MrMetlHed writes "A portion of this Reuters article about the Pentagon's inability to manage paying soldiers properly mentions that their payroll program has 'seven million lines of Cobol code that hasn't been updated.' It goes on to mention that the documentation has been lost, and no one really knows how to update it well. In trying to replace the program, the Pentagon spent a billion dollars and wasn't successful."
Catch up on stories from the past week (and beyond) at the Slashdot story archive
Swedish Pirate Party founder Rick Falkvinge reports that a fansite providing subtitles for movies has been raided by Swedish police at the behest of the copyright industry. "The movie subtitle fansite undertexter.se, literally meaning subtitles.se, is a site where people contribute their own translations of movies. This lets people who aren't good at the original language of a movie or cartoon put those fan-made subtitles – fansubs – on top of the movie or cartoon. Fansubbing is a thriving culture which usually provides better-than-professional subtitles for new episodes with less than 24 hours of turnaround (whereas the providers of the original cartoon or movie can easily take six months or more). What’s remarkable about this raid is that the copyright industry has decided to do a full-out raid against something that is entirely fan-made. It underscores the general sentiment of the copyright monopoly not protecting the creator of artwork, but protecting the big distribution monopolies, no matter who actually created the art."
An anonymous reader writes "The French Parliament just wrote into law the first instance of Free Software priority in a public service, by adopting the Bill on Higher Education and Research. [Advocacy association April], after extensively contributing to the debate, especially welcomes this vote and congratulates Deputies and Senators for recognizing the importance of Free Software in the Public Service for Higher Education, since it alone can ensure equal access to the future public service. April hopes that this first step will be followed by other legislation in favor of Free Software. It also thanks all the persons who mobilized and contacted the Parliament Members."
MarkWhittington writes "Two House Democrats, Reps. Donna Edwards (D-Md.) and Eddie Bernice Johnson (D-Texas), have proposed a bill called Apollo Lunar Landing Legacy Act, H.R. 2617 (PDF), that would establish the Apollo Lunar Landing Sites National Historical Park at all the Apollo lunar landing sites, according to a story in The Hill. 'The park would be comprised of all artifacts left on the surface of the moon from the Apollo 11 through 17 missions. The bill says these sites need to be protected because of the anticipated increase in commercial moon landings in the future.'"
New submitter Nicolas Jondet writes "French courts will not be able to disconnect convicted file-sharers from the Internet anymore. On Tuesday, the French Culture minister issued a decree modifying the graduated response scheme and removing the disconnection penalty. 'The report says that instead of simply disconnecting users, those suspected of copyright could be fined if they did not reply to warnings, with a relatively low fine (€60) to begin, and the size of the fine would increase depending on the number of infractions. French anti-piracy will now their focus – instead of handing heavy punishments to individual users, the government is looking towards penalizing "commercial piracy" and "sites that profit from pirated material," according to an official spokesperson.'"
GrueMaster writes "Did Florida ban computers and smartphones? They tried banning Internet Cafes, but the wording in the law is overly broad. '... it's the wording that's problematic, as it defines a slot machine as "any machine or device or system or network of devices" that can be used in games of chance. Turns out the Internet is full of gambling sites, which is where the definition runs into some problems. Consuelo Zapata, owner of the Miami-Dade county Internet cafe Incredible Investments, LLC, is suing the state (PDF) to overturn the ban, saying that definition is too broad and could be applied to any number of electronic devices. "
An anonymous reader writes "After every major war, technology developed for a conflict gets applied to civilian life. The BBC recently reported that Army researchers have adapted advanced social network analysis software used for counter-insurgencies in Iraq and Afghanistan to help law enforcement analyze the behavior of street gangs. With the growing problem of gang violence in major U.S. cities, this may provide a fresh perspective. 'Orca can figure out the likely affiliations of individuals who will not admit to being members of any specific gang, as well as the sub-structure of gangs – the gang ecosystem – and the identities of those who tend to dictate the behaviour of others. ... Having some knowledge of the links and affiliations between different gangs can highlight dangers that call for more focused policing. If a gang perpetrates some violent action on a rival gang, police will often monitor the rival gang more closely because of the likelihood of retaliation. But gangs know this, and so the rivals might instead ask an allied gang to carry out a reprisal. Understanding such alliances helps the police stay a step ahead.' The question is: will it work?"
