Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Security

Anthem Blocking Federal Auditor From Doing Vulnerability Scans 69

Posted by samzenpus
from the suspicious-behavior dept.
chicksdaddy writes Anthem Inc., the Indiana-based health insurer has informed a federal auditor, the Office of Personnel Management, that it will not permit vulnerability scans of its network — even after acknowledging that it was the victim of a massive breach that leaked data on tens of millions of patients. According to this article, Anthem is citing "company policy" that prohibits third party access to its network in declining to let auditors from OPM's Office of the Inspector General (OIG) conduct scans for vulnerable systems. OPM's OIG performs a variety of audits on health insurers that provide health plans to federal employees under the Federal Employee Health Benefits Program, or FEHBP. Insurers aren't mandated to comply — though most do. This isn't Anthem's first time saying "no thanks" to the offer of a network vulnerability scan. The company also declined to let OIG scan its network in 2013. A partial audit report issued at the time warned that the company, then known as WellPoint, "provided us with conflicting statements" on issues related to information security, including Wellpoint's practices regarding regular configuration audits and its plans to shift to IBM's Tivoli Endpoint Manager (TEM) platform.
United States

Ask Slashdot: Should I Let My Kids Become American Citizens? 402

Posted by timothy
from the can-is-open-worms-are-everywhere dept.
An anonymous reader writes "Can you help me decide whether to allow my small daughter and son to become American citizens? I am American and my partner is Swedish. We have both lived in Belgium for many years and have no plans to leave. I became a Belgian citizen some years ago and kept my American citizenship. My partner has both her original Swedish and now Belgian citizenship. We are not married. Instead we have a registered partnership, which is common in northern Europe, confers most of the benefits of marriage, and raises no eyebrows. However, the American government does not recognize such partnerships, so in their eyes I am still single. Generally, children of American citizens abroad automatically become American citizens themselves at birth. But our kids fall under an exception. Male American citizens who live abroad and have children out of wedlock with a non-citizen mother do not automatically transmit citizenship to their children unless they sign an "affidavit of support" promising to support their children until the age of 18. If you don't sign before the child reaches 18, the child is not considered an American citizen. This has been upheld by two Supreme Court rulings (Nguyen v. INS and Flores-Villar v. United States). For legal beagles, the relevant statutes are 8 U.S.C. 1401 and 1409. (Read on below for the rest.)
United States

US Marshals Service Refuses To Release Already-Published Stingray Info 86

Posted by timothy
from the don't-look-behind-the-curtain dept.
v3rgEz (125380) writes The U.S. Marshals Service is known to be one of the most avid users of StingRays, and documents confirm that the agency has spent more than $9 million on equipment and training since 2009. But while it appears the USMS is not under any nondisclosure agreement with the device manufacturer, the agency has withheld a wide range of basic information under an exemption meant to protect law enforcement techniques — despite the fact that that same information is available via a federal accounting website.
Businesses

French Nuclear Industry In Turmoil As Manufacturer Buckles 352

Posted by samzenpus
from the bad-times dept.
mdsolar writes with bad news for France and its nuclear industry. "France's nuclear industry is in turmoil after the country's main reactor manufacturer, Areva, reported a loss for 2014 of 4.8 billion euros ($5.3 billion) — more than its entire market value. The government of France, the world's most nuclear dependent country, has a 29% stake in Areva, which is among the biggest global nuclear technology companies. The loss puts its future — and that of France as a leader in nuclear technology — at risk. Energy and Environment Minister Segolene Royal said Wednesday she asked Areva and utility giant Electricite de France to work together on finding solutions, amid reports of a possible merger or other link-up. The government said in a statement that it's working closely with Areva to restructure and secure financing, and would 'take its responsibility as a shareholder' in future decisions about its direction. Areva reported Wednesday 1 billion euros in losses on three major nuclear projects in Finland and France, among other hits. Areva has lost money for years, in part linked to delays on those projects and to a global pullback from nuclear energy since the 2011 Fukushima accident."
Crime

