Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Sony

Wikileaks Publishes Hacked Sony Emails, Documents 137

Posted by samzenpus
from the take-a-look dept.
itwbennett writes Wikileaks has published a searchable database of thousands of emails and documents from Sony Pictures Entertainment that were leaked in late 2014 after the studio was attacked by hackers. Some of the 173,132 emails and 30,287 documents contain highly personal information about Sony employees including home addresses, personal phone numbers and social security numbers, a fact which is likely to raise new concerns about the use of stolen information online.
Security

Why "Designed For Security" Is a Dubious Designation 58

Posted by samzenpus
from the protect-ya-neck dept.
itwbennett writes The list of products designed to be security enhanced that turned out to be anything but seems to get longer by the day. In just the latest instance, reported by Wired last week, the crowd-funded privacy-enhancing home router Anonabox had to be recalled after an independent researcher discovered serious security flaws in the product. But security experts caution that the real problem may be bigger than vulnerabilities hidden in application code: "Designed for security products don't just have to be good. They have to be beyond reproach," explains John Dickson, a Principal at the Denim Group. "All it takes is one guy with a grudge to undo you."
Privacy

Denver TSA Screeners Manipulated System In Order To Grope Men's Genitals 292

Posted by Soulskill
from the classiest-thing-you'll-read-about-the-TSA-all-week dept.
McGruber writes: The CBS affiliate in Denver reports: "Two Transportation Security Administration screeners at Denver International Airport have been fired after they were discovered manipulating passenger screening systems to allow a male TSA employee to fondle the genital areas of attractive male passengers." According to law enforcement reports obtained during the CBS4 investigation, a male TSA screener told a female colleague in 2014 that he "gropes" male passengers who come through the screening area at DIA. "He related that when a male he finds attractive comes to be screened by the scanning machine he will alert another TSA screener to indicate to the scanning computer that the party being screened is a female. When the screener does this, the scanning machine will indicate an anomaly in the genital area and this allows (the male TSA screener) to conduct a pat-down search of that area." Although the TSA learned of the accusation on Nov. 18, 2014 via an anonymous tip from one of the agency's own employees, reports show that it would be nearly three months before anything was done."
Television

In New Zealand, a Legal Battle Looms Over Streaming TV 104

Posted by timothy
from the why-consider-this-pen-your-honor dept.
SpacemanukBEJY.53u writes After a threat from a law firm, two New Zealand ISPs have withdrawn services that let their customers navigate to content sites outside the country that world normally be geo-blocked. Using VPNs or other services to access content restricted by region isn't specifically outlawed in either New Zealand or in neighboring Australia, but it appears the entertainment industry is prepared to go to court to try and argue that such services can violate copyright law. Intellectual property experts said the situation in New Zealand, if it goes to court, could result in the first test case over the legality of skirting regional restrictions.
Businesses

Kludgey Electronic Health Records Are Becoming Fodder For Malpractice Suits 183

Posted by timothy
from the so-it-says-here-you-were-born-in-1709 dept.
Lucas123 writes The inherent issues that come with highly complex and kludgey electronic medical records — and for the healthcare professionals required to use them — hasn't been lost on lawyers, who see the potential for millions of dollars in judgments for plaintiffs suing for medical negligence or malpractice. Work flows that require a dozen or more mouse clicks to input even basic patient information has prompted healthcare workers to seek short cuts, such as cutting and pasting from previous visits, a practice that can also include the duplication of old vital sign data, or other critical information, such as a patient's age. While the malpractice suits have to date focused on care providers, they'll soon target EMR vendors, according to Keith Klein, a medical doctor and professor of medicine at UCLA. Klein has been called as an expert witness for more than 350 state or federal medical malpractice cases and he's seen a marked rise in plaintiff attorney's using EMRs as evidence that healthcare workers fell short of their responsibility for proper care. In one such case, a judge awarded more than $7.5 million when a patient suffered permanent kidney damage, and even though physicians hadn't neglected the patient, the complexity of the EMR was responsible for them missing uric kidney stone. The EMR was ore than 3,000 pages in length and included massive amounts of duplicated information, something that's not uncommon.
Government

