Sparrowvsrevolution writes with news of some particularly insecure security cameras. From the article: "Eighteen brands of security camera digital video recorders are vulnerable to an attack that would allow a hacker to remotely gain control of the devices to watch, copy, delete or alter video streams at will, as well as to use the machines as jumping-off points to access other computers behind a company's firewall, according to tests by two security researchers. And 58,000 of the hackable video boxes, all of which use firmware provided by the Guangdong, China-based firm Ray Sharp, are accessible via the Internet. Early last week a hacker who uses the handle someLuser found that commands sent to a Swann DVR via port 9000 were accepted without any authentication. That trick would allow anyone to retrieve the login credentials for the DVR's web-based control panel. To compound the problem, the DVRs automatically make themselves visible to external connections using a protocol known as Universal Plug And Play, (UPnP) which maps the devices' location to any local router that has UPnP enabled — a common default setting. ...Neither Ray Sharp nor any of the eighteen firms have yet released a firmware fix."
Attend or create a Slashdot 20th anniversary party! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×
Nerval's Lobster writes "All your Tweets are belong to us... with a court order. Twitter's second transparency report reinforces what many already know: governments want online user data, and to yank select content from the Internet. Twitter's first two transparency reports cover the entirety of 2012, so there's not a deep historical record to mine for insight. Nonetheless, that year's worth of data shows all types of government inquiry—information requests, removal requests, and copyright notices—either on the increase or holding relatively steady. Governments requested user information from Twitter some 1,009 times in the second half of 2012, up slightly from 849 requests in the first half of that year. Content-removal requests spiked from 6 in the first half of 2012 to 42 in the second. Meanwhile, copyright notices declined a bit, from 3378 in the first half of 2012 to 3268 in the second."
snydeq writes "Security pros and government officials warn of a possible cyber 9/11 involving banks, utilities, other companies, or the Internet, InfoWorld reports. 'A cyber war has been brewing for at least the past year, and although you might view this battle as governments going head to head in a shadow fight, security experts say the battleground is shifting from government entities to the private sector, to civilian targets that provide many essential services to U.S. citizens. The cyber war has seen various attacks around the world, with incidents such as Stuxnet, Flame, and Red October garnering attention. Some attacks have been against government systems, but increasingly likely to attack civilian entities. U.S. banks and utilities have already been hit.'"
Frequent contributor Bennett Haselton writes "With the announcement of Verizon's "six strikes plan" for movie pirates (which includes reporting users to the RIAA and MPAA), and content companies continuing to sue users en masse for peer-to-peer downloads, I think it's inevitable that we'll see the rise of p2p software that proxifies your downloads through other users. In this model, you would not only download content from other users, but you also use other users' machines as anonymizing proxies for the downloads, which would make it impossible for third parties to identify the source or destination of the file transfer. This would hopefully put an end to the era of movie studios subpoenaing ISPs for the identities of end users and taking those users to court." Read below for the rest of Bennett's thoughts.
Dupple writes "After settling with the FTC, Google is under pressure again regarding user privacy. From the BBC: 'A group of Apple's Safari web browser users has launched a campaign against Google over privacy concerns. They claim that Google bypassed Safari's security settings to install cookies which tracked their movements on the internet. Between summer 2011 and spring 2012 they were assured by Google this was not the case, and believed Safari's settings to be secure. Judith Vidal-Hall, former editor of Index On Censorship magazine, is the first person in the UK to begin legal action. 'Google claims it does not collect personal data but doesn't say who decides what information is "personal,"' she said. 'Whether something is private or not should be up to the internet surfer, not Google. We are best placed to decide, not them.'"
jfruh writes "Last week the CEO ServiceNow made a minor splash by claiming that it was awfully easy for a cloud provider to spy on the data they stored for you or discriminate based on pricing. But while that's possible, in many cases it turns out to be simply not practical enough to be beneficial. Even moves like restoring outages for higher-paying customers first turn out to be more trouble than they're worth."
theodp writes "On Saturday, questions for MIT's Aaron Swartz investigation were posted on Slashdot with the hope that MIT'ers might repost some to the MIT Swartz Review site. So it's good to see that MIT's Hal Abelson, who is leading the analysis of MIT's involvement in the matter, is apparently open to this workaround to the ban on questions from outsiders. In fact, on Sunday Abelson himself reposted an interesting question posed by Boston College Law School Prof. Sharon Beckman: 'What, if anything, did MIT learn from its involvement in the federal prosecution of its student David LaMacchia back in 1994?' Not much, it would appear. LaMacchia, an apparent student of Abelson's whose defense team included Beckman, was indicted in 1994 and charged with the 'piracy of an estimated million dollars' in business and entertainment computer software after MIT gave LaMacchia up to the FBI. LaMacchia eventually walked from the charges, thanks to what became known as the LaMacchia Loophole, which lawmakers took pains to close. 'MIT collaborated with the FBI to wreck LaMacchia's life,' defense attorney Harvey Silverglate charged in 1995 after a judge dismissed the case. 'I hope that this case causes a lot of introspection on the part of MIT's administration. Unfortunately, I doubt it will.'"
