Forgot your password?
typodupeerror

Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

Communications

Snowden's Tough Advice For Guarding Privacy 210

Posted by timothy
from the going-through-the-eye-of-the-needle dept.
While urging policy reform as more important than per-person safeguards, Edward Snowden had a few pieces of advice on maintaining online privacy for attendees at Saturday's New Yorker Festival. As reported by TechCrunch, Snowden's ideas for avoiding online intrusions (delivered via video link) sound simple enough, but may not be easy for anyone who relies on Google, Facebook, or Dropbox, since those are three companies he names as ones to drop. A small slice: He also suggested that while Facebook and Google have improved their security, they remain “dangerous services” that people should avoid. (Somewhat amusingly, anyone watching the interview via Google Hangout or YouTube saw a Google logo above Snowden’s face as he said this.) His final piece of advice on this front: Don’t send unencrypted text messages, but instead use services like RedPhone and Silent Circle. Earlier in the interview, Snowden dismissed claims that increased encryption on iOS will hurt crime-fighting efforts. Even with that encryption, he said law enforcement officials can still ask for warrants that will give them complete access to a suspect’s phone, which will include the key to the encrypted data. Plus, companies like Apple, AT&T, and Verizon can be subpoenaed for their data.
Bug

More Details On The 3rd-Party Apps That Led to Snapchat Leaks 97

Posted by timothy
from the you-didn't-really-think-they-were-secure-did-you dept.
Yesterday we posted a link to Computerworld's reports that (unnamed) third-party apps were responsible for a massive leak of Snapchat images from the meant-to-be-secure service. An anonymous reader writes with some more details: Ars Technica identifies the culprit as SnapSaved, which was created to allow Snapchat users to access their sent and received images from a browser but which also secretly saved those images on a SnapSaved server hosted by HostGator. Security researcher Adam Caudill warned Snapchat about the vulnerability of their API back in 2012, and although the company has reworked their code multiple times as advised by other security researchers, Caudill concludes that the real culprit is the concept behind Snapchat itself. "Without controlling the endpoint devices themselves, Snapchat can't ensure that its users' photos will truly be deleted. And by offering that deletion as its central selling point, it's lured users into a false sense of privacy."
Government

Ex-NSA Director Keith Alexander's Investments In Tech Firms: "No Conflict" 59

Posted by timothy
from the picking-winners dept.
Presto Vivace (882157) writes "No conflicts appear to exist" among Keith Alexander's investments, the NSA said. "New financial disclosure documents released this month by the National Security Agency (NSA) show that Keith Alexander, who served as its director from August 2005 until March 2014, had thousands of dollars of investments during his tenure in a handful of technology firms." Don't worry, the NSA assures us that there was no conflict of interest.
Crime

Only 100 Cybercrime Brains Worldwide, Says Europol Boss 104

Posted by timothy
from the but-they-are-evil-brains dept.
mrspoonsi writes There are only "around 100" cybercriminal kingpins behind global cybercrime, according to the head of Europol's Cybercrime Centre. Speaking to the BBC, Troels Oerting said that law enforcers needed to target the "rather limited group of good programmers". "We roughly know who they are. If we can take them out of the equation then the rest will fall down," he said. "This is not a static number, it will increase unfortunately," he said. "We can still cope but the criminals have more resources and they do not have obstacles. They are driven by greed and profit and they produce malware at a speed that we have difficulties catching up with." The biggest issue facing cybercrime fighters at the moment was the fact that it was borderless. "Criminals no longer come to our countries, they commit their crimes from a distance and because of this I cannot use the normal tools to catch them. "I have to work with countries I am not used to working with and that scares me a bit," he said The majority of the cybercrime "kingpins" were located in the Russian-speaking world, he said.
China

Core Secrets: NSA Saboteurs In China and Germany 228

Posted by timothy
from the state-vs-man dept.
Advocatus Diaboli writes with this snippet from The Intercept: The National Security Agency has had agents in China, Germany, and South Korea working on programs that use "physical subversion" to infiltrate and compromise networks and devices, according to documents obtained by The Intercept. The documents, leaked by NSA whistleblower Edward Snowden, also indicate that the agency has used under cover operatives to gain access to sensitive data and systems in the global communications industry, and that these secret agents may have even dealt with American firms. The documents describe a range of clandestine field activities that are among the agency's "core secrets" when it comes to computer network attacks, details of which are apparently shared with only a small number of officials outside the NSA.
Government

