Earth

Most Americans Support Government Action On Climate Change 167

Posted by Soulskill
from the politics-of-science dept.
mdsolar points out this report in the NY Times: An overwhelming majority of the American public, including nearly half of Republicans, support government action to curb global warming, according to a poll conducted by The New York Times, Stanford University and the nonpartisan environmental research group Resources for the Future. In a finding that could have implications for the 2016 presidential campaign, the poll also found that two-thirds of Americans say they are more likely to vote for political candidates who campaign on fighting climate change. They are less likely to vote for candidates who question or deny the science of human-caused global warming.

Among Republicans, 48 percent said they are more likely to vote for a candidate who supports fighting climate change, a result that Jon A. Krosnick, a professor of political science at Stanford University and an author of the survey, called "the most powerful finding" in the poll. Many Republican candidates either question the science of climate change or do not publicly address the issue.
Verizon

Fixing Verizon's Supercookie 76

Posted by Soulskill
from the c-is-for-cookie,-cookie-is-for-whoever-verizon-says dept.
New submitter ferro lad sends a story about Verizon's so-called supercookie, a unique identifier they add to web traffic going across their network to help advertisers target their ads better. A new article at Slate demonstrates how Verizon could fix the identifier so that ad companies would have a harder time misusing it — something they've already been shown to do. "...with just a tiny amount of effort, Verizon could maintain its current business while substantially preventing the misuse of its UID headers." Of course, for privacy-conscious users, the ability to get rid of them altogether would be preferable. Fortunately, Verizon now says users will soon have the ability to opt out of the identifiers. Previously, users could opt out of having their data shared with advertisers, but the unique identifier itself remained with their web traffic. It's not a complete solution — the tracking should be opt-in to begin with — but it's a step in the right direction.
Math

Mathematicians Uncomfortable With Ties To NSA, But Not Pulling Back 98

Posted by Soulskill
from the goose-that-lays-the-golden-ovoid dept.
An anonymous reader writes: When we talk about how the NSA operates, it's typically about the policymakers and what the agency should or should not do. It's worth remembering that the NSA is built upon the backs of world-class mathematicians, whom they aggressively recruit to make all their underlying surveillance technology work. A new piece in Science discusses how the relationship between mathematicians and the NSA has changed following the Snowden leaks (PDF). But as Peter Woit points out, these ethical conundrums are not actually spurring any change. This is perhaps due to the NSA's generous funding of mathematics-related research.

The article talks about the American Mathematical Society, which until recently was led by David Vogan: "...after all was said and done, no action was taken. Vogan describes a meeting about the matter last year with an AMS governing committee as 'terrible,' revealing little interest among the rest of the society's leadership in making a public statement about NSA's ethics, let alone cutting ties. Ordinary AMS members, by and large, feel the same way, adds Vogan, who this week is handing over the presidency to Robert Bryant, a mathematician at Duke University in Durham, North Carolina. For now, U.S. mathematicians aren't willing to disown their shadowy but steadfast benefactor."
China

Tech Companies Worried Over China's New Rules For Selling To Banks 107

Posted by Soulskill
from the worried-all-the-way-to-the-bank dept.
An anonymous reader writes: China is putting into place a new set of regulations for how banks interact with technology, and it has many companies worried. While the rules might enhance security for the Chinese government, they devastate it for everyone else. For example, not only will China require that companies turn over source code for any software sold to banks, the companies building the software (and hardware) must also build back doors into their systems. The bad news for us is that most companies can't afford to simply refuse the rules and write China off. Tech industry spending is estimated to reach $465 billion in 2015, and it's projected for a huge amount of growth.
Government

Safety Review Finds Yucca Mountain Nuclear Waste Site Was Technically Sound 145

Posted by Soulskill
from the wasted-effort dept.
siddesu writes: The U.S. Department of Energy's 2008 proposal to build a nuclear waste repository at Yucca Mountain, Nevada, was technically sound, a report by the NRC says. However, the closed-down project is unlikely to revive, as its staff has moved on, and there are few funds available to restart it. "With the release of the final two volumes of a five-part technical analysis, the commission closed another chapter on the controversial repository nearly five years after President Barack Obama abandoned the project, and more than a quarter century after the site was selected. While the staff recommended against approving construction, the solid technical review could embolden Republicans who now control both houses of Congress and would like to see Yucca Mountain revived."
Intel

