×
The Military

The Little Bomb-Detecting Device That Couldn't 217

Posted by timothy from the oh-ye-of-little-faith dept.
theodp writes "Widely deployed in Iraq and promoted by military leaders, BusinessWeek reports the ADE 651 bomb-detecting device had one little problem: it wouldn't detect explosives (earlier Slashdot story). 'The ADE 651,' reports Adam Higginbotham, 'was modeled on a novelty trinket conceived decades before by a former used-car salesman from South Carolina, which was purported to detect golf balls. It wasn't even good at that.' One thing the ADE 651 did excel at, however, was making money — estimates suggest that the authorities in Baghdad bought more than 6,000 useless bomb detectors, at a cost of at least $38 million. Even though ADE 651 manufacturer James McCormick was found guilty of three counts of fraud and sentenced to 10 years in prison in May, the ADE 651 is still being used at thousands of checkpoints across Baghdad. Elsewhere, authorities have never stopped believing in the detectors. Why? According to Sandia Labs' Dale Murray, the ideomotor effect is so persuasive that for anyone who wants or needs to believe in it, even conclusive scientific evidence undermining the technology it exploits has little power."
Security

Business Is Booming In the 'Zero-Day' Game 97

Posted by timothy from the pat-I'd-like-to-buy-an-exploit dept.
HonorPoncaCityDotCom writes "Nicole Perlroth and David E. Sanger write in the NY Times that all over the world, from South Africa to South Korea, business is booming in zero days. The average attack persists for almost a year before it is detected, according to Symantec, the maker of antivirus software. Until then it can be exploited or 'weaponized' by both criminals and governments to spy on, steal from, or attack their targets. Ten years ago, hackers would hand knowledge of such flaws to Microsoft and Google free in exchange for a T-shirt, but increasingly the market for 0-day exploits has begun to migrate into the commercial space (PDF) as the market for information about computer vulnerabilities has turned into a gold rush. Companies like Vupen charge customers an annual $100,000 subscription fee to shop through its catalog, and then charges per sale to countries who want to use the flaws in pursuit of the kind of success that the United States and Israel achieved three summers ago when they attacked Iran's nuclear enrichment program with a computer worm that became known as 'Stuxnet.' Israel, Britain, Russia, India and Brazil are some of the biggest spenders but North Korea is also in the market, as are some Middle Eastern intelligence services."
Bug

Database Loophole Lets Legislators Avoid Photo Radar Tickets 165

Posted by timothy from the public-choice-theory-at-play dept.
lemur3 writes "State legislators in Colorado have not been receiving speeding tickets due to inadequacies in the implementation of a DMV database. The current system ties plates to vehicles rather than to individuals, the special plates for legislators are issued to individuals. The result is that there is no entry in the database for the special plates when the automated photo radar system is triggered, this means nobody receives a citation. In one case a Colorado resident, who had vanity plates reading '33,' received the photo radar citations intended for Senator Mike Johnston representing district 33, whose vehicle was identified by a '33' on his special plate. Lt. Matt Murray of the Denver Police, speaking of the system commented, 'Our system works, the database works. What needs to happen is the state's database need to be complete.'"
Stats

What Medical Tests Should Teach Us About the NSA Surveillance Program 107

Posted by timothy from the starbucks-should-put-franchises-in-transit-zones dept.
First time accepted submitter Davak writes "In many ways finding the small amount of terrorists within the United States is like screening a population of people for a rare disease. A physician explains why collecting excessive data is actually dangerous. Each time a test is run, the number of people incorrectly identified quickly dwarfs the correct matches. Just like in medicine, being incorrectly labelled has serious consequences."
Security

NHS Fined After Computer Holding Patient Records Found On eBay 186

Posted by timothy from the all-these-billing-addresses-are-identical dept.
judgecorp writes "NHS Surrey, part of Britain's health service, has been fined £200,000 when a computer holding more than 3000 patient records was found for sale on eBay. The system was retired, and given to a contractor who promised to dispose of it securely for free, in exchange for any salvage value... but clearly just put the whole system up for sale."
The Courts

Whistleblowing IT Director Fired By FL State Attorney 569

Posted by timothy from the also-he-was-probably-using-a-computer dept.
An anonymous reader writes "Ben Kruidbos, the IT director for the Florida State Attorney's Office who'd spoken up when important cellphone evidence he'd extracted from Trayvon Martin's cellphone was withheld by the state from the defense, was fired by messenger at 7:30 PM Friday, after closing arguments in the Zimmerman case. He was told that he could not be 'trusted to set foot in this office,' and that he was being fired for incompetence. Kruidbos had received a merit pay raise earlier this year. The firing letter also blames him for consulting a lawyer, an obvious sign of evil."
Government