According to the Daily Yomiuri, "Japan launched two satellites on Jan. 27 to strengthen its surveillance capabilities, including keeping a closer eye on North Korea which has vowed to stage another nuclear test. One of them was a radar-equipped unit to complete a system of surveillance satellites that will allow Tokyo to monitor any place in the world at least once a day. The other was a demonstration satellite to collect data for research and development." The Defense News version of the story says "Japan developed a plan to use several satellites as one group to gather intelligence in the late 1990s as a response to a long-range missile launch by Pyongyang in 1998. The space agency has said the radar satellite would be used for information-gathering, including data following Japan’s 2011 quake and tsunami, but did not mention North Korea by name."
bargainsale writes with an account at Ars Technica of "the inspiring story of Newegg vs the patent troll. Perhaps the system does work after all." Newegg's lawyer Lee Cheng has some choice words for the business model employed by Soverain Software, the patent troll which tried, with some success, to exact money from online retailers for using online shopping carts. Newegg has prevailed, though, and Soverain's claims are toast. From Ars: "The ruling effectively shuts down dozens of the lawsuits Soverain filed last year against Nordstrom's, Macy's, Home Depot, Radioshack, Kohl's, and many others (see our chart on page 2). All of them did nothing more than provide shoppers with basic online checkout technology. Soverain used two patents, numbers 5,715,314 and 5,909,492, to claim ownership of the "shopping carts" commonly used in online stores. In some cases, it wielded a third patent, No. 7,272,639."
The TV show Glee may have borrowed Jonathan Coulton's arrangement of "Baby Got Back" without asking him first, but he's got a response of the kind that it'd be hard for the show's makers to criticize without looking churlish. Borrowing it back, and using it to raise money for charity. As CNET puts it, "Coulton has foxily tossed up on iTunes his own version of the song and titled it 'Baby Got Back (In the Style of Glee).' He terms it 'my cover of Glee's cover of my cover.'"
Now that unlocking a new phone is under many circumstances illegal in the U.S. (!), Digital Trends has collected a useful set of answers outlining just what that means. As they put it, a "quick guide to answer all your why, how, and WTF questions." Among them, some explanation of the rule-making process, the reasoning that led to the end to the unlocking exception to the DMCA (including the Ninth Circuit's 2010 Vernor v. Autodesk decision), and illustrations of situations in which it is not illegal to unlock your phone.
CowboyRobot writes "Once the 'Second City' of the British Empire, scrappy Glasgow — whose now-demolished Gorbals was once known for urban grimness on a par with Chicago's South Side or New York's Hell's Kitchen — has the chance for a whole new lease on life as the UK's first 'smart city.' The UK's government has just announced a $38 million (£24 million) grant to fund pilot projects in the city that show how mass deployment of sensors and real-time information can help local government run more efficiently while also boosting the quality of life for its 600,000 citizens. Glasgow won the prize in a competition among 30 British towns and cities for state help in looking at the possible contribution of smart technology."
theodp writes "Late Friday, Violet Blue reports, the U.S. Sentencing Commission website was hacked and government files distributed by Anonymous in 'Operation Last Resort.' The U.S. Sentencing Commission sets guidelines for sentencing in United States Federal courts, and on the defaced ussc.gov website Anonymous cited the recent suicide of Aaron Swartz as 'a line that has been crossed.' Calling the launch of its new campaign a "warhead," Anonymous vowed, 'This time there will be change, or there will be chaos.'" Adds reader emil: "Anonymous has not specified exactly what files they have obtained. The various files were named after Supreme Court judges. At a regular interval commencing today, Anonymous will choose one media outlet and supply them with heavily redacted partial contents."
An anonymous reader writes "The H.265 codec standard, the successor of H.264, has been approved, promising support for 8k UHD and lower bandwidth, but the patent issues plaguing H.264 remain." Here's the announcement from the ITU. From the article: "Patents remain an important issue as it was with H.264, Google proposing WebM, a new codec standard based on VP8, back in 2010, one that would be royalties free. They also included it in Chrome, with the intent to replace H.264, but this attempt never materialized. Mozilla and Opera also included WebM in their browsers with the same purpose, but they never discarded H.264 because most of the video out there is coded with it. MPEG LA, the owner of a patent pool covering H.264, promised that H.264 internet videos delivered for free will be forever royalty free, but who knows what will happen with H.265? Will they request royalties for free content or not? It remains to be seen. In the meantime, H.264 remains the only codec with wide adoption, and H.265 will probably follow on its steps."
