coolnumbr12 writes "The U.S. government has had enough of the Syrian Electronic Army's hacks of Western media and government outlets. A week after the SEA shut down the New York Times, the FBI Cyber Division unit has officially added the pro-Assad hacker collective to its wanted list. The FBI issued an advisory that included information about the SEA, its capabilities, and some of its more heinous attacks. The advisory also warns networks to be on the lookout for attacks, and that anyone found to be aiding the SEA will be seen as terrorists actively aiding attacks against the U.S. websites."
Navigate with confidence through the cloud. Sign up for the SlashCloud Update newsletter now.
Flash Modin writes "The observatory where Pluto was discovered is pushing to name an asteroid after a black teenager killed in a controversial confrontation in Florida last year. William Lowell Putnam III says his family has identified with the cause of African American rights, and thus an asteroid named after Trayvon Martin is perfectly appropriate. Putnam is the sole trustee of the observatory, which was founded by Percival Lowell during his search for canals on Mars. Astronomers at the observatory discovered the asteroid in 2000, but it has not been formally named. Putnam has already asked the Minor Planet Center once to designate the asteroid 'Trayvon,' but they told him the designation was 'premature.' Now that there's been a verdict, the observatory is reapplying in hopes the naming body will see things different."
coondoggie writes "What might have started out a whimsical protest against government surveillance tactics has morphed into more as a small town in Colorado has found itself overwhelmed with requests and cash for a unmanned aircraft hunting license that doesn't exist."
Trailrunner7 writes "In response to a lawsuit by the Electronic Frontier Foundation, the Department of Justice is preparing to release a trove of documents related to the government's secret interpretation of Section 215 of the PATRIOT Act. The declassified documents will include previously secret opinions of the Foreign Intelligence Surveillance Court. The decision by the Justice Department to release the documents is the second legal victory in recent weeks for the EFF related to the National Security Agency's intelligence collection programs. In August, the group won the release of a 2011 FISC opinion that revealed that the court ruled that some of the NSA's collection programs were illegal and unconstitutional. The newest decision will result in the release of hundreds of pages of documents related to the way the government has been interpreting Section 215, which is the measure upon which some of the NSA's surveillance programs are based. In a status report released Wednesday regarding the EFF's suit against the Department of Justice, attorneys for the government said that they will release the documents by Sept. 10."
MojoKid writes "NVIDIA's Tegra 4 SoC is destined for devices beyond NVIDIA's own SHIELD gaming handheld. In fact, ASUS stepped out with the Tegra 4-powered Transformer Pad TF701T just yesterday and today Xiaomi steps out with the 5-inch Mi3 Android smartphone, also powered by Tegra 4. Here in the US Xiaomi might not roll right off the tongue but the Chinese manufacturer is making some serious inroads as of late and attracting top talent to boot. The new Xiaomi Mi3 is based on a 5-inch IPS display with a full HD 1080p resolution, 2GB of RAM, 64GB of on-board storage and a 13MP camera. NVIDIA's Tegra 4, with its quad-core ARM Cortex-A15 CPU and 72 GeForce GPU cores ought to make the device feel rather nimble, especially with gaming and multimedia. If the Mi3 handles anything like SHIELD did in the benchmarks, it could be the Android phone to beat on the test track in the coming weeks."
Hugh Pickens DOT Com writes "Jason Healey writes at Defense One that if the Obama administration conducts military strikes against Syria, as now seems likely, it should use military cyber weapons at the earliest possible moment to show 'that cyber operations are not evil witchcraft but can be humanitarian.' Cyber capabilities could first disrupt Syrian air defenses directly or confuse military command and control, allowing air strikes to proceed unchallenged. A cyber strike might also disable dual-use Syrian critical infrastructure (such as electrical power) that aids the regime's military but with no long-term destruction as would be caused by traditional bombs. Last, it is possible the U.S. military has cyber capabilities to directly disrupt the operations of Syria's chemical troops. Healy writes that one cyberweapon that should not be used is covert cyber operations against Bashar Assad's finances. 'Both of his immediate predecessors declined such attacks and the world economy and financial sector are already in a perilous state.' Before the American-led strikes against Libya in 2011, the Obama administration debated whether to conduct a cyberoffensive to disrupt the Qaddafi government's air-defense system, but balked, fearing that it might set a precedent for other nations, in particular Russia or China, to carry out such offensives of their own. This time should be different in Healey's view. 'By sparing the lives of Syrian troops and nearby civilians, an opening cyber operation against Syria could demonstrate exactly how such capabilities can be compliant with international humanitarian law,' writes Healey. 'America should take this chance to demystify these weapons to show the world they, and the U.S. military in general, can be used on the battlefield in line with humanitarian principles.'"
colinneagle writes with word of work done by researchers at Arizona State University, Delaware State University and GFS Technology Inc., who find that the multiple-picture sequence security option of Windows 8 suffers from various flaws -- some of them specific to a password system based on gestures, and some analogous to weaknesses in conventional passwords entered by keyboard. "The research found that the strength of picture gesture password has a 'strong connection' to how long a person spent setting up that password gesture. The most common gesture combination is three taps, meaning it took about 4.33 — 5.74 seconds to setup. Passwords with two circles and one line took the longest average input time of about 10.19 seconds. After studying why people choose certain categories of images, the most common gesture types and direction patterns in PGA passwords, the researchers developed an attack framework that is 'capable of cracking passwords on previously unseen pictures in a picture gesture authentication system.'"
