Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×
Democrats

Judge Orders State Dept, FBI To Expand Clinton Email Server Probe 302

An anonymous reader writes: In a hearing over Freedom of Information Act requests to the State Department, U.S. District Judge Emmet Sullivan said that former US Secretary of State Hillary Clinton didn't comply with government policies. He ordered the State Department to reach out to the FBI to see if any relevant emails exist on Hillary Clinton's email server. Judge Sullivan was surprised that the State Department and FBI were not already communicating on the issue following the FBI's seizure of Clinton's email server and three thumb drives of emails. More than 300 emails are being examined for containing classified information, and dozens of the emails were "born classified" based on content. Some of those emails were forwarded outside the government. There are also clues emerging about how some of the classified information made its way onto Clinton's server. The email controversy is beginning to show up on the campaign trail, an unwelcome development for Secretary Clinton. Reporter Bob Woodward, who helped bring down President Nixon, said the scandal reminds him of the Nixon tapes. It is interesting to note that the post-Watergate reforms have helped move the investigation forward.
IOS

MDM Vulnerability In Apple iOS Sandbox Facilitates 'Rogue Apps' 13

An anonymous reader writes: A vulnerability in Apple's iOS sandbox, which could affect personal information as well as configuration settings, has been discovered by Appthority's Enterprise Mobility Threat Team. It affects all mobile device management (MDM) clients, and any mobile applications distributed by an MDM that use the "Managed App Configuration" setting for private data. An attacker could potentially create a rogue app, perhaps masquerading as a productivity tool to increase the chances of it getting installed, and then distribute the attack by means of the iTunes store or "spear fishing" email attacks.
Privacy

More Ashley Madison Files Published 301

An anonymous reader writes: A second round of Ashley Madison data was released today. The data dump was twice as large as the first time, which was bad enough for "19 Kids and Counting" star Josh Duggar, and includes some of CEO Noel Biderman's email as well. The release of the cheating sites data has spawned a small scammer industry as people scramble to find a way to have their information deleted from the leaks. Wired reports: "The new release is accompanied by the note: 'Hey Noel, you can admit it's real now.' The message is likely a response to assertions made by the company's former CTO this week, who tried hard to convince reporters after the first leak occurred that the data dump was fake."
Encryption

Engaging Newbies In Email Encryption and Network Privacy 81

reifman writes: All six parts of my series introducing beginners to PGP encryption and network privacy are now freely available. I hope it's useful for Slashdot readers to share with their less-technical acquaintances. There's an introduction to PGP, a guide to email encryption on the desktop, smartphone and in the browser, an introduction to the emerging key sharing and authentication startup, Keybase.io, and an intro to VPNs. There's a lot more work for us to do in the ease of use of communications privacy but this helps people get started more with what's available today.
Businesses

Debate Over Amazon Working Conditions Goes Back Years 268

Nerval's Lobster writes: This weekend, The New York Times published a lengthy report about working conditions for white-collar workers at Amazon. Describing the e-commerce giant as a "bruising workplace," the report paints a picture of a Darwinian environment. But criticism of Amazon's working conditions actually goes back years. In The Everything Store, a book-length account of Amazon by Bloomberg BusinessWeek reporter Brad Stone, the Amazon of yesteryear is indeed described as an aggressive place in which Bezos pushed employees relentlessly. So is Amazon a terrible place to work? On Quora and Glassdoor, current employees suggest that the company presents its workers with interesting challenges, and that the culture is fast-paced. While there are complaints about the hours and workload, many don't seem Amazon-specific: The world is filled with tech pros struggling to achieve work-life balance in the face of incredible goals on tight deadlines. Many cite issues with the company's frugality—its lack of perks vis-à-vis Google or Microsoft. After the report was published Jeff Bezos wrote a memo to employees that reads in part: “The article doesn’t describe the Amazon I know or the caring Amazonians I work with every day. But if you know of any stories like those reported, I want you to escalate to HR. You can also email me directly at jeff@amazon.com. Even if it’s rare or isolated, our tolerance for any such lack of empathy needs to be zero.”
Businesses

