Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Businesses

Struggling Workers Found Sleeping In Tents Behind Amazon's Warehouse (thecourier.co.uk) 125

"At least three tents have been spotted in woodland beside the online retail giant's base," reports a Scottish newspaper -- hidden behind trees, but within sight of Amazon's warehouse, and right next to a busy highway. An anonymous reader writes: Despite Scotland's "bitterly cold winter nights" -- with lows in the 30s -- the tent "was easier and cheaper than commuting from his home," one Amazon worker told the Courier. (Though yesterday someone stole all of his camping equipment.) Amazon charges its employees for shuttle service to the fulfillment center, which "swallows up a lot of the weekly wage," one political party leader told the Courier, "forcing people to seek ever more desperate ways of making work pay.

"Amazon should be ashamed that they pay their workers so little that they have to camp out in the dead of winter to make ends meet..." he continued. "They pay a small amount of tax and received millions of pounds from the Scottish National Party Government, so the least they should do is pay the proper living wage." Though the newspaper reports that holiday shopping has created 4,000 temporary jobs in the small town of Dunfermline, "The company came under fire last month from local activists who claimed that agency workers are working up to 60 hours per week for little more than the minimum wage and are harshly treated."

Amazon responded, "The safety and well-being of our permanent and temporary associates is our number one priority."
Crime

Inside the NYPD's Attempt To Build Community Trust Through Twitter (backchannel.com) 35

mirandakatz writes: When the NYPD rolled out its Twitter presence a couple years back, it didn't go so smoothly: the @NYPDNews account tweeted a request: 'Do you have a photo with a member of the NYPD? Tweet us & tag it #myNYPD,' and by midnight the same day, more than 70,000 people had responded decrying police brutality. At Backchannel, Susan Crawford looks at the department's attempt to use Twitter to rebuild community trust, noting that while the NYPD has a long ways to go, any opening up of communication is an improvement on the traditionally tight-lipped culture.
They're currently reaching about 10% of the city's population, tweeting pictures of "wanted" suspects and sharing information on recent criminal activity, as the police commissioner describes shifting their mindset from "warrior" to guardian.
Government

FBI Relents, Confirms Previously-Denied UFO Investigation (muckrock.com) 57

Long-time Slashdot reader v3rgEz writes: A Freedom of Information Act request for FBI files on a figure at the center of dozens of 20th century conspiracy theories reveals a rare glimpse into the Bureau's real-life "X-Files" -- which the agency had long maintained don't exist. And while there's no evidence yet of Mulder or Scully, the files do include a story of flying saucers and secret assassins stranger than anything on the show.
Specifically the documents detail the FBI's 1947 investigation into "flying discs" reported by early conspiracy theorist Fred Lee Crisman, describing "the Maury Island Incident" (picked up by U.S newspapers) which helped popularize the legend of UFO witnesses being detained by "men in black". Ironically, Crisman was later linked to one of the CIA's anti-Castro groups, connecting him another popular topic for conspiracy theorists: the assassination of President Kennedy.
Transportation

The DEA Has Been Secretly Paying Transport Employees To Search Travelers' Bags (economist.com) 118

There's a new reason you can be stopped by airport security: because the security officer who flagged you "was being secretly paid by the government...to uncover evidence of drug smuggling." schwit1 quotes The Economist: For years, officials from the Department of Justice testified, the DEA has paid millions of dollars to a variety of confidential sources to provide tips on travellers who may be transporting drugs or large sums of money. Those sources include staff at airlines, Amtrak, parcel services and even the Transportation Safety Administration...

According to [a DOJ] report, airline employees and other informers had an incentive to search more travellers' bags, since they received payment whenever their actions resulted in DEA seizures of cash or contraband. The best-compensated of these appears to have been a parcel company employee who received more than $1 million from the DEA over five years. One airline worker, meanwhile, received $617,676 from 2012 to 2015 for tips that led to confiscations. But the DEA itself profited much more from the program. That well-paid informant got only about 12% of the amount the agency seized as a result of the his tips.

