Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Privacy

NSA Spying Wins Another Rubber Stamp 85

Posted by Soulskill
from the once-more-unto-the-privacy-breach dept.
schwit1 sends this report from the National Journal: A federal court has again renewed an order allowing the National Security Agency to continue its bulk collection of Americans' phone records, a decision that comes more than a year after President Obama pledged to end the controversial program. The Foreign Intelligence Surveillance Court approved this week a government request to keep the NSA's mass surveillance of U.S. phone metadata operating until June 1, coinciding with when the legal authority for the program is set to expire in Congress. The extension is the fifth of its kind since Obama said he would effectively end the Snowden-exposed program as it currently exists during a major policy speech in January 2014. Obama and senior administration officials have repeatedly insisted that they will not act alone to end the program without Congress.
Encryption

BlackPhone, In Wake of Gemalto Fallout, Receives $50 Million In Funding 54

Posted by timothy
from the small-steps dept.
An anonymous reader writes The BlackPhone, a $600-plus encrypted Android handset designed to keep the prying eyes of criminals and the government out of mobile communications, is now fully owned by Silent Circle thanks to the company raking in investment cash. Terms of the buyout deal with Spanish smartphone maker Geeksphone, the phone's hardware manufacturer, were not disclosed. Silent Circle said Thursday that it has raised $50 million and plans on showing off an encrypted 'enterprise privacy ecosystem' at World Mobile Congress next week. A BlackPhone tablet is on the way, too.
Twitter

Twitter Adds "Report Dox" Option 96

Posted by timothy
from the better-late-than-never dept.
AmiMoJo writes Twitter announced that its abuse-report system, which was recently refined to simplify and shorten the reporting process, has now expanded to allow users to report content such as self-harm incidents and "the sharing of private and confidential information" (aka doxing). The announcement, posted by Twitter Vice President of User Services Tina Bhatnagar, explained that December's report-process update was met with a "tripling" of the site's abuse support staff, which has led to a quintupling of abuse report processing. Chat logs recently revealed how Twitter is used by small groups to create vast harassment campaigns, thanks to sock puppet account and relative anonymity.
Facebook

Facebook Puts Users On Suicide Watch 184

Posted by samzenpus
from the keeping-an-eye-on-things dept.
Mark Wilson writes A few months ago Twitter was criticized for teaming up with suicide prevention charity Samaritans to automatically monitor for key words and phrases that could indicate that someone was struggling to cope with life. Despite the privacy concerns that surrounded Samaritans Radar, Facebook has decided that it is going to launch a similar program in a bid to prevent suicides. Working with mental health organizations including Forefront, Now Matters Now, the National Suicide Prevention Lifeline, and Save.org, Facebook aims to provide greater help and support for anyone considering suicide or self-harm.
Security

OPSEC For Activists, Because Encryption Is No Guarantee 87

Posted by Soulskill
from the protect-yourself-before-somebody-wrecks-yourself dept.
Nicola Hahn writes: "In the wake of the Snowden revelations strong encryption has been promoted by organizations like The Intercept and Freedom of the Press Foundation as a solution for safeguarding privacy against the encroachment of Big Brother. Even President Obama acknowledges that "there's no scenario in which we don't want really strong encryption."

Yet the public record shows that over the years the NSA has honed its ability to steal encryption keys. Recent reports about the compromise of Gemalto's network and sophisticated firmware manipulation programs by the Office of Tailored Access Operations underscore this reality.

The inconvenient truth is that the current cyber self-defense formulas being presented are conspicuously incomplete. Security tools can and will fail. And when they do, what then? It's called Operational Security (OPSEC), a topic that hasn't received much coverage — but it should.
The Internet

