Forgot your password?
typodupeerror

Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.

Encryption

Wired Profiles John Brooks, the Programmer Behind Ricochet 39

Posted by timothy
from the bouncy-bouncy dept.
wabrandsma writes with this excerpt from Wired: John Brooks, who is just 22 and a self-taught coder who dropped out of school at 13, was always concerned about privacy and civil liberties. Four years ago he began work on a program for encrypted instant messaging that uses Tor hidden services for the protected transmission of communications. The program, which he dubbed Ricochet, began as a hobby. But by the time he finished, he had a full-fledged desktop client that was easy to use, offered anonymity and encryption, and even resolved the issue of metadata—the "to" and "from" headers and IP addresses spy agencies use to identify and track communications—long before the public was aware that the NSA was routinely collecting metadata in bulk for its spy programs. The only problem Brooks had with the program was that few people were interested in using it. Although he'd made Ricochet's code open source, Brooks never had it formally audited for security and did nothing to promote it, so few people even knew about it.

Then the Snowden leaks happened and metadata made headlines. Brooks realized he already had a solution that resolved a problem everyone else was suddenly scrambling to fix. Though ordinary encrypted email and instant messaging protect the contents of communications, metadata allows authorities to map relationships between communicants and subpoena service providers for subscriber information that can help unmask whistleblowers, journalists's sources and others.
Government

Secret Service Critics Pounce After White House Breach 167

Posted by timothy
from the owen-wilson-has-the-president-well-protected dept.
HughPickens.com writes On Friday evening, a man jumped the White House fence, sprinted across the North Lawn toward the residence, and was eventually tackled by agents, but not before he managed to actually enter the building. Now CBS reports that the security breach at the White House is prompting a new round of criticism for the Secret Service, with lawmakers and outside voices saying the incident highlights glaring deficiencies in the agency's protection of the president and the first family. "Because of corner-cutting and an ingrained cultural attitude by management of 'we make do with less,' the Secret Service is not protecting the White House with adequate agents and uniformed officers and is not keeping up to date with the latest devices for detecting intruders and weapons of mass destruction," says Ronald Kessler. "The fact that the Secret Service does not even provide a lock for the front door of the White House demonstrates its arrogance." But the Secret Service must also consider the consequences of overreaction says White House correspondent Major Garrett. "If you have a jumper and he is unarmed and has no bags or backpacks or briefcase, do you unleash a dog and risk having cell phone video shot from Pennsylvania Avenue of an unarmed, mentally ill person being bitten or menaced by an attack dog?" But Kessler says Julia Pierson, the first woman to head the Secret Service, has some explaining to do. "If the intruder were carrying chemical, biological or radiological weapons and President Obama and his family had been in, we would have had a dead president as well as a dead first family."
Facebook

NY Magistrate: Legal Papers Can Be Served Via Facebook 158

Posted by timothy
from the never-friend-a-process-server dept.
New submitter Wylde Stile writes with an interesting case that shows just how pervasive social networking connections have become, including in the eyes of the law. A Staten Island, NY family court support magistrate allowed a Noel Biscoch to serve his ex-wife legal papers via Facebook. Biscoch tried to serve his ex-wife Anna Maria Antigua the old-fashioned way — in person and via postal mai — but his ex-wife had moved with no forwarding address. Antigua maintains an active Facebook account, though, and had even liked some photos on the Biscoch's present wife's Facebook page days before the ruling. The magistrate concluded that the ex-wife could be served through Facebook. If this catches on, I bet a lot of people will end up with legally binding notices caught by spam filters or in their Facebook accounts' "Other" folders.
Democrats

Emails Cast Unflattering Light On Internal Politics of Healthcare.gov Rollout 337

Posted by timothy
from the wanna-be-absolutely-clear dept.
An anonymous reader writes with this report from The Verge linking to and excerpting from a newly released report created for a committee in the U.S. House of Representatives, including portions of eight "damning emails" that offer an unflattering look at the rollout of the Obamacare website. The Government Office of Accountability released a report earlier this week detailing the security flaws in the site, but a report from the House Committee on Oversight and Government Reform released yesterday is even more damning. Titled, "Behind the Curtain of the HealthCare.gov Rollout," the report fingers the Centers for Medicare and Medicaid Services, which oversaw the development of the site, and its parent Department of Health and Human Services. "Officials at CMS and HHS refused to admit to the public that the website was not on track to launch without significant functionality problems and substantial security risks," the report says. "There is also evidence that the Administration, to this day, is continuing its efforts to shield ongoing problems with the website from public view." Writes the submitter: "The evidence includes emails that show Obamacare officials more interested in keeping their problems from leaking to the press than working to fix them. This is both both a coverup and incompetence."
Education