Reconciling Human Rights With Ubiquitous Online Surveillance 133

Posted by timothy from the fine-words-butter-no-parsnips dept.
Max_W writes "Here is the text of Article #12 of the Universal Declaration of Human Rights: 'No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.' U.N. human rights chief Navi Pillay said yesterday 'While concerns about national security and criminal activity may justify the exceptional and narrowly-tailored use of surveillance programs, surveillance without adequate safeguards to protect the right to privacy actually risks impacting negatively on the enjoyment of human rights and fundamental freedoms.' Is it realistic to expect the compliance with this article from the world's major players in the age of large storage disks, fast networks and computers? Or are we entering a new brave world, a new phase of human civilization, where quaint notions of privacy and traditional moral principles are becoming ridiculous? Then what to do with the Article #12? Shall it be 'intentionally left blank'? Shall it be updated to a new wording? What words could they be?" In the U.S. and the EU, government bodies are fond of coming up with domain-specific bills of rights, not so big on publicly striking out the various guarantees.
Google

Google Patents Displaying Athletes On Sports Fields 52

Posted by timothy from the all-an-elaborate-joke dept.
theodp writes "Just about anyone that's familiar with sports has seen position and depth charts, in which athletes are portrayed on the athletic fields their sport is played on. But that didn't stop Google from asking for — and the USPTO granting — a patent on displaying pictures of athletes on the fields on which their sport is played, or in legal-speak, its Method, System, and Graphical User Interface for Personalized Online Sports Team Charts. 'One aspect of the invention,' explains Google, 'involves a graphical user interface on a computer that includes a graphic of an athletic playing field or a portion thereof, and a plurality of player positions on the athletic field. At least some of the player positions contain thumbnail images selected by a first user. The thumbnail images provide links to corresponding profiles in an online social network.' Six Googlers, including Orkut Buyukkokten, were credited as inventors in the 2007 patent application."
Cellphones

Microsoft Sues US Customs For Allowing Imports of Banned Motorola Phones 87

Posted by timothy from the we-seek-this-rent-wholeheartedly dept.
SmartAboutThings writes "Microsoft filed a lawsuit on Friday accusing the United States Customs of secretly meeting with Google representatives to allow imports of Motorola devices that are infringing on Microsoft's ActiveSync technology and therefore should be banned." The article lists 18 (older) Android devices that are named in the complaint; Xoom owners just got some street cred.
Privacy

Microsoft's Cooperation With NSA Either Voluntary, Or Reveals New Legal Tactic 193

Posted by timothy from the man-in-the-middle-attack dept.
holy_calamity writes "When Microsoft re-engineered its online services to assist NSA surveillance programs, the company was either acting voluntarily, or under a new kind of court order, reports MIT Technology Review. Existing laws were believed to shelter companies from being forced to modify their systems to aid surveillance, but experts say the Foreign Intelligence Surveillance Court may now have a new interpretation. Microsoft's statement about its cooperation with NSA surveillance doesn't make it clear whether it acted under legal duress, or simply decided that to helping out voluntarily was in its best interest."
Chrome

Amazon One-Click Chrome Extension Snoops On SSL Traffic 95

Posted by Soulskill from the you're-doing-it-wrong dept.
An anonymous reader writes "It turns out Amazon has its own sketchy method of snooping on all your browser traffic — even SSL traffic — through their one-click extension for Chrome. As designed, the extension reports every URL you visit, including HTTPS ones, to Amazon. It uses XSS to provide some of its functionality. It also reports contents of some website visits to Alexa. The Amazon extension has also been exploited to allow an attacker to gain access to SSL traffic on browsers that have it installed."
Japan

Japanese Gov't Accidentally Shares Internal Email Over Google Groups 25

Posted by Soulskill from the top-secret-for-everyone's-eyes-only dept.
itwbennett writes "An official at Japan's Ministry of the Environment created a Google Group to share email and documents related to Japan's negotiations during a meeting held in Geneva in January, but used the default privacy settings, which left the exchanges wide open. According to Japan's Yomiuri Shimbun newspaper, over 6,000 items, including private contact information of government officials, was publicly accessible. Michihiru Oi, a ministry official, said the ministry has its own system for creating groups and sharing documents, but it doesn't always function well outside of Japan, sometimes leading to 'poor connections' and a 'bad working environment.'"
Government

The Savvy Tech Strategy Behind Obamacare 146

Posted by Soulskill from the i-bet-the-borg-have-low-health-care-costs dept.
snydeq writes "The U.S. health care industry is undergoing several massive transformations, not the least of which is the shift to interoperable EHR (electronic health records) systems. The ONC's Doug Fridsma discusses the various issues that many health care IT and medical providers have raised regarding use of these systems, which are mandated for 2014 under the HITECH Act of 2004, and are all the more important in light of the 2010 Patient Protection and Affordable Care Act, aka Obamacare. Key to the transition, says Fridsma, is transforming health IT for EHRs into something more akin to the Internet, and less like traditional ERP and IT systems. 'I think what we're trying to do is the equivalent of what you've got in the Internet, which is horizontal integration rather than vertical integration,' Fridsma says. 'We've done a lot of work looking at what other countries have done, and we've tried to learn from those experiences. Rather than trying to build this top down and create restrictions, we're really trying to ask, "What's the path of least regret in what we need to do?"'"
Government