FTC Targets Group That Made Billions of Robocalls 91

Posted by samzenpus
from the don't-call-me-bro dept.
coondoggie writes Given the amount of time the FTC and others have put into curing the robocall problem, it is disheartening to hear that a group of companies for almost a year have been making billions of illegal robocalls. The Federal Trade Commission and 10 state attorneys general today said they have settled charges against a Florida-based cruise line company and seven other companies that averaged 12 million to 15 million illegal sales calls a day between October 2011 through July 2012, according to the joint complaint filed by the FTC and the states.
Transportation

Would You Need a License To Drive a Self-Driving Car? 342

Posted by samzenpus
from the easy-driver dept.
agent elevator writes Not as strange a question as it seems, writes Mark Harris at IEEE Spectrum : "Self-driving cars promise a future where you can watch television, sip cocktails, or snooze all the way home. But what happens when something goes wrong? Today's drivers have not been taught how to cope with runaway acceleration, unexpected braking, or a car that wants to steer into a wall." The California DMV is considering something that would be similar to requirements for robocar test-driver training." Hallie Siegel points out this article arguing that we need to be careful about how many rules we make for self-driving cars before they become common. Governments and lawmakers across the world are debating how to best regulate autonomous cars, both for testing, and for operation. Robocar expert Brad Templeton argues that that there is a danger that regulations might be drafted long before the shape of the first commercial deployments of the technology take place.
Government

White House Threatens Veto Over EPA "Secret Science" Bills 440

Posted by samzenpus
from the no-sir-I-don't-like-it dept.
sciencehabit writes The U.S. House of Representatives could vote as early as this week to approve two controversial, Republican-backed bills that would change how the U.S. Environmental Protection Agency (EPA) uses science and scientific advice to inform its policies. Many Democrats, scientific organizations, and environmental groups are pushing back, calling the bills thinly veiled attempts to weaken future regulations and favor industry. White House advisers announced that they will recommend that President Barack Obama veto the bills if they reach his desk in their current form.
Robotics

Drones Underwater, Drones on Wheels (Video) 18

Posted by Roblimo
from the drones-above-and-drones-below dept.
Rocky Mountain Unmanned Systems seems to be primarily in the business of selling aerial 'copter drones ranging in price from sub-$100 up into $1000s. But there they were at the 2015 CES (Consumer Electronics Show), showing off a submarine drone and a wheeled drone. These products don't seem to be on the company's website or even on their Facebook page quite yet. Jon McBride, the person manning their CES booth, told Timothy these products would be around soon, as in February. But it looks like a bit of extra patience is in order, although you can contact Jon through the company's Facebook page (his suggestion) if you have an urgent need for an underwater or wheeled drone for your business or government agency -- or even just for fun.
Government

New Zealand Spied On Nearly Two Dozen Pacific Countries 125

Posted by samzenpus
from the keep-your-eyes-on-your-own-paper dept.
An anonymous reader writes New documents from Edward Snowden indicate New Zealand undertook "full take" interception of communications from Pacific nations and forwarded the data to the NSA. The data, collected by New Zealand's Government Communications Security Bureau, was then fed into the NSA's XKeyscore search engine to allow analysts to trawl for intelligence. The New Zealand link helped flesh out the NSA's ambitions to intercept communications globally.
Transportation

US Air Traffic Control System Is Riddled With Vulnerabilities 59

Posted by Soulskill
from the things-you-shouldn't-read-before-your-flight-today dept.
An anonymous reader writes: A recently released report (PDF) by the U.S. Government Accountability Office has revealed that despite some improvements, the Federal Aviation Administration (FAA) still needs to quash significant security control weaknesses that threaten the agency's ability to ensure the safe and uninterrupted operation of the national airspace system (NAS). The report found that while the "FAA established policies and procedures for controlling access to NAS systems and for configuring its systems securely, and it implemented firewalls and other boundary protection controls to protect the operational NAS environment [...] a significant number of weaknesses remain in the technical controls—including access controls, change controls, and patch management—that protect the confidentiality, integrity, and availability of its air traffic control systems."
Privacy

