v3rgEz writes "Even as some police departments curtail their use of license plate scanning technology over privacy concerns, private companies have been amassing a much larger, almost completely unregulated database that pulls in billions of scans a year, marking the exact time and location of millions of vehicles across America. The database, which is often offered to law enforcement for free, is collected by repo and towing companies eager to tap easy revenue, while the database companies then resell that data, often for as little as $25 for a plate's complete recorded history."
Slashdot stories can be listened to in audio form via an RSS feed, as read by our own robotic overlord.
MrJones writes "Last February 20th, hackers supposedly from Iran accessed and modified (English) the www.NIC.py database, redirecting www.google.com.py to another site. The hackers posted the whole NIC.py database containing full names, national ID numbers, street addresses, phone numbers, and more of registrants. This is not the first time (English) that NIC.py, managed by the 2 most respectful Computer Science Universities of Paraguay, was hacked. Since the entire database was released, local white hat hackers were able to calculate how much money NIC.py was making annually (English) by charging $44 US per .py domain. The local CS community are urging the NIC.py administrators to do all whats possible to protect the .py domain names since the hack was done by exploiting a simple remote code execution vulnerability. If they can modify google.com.py, just imagine what they can do to banks and financial institutions. Maybe Google can helps us."
An anonymous reader writes "Homeland security officials on Wednesday abruptly shelved a proposal to build a national database of license-plate scans after criticism from privacy advocates. The proposal, which had been posted online last week by the office of Immigration and Customs Enforcement, sought a contractor who could establish a searchable database of license plates, with the times and locations where they were spotted by traffic cameras and other sources. But in a statement late Wednesday, the department announced a reversal. 'The solicitation, which was posted without the awareness of ICE leadership, has been canceled,' said spokeswoman Gillian Christensen. 'While we continue to support a range of technologies to help meet our law enforcement mission, this solicitation will be reviewed to ensure the path forward appropriately meets our operational needs.'"
Nerval's Lobster writes "A recent article on Reactive Programming, which suggested that five lines of Reactive could solve a problem that required 500 lines using Java or 200 lines using triggers, led many readers to question (passionately) whether Reactive enables you to address not just typical problems, but complex ones as well. In a follow-up column, Espresso Logic CTO Val Huber argues that, while it certainly can't solve all use cases, Reactive Programming is very capable of addressing many complex problems, and can address all other scenarios via a transparent integration with procedural languages. He shows how Reactive can handle complexity using two different scenarios: a classically complicated database application (a bill of materials price rollup) and procedural integration (to address external systems such as email and transactions not limited by a database update). Take a look at his work; do you agree?"
sciencehabit writes "When Galileo Galilei shook up the scientific community with evidence of a heliocentric world, he had a little tube fitted with two pieces of glass to thank. But just how this gadget evolved in the nascent days of astronomy is poorly known. That uncertainty has inspired a group of researchers to compile the most extensive database of early refracting telescopes to date. Now, the scientists plan to use modern optics to recreate what Galileo — and the naysaying observers of his time — experienced when they first peered through these tubes at the rings of Saturn, the moons of Jupiter, and the phases of Venus."
An anonymous reader tipped us to news that several Bitcoin exchanges have joined Mt Gox in suspending withdrawals after being forced out of sync with the Bitcoin network at large. After Mt Gox blamed transaction malleability for forcing them to suspend withdrawals, miscreants started flooding at least Bitpay and Btc-e with bogus transactions. Quoting the Bitcoin Foundation: "Somebody (or several somebodies) is taking advantage of the transaction malleability issue and relaying mutated versions of transactions. This is exposing bugs in both the reference implementation and some exchange’s software. We (core dev team, developers at the exchanges, and even big mining pools) are creating workarounds and fixes right now. This is a denial-of-service attack; whoever is doing this is not stealing coins, but is succeeding in preventing some transactions from confirming. It’s important to note that DoS attacks do not affect people’s bitcoin wallets or funds. "
This site's "Your Rights Online" section, sadly, has never suffered for material. The revelations we've seen over the last year-and-change, though, of widespread spying on U.S. citizens, government spying in the E.U. on international conferences, the UK's use of malware against citizens, and the use of modern technology to oppress government protesters in the middle east and elsewhere shows how persistent it is. It's been a banner year on that front, and the banner says "You are being spied on, online and off." A broad coalition of organizations is calling today "The Day We Fight Back" against the growing culture of heads-they-win, tails-you-lose surveillance, but all involved know this is not a one-day struggle. (Read more, below.)
