HughPickens.com writes Nick Summers has an interesting article at Bloomberg about the epidemic of 90 ATM bombings that has hit Britain since 2013. ATM machines are vulnerable because the strongbox inside an ATM has two essential holes: a small slot in front that spits out bills to customers and a big door in back through which employees load reams of cash in large cassettes. "Criminals have learned to see this simple enclosure as a physics problem," writes Summers. "Gas is pumped in, and when it's detonated, the weakest part—the large hinged door—is forced open. After an ATM blast, thieves force their way into the bank itself, where the now gaping rear of the cash machine is either exposed in the lobby or inside a trivially secured room. Set off with skill, the shock wave leaves the money neatly stacked, sometimes with a whiff of the distinctive acetylene odor of garlic." The rise in gas attacks has created a market opportunity for the companies that construct ATM components. Several manufacturers now make various anti-gas-attack modules: Some absorb shock waves, some detect gas and render it harmless, and some emit sound, fog, or dye to discourage thieves in the act.
As far as anyone knows, there has never been a gas attack on an American ATM. The leading theory points to the country's primitive ATM cards. Along with Mongolia, Papua New Guinea, and not many other countries, the U.S. doesn't require its plastic to contain an encryption chip, so stealing cards remains an effective, nonviolent way to get at the cash in an ATM. Encryption chip requirements are coming to the U.S. later this year, though. And given the gas raid's many advantages, it may be only a matter of time until the back of an American ATM comes rocketing off.
itwbennett writes Researchers from Drexel University, the University of Maryland, the University of Goettingen, and Princeton have developed a "code stylometry" that uses natural language processing and machine learning to determine the authors of source code based on coding style. To test how well their code stylometry works, the researchers gathered publicly available data from Google's Code Jam, an annual programming competition that attracts a wide range of programmers, from students to professionals to hobbyists. Looking at data from 250 coders over multiple years, averaging 630 lines of code per author their code stylometry achieved 95% accuracy in identifying the author of anonymous code (PDF). Using a dataset with fewer programmers (30) but more lines of code per person (1,900), the identification accuracy rate reached 97%.
Jason Koebler writes: Leslie Caldwell, an assistant attorney general at the Justice Department, said Tuesday that the department is "very concerned" by the Google's and Apple's decision to automatically encrypt all data on Android and iOS devices.
"We understand the value of encryption and the importance of security," she said. "But we're very concerned they not lead to the creation of what I would call a 'zone of lawlessness,' where there's evidence that we could have lawful access through a court order that we're prohibited from getting because of a company's technological choices.
An anonymous reader writes: Immediately following the Charlie Hebdo attack, Mark Zuckerberg said, "... this is what we all need to reject — a group of extremists trying to silence the voices and opinions of everyone else around the world. I won't let that happen on Facebook. I'm committed to building a service where you can speak freely without fear of violence." Now, Facebook has begun censoring images of the prophet Muhammad in Turkey. According to the Washington post, "It's an illustration, perhaps, of how extremely complicated and nuanced issues of online speech really are. It's also conclusive proof of what many tech critics said of Zuckerberg's free-speech declaration at the time: Sweeping promises are all well and good, but Facebook's record doesn't entirely back it up." To be fair to Zuckerberg and Facebook, the company must obey the law of any country in which it operates. But it stands in stark contrast to the principles espoused by its founder.
eldavojohn writes A turnover in the Greek government resulted from recent snap elections placing SYRIZA (Coalition of the Radical Left) in power — just shy of an outright majority by two seats. Atheist, and youngest Prime Minister in Greek history since 1865, Alexis Tsipras has been appointed the new prime minister and begun taking immediate drastic steps against the recent austerity laws put in place by prior administrations. One such step has been to appoint Valve's economist Yanis Varoufakis to position of Finance Minister of Greece. For the past three years Varoufakis has been working at Steam to analyze and improve the Steam Market but now has the opportunity to improve one of the most troubled economies in the world.
