Please create an account to participate in the Slashdot moderation system

 


Forgot your password?
Close
typodupeerror
×

Submission + - The 600+ Companies PayPal Shares Your Data With (schneier.com)

Submitted by AmiMoJo
AmiMoJo writes: One of the effects of GDPR — the new EU General Data Protection Regulation — is that we're all going to be learning a lot more about who collects our data and what they do with it. Consider PayPal, that just released a list of over 600 companies they share customer data with. Here's a good visualization of that data.

Is 600 companies unusual? Is it more than average? Less? We'll soon know.

Submission + - This Map Shows All The Beauty And Horror Of The Dark Web (hyperiongray.com)

Submitted by punk2176
punk2176 writes: As reported by Forbes:

Want to know what the dark web looks like without even having to go there? A map released Tuesday by research and development outfit Hyperion Gray is bringing to life the often misunderstood and decried corner of the internet.

In what the company believes is an unprecedented effort to illuminate hidden services on the dark web, it allows anyone to zoom in and out of images containing the homepage of each website based on the Tor network. (Tor, run by the Tor Project, is designed to provide anonymity for its users and the hidden services within are considered to make up the largest section of the dark web.)

Be warned, though. The content within the Dark Web Map can be graphic. As Hyperion Gray's disclaimer notes: "These sites include mature and/or offensive content, including pornography, violence and racism."

Submission + - Mass Surveillance and the Memory Hole

Submitted by Presto Vivace
Presto Vivace writes: The NSA’s recent destruction of evidence in contravention of a court order follows a long-established pattern of intelligence abuses, as Ted Snider explains.

Though it received disturbingly little attention – perhaps a symptom of desensitization to news that we are constantly being surveilled – it was recently revealed that the National Security Agency (NSA) destroyed data about some of its surveillance activity that it was under court order to preserve. The NSA was ordered to save the data in 2007 because of pending lawsuits over the questionable legality of Bush ordered warrantless wiretaps of American digital and telecommunications. The data was evidence, and the NSA destroyed evidence. ... ... It seems that the NSA not only destroyed evidence but serially mislead the courts by claiming that it was complying with court orders while it simultaneously was not in compliance: the NSA was not preserving internet communications that were intercepted for several years between 2001 and 2007. Though as late as 2014, the NSA was assuring the court that it was “preserving magnetic/digital tapes of the Internet content intercepted under the [Presidential Surveillance Program] since the inception of the program,” the NSA has now confessed that assurance “may have been only partially accurate.”

The NSA failed to prevent 9/11, they failed to prevent Russia from interfering in our election, why do we keep them around?

Submission + - $300 Million in Ethereum Cryptocurrency "Lost" Due to Bug (theguardian.com)

Submitted by ytene
ytene writes: As reported by the UK's Guardian newspaper, a very significant amount of Ethereum cryptocurrency was lost thanks to the actions of support operator, "devops199". As the article explains, "Effectively, a user accidentally stole hundreds of wallets simultaneously, and then set them on fire in a panic while trying to give them back."

Although this story will catch headlines due to the cryptocurrency nature of the context and the significant sum of money involved, perhaps this is also interesting because the story suggests that the failure was caused by a "DevOp" — a user role that combines the functions of Developer and Production Support into a single person. Whilst it's true to say that anyone in technology can make mistakes, does this story also hint at the idea that the combined role of "DevOps" is inherently more risky, given that it invites people to combine the experimental mindset of a developer with the greater authority granted to Production Support staff?

Comment Re:LOL. (Score 1) 503

What sensationalist tripe. What are they going to do, strand millions of lower-income people who can't afford to replace their $2000 clunker with a $30,000 new car?

It's actually quite worse than that. You would force them to buy a $30K commuter car, and then force them to rent some kind of long range electric every time they wanted to go see Yosemite.

The biggest problem of all is the limited range of electrics. People always say "The average person travels under 100 miles a day", and that's true. However, many of us have loved ones we visit on the weekend, and taking a 10 hour round trip weekend to visit the in-laws just became impossible when we have to stop every few hours for a few hours of recharge.

Many people just can't afford another car for long range only, so they buy the compromise. Drive the mini-van to work with it's 22mpg because it's still cheaper then getting an econocar and a minivan. Personal experience talking.

Submission + - California Considers Banning ICE Automobiles (sacbee.com)

Submitted by Rick Schumann
Rick Schumann writes: The ban on internal-combustion engine automobiles would be at least 10 years away, and it's unclear at this early stage if it would ban only sales and use of new cars, or ban existing cars as well, and no mention of two (or three) wheeled vehicles at this stage, but the California Air Resoures Board (CARB) is nevertheless considering this seriously, in order to meet it's ambitious emissions reduction goals.