FCC Approves Net Neutrality Rules 618

Posted by Soulskill
from the done-and-done dept.
muggs sends word that the U.S. Federal Communications Commission has voted 3-2 to approve an expansion of their ability to regulate ISPs by treating them as a public utility. Under the rules, it will be illegal for companies such as Verizon or Cox Communications to slow down streaming videos, games and other online content traveling over their networks. They also will be prohibited from establishing "fast lanes" that speed up access to Web sites that pay an extra fee. And in an unprecedented move, the FCC could apply the rules to wireless carriers such as T-Mobile and Sprint -- a nod to the rapid rise of smartphones and the mobile Internet. ... The FCC opted to regulate the industry with the most aggressive rules possible: Title II of the Communications Act, which was written to regulate phone companies. The rules waive a number of provisions in the act, including parts of the law that empower the FCC to set retail prices — something Internet providers feared above all. However, the rules gives the FCC a variety of new powers, including the ability to: enforce consumer privacy rules; extract money from Internet providers to help subsidize services for rural Americans, educators and the poor; and make sure services such as Google Fiber can build new broadband pipes more easily.
Security

Schneier: Everyone Wants You To Have Security, But Not From Them 114

Posted by Soulskill
from the you-can-trust-us dept.
An anonymous reader writes: Bruce Schneier has written another insightful piece about the how modern tech companies treat security. He points out that most organizations will tell you to secure your data while at the same time asking to be exempt from that security. Google and Facebook want your data to be safe — on their servers so they can analyze it. The government wants you to encrypt your communications — as long as they have the keys. Schneier says, "... we give lots of companies access to our data because it makes our lives easier. ... The reason the Internet is a worldwide mass-market phenomenon is that all the technological details are hidden from view. Someone else is taking care of it. We want strong security, but we also want companies to have access to our computers, smart devices, and data. We want someone else to manage our computers and smart phones, organize our e-mail and photos, and help us move data between our various devices. ... We want our data to be secure, but we want someone to be able to recover it all when we forget our password. We'll never solve these security problems as long as we're our own worst enemy.
Encryption

Moxie Marlinspike: GPG Has Run Its Course 302

Posted by Soulskill
from the end-to-end-before-the-ends-moved dept.
An anonymous reader writes: Security researcher Moxie Marlinspike has an interesting post about the state of GPG-encrypted communications. After using GPG for much of its lifetime, he says he now dreads getting a GPG-encrypted email in his inbox. "Instead of developing opinionated software with a simple interface, GPG was written to be as powerful and flexible as possible. It's up to the user whether the underlying cipher is SERPENT or IDEA or TwoFish. The GnuPG man page is over sixteen thousand words long; for comparison, the novel Fahrenheit 451 is only 40k words. Worse, it turns out that nobody else found all this stuff to be fascinating. Even though GPG has been around for almost 20 years, there are only ~50,000 keys in the "strong set," and less than 4 million keys have ever been published to the SKS keyserver pool ever. By today's standards, that's a shockingly small user base for a month of activity, much less 20 years." Marlinspike concludes, "I think of GPG as a glorious experiment that has run its course. ... GPG isn't the thing that's going to take us to ubiquitous end to end encryption, and if it were, it'd be kind of a shame to finally get there with 1990's cryptography."
Businesses

Can Tracking Employees Improve Business? 87

Posted by Soulskill
from the he-hasn't-gotten-out-of-his-chair-for-11-hours-i-think-he-might-be-dead dept.
An anonymous reader writes: The rise of wearable technologies and big-data analytics means companies can track their employees' behavior if they think it will improve the bottom line. Now an MIT Media Lab spinout called Humanyze has raised money to expand its technology pilots with big companies. The startup provides sensor badges and analytics software that tracks how and when employees communicate with customers and each other. Pilots with Bank of America and Deloitte have led to significant business improvements, but workplace privacy is a big concern going forward.
AI

Facebook AI Director Discusses Deep Learning, Hype, and the Singularity 71

Posted by timothy
from the you-like-this dept.
An anonymous reader writes In a wide-ranging interview with IEEE Spectrum, Yann LeCun talks about his work at the Facebook AI Research group and the applications and limitations of deep learning and other AI techniques. He also talks about hype, 'cargo cult science', and what he dislikes about the Singularity movement. The discussion also includes brain-inspired processors, supervised vs. unsupervised learning, humanism, morality, and strange airplanes.
Cellphones

Pakistanis Must Provide Fingerprints Or Give Up Cellphone 134

Posted by Soulskill
from the must-donate-kidney-to-keep-tablet dept.
schwit1 sends this report from the Washington Post: Cellphones didn't just arrive in Pakistan. But someone could be fooled into thinking otherwise, considering the tens of millions of Pakistanis pouring into mobile phone stores these days. In one of the world's largest — and fastest — efforts to collect biometric information, Pakistan has ordered cellphone users to verify their identities through fingerprints for a national database being compiled to curb terrorism. If they don't, their service will be shut off, an unthinkable option for many after a dozen years of explosive growth in cellphone usage here.

