Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Patreon Users Threatened By Ashley Madison Scammers ( 75

itwbennett writes: "Over the last few days, the group responsible for extortion attempts and death threats against Ashley Madison users has turned to a new set of targets – Patreon users," writes CSO's Steve Ragan. A message sent from the same account used in previous campaigns by the scammers demands a payment of 1 BTC or else the Patreon user will have their personal information exposed. "The [Bitcoin] wallet being used by the group has barely collected anything," says Ragan, "suggesting that after their massive push towards Ashley Madison users, people have stopped falling for their scams."
The Military

Fake Bomb Detector, Blamed For Hundreds of Deaths, Is Still In Use 151 writes: Murtaza Hussain writes at The Intercept that although it remains in use at sensitive security areas throughout the world, the ADE 651 is a complete fraud and the ADE-651's manufacturer sold it with the full knowledge that it was useless at detecting explosives. There are no batteries in the unit and it consists of a swivelling aerial mounted to a hinge on a hand-grip. The device contains nothing but the type of anti-theft tag used to prevent stealing in high street stores and critics have likened it to a glorified dowsing rod.

The story of how the ADE 651 came into use involves the 2003 U.S. invasion of Iraq. At the height of the conflict, as the new Iraqi government battled a wave of deadly car bombings, it purchased more than 7,000 ADE 651 units worth tens of millions of dollars in a desperate effort to stop the attacks. Not only did the units not help, the device actually heightened the bloodshed by creating "a false sense of security" that contributed to the deaths of hundreds of Iraqi civilians. A BBC investigation led to a subsequent export ban on the devices.

The device is once again back in the news as it was reportedly used for security screening at hotels in the Egyptian resort city of Sharm el-Sheikh where a Russian airliner that took off from that city's airport was recently destroyed in a likely bombing attack by the militant Islamic State group. Speaking to The Independent about the hotel screening, the U.K. Foreign Office stated it would "continue to raise concerns" over the use of the ADE 651. James McCormick, the man responsible for the manufacture and sale of the ADE 651, received a 10-year prison sentence for his part in manufacture of the devices, sold to Iraq for $40,000 each. An employee of McCormick who later became a whistleblower said that after becoming concerned and questioning McCormick about the device, McCormick told him the ADE 651 "does exactly what it's designed to. It makes money."

With $160 Billion Merger, Pfizer Moves To Ireland and Dodges Taxes ( 365

ourlovecanlastforeve writes: In a $160 billion dollar acquisition, drug company Allergan, a small company based in Ireland, "purchased" Pfizer, allowing the drug producing giant to move to Ireland and lower its tax rate from about 25 percent to 17-18 percent. Ars reports: "Such inversions, which are said to cost the American government billions in lost tax revenue, have drawn scorn from the Obama Administration and the Treasury Department. Last year, President Obama referred to the deals as 'unpatriotic' loopholes and proposed to close them. And last week, the Treasury announced new rules to make such deals more difficult. But Pfizer’s reverse-inversion skirts the rules, in part by keeping ownership split somewhat evenly between the two companies. After the deal is complete, current shareholders of Allergan, which has the majority of its operations in the US, will own 44 percent of the mega company. The remaining 56 percent will be owned by current Pfizer shareholders."

FAA To Drone Owners: Get Ready To Register To Fly ( 192

coondoggie writes: While an actual rule could be months away, drones weighing about 9 ounces or more will apparently need to be registered with the Federal Aviation Administration going forward. The registration requirement and other details came form the government’s UAS Task Force which was created by the FAA last month and featured all manner of associates from Google, the Academy of Model Aeronautics and Air Line Pilots Association to Walmart, GoPro and Amazon. “By some estimates, as many as 400,000 new unmanned aircraft will be sold during the holiday season. Pilots with little or no aviation experience will be at the controls of many of these aircraft. Many of these new aviators may not even be aware that their activities in our airspace could be dangerous to other aircraft -- or that they are, in fact, pilots once they start flying their unmanned aircraft,” said FAA Administrator Michael Huerta in announcing the task force’s results.