FSF-Endorsed Libreboot X200 Laptop Comes With Intel's AMT Removed 167

Posted by timothy
from the if-thine-eye-offends-thee dept.
gnujoshua (540710) writes "The Free Software Foundation has announced its endorsement of the Libreboot X200, a refurbished Lenovo ThinkPad X200 sold by Gluglug. The laptop ships with 100% free software and firmware, including the FSF's endorsed Trisquel GNU/Linux and Libreboot. One of the biggest challenges overcome in achieving FSF's Respects Your Freedom certification was the complete removal of Intel's ME and AMT firmware. The AMT is a controversial proprietary backdoor technology that allows remote access to a machine even when it is powered off. Quoting from the press release: "The ME and its extension, AMT, are serious security issues on modern Intel hardware and one of the main obstacles preventing most Intel based systems from being liberated by users. On most systems, it is extremely difficult to remove, and nearly impossible to replace. Libreboot X200 is the first system where it has actually been removed, permanently," said Gluglug Founder and CEO, Francis Rowe."
Privacy

'Anonymized' Credit Card Data Not So Anonymous, MIT Study Shows 93

Posted by timothy
from the why-I-order-from-the-women's-menu dept.
schwit1 writes Scientists showed they can identify you with more than 90 percent accuracy by looking at just four purchases, three if the price is included — and this is after companies "anonymized" the transaction records, saying they wiped away names and other personal details. The study out of MIT, published Thursday in the journal Science, examined three months of credit card records for 1.1 million people. "We are showing that the privacy we are told that we have isn't real," study co-author Alex "Sandy" Pentland of the Massachusetts Institute of Technology, said in an email.
Government

US Air Force Selects Boeing 747-8 To Replace Air Force One 281

Posted by timothy
from the the-privileged-few dept.
Tyketto writes Following up on a previous story about its replacement, the US Air Force has selected the Boeing 747-8 to replace the aging Presidential fleet of two VC-25s, which are converted B747-200s. With the only other suitable aircraft being the Airbus A380, the USAF cited Boeing's 50-year history of building presidential aircraft as their reason to skip competition and opt directly for the aircraft, which due to dwindling sales and prospects, may be the last 747s to be produced.
Government

FCC Officially Approves Change In the Definition of Broadband 408

Posted by timothy
from the seven-with-one-blow dept.
halfEvilTech writes As part of its 2015 Broadband Progress Report, the Federal Communications Commission has voted to change the definition of broadband by raising the minimum download speeds needed from 4Mbps to 25Mbps, and the minimum upload speed from 1Mbps to 3Mbps, which effectively triples the number of U.S. households without broadband access. Currently, 6.3 percent of U.S. households don't have access to broadband under the previous 4Mpbs/1Mbps threshold, while another 13.1 percent don't have access to broadband under the new 25Mbps downstream threshold.
Canada

Canada Upholds Net Neutrality Rules In Wireless TV Case 98

Posted by timothy
from the as-long-as-we-can-spy-on-you-too dept.
An anonymous reader writes Canada's telecom regulator has issued a major new decision with implications for net neutrality, ruling that Bell and Videotron violated the Telecommunications Act by granting their own wireless television services an undue preference by exempting them from data charges. Michael Geist examines the decision, noting that the Commission grounded the decision in net neutrality concerns, stating the Bell and Videotron services "may end up inhibiting the introduction and growth of other mobile TV services accessed over the Internet, which reduces innovation and consumer choice."
Crime

