Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×
Crime

The Coming Terrorist Threat From Autonomous Vehicles 8

HughPickens.com writes: Alex Rubalcava writes that autonomous vehicles are the greatest force multiplier to emerge in decades for criminals and terrorists and open the door for new types of crime not possible today. According to Rubalcava, the biggest barrier to carrying out terrorist plans until now has been the risk of getting caught or killed by law enforcement so that only depraved hatred, or religious fervor has been able to motivate someone to take on those risks as part of a plan to harm other people. "A future Timothy McVeigh will not need to drive a truck full of fertilizer to the place he intends to detonate it," writes Rubalcava. "A burner email account, a prepaid debit card purchased with cash, and an account, tied to that burner email, with an AV car service will get him a long way to being able to place explosives near crowds, without ever being there himself." A recent example is instructive. Dzhokhar and Tamerlan Tsarnaev were identified by an examination of footage from numerous private security cameras that were recording the crowd in downtown Boston during the Marathon. Imagine if they could have dispatched their bombs in the trunk of a car that they were never in themselves? Catching them might have been an order of magnitude more difficult than it was.

According to Rubalcava the reaction to the first car bombing using an AV is going to be massive, and it's going to be stupid. There will be calls for the government to issue a stop to all AV operations, much in the same way that the FAA made the unprecedented order to ground 4,000-plus planes across the nation after 9/11. "But unlike 9/11, which involved a decades-old transportation infrastructure, the first AV bombing will use an infrastructure in its infancy, one that will be much easier to shut down" says Rubalcava. "That shutdown could stretch from temporary to quasi-permanent with ease, as security professionals grapple with the technical challenge of distinguishing between safe, legitimate payloads and payloads that are intended to harm."
(And don't forget The Dead Pool.)
Crime

Harshest Penalty for Alleged Rapist Was For Using a Computer To Arrange Contact With Teen 249

An anonymous reader writes: Today in a nationally publicized case, an alleged rapist from a fairly elite boarding school was convicted of a number of related misdemeanors, but the jury did not find him guilty of rape. According to the New York Times, his lone felony conviction was "using a computer to lure a minor." In effect, a criminal was convicted of multiple misdemeanors, including sexual penetration of a child, but the biggest penalty he faces is a felony record and years in jail because he used a computer to contact the child, rather than picking her up at a coffee shop, meeting her at a party, or hiring a fifteen-year-old prostitute. Prosecutors have these "using a computer" charges as an additional quiver in their bow, but should we really be making it a felony to use a computer for non-computer-related crime when there is no underlying felony conviction?
Advertising

Inside the Booming, Unhinged, and Dangerous Malvertising Menace 235

mask.of.sanity writes: The Register has a feature on the online malicious advertising (malvertising) menace that has become an explosively potent threat to end-user security on the internet. Experts say advertising networks and exchanges need to vet their customers, and publishers need to vet the third party content they display. Users should also consider script and ad blockers in the interim. From the article: "Ads as an attack vector was identified in 2007 when security responders began receiving reports of malware hitting user machines as victims viewed online advertisements. By year's end William Salusky of the SANS Internet Storms Centre had concocted a name for the attacks. Since then malvertising has exploded. This year it increased by more than 260 percent on the previous year, with some 450,000 malicious ads reported in the first six months alone, according to numbers by RiskIQ. Last year, security firm Cyphort found a 300 percent increase in malvertising. In 2013, the Online Trust Alliance logged a more than 200 percent increase in malvertising incidents compared to 2012, serving some 12.4 billion malvertisement impressions."
Government

North Dakota Legalizes "Less Than Lethal" Weapon-Equipped Police Drones 179

According to the Daily Beast, writes reader schwit1, North Dakota police will be free to fire 'less than lethal' weapons from the air thanks to the influence of a pro-police lobbyist. That means beanbags, tear-gas, and Tasers, at the very least, can be brought to bear by remote. It's worth noting that "non-lethal" isn't purely true, even if that's the intent behind such technologies. From the article, based partly on FOIA requests made by MuckRock into drone use by government agencies: The bill’s stated intent was to require police to obtain a search warrant from a judge in order to use a drone to search for criminal evidence. In fact, the original draft of Representative Rick Becker’s bill would have banned all weapons on police drones. Then Bruce Burkett of the North Dakota Peace Officer’s Association was allowed by the state house committee to amend HB 1328 and limit the prohibition only to lethal weapons. “Less than lethal” weapons like rubber bullets, pepper spray, tear gas, sound cannons, and Tasers are therefore permitted on police drones.
Transportation