Dell Accused of Installing 'Superfish-Like' Rogue Certificates On Laptops ( 92

Mickeycaskill writes: Dell has been accused of pre-installing rogue self-signing root certificate authentications on its laptops. A number of users discovered the 'eDellRoot' certificate on their machines and say it leaves their machines, and any others with the certificate, open to attack. "Anyone possessing the private key which is on my computer is capable of minting certificates for any site, for any purpose and the computer will programmatically and falsely conclude the issued certificate to be valid," said Joe Nord, a Citrix product manager who found the certificate on his laptop. It is unclear whether it is Dell or a third party installing the certificate, but the episode is similar to the 'Superfish' incident in which Lenovo was found to have installed malware to inject ads onto users' computers.
The Almighty Buck

"Clock Boy" Ahmed Mohamed Seeking $15 Million In Damages 811

phrackthat writes: The family of Ahmed Mohamed, the boy who was arrested in Irving, Texas has threatened to sue the school and the city of Irving if they do not pay him $15 million as compensation for his arrest. To refresh the memories of everyone, Ahmed's clock was a clock he disassembled then put into a pencil case that looked like a miniature briefcase. He was briefly detained by the Irving city police to interview him and determine if he intended for his clock to be perceived as a fake bomb. He was released to his parents later on that day and they publicized the matter and claimed Ahmed was arrested because of "Islamophobia".

New IBM Tech Lets Apps Authenticate You Without Personal Data ( 27

itwbennett writes: IBM's Identity Mixer allows developers to build apps that can authenticate users' identities without collecting personal data. Specifically, Identity Mixer authenticates users by asking them to provide a public key. Each user has a single secret key, and it corresponds with multiple public keys, or identities. IBM announced on Friday that Identity Mixer is now available to developers on its Bluemix cloud platform.

Nearly 35,000 Comment On New Federal STEM OPT Extension Rule ( 55

theodp writes: Computerworld reports that the comments are in on the Department of Homeland Security's new proposed rule to extend OPT for international STEM students from 29 months to at least 36 months. The majority of the comments received by DHS support extending the program, CW notes, which is probably not surprising. Rather than choosing to "avoid the appearance of improper influence" by declining to respond to a "We the People" petition protesting a pending U.S. Federal judge's ruling that threatens to eliminate OPT STEM extensions altogether in February, the White House informed the 100k petition signers that they had the President's support, and pointed to the comment site for the proposed DHS OPT STEM rule workaround. Like the "We the People" petitioners, it's unclear whether the DHS commenters might represent corporate, university, and/or student interests, although a word cloud of the top 100 names of commenters (which accounted for 17,000+ comments) hints that international students are well-represented. By the way, in rejecting the 'emergency changes' that were enacted by DHS in 2008 to extend OPT for STEM students without public comment, Judge Ellen Huvelle said, "the 17-month duration of the STEM extension appears to have been adopted directly from the unanimous suggestions by Microsoft and similar industry groups."

Australian State Bans Possession of Blueprints For 3D Printing Firearms ( 311

angry tapir writes: Possessing files that can be used to 3D print firearms will soon be illegal in the Australian state of New South Wales after new legislation, passed last week by state parliament, comes into effect. Possessing files for 3D printing guns will be punishable by up to 14 years in prison. The provisions "are targeted at criminals who think they can steal or modify firearms or manufacture firearms from 3D blueprints," NSW's justice minister, Troy Grant, said when introducing the bill in the state's lower house on 27 October. "Those who think they can skirt the law will find themselves facing some of the toughest penalties for firearms offences in this country," Grant said.