NSA To Scientists: We Won't Tell You What We've Told You; That's Classified 106

Posted by timothy
from the can't-fight-in-here-this-is-the-war-room dept.
MojoKid writes One of the downsides to the news cycle is that no matter how big or hot a story is, something else inevitably comes along. The advent of ISIS and Ebola, combined with the passing of time, have pushed national security concerns out of the limelight — until, that is, someone at the NSA helps out by reminding us that yes, the agency still exists and yes, it still has some insane policies and restrictions. Earlier this year, the Federation of American Scientists filed a Freedom of Information Act request with the NSA. The group was seeking information it thought would be relatively low-key — what authorized information had been leaked to the media over the past 12 months? The NSA's response reads as follows: "The document responsive to your request has been reviewed by this Agency as required by the FOIA and has been found to be currently and properly classified in accordance with Executive Order 13526. The document is classified because its disclosure could reasonably be expected to cause exceptionally grave damage to the national security." The NSA is insisting that it has the right to keep its lawful compliance and public disclosures secret not because the NSA is made of evil people but because the NSA has a knee-jerk preference and demand for secrecy. In a spy organization, that's understandable and admirable but it's precisely the opposite of what's needed to rebuild American's faith in the institution and its judgment.
Privacy

Kmart Says Its Payment System Was Hacked 101

Posted by timothy
from the worst-case-scenario dept.
wiredmikey writes Kmart is the latest large U.S. retailer to experience a breach of its payment systems, joining a fast growing club dealing successful hack attacks. The company said that on Thursday, Oct. 9, its IT team detected that its payment data systems had been breached, and that debit and credit card numbers appear to have been compromised. A company spokesperson told SecurityWeek that they are not able to provide a figure on the number of customers impacted. The spokesperson said that based on the forensic investigation to date, no personal information, no debit card PIN numbers, no email addresses and no social security numbers were obtained by the attackers.
Piracy

FBI Says It Will Hire No One Who Lies About Illegal Downloading 578

Posted by timothy
from the could-make-for-some-lonely-offices dept.
wabrandsma writes with this excerpt from The State Hornet, the student newspaper at Sacramento State On Monday, Sacramento State's Career Center welcomed the FBI for an informational on its paid internship program where applications are now being accepted. One of the highly discussed topics in the presentation was the list of potential traits that disqualify applicants. This list included failure to register with selective services, illegal drug use including steroids, criminal activity, default on student loans, falsifying information on an application and illegal downloading music, movies and books. FBI employee Steve Dupre explained how the FBI will ask people during interviews how many songs, movies and books they have downloaded because the FBI considers it to be stealing. During the first two phases of interviews, everything is recorded and then turned into a report. This report is then passed along to a polygraph technician to be used during the applicant's exam, which consists of a 55-page questionnaire. If an applicant is caught lying, they can no longer apply for an FBI agent position. (Left un-explored is whether polygraph testing is an effective way to catch lies.)
Medicine

The CDC Is Carefully Controlling How Scared You Are About Ebola 478

Posted by Soulskill
from the be-afraid.-be-slightly-afraid. dept.
HughPickens.com writes: Russell Berman reports in The Atlantic that the Obama administration is trying to navigate a tricky course: Can officials increase public vigilance about the deadly Ebola virus without inciting a panic? "Ebola is scary. It's a deadly disease. But we know how to stop it," says Dr. Thomas Frieden, the CDC director. speaking "calmly and clearly, sticking to an even pitch and avoiding the familiar political image of the whip-smart fast-talker." International groups wanted the U.S. to step in sooner to help fight the outbreak in west Africa, while more recently some Republicans have called on the administration to ban travel from the most affected countries.