Why ATM Bombs May Be Coming Soon To the United States 361

Posted by samzenpus
from the almost-worth-the-troub;e dept.
HughPickens.com writes Nick Summers has an interesting article at Bloomberg about the epidemic of 90 ATM bombings that has hit Britain since 2013. ATM machines are vulnerable because the strongbox inside an ATM has two essential holes: a small slot in front that spits out bills to customers and a big door in back through which employees load reams of cash in large cassettes. "Criminals have learned to see this simple enclosure as a physics problem," writes Summers. "Gas is pumped in, and when it's detonated, the weakest part—the large hinged door—is forced open. After an ATM blast, thieves force their way into the bank itself, where the now gaping rear of the cash machine is either exposed in the lobby or inside a trivially secured room. Set off with skill, the shock wave leaves the money neatly stacked, sometimes with a whiff of the distinctive acetylene odor of garlic." The rise in gas attacks has created a market opportunity for the companies that construct ATM components. Several manufacturers now make various anti-gas-attack modules: Some absorb shock waves, some detect gas and render it harmless, and some emit sound, fog, or dye to discourage thieves in the act.

As far as anyone knows, there has never been a gas attack on an American ATM. The leading theory points to the country's primitive ATM cards. Along with Mongolia, Papua New Guinea, and not many other countries, the U.S. doesn't require its plastic to contain an encryption chip, so stealing cards remains an effective, nonviolent way to get at the cash in an ATM. Encryption chip requirements are coming to the U.S. later this year, though. And given the gas raid's many advantages, it may be only a matter of time until the back of an American ATM comes rocketing off.
Government

Drone Maker Enforces No-Fly Zone Over DC, Hijacking Malware Demonstrated 161

Posted by samzenpus
from the fly-that-anywhere dept.
An anonymous reader writes A recent incident at the White House showed that small aerial vehicles (drones) present a specific security problem. Rahul Sasi, a security engineer at Citrix R&D, created MalDrone, the first backdoor malware for the AR drone ARM Linux system to target Parrot AR Drones, but says it can be modified to target others as well. The malware can be silently installed on a drone, and be used to control the drone remotely and to conduct remote surveillance. Meanwhile, the Chinese company that created the drone that crashed on the White House grounds has announced a software update for its "Phantom" series that will prohibit flight within 25 kilometers of the capital.
Privacy

Snowden Documents: CSE Tracks Millions of Downloads Daily 103

Posted by samzenpus
from the keeping-an-eye-on-things dept.
Advocatus Diaboli writes Canada's electronic spy agency sifts through millions of videos and documents downloaded online every day by people around the world, as part of a sweeping bid to find extremist plots and suspects, CBC News has learned. Details of the Communications Security Establishment project dubbed 'Levitation' are revealed in a document obtained by U.S. whistleblower Edward Snowden and recently released to CBC News. Under Levitation, analysts with the electronic eavesdropping service can access information on about 10 to 15 million uploads and downloads of files from free websites each day, the document says.
Programming

Anonymous No More: Your Coding Style Can Give You Away 218

Posted by samzenpus
from the leaving-your-mark dept.
itwbennett writes Researchers from Drexel University, the University of Maryland, the University of Goettingen, and Princeton have developed a "code stylometry" that uses natural language processing and machine learning to determine the authors of source code based on coding style. To test how well their code stylometry works, the researchers gathered publicly available data from Google's Code Jam, an annual programming competition that attracts a wide range of programmers, from students to professionals to hobbyists. Looking at data from 250 coders over multiple years, averaging 630 lines of code per author their code stylometry achieved 95% accuracy in identifying the author of anonymous code (PDF). Using a dataset with fewer programmers (30) but more lines of code per person (1,900), the identification accuracy rate reached 97%.
Encryption

Justice Department: Default Encryption Has Created a 'Zone of Lawlessness' 422

Posted by Soulskill
from the what-would-you-call-this-zone-that's-allegedly-associated-with-danger? dept.
Jason Koebler writes: Leslie Caldwell, an assistant attorney general at the Justice Department, said Tuesday that the department is "very concerned" by the Google's and Apple's decision to automatically encrypt all data on Android and iOS devices.

"We understand the value of encryption and the importance of security," she said. "But we're very concerned they not lead to the creation of what I would call a 'zone of lawlessness,' where there's evidence that we could have lawful access through a court order that we're prohibited from getting because of a company's technological choices.