Forgot your password?
typodupeerror

Slashdot is powered by your submissions, so send in your scoop

Encryption

Most Tor Keys May Be Vulnerable To NSA Cracking 236

Posted by timothy
from the aren't-you-glad-to-be-so-fully-protected? dept.
Ars Technica reports that security researcher Rob Graham of Errata Security, after analyzing nearly 23,000 Tor connections through an exit node that Graham controls, believes that the encryption used by a majority of Tor users could be vulnerable to NSA decryption: "About 76 percent of the 22,920 connections he polled used some form of 1024-bit Diffie-Hellman key," rather than stronger elliptic curve encryption. More from the article: "'Everyone seems to agree that if anything, the NSA can break 1024 RSA/DH keys,' Graham wrote in a blog post published Friday. 'Assuming no "breakthroughs," the NSA can spend $1 billion on custom chips that can break such a key in a few hours. We know the NSA builds custom chips, they've got fairly public deals with IBM foundries to build chips.' He went on to cite official Tor statistics to observe that only 10 percent of Tor servers are using version 2.4 of the software. That's the only Tor release that implements elliptical curve Diffie-Hellman crypto, which cryptographers believe is much harder to break. The remaining versions use keys that are presumed to be weaker."
The Almighty Buck

Court Bars Apple From Making Industry-Wide E-book Deals 130

Posted by Soulskill
from the play-nice-with-others-or-else dept.
itwbennett writes "The federal judge presiding over the U.S. electronic books case against Apple has barred the company from striking deals that would ensure that it could undercut prices of other retailers in the e-book market and also prohibited Apple from letting any one publisher know what deals the company is striking up with other publishers. For its part, Apple said it plans to appeal the ruling (PDF), denying that it conspired to fix ebook pricing. Meanwhile, Amazon is alerting customers of their potential payout, which could be as much as $3.82 for every eligible Kindle book."
Privacy

Epic: A Privacy-Focused Web Browser 223

Posted by Soulskill
from the i-know-what-you-googled-last-summer dept.
Rob @CmdrTaco Malda writes "I've been advising Epic Browser, a startup building a privacy-focused, Chrome-based browser that starts where incognito mode ends. Epic employs a host of tactics designed to make what happens inside your browser stay there, to the tune of a thousand blocks in a typical hour of browsing. They also provide a built-in proxy service. If the corporations and governments are going to watch us, there's no reason to make it any easier for them. Epic has Mac and Windows builds for now. Their site goes into far greater detail about how they block tracking methods most browsers don't."
Privacy

Schneier: The US Government Has Betrayed the Internet, We Need To Take It Back 397

Posted by samzenpus
from the power-to-the-online-people dept.
wabrandsma writes "Quoting Bruce Schneier in the Guardian: 'The NSA has undermined a fundamental social contract. We engineers built the internet – and now we have to fix it. Government and industry have betrayed the internet, and us. This is not the internet the world needs, or the internet its creators envisioned. We need to take it back. And by we, I mean the engineering community. Yes, this is primarily a political problem, a policy matter that requires political intervention. But this is also an engineering problem, and there are several things engineers can – and should – do."
United States

FBI Cyber Division Adds Syrian Electronic Army To Wanted List 74

Posted by samzenpus
from the checking-it-twice dept.
coolnumbr12 writes "The U.S. government has had enough of the Syrian Electronic Army's hacks of Western media and government outlets. A week after the SEA shut down the New York Times, the FBI Cyber Division unit has officially added the pro-Assad hacker collective to its wanted list. The FBI issued an advisory that included information about the SEA, its capabilities, and some of its more heinous attacks. The advisory also warns networks to be on the lookout for attacks, and that anyone found to be aiding the SEA will be seen as terrorists actively aiding attacks against the U.S. websites."
Security

Government To Release Hundreds of Documents On NSA Spying 123

Posted by samzenpus
from the in-today's-spying-news dept.
Trailrunner7 writes "In response to a lawsuit by the Electronic Frontier Foundation, the Department of Justice is preparing to release a trove of documents related to the government's secret interpretation of Section 215 of the PATRIOT Act. The declassified documents will include previously secret opinions of the Foreign Intelligence Surveillance Court. The decision by the Justice Department to release the documents is the second legal victory in recent weeks for the EFF related to the National Security Agency's intelligence collection programs. In August, the group won the release of a 2011 FISC opinion that revealed that the court ruled that some of the NSA's collection programs were illegal and unconstitutional. The newest decision will result in the release of hundreds of pages of documents related to the way the government has been interpreting Section 215, which is the measure upon which some of the NSA's surveillance programs are based. In a status report released Wednesday regarding the EFF's suit against the Department of Justice, attorneys for the government said that they will release the documents by Sept. 10."
Encryption

