Communications

An Interview With Hacking Team's CEO 80 80

Alastair Stevenson writes: I talked to the leader of the world's most hated surveillance company about its path to recovery and morals, following a massive attack on its systems. CEO David Vincenzetti, as you might expect, thinks that his company "deserves the protection of law and order," and disclaims (also as you'd expect) responsibility for what its clients do with the privacy-unraveling software it provides: Law enforcement must have a way to do what it has always done, that is to track criminals and prevent or prosecute crime. With the development of global terrorism and especially the ‘lone wolf’ terrorist, this requirement is even more important. Hacking Team has helped fight crime by providing a surveillance tool to law enforcement. The company believes this is a small step toward a more secure world for all who wish to used the Internet and digital tools lawfully.
United States

"Breaking Bad" At the National Institute of Standards and Technology 98 98

sciencehabit writes: Police are investigating whether an explosion inside a Maryland federal laboratory was the result of an effort to make drugs. Authorities who responded to the explosion at the National Institute of Standards and Technology found pseudoephedrine, Epsom salt and other materials associated with the manufacture of meth. Federal and local law enforcement agencies are investigating the cause of the explosion and if a security guard injured in the blast might have been involved. Sciencemag reports: "Representative Lamar Smith (R–TX), chairman at the House Science, Space, and Technology Committee, got involved today, expressing grave concern over the incident in a letter to Secretary of Commerce Penny Pritzker. NIST is part of the Commerce Department. 'I am troubled by the allegations that such dangerous and illicit activity went undetected at a federal research facility. It is essential that we determine exactly where the breakdown in protocol occurred and whether similar activities could be ongoing at other federal facilities,' wrote Smith in an accompanying press release. He has requested a briefing with NIST no later than 29 July."
Crime

Ex-Lottery Worker Convicted of Programming System To Win $14M 217 217

An anonymous reader sends news that Eddie Tipton, a man who worked for the Multi-State Lottery Association, has been convicted of rigging a computerized lottery game so he could win the $14 million jackpot. Tipton wrote a computer program that would ensure certain numbers were picked in the lottery game, and ran it on lottery system machines. He then deleted it and bought a ticket from a convenience store. Lottery employees are forbidden to play, so he tried to get acquaintances to cash the winning ticket for him. Unfortunately for him, Iowa law requires the original ticket buyer's name to be divulged before any money can be paid out.
Advertising

FTC Accuses LifeLock of False Advertising Again 54 54

An anonymous reader writes: You may remember LifeLock — it's the identity protection company whose CEO published his social security number and dared people to steal his identity. Predictably, 13 different people succeeded. LifeLock was later sued for deceptive marketing practices, and eventually settled with the U.S. Federal Trade Commission to the tune of $12 million. Part of that settlement, of course, required that they refrain from misrepresenting their services in the future. Now, the FTC is taking action against them again, saying they failed to live up to that promise. The FTC claims (PDF) LifeLock falsely advertised that it "protected consumers' sensitive data with the same high-level safeguards as financial institutions" and also failed build systems to protect the data they held.
The Internet

Internet Dating Scams Target Older American Women 176 176

HughPickens.com writes: The NYT reports: "Janet N. Cook, a church secretary in Virginia, had been a widow for a decade when she joined an Internet dating site and was quickly overcome by a rush of emails, phone calls and plans for a face-to-face visit. "I'm not stupid, but I was totally naïve," says Cook, now 76, who was swept off her feet by a man who called himself Kelvin Wells and described himself as a middle-aged German businessman looking for someone "confident" and "outspoken" to travel with him to places like Italy, his "dream destination." But very soon he began describing various troubles, including being hospitalized in Ghana, where he had gone on business, and asked Cook to bail him out. In all, she sent him nearly $300,000, as he apparently followed a well-honed script that online criminals use to bilk members of dating sites out of tens of millions of dollars a year."

According to the Times internet scammers are targeting women in their 50s and 60s, often retired and living alone, who say that the email and phone wooing forms a bond that may not be physical but that is intense and enveloping. Between July 1 and Dec. 31, 2014, nearly 6,000 people registered complaints of such confidence fraud with losses of $82.3 million, according to the federal Internet Crime Complaint Center. Older people are ideal targets because they often have accumulated savings over a lifetime, own their homes and are susceptible to being deceived by someone intent on fraud. The digital version of the romance con is now sufficiently widespread that AARP's Fraud Watch Network has urged online dating sites to institute more safeguards to protect against such fraud. The AARP network recommends that dating site members use Google's "search by image" to see if the suitor's picture appears on other sites with different names. If an email from "a potential suitor seems suspicious, cut and paste it into Google and see if the words pop up on any romance scam sites," the network advised. The website romancescams.org lists red flags to look for to identify such predators, who urgently appeal to victims for money to cover financial setbacks like unexpected fines, money lost to robbery or unpaid wages. Most victims say they are embarrassed to admit what happened, and they fear that revealing it will bring derision from their family and friends, who will question their judgment and even their ability to handle their own financial affairs."It makes me sound so stupid, but he would be calling me in the evening and at night. It felt so real. We had plans to go to the Bahamas and to Bermuda together," says Louise Brown. "When I found out it was a scam, I felt so betrayed. I kept it secret from my family for two years, but it's an awful thing to carry around. But later I sent him a message and said I forgave him."
Piracy