The Challenge of Working At Amazon 396

An anonymous reader writes: The NY Times has a lengthy exposé on the working conditions within Jeff Bezos's Amazon. "Even as the company tests delivery by drone and ways to restock toilet paper at the push of a bathroom button, it is conducting a little-known experiment in how far it can push white-collar workers, redrawing the boundaries of what is acceptable." Over 100 current and former employees were interviewed for the article, and they painted a picture of a demanding and punishing workplace that people tolerate in exchange for the ability to create. "In contrast to companies where declarations about their philosophy amount to vague platitudes, Amazon has rules that are part of its daily language and rituals, used in hiring, cited at meetings and quoted in food-truck lines at lunchtime. Some Amazonians say they teach them to their children." Of course, this attitude causes problems for people whose lives don't allow them extreme levels of effort: "The mother of the stillborn child soon left Amazon. 'I had just experienced the most devastating event in my life,' the woman recalled via email, only to be told her performance would be monitored 'to make sure my focus stayed on my job.'"
Facebook

Facebook CIO Discusses Zuckerberg's "Will You Resign?" Email 141

CarlaRudder writes: When Mark Zuckerberg sends an email with the subject line, "Will you resign?" people remember it. In this case, the email went to the entire company after someone leaked damaging information, but CIO Tim Campos talks about his hesitation to open the email, thinking it was addressed to him personally. He goes on to share an insider's perspective on the power of culture at Facebook, the benefits of giving employees time and space to both fail and create, and why data is at the core of every decision made in the company.
Cellphones

Don't Hate the Phone Call, Hate the Phone (And the Network) 145

Ever screamed at your phone, or wanted to, when it can't handle the basic job of linking you to another person by voice? antdude writes to say that The Atlantic has posted a long article titled "Don't Hate the Phone Call, Hate the Phone" about how our telephone habits have changed, but so have the infrastructure and design of the handset. A snippet: When you combine the seemingly haphazard reliability of a voice call with the sense of urgency or gravity that would recommend a phone call instead of a Slack DM or an email, the risk of failure amplifies the anxiety of unfamiliarity. Telephone calls now exude untrustworthiness from their very infrastructure. Going deeper than dropped connections, telephony suffered from audio-signal processing compromises long before cellular service came along, but the differences between mobile and landline phone usage amplifies those challenges, as well.
Communications

Clinton Surrendering Email Server/Data To Feds After Top Secret Mail Found 676

An anonymous reader writes: Hillary Clinton's lawyer has surrendered three thumb drives with copies of emails from her server to the Justice Department, which is also where the controversial Clinton personal email server is destined as well. The FBI determined that Clinton's lawyer could no longer retain the thumb drives after two emails from a small sample were found to contain information classified as "Top Secret/Sensitive Compartmented Information," which would also taint the server. There is no evidence that encryption was used to protect the emails. From the limited reviews to date, Secretary Clinton and her aides exchanged emails containing classified information with at least six people with private email addresses. So far four of Clinton's top aides have turned over emails to the State Department, and there are demands that six more do so. The State Department's inspector general has stated that his office is reviewing "the use of personal communications hardware and software by five secretaries of state and their immediate staffs." Current U.S. Secretary of State John Kerry has stated, "it is very likely" that China and Russia are reading his emails.
Communications

Sending Angry Emails Just Makes You Angrier 161

An anonymous reader writes: Sending a blistering email can be cathartic. People consistently report feeling better after venting, and doing so over email is no exception. But researchers find those who vent their anger tend to only become angrier and more aggressive, and doing so in an impersonal way like email only makes it worse. "E-venting is particularly risky, experts say. We think it's private because we can do it in a secluded place, like our bed while we're in our pajamas. We have our phones with us all the time so we often e-vent before we've had a chance to calm down. A rant put out via the Internet is a click away from being shared." Combine this with how we typically sound angrier in print, and can't see feedback from our targets, it can lead to more volatile situations than we intended.
Crime

