Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Facebook

Facebook Knows Your Political Preferences (businessinsider.com) 183

Facebook knows a lot more about its users than they think. For instance, the New York Times reports, the company is categorizing its users as liberal, conservative, or moderate. These details are valuable for advertisers and campaign managers, especially ahead of the election season. From a BusinessInsider report: For some, Facebook is able to come to conclusions about your political leanings easily, if you mention a political party on your page. For those that are less open about politics on social media, Facebook makes assumptions based on pages you like. As The New York Times explained, if you like Ben and Jerry's Facebook page and most of the other people that like that page identify as liberal, Facebook might assume you too are liberal.
Government

FBI Investigating Russian Hack Of New York Times Reporters, Others (cnn.com) 61

Hackers thought to be working for Russian intelligence have carried out a series of cyber breaches targeting reporters at the New York Times and other U.S. news organizations, reports CNN, citing US officials briefed on the matter. From the report: The intrusions, detected in recent months, are under investigation by the FBI and other US security agencies. Investigators so far believe that Russian intelligence is likely behind the attacks and that Russian hackers are targeting news organizations as part of a broader series of hacks that also have focused on Democratic Party organizations, the officials said. "Like most news organizations we are vigilant about guarding against attempts to hack into our systems," said New York Times Co. spokeswoman Eileen Murphy. "There are a variety of approaches we take up to and including working with outside investigators and law enforcement. We won't comment on any specific attempt to gain unauthorized access to The Times." The breaches targeting reporters and news organizations are part of an apparent surge in cyber attacks in the past year against entities beyond US government agencies.
Electronic Frontier Foundation

US Customs and Border Protection Wants To Know Who You Are On Twitter (eff.org) 347

An anonymous reader quotes a report from Electronic Frontier Foundation: U.S. border control agents want to gather Facebook and Twitter identities from visitors from around the world. But this flawed plan would violate travelers' privacy, and would have a wide-ranging impact on freedom of expression -- all while doing little or nothing to protect Americans from terrorism. A proposal has been issued by U.S. Customs and Border Protection to collect social media handles from visitors to the United States from visa waiver countries. The Electronic Frontier Foundation opposes the proposal and has commented on it individually and as part of a larger coalition. "CBP specifically seeks 'information associated with your online presence -- Provider/Platform -- Social media identifier' in order to provider DHS 'greater clarity and visibility to possible nefarious activity and connections' for 'vetting purposes,'" reports EFF. "In our comments, we argue that would-be terrorists are unlikely to disclose social media identifiers that reveal publicly available posts expressing support for terrorism." They say this plan "would unfairly violate the privacy of innocent travelers," would cause "innocent travelers" to "engage in self-censorship, cutting back on their online activity out of fear of being wrongly judged by the U.S. government," and would lead to a "slippery slope, where CBP would require U.S. citizens and residents returning home to disclose their social media handles, or subject both foreign visitors and U.S. persons to invasive device searches at ports of entry with the intent of easily accessing any and all cloud data."
Power

New Mexico Nuclear Accident Ranks Among the Costliest In US History (latimes.com) 314

mdsolar quotes a report from Los Angeles Times: When a drum containing radioactive waste blew up in an underground nuclear dump in New Mexico two years ago, the Energy Department rushed to quell concerns in the Carlsbad desert community and quickly reported progress on resuming operations. The early federal statements gave no hint that the blast had caused massive long-term damage to the dump, a facility crucial to the nuclear weapons cleanup program that spans the nation, or that it would jeopardize the Energy Department's credibility in dealing with the tricky problem of radioactive waste. But the explosion ranks among the costliest nuclear accidents in U.S. history, according to a Times analysis. The long-term cost of the mishap could top $2 billion, an amount roughly in the range of the cleanup after the 1979 partial meltdown at the Three Mile Island nuclear power plant in Pennsylvania. The Feb. 14, 2014, accident is also complicating cleanup programs at about a dozen current and former nuclear weapons sites across the U.S. Thousands of tons of radioactive waste that were headed for the dump are backed up in Idaho, Washington, New Mexico and elsewhere, state officials said in interviews. "The direct cost of the cleanup is now $640 million, based on a contract modification made last month with Nuclear Waste Partnership that increased the cost from $1.3 billion to nearly $2 billion," reports Los Angeles Times. "The cost-plus contract leaves open the possibility of even higher costs as repairs continue. And it does not include the complete replacement of the contaminated ventilation system or any future costs of operating the mine longer than originally planned."
Television