The DEA had paid out $237 million to over 9,000 informants over five years towards the end of 2015, according to the report. The Economist writes that "travelers no doubt paid the price in increased searches," adding that the resulting searches were all probably illegal.
AMD

Researchers Point Out 'Theoretical' Security Flaws In AMD's Upcoming Zen CPU (bleepingcomputer.com) 47

An anonymous reader writes from a report via BleepingComputer: The security protocol that governs how virtual machines share data on a host system powered by AMD Zen processors has been found to be insecure, at least in theory, according to two German researchers. The technology, called Secure Encrypted Virtualization (SEV), is designed to encrypt parts of the memory shared by different virtual machines on cloud servers. AMD, who plans to ship SEV with its upcoming line of Zen processors, has published the technical documentation for the SEV technology this past April. The German researchers have analyzed the design of SEV, using this public documentation, and said they managed to identify three attack channels, which work, at least in theory.

[In a technical paper released over the past weekend, the researchers described their attacks:] "We show how a malicious hypervisor can force the guest to perform arbitrary read and write operations on protected memory. We describe how to completely disable any SEV memory protection configured by the tenant. We implement a replay attack that uses captured login data to gain access to the target system by solely exploiting resource management features of a hypervisor." AMD is scheduled to ship SEV with the Zen processor line in the first quarter of 2017.

Government

DHS Tried To Breach Our Firewall, Says Georgia's Secretary of State (cyberscoop.com) 136

An anonymous reader quotes a report from CyberScoop: Georgia's secretary of state has claimed the Department of Homeland Security tried to breach his office's firewall and has issued a letter to Homeland Security Secretary Jeh Johnson asking for an explanation. Brian Kemp issued a letter to Johnson on Thursday after the state's third-party cybersecurity provider detected an IP address from the agency's Southwest D.C. office trying to penetrate the state's firewall. According to the letter, the attempt was unsuccessful. The attempt took place on Nov. 15, a few days after the presidential election. The office of the Georgia Secretary of State is responsible for overseeing the state's elections. "At no time has my office agreed to or permitted DHS to conduct penetration testing or security scans of our network," Kemp wrote in the letter, which was also sent to the state's federal representatives and senators. "Moreover, your department has not contacted my office since this unsuccessful incident to alert us of any security event that would require testing or scanning of our network. This is especially odd and concerning since I serve on the Election Cyber Security Working Group that your office created." "The Department of Homeland Security has received Secretary Kemp's letter," a DHS spokesperson told CyberScoop. "We are looking into the matter. DHS takes the trust of our public and private sector partners seriously, and we will respond to Secretary Kemp directly." Georgia was one of two states that refused cyber-hygiene support and penetration testing from DHS in the leadup to the presidential election. The department had made a significant push for it after hackers spent months exposing the Democratic National Committee's internal communications and data.
Privacy

Twitter Cuts API Access For Media Sonar, Spy Tool Used To Target Black Lives Matter (dailydot.com) 101

Police have now one less tool to monitor users on Twitter. The Daily Dot is reporting that Twitter has cut ties with a third-party social network surveillance firm, citing company policies intended to safeguard users against the surreptitious collection of data by law enforcement agencies. From the report: The severed contract follows Twitter nullifying the commercial data agreements of two other leading social-network-surveillance firms, Geofeedia and Snaptrends. Previously unreported, Twitter severed the access of Media Sonar, an Ontario-based company founded in 2012, which has sold surveillance software to police departments across the United States. Nineteen local government services are known to have each spent at least $10,000 on the software between 2014 and 2016, according to documents acquired under state open-records laws. Twitter informed the Daily Dot this week that it had terminated Media Sonar's access to its public API in October. If the company attempts to create other API keys, Twitter said, "we will terminate those as well and take further action as appropriate."
Communications

US Presidential Election Was Most 'Talked About' Topic In 2016, Says Facebook (phys.org) 88

What may come as no surprise to Facebook users, the social media company announced in a blog post that the U.S. presidential election was the most "talked about" topic on Facebook in 2016. Phys.Org highlights the other most-discussed topics in its report: The bitterly contested election in which Donald Trump defeated Hillary Clinton was ranked as the leading issue, followed by Brazil's political developments which included the impeachment of president Dilma Rousseff, Facebook said in a blog post. On the lighter side at number three was the runaway success of Pokemon Go, the location-based augmented reality game for smartphone users. Other subject matters shared among Facebook's 1.79 billion users were more sober, with the fourth leading topic the "Black Lives Matter" movement, followed by the election in the Philippines of Rodrigo Duterte. Number six on the list was the Olympic games, followed by Brexit, the Super Bowl and the deaths of rock star David Bowie and boxing icon Muhammad Ali. Facebook said it measured leading topics by how frequently an issue was mentioned in posts made between January 1 and November 27.
Privacy

