as well as the challenges to those actions. We are pleased that the record of this attempt is now public. But should the situation recur, we will fight it as hard as we did this time."
Advocatus Diaboli (1627651) writes For the last two years, the FBI has been quietly experimenting with drive-by hacks as a solution to one of law enforcement's knottiest Internet problems: how to identify and prosecute users of criminal websites hiding behind the powerful Tor anonymity system. The approach has borne fruit—over a dozen alleged users of Tor-based child porn sites are now headed for trial as a result. But it's also engendering controversy, with charges that the Justice Department has glossed over the bulk-hacking technique when describing it to judges, while concealing its use from defendants.
jfruh (300774) writes The fallout from HP's Autonomy acquisition keeps getting more dramatic. Autonomy's ex-CFO is trying to block the settlement of lawsuits that arsoe the botched deal, claiming that HP is trying to hide its "own destruction of Autonomy's success after the acquisition." HP hit back, saying the ex-CFO "was one of the chief architects of the massive fraud on HP that precipitated this litigation."
mask.of.sanity (1228908) writes "A string of documents detailing the operations and effectiveness of the FinFisher suite of surveillance platforms appears to have been leaked. The documents, some dated 4 April this year, detail the anti-virus detection rates of the FinFisher spyware which German based Gamma Group sold to governments and law enforcement agencies. The dump also reveals Windows 8 users should opt for the Metro version of Skype rather than the desktop client because it cannot be tapped by FinFisher."
Despite a failed attempt to have charges dismissed, the alleged Silk Road operator Ross Ulbricht's lawyer has filed a new motion to have evidence dismissed, citing recent court rulings in an argument that the Silk Road related searches were overly broad. From the article:
Dratel [Ulbricht's lawyer] argues in his 102-page motion filed last Friday that "the government conducted a series of 14 searches and seizures of various physical devices containing electronically stored information ('ESI'), and of ESI itself from Internet providers and other sources. Some of the ESI was obtained via search warrant, but other ESI was obtained via court order, and still other ESI was obtained without benefit of any warrant at all." ...
The defense lawyer argues that even the searches for which the government had a warrant were overbroad and based on evidence that may have been obtained illegally. The attorney writes: " As set forth ante, all of the searches and seizures conducted pursuant to warrants and/or orders were based on the initial ability of the government to locate the Silk Road Servers, obtain the ESI on them, and perform extensive forensic analysis of that ESI. Thus, all subsequent searches and seizures are invalid if that initial locating the Silk Road Servers, obtaining their ESI, and gaining real-time continued access to those servers, was accomplished unlawfully."
Nerval's Lobster writes The "Compubody Sock," which anyone with knitting skills can make at home, is a giant sock-hoodie-bag in which you place your laptop or tablet, along with your head and hands, giving you total privacy while freaking out anyone who happens to be sitting next to you. Designer Becky Stern told Forbes' Kashmir Hill that the Sock was meant more as commentary on privacy and device addiction; even so, considering how NSA employees reportedly drape themselves in hoods in order to thwart hidden cameras while typing in passwords, it's not outside the realm of possibility that an ultra-paranoid someone could find a practical use for a body sock. But that paranoid android better have expert knitting skills: putting together the Sock necessitates a whole lot of steps ("Purl 5, purl 2 together, purl 1, turn the work," etc.). Your other option, of course, is to simply avoid working on sensitive stuff in public.