Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Submission + - NSA infiltrated RSA security more deeply than thought (reuters.com)

Submitted by Advocatus Diaboli
Advocatus Diaboli writes: A group of professors from Johns Hopkins, the University of Wisconsin, the University of Illinois and elsewhere now say they have discovered that a second NSA tool exacerbated the RSA software's vulnerability. The professors found that the tool, known as the "Extended Random" extension for secure websites, could help crack a version of RSA's Dual Elliptic Curve software tens of thousands of times faster, according to an advance copy of their research shared with Reuters.

Submission + - Dropbox's new policy of scanning files for DMCA issues (arstechnica.com)

Submitted by Advocatus Diaboli
Advocatus Diaboli writes: This weekend, though, a small corner of the Internet exploded with concern that Dropbox was going too far, actually scanning users' private and directly peer-shared files for potential copyright issues. What's actually going on is a little more complicated than that, but shows that sharing a file on Dropbox isn't always the same as sharing that file directly from your hard drive over something like e-mail or instant messenger. The whole kerfuffle started yesterday evening, when one Darrell Whitelaw tweeted a picture of an error he received when trying to share a link to a Dropbox file with a friend via IM. The Dropbox web page warned him and his friend that "certain files in this folder can't be shared due to a takedown request in accordance with the DMCA."

Submission + - The inside story of MIT and Aaron Swartz (bostonglobe.com)

Submitted by Advocatus Diaboli
Advocatus Diaboli writes: That cooperation with law enforcement also extended to a senior MIT network engineer who monitored traffic to and from Swartz’s laptop and appeared to be looking to Pickett for instructions. On Jan. 5, having collected 70 gigabytes of network traffic, he e-mailed the agent, “I was just wondering what the next step is.” Swartz’s lawyers argued that MIT, by monitoring Swartz and turning over materials to law enforcement without a court order, violated his Fourth Amendment rights. Abelson, who wrote MIT’s own review, disagreed, and legal experts interviewed by the Globe differed on whether those arguments had merit. They were never ruled on by the judge in the case.

Submission + - GCHQ and NSA Targeted Private German Companies (spiegel.de)

Submitted by Advocatus Diaboli
Advocatus Diaboli writes: Documents show that Britain's GCHQ intelligence service infiltrated German Internet firms and America's NSA obtained a court order to spy on Germany and collected information about the chancellor in a special database. Is it time for the country to open a formal espionage investigation? The headquarters of Stellar, a company based in the town of Hürth near Cologne, are visible from a distance. Seventy-five white antennas dominate the landscape. The biggest are 16 meters (52 feet) tall and kept in place by steel anchors. It is an impressive sight and serves as a popular backdrop for scenes in TV shows, including the German action series "Cobra 11."

Also see this post

NSA Put Merkel on List of 122 Targeted Leaders (https://firstlook.org/theintercept/article/2014/03/29/der-spiegel-nsa-ghcq-hacked-german-companies-put-merkel-list-122-targeted-leaders/)

Submission + - Feds want an expanded ability to hack criminal suspects' computers (wsj.com) 1

Submitted by Advocatus Diaboli
Advocatus Diaboli writes: What could go wrong?

"The U.S. Department of Justice is pushing to make it easier for law enforcement to get warrants to hack into the computers of criminal suspects across the country. The move, which would alter federal court rules governing search warrants, comes amid increases in cases related to computer crimes. Investigators say they need more flexibility to get warrants to allow hacking in such cases, especially when multiple computers are involved or the government doesn’t know where the suspect’s computer is physically located."

Submission + - NR: Silicon Valley's Brutal Ageism (newrepublic.com)

Submitted by dryriver
dryriver writes: New Republic Article About 'Ageism' In The Tech Sector: Silicon Valley has become one of the most ageist places in America. Tech luminaries who otherwise pride themselves on their dedication to meritocracy don’t think twice about deriding the not-actually-