Frieden and other officials say such a move would be counterproductive, citing lessons learned from the SARS outbreak a decade ago. "The SARS outbreak cost the world more than $40 billion, but it wasn't to control the outbreak," says Frieden. "Those were costs from unnecessary and ineffective travel restrictions and trade changes that could have been avoided." The government announced Wednesday that it was stepping up protective measures at five airports, where authorities will screen travelers from Liberia, Sierra Leone, and Guinea with targeted questions and fever checks, an action, officials acknowledge, that was taken not only to stop the spread of the disease but simply to make people feel safer. According to Berman, the message is this: Be afraid of Ebola. Just not too afraid.
Privacy

Accessing One's Own Metadata 94

Posted by Soulskill
from the freedom-of-my-own-bloody-information-request dept.
skegg writes: Frustrated journalist Ben Grubb has documented his attempts at gaining access to his own metadata from his carrier. "After more than a year of phone calls and emails and a private mediation session, it still hasn't released the information or answered my one key question satisfactorily: the government can access my Telstra metadata, so why can't I?" Later, he says, "Telstra's one and only valid argument to date has been that identifying who calls me would be in breach of that person's privacy if they called from an unlisted number. I've agreed and said that in providing me with my metadata they should remove unlisted numbers. They argue this would be too difficult to do, which I think is baloney."
Privacy

National Security Letter Issuance Likely Headed To Supreme Court 112

Posted by samzenpus
from the give-us-an-answer dept.
Gunkerty Jeb writes The Ninth Circuit appeals court in San Francisco took oral arguments from the Electronic Frontier Foundation and the Department of Justice yesterday over the constitutionality of National Security Letters and the gag orders associated with them. The EFF defended a lower court's ruling that NSLs are unconstitutional, while the DoJ defended a separate ruling that NSLs can be enforced. Whatever the court rules, the issue of NSLs is all but certainly headed for the Supreme Court in the not too distant future.
IT

Ask Slashdot: An Accurate Broadband Speed Test? 294

Posted by timothy
from the works-fine-from-our-end-sir dept.
First time accepted submitter kyrcant writes Is there a way to accurately really test my "broadband" connection? I don't trust the usual sites, the first ones I found via Google. I suspect (and found) that at least some of them are directly affiliated with ISPs, and I further suspect that traffic to those addresses is probably prioritized, so people will think they're getting a good deal. The speeds I experience are much, much slower than the speed tests show I'm capable of. For a while I thought it might be the sites themselves, but they load faster on my T-Mobile HTC One via 4G than on my laptop via WiFi through a cable modem connection. Is there a speed test site that has a variable or untraceable IP address, so that the traffic can't be prioritized by my ISP (call them "ConCazt")? If not, which sites are not in any way affiliated with ISPs? Is there a way to test it using YouTube or downloading a set file which can be compared to other users' results?
Google

Google Takes the Fight With Oracle To the Supreme Court 146

Posted by timothy
from the by-the-power-your-black-robe-we-beseech-thee dept.
whoever57 writes Google has asked the Supreme Court to review the issue of whether APIs can be copyrighted. Google beat Oracle in the trial court, where a judge with a software background ruled that APIs could not be copyrighted. but the Appeals court sided with Oracle, ruling that APIs can be copyrighted. Now Google is asking the Supreme Court to overturn that decision. (Also of interest.)
The Internet

Eric Schmidt: Anxiety Over US Spying Will "Break the Internet" 179

Posted by samzenpus
from the this-is-why-we-can't-have-nice-things dept.
jfruh writes Oregon Senator Ron Wyden gathered a group of tech luminaries to discuss the implications of U.S. surveillance programs, and Google Chairman Eric Schmidt didn't mince words. He said that worries over U.S. surveillance would result in servers with different sets of data for users from different countries multiplying across the world. "The simplest outcome is that we're going to end up breaking the Internet."
Patents