North Korea Unveils Netflix-Like Streaming Service Called 'Manbang' (bbc.com) 162

North Korea has unveiled a set-top box that offers video-on demand services similar to Netflix. The service is called Manbang, which translates to "everywhere" in Korean, and allows consumers to stream documentaries about Kim Jong Un and other "educational" programs, as well as five live TV channels. "If a viewer wants to watch, for instance, an animal movie and sends a request to the equipment, it will show the relevant video to the viewer [...] this is two-way communications," according to NK News. It reportedly works by plugging the set-top box into an internet modem, then connecting an HDMI cable from the cable box to the TV. A very small number of North Koreans will actually be able to use the device as "only a few thousand [...] have access to the state-sanctioned internet, in a nation of 25 million people," reports New York Daily News.
Security

BHU's 'Tiger Will Power' Wi-Fi Router May Be The Most Insecure Router Ever Made (softpedia.com) 62

An anonymous reader writes from a report via Softpedia: A Wi-Fi router manufactured and sold only in China can easily run for the title of "most insecure router ever made." The BHU router, whose name translates to "Tiger Will Power," has a long list of security problems that include: four authentication bypass flaws (one of which is just hilarious); a built-in backdoor root account that gets created on every boot-up sequence; the fact that it opens the SSH port for external connections after every boot (somebody has to use that root backdoor account right?); a built-in proxy server that re-routes all traffic; an ad injection system that adds adverts to all the sites you visit; and a backup JS file embedded in the router firmware if the ad script fails to load from its server. For techies, there's a long technical write-up, which gets funnier and scarier at the same time as you read through it. "An attacker authenticating on the router can use a hardcoded session ID (SID) value of 700000000000000 to gain admin privileges," reports Softpedia. "If he misspells the SID and drops a zero, that's no problem. The BHU router will accept any value and still grant the user admin rights."
Crime

Turkish Journalist Jailed For Terrorism Was Framed, Forensic Report Shows (vice.com) 96

An anonymous reader quotes a report from Motherboard: Turkish investigative journalist Baris Pehlivan spent 19 months in jail, accused of terrorism based on documents found on his work computer. But when digital forensics experts examined his PC, they discovered that those files were put there by someone who removed the hard drive from the case, copied the documents, and then reinstalled the hard drive. The attackers also attempted to control the journalist's machine remotely, trying to infect it using malicious email attachments and thumb drives. Among the viruses detected in his computer was an extremely rare trojan called Ahtapot, in one of the only times it's been seen in the wild. Pehlivan went to jail in February of 2011, along with six of his colleagues, after electronic evidence seized during a police raid in 2011 appeared to connect all of them to Ergenekon, an alleged armed group accused of terrorism in Turkey. A paper recently published by computer expert Mark Spencer in Digital Forensics Magazine sheds light into the case after several other reports have acknowledged the presence of malware. Spencer said no other forensics expert noticed the Ahtapot trojan in the OdaTV case, nor has determined accurately how those documents showed up on the journalist's computer. However, almost all the reports have concluded that the incriminating files were planted. "We are not guilty," Baris Pehlivan told Andrada Fiscutean via Motherboard. "The files were put into our computers by a virus and by [attackers] entering the OdaTV office secretly. None of us has seen those documents before the prosecutor showed them to us." (OdaTV is the website Pehlivan works for and "has been critical of the government and the Gulen Movement, which was accused by Turkish president Recep Tayyip Erdogan of orchestrating the recent attempted coup.") In regard to the report, senior security consultant at F-Secure, Taneli Kaivola, says, "Yes, [the report] takes an impressive level of conviction to locally attack a computer four times, and remotely attack it seven times [between January 1, 2011, and February 11, 2011], as well as a certain level of technical skill to set up the infrastructure for those attacks, which included document forgery and date and time manipulation."
Piracy

Cox Denies Liability for Pirating Subscribers, Appeals $25 Million Verdict (torrentfreak.com) 97