NSA Foils Much Internet Encryption 607

Posted by timothy
from the do-your-taxes-buy-civilization? dept.
An anonymous reader writes "The New York Times is reporting that the NSA has 'has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show. ... The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.'" You may prefer Pro Publica's non-paywalled version, instead, or The Guardian's.
Communications

Ask Slashdot: Can Creating New Online Accounts Reduce Privacy Risks? 164

Posted by timothy
from the that-sounds-like-a-forlorn-hope dept.
rjnagle writes "I'm concerned about the implications of storing personal data on Gmail, Facebook, and other social media sites. I'm less worried about individual data than the accumulating mass of data which potentially be used against me (for targeted marketing, credit reporting and who knows what else?) One solution I'm considering is just to abandon individual accounts and start clean and new gmail/facebook accounts. So while Google/Doubleclick might possess lots of data about me from 2001-2012, from this point on, they only have a clean slate. Would this kind of solution address my privacy concerns? (assuming I remove cookies, change IP address before doing so etc). Or are an individual's profile by now so unique that simply creating a new gmail or Facebook account would fail to prevent these data collection agencies from figuring out who I am? Insights and tips are appreciated."
Privacy

NRA Joins ACLU Lawsuit Against NSA 531

Posted by timothy
from the but-don't-worry-nics-remains-unimpeachable dept.
cold fjord writes with this excerpt from The Hill: "The National Rifle Association joined the American Civil Liberties Union's lawsuit on Wednesday to end the government's massive phone record collection program. In a brief filed in federal court, the NRA argues that the National Security Agency's database of phone records amounts to a 'national gun registry.' 'It would be absurd to think that the Congress would adopt and maintain a web of statutes intended to protect against the creation of a national gun registry, while simultaneously authorizing the FBI and the NSA to gather records that could effectively create just such a registry,' the group writes. ... In its filing, the gun-rights group claims that the NSA's database would allow the government to identify and track gun owners based on whether they've called gun stores, shooting ranges or the NRA. 'Under the government's reading of Section 215, the government could simply demand the periodic submission of all firearms dealers' transaction records, then centralize them in a database indexed by the buyers' names for later searching,' the NRA writes."
Security

Stuxnet Expert Dismisses NIST Cyber Security Framework, Proposes Alternative 32

Posted by timothy
from the he-did-it-his-way dept.
An anonymous reader writes "Ralph Langner, the security expert who deciphered how Stuxnet targeted the Siemens PLCs in Iran's Natanz nuclear facility, has come up with a cybersecurity framework for industrial control systems (ICS) that he says is a better fit than the U.S. government's Cyber Security Framework. Langner's Robust ICS Planning and Evaluation, or RIPE, framework takes a different approach to locking down ICS/SCADA plants than the NIST-led one, focusing on security capabilities rather than risk. He hopes it will help influence the final version of the U.S. government's framework."
Privacy

Security Company Attributes Tor Traffic Surge To Botnet 55

Posted by timothy
from the complexity-of-evil dept.
hypnosec writes "A cyber defense and IT security company has claimed that the reason behind recent surge in number of clients connecting to Tor is in fact a relatively unknown botnet and not NSA or genuine adoption of Tor. In late August there was a huge increase in Tor network traffic and number of clients connecting to the Tor network. As of this writing number of connections has quadrupled with over 2,500,000 clients connecting to the network. According to Fox-it, the surge in traffic is because of a botnet dubbed 'Mevade.A,' which is known to have Tor connectivity features. The company noted that the botnet may have links to a previously detected botnet dubbed 'Sefnit,' which also featured Tor connectivity. Fox-it claimed that they have found "references that the malware is internally known as SBC to its operators.""
Government

GameFly Scores In Longstanding DVD Mailing Complaint 147

Posted by timothy
from the everything-competes-with-everything-else dept.
An anonymous reader writes "GamePolitics reports that the Postal Regulatory Commission has ordered [PDF] the U.S. Postal Service to equalize the rates paid by mailers who send round trip DVDs, and concluding (sort of) a dispute that has been underway for more than four years. The new postage rates take effect on September 30th. Some mailers, prominantly Netflix, send their round-trip movie DVDs as 'letters,' but GameFly's gaming disks are sent in slightly bigger envelopes as 'flats' to avoid breakage, and so GameFly has paid a much higher postage rate. GameFly argued that this was unfair discriminatory treatment because USPS was providing special hand-sorting treatment for Netflix disks without charging Netflix for the extra handling. But now there's a new twist: the Postal Service wants to reclassify DVD mailing [PDF] as a competitive product, where the prices would not be limited by the rate of inflation, because it says that mailed DVDs compete with the internet, streaming services, and kiosks such as Redbox. The regulatory agency is accepting responses [PDF] from interested persons until September 11th to the Postal Service's latest comments on its request [PDF]."
Censorship

On Eve Of Election, Australia's Conservatives Announce Mandated Filtering Policy 87