Is Google's Non-Tax Based Public School Funding Cause For Celebration? 84

Posted by timothy
from the more-the-merrier dept.
theodp (442580) writes "Google's "flash-funding" of teachers' projects via DonorsChoose continues to draw kudos from grateful mayors of the nation's largest cities. The latest comes from Pittsburgh Mayor Bill Peduto (fresh from a Google-paid stay at the Google Zeitgeist resort), who joined Google officials at Taylor Allderdice HS, where Google announced it was 'flash funding' all Pittsburgh area teachers' crowd-funding campaigns on DonorsChoose.org. DonorsChoose reports that Google spent $64,657 to fund projects for 10,924 Pittsburgh kids. While the not-quite-$6-a-student is nice, it does pale by comparison to the $56,742 Google is ponying up to send one L.A. teacher's 34 students to London and Paris and the $35,858 it's spending to take another L.A. teacher's 52 kids to NYC, Gettysburg, and DC. So, is Google's non-tax based public school funding — which includes gender-based funding as well as "begfunding" — cause for celebration?"
Privacy

Proposed Law Would Limit US Search Warrants For Data Stored Abroad 110

Posted by timothy
from the step-in-the-right-direction dept.
An anonymous reader writes On Thursday, a bipartisan law was introduced in the Senate that would limit US law enforcement's ability to obtain user data from US companies with servers physically located abroad. Law enforcement would still be able to gain access to those servers with a US warrant, but the warrant would be limited to data belonging to US citizens. This bill, called the LEADS Act (PDF), addresses concerns by the likes of Microsoft and other tech giants that worry about the impact law enforcement over-reach will have on their global businesses. Critics remain skeptical: "we are concerned about how the provision authorizing long-arm warrants for the accounts of US persons would be administered, and whether we could reasonably expect reciprocity from other nations on such an approach."
Microsoft

Microsoft Kills Off Its Trustworthy Computing Group 98

Posted by timothy
from the but-you-can-totally-trust-it dept.
An anonymous reader writes Microsoft's Trustworthy Computing Group is headed for the axe, and its responsibilities will be taken over either by the company's Cloud & Enterprise Division or its Legal & Corporate Affairs group. Microsoft's disbanding of the group represents a punctuation mark in the industry's decades-long conversation around trusted computing as a concept. The security center of gravity is moving away from enterprise desktops to cloud and mobile and 'things,' so it makes sense for this security leadership role to shift as well. According to a company spokesman, an unspecified number of jobs from the group will be cut. Also today, Microsoft has announced the closure of its Silicon Valley lab. Its research labs in Redmond, New York, and Cambridge (in Massachusetts) will pick up some of the closed lab's operations.
Canada

Canadian Regulator Threatens To Impose New Netflix Regulation 316

Posted by Soulskill
from the play-ball-or-go-away dept.
An anonymous reader writes: Netflix appeared before the Canadian broadcast regulator today, resulting in a remarkably heated exchange, with threats of new regulation. The discussion was very hostile — the CRTC repeatedly ordered Netflix to provide subscriber information and other confidential data. As tempers frayed, the Canadian regulator expressed disappointment over the responses from a company that it said "takes hundreds of millions of dollars out of Canada." The CRTC implicitly threatened to regulate the company by taking away its ability to rely on the new media exception if it did not cooperate with its orders.
Censorship

Putin To Discuss Plans For Disconnecting Russia From the Internet 238

Posted by Soulskill
from the taking-his-e-toys-and-going-home dept.
New submitter GlowingCat writes: Russian President Vladimir Putin and several high-ranking officials will discuss the security of the Russian segment of the Internet at the meeting of the Russian Security Council next week. According to various reports, the officials will make a number of decisions about regulating the use of the Internet in Russia. This includes the ability to cut off the Russian Internet, known as Runet, from the outside world, in case of emergency.
Crime

Science Has a Sexual Assault Problem 441

Posted by Soulskill
from the not-immune dept.
cold fjord writes: Phys.org reports, "The life sciences have come under fire recently with a study published in PLOS ONE that investigated the level of sexual harassment and sexual assault of trainees in academic fieldwork environments. The study found 71% of women and 41% of men respondents experienced sexual harassment, while 26% of women and 6% of men reported experiencing sexual assault. The research team also found that within the hierarchy of academic field sites surveyed, the majority of incidents were perpetrated by peers and supervisors. The New York Times notes, "Most of these women encountered this abuse very early in their careers, as trainees. The travel inherent to scientific fieldwork increases vulnerability as one struggles to work within unfamiliar and unpredictable conditions."
Music