Watchdog Group Claims Smart Toys Are Spying On Kids (mashable.com) 69

The Center for Digital Democracy has filed a complaint with the Federal Trade Commission warning of security and privacy holes associated with a pair of smart toys designed for children. Mashable reports: "This complaint concerns toys that spy," reads the complaint, which claims the Genesis Toys' My Friend Cayla and i-QUE Intelligent Robot can record and collect private conversations and offer no limitations on the collection and use of personal information. Both toys use voice recognition, internet connectivity and Bluetooth to engage with children in conversational manner and answer questions. The CDD claims they do all of this in wildly insecure and invasive ways. Both My Friend Cayla and i-QUE use Nuance Communications' voice-recognition platform to listen and respond to queries. On the Genesis Toy site, the manufacturer notes that while "most of Cayla's conversational features can be accessed offline," searching for information may require an internet connection. The promotional video for Cayla encourages children to "ask Cayla almost anything." The dolls work in concert with mobile apps. Some questions can be asked directly, but the toys maintain a constant Bluetooth connection to the dolls so they can also react to actions in the app and even appear to identify objects the child taps on on screen. While some of the questions children ask the dolls are apparently recorded and sent to Nuance's servers for parsing, it's unclear how much of the information is personal in nature. The Genesis Privacy Policy promises to anonymize information. The CDD also claims, however, that My Friend Cayla and i-Que employ Bluetooth in the least secure way possible. Instead of requiring a PIN code to complete pairing between the toy and a smartphone or iPad, "Cayla and i-Que do not employ... authentication mechanisms to establish a Bluetooth connection between the doll and a smartphone or tablet. The dolls do not implement any other security measure to prevent unauthorized Bluetooth pairing." Without a pairing notification on the toy or any authentication strategy, anyone with a Bluetooth device could connect to the toys' open Bluetooth networks, according to the complaint.
AT&T

AT&T To Cough Up $88 Million For 'Cramming' Mobile Customer Bills (networkworld.com) 37

An anonymous reader quotes a report from Network World: Some 2.7 million ATT customers will share $88 million in compensation for having had unauthorized third-party charges added to their mobile bills, the Federal Trade Commission announced this morning. The latest shot in the federal government's years-long battle against such abuses, these refunds will represent the most money ever recouped by victims of what is known as "mobile cramming," according to the FTC. From an FTC press release: "Through the FTC's refund program, nearly 2.5 million current ATT customers will receive a credit on their bill within the next 75 days, and more than 300,000 former customers will receive a check. The average refund amount is $31. [...] According to the FTC's complaint, ATT placed unauthorized third-party charges on its customers' phone bills, usually in amounts of $9.99 per month, for ringtones and text message subscriptions containing love tips, horoscopes, and 'fun facts.' The FTC alleged that ATT kept at least 35 percent of the charges it imposed on its customers." The matter with ATT was originally made public in 2014 and also involved two companies that actually applied the unauthorized charges, Tatto and Acquinity.
Government

Congress Passes BOTS Act To Ban Ticket-Buying Software (arstechnica.com) 213

Congress passed a bill yesterday that will make it illegal for people to use software bots to buy concert tickets. Ars Technica reports: The Better Online Ticket Sales (BOTS) Act makes it illegal to bypass any computer security system designed to limit ticket sales to concerts, Broadway musicals, and other public events with a capacity of more than 200 persons. Violations will be treated as "unfair or deceptive acts" and can be prosecuted by the Federal Trade Commission or the states. The bill passed the Senate by unanimous consent last week, and the House of Representatives voted yesterday to pass it as well. It now proceeds to President Barack Obama for his signature. Computer programs that automatically buy tickets have been a frustration for the concert industry and fans for a few years now. The issue had wide exposure after a 2013 New York Times story on the issue. Earlier this year, the office of New York Attorney General Eric Schneiderman completed an investigation into bots. The New York AG's ticket sales report (PDF) found that the tens of thousands of tickets snatched up by bots were marked up by an average of 49 percent.
Transportation

Paris Makes All Public Transportation Free In Battle Against 'Worst Air Pollution For 10 Years' (independent.co.uk) 238