Schneier: Either Everyone Is Cyber-secure Or No One Is 128

Posted by Soulskill
from the nobody's-safe-except-the-amish dept.
Presto Vivace sends a new essay from Bruce Schneier called "The Democratization of Cyberattack." Quoting: When I was working with the Guardian on the Snowden documents, the one top-secret program the NSA desperately did not want us to expose was QUANTUM. This is the NSA's program for what is called packet injection--basically, a technology that allows the agency to hack into computers.Turns out, though, that the NSA was not alone in its use of this technology. The Chinese government uses packet injection to attack computers. The cyberweapons manufacturer Hacking Team sells packet injection technology to any government willing to pay for it. Criminals use it. And there are hacker tools that give the capability to individuals as well. ... We can't choose a world where the U.S. gets to spy but China doesn't, or even a world where governments get to spy and criminals don't. We need to choose, as a matter of policy, communications systems that are secure for all users, or ones that are vulnerable to all attackers. It's security or surveillance.
Patents

Has the Supreme Court Made Patent Reform Legislation Unnecessary? 97

Posted by Soulskill
from the reply-hazy-try-again dept.
An anonymous reader writes: As Congress gears up again to seriously consider patent litigation abuse—starting with the introduction of H.R. 9 (the "Innovation Act") last month—opponents of reform are arguing that recent Supreme Court cases have addressed concerns. Give the decisions time to work their way through the system, they assert. A recent hearing on the subject before a U.S. House Judiciary Committee (HJC) Subcommittee shined some light on the matter. And, as HJC Chairman Bob Goodlatte, a long-time leader in Internet and intellectual property issues, put it succinctly in his opening remarks: "We've heard this before, and though I believe that the Court has taken several positive steps in the right direction, their decisions can't take the place of a clear, updated and modernized statute. In fact, many of the provisions in the Innovation Act do not necessarily lend themselves to being solved by case law, but by actual law—Congressional legislation."
Encryption

FREAK Attack Threatens SSL Clients 71

Posted by Soulskill
from the another-day-another-vuln dept.
msm1267 writes: For the nth time in the last couple of years, security experts are warning about a new Internet-scale vulnerability, this time in some popular SSL clients. The flaw allows an attacker to force clients to downgrade to weakened ciphers and break their supposedly encrypted communications through a man-in-the-middle attack. Researchers recently discovered that some SSL clients, including OpenSSL, will accept weak RSA keys–known as export-grade keys–without asking for those keys. Export-grade refers to 512-bit RSA keys, the key strength that was approved by the United States government for export overseas. This was an artifact from decades ago and it was thought that most servers and clients had long ago abandoned such weak ciphers. The vulnerability affects a variety of clients, most notably Apple's Safari browser.
United States

Snowden Reportedly In Talks To Return To US To Face Trial 651

Posted by Soulskill
from the bold-strategy dept.
HughPickens.com writes: The Globe and Mail reports that Edward Snowden's Russian lawyer, Anatoly Kucherena, says the fugitive former U.S. spy agency contractor is working with American and German lawyers to return home. "I won't keep it secret that he wants to return back home. And we are doing everything possible now to solve this issue. There is a group of U.S. lawyers, there is also a group of German lawyers and I'm dealing with it on the Russian side." Kucherena added that Snowden is ready to return to the States, but on the condition that he is given a guarantee of a legal and impartial trial. The lawyer said Snowden had so far only received a guarantee from the U.S. Attorney General that he will not face the death penalty. Kucherena says Snowden is able to travel outside Russia since he has a three-year Russian residency permit, but "I suspect that as soon as he leaves Russia, he will be taken to the U.S. embassy."
Privacy