How Anonymous' War With Isis Is Actually Harming Counter-Terrorism ( 391

retroworks writes: According to a recent tweet from the #OpParis account, Anonymous are delivering on their threat to hack Isis, and are now flooding all pro-Isis hastags with the grandfather of all 2007 memes — Rick Astley's "Never Gonna Give You Up" music video. Whenever a targeted Isis account tries to spread a message, the topic will instead be flooded with countless videos of Rick Astley circa 1987. Not all are praising Anonymous methods, however. While Metro UK reports that the attacks have been successful, finding and shutting down 5,500 Twitter accounts, the article also indicates that professional security agencies have seen sources they monitor shut down. Rick Astley drowns out intelligence as well as recruitment.

Whistleblowers: How NSA Created the 'Largest Failure' In Its History ( 118

An anonymous reader writes: Former NSA whistleblowers contend that the agency shut down a program that could have "absolutely prevented" some of the worst terror attacks in memory. According to the ZDNet story: "Weeks prior to the September 11 terrorist attacks, a test-bed program dubbed ThinThread was shut down in favor of a more expensive, privacy-invasive program that too would see its eventual demise some three years later -- not before wasting billions of Americans' tax dollars. Four whistleblowers, including a congressional senior staffer, came out against the intelligence community they had served, after ThinThread. designed to modernize the agency's intelligence gathering effort, was cancelled. Speaking at the premier of a new documentary film A Good American in New York, which chronicles the rise and demise of the program, the whistleblowers spoke in support of the program, led by former NSA technical director William Binney."
United States

US and China Setting Up "Space Hotline" ( 15

Taco Cowboy writes: Washington and Beijing have established an emergency 'space hotline' to reduce the risk of accidental conflict. Several international initiatives are already in train to seal a space treaty to avoid a further build-up of weapons beyond the atmosphere. However, security experts say the initiatives have little chance of success. A joint Russia-China proposal wending its way through the UN was not acceptable to the US. An EU proposal, for a "code of conduct" in space, was having diplomatic "difficulties" but was closer to Washington's position.

Blackberry Offers 'Lawful Device Interception Capabilities' ( 137

An anonymous reader writes: Apple and Google have been vocal in their opposition to any kind of government regulation of cell phone encryption. BlackBerry, however, is taking a different stance, saying it specifically supports "lawful interception capabilities" for government surveillance. BlackBerry COO Marty Beard as much at a recent IT summit. He declined to explain how the interception works, but he denied the phones would contain "backdoors" and said governments would have no direct access to BlackBerry servers. The company may see this as a way to differentiate themselves from the competition.

Florida Group Wants To Make Space a 2016 Presidential Campaign Issue ( 118

MarkWhittington writes: According to a story on News 13, an Orlando TV station, Space Florida is working to make space a political issue in the 2016 presidential election. Thus far the campaign for the presidency has been dominated by more mundane issues such as the economy, illegal immigration, and the threat of terrorism. Space Florida, which is "the State of Florida's aerospace economic development agency," is said to be "working with three other battleground states to make sure America's space program is a part of the campaign for president." Presumably one of those states is Texas, which has lots of electoral votes

Sued Freelancer Allegedly Turns Over Contractee Source Code In Settlement 130

FriendlySolipsist writes: Blizzard Entertainment has been fighting World of Warcraft bots for years. TorrentFreak reports that Bossland, a German company that operates "buddy" bots, alleges Blizzard sued one of its freelancers and forced a settlement. As part of that settlement, the freelancer allegedly turned over Bossland's source code to Blizzard. In Bossland's view, their code was "stolen" by Blizzard because it was not the freelancer's to disclose. This is a dangerous precedent for freelance developers in the face of legal threats: damned if you do, damned if you don't.

Comcast Xfinity Wi-Fi Discloses Customer Names and Addresses ( 47

itwbennett writes: Despite assurances that only business listings and not customer names and home addresses would appear in the public search results when someone searches for an Xfinity Wi-Fi hotspot, that is exactly what's happened when the service was initiated 2 years ago — and is still happening now, writes CSO's Steve Ragan. And that isn't the only security issue with the service. Another level of exposure centers on accountability. Ken Smith, senior security architect with K Logix in Brookline, Ma., discovered that Comcast is relying on the device's MAC address as a key component of authentication.