Submission + - Ask Slashdot: Why do so many of you think carrying cash is 'dangerous'? 5

Submitted by Anonymous Coward
An anonymous reader writes: Recently I Asked Slashdot what you thought about paying for things online using plastic, and the security of using plastic in general; thank you all for your many and varied responses, they're all much appreciated and gave me things to consider.

However I got quite a few responses that puzzled me: People claiming that paying for things with cash, and carrying any amount of cash around at all, was somehow dangerous, that I'd be 'robbed', and that I shoudn't carry cash at all, only plastic. I'm Gen-Y; I've walked around my entire life, in all sorts of places, and have never been approached or robbed by anyone, so I'm more than a little puzzled by that.

So now I ask you, Slashdotters: Why do you think carrying cash is so dangerous? Where do you live/spend your time that you worry so much about being robbed? Have you been robbed before, and that's why you feel this way? I'm not going to stop carrying cash in my wallet but I'd like to understand why it is so many of you feel this way — so please be thorough in your explanations.

Submission + - Chrome-browser hijack Windows DOS exploit (jsish.org) 3

Submitted by Bent Spoke
Bent Spoke writes: Windows should be wary of a new Chrome browser Denial of Service threat that is making the rounds.

It starts when you click on a certain link and Windows freezes.
The mouse doesn’t respond and even Ctrl-Alt-Delete doesn’t seem to work, or takes a really long time (eg. 10-20 minutes).
The tab or browser close buttons don’t seem to work. However, by disconnecting the network cable and (eventually) opening task manager you can kill the browser.
This is not as big a problem on Linux, as the system does not freeze so the tab is easily closed.

The payload that eventually appears in the browser window is:

      Windows Defender Alert : Zeus Virus Detected In Your Computer !!
      Please Do Not Shut Down or Reset Your Computer.

      The following data will be compromised if you continue:

            1. Passwords
            2. Browser History
            3. Credit Card Information
            4.Local Hard Disk Files.

      This virus is well known for complete identity and credit card theft.
      Further action through this computer or any computer on the network will reveal private information and involve serious risks.

      Call Microsoft Technical Department: (Toll Free) 866 XXX-XXXX

This message, which is rather convincing as Windows is effectively hung, presumably connects you with a social-engineering service (sic).

The link that triggers the issue is of the following form (actual url changed for security reasons).

1234567891012345678.bid

This uses Javascript to successively redirect to:

1234567891012345678.bid/0
1234567891012345678.bid/01
1234567891012345678.bid/012

ie. it defeats redirect loop detection as each url is different.

One nasty side effect of this is that your browser history is filled with junk urls, making it practically impossible to access previously visited sites.
There are too many links to delete individually without hanging the browser (15K+), however this can be mitigated with "Clear Browser/History/Last Hour" if used right away.

Another issue to be aware of is that upon restart, you do not want to let the browser reopen previous tabs.

Comment Re:way to go, microsoft. (Score 1) 99

The "taxpayer" did not directly fund the Telco networks, anymore than the taxpayers directly funded your employer's IT upgrade last year.

Pure semantics! When the govt. forces you to pay extra so that said money can go where they want it to go, it's a tax! If they renamed the Income Tax deducted from you paycheck every week to Employee Usage Fee, would you fell any better?

Submission + - Linux finally starting to see the problem with certain init systems? (lkml.org)

Submitted by jawtheshark
jawtheshark writes: In a latest Linux Kernel Mailing List post, Linux Torvalds, finishes his mail with a little poke towards a certain init system. It is a very faint criticism, compared to his usual style. While Linus has no direct influence on the "choices" of distro maintainers, his opinion is usually valued.

Submission + - EU Prepares "Right to Repair" Legislation to Fight Short Product Lifespans (bleepingcomputer.com) 1

Submitted by Anonymous Coward
An anonymous reader writes: The EU is preparing legislation that would legalize a customer's "right to repair," and would force vendors to design products for longer life and easier maintenance, in an effort to combat electronic waste and abusive practices like manufacturers legally preventing users from repairing their devices. The legislation is in its earlier stages of public discussion, but it already has the backing of several EU Members of Parliament, along with support from organizations like Greenpeace.

Currently, in the US only eleven states have similar laws, and they have been adopted after years of public discussions, and only for certain markets, and not for all types of products. It is unclear what leverage the EU will use to force manufacturers to produce longer lasting products, as this would mean lesser profits for big businesses, who often used tactics such as software DRMs, warranty contract lock-ins, and soldering components together, just to avoid users repairing products on their own.

Slashdot Top Deals

"One lawyer can steal more than a hundred men with guns." -- The Godfather

Close