HughPickens.com writes The Washington Post reports that the intrusion by a recreational drone onto the White House lawn has exposed a security gap at the compound that the Secret Service has spent years studying but has so far been unable to fix. Commercial technology is available that can use a combination of sensitive radar and acoustic trackers to detect small drones, though coming up with an effective way to stop them has been more elusive. "To do something about the problem, you have to find it, you have to track it, you have to identify it and you have to decide what to do with it," says Frederick F. Roggero. "But especially in an urban environment, it would be tough to detect and tough to defeat kinetically without shooting it down and causing collateral damage." Most recreational drones, like the one that crashed Monday, weigh only a few pounds and lack the power to do much harm. Larger models that can carry payloads of up to 30 pounds are available on the market and are expected to become more common. The FAA imposes strict safety regulations on drones flown by government agencies or anyone who operates them for commercial purposes. In contrast, hardly any rules apply to people who fly drones as a hobby, other than FAA guidelines that advise them to keep the aircraft below 400 feet and five miles from an airport. "With the discovery of an unauthorized drone on the White House lawn, the eagle has crash-landed in Washington," says Senator Charles Schumer. "There is no stronger sign that clear FAA guidelines for drones are needed."
An anonymous reader writes: The Electronic Frontier Foundation has published a detailed, global strategy for ridding ourselves of mass surveillance. They stress that this must be an international effort — while citizens of many countries can vote against politicians who support surveillance, there are also many countries where the citizens have to resort to other methods. The central part of the EFF's plan is: encryption, encryption, encryption. They say we need to build new secure communications tools, pressure existing tech companies to make their products secure against everyone, and get ordinary internet-goers to recognize that encryption is a fundamental part of communication in the surveillance age.
They also advocate fighting for transparency and against overreach on a national level. "[T]he more people worldwide understand the threat and the more they understand how to protect themselves—and just as importantly, what they should expect in the way of support from companies and governments—the more we can agitate for the changes we need online to fend off the dragnet collection of data." The EFF references a document created to apply the principles of human rights to communications surveillance, which they say are "our way of making sure that the global norm for human rights in the context of communication surveillance isn't the warped viewpoint of NSA and its four closest allies, but that of 50 years of human rights standards showing mass surveillance to be unnecessary and disproportionate."
An anonymous reader writes "The Register reports on a request from the US National Sheriffs' Association, which "wants Google to block its crowd-sourced traffic app Waze from being able to report the position of police officers, saying the information is putting officer's lives at risk." From the article: "'The police community needs to coordinate an effort to have the owner, Google, act like the responsible corporate citizen they have always been and remove this feature from the application even before any litigation or statutory action,' AP reports Sheriff Mike Brown, the chairman of the NSA's technology committee, told the association's winter conference in Washington....Brown called the app a 'police stalker,' and said being able to identify where officers were located could put them at personal risk. Jim Pasco, executive director of the Fraternal Order of Police, said his members had concerns as well. 'I can think of 100 ways that it could present an officer-safety issue,' Pasco said. 'There's no control over who uses it. So, if you're a criminal and you want to rob a bank, hypothetically, you use your Waze.'"
v3rgEz writes with this story of a top secret Cold War plan which would have brought the U.S. under martial law. Starting on April 19, 1956, the federal government practiced and planned for a near-doomsday scenario known as Plan C. When activated, Plan C would have brought the United States under martial law, rounded up over ten thousand individuals connected to 'subversive' organizations, implemented a censorship board, and prepared the country for life after nuclear attack. There was no Plan A or B....Details of this program were distributed to each FBI field office. Over the following months and years, Plan C would be adjusted as drills and meetings found holes in the defensive strategy: Communications were more closely held, authority was apparently more dispersed, and certain segments of the government, such as the U.S. Attorneys, had trouble actually delineating who was responsible for what. Bureau employees were encouraged to prepare their families for the worst, but had to keep secret the more in-depth plans for what the government would do if war did break out. Families were given a phone number and city for where the relocated agency locations would be, but not the exact location.
Press2ToContinue writes In their attempts to kill off strong encryption once and for all, top officials of the intelligence services are coming out with increasingly hyperbolic statements about why this should be done. Now, a former head of GCHQ, Sir David Omand has said: "One of the results of Snowden is that companies are now heavily encrypting [communications] end to end. Intelligence agencies are not going to give up trying to get the bad guys. They will have to get closer to the bad guys. I predict we will see more close access work."