U2 and Apple Collaborate On 'Non-Piratable, Interactive Format For Music' 343

Posted by Soulskill
from the good-luck-with-that dept.
Squiff writes U2 and Apple are apparently collaborating on a new, "interactive format for music," due to launch in "about 18 months." (A direct interview is available at Time, but paywalled.) Bono said the new tech "can't be pirated" and will re-imagine the role of album artwork. Marco Arment has some suitably skeptical commentary: "Full albums are as interesting to most people today as magazines. Single songs and single articles killed their respective larger containers. ... This alleged new format will cost a fortune to produce: people have to take the photos, design the interactions, build the animations, and make the deals with Apple. Bono’s talking point about helping smaller bands is ridiculous ... There's nothing Apple or Bono can do to make people care enough about glorified liner notes. People care about music and convenience, period. As for “music that can’t be pirated”, I ask again, what decade is this? That ship has not only sailed long ago, but has circled the world hundreds of times, sunk, been dragged up, turned into a tourist attraction, went out of business, and been gutted and retrofitted as a more profitable oil tanker."
Transportation

Dealership Commentator: Tesla's Going To Win In Every State 153

Posted by samzenpus
from the go-ahead-and-sell-it dept.
cartechboy writes Unless you've been in a coma for a while you're aware that many dealer associations have been causing headaches for Tesla in multiple states. The reason? They are scared. Tesla's new, different, and shaking up the ridiculously old way of doing things. But the thing is, Tesla keeps winning. Now Ward's commenter Jim Ziegler, president of Ziegler Supersystems in Atlanta, wrote an opinion piece that basically says Tesla's going to prevail in every state against dealer lawsuits. He says Tesla's basically busy defending what are nuisance suits. This leads to the question of whether there will be some sort of sweeping federal action in Tesla's favor.
Privacy

Apple's "Warrant Canary" Has Died 231

Posted by samzenpus
from the get-out-of-the-mine dept.
HughPickens.com writes When Apple published its first Transparency Report on government activity in late 2013, the document contained an important footnote that stated: "Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge such an order if served on us." Now Jeff John Roberts writes at Gigaom that Apple's warrant canary has disappeared. A review of the company's last two Transparency Reports, covering the second half of 2013 and the first six months of 2014, shows that the "canary" language is no longer there suggesting that Apple is now part of FISA or PRISM proceedings.

Warrant canaries are a tool used by companies and publishers to signify to their users that, so far, they have not been subject to a given type of law enforcement request such as a secret subpoena. If the canary disappears, then it is likely the situation has changed — and the company has been subject to such request. This may also give some insight into Apple's recent decision to rework its latest encryption in a way that makes it almost impossible for the company to turn over data from most iPhones or iPads to police.
Encryption

Next Android To Enable Local Encryption By Default Too, Says Google 126

Posted by timothy
from the keep-it-to-yourself-bub dept.
An anonymous reader writes The same day that Apple announced that iOS 8 will encrypt device data with a local code that is not shared with Apple, Google has pointed out that Android already offers the same feature as a user option and that the next version will enable it by default. The announcements by both major cell phone [operating system makers] underscores a new emphasis on privacy in the wake of recent government surveillance revelations in the U.S. At the same time, it leaves unresolved the tension between security and convenience when both companies' devices are configured to upload user content to iCloud and Google+ servers for backup and synchronization across devices, servers and content to which Apple and Google do have access.
Networking

Once Vehicles Are Connected To the Internet of Things, Who Guards Your Privacy? 130

Posted by timothy
from the I-hope-it's-rob-ford dept.
Lucas123 (935744) writes Carmakers already remotely collect data from their vehicles, unbeknownst to most drivers, but once connected via in-car routers or mobile devices to the Internet, and to roadway infrastructure and other vehicles around them, that information would be accessible by the government or other undesired entities. Location data, which is routinely collected by GPS providers and makers of telematics systems, is among the most sensitive pieces of information that can be collected, according to Nate Cardozo, an attorney with the Electronic Frontier Foundation. "Not having knowledge that a third party is collecting that data on us and with whom they are sharing that data with is extremely troubling," Cardozo said. in-vehicle diagnostics data could also be used by government agencies to track driver behavior. Nightmare scenarios could include traffic violations being issued without law enforcement officers on the scene or federal agencies having the ability to track your every move in a car. That there could be useful data in all that personally identifiable bits made me think of Peter Wayner's "Translucent Databases."

"Let every man teach his son, teach his daughter, that labor is honorable." -- Robert G. Ingersoll

Working...