Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

WikiLeaks To Its Supporters: 'Stop Taking Down the US Internet, You Proved Your Point' ( 334

MojoKid writes: The Internet took a turn for the worst this morning, when large parts of the DNS network were brought down by a massive distributed denial of service attack (DDoS) targeting DNS provider Dyn. If you couldn't access Amazon, Twitter, and a host of other large sites and online services earlier today, this was why. Now, if a couple of additional tweets are to be believed, it appears supporters of WikiLeaks are responsible for this large scale DDoS attack on Dynamic Network Services Inc's Dyn DNS service. WikiLeaks is alleging that a group of its supporters launched today's DDoS attack in retaliation for the Obama administration using its influence to push the Ecuadorian government to limit Assange's internet access. Another earlier tweet reassures supporters that Mr. Assange is still alive, which -- along with a photo of heavily armed police posted this morning -- implies that he may have been (or may still be) in danger, and directly asks said supporters to stop the attack. WikiLeaks published this tweet a little after 5PM: "Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point." It was followed by: "The Obama administration should not have attempted to misuse its instruments of state to stop criticism of its ruling party candidate."

AI Platform Assesses Trump's and Clinton's Emotional Intelligence ( 181

FastCompany got an exclusive look at how Hillary Clinton and Donald Trump stacked up in terms of their emotional intelligence when analyzed by HireVue's artificial intelligence platform. The platform analyzes "video, audio, and language patterns to determine emotional intelligence and sentiment." The company also partnered with Affectiva for facial analysis "to measure the candidate's emotional engagement correlated down to the micro-expressions level." FastCompany reports the findings: Trump versus Clinton across all three debates. Here we see the range of emotions both candidates showed during all three debates. Clinton seemed to dominate the top-right area, which represented both "joy" and facial expressions like smiles and smirks. Conversely, Trump had a stronghold on the "sadness," "disgust," and "fear" quadrants, along with both "negative sentiment" and "negative valence." The third debate. Looking more closely at just this week's debate, negativity prevailed. Both candidates exhibited disgust during the 90-minute spectacle. Trump, however, seemed to dominate the strongest emotions with heightened scores for "fear," "contempt," and "negative sentiment." Clinton, according to the data, presented the only positive emotional elements, which included some "joy" and "smiles." Clinton's performance. Clinton's range of emotions and reactions seemed pretty consistent throughout all three debates, although she exhibited the most positive emotions during the second. What's more, according to the graph, she was most negative during this week's debate. Trump's performance. Similar to Clinton, Trump's range of emotions seemed relatively consistent throughout the three debates. The third one, however, was when he emoted the most negatively. He smirked a lot during this event, too. "Negative sentiment," "contempt," and "anger" were persistent throughout all three conversations.

Mirai and Bashlight Join Forces Against DNS Provider Dyn ( 56

A second wave of attacks has hit dynamic domain name service provider Dyn, affecting a larger number of providers. As researchers and government officials race to figure out what is causing the outages, new details are emerging. Dan Drew, chief security officer at Level 3 Communications, says the attack is at least in part being mounted from a "botnet" of Internet-of-Things (IoT) devices. "We're seeing attacks coming from a number of different locations," Drew said. "An Internet of Things botnet called Mirai that we identified is also involved in the attack." Ars Technica reports: The botnet, made up of devices like home WiFi routers and internet protocol video cameras, is sending massive numbers of requests to Dyn's DNS service. Those requests look legitimate, so it's difficult for Dyn's systems to screen them out from normal domain name lookup requests. Earlier this month, the code for the Mirai botnet was released publicly. It may have been used in the massive DDoS attack against security reporter Brian Krebs. Mirai and another IoT botnet called Bashlight exploit a common vulnerability in BusyBox, a pared-down version of the Linux operating system used in embedded devices. Mirai and Bashlight have recently been responsible for attacks of massive scale, including the attacks on Krebs, which at one point reached a traffic volume of 620 gigabits per second. Matthew Prince, co-founder and CEO of the content delivery and DDoS protection service provider CloudFlare, said that the attack being used against Dyn is an increasingly common one. The attacks append random strings of text to the front of domain names, making them appear like new, legitimate requests for the addresses of systems with a domain. Caching the results to speed up responses is impossible. Prince told Ars: "They're tough attacks to stop because they often get channeled through recursive providers. They're not cacheable because of the random prefix. We started seeing random prefix attacks like these three years ago, and they remain a very common attack. If IoT devices are being used, that would explain the size and scale [and how the attack] would affect: someone the size of Dyn."