Cox Communications insists that it is not responsible for copyright infringements carried out by its subscribers, challenging the ruling by a Virginia federal jury late last year. The court had found Cox Communications guilty and had asked it to pay music publisher BMG Rights Management a sum of $25 in damages. TorrentFreak reports: The verdict was a massive victory for the music company and a disaster for Cox, but the case is not closed yet. After a failed motion for judgment as a matter of law earlier this month, the ISP has now informed the court that it will take the case to the U.S. Court of Appeals for the Fourth Circuit. Cox denies any wrongdoing and hopes to get a judgment in its favor at the appeals court. Considering the gravity of the case, Cox's move is not surprising. The liability verdict has come as a shock to the Internet provider industry, as it suggests that providers have to actively disconnect repeat infringers. At the moment, many ISPs don't have a solid policy in place where repeat copyright infringers lose their subscription. In fact, the law doesn't prescribe when and based on what evidence an ISP has to terminate an account.
Democrats

FBI Finds 14,900 More Documents From Hillary Clinton's Email Server (go.com) 525

An anonymous reader quotes a report from ABC News: The FBI uncovered nearly 15,000 more emails and materials sent to or from Hillary Clinton as part of the agency's investigation into her use of private email at the State Department. The documents were not among the 30,000 work-related emails turned over to the State Department by her attorneys in December 2014. The State Department confirmed it has received "tens of thousands" of personal and work-related email materials -- including the 14,900 emails found by the FBI -- that it will review. At a status hearing Monday before federal Judge Emmett Sullivan, who is overseeing that case, the State Department presented a schedule for how it would release the emails found by the FBI. The first group of 14,900 emails was ordered released, and a status hearing on Sept. 23 "will determine the release of the new emails and documents," Sullivan said. "As we have previously explained, the State Department voluntarily agreed to produce to Judicial Watch any emails sent or received by Secretary Clinton in her official capacity during her tenure as secretary of state which are contained within the material turned over by the FBI and which were not already processed for FOIA by the State Department," said State Department spokesman Mark Toner in a statement issued Monday. "We can confirm that the FBI material includes tens of thousands of non-record (meaning personal) and record materials that will have to be carefully appraised at State," it read. "State has not yet had the opportunity to complete a review of the documents to determine whether they are agency records or if they are duplicative of documents State has already produced through the Freedom of Information Act" said Toner, declining further comment.
Government

Nuclear Waste Accident 2 Years Ago May Cost More Than $2 Billion To Clean Up (arstechnica.com) 20

An anonymous reader writes: The Los Angeles Times is estimating that an explosion that occurred at a New Mexico nuclear waste dumping facility in 2014 could cost upwards of $2 billion to clean up. Construction began on the Waste Isolation Pilot Plant (WIPP) in New Mexico's Carlsbad desert in the 1980s. The site was built to handle transuranic waste from the US' nuclear weapons program. The WIPP had been eyed to receive nuclear waste from commercial power-generating plants as well. According to the LA Times, the 2014 explosion at the WIPP was downplayed by the federal government, with the Department of Energy (DoE) putting out statements indicating that cleanup was progressing quickly. Indeed, a 2015 Recovery Plan insisted that "limited waste disposal operations" would resume in the first quarter of 2016. Instead, two years have passed since the incident without any indication that smaller nuclear waste cleanup programs around the US will be able to deliver their waste to the New Mexico facility any time soon. The 2014 explosion apparently occurred when engineers at the Los Alamos National Laboratory were preparing a drum of plutonium and americium waste -- usually packed with kitty litter (yes, kitty litter) -- and decided to "substitute an organic material for a mineral one."
Businesses

Massachusetts Will Tax Ride-Sharing Companies To Subsidize Taxis (reuters.com) 444

Massachusetts will tax ride-sharing services -- 20 cents for each ride -- with 25% of the money raised going into a special fund for the taxi industry (according to an article shared by schwit1 ). Reuters reports: Ride services are not enthusiastic about the fee. "I don't think we should be in the business of subsidizing potential competitors," said Kirill Evdakov, the chief executive of Fasten, a ride service that launched in Boston last year and also operates in Austin, Texas. Some taxi owners wanted the law to go further, perhaps banning the start-up competitors unless they meet the requirements taxis do, such as regular vehicle inspection by the police...