UK Government Proposes 10-Year Copyright Infringement Jail Term 267 267

An anonymous reader writes: According to a BBC report, the UK government is proposing increasing the jail term for copyright infringement from the current two years to 10 years, which they say would "act as a significant deterrent." "The proposed measures are mainly targeted at the distributors of pirated content — the people creating copies of movies, sometimes before release, and uploading them to be downloaded by thousands upon thousands." Another reader notes a related court ruling in the UK which has once again made it illegal to rip lawfully-acquired CDs and DVDs for personal use. "A judge ruled that the government was wrong legally when it decided not to introduce a compensation scheme for songwriters, musicians, and other rights holders who face losses as a result of their copyright being infringed."
Crime

FBI, International Law Units Smash Infamous Hacker Bazaar Darkode 56 56

coondoggie writes: The FBI in concert with Interpol and other worldwide law enforcement teams say they have taken down the international cybercriminal site marketplace Darkode and arrested 70 people involved with the site. Darkode was an online, password-protected forum in which hackers and other cyber-criminals convened to buy, sell, trade and share malware, ransomware, information, ideas, and tools to facilitate unlawful intrusions on others’ computers and electronic devices, the FBI said.
Google

Google Accidentally Reveals Data On 'Right To Be Forgotten' Requests 51 51

Colin Castro points out an article from The Guardian, who noticed that Google's recent transparency report contained more data than intended. When perusing the source code, they found data about who was making requests for Google to take down links under the "right to be forgotten" law. The data they found covers 75% of all requests made so far. Less than 5% of nearly 220,000 individual requests made to Google to selectively remove links to online information concern criminals, politicians and high-profile public figures, the Guardian has learned, with more than 95% of requests coming from everyday members of the public. ... Of 218,320 requests to remove links between 29 May 2014 and 23 March 2015, 101,461 (46%) have been successfully delisted on individual name searches. Of these, 99,569 involve "private or personal information." Only 1,892 requests – less than 1% of the overall total – were successful for the four remaining issue types identified within Google’s source code: "serious crime" (728 requests), "public figure" (454), "political" (534) or "child protection" (176) – presumably because they concern victims, incidental witnesses, spent convictions, or the private lives of public persons.
United Kingdom

Man Arrested After Charging iPhone On London Overground Train 674 674

An anonymous reader writes: 45-year-old Robin Lee was arrested after he used a socket on a London Overground train to charge up his iPhone. He was handcuffed and arrested for "abstracting electricity". Robin was then charged with "unacceptable behaviour" after "becoming aggressive" when objecting to his first arrest. The Guardian reports: "Speaking to the Evening Standard, Lee said he had been confronted by a police community support officer on the overground train from Hackney Wick to Camden Road on 10 July. The Overground is part of Transport For London’s wider network that also includes London Underground and the buses. 'She said I’m abstracting electricity. She kept saying it’s a crime. We were just coming into the station and there happened to be about four police officers on the platform. She called to them and said: ‘This guy’s been abstracting electricity, he needs to be arrested’.”
Crime

Vancouver Area Teen Sentenced To 16 Months For Swatting 331 331

An anonymous reader writes: A 17-year-old from the Vancouver area in Canada has been sentenced to 16 months in youth custody and 8 months under supervision in the community after pleading guilty to 23 charges including criminal harassment, public mischief, extortion and uttering threats. The teenager was responsible for a number of swatting calls across the United States and Canada — mostly of female gamers. The judge told him, "It appears that when real life became too hard you retreated into the online world and became increasingly socially isolated. While you may think you enjoyed greater success in the online world, that success was an illusion. You were left with severely limited social skills and a significant educational deficit."
Crime