Prompted by concerns about a proliferation of illegal and untraceable SIM cards, the directive is the most visible step so far in Pakistan's efforts to restore law and order after Taliban militants killed 150 students and teachers at a school in December. Officials said the six terrorists who stormed the school in Peshawar were using cellphones registered to one woman who had no obvious connection to the attackers.
Medicine

Looking Up Symptoms Online? These Companies Are Tracking You 147

Posted by samzenpus
from the that's-sick dept.
merbs writes When we feel sick, fear disease, or have questions about our health, we turn first to the internet. According to the Pew Internet Project, 72 percent of US internet users look up health-related information online. But an astonishing number of the pages we visit to learn about private health concerns—confidentially, we assume—are tracking our queries, sending the sensitive data to third party corporations, even shipping the information directly to the same brokers who monitor our credit scores.
Businesses

Lenovo Hit With Lawsuit Over Superfish Adware 114

Posted by samzenpus
from the here-comes-the-trouble dept.
An anonymous reader writes with news that the fallout from the Superfish fiasco might just be starting for Lenovo. "Lenovo admitted to pre-loading the Superfish adware on some consumer PCs, and unhappy customers are now dragging the company to court on the matter. A proposed class-action suit was filed late last week against Lenovo and Superfish, which charges both companies with 'fraudulent' business practices and of making Lenovo PCs vulnerable to malware and malicious attacks by pre-loading the adware. Plaintiff Jessica Bennett said her laptop was damaged as a result of Superfish, which was called 'spyware' in court documents. She also accused Lenovo and Superfish of invading her privacy and making money by studying her Internet browsing habits."
Encryption

NSA, GHCQ Implicated In SIM Encryption Hack 155

Posted by samzenpus
from the protect-ya-neck dept.
First time accepted submitter BlacKSacrificE writes Australian carriers are bracing for a mass recall after it was revealed that a Dutch SIM card manufacturer Gemalto was penetrated by the GCHQ and the NSA in an alleged theft of encryption keys, allowing unfettered access to voice and text communications. The incident is suspected to have happened in 2010 and 2011 and seems to be a result of social engineering against employees, and was revealed by yet another Snowden document. Telstra, Vodafone and Optus have all stated they are waiting for further information from Gemalto before deciding a course of action. Gemalto said in a press release that they "cannot at this early stage verify the findings of the publication" and are continuing internal investigations, but considering Gemalto provides around 2 billion SIM cards to some 450 carriers across the globe (all of which use the same GSM encryption standard) the impact and fallout for Gemalto, and the affected carriers, could be huge.
Cellphones

In Florida, Secrecy Around Stingray Leads To Plea Bargain For a Robber 241

Posted by timothy
from the it-looks-just-like-a-snipe dept.
schwit1 writes The case against Tadrae McKenzie looked like an easy win for prosecutors. He and two buddies robbed a small-time pot dealer of $130 worth of weed using BB guns. Under Florida law, that was robbery with a deadly weapon, with a sentence of at least four years in prison. But before trial, his defense team detected investigators' use of a secret surveillance tool, one that raises significant privacy concerns. In an unprecedented move, a state judge ordered the police to show the device — a cell-tower simulator sometimes called a StingRay — to the attorneys. Rather than show the equipment, the state offered McKenzie a plea bargain. Today, 20-year-old McKenzie is serving six months' probation after pleading guilty to a second-degree misdemeanor. He got, as one civil liberties advocate said, the deal of the century.
Censorship

