Sparrowvsrevolution writes with news of some particularly insecure security cameras. From the article: "Eighteen brands of security camera digital video recorders are vulnerable to an attack that would allow a hacker to remotely gain control of the devices to watch, copy, delete or alter video streams at will, as well as to use the machines as jumping-off points to access other computers behind a company's firewall, according to tests by two security researchers. And 58,000 of the hackable video boxes, all of which use firmware provided by the Guangdong, China-based firm Ray Sharp, are accessible via the Internet. Early last week a hacker who uses the handle someLuser found that commands sent to a Swann DVR via port 9000 were accepted without any authentication. That trick would allow anyone to retrieve the login credentials for the DVR's web-based control panel. To compound the problem, the DVRs automatically make themselves visible to external connections using a protocol known as Universal Plug And Play, (UPnP) which maps the devices' location to any local router that has UPnP enabled — a common default setting. ...Neither Ray Sharp nor any of the eighteen firms have yet released a firmware fix."
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Nerval's Lobster writes "All your Tweets are belong to us... with a court order. Twitter's second transparency report reinforces what many already know: governments want online user data, and to yank select content from the Internet. Twitter's first two transparency reports cover the entirety of 2012, so there's not a deep historical record to mine for insight. Nonetheless, that year's worth of data shows all types of government inquiry—information requests, removal requests, and copyright notices—either on the increase or holding relatively steady. Governments requested user information from Twitter some 1,009 times in the second half of 2012, up slightly from 849 requests in the first half of that year. Content-removal requests spiked from 6 in the first half of 2012 to 42 in the second. Meanwhile, copyright notices declined a bit, from 3378 in the first half of 2012 to 3268 in the second."
snydeq writes "Security pros and government officials warn of a possible cyber 9/11 involving banks, utilities, other companies, or the Internet, InfoWorld reports. 'A cyber war has been brewing for at least the past year, and although you might view this battle as governments going head to head in a shadow fight, security experts say the battleground is shifting from government entities to the private sector, to civilian targets that provide many essential services to U.S. citizens. The cyber war has seen various attacks around the world, with incidents such as Stuxnet, Flame, and Red October garnering attention. Some attacks have been against government systems, but increasingly likely to attack civilian entities. U.S. banks and utilities have already been hit.'"
Frequent contributor Bennett Haselton writes "With the announcement of Verizon's "six strikes plan" for movie pirates (which includes reporting users to the RIAA and MPAA), and content companies continuing to sue users en masse for peer-to-peer downloads, I think it's inevitable that we'll see the rise of p2p software that proxifies your downloads through other users. In this model, you would not only download content from other users, but you also use other users' machines as anonymizing proxies for the downloads, which would make it impossible for third parties to identify the source or destination of the file transfer. This would hopefully put an end to the era of movie studios subpoenaing ISPs for the identities of end users and taking those users to court." Read below for the rest of Bennett's thoughts.
Dupple writes "After settling with the FTC, Google is under pressure again regarding user privacy. From the BBC: 'A group of Apple's Safari web browser users has launched a campaign against Google over privacy concerns. They claim that Google bypassed Safari's security settings to install cookies which tracked their movements on the internet. Between summer 2011 and spring 2012 they were assured by Google this was not the case, and believed Safari's settings to be secure. Judith Vidal-Hall, former editor of Index On Censorship magazine, is the first person in the UK to begin legal action. 'Google claims it does not collect personal data but doesn't say who decides what information is "personal,"' she said. 'Whether something is private or not should be up to the internet surfer, not Google. We are best placed to decide, not them.'"
jfruh writes "Last week the CEO ServiceNow made a minor splash by claiming that it was awfully easy for a cloud provider to spy on the data they stored for you or discriminate based on pricing. But while that's possible, in many cases it turns out to be simply not practical enough to be beneficial. Even moves like restoring outages for higher-paying customers first turn out to be more trouble than they're worth."
theodp writes "On Saturday, questions for MIT's Aaron Swartz investigation were posted on Slashdot with the hope that MIT'ers might repost some to the MIT Swartz Review site. So it's good to see that MIT's Hal Abelson, who is leading the analysis of MIT's involvement in the matter, is apparently open to this workaround to the ban on questions from outsiders. In fact, on Sunday Abelson himself reposted an interesting question posed by Boston College Law School Prof. Sharon Beckman: 'What, if anything, did MIT learn from its involvement in the federal prosecution of its student David LaMacchia back in 1994?' Not much, it would appear. LaMacchia, an apparent student of Abelson's whose defense team included Beckman, was indicted in 1994 and charged with the 'piracy of an estimated million dollars' in business and entertainment computer software after MIT gave LaMacchia up to the FBI. LaMacchia eventually walked from the charges, thanks to what became known as the LaMacchia Loophole, which lawmakers took pains to close. 'MIT collaborated with the FBI to wreck LaMacchia's life,' defense attorney Harvey Silverglate charged in 1995 after a judge dismissed the case. 'I hope that this case causes a lot of introspection on the part of MIT's administration. Unfortunately, I doubt it will.'"