Bomb Squad Searches House Over Teenager's Chemistry Experiments 431 431

McGruber writes: On Wednesday, authorities in the south Fulton County, Georgia town of Hapeville shut down a street for hours and used their bomb squad to search a home. According to the suspect's father, the bomb scare started after his 18-year-old son was arrested for trespassing, entering an abandoned warehouse and salvaging mercury switches, which can be used to detonate explosives. When police searched the teen's home on Virginia Avenue at Rainey Avenue in Hapeville, they said they found chemicals inside. "He's not building bombs. He does do a lot of experiments. A lot of them I don't fully understand, but I'm certain he's not making bombs," said the suspect's father, Allen Mason. Mason says chemistry is his son's hobby and he wants to be a chemical engineer. Mason also said police told him what they found is not illegal to own. One neighbor, who couldn't return home for hours, said he didn't feel the teen was a threat. "I don't see a problem with this, but you have to trust the authorities in they're doing what they think is best," said Curtis Ray. In February 2015, Hapeville authorities evacuated businesses and called out the bomb squad to investigate a pinhole camera that was part of a Georgia University Art Project.
Crime

Ask Slashdot: Dealing With Ongoing Suspected Identity Theft? 213 213

njnnja writes: My wife receives periodic emails (about once every other month) from a cable company that is not in our service area that purport to confirm that she has made changes to her account, such as re-setting her password. Her email address is not a common one so we do not believe that it is someone accidentally using it; rather, we believe that an identity thief is subscribing to cable services intentionally using her name and email address.

Whenever we have gotten an email we have called the cable company, been forwarded to their security department, and we are assured that her social security number is not being used and that they will clear her name and email address out of their system. Yet a few weeks later we get another email. Our concern is that when the cable company goes after my wife for the unpaid balance on the account I am sure that neither they nor a collection agency will care much that it's not her social security number — it's her name and they will demand she pays.

We have a very strong password (long, completely random string of chars, nums, and symbols) and 2-factor authentication on the email account so we are fairly certain that no one is currently hacking into her email (at least, it's not worth it for however many thousands of dollars they can actually steal off this scam), But we think that the cable company should be doing more to not be complicit in an attempted identity theft. We have made it clear that we don't live in the area they cover so we should not have an account, but the fact that they keep setting up an account in her name means that they just don't care. Which is fine; I don't expect a cable company to care that they inconvenience us, but I would like to know if there is any way that we can make them care about it (liability, regulations, etc). I know YANAL but does anyone have any ideas about how to handle this? Thanks.
Crime

Technology and the End of Lying 339 339

HughPickens.com writes: The Washington Post reports that lying may soon become a lost art as our digital, data-hoarding culture means that more and more evidence is piling up to undermine our lies. "The research shows the way lies are really uncovered is by comparing what someone is saying to the evidence," says Tim Levine,"and with all these news analytics that can be done, it's going to enable lie detection in a way that was previously impossible." For example in Pennsylvania, police are prosecuting a woman who claimed she was sexually assaulted earlier this year after data from her Fitbit didn't match up with her story, Just like you can Google a fact to end an argument, instant messaging programs that archive digital conversations make it easy to look back and see exactly who said what — and if it matches up with what a person is saying now. "Lying online can be very dangerous," says Jeff Hancock. "Not only are you leaving a record for yourself on your machine, but you're leaving a record on the person that you were lying to."

Even more alarming for liars is the incorporation of lie detector technology into the facial recognition technology. Researchers claim video-analysis software can analyze eye movement successfully to identify whether or not a subject is fibbing 82.5 percent of the time. The new technology heightens surveillance capabilities—from monitoring actions to assessing emotions—in ways that make an individual ever more vulnerable to government authorities, marketers, employers, and to any and every person with whom we interact. "We must understand that—at the individual level and with regard to interpersonal relations—too much truth and transparency can be harmful," says Norberto Andrade. "The permanent confrontation with a verifiable truth will turn us into overly cautious, calculating, and suspicious people."
The Courts

Finnish Teen Convicted of 50,000 'Hacks,' Receives Suspended Sentence 108 108

Bearhouse writes: The BBC reports that Julius Kivimaki was found guilty of 50,700 "instances of aggravated computer break-ins." Court documents state that his attacks affected Harvard University and MIT among others, and involved hijacking emails, blocking traffic to websites, and the theft of credit card details.District Court Judge Wilhelm Norrmann noted that Kivimaki had only been 15 and 16 when he carried out the crimes in 2012 and 2013. Because of this, the court gave him a two-year suspended sentence. Contrast this to the treatment meted out to Aaron Swartz, and the Pirate Bay team.
Crime