An anonymous reader writes "Bitcoin values dropped sharply over the weekend after the largest trading exchange, MtGox, revealed that an investigation into unusual trading activity turned up a flaw in the underlying Bitcoin software that allowed an attacker to double withdrawal a transaction" Not so fast according to database experts: the real problem is that Mt Gox (and other exchanges) are using a surrogate transaction id rather than a natural key in their databases: "The flaw isn't so much in Bitcoin as it is in exchange-systems. Many exchanges use the tx-id to uniquely identify transactions, but as it turns out, an attacker can change the tx-id without changing the actual transaction, rebroadcast the changed transaction (effectively creating a double-spend) and if his altered transaction gets accepted into a block instead of the legit transaction, the attacker receives his coins and can complain with the exchange that he didn't. The exchange will then check their db, fetch the tx-id from it, look it up in the blockchain and not find it. So they could conclude that the transaction indeed failed and credit the account with the coins. ... A simple workaround is to not use the tx-id to identify transactions on the exchange side, but the (amount, address, timestamp) instead."
itwbennett writes "In a review of NSA surveillance last month, President Obama called for a new approach on telephony metadata that will 'establish a mechanism that preserves the capabilities we need without the government holding this bulk metadata.' Obama said that a third party holding all the data in a single, consolidated database would be essentially doing what is a government function, and may not increase public confidence that its privacy is being protected. Now, an RFI (request for information) has been posted to get information on U.S. industry's commercially available capabilities, so that the government can investigate alternative approaches."
kc123 writes "David Davis MP, a former shadow home secretary, has told the Guardian that police would be able to access the new central NHS database without a warrant as critics warn of catastrophic breach of trust. The database that will store all of England's health records has a series of 'backdoors' that will allow police and government bodies to access people's medical data. In the past police would need to track down the GP who held a suspect's records and go to court for a disclosure order. Now, they would be able to simply approach the new arms-length NHS information centre, which will hold the records. The idea that police will be able to request information from a central database without a warrant totally undermines a long-held belief in the confidentiality of the doctor-patient relationship."
An anonymous reader writes in with a story that raises the issue of how public anonymity is quickly disappearing thanks to facial recognition technology. "NameTag, an app built for Google Glass by a company called FacialNetwork.com, offers a face scanner for encounters with strangers. You see somebody on the sidewalk and, slipping on your high-tech spectacles, select the app. Snap a photo of a passerby, then wait a minute as the image is sent up to the company's database and a match is hunted down. The results load in front of your left eye, a selection of personal details that might include someone's name, occupation, Facebook and/or Twitter profile, and, conveniently, whether there's a corresponding entry in the national sex-offender registry."
MAXOMENOS writes: "Last night Yahoo! announced via their Tumblr page that they had detected attacks against some Yahoo Mail accounts. They reset the passwords to all affected accounts, and advised users of good password practices. Quoting: 'Based on our current findings, the list of usernames and passwords that were used to execute the attack was likely collected from a third-party database compromise. We have no evidence that they were obtained directly from Yahoo's systems. Our ongoing investigation shows that malicious computer software used the list of usernames and passwords to access Yahoo Mail accounts. The information sought in the attack seems to be names and email addresses from the affected accounts' most recent sent emails.'"
An anonymous reader writes "Tor Mail was an anonymized email service run over Tor. It was operated by a company called Freedom Hosting, which was shut down by the FBI last August. The owner was arrested for 'enabling child porn,' and the Tor Mail servers suddenly began hosting FBI malware that attempted to de-anonymize users. Now, Wired reports on a new court filing which indicates that the FBI was also able to grab Tor Mail's entire email database. 'The filings show the FBI built its case in part by executing a search warrant on a Gmail account used by the counterfeiters, where they found that orders for forged cards were being sent to a TorMail e-mail account: "email@example.com." Acting on that lead in September, the FBI obtained a search warrant for the TorMail account, and then accessed it from the bureau's own copy of "data and information from the TorMail e-mail server, including the content of TorMail e-mail accounts," according to the complaint (PDF) sworn out by U.S. Postal Inspector Eric Malecki.'"
First time accepted submitter hughbar writes "I live in a London suburb that has many activities and classes, yoga, IT [of course], running, art, assorted volunteering and many others. With the help of the local council, we'd now like to make a centralised, searchable database of these, with a number of helpful features: Easy to make submissions, otherwise the whole thing will always be out of date; Web accessible [obviously] but mobile phone friendly as well; Maybe, publish and subscribe, so people can 'subscribe' to yoga listings for example; Handles repeating events, like a classical web calendar; Maybe, can be consolidated with nearby events calendars. I'm aware of MRBS and WebCalendar, but I'm wondering whether there are other suggestions, especially as this is a useful social application. And, yes, I'd like it done with open source, then we can tailor it."