Supreme Court Gives Tacit Approval To Warrantless DNA Collection 133

Posted by timothy
from the welcome-to-gattica dept.
An anonymous reader writes On Monday, the U.S. Supreme Court refused to review a case involving the conviction of a man based solely on the analysis of his "inadvertently shed" DNA. The Electronic Frontier Foundation (EFF) argues that this tacit approval of the government's practice of collecting anyone's DNA anywhere without a warrant will lead to a future in which people's DNA are "entered into and checked against DNA databases and used to conduct pervasive surveillance."
Censorship

Inside the North Korean Data Smuggling Movement 62

Posted by timothy
from the western-imperialists-violating-the-kim-family's-rights dept.
Sparrowvsrevolution writes A new Wired magazine story goes inside the North Korean rebel movement seeking to overthrow Kim Jong-un by smuggling USB drives into the country packed with foreign television and movies. As the story describes, one group has stashed USB drives in Chinese cargo trucks. Another has passed them over from tourist boats that meet with fishermen mid-river. Others arrange USB handoffs at the Chinese border in the middle of the night with walkie talkies, laser pointers, and bountiful bribes. Even Kim assassination comedy The Interview, which the North Korean government allegedly hacked Sony to prevent from being released, has made it into the country: Chinese traders' trucks carried 20 copies of the film across the border the day after Christmas, just two days after its online release.
Government

Hillary Clinton Used Personal Email At State Dept., Possibly Breaking Rules 535

Posted by Soulskill
from the may-have-also-used-personal-lungs-to-breathe dept.
HughPickens.com writes: The NY Times reports that Hillary Rodham Clinton exclusively used a personal email account to conduct government business as secretary of state, according to State Department officials. She may have violated federal requirements that officials' correspondence be retained as part of the agency's record. Clinton did not have a government email address during her four-year tenure at the State Department. Her aides took no actions to have her personal emails preserved on department servers at the time, as required by the Federal Records Act. "It is very difficult to conceive of a scenario — short of nuclear winter — where an agency would be justified in allowing its cabinet-level head officer to solely use a private email communications channel for the conduct of government business," said attorney Jason R. Baron. A spokesman for Clinton defended her use of the personal email account and said she has been complying with the "letter and spirit of the rules."
Government

Feds Admit Stingray Can Disrupt Bystanders' Communications 194

Posted by samzenpus
from the you're-breaking-up dept.
linuxwrangler writes The government has fought hard to keep details about use and effects of the controversial Stingray device secret. But this Wired article points to recently released documents in which the government admits that the device can cause collateral damage to other network users. The controversy has heated to the point that Florida senator Bill Nelson has made statements that such devices will inevitably force lawmakers to come up with new ways to protect privacy — a comment that is remarkable considering that the Stingray is produced by Harris Corporation which is headquartered in Nelson's home state.
Government

Interactive Edition of the Nuclear Notebook 52

Posted by samzenpus
from the where's-the-boom dept.
Lasrick writes The Bulletin of the Atomic Scientists has just launched a very cool interactive graphic to go with their famed Nuclear Notebook, the feature that tracks the world's nuclear arsenals. Now you can see at a glance who has nuclear weapons, when they got them, and how those numbers compare to each other. A short introductory video gives some background on the success of the Notebook, which has been tracking nukes since 1987.
Canada

Secret Memo Slams Canadian Police On Inaccurate ISP Request Records 18

Posted by samzenpus
from the tip-of-the-iceberg dept.
An anonymous reader writes Last fall, Daniel Therrien, the government's newly appointed Privacy Commissioner of Canada, released the annual report on the Privacy Act, the legislation that governs how government collects, uses, and discloses personal information. The lead story from the report was the result of an audit of the Royal Canadian Mounted Police practices regarding warrantless requests for telecom subscriber information. Michael Geist now reports that a secret internal memo reveals the situation was far worse, with auditors finding the records from Canada's lead law enforcement agency were unusable since they were "inaccurate and incomplete."