E-Voting Source Code Made Public In Estonia 88

Posted by Soulskill from the but-omg-hackers dept.
New submitter paavo512 writes "Server-side source code used for electronic voting was made fully public by Estonian officials on July 11 (in Estonian). The aim is to encourage more specialists to get involved in the technical analysis of the software. It is hoped that public overview will help to ensure the security of the system. E-voting has been successfully used five times in Estonia since 2007. It facilitates national ID cards which are obligatory for all citizens. In the next municipal elections later this year it is planned to test an experimental feature where the voter can check via a physically separate channel (smart phone) if his or her vote has been registered correctly. The publicized source code is available at GitHub."
Australia

Aussie Telco Telstra Agreed To Spy For America 125

Posted by Soulskill from the can't-even-trust-giant-soulless-corporations-anymore dept.
An anonymous reader writes "Australian telecommunications giant Telstra has for a decade been storing huge volumes of electronic communications carried between Asia and America for surveillance by U.S. intelligence agencies. This includes not just the metadata, but the actual content of emails, online messages and phone calls. With the blessing of the Australian government Telstra agreed to route data through a 'U.S. point of contact through a secure storage facility on U.S. soil that was staffed exclusively by U.S. citizens.' The contract was prompted by Telstra's decision to expand its business in Asia by taking control of hundreds of kilometers of undersea telecommunications cables. The deal started under the Liberal Party and continued under Labor. The Greens have demanded an explanation."
Censorship

The Pope Criminalizes Leaks 266

Posted by samzenpus from the keeping-secrets-secret dept.
PolygamousRanchKid writes "Pope Francis overhauled the laws that govern the Vatican City State on Thursday, criminalizing leaks of Vatican information and specifically listing sexual violence, prostitution and possession of child pornography as crimes against children that can be punished by up to 12 years in prison. But without the leaks, how would we find out about those crimes against children? Many of the new provisions were necessary to bring the city state's legal system up to date after the Holy See signed international treaties, such as the U.N. Convention on the Rights of the Child. Others were necessary to comply with international norms to fight money-laundering, part of the Vatican's push toward financial transparency. One new crime stands out, though, as an obvious response to the leaks of papal documents last year that represented one of the gravest Vatican security breaches in recent times. Paolo Gabriele, the butler for then-Pope Benedict XVI, was tried and convicted by a Vatican court of stealing Benedict's personal papers and giving them to an Italian journalist, Gianluigi Nuzzi. Using the documents, Nuzzi published a blockbuster book on the petty turf wars, bureaucratic dysfunction and allegations of corruption and homosexual liaisons that afflict the highest levels of Catholic Church governance. Gabriele, who said he wanted to expose the 'evil and corruption' that plagued the Holy See, was convicted of aggravated theft and sentenced to 18 months in the Vatican's police barracks."
United States

What the Government Pays To Snoop On You 174

Posted by samzenpus from the spying-for-simoleons dept.
transporter_ii writes "So what does it cost the government to snoop on us? Paid for by U.S. tax dollars, and with little scrutiny, surveillance fees charged by phone companies can vary wildly. For example, AT&T, imposes a $325 'activation fee' for each wiretap and $10 a day to maintain it. Smaller carriers Cricket and U.S. Cellular charge only about $250 per wiretap. But snoop on a Verizon customer? That costs the government $775 for the first month and $500 each month after that, according to industry disclosures made last year to Congressman Edward Markey."
Government

Researchers Now Pulling Out of DEF CON In Response To Anti-Fed Position 204

Posted by timothy from the at-least-the-tsa-gives-free-massages dept.
darthcamaro writes "Earlier today it, Slashdot had a story about DEF CON's position on not allowing U.S. Federal agents to attend the annual hacking conference. We're now starting to see the backlash from the hacker community itself with at least two well respected hackers pulling out of the DEF CON speaking sessions so far: "'The issue we are struggling with, and the basis of our decision, is that we feel strongly that DEF CON has always presented a neutral ground that encouraged open communication among the community, despite the industry background and diversity of motives to attend,' security researcher Kevin Johnson wrote. 'We believe the exclusion of the "feds" this year does the exact opposite at a critical time.'" Meanwhile, Black Hat welcomes Federal attendees; this year's conference will feature as a speaker former NSA head Keith Alexander.

Slashdot Top Deals