Bolivia Demands Assange Apologize For Deliberately False Leaks To the US 160

Posted by timothy
from the well-it's-not-swatting-if-it's-the-usaf dept.
Rei writes In 2013, during Edward Snowden's brief and chaotic search for asylum that ultimately landed him in Russia, the US faced criticism for handing information to various European nations that Bolivian president Evo Morales was smuggling him out of Russia, leading to the grounding of his flight. In a new twist, in the documentary Terminal F about this time period, Wikileaks founder Julian Assange admitted that he was the one who deliberately leaked the fake information to the US government. Bolivia has been none too pleased with this news and is now demanding that Assange apologize for putting their president's life at risk.
Microsoft

Windows Remains Vulnerable To Serious 18-Year-Old SMB Security Flaw 171

Posted by samzenpus
from the protect-ya-neck dept.
Mark Wilson writes A serious security hole leaves millions of Windows users open to attack, making it possible to extract encrypted credentials from a target machine. Researchers at Cylance say the problem affects "any Windows PC, tablet or server" (including Windows 10) and is a slight progression of the Redirect to SMB attack discovered by Aaron Spangler way back in 1997. Redirect to SMB is essentially a man-in-the-middle attack which involves taking control of a network connection. As the name suggests, victims are then redirected to a malicious SMB server which can extract usernames, domains and passwords. Cylance also reports that software from companies such as Adobe, Oracle and Symantec — including security and antivirus tools — are affected.
Crime

Watch DARPA Artificial Intelligence Search For Crime On the "Dark Web" 35

Posted by samzenpus
from the seek-it-out dept.
An anonymous reader shares this bit of news from DARPA. "Of late, DARPA has shown a growing interest in open sourcing its technology, even if its most terrifying creations, like army robot wildcats designed to reach speeds of 50Mph, are understandably kept private. In a week’s time, the wider world will be able to tinker with components of the military research body’s in-development search tool for the dark web. The Memex technology, named after an mechanical mnemonic dreamt up just as the Second World War was coming to a close, has already been put to use by a number of law enforcement agencies, who are looking to counter crime taking place on networks like Tor, where Hidden Services are protected by the privacy-enhancing, encrypted hosting, often for good, often for bad. In its first year, the focus at Memex has been on tracking human trafficking, but the project's scope stretches considerably wider."
Security

French Intelligence Bill: 5 Web Hosting Providers Threaten To Leave the Country 105

Posted by samzenpus
from the we're-out-of-here dept.
albert555 (3986073) writes Five popular French web hosting providers, including Gandi and OVH, said on Thursday that the new French intelligence bill might push them to leave the country (French) in order not to lose their customers. The five companies are protesting against the "real-time capture of data connection" and their analysis by the intelligence services using "+black boxes+ with blurred lines". The web hosting providers believe that this project "will not reach its goal and will potentially put every French citizen under surveillance, that will result in the destruction of a major segment of the economy of our country," by pushing their customers to turn to other less intrusive territories. If the bill is passed as it is, "we have to move our infrastructure, our investments and our employees where our customers want to work with us". The companies have provided a listing of dozen cities where they "will suppress jobs instead of creating new ones."; "These are thousands of jobs (...) that startups and large companies will also create elsewhere," they add. The press release was addressed to the French Prime Minister, Manuel Valls, and was co-signed by Gandu, OVH, IDS, Ikoula and Lomaco.
Encryption

U.S. Gov't Grapples With Clash Between Privacy, Security 134

Posted by Soulskill
from the politicians-who-don't-know-which-way-the-wind-is-blowing dept.
schwit1 writes: WaPo: "For months, federal law enforcement agencies and industry have been deadlocked on a highly contentious issue: Should tech companies be obliged to guarantee U.S. government access to encrypted data on smartphones and other digital devices, and is that even possible without compromising the security of law-abiding customers?"