Posted by timothy
from the oh-by-the-way dept.
Dan B. writes "After Australia's Conservative party (LNP) quietly posted a policy [PDF] to impose mandatory internet filtering just one day prior to the country's election, local premiere internet forum Whirlpool has gone in to overdrive with the fastest 50 page thread ever. At 8:30pm, both sides of politics were busy running media releases, with the Conservatives hastily back-pedalling on the policy, and the Government attacking it, accusing them of hypocrisy after voting down their own proposed filter 3 years prior, stating there was no proof filtering works."
The Courts

Jury Finds Google Guilty of Standards-Essential Patents Abuse Against MS 278

Posted by timothy
from the within-a-framework-of-law dept.
recoiledsnake writes "A federal jury in Seattle ordered Google to pay Microsoft $14.5 million in damages for breach of contract for failing to license at reasonable terms standard essential patents covering wireless and video technology used in the Xbox game console. Motorola had demanded Microsoft pay annual royalties of up to $4 billion for use of patents that are part of the H.264 video and 802.11 wireless standards, which are baked into Windows and the Xbox video game console. Microsoft said it was willing to pay royalties but not at the 2.25 percent of the product price that Motorola sought. We previously covered Motorola's exorbitant demands."
The Almighty Buck

PayPal Freezes MailPile's Account 443

Posted by timothy
from the saving-them-from-the-root-of-all-evil dept.
rysiek writes "Remember MailPile, the privacy-focused, community-funded FOSS webmail project with built-in GPG support? The good news is, the funding campaign is a success, with $135k raised (the goal was $100k). The bad news is: PayPal froze MailPile's account, along with $45k that was on it, and will not un-freeze it until MailPile team provides 'an itemized budget and your development goal dates for your project.' One of the team members also noted: 'Communications with PayPal have implied that they would use any excuse available to them to delay delivering as much of our cash as possible for as long as possible.' PayPal doesn't have a great track record as far as fund freezing is concerned — maybe it's high time to stop using PayPal?"
Privacy

What Marketers Think They Know About You and What They Really Do 277

Posted by samzenpus
from the I-don't-even-know-you-anymore dept.
mattydread23 writes "Data broker Acxiom did something a little unusual this week. It launched a service that lets you see the data they've collected on you. CITEworld writer Ron Miller checked it out, and found it to be mostly laughably inaccurate. Among the things they got wrong included his religion, his interests, and the number of kids he has. But worst? It pegged him as a Windows user."
The Courts

Court Orders Retrial In Google Maps-Related Murder Case 152

Posted by samzenpus
from the lets-try-this-again dept.
netbuzz writes "Ruling that a judge erred in blocking two computer security experts from testifying that an incriminating Google Maps search record found on the defendant's laptop was planted there, a North Carolina appeals court has ordered a new trial for ex-Cisco employee Bradley Cooper, convicted two years ago in the 2008 strangulation death of his wife Nancy. 'The sole physical evidence linking Defendant to Ms. Cooper's murder was the alleged Google Map search, conducted on Defendant's laptop, of the exact area where Ms. Cooper's body was discovered,' wrote the appeals court. 'We hold ... that erroneously preventing Defendant from presenting expert testimony, challenging arguably the strongest piece of the State's evidence, constituted reversible error and requires a new trial.'"
United Kingdom

FOI Request Reveals UK Houses of Parliament Workers' Passion For Adult Content 61

Posted by Soulskill
from the sounds-about-right dept.
Anita Hunt (lissnup) writes "Hot on the heels of Dave Cameron's demands to make such content universally 'opt-in,' the Independent reports 'Westminster computers were prevented from accessing sex sites 114,844 times last November alone and on 55,552 in April, while February saw just 15 and in June officials blocked 397 attempts.' No explanation has been offered for the variation, although it would be interesting to know if the fall in the number of recorded/reported attempts coincides with the date the FOI request was filed."
The Almighty Buck

Martin Luther King Jr's Children In Court Over MLK IP 344

Posted by Soulskill
from the i-have-a-sad-depressing-dream dept.
cervesaebraciator writes "Slashdot has reported before about the copyright nightmare of Dr. Martin Luther King Jr.'s 'I Have a Dream' Speech. Now, questions of intellectual property and the legacy of Dr. King have caused his children to go to court. The estate, run by King's sons, claims the rights to the intellectual property and memorabilia of Dr. King as assets. Accordingly, it has filed suit against the non-profit Martin Luther King Jr. Center for Nonviolent Change, run by King's daughter, for plans to continue using King memorabilia once a royalty-free licensing agreement expires, (which the estate says will be in September). As is the case with increasing frequency, one is left to wonder about the implications intellectual property claims have for free speech when they can be applied to so public a figure as Dr. King."

"Irrationality is the square root of all evil" -- Douglas Hofstadter

Working...