When Should Cops Be Allowed To Take Control of Self-Driving Cars? 235

HughPickens.com writes: A police officer is directing traffic in the intersection when he sees a self-driving car barreling toward him and the occupant looking down at his smartphone. The officer gestures for the car to stop, and the self-driving vehicle rolls to a halt behind the crosswalk. This seems like a pretty plausible interaction. Human drivers are required to pull over when a police officer gestures for them to do so. It's reasonable to expect that self-driving cars would do the same. But Will Oremus writes that while it's clear that police officers should have some power over the movements of self-driving cars, what's less clear is where to draw the line. Should an officer be able to do the same if he suspects the passenger of a crime? And what if the passenger doesn't want the car to stop—can she override the command, or does the police officer have ultimate control?

According to a RAND Corp. report on the future of technology and law enforcement "the dark side to all of the emerging access and interconnectivity (PDF) is the risk to the public's civil rights, privacy rights, and security." It added, "One can readily imagine abuses that might occur if, for example, capabilities to control automated vehicles and the disclosure of detailed personal information about their occupants were not tightly controlled and secured."
Crime

2 Arrested In Plot To Fly Contraband Into Prison With Drone 114

An anonymous reader writes: Using a drone to get contraband into prison seems to be all the rage lately. Police say two men attempting to fly drugs, tobacco and pornography into a Maryland state prison with a drone were arrested Monday. Stephen T. Moyer, secretary of the Maryland Department of Public Safety and Correctional Services worries that someone will try to use a drone to deliver a gun. "That's my biggest fear," he told a news conference. "The use of these drones to bring this type of contraband into a facility is very, very troubling, and we're going to address it."
Privacy

Ashley Madison Hack Claims First Victims 705

wired_parrot writes: Toronto police are reporting that 2 unconfirmed suicides have been linked to the data breach. This follows pleas from other users of the site for the hackers to not release the data before it was exposed- an anonymous gay Reddit user from Saudi Arabia, where homosexuality is illegal, pleaded for the data to be kept private: "I am about to be killed, tortured, or exiled," he wrote. "And I did nothing." And when The Intercept published a piece condemning the puritanical glee over the data dump, one user who commented on the article said she's been "a long term member" of the site because her spouse's medical condition has affected their intimate life. Her spouse knows she's engaged with other Ashley Madison members, she says, but now fears she will likely lose friends and have to find a new job now that her association with the site is out there. Ashley Madison has now offered a $380,000 reward for information that leads to the arrest and conviction of the hackers who leaked the data. Security researcher Troy Hunt has also posted about the kind of emails he's received from users after the data leak.
Cellphones

In Baltimore and Elsewhere, Police Use Stingrays For Petty Crimes 211

USA Today reports on the widespread use of stingray technology by police to track down even petty criminals and witnesses, as well as their equally widespread reluctance to disclose that use. The article focuses mostly on the city of Baltimore; by cross-checking court records against a surveillance log from the city’s Advanced Technical Team, the USA Today reporters were able to determine at least several hundred cases in which phony ("simulated") cell phone towers were used to snoop traffic. In court, though, and even in the information that the police department provides to the city's prosecutors, the use of these devices is rarely disclosed, thanks to a non-disclosure agreement with the FBI and probably a general reluctance to make public how much the department is using them, especially without bothering to obtain search warrants. From the article: In at least one case, police and prosecutors appear to have gone further to hide the use of a stingray. After Kerron Andrews was charged with attempted murder last year, Baltimore's State's Attorney's Office said it had no information about whether a phone tracker had been used in the case, according to court filings. In May, prosecutors reversed course and said the police had used one to locate him. "It seems clear that misrepresentations and omissions pertaining to the government's use of stingrays are intentional," Andrews' attorney, Assistant Public Defender Deborah Levi, charged in a court filing.