NSA director Adm. Michael S. Rogers wants to require technology companies to create a digital key that could open any smartphone or other locked device to obtain text messages or photos, but divide the key into pieces so that no one person or agency alone could decide to use it. But progress is nonexistent:

"The odds of passing a new law appear slim, given a divided Congress and the increased attention to privacy in the aftermath of leaks by former NSA contractor Edward Snowden. There are bills pending to ban government back doors into communications devices. So far, there is no legislation proposed by the government or lawmakers to require Internet and tech firms to make their services and devices wiretap-ready."
Communications

Microsoft: Feds Are 'Rewriting' the Law To Obtain Emails Overseas 99

Posted by Soulskill
from the get-out-of-my-inbox dept.
An anonymous reader writes: The Electronic Communications Privacy Act was written in 1986. It's incredibly outdated, yet it still governs many internet-related rights for U.S. citizens. Microsoft has now challenged Congress to update the legislation for how online communications work in 2015. The company is currently embroiled in a legal battle with the government over a court order to release emails stored in a foreign country to U.S. authorities. In a new legal brief (PDF), Microsoft says, "For an argument that purports to rest on the 'explicit text of the statute,' the Government rewrites an awful lot of it. Congress never intended to reach, nor even anticipated, private communications stored in a foreign country when it enacted [the ECPA]." In an accompanying blog post, Microsoft general counsel Brad Smith wrote, "Until U.S. law is rewritten, we believe that the court in our case should honor well-established precedents that limit the government's reach from extending beyond U.S. borders. ... To the contrary, it is clear Congress's intent was to ensure that your digital information is afforded the same legal protections as your physical documents and correspondence, a principle we at Microsoft believe should be preserved."
Google

Has Google Indexed Your Backup Drive? 121

Posted by samzenpus
from the it's-out-there dept.
itwbennett writes Depending on how you've configured the device, your backup drive may have been indexed by Google, making some seriously personal information freely available online to anyone who knows what they're looking for. Using a few simple Google searches, CSO's Steve Ragan discovered thousands of personal records and documents online, including sales receipts with credit card information and tax documents with social security numbers. In all cases, the files were exposed because someone used a misconfigured device acting as a personal cloud, or FTP (File Transfer Protocol) was enabled on their router.
United States

US Started Keeping Secret Records of International Telephone Calls In 1992 81

Posted by samzenpus
from the original-list dept.
schwit1 writes Starting in 1992, the Justice Department amassed logs of virtually all telephone calls from the USA to as many as 116 countries. The now-discontinued operation, carried out by the DEA's intelligence arm, was the government's first known effort to gather data on Americans in bulk, sweeping up records of telephone calls made by millions of U.S. citizens regardless of whether they were suspected of a crime. It was a model for the massive phone surveillance system the NSA launched to identify terrorists after the Sept. 11 attacks. That dragnet drew sharp criticism that the government had intruded too deeply into Americans' privacy after former NSA contractor Edward Snowden leaked it to the news media two years ago. More than a dozen current and former law enforcement and intelligence officials described the details of the Justice Department operation to USA TODAY. Most did so on the condition of anonymity because they were not authorized to publicly discuss the intelligence program, part of which remains classified. The operation had 'been approved at the highest levels of Federal law enforcement authority,' including then-Attorney General Janet Reno and her deputy, Eric Holder.
Businesses

Phone App That Watches Your Driving Habits Leads To Privacy Concerns 73

Posted by samzenpus
from the buying-your-privacy dept.
Toshito writes Desjardins Insurance has launched a smartphone app that tracks driver behaviour in return for the promise of substantial savings on car insurance. Two years ago, Desjardins began offering a telematic device that plugs into a vehicle's diagnostic port, to track acceleration, hard braking and the time of day you were driving, for instance. Now, there's no plug-in device required. With Desjardins's new Ajusto app, all you need is your smartphone. But this comes with great concerns over privacy, and problems have been reported where the device was logging data when the user was riding a bus instead of driving his own car.
Crime

AT&T Call Centers Sold Mobile Customer Information To Criminals 92

Posted by samzenpus
from the was-that-wrong? dept.
itwbennett writes Employees at three call centers in Mexico, Colombia and the Philippines sold hundreds of thousands of AT&T customer records, including names and Social Security numbers, to criminals who attempted to use the customer information to unlock stolen mobile phones, the U.S. Federal Communications Commission said. AT&T has agreed to pay a $25 million civil penalty, which is the largest related to a data breach and customer privacy in the FCC's history.