Open Invention Network Grows Despite Patent Troll Death Knell 16

Posted by samzenpus
from the protection-of-the-herd dept.
snydeq writes Membership in the Open Invention Network, a software community set up to protect Linux against patent aggressors, has grown dramatically in the past year just as the tide seems to be turning on patent trolls. "Why all this interest in OIN? It offers little protection against nonpracticing entities — patent trolls who are organizationally small companies, even if the threat they pose is expensive and large. But it does offer protection against an equally insidious threat: big trolls," writes Simon Phipps. "The big corporations show up with their giant patent portfolios, threatening legal doom if royalties aren't paid. Attaching royalties to product or service delivery is a serious issue for companies, reducing margins long-term — especially in business models where the monetization is separated from the product. But OIN neutralizes that strategy for those building with open source, as the big corporations in the network both license their patent portfolios in and commit not to litigate against the open source software in the Linux System Definition. The bigger it gets, the better it protects."
The Courts

Chimpanzee "Personhood" Is Back In Court 385

Posted by samzenpus
from the I-wanna-be-like-you-hoo-hoo dept.
sciencehabit writes Chimpanzees are back in court. Judges in New York State heard the first in a series of appeals attempting to grant "legal personhood" to the animals. The case is part of a larger effort by an animal rights group known as the Nonhuman Rights Project (NhRP) to free a variety of creatures—from research chimps to aquarium dolphins—from captivity. If the case is successful, it could grant personhood to chimps throughout the state.
Crime

Ross Ulbricht's Lawyer Says FBI's Hack of Silk Road Was "Criminal" 208

Posted by samzenpus
from the do-as-I-say-not-as-I-do dept.
First time accepted submitter apexcp writes Trading blows with the prosecution, defendants for accused Silk Road mastermind Ross Ulbricht continues to press for the exclusion of evidence seized during what he says is an illegal hack an awful lot like the one that got Weev 15 months in prison. "The government posits two standards of behavior: one for private citizens, who must adhere to a strict standard of conduct construed by the government, and the other for the government, which, with its elastic ability to effect electronic intrusion, can deliberately, cavalierly, and unrepentantly transgress those same standards. Yet neither law nor the Constitution permits rank government lawlessness without consequences."
AT&T

AT&T To Repay $80 Million In Shady Phone Bill Charges 61

Posted by samzenpus
from the pay-up dept.
First time accepted submitter dibdublin writes The Federal Trade Commission announced today that AT&T will pay $105 million for hiding extra charges in cellphone bills. The best part of the news? $80 million of it will go back into the pockets of people bilked by AT&T. The FTC announcement reads in part: "As part of a $105 million settlement with federal and state law enforcement officials, AT&T Mobility LLC will pay $80 million to the Federal Trade Commission to provide refunds to consumers the company unlawfully billed for unauthorized third-party charges, a practice known as mobile cramming. The refunds are part of a multi-agency settlement that also includes $20 million in penalties and fees paid to 50 states and the District of Columbia, as well as a $5 million penalty to the Federal Communications Commission."
Google

Gmail Security Is a Problem For Tor Users In Repressive Countries 74

Posted by samzenpus
from the lets-see-what-you-got dept.
blottsie writes Google is a long-time contributor to the Tor Project. But a security feature in Gmail poses a potential problem for Tor users who live under dangerous regimes or otherwise need to protect their anonymity, reports Joseph Cox at the Daily Dot. The email service kicks users out of their login session if it detects logins from IP addresses originating in other countries, then requires a user to enter a PIN code sent to a cellphone. Unless the user has a burner phone, this could potentially betray his or her identity to authorities.
Transportation

Fuel Efficiency Numbers Overstate MPG More For Cars With Small Engines 403

Posted by Soulskill
from the emperor's-new-hybrid dept.
whoever57 writes: All official numbers for fuel economy in the EU typically overstate the miles-per-gallon figure that drivers can expect to achieve in typical driving. A recent study confirmed this once again. However, what the study also found was that MPG figures are more unrealistic for cars with smaller engines than for cars with larger engines. Actual MPG figures achieved based on typical drives for cars with small engines could be as much as 36% under the official number, while those cars with 3-liter engines would typically achieve 15% less than the official figure. These discrepancies need to be accounted for if we're going to be serious about regulating fuel efficiency. But then, we should be using gallons-per-mile instead of miles-per-gallon, too.

I cannot conceive that anybody will require multiplications at the rate of 40,000 or even 4,000 per hour ... -- F. H. Wales (1936)

Working...