The Mob's IT Department 104 104

An anonymous reader writes: An article at Bloomberg relates the story of two IT professionals who reluctantly teamed up with an organized criminal network in building a sophisticated drug smuggling operation. "[The criminals were] clever, recruiting Van De Moere and Maertens the way a spymaster develops a double agent. By the time they understood what they were involved in, they were already implicated." The pair were threatened, and afraid to go to the police. They were asked to help with deploying malware and building "pwnies" — small computers capable of intercepting network traffic that could be disguised as power strips and routers. In 2012, authorities lucked into some evidence that led them to investigate the operation. "Technicians found a bunch of surveillance devices on [the network of large shipping company MSC]. There were two pwnies and a number of Wi-Fi keyloggers—small devices installed in USB ports of computers to record keystrokes—that the hackers were using as backups to the pwnies. MSC hired a private investigator, who called PricewaterhouseCoopers' digital forensics team, which learned that computer hackers were intercepting network traffic to steal PIN codes and hijack MSC's containers."
Government

Eric Holder Says DoJ Could Strike Deal With Snowden; Current AG Takes Hard Line 194 194

cold fjord writes with the report at Yahoo that Former Attorney General Eric Holder said today that a "possibility exists" for the Justice Department to cut a deal with ... Edward Snowden that would allow him to return to the United States ... Holder said "we are in a different place as a result of the Snowden disclosures" and that "his actions spurred a necessary debate" that prompted President Obama and Congress to change policies ... "I certainly think there could be a basis for a resolution that everybody could ultimately be satisfied with. I think the possibility exists." A representative of current Attorney General Loretta Lynch, though, said that there has been no change in the government's position ("This is an ongoing case so I am not going to get into specific details but I can say our position regarding bringing Edward Snowden back to the United States to face charges has not changed."), Holder's musings aside. As the article points out, too, "any suggestion of leniency toward Snowden would likely run into strong political opposition in Congress as well as fierce resistance from hard-liners in the intelligence community."
The Courts

Judge Dismisses Second Conviction of Ex-Goldman Sachs Coder 46 46

itwbennett writes: Back in May, former Goldman Sachs programmer Sergey Aleynikov was convicted by a jury for stealing 32MB of code for Goldman's high-frequency trading system, code that Aleynikov maintained he copied for intellectual pursuits and was, in fact, open-source. On Monday, Judge Daniel P. Conviser of New York's State Supreme Court dismissed the conviction, saying that Aleynikov acted wrongfully by taking the code, but his actions did not meet the standard under the law in which he was charged. "The evidence did not prove he intended to appropriate all or a major portion of the code's economic value," Conviser wrote.
Crime

In Response to Open Letter, France Rejects Asylum For Julian Assange 146 146

Several outlets report that Julian Assange has requested, but been denied, political asylum in France, by means of an open letter published by Le Monde. From The Globe and Mail's coverage, linked above: Less than an hour after his letter was published by Le Monde's website, Hollande's office issued a statement saying the asylum request was rejected.

"France has received the letter from Mr. Assange. An in-depth review shows that in view of the legal and material elements of Mr Assange's situation, France cannot grant his request," the statement said.

"The situation of Mr. Assange does not present any immediate danger. He is also the target of a European arrest warrant," it noted.

Assange wrote in the letter that his youngest child is French, and so is the child’s mother. "I haven't been able to see them in five years, since the political persecution against me started," he said.
Worth noting: Assange's legal team says that Assange's letter has been mischaracterized, and that it is in fact not a request for asylum per se; instead, they assert, the letter merely expresses Assange's "willingness 'to be hosted in France if and only if an initiative was taken by the competent authorities.'"
Google

Japanese Court Orders Google To Delete Past Reports Of Man's Molestation Arrest 271 271

AmiMoJo writes: The Saitama District Court has ordered Google Inc. to delete past reports on a man's arrest over molestation from its online search results after ruling that they violate the man's personal rights. The man, who was arrested about three years ago after molesting a girl under 18, and fined 500,000 yen (£2600, $4000). "He harbors remorse over the incident and is leading a new life. The search results prevent him from rehabilitating himself," the man's defense counsel said. The presiding judge recognized that the incident was not of historical or social significance, that the man is not in public office and that his offense was relatively minor. He concluded there was little public interest in keeping such reports displayed online three years after the incident. The judge acknowledged that search engines play a public role in assisting people's right to know. (AmiMoJo spotted the story on Surado, the new name for Slashdot Japan.)
Crime

Trolls No Longer Welcome In New Zealand 270 270

An anonymous reader writes: Legislation designed to prevent cyber-bullying has passed its final hurdle in the New Zealand Parliament, making it a crime to send harmful messages or put damaging images online. The Harmful Digital Communications Bill passed 116 to 5. The Register reports: "The bill creates a regime under which digital communications causing 'serious emotional distress' are subject to an escalating regime that starts as 'negotiation, mediation or persuasion' but reaches up to creating the offenses of not complying with an order, and 'causing harm by posting digital communication.' The bill covers posts that are racist, sexist, or show religious intolerance, along with hassling people over disability or sexual orientation. There's also a new offense of incitement to suicide (three years' jail).