FTC Amends Telemarketing Rule To Ban Payment Methods Used By Scammers 48

An anonymous reader writes: The Federal Trade Commission has approved final amendments to its Telemarketing Sales Rule (TSR), including a change that will help protect consumers from fraud by prohibiting four discrete types of payment methods favored by scammers. The TSR changes will stop telemarketers from dipping directly into consumer bank accounts by using certain kinds of checks and "payment orders" that have been "remotely created" by the telemarketer or seller. In addition, the amendments will bar telemarketers from receiving payments through traditional "cash-to-cash" money transfers – provided by companies like MoneyGram, Western Union, and RIA.

Ex-CIA Director Says Snowden Should Be 'Hanged' For Paris Attacks ( 486

SonicSpike writes with this excerpt from The HIll: A former CIA director says leaker Edward Snowden should be convicted of treason and given the death penalty in the wake of the terrorist attack on Paris. "It's still a capital crime, and I would give him the death sentence, and I would prefer to see him hanged by the neck until he's dead, rather than merely electrocuted," James Woolsey told CNN's Brooke Baldwin on Thursday. Woolsey said Snowden, who divulged classified information in 2013, is partly responsible for the terrorist attack in France last week that left at least 120 dead and hundreds injured. "I think the blood of a lot of these French young people is on his hands," he said.

Donald Trump Obliquely Backs a Federal Database To Track Muslims 591 writes: Philip Bump reports at the Washington Post that Donald Trump confirmed to NBC on Thursday evening that he supports a database to track Muslims in the United States. The database of Muslims arose after an interview Yahoo News's Hunter Walker conducted with Trump earlier this week, during which he asked the Republican front-runner to weigh in on the current debate over refugees from Syria. "We're going to have to do things that we never did before," Trump told Walker. "Some people are going to be upset about it, but I think that now everybody is feeling that security is going to rule." When pressed on whether these measures might include tracking Muslim Americans in a database or noting their religious affiliations on identification cards, Trump would not go into detail — but did not reject the options. Trump's reply? "We're going to have to — we're going to have to look at a lot of things very closely," he said. "We're going to have to look at the mosques. We're going to have to look very, very carefully." After an event on in Newton, Iowa, on Thursday night, NBC's Vaughn Hillyard pressed the point. "Should there be a database system that tracks Muslims here in this country?," Hillyard asked. "There should be a lot of systems, beyond databases" Trump said. "We should have a lot of systems." Hillyard asked about implementation, including the process of adding people to the system. "Good management procedures," Trump said. Sign people up at mosques, Hillyard asked? "Different places," Trump replied. "You sign them up at different places. But it's all about management."
The Courts

Judge: Stingrays Are 'Simply Too Powerful' Without Adequate Oversight ( 111

New submitter managerialslime sends news that an Illinois judge has issued new requirements the government must meet before it can use cell-site simulators, a.k.a. "stingrays," to monitor the communications of suspected criminals. While it's likely to set precedent for pushing back against government surveillance powers, the ruling is specific to the Northern District of Illinois for now. What is surprising is Judge Johnston’s order to compel government investigators to not only obtain a warrant (which he acknowledges they do in this case), but also to not use them when "an inordinate number of innocent third parties’ information will be collected," such as at a public sporting event. This first requirement runs counter to the FBI’s previous claim that it can warrantlessly use stingrays in public places, where no reasonable expectation of privacy is granted. Second, the judge requires that the government "immediately destroy" collateral data collection within 48 hours (and prove it to the court). Finally, Judge Johnston also notes: "Third, law enforcement officers are prohibited from using any data acquired beyond that necessary to determine the cell phone information of the target. A cell-site simulator is simply too powerful of a device to be used and the information captured by it too vast to allow its use without specific authorization from a fully informed court."