Judge Kendra Ausby ruled last week that the police should not have used a stingray to track Andrews without a search warrant, and she said prosecutors could not use any of the evidence found at the time of his arrest.
Crime

Two US Marines Foil Terrorist Attack On Train In France 467

hcs_$reboot writes: A heavily armed gunman opened fire aboard a packed high-speed train traveling from Amsterdam to Paris late Friday afternoon, wounding several passengers before he was tackled and subdued by two Americans Marines. The assault was described as a terrorist attack. President Barack Obama has expressed his gratitude for the "courage and quick thinking" of the passengers on a high-speed train in France, including U.S. service members, who overpowered the gunman. Bernard Cazeneuve, the French interior minister, paid tribute to the Marines as he arrived at the scene, and said "Thanks to them we have averted a drama. The Americans were particularly courageous and showed extreme bravery in extremely difficult circumstances."
Privacy

More Ashley Madison Files Published 301

An anonymous reader writes: A second round of Ashley Madison data was released today. The data dump was twice as large as the first time, which was bad enough for "19 Kids and Counting" star Josh Duggar, and includes some of CEO Noel Biderman's email as well. The release of the cheating sites data has spawned a small scammer industry as people scramble to find a way to have their information deleted from the leaks. Wired reports: "The new release is accompanied by the note: 'Hey Noel, you can admit it's real now.' The message is likely a response to assertions made by the company's former CTO this week, who tried hard to convince reporters after the first leak occurred that the data dump was fake."
Crime

US No-Fly List Uses 'Predictive Judgement' Instead of Hard Evidence 264

HughPickens.com writes: The Guardian reports that in a little-noticed filing before an Oregon federal judge, the US Justice Department and the FBI conceded that stopping U.S. and other citizens from traveling on airplanes is a matter of "predictive assessments about potential threats." "By its very nature, identifying individuals who 'may be a threat to civil aviation or national security' is a predictive judgment intended to prevent future acts of terrorism in an uncertain context," Justice Department officials Benjamin C Mizer and Anthony J Coppolino told the court. It is believed to be the government's most direct acknowledgment to date that people are not allowed to fly because of what the government believes they might do and not what they have already done. The ACLU has asked Judge Anna Brown to conduct her own review of the error rate in the government's predictions modeling – a process the ACLU likens to the "pre-crime" of Philip K Dick's science fiction. "It has been nearly five years since plaintiffs on the no-fly list filed this case seeking a fair process by which to clear their names and regain a right that most other Americans take for granted," say ACLU lawyers.

The Obama administration is seeking to block the release of further information about how the predictions are made, as damaging to national security. "If the Government were required to provide full notice of its reasons for placing an individual on the No Fly List and to turn over all evidence (both incriminating and exculpatory) supporting the No Fly determination, the No Fly redress process would place highly sensitive national security information directly in the hands of terrorist organizations and other adversaries," says the assistant director of the FBI's counterterrorism division, Michael Steinbach.
Crime

Uber Lowers Drunk Driving Arrests In San Francisco Dramatically 204

schwit1 writes: According to crime statistics from the San Francisco Police Department there were only two drunken driving arrests last New Year's Eve in San Francisco, the lowest since 2009. This news comes on the heels of a new study revealing that the introduction of UberX reduces drunk driving deaths across California. Temple University's Brad Greenwood and Sunil Wattal published a paper that shows cheap taxi-like options make it easier for people to make the safer decision to call for a ride rather than driving home themselves.
Crime

Police Training Lacks Scientific Input 277

An anonymous reader writes: Police have been under a microscope over the past year for their involvement in some high-profile shootings. We've heard over and over that police need more and better training to keep these incidents from happening, but the truth is that there's no good framework within law enforcement to base their training on actual science. Officers tend to teach from their own experience, and research into techniques for dealing with unpredictable people goes widely unnoticed. "Carl Bell, a psychologist at the University of Illinois at Chicago who has done key work on de-escalation with the mentally ill, said his attempts to introduce techniques to the Chicago police never got anywhere. 'There's no systematic incorporation of research.'" Nobody expects officers to consult an academic journal when they're facing down a hostile suspect, but science needs to be part of conversation we're having.
Network