Damien1972 writes "The Brazilian government has begun fixing trees in the Amazon rainforest with a wireless device, known as Invisible Tracck, which will allow trees to contact authorities once they are felled and moved. Here's how it works: Brazilian authorities fix the Invisible Tracck onto a tree. An illegal logger cuts down the tree and puts it onto a truck for removal, unaware that they are carrying a tracking device. Once Invisible Tracck comes within 20 miles (32 kilometers) of a cellular network it will 'wake up' and alert authorities."
chicksdaddy writes "The U.S. Department of Defense has stopped updating its main reference list of vital defense technologies that are banned from export, according to a new report from the Government Accountability Office (GAO), The Security Ledger reports. The Militarily Critical Technologies List (MCTL) is used to identify technologies that are critical to national defense and that require extra protection — including bans on exports and the application of anti-tamper technology. GAO warned six years ago that the Departments of State and Commerce, which are supposed to use the list, found it too broad and outdated to be of much use. The latest report (GAO 13-157) finds that the situation has worsened: budget cuts forced the DOD to largely stop updating and grooming the list in 2011. Sections on emerging technologies are outdated, while other sections haven't been updated since 1999. Without the list to rely on, the DOD has turned to a hodgepodge of other lists, while officials in the Departments of State and Commerce who are responsible for making decisions about whether to allow a particular technology to be exported have turned to ad-hoc networks of subject experts. Other agencies are looking into developing their own MCTL equivalents, potentially wasting government resources duplicating work that has already been done, GAO found."
FunPika writes "Jonathan Coulton, who is known for songs such as "Code Monkey", is claiming that his cover of "Baby Got Back" was used without permission on Glee, a television show aired by Fox Broadcasting Company. When the Glee version appeared on YouTube last week, Coulton suspected that it sounded similar to his cover, and several of his fans confirmed this by analyzing the two tracks. Despite Coulton contacting Fox, they continued with airing the episode and have placed the song on sale in iTunes."
dcblogs writes "A bipartisan group of Senators is planning to introduce a bill that allows the H-1B visa cap to rise automatically with demand to a maximum of 300,000 visas annually. This 20-page bill, called the Immigration Innovation Act of 2013 or the 'I-Squared Act of 2013,' is being developed by Sens. Orrin Hatch (R-Utah), Amy Klobuchar (D-Minn.), Marco Rubio (R-Fla.), and Chris Coons (D-Del.). It may be introduced next week. Presently, the U.S. has an H-1B visa cap of 65,000. There are another 20,000 H-1B visas set aside for advanced degree gradates of U.S. universities, for 85,000 in total. Under the new bill, the base H-1B cap would increase from 65,000 to 115,000. But the cap would be allowed to rise automatically with demand, according to a draft of the legislation."
theodp writes "Explaining that it believes 'the most important questions are the ones that will come from the MIT community,' MIT announced that it won't be accepting questions from outsiders for its President-ordered 'review' of the events that preceded the suicide of Aaron Swartz. But if you feel the 25 questions asked thus far don't cover all the bases, how about posting additional ones in the comments where MIT'ers can see them and perhaps repost to the MIT site some that they feel deserve answers? Do it soon — MIT President Rafael Reif will be returning any day now from Davos, where he sat on a panel with Bill Gates, who coincidentally once found himself in hot water over unauthorized computer access. 'They weren't sure how mad they should be about it,' Gates explained in a 2010 interview, 'because we hadn't really caused any damage, but it wasn't a good thing. Computer hacking was literally just being invented at the time, and so fortunately we got off with a bit of a warning.'" Related: text has been published of public domain advocate Carl Malamud's remarks at Swartz's memorial. Quoting: "Aaron wasn't a lone wolf, he was part of an army, and I had the honor of serving with him for a decade. Aaron was part of an army of citizens that believes democracy only works when the citizenry are informed, when we know about our rights—and our obligations."
Tyketto writes "Referencing a decision outlined in the Federal Register, Tech News Daily has published an article noting that the window to unlock your new mobile phone in the U.S. is closing. 'In October 2012, the Librarian of Congress, who determines exemptions to a strict anti-hacking law called the Digital Millennium Copyright Act (DMCA), decided that unlocking mobile phones would no longer be allowed. But the library provided a 90-day window during which people could still buy a phone and unlock it. That window closes on January 26.' While this doesn't apply to phones purchased before the window closes, this means that after 1/26/13, for any new mobile phone you purchase, you'll have to fulfill your contract, or break the law to unlock it." It will still be perfectly legal to purchase an unlocked phone, which many carriers offer. This change removes the exemption for buying a new phone under contract (and thus, at a discount) and then unlocking it.