Iran Allows VPNs To Make Millions In Profit 57

Posted by timothy
from the have-cake-and-eat-it-too dept.
New submitter Patrick O'Neill writes with this excerpt from The Daily Dot: Anti-censorship technology is de jure illegal in Iran, but many VPNs are sold openly, allowing Iranians to bounce around censorship and seemingly render it ineffective. Nearly 7 in 10 young Iranians are using VPNs, according to the country's government, and a Google search for "buy VPN" in Persian returns 2 million results. Iran's Cyber Police (FATA) have waged a high-volume open war against the VPNs, but it's still very easy to find, buy, and use the software. It's so easy, in fact, that you can use Iran's government-sanctioned payment gateways (Pardakht Net, Sharj Iran, Jahan Pay & Baz Pardakht) to buy the tools that'll beat the censors. To use these gateways, however, customers have to submit their Iranian bank account and identity, all but foregoing hopes of privacy or protection from authorities."
Crime

Chicago's Red Light Cameras Now a Point of Contention for Mayoral Candidates 93

Posted by timothy
from the man-vs-the-state's-electronic-proxy dept.
The same system of red-light cameras in Chicago that was shown last year to have been generating bogus tickets is still around -- but now, reports Reuters, it's a political punching bag for opponents of Chicago mayor Rahm Emanuel in an upcoming election. "[Emanuel], who supports the nation's largest automated camera system, is polling slightly under the 50 percent plus one vote he needs to avoid a run-off against the second-highest vote-getter. Three of the four challengers seeking to topple Emanuel say the cameras should go. Emanuel's closest rival, Cook County Commissioner Jesus "Chuy" Garcia, who is polling at about 20 percent, said he would only keep cameras that have been proven to reduce accidents. .... Chicago has red-light cameras at 174 intersections and 144 speed cameras near schools and parks around the city. They have brought in $500 million since 2003, according to media reports, a figure Chicago has neither confirmed nor disputed.
The Courts

Ask Slashdot: How Can Technology Improve the Judicial System? 183

Posted by timothy
from the judicial-vs-just dept.
An anonymous reader writes One of the cornerstones of any democracy is its judicial system. Fortunately, most of us never have to deal with it. On the other hand, the fact that we so seldom interact with it also means that most of us are not constantly thinking about it. It is possible our judicial system would be much better if most of us had to spend more time thinking about it. I myself had not put much thought into it until I watched a documentary about Aaron Swartz. It is frightening to think that someone could have been left in a position like that. I also hear about so many cases were people end up pleading guilty because they do not have enough money to fight a case in court. Is this really the best we can do? The Marshal Project is also an interesting source of information regarding the shortfalls of our current system.

What do you think about it? How can we improve our judicial system? Is there any interesting way that technology could be used to improve the system?
Encryption

TrueCrypt Audit Back On Track After Silence and Uncertainty 112

Posted by Soulskill
from the cryptic-silence dept.
itwbennett writes: In October 2013 Cryptography professor Matthew Green and security researcher Kenneth White launched a project to perform a professional security audit of TrueCrypt, partly prompted by the leaks from Edward Snowden that suggested the NSA was engaged in efforts to undermine encryption. Their report, published in April 2014, covered the first phase of the audit. Phase two was supposed to involve a formal review of the program's encryption functions, with the goal of uncovering any potential errors in the cryptographic implementations—but then the unexpected happened. In May 2014, the developers of TrueCrypt, who had remained anonymous over the years for privacy reasons, abruptly announced that they were discontinuing the project and advised users to switch to alternatives. Now, almost a year later, the project is back on track.
Businesses

Tim O'Reilly On Big Data, CS Education, and the Future of Print 26

Posted by Soulskill
from the timbits-of-wisdom dept.
M-Saunders writes: How do we take advantage of big data without putting our privacy at risk? Should everyone be able to code? And how much life is still in the market for printed books and publications? Linux Voice put these questions to Tim O'Reilly, the founder of O'Reilly media, and the man who helped to popularize the terms Open Source and Web 2.0. ("Should everybody be a professional coder? No way. Should everybody be able to do more than just use a GUI? Absolutely. Should people be able to automate operations of a computer? Absolutely.") Despite the amount of "free" (or advert-supported) content out there, O'Reilly still believes there's plenty of money to be made: "I think that the willingness of people to pay for things that delight them will not go away."