The fee may raise millions of dollars a year because Lyft and Uber alone have a combined 2.5 million rides per month in Massachusetts... The 5-cent fee will be collected through the end of 2021. Then the taxi subsidy will disappear and the 20 cents will be split by localities and the state for five years. The whole fee will go away at the end of 2026.

Republican Governor Charlie Baker signed the law, which specifically bans ride-sharing services from passing those costs on to their drivers or riders. And the article notes that Taiwan has also hit Uber with a $6.4 million tax bill, while Seattle has passed a new law allowing ride-sharing drivers to unionize.
Education

Four Code Bootcamps Are Now Eligible For Government Financial Aid (hackeducation.com) 85

Long-time Slashdot reader theodp notes a pilot program for improving computer science education which includes financial aid for students at four code bootcamps: In this week's Hack Education Weekly News, Audrey Watters writes, "The US Department of Education has selected eight higher ed institutions and eight 'non-traditional providers' that will work as partners to pilot the DoE's new EQUIP experiment, meaning that students will be able to receive federal financial aid for coding bootcamps, MOOCs, and the like...

"Good thing there haven't been any problems with for-profit higher ed and exploitation of financial aid, otherwise this would all seem like a terrible idea."

The original submission has more details on the participants (including the four code bootcamps). Ultimately the program involves pairing "non-traditional" providers with higher education institutions -- and then monitoring their results with a third-party "quality assurance entity" -- to improve the ways we measure a school's performance, but also testing new ways to fund training for computer careers. (I'm curious how Slashdot's readers feel about government loans for attendees at code bootcamps...)
Government

Group Wants To Shut Down Tor For a Day On September 1 (softpedia.com) 228

An anonymous reader writes: An internal group at the Tor Project is calling for a full 24-hour shutdown of the Tor network to protest the way the Tor Project dealt with the Jake Applebaum sexual misconduct accusations, and because of recent rumors it might be letting former government agents in its ranks. Two Tor members, also node operators, have shut down their servers as well, because of the same reason. They explained their motivations here and here.
"The protesters have made 16 demands," according to the article, six related to related to supposed infiltration of Tor by government agents, and 10 regarding the Appelbaum ruling and investigation -- including "asking all Tor employees that participated in this investigation to leave" and "the persons behind the JacobAppelbaum.net and the @JakeMustDie and @VictimsOfJake Twitter accounts to come forward and their identities made public."
Security

Software Exploits Aren't Needed To Hack Most Organizations (darkreading.com) 57

The five most common ways of hacking an organization all involve stolen credentials, "based on data from 75 organizations, 100 penetration tests, and 450 real-world attacks," writes an anonymous Slashdot reader. In fact, 66% of the researchers' successful attacks involved cracking a weak domain user password. From an article on Dark Reading: Playing whack-a-mole with software vulnerabilities should not be top of security pros' priority list because exploiting software doesn't even rank among the top five plays in the attacker's playbook, according to a new report from Praetorian. Organizations would be far better served by improving credential management and network segmentation...

"If we assume that 1 percent [of users] will click on the [malicious] link, what will we do next?" says Joshua Abraham, practice manager at Praetorian. The report suggests specific mitigation tactics organizations should take in response to each one of these attacks -- tactics that may not stop attackers from stealing credentials, but "building in the defenses so it's really not a big deal if they do"... [O]ne stolen password should not give an attacker (or pen tester) the leverage to access an organization's entire computing environment, exfiltrating all documents along the way.

Similar results were reported in Verizon's 2016 Data Breach Investigations Report.
Government

Will Internet Voting Endanger The Secret Ballot? 219

MIT recently identified the states "at the greatest risk of having their voting process hacked". but added this week that "Maintaining the secrecy of ballots returned via the Internet is 'technologically impossible'..." Long-time Slashdot reader Presto Vivace quotes their article: That's according to a new report from Verified Voting, a group that advocates for transparency and accuracy in elections. A cornerstone of democracy, the secret ballot guards against voter coercion. But "because of current technical challenges and the unique challenge of running public elections, it is impossible to maintain the separation of voters' identities from their votes when Internet voting is used," concludes the report, which was written in collaboration with the Electronic Privacy Information Center and the anticorruption advocacy group Common Cause.
32 states are already offering some form of online voting, apparently prompting the creation of Verified Voting's new site, SecretBallotAtRisk.org.

Slashdot Top Deals