Governor Cuomo Bans Airbnb From Listing Short-Term Rentals In New York ( 157

An anonymous reader quotes a report from New York Post: Gov. Cuomo on Friday bowed to pressure from the hotel industry and signed into law one of the nation's toughest restrictions on Airbnb -- including hefty fines of up to $7,500 for people who rent out space in their apartments. Backers of the punitive measure -- which applies to rentals of less than 30 days when the owner or tenant is not present -- say many property owners use Airbnb and similar sites to offer residential apartments as short-term rentals to visitors, hurting the hotel business while taking residential units off the Big Apple's high-priced housing market. Enforcement, however, will be a huge challenge, as thousands of short-term apartment rentals are listed in the city despite a 2010 law that prohibits rentals of less than 30 days when the owner or tenant is not present. Violators could be turned in by neighbors or landlords opposed to the practice, or the state could monitor the site to look for potential violations. But beyond that how the law would be enforced was not immediately clear. The new law won't apply to rentals in single-family homes, row houses or apartment spare rooms if the resident is present. But will apply to co-ops and condos. Airbnb mounted a last-ditch effort to kill the measure, proposing alternative regulations that the company argued would address concerns about short-term rentals without big fines. Tenants who violate current state law and list their apartments for rentals of less than 30 days would face fines of $1,000 for the first offense, $5,000 for the second and $7,500 for a third. An investigation of Airbnb rentals from 2010 to 2014 by the state attorney general's office found that 72 percent of the units in New York City were illegal, with commercial operators constituting 6 percent of the hosts and supplying 36 percent of the rentals. As of August, Airbnb had 45,000 city listings and another 13,000 across the state.

Facebook Employees Tried To Remove Trump Posts As Hate Speech ( 235

An anonymous reader quotes a report from USA Today: Facebook employees pushed to remove some of Republican presidential candidate Donald Trump's Facebook posts -- such as one proposing the ban of Muslims from entering the U.S. -- from the service as hate speech that violated the giant social network's policies, the Wall Street Journal reported Friday. The decision not to remove the Trump posts was made by Facebook CEO Mark Zuckerberg, the newspaper reported. Employees complained that Facebook was changing the rules for Trump and some who review content on Facebook threatened to quit. "When we review reports of content that may violate our policies, we take context into consideration. That context can include the value of political discourse," Facebook said in an emailed statement. "Many people are voicing opinions about this particular content and it has become an important part of the conversation around who the next U.S. president will be. For those reasons, we are carefully reviewing each report and surrounding context relating to this content on a case by case basis." Senior members of Facebook's policy team posted more details on its policy on Friday: "In the weeks ahead, we're going to begin allowing more items that people find newsworthy, significant, or important to the public interest -- even if they might otherwise violate our standards."

Prosecutors Say NSA Contractor Could Flee To Foreign Power ( 44

An anonymous reader quotes a report from ABC News: The NSA contractor accused of stealing a gargantuan amount of sensitive and classified data from the U.S. government was studying Russian before he was arrested and would be a "prime target" for foreign spies should he be released on bail, prosecutors argued ahead of a court hearing for Harold Martin, III, today. The government said it is "readily apparent to every foreign counterintelligence professional and nongovernmental actor that the Defendant has access to highly classified information, whether in his head, in still-hidden physical locations, or stored in cyberspace -- and he has demonstrated absolutely no interest in protecting it. This makes the Defendant a prime target, and his release would seriously endanger the safety of the country and potentially even the Defendant himself." Prosecutors noted that Martin purportedly communicated online "with others in languages other than English, including in Russian" and that he had downloaded information on the Russian language just a couple months before he was arrested in August. Martin's attorneys, however, said in their own court filing Thursday that there is still no evidence he "intended to betray his country" and argued that he was not a flight risk. All the talk of foreign spies and potential getaway plans, the defense said, were "fantastical scenarios." Martin's defense team said in part: "The government concocts fantastical scenarios in which Mr. Martin -- who, by the government's own admission, does not possess a valid passport -- would attempt to flee the country. Mr. Martin's wife is here in Maryland. His home is here in Maryland. He hash served this country honorably as a lieutenant in the United States Navy, and he has devoted his entire career to serving his country. There is no evidence he intended to betray his country. The government simply does not meet its burden of showing that no conditions of release would reasonably assure Mr. Martin's future appearance in court. For these reasons, and additional reasons to be discussed at the detention hearing, Mr. Martin should be released on conditions pending trial."