snydeq writes "InfoWorld's Roger Grimes interviews a longtime friend and cyber warrior under contract with the U.S. government, offering a fascinating glimpse of the front lines in the ever-escalating and completely clandestine cyber war. From the interview: 'They didn't seem to care that I had hacked our own government years ago or that I smoked pot. I wasn't sure I was going to take the job, but then they showed me the work environment and introduced me to a few future co-workers. I was impressed. ... We have tens of thousands of ready-to-use bugs in single applications, single operating systems. ... It's all zero-days. Literally, if you can name the software or the controller, we have ways to exploit it. There is no software that isn't easily crackable. In the last few years, every publicly known and patched bug makes almost no impact on us. They aren't scratching the surface.'"
wiredmikey writes "Recently discovered security flaws in the Emergency Alerting System (EAS) which is widely used by TV and radio stations across the United States, has made the systems vulnerable to remote attack. The vulnerability stems from an SSH key that is hard-coded into DASDEC-I and DASDEC-II devices made by Monroe Electronics. Unless the default settings were altered during deployment, impacted systems are using a known key that could enable an attacker with full access if the systems are publicly faced or if they've already compromised the network. By exploiting the vulnerability, an attacker could disrupt a station's ability to transmit and/or could send out false emergency information. 'Earlier this year we were shown an example of an intrusion on the EAS when the Montana Television Network's regular programming was interrupted by news of a zombie apocalypse. Although there was no zombie apocalypse, it did highlight just how vulnerable the system is,' said Mike Davis, a principal research scientist at IOActive. The DHS issued an alert on the vulnerability, and IOActive, the firm that discovered the flaw, has published additional technical details (PDF) on the security issue."
FuzzNugget writes "After the Economic Development Administration (EDA) was alerted by the DHS to a possible malware infection, they took extraordinary measures. Fearing a targeted attack by a nation-state, they shut down their entire IT operations, isolating their network from the outside world, disabling their email services and leaving their regional offices high and dry, unable to access the centrally-stored databases. A security contractor ultimately declared the systems largely clean, finding only six computers infected with untargeted, garden-variety malware and easily repaired by reimaging. But that wasn't enough for the EDA: taking gross incompetence to a whole new level, they proceeded to physically destroy $170,500 worth of equipment (PDF), including uninfected systems, printers, cameras, keyboards and mice. After the destruction was halted — only because they ran out of money to continue smashing up perfectly good hardware — they had racked up a total of $2.3 million in service costs, temporary infrastructure acquisitions and equipment destruction."
NF6X writes "UCSD Lecturer Brett Stallbaum has released an Android app called Gun Geo Marker to allow people to 'Geolocate Dangerous Guns and Owners.' The app description states: 'The Gun Geo Marker operates very simply, letting parents and community members mark, or geolocate, sites associated with potentially unsafe guns and gun owners. These locations are typically the homes or businesses of suspected unsafe gun owners, but might also be public lands or other locations where guns are not handled safely, or situations where proper rights to own or use any particular type of firearm may not exist.' I question how the motivation behind developing this app differs from, say, developing an app to allow others to publicly geotag homes of people believed to belong to a particular religion or political party."
The EFF has been attempting to sue the government over illegal surveillance since the Bush administration, and, despite repeated attempts to have the case dismissed because of State Secrets, a federal judge has now ruled that the case must go forward in public court, throwing out the government's State Secrets argument. From the order: Having thoroughly considered the parties' papers, Defendants' public and classified declarations, the relevant legal authority and the parties' arguments, the Court GRANTS the Jewel Plaintiffs' motion for partial summary adjudication by rejecting the state secrets defense as having been displaced by the statutory procedure prescribed in 50 U.S.C. 1806(f) of FISA. In both related cases, the Court GRANTS Defendants' motions to dismiss Plaintiffs' statutory claims on the basis of sovereign immunity. The Court further finds that the parties have not addressed the viability of the only potentially remaining claims, the Jewel Plaintiffs' constitutional claims under the Fourth and First Amendments and the claim for violation of separation of powers and the Shubert Plaintiffs' fourth cause of action for violation of the Fourth Amendment. Accordingly, the Court RESERVES ruling on Defendants' motion for summary judgment on the remaining, non-statutory claims." Although some statutory claims were dismissed, the core Constitutional questions will be litigated.