In a speech today, U.S. President Barack Obama announced changes for the operations of the country's intelligence agencies. He says the current program will end "as it currently exists," though most of the data collection schemes will remain intact. However, the data collected in these sweeps will not be stored by the U.S. government, instead residing with either the communications providers or another third party. (He pointed out that storing private data within a commercial entity can have its own oversight issues, so the attorney general and intelligence officials will have to figure out the best compromise.) In order for the NSA to query the database, they will need specific approval from a national security court. Obama also announced "new oversight" to spying on foreign leaders, and an end to spying on leaders of friendly and allied countries. Further, decisions from the Foreign Intelligence Surveillance Court will be annually reviewed for declassification. A panel advocating for citizen privacy will have input into the FISC. There will be chances to national security letters: they will no longer have an indefinite secrecy period. Companies will be able to disclose some amount of information about the NSLs they receive, something they've been asking for. Another change is a reduction in the number of steps from suspected terrorists that phone data can be gathered. Instead of grabbing all the data from people three steps away, it's now limited to two.
An anonymous reader writes "A new system called RoboEarth is currently being tested at Eindhoven University which will enable robots to complete tasks by sharing knowledge through a cloud based world-wide-web. The current study is based in a hospital setting where robots are sharing information to complete tasks like moving around by sharing a map of the room and serving drinks to 'patients'. The aim of the system is that robots and humans will be able to upload information to a cloud based database which can be accessed and used by robots. This will enable robots to share information and also to learn from each other. It will also allow robots to react to changes within their environment without having to be reprogrammed."
jfruh writes "A former Oracle sales manager is suing the database company for what he called racially discriminatory salary-setting practices. Ian Spandow wanted to transfer a high-performing salesman from Oracle's India office to California. When he requested a salary of $60,000 a year or more for the employee, equivalent to what his white American counterparts received, he was told instead to offer $50,000, which was 'good money for an Indian.' When Spandow protested, he was himself summarily fired."
Bennett Haselton writes "Google created controversy by announcing that Google+ users will now be able to send email to Gmail users even without having those Gmail users' email addresses. I think this debate misses the point, because it's unlikely to create a deluge of unsolicited email to Gmail users, as long as Google can throttle outgoing messages from Google+ users and terminate abusive accounts. The real controversy should be over the fact that Google+ users can search a public database of the names of all Gmail users in the first place. And limiting the ability of Google+ users to write to those Gmail accounts, won't do anything to address that." Read below to see what Bennett has to say.
theodp writes "'You go to these charters,' gushed Bill Gates in 2010, 'and you sit and talk to these kids about how engaged they are with adults and how much they read and what they think about and how they do projects together.' Four years later, Gates is tapping his Foundation to bring charter schools to Washington State, doling out grants that included $4.25 million for HP CEO Meg Whitman's Summit Public Schools. So what's not to like? Plenty, according to Salon's The Truth About Charter Schools, in which Jeff Bryant delves into the dark side of the charter movement, including allegations of abuse, corruption, lousy instruction, and worse results. Also troubling Bryant is that the children of the charter world's biggest cheerleaders seem never to attend these schools ('A family like mine should not use up the inner-city capacity of these great schools,' was Bill Gates' excuse). Bryant also cites Rethinking Schools' Stan Karp, who argues that Charter Schools Are Undermining the Future of Public Education, functioning more like deregulated 'enterprise zones' than models of reform, providing subsidized spaces for a few at the expense of the many. 'Our country has already had more than enough experience with separate and unequal school systems,' Karp writes. 'The counterfeit claim that charter privatization is part of a new 'civil rights movement', addressing the deep and historic inequality that surrounds our schools, is belied by the real impact of rapid charter growth in cities across the country. At the level of state and federal education policy, charters are providing a reform cover for eroding the public school system and an investment opportunity for those who see education as a business rather than a fundamental institution of democratic civic life. It's time to put the brakes on charter expansion and refocus public policy on providing excellent public schools for all.'"
Freshly Exhumed writes "TorrentFreak has broken the news that after more than a year of downtime the Demonoid tracker is back online. The tracker is linked to nearly 400,000 torrent files and more than a million peers, which makes it one of the largest working BitTorrent trackers on the Internet. There is no word yet on when the site will make a full comeback, but the people behind it say they are working to revive one of the most famous file-sharing communities. As the single largest semi-private BitTorrent tracker that ever existed, Demonoid used to offer a home to millions of file-sharers. Note that this is apparently the original Demonoid and not the d2 site that claims to be using the Demonoid database."