UPDATE 10/21/16: Slashdot reader chromaexursion writes: "Harold Martin was denied bail. The judge agreed the the prosecution in his decision."

43 Million Weebly and 22 Million Foursquare Accounts Stolen ( 15

LeakedSource is reporting that the web design platform Weebly was hacked in February, affecting more than 43 million accounts. They have also reported a smaller hack involving 22.5 million Foursquare accounts, which were compromised in December 2013. TechCrunch: "We do not believe that any customer website has been improperly accessed," Weebly said in the notice to users. The company also said that it does not store credit card information, making fraudulent charges unlikely. LeakedSource said it received the Weebly database from an anonymous source and notified Weebly of the breach. In addition to the customer notification emails, LeakedSource claims that password resets are being issued -- but, if you're a Weebly user and you don't receive a password reset, you probably want to change your password anyway. Meanwhile, LeakedSource also identified data from Foursquare, claiming that 22.5 million accounts were compromised in December 2013. The social media company disputes the findings, claiming that email addresses were simply cross-referenced with publicly available data from Foursquare. The data includes emails, usernames and Facebook and Twitter IDs, which could have been scraped from Foursquare's API or search.

Facebook Bans Animated Breast Cancer Awareness Video Showing Circle-Shaped Breasts ( 98

Last month, Facebook deleted a historic Vietnam war photo of a naked girl fleeing a napalm attack, claiming it violated Facebook's restrictions on nudity. Now it appears that the company has removed a video on breast cancer awareness posted in Sweden after deeming the images offensive, the Swedish Cancer Society said on Thursday. The Guardian reports: The video, displaying animated figures of women with circle-shaped breasts, was aimed at explaining to women how to check for suspicious lumps. Sweden's Cancerfonden said it had tried in vain to contact Facebook, and had decided to appeal against the decision to remove the video. "We find it incomprehensible and strange how one can perceive medical information as offensive," Cancerfoden communications director Lena Biornstad told Agence France-Presse. "This is information that saves lives, which is important for us," she said. "This prevents us from doing so." The Guardian went on to report in a separate article that the the Swedish Cancer Society decided to make the round breasts square to evade Facebook's censorship of female anatomy. The group issued an open letter to Facebook featuring the pair of pair of breasts constructed of pink squares as opposed to pink circles. Facebook did apologize for banning the video, saying in a statement to the Guardian: "We're very sorry, our team processes millions of advertising images each week, and in some instances we incorrectly prohibit ads. This image does not violate our ad policies. We apologize for the error and have let the advertiser know we are approving their ads."

Nurses In Australia Face Punishment For Promoting Anti-Vaccination Messages Via Social Media ( 651 writes: Medical Express reports that nurses and midwives promoting anti-vaccination messages in Australia could face punishment including being slapped with a caution and having their ability to practice medicine restricted. Serious cases could be referred to an industry tribunal, where practitioners could face harsher penalties such as having their registration suspended or cancelled. The Nursing and Midwifery Board of Australia released the vaccination standards in response to what it described as a small number of nurses and midwives promoting anti-vaccination via social media. The statement also urges members of the public to report nurses or midwives promoting anti-vaccination. Promoting false, misleading or deceptive information is an offense under national law and is prosecutable by the Australian Health Practitioner Regulation Agency. "The board will consider whether the nurse or midwife has breached their professional obligations and will treat these matters seriously," the statement said. However Dr. Hannah Dahlen, a professor of midwifery at the University of Western Sydney and the spokeswoman for the Australian College of Midwives, worries the crackdown may push people with anti-vaccination views further underground. "The worry is the confirmation bias that can occur, because people might say: 'There you go, this is proof that you can't even have an alternative opinion.' It might in fact just give people more fuel for their belief systems."