Paris has barred some cars from its streets and has made public transportation free as it suffers from the worst and most prolonged winter pollution for at least 10 years, the Airparif agency said on Wednesday. The Independent reports: Authorities have said only drivers with odd-numbered registration plates can drive in the capital region on Wednesday. Drivers of even-numbered cars were given the same opportunity on Tuesday, but could now be fined up to 35 EUR if they are caught behind the wheel. More than 1,700 motorists were fined for violations on Tuesday. Paris mayor Anne Hidalgo said images of smog blanketing the capital were proof of the need to reduce vehicle use in the city center. The air pollution peak is due to the combination of emissions from vehicles and from domestic wood fires as well as near windless conditions which means pollutants have not been dispersed, the Airparif agency said. "This is a record period (of pollution) for the last 10 years," Karine Leger of AirParif told AFP by telephone. For more than a week, Airparif has published readings of PM10 at more than 80 micrograms per cubic meter of air particles, triggering the pollution alert. Along with odd-numbered cars, hybrid or electric vehicles as well as those carrying three or more people will be allowed to roam the roads. Foreign and emergency vehicles will be unaffected.
Cellphones

NSA, GCHQ Have Been Intercepting In-Flight Mobile Calls For Years (reuters.com) 99

An anonymous reader quotes a report from Reuters: American and British spies have since 2005 been working on intercepting phone calls and data transfers made from aircraft, France's Le Monde newspaper reported on Wednesday, citing documents from former U.S. spy agency contractor Edward Snowden. According to the report, also carried by the investigative website The Intercept, Air France was targeted early on in the projects undertaken by the U.S. National Security Agency (NSA) and its British counterpart, GCHQ, after the airline conducted a test of phone communication based on the second-generation GSM standard in 2007. That test was done before the ability to use phones aboard aircraft became widespread. "What do the President of Pakistan, a cigar smuggler, an arms dealer, a counterterrorism target, and a combatting proliferation target have in common? They all used their everyday GSM phone during a flight," the reports cited one NSA document from 2010 as saying. In a separate internal document from a year earlier, the NSA reported that 100,000 people had already used their mobile phones in flight as of February 2009, a doubling in the space of two months. According to Le Monde, the NSA attributed the increase to "more planes equipped with in-flight GSM capability, less fear that a plane will crash due to making/receiving a call, not as expensive as people thought." Le Monde and The Intercept also said that, in an internal presentation in 2012, GCHQ had disclosed a program called "Southwinds," which was used to gather all the cellular activity, voice communication, data, metadata and content of calls made on board commercial aircraft.
Bug

Nintendo Offers Up To $20,000 To Hack the 3DS (silicon.co.uk) 44

Mickeycaskill writes: Nintendo will pay up to $20,000 for system and software vulnerabilities in the Nintendo 3DS family of handheld gaming consoles. The company is looking to prevent activities such as piracy, cheating and the circulation of inappropriate content to children. The stated goal is to "provide a secure environment for our customers so that they can enjoy our games and services. In order to achieve this goal, Nintendo is interested in receiving vulnerability information that researchers may discover regarding Nintendo's platforms." Silicon.co.uk reports: "Rewards will range from $100 to $20,000, with one given per 'qualifying piece of vulnerability information.' Hackers looking to claim a reward will have to provide Nintendo with either a proof-of-concept or a piece of functional exploit code in order to qualify."
Movies

Falsely Accused Movie Pirate Deserves $17K Compensation, Court Says (torrentfreak.com) 58

An Oregon District Court has sided with a wrongfully accused man who was sued for allegedly downloading a pirated copy of the Adam Sandler movie "The Cobbler." According to the court's recommendations, reports TorrentFreak, the man is entitled to more than $17,000 in compensation as the result of the filmmakers "overaggressive" and "unreasonable" tactics. From the article: The defendant in question, Thomas Gonzales, operates an adult foster care home where several people had access to the Internet. The filmmakers were aware of this and during a hearing their counsel admitted that any guest could have downloaded the film. [...] "The Court finds that once Plaintiff learned that the alleged infringement was taking place at an adult group care home at which Gonzales did not reside, Plaintiff's continued pursuit of Gonzales for copyright infringement was objectively unreasonable," Judge Beckerman ruled. "The Court shares Gonzales' concern that Plaintiff is motivated, at least in large part, by extracting large settlements from individual consumers prior to any meaningful litigation. "On balance, the Court has concerns about the motivation behind Plaintiff's overaggressive litigation of this case and other cases, and that factor weighs in favor of fee shifting."

Slashdot Top Deals