judgecorp writes "Privacy International is mounting a legal challenge against snooping by the UK government's intelligence agency GCHQ. But the case will be held in secret The group is challenging UK government access to Privacy, and the UK's own Tempora system, arguing that both allow 'indiscriminate' snooping because they operate in secrecy with a lack of legal oversight. All well and good — but the authorities have ruled that Privacy's challenge must be heard by the Investigatory Powers Tribunal, which hears cases in secret and is under no obligation to explain or justify its verdicts."
First time accepted submitter toshikodo writes "The BBC is reporting a claim that some sub-post office workers in the UK have been sent to jail because of a bug in the accounting software that they use. The Post Office admits Horizon computer defect. I've worked on safety critical system in the past, and I am well aware of the potential for software to ruin lives (thankfully AFAIK nobody has been harmed by my software), but how many of us consider the potential for bugs in ordinary software to adversely affect those that use it?"
First time accepted submitter Dr_Ish writes "The BBC is reporting that the opening ceremonies of last the Olympics last year were potentially subject to a cyber attack that could have cut all the lights and power. Of course, it did not happen. However, the interesting question is whether this is real, or whether this is a FUD story promoted by GCHQ to help shore up some credibility issues."
judgecorp writes "MIT's Immersion project sifts your Gmail, and constructs a map of your associations. Without opening a single message, it gives a clear view of who you connect with. It's a glimpse of some of what the NSA PRISM can do. From the article: 'You can assume that if the NSA is looking at your email, the information in Immersion is similar to what they will see. Consider that they probably see all of your email addresses (and not just Gmail) and that the metadata is examined along with the metadata from everyone you’ve corresponded with, and you can see just how much can be inferred from this data alone.'"
USSJoin writes "Andrew Auernheimer (or Weev, as he's often better known) is serving a 41-month sentence under the Computer Fraud and Abuse Act. The case is currently on appeal to the Third Circuit Court of Appeals; his lawyer filed the appellate brief last week. Now, a group of 13 security researchers, led by Meredith Patterson, and including include Peiter "Mudge" Zatko, Space Rogue, Jericho, Shane MacDougall, and Dan Kaminsky, are making their own thoughts heard by the court. They are submitting a brief to the Third Circuit Court of Appeals that argues that not only is Weev's conviction bad law, but if upheld, it will destroy independent security research, and perhaps the rest of consumer safety research as well."
andrewa writes "In an interview with Der Spiegel Snowden claims that the NSA, amongst other things, collaborated with Israel to write the Stuxnet virus. Not that this is news, as it has been suspected that it was a collaborative effort for some time. When asked about active major programs and how international partners help, Snowden says: 'The partners in the "Five Eyes" (behind which are hidden the secret services of the Americans, the British, the Australians, New Zealanders and Canadians -- ed.) sometimes go even further than the NSA people themselves. Take the Tempora program of the British intelligence GCHQ for instance. Tempora is the first "I save everything" approach ("Full take") in the intelligence world. It sucks in all data, no matter what it is, and which rights are violated by it. This buffered storage allows for subsequent monitoring; not a single bit escapes. Right now, the system is capable of saving three days’ worth of traffic, but that will be optimized. Three days may perhaps not sound like a lot, but it's not just about connection metadata. "Full take" means that the system saves everything. If you send a data packet and if makes its way through the UK, we will get it. If you download anything, and the server is in the UK, then we get it. And if the data about your sick daughter is processed through a London call center, then ... Oh, I think you have understood.'"
First time accepted submitter qwerdf writes "The Electronic Frontier Foundation's goal is 'defending your rights in the digital world', and its activities span the full gamut of freedom fighting: providing help with court cases; issuing white papers that explain current threats; running campaigns to spread awareness of various issues; and developing technologies that make our online activities safer from prying eyes. Here's a short history of how the EFF came together, what it has done so far, and how it's preparing for upcoming battles."