KickassTorrents Lawyer: 'Torrent Sites Do Not Violate Criminal Copyright Laws' ( 80

An anonymous reader quotes a report from Ars Technica: Lawyers representing Artem Vaulin have filed their formal legal response to prosecutors' allegations of conspiracy to commit criminal copyright infringement, among other charges. Vaulin is the alleged head of KickassTorrents (KAT). KAT was the world's largest BitTorrent distribution site before it was shuttered by authorities earlier this year. Vaulin was arrested in Poland, where he now awaits extradition to the United States. "Vaulin is charged with running today's most visited illegal file-sharing website, responsible for unlawfully distributing well over $1 billion of copyrighted materials," Assistant Attorney General Leslie Caldwell said in a July 2016 statement. The defense's new 22-page court filing largely relies on the argument that there is no such thing as secondary criminal copyright infringement. While secondary copyright infringement as a matter of civil liability was upheld by the Supreme Court in MGM v. Grokster in 2005, Vaulin and his associates have been charged criminally. "The fundamental flaw in the government's untenable theory of prosecution is that there is no copyright protection for such torrent file instructions and addresses," [the brief's author, Ira Rothken,] argued in his Monday motion to dismiss the charges against Vaulin. "Therefore, given the lack of direct willful copyright infringement, torrent sites do not violate criminal copyright laws." "The extradition procedures have formally been started by the US in Poland," Rothken told Ars. "We are in a submissions or briefing period, and our Polish team is opposing extradition." Rothken also said that he has yet to be allowed to meet or speak directly with his client. For now, Rothken has been required to communicate via his Polish counterpart, Alek Kowzan. "Maybe they are afraid that Artem's extradition defense will be enhanced if American lawyers can assist in defending against the US extradition," Rothken added. No hearings before US District Judge John Z. Lee have been set.

Hotspot Vigilantes Are Trying to Beam the Internet To Julian Assange ( 242

Ecuadorian government said earlier this week that it did cut off Julian Assange's internet connection. They noted that Assange's continued interference in the U.S. election campaign was the reason why they decided to disconnect Assange from the internet. But it appears some people are going to great lengths to beam internet connectivity to Mr. Assange. This week 4chan urged people to head to the embassy to set up mobile Wi-Fi hotspots, and many are doing just that. From a Motherboard report:"We are now calling all BRITS to get their ass down to the embassy and stand around in mass, taking shifts with wifi-hotspots on hand!" reads the post. "Give Assange constant network and morale support all while streaming it live for the world to see." Are people actually going to try this? Motherboard UK visited the Ecuadorian embassy in London, where WikiLeaks founder Julian Assange has claimed political asylum since August 2012, today to find out. Admittedly, on a late October afternoon, things were rather quiet on the street outside the embassy. Nevertheless, I found my guy. "Marco" was loitering outside the embassy, turning on and off his mobile hotspot. I approached him, and while tentative at first, Marco finally started explaining how he was hoping to aid Assange.
The Military

US Army 'Will Have More Robot Soldiers Than Humans' By 2025, Says Former British Spy ( 113

John Bassett, a British spy who worked for the agency GCHQ for nearly two decades, has told Daily Express that the U.S. was considering plans to employ thousands of robots by 2025. At a meeting with police and counter-terrorism officials in London, he said: "At some point around 2025 or thereabouts the U.S. army will actually have more combat robots than it will have human soldiers. Many of those combat robots are trucks that can drive themselves, and they will get better at not falling off cliffs. But some of them are rather more exciting than trucks. So we will see in the West combat robots outnumber human soldiers." Daily Express reports: Robotic military equipment is already being used by the U.S Navy and Air Force, in the shape of drones and autonomous ships. In April robotic warfare took a major leap forward after the U.S. Navy launched its very first self-piloting ship designed to hunt enemy submarines. Drones have been a feature of U.S. operations in the Middle East to disrupt terrorist groups. However, those aircrafts are still controlled by humans operating from bases in the U.S. Mr. Bassett also said artificial intelligence and robots technology would combine to create powerful fighting machines. The cyber security expert said: "Artificial intelligence, robotics in general, those will begin to mesh together."