An anonymous reader writes "The New York Times is reporting that the NSA has 'has circumvented or cracked much of the encryption, or digital scrambling, that guards global commerce and banking systems, protects sensitive data like trade secrets and medical records, and automatically secures the e-mails, Web searches, Internet chats and phone calls of Americans and others around the world, the documents show. ... The agency, according to the documents and interviews with industry officials, deployed custom-built, superfast computers to break codes, and began collaborating with technology companies in the United States and abroad to build entry points into their products. The documents do not identify which companies have participated.'" You may prefer Pro Publica's non-paywalled version, instead, or The Guardian's.
rjnagle writes "I'm concerned about the implications of storing personal data on Gmail, Facebook, and other social media sites. I'm less worried about individual data than the accumulating mass of data which potentially be used against me (for targeted marketing, credit reporting and who knows what else?) One solution I'm considering is just to abandon individual accounts and start clean and new gmail/facebook accounts. So while Google/Doubleclick might possess lots of data about me from 2001-2012, from this point on, they only have a clean slate. Would this kind of solution address my privacy concerns? (assuming I remove cookies, change IP address before doing so etc). Or are an individual's profile by now so unique that simply creating a new gmail or Facebook account would fail to prevent these data collection agencies from figuring out who I am? Insights and tips are appreciated."
cold fjord writes with this excerpt from The Hill: "The National Rifle Association joined the American Civil Liberties Union's lawsuit on Wednesday to end the government's massive phone record collection program. In a brief filed in federal court, the NRA argues that the National Security Agency's database of phone records amounts to a 'national gun registry.' 'It would be absurd to think that the Congress would adopt and maintain a web of statutes intended to protect against the creation of a national gun registry, while simultaneously authorizing the FBI and the NSA to gather records that could effectively create just such a registry,' the group writes. ... In its filing, the gun-rights group claims that the NSA's database would allow the government to identify and track gun owners based on whether they've called gun stores, shooting ranges or the NRA. 'Under the government's reading of Section 215, the government could simply demand the periodic submission of all firearms dealers' transaction records, then centralize them in a database indexed by the buyers' names for later searching,' the NRA writes."
American manufacturing plants are no longer necessarily dank, dirty places where large men without shirts sweat until they drop. Rather, most plants today are full of computer-driven machinery that takes strong skills to install and maintain. And since many manufacturers, especially small ones, can't afford to have high level IT and repair people on staff, their maintenance work is often outsourced. Obviously, this doesn't mean outsourcing to a company in China or India (that's offshoring), but to one right here in the USA. Today's interviewee, Chris LeBeau, is director of information technologies for Advanced Technology Services, which is one of many companies that have sprung up to help factories operate efficiently in a highly computerized world. Most of their techs have wrench-turning skills, but more and more, they also have strong IT skills and walk around carrying tablet computers. So what you have here is a whole set of IT-related careers for people who enjoy working with computers but would rather stay physical and move around than spend all day in front of a monitor at a desk. Chris's comments about why IT-based factory maintenance is more usful here than in China are interesting, too -- and may offer a clue as to why some types of industry are bringing their manufacturing operations back to the U.S. from low-wage countries in order to increase efficiency.
An anonymous reader writes "Ralph Langner, the security expert who deciphered how Stuxnet targeted the Siemens PLCs in Iran's Natanz nuclear facility, has come up with a cybersecurity framework for industrial control systems (ICS) that he says is a better fit than the U.S. government's Cyber Security Framework. Langner's Robust ICS Planning and Evaluation, or RIPE, framework takes a different approach to locking down ICS/SCADA plants than the NIST-led one, focusing on security capabilities rather than risk. He hopes it will help influence the final version of the U.S. government's framework."
paroneayea writes "MediaGoblin 0.5.0 Goblin Force is released with a slew of new features: authentication plugins including OpenID and Mozilla Persona support, a new notification system, a new "reprocessing framework", and more! The project is also making progress towards its long-awaited federation goals via the Pump API, as used in pump.io. Rockin'!" (If the name doesn't ring a bell, Wikipedia helps: MediaGoblin is "a free, decentralized Web platform (server software) for hosting and sharing digital media.")
hypnosec writes "A cyber defense and IT security company has claimed that the reason behind recent surge in number of clients connecting to Tor is in fact a relatively unknown botnet and not NSA or genuine adoption of Tor. In late August there was a huge increase in Tor network traffic and number of clients connecting to the Tor network. As of this writing number of connections has quadrupled with over 2,500,000 clients connecting to the network. According to Fox-it, the surge in traffic is because of a botnet dubbed 'Mevade.A,' which is known to have Tor connectivity features. The company noted that the botnet may have links to a previously detected botnet dubbed 'Sefnit,' which also featured Tor connectivity. Fox-it claimed that they have found "references that the malware is internally known as SBC to its operators.""
An anonymous reader writes "GamePolitics reports that the Postal Regulatory Commission has ordered [PDF] the U.S. Postal Service to equalize the rates paid by mailers who send round trip DVDs, and concluding (sort of) a dispute that has been underway for more than four years. The new postage rates take effect on September 30th. Some mailers, prominantly Netflix, send their round-trip movie DVDs as 'letters,' but GameFly's gaming disks are sent in slightly bigger envelopes as 'flats' to avoid breakage, and so GameFly has paid a much higher postage rate. GameFly argued that this was unfair discriminatory treatment because USPS was providing special hand-sorting treatment for Netflix disks without charging Netflix for the extra handling. But now there's a new twist: the Postal Service wants to reclassify DVD mailing [PDF] as a competitive product, where the prices would not be limited by the rate of inflation, because it says that mailed DVDs compete with the internet, streaming services, and kiosks such as Redbox. The regulatory agency is accepting responses [PDF] from interested persons until September 11th to the Postal Service's latest comments on its request [PDF]."