According to The Bureau of Investigative Journalism, which reported his words from a talk he gave earlier this week, by this he meant things like physical observation, bugging rooms, and breaking into phones or computers.
"You can say that will be more targeted but in terms of intrusion into personal privacy — collateral intrusion into privacy — we are likely to end up in an ethically worse position than we were before."
That's remarkable for its implied threat: if you don't let us ban or backdoor strong encryption, we're going to start breaking into your homes.
HughPickens.com writes The Independent reports that hacktivist group Anonymous, in a project named Operation DeathEaters, is calling for help in its fight against international pedophile networks, or what it calls the "paedosadist industry" and has issued a video instructing activists on how they can aid in the operation. The Anonymous project is intended to break what it says is a conspiracy of silence among sympathetic politicians, police and mainstream media to downplay the full extent of the online child sex industry. "The premise behind OpDeathEaters is to expose high level complicity, obstruction of justice and cover-up in the paedo-sadist industry in order to show the need for independent inquiries," says Heather Marsh, an online activist who is helping to co-ordinate the operation and describes herself as an "old friend" of Anonymous. The Anonymous database, which will be hosted on the GitHub online repository, promises to collate cases from all around the world, cross-referencing connections within sub-groups including the police, armed forces, schoolteachers, politicians, media, academics and religious organisations. The database's ultimate purpose has yet to be fully determined, but in the first instance the group says it wants to shut down the child-sex industry by "dismantling the power structure which held it there" and by "educating to create a cultural change".
The group is calling on volunteers to help with the ongoing work, which has been divided into three steps. The first is about collecting "all the factual information," second is to "share that information as widely as possible," and the third step is "to set up an independent, internationally linked, inquiry into all the areas which do not appear to have been investigated properly." Activists point to the muted media coverage given to a recent case in Washington DC in which Michael Centanni, a senior Republican fundraiser, was charged with child sex offences after investigators traced transmissions of child pornography to his computers in his basement. The case was not covered by The Washington Post or the New York Times, and was only picked up by a local NBC affiliate state and The Washington Examiner, a small conservative paper in the city.
According to the court filings, Centanni was found in possession of 3,000 images, many apparently filmed in his own bedroom, including one showing a man raping a five-year-old girl who cries "no" and "mommy" while the man says "good baby" and "stop crying," according to one filing.
jaa101 writes The Register (UK) and the Global Times (China) report that foreign VPN services are unavailable in China. A quote sourced to "one of the founders of an overseas website which monitors the Internet in China" claimed 'The Great Firewall is blocking the VPN on the protocol level. It means that the firewall does not need to identify each VPN provider and block its IP addresses. Rather, it can spot VPN traffic during transit and block it.' An upgrade of the Great Firewall of China is blamed and China appears to be backing the need for the move to maintain cyberspace sovereignty.
An anonymous reader writes: The complainant in a sexual harassment case has come forward and told her story about what happened when she was a student in a MOOC led by a rockstar professor. "It would take almost a year before Harbi, with the help of MIT’s investigators, said she came to understand that Lewin’s interest in her was not motivated by empathy, and that their first conversations included inappropriate language. Shortly after contacting her, Harbi said, Lewin quickly moved their friendship into uncomfortable territory, and she was pushed to participate in online sexual role-playing and send naked pictures and videos of herself."
DW100 writes In a bizarre public blog post the CEO of BlackBerry, John Chen, has claimed that net neutrality laws should include forcing app developers to make their services available on all operating systems. Chen even goes as far as citing Apple's iMessage tool as a service that should be made available for BlackBerry, because at present the lack of an iMessage BlackBerry app is holding the firm back.
Some excerpts from Chen's plea: Netflix, which has forcefully advocated carrier neutrality, has discriminated against BlackBerry customers by refusing to make its streaming movie service available to them. Many other applications providers similarly offer service only to iPhone and Android users. ... Neutrality must be mandated at the application and content layer if we truly want a free, open and non-discriminatory internet. All wireless broadband customers must have the ability to access any lawful applications and content they choose, and applications/content providers must be prohibited from discriminating based on the customer’s mobile operating system. Since "content providers" are writing code they think makes sense for one reason or another (expected returns financial or psychic), a mandate to write more code seems like a good way to re-learn why contract law frowns on specific performance.