How Hackers Broke Into John Podesta and Colin Powell's Gmail Accounts ( 116

An anonymous reader quotes a report from Motherboard: On March 19 of this year, Hillary Clinton's campaign chairman John Podesta received an alarming email that appeared to come from Google. The email, however, didn't come from the internet giant. It was actually an attempt to hack into his personal account. In fact, the message came from a group of hackers that security researchers, as well as the U.S. government, believe are spies working for the Russian government. At the time, however, Podesta didn't know any of this, and he clicked on the malicious link contained in the email, giving hackers access to his account. The data linking a group of Russian hackers -- known as Fancy Bear, APT28, or Sofacy -- to the hack on Podesta is also yet another piece in a growing heap of evidence pointing toward the Kremlin. And it also shows a clear thread between apparently separate and independent leaks that have appeared on a website called DC Leaks, such as that of Colin Powell's emails; and the Podesta leak, which was publicized on WikiLeaks. All these hacks were done using the same tool: malicious short URLs hidden in fake Gmail messages. And those URLs, according to a security firm that's tracked them for a year, were created with Bitly account linked to a domain under the control of Fancy Bear. The phishing email that Podesta received on March 19 contained a URL, created with the popular Bitly shortening service, pointing to a longer URL that, to an untrained eye, looked like a Google link. Inside that long URL, there's a 30-character string that looks like gibberish but is actually the encoded Gmail address of John Podesta. According to Bitly's own statistics, that link, which has never been published, was clicked two times in March. That's the link that opened Podesta's account to the hackers, a source close to the investigation into the hack confirmed to Motherboard. That link is only one of almost 9,000 links Fancy Bear used to target almost 4,000 individuals from October 2015 to May 2016. Each one of these URLs contained the email and name of the actual target. The hackers created them with with two Bitly accounts in their control, but forgot to set those accounts to private, according to SecureWorks, a security firm that's been tracking Fancy Bear for the last year. Bitly allowed "third parties to see their entire campaign including all their targets -- something you'd want to keep secret," Tom Finney, a researcher at SecureWorks, told Motherboard. Thomas Rid, a professor at King's College who studied the case extensively, wrote a new piece about it in Esquire.
United States

Prosecutors Say Contractor Stole 50 Terabytes of NSA Data ( 90

An NSA contractor siphoned off dozens of hard drives' worth of data from government computers over two decades, prosecutors will allege on Friday. From a ZDNet report: The contractor, Harold T. Martin III, is also accused of stealing thousands of highly classified documents, computers, and other storage devices during his tenure at the agency. It's not known exactly what Martin allegedly stole, but a report from The New York Times on Wednesday suggests that the recently-leaked hacking tools used by the agency to conduct surveillance were among the stolen cache of files. Prosecutors will on Friday charge Martin with violating the Espionage Act. If convicted, he could face ten years in prison on each count. The charges, news of which was first reported by The Washington Post, outline a far deeper case than first thought, compared to the felony theft and a lesser misdemeanor charge of removal and retention of classified information revealed in an unsealed indictment last month.

Yahoo Wants To Know If FBI Ordered Yahoo To Scan Emails ( 90

Reader Trailrunner7 writes: In an odd twist to an already odd story, Yahoo officials have asked the Director of National Intelligence to confirm whether the federal government ordered the company to scan users' emails for specific terms last year and if so, to declassify the order. The letter is the result of news reports earlier this month that detailed an order that the FBI allegedly served on Yahoo in 2015 in an apparent effort to find messages with a specific set of terms. The stories allege that Yahoo complied with the order and installed custom software to accomplish the task. Yahoo officials said at the time the Reuters story came out that there is no such scanning system on its network, but did not say that the scanning software never existed on the network at all. "Yahoo was mentioned specifically in these reports and we find ourselves unable to respond in detail. Your office, however, is well positioned to clarify this matter of public interest. Accordingly, we urge your office to consider the following actions to provide clarity on the matter: (i) confirm whether an order, as described in these media reports, was issued; (ii) declassify in whole or in part such order, if it exists; and (iii) make a sufficiently detailed public and contextual comment to clarify the alleged facts and circumstances," the letter says.

Slashdot Top Deals