The Network Is Hostile 124

An anonymous reader writes: Following this weekend's news that AT&T was as friendly with the NSA as we've suspected all along, cryptographer Matthew Green takes a step back to look at the broad lessons we've learned from the NSA leaks. He puts it simply: the network is hostile — and we really understand that now. "My take from the NSA revelations is that even though this point was 'obvious' and well-known, we've always felt it more intellectually than in our hearts. Even knowing the worst was possible, we still chose to believe that direct peering connections and leased lines from reputable providers like AT&T would make us safe. If nothing else, the NSA leaks have convincingly refuted this assumption." Green also points out that the limitations on law enforcement's data collection are technical in nature — their appetite for surveillance would be even larger if they had the means to manage it. "...it's significant that someday a large portion of the world's traffic will flow through networks controlled by governments that are, at least to some extent, hostile to the core values of Western democracies."
United Kingdom

Legal Scholars Warn Against 10 Year Prison For Online Pirates 167

An anonymous reader writes: The UK Government wants to increase the maximum prison sentence for online copyright infringement from two years to ten. A number legal experts and activists are pushing back against the plan. One such group, The British and Irish Law, Education and Technology Association (BILETA) has concluded that changes to the current law are not needed. "legitimate means to tackle large-scale commercial scale online copyright infringement are already available and currently being used, and the suggested sentence of 10 years seems disproportionate," the group writes.
Crime

SAP Paid Bribes To Panamanian Officials 72

jfruh writes: A former SAP exec has pled guilty to bribing Panamanian officials in a successful attempt to sell SAP licenses to the Panamanian government. Vicente Eduardo Garcia, SAP's former vice president of global and strategic accounts for Latin America, says he wasn't the only SAP employee who knew about the scheme. From the Dept. of Justice press release, "According to Garcia’s admissions, the conspirators used sham contracts and false invoices to disguise the true nature of the bribes. Garcia further admitted that he believed paying such bribes was necessary to secure both the initial contract and additional Panamanian government contracts."
The Courts

Time Runs Out On Sweden's Sexual Assault Charges Against Julian Assange 226

As the Guardian and many other sources report, the clock has run out on the three 2010 charges of sexual assault on which Swedish authorities had hoped try Wikileaks founder Julian Assange. Assange has been waiting out those charges since 2012 in London, inside the Ecuadorian embassy, claiming that he feared extradition to the U.S. in connection to this Wikileaks work if he were first extradicted to Sweden. He was recently rebuffed after suggesting that he'd be interested in living in France as a political refugee. The linked Guardian story notes that the expiry of the Swedish prosecutors' time doesn't mean that Assange is no longer under scrutiny, as does CNN.
Crime

US Busts Insider Trading Hackers 113

An anonymous reader sends news that U.S. authorities have dispersed an insider trading ring that broke into remote servers to grab press releases before their official publishing date. The group hacked into organizations called PRNewswire, Marketwired, and Business Wire, taking as many as 150,000 press releases over the past five years, including those involving earnings reports. The information was sold to other people who used it to buy and sell stocks. The nine people targeted in this sting netted approximately $30 million, while an SEC lawsuit targeting 32 individuals says the take was more like $100 million. Their scheme is a new type of distributed insider trading that didn't rely on leaked information from employees of any of the targeted companies. "They ran this like a business. They provided customer support: The hackers allegedly set up servers for their customers to access their information, and 'created a video tutorial on how to access and use one of the servers they used to share the Stolen Releases.' They responded to customer feedback ... Their fees were performance-based, and the performance was audited."
Crime

New Video Shows Shot Down Drone Hovered For Only 22 Seconds 664

AmiMoJo writes: The saga of the drone shot down in Kentucky got a little bit longer today. A new video from the drone shot down by William Merideth shows that it only hovered over his property for 22 seconds, and was not "peeping". The video shows the drone hovering at altitude and surveying the area before falling out of the sky. Although the video jumps around a little, the drone's owner claims that it was not edited. The shooter says he did not know if the drone was being operated by a paedophile, criminal or ISIS terrorist before he opened fire.