According to the Daily Yomiuri, "Japan launched two satellites on Jan. 27 to strengthen its surveillance capabilities, including keeping a closer eye on North Korea which has vowed to stage another nuclear test. One of them was a radar-equipped unit to complete a system of surveillance satellites that will allow Tokyo to monitor any place in the world at least once a day. The other was a demonstration satellite to collect data for research and development." The Defense News version of the story says "Japan developed a plan to use several satellites as one group to gather intelligence in the late 1990s as a response to a long-range missile launch by Pyongyang in 1998. The space agency has said the radar satellite would be used for information-gathering, including data following Japan’s 2011 quake and tsunami, but did not mention North Korea by name."
bargainsale writes with an account at Ars Technica of "the inspiring story of Newegg vs the patent troll. Perhaps the system does work after all." Newegg's lawyer Lee Cheng has some choice words for the business model employed by Soverain Software, the patent troll which tried, with some success, to exact money from online retailers for using online shopping carts. Newegg has prevailed, though, and Soverain's claims are toast. From Ars: "The ruling effectively shuts down dozens of the lawsuits Soverain filed last year against Nordstrom's, Macy's, Home Depot, Radioshack, Kohl's, and many others (see our chart on page 2). All of them did nothing more than provide shoppers with basic online checkout technology. Soverain used two patents, numbers 5,715,314 and 5,909,492, to claim ownership of the "shopping carts" commonly used in online stores. In some cases, it wielded a third patent, No. 7,272,639."
The TV show Glee may have borrowed Jonathan Coulton's arrangement of "Baby Got Back" without asking him first, but he's got a response of the kind that it'd be hard for the show's makers to criticize without looking churlish. Borrowing it back, and using it to raise money for charity. As CNET puts it, "Coulton has foxily tossed up on iTunes his own version of the song and titled it 'Baby Got Back (In the Style of Glee).' He terms it 'my cover of Glee's cover of my cover.'"
Now that unlocking a new phone is under many circumstances illegal in the U.S. (!), Digital Trends has collected a useful set of answers outlining just what that means. As they put it, a "quick guide to answer all your why, how, and WTF questions." Among them, some explanation of the rule-making process, the reasoning that led to the end to the unlocking exception to the DMCA (including the Ninth Circuit's 2010 Vernor v. Autodesk decision), and illustrations of situations in which it is not illegal to unlock your phone.
CowboyRobot writes "Once the 'Second City' of the British Empire, scrappy Glasgow — whose now-demolished Gorbals was once known for urban grimness on a par with Chicago's South Side or New York's Hell's Kitchen — has the chance for a whole new lease on life as the UK's first 'smart city.' The UK's government has just announced a $38 million (£24 million) grant to fund pilot projects in the city that show how mass deployment of sensors and real-time information can help local government run more efficiently while also boosting the quality of life for its 600,000 citizens. Glasgow won the prize in a competition among 30 British towns and cities for state help in looking at the possible contribution of smart technology."
theodp writes "Late Friday, Violet Blue reports, the U.S. Sentencing Commission website was hacked and government files distributed by Anonymous in 'Operation Last Resort.' The U.S. Sentencing Commission sets guidelines for sentencing in United States Federal courts, and on the defaced ussc.gov website Anonymous cited the recent suicide of Aaron Swartz as 'a line that has been crossed.' Calling the launch of its new campaign a "warhead," Anonymous vowed, 'This time there will be change, or there will be chaos.'" Adds reader emil: "Anonymous has not specified exactly what files they have obtained. The various files were named after Supreme Court judges. At a regular interval commencing today, Anonymous will choose one media outlet and supply them with heavily redacted partial contents."
An anonymous reader writes "The H.265 codec standard, the successor of H.264, has been approved, promising support for 8k UHD and lower bandwidth, but the patent issues plaguing H.264 remain." Here's the announcement from the ITU. From the article: "Patents remain an important issue as it was with H.264, Google proposing WebM, a new codec standard based on VP8, back in 2010, one that would be royalties free. They also included it in Chrome, with the intent to replace H.264, but this attempt never materialized. Mozilla and Opera also included WebM in their browsers with the same purpose, but they never discarded H.264 because most of the video out there is coded with it. MPEG LA, the owner of a patent pool covering H.264, promised that H.264 internet videos delivered for free will be forever royalty free, but who knows what will happen with H.265? Will they request royalties for free content or not? It remains to be seen. In the meantime, H.264 remains the only codec with wide adoption, and H.265 will probably follow on its steps."
Damien1972 writes "The Brazilian government has begun fixing trees in the Amazon rainforest with a wireless device, known as Invisible Tracck, which will allow trees to contact authorities once they are felled and moved. Here's how it works: Brazilian authorities fix the Invisible Tracck onto a tree. An illegal logger cuts down the tree and puts it onto a truck for removal, unaware that they are carrying a tracking device. Once Invisible Tracck comes within 20 miles (32 kilometers) of a cellular network it will 'wake up' and alert authorities."