Tech Firm Ubiquiti Suffers $46M Cyberheist 54

An anonymous reader writes: Brian Krebs reports that Ubiquiti Networks, known for their wireless networking hardware, has lost $46.7 million to a scam in which thieves were able to impersonate employees and initiate fraudulent wire transfers. Ubiquiti was able to recover only $8.1 million of the amounts transferred, and an additional $6.8 million is subject to legal injunction. Krebs explains, "Known variously as 'CEO fraud,' and the 'business email compromise,' the swindle that hit Ubiquiti is a sophisticated and increasingly common one targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. ... CEO fraud usually begins with the thieves either phishing an executive and gaining access to that individual’s inbox, or emailing employees from a look-alike domain name that is one or two letters off from the target company’s true domain name." The theft was disclosed in Ubiquiti's quarterly financial report.
Government

NBC Report: Russian Hackers Behind Attack On Pentagon Mail System 81

New submitter packetspike alerts us to a story at CNBC, according to which U.S. officials have told NBC News that Russian hackers are behind a "sophisticated cyberattack" against the unclassified email system used by the Pentagon's Joint Staff , which has since been shut down and taken off line. "According to the officials, the "sophisticated cyber intrusion" occurred sometime around July 25 and affected some 4,000 military and civilian personnel work for the Joint Chiefs of Staff." The story claims that it's unclear whether the mail-system's attackers were backed by the Russian government. (Expect more to come on this story.)
Security

Steam Bug Allowed Password Resets Without Confirmation 62

An anonymous reader writes: Valve has fixed a bug in their account authentication system that allowed attackers to easily reset the password to a Steam account. When a Steam user forgets a password, he goes to an account recovery page and asks for a reset. The page then sends a short code to the email address registered with the account. The problem was that Steam wasn't actually checking the codes sent via email. Attackers could simply request a reset and then submit a blank field when prompted for the code. Valve says the bug was active from July 21-25. A number of accounts were compromised, including some prominent streamers and Dota 2 pros. Valve issued password resets to those accounts with "suspicious" changes over the past several days.
Google

Plan To Run Anti-Google Smear Campaign Revealed In MPAA Emails 256

vivaoporto writes: Techdirt reports on a plan to run an anti-Google smear campaign via the Today Show and the WSJ discovered in MPAA emails. Despite the resistance of the Hollywood studios to comply with the subpoenas obtained by Google concerning their relationship with Mississippi Attorney General Jim Hood (whose investigation of the company appeared to actually be run by the MPAA and the studios themselves) one of the few emails that Google have been able to get access to so far was revealed this Thursday in a filling. It's an email between the MPAA and two of Jim Hood's top lawyers in the Mississippi AG's office, discussing the big plan to "hurt" Google.

The lawyers from Hood's office flat out admit that they're expecting the MPAA and the major studios to have its media arms run a coordinated propaganda campaign of bogus anti-Google stories. One email reads: "Media: We want to make sure that the media is at the NAAG meeting. We propose working with MPAA (Vans), Comcast, and NewsCorp (Bill Guidera) to see about working with a PR firm to create an attack on Google (and others who are resisting AG efforts to address online piracy). This PR firm can be funded through a nonprofit dedicated to IP issues. The "live buys" should be available for the media to see, followed by a segment the next day on the Today Show (David green can help with this). After the Today Show segment, you want to have a large investor of Google (George can help us determine that) come forward and say that Google needs to change its behavior/demand reform. Next, you want NewsCorp to develop and place an editorial in the WSJ emphasizing that Google's stock will lose value in the face of a sustained attack by AGs and noting some of the possible causes of action we have developed."

As Google notes in its legal filing about this email, the "plan" states that if this effort fails, then the next step will be to file the subpoena (technically a CID or "civil investigatory demand") on Google, written by the MPAA but signed by Hood. This makes it pretty clear that the MPAA, studios and Hood were working hand in hand in all of this and that the subpoena had no legitimate purpose behind it, but rather was the final step in a coordinated media campaign to pressure Google to change the way its search engine works.
Communications

Criminal Inquiry Sought Over Hillary Clinton's Personal Email Server 434

cold fjord writes: The Wall Street Journal is reporting that Inspectors General from the State Department and intelligence agencies have asked the Justice Department to open a criminal investigation into Hillary Clinton's use of a personal email server while she was U.S. Secretary of State. At issue is the possible mishandling of sensitive government information. Dozens of the emails provided by Hillary Clinton have been retroactively classified as part of the review of her emails as they are screened for public release. So far 3,000 of 55,000 emails have been released. The inspectors general found hundreds of potentially classified emails. "The Justice Department has not decided if it will open an investigation, senior officials said. ... The inspectors general also criticized the State Department for its handling of sensitive information, particularly its reliance on retired senior Foreign Service officers to decide if information should be classified, and for not consulting with the intelligence agencies about its determinations."
Security

Belgian Government Phishing Test Goes Off-Track 58

alphadogg writes: An IT security drill went off the tracks in Belgium, prompting a regional government office to apologize to European high-speed train operator Thalys for involving it without warning. Belgium's Flemish regional government sent a mock phishing email to about 20,000 of its employees to see how they would react. Hilarity and awkwardness ensued, with some employees contacting Thalys directly to complain, and others contacting the cops.
Education

Video CanSat Helps Students Make & Launch Sub-Orbital 'Satellites' (Video) 22

The Magnitude (motto: "Powered by Curiosity") "Can-sized satellites" aren't technically satellites because they're launched on rockets that typically can't get much higher than 10,000 feet, or as payloads on weather balloons that can hit 100,000+ feet but (obviously) can't go beyond the Earth's atmosphere. But could they be satellites? Sure. Get a rocket with enough punch to put them in orbit and off you go -- something Magnitude Co-founder and CEO Ted Tagami hopes to see happening in his local school district by 2020. Meanwhile, they'll sell you assembled CanSat packages or help you build your own (or anything in between), depending on your schools resources and aspirations. Have a question or an idea? Talk to Ted. He'd love to hear from you. Use the Magnitude Web form or send email to hello at magnitude dot io. Either way works.
Spam

Gmail Spam Filter Changes Bite Linus Torvalds 136

An anonymous reader points out The Register's story that recent changes to the spam filters that Google uses to pare down junk in gmail evidently are a bit overzealous. Linus Torvalds, who famously likes to manage by email, and whose email flow includes a lot of mailing lists, isn't happy with it. Ironically perhaps, it was only last week that the Gmail team blogged that its spam filter's rate of false positives is down to less than 0.05 per cent. In his post, Torvalds said his own experience belies that claim, and that around 30 per cent of the mail in his spam box turned out not to be spam. "It's actually at the point where I'm noticing missing messages in the email conversations I see, because Gmail has been marking emails in the middle of the conversation as spam. Things that people replied to and that contained patches and problem descriptions," Torvalds wrote.
Security

Hacking Team and Boeing Subsidiary Envisioned Drones Deploying Spyware 79

Advocatus Diaboli writes: Email conversations posted on WikiLeaks reveal that Boeing and Hacking Team want drones to carry devices that inject spyware into target computers through WiFi networks. The Intercept reports: "The plan is described in internal emails from the Italian company Hacking Team, which makes off-the-shelf software that can remotely infect a suspect's computer or smartphone, accessing files and recording calls, chats, emails and more. A hacker attacked the Milan-based firm earlier this month and released hundreds of gigabytes of company information online. Among the emails is a recap of a meeting in June of this year, which gives a "roadmap" of projects that Hacking Team's engineers have underway. On the list: Develop a way to infect computers via drone. One engineer is assigned the task of developing a "mini" infection device, which could be "ruggedized" and "transportable by drone (!)" the write-up notes enthusiastically in Italian. The request appears to have originated with a query from the Washington-based Insitu, which makes a range of unmanned systems, including the small ScanEagle surveillance drone, which has long been used by the militaries of the U.S. and other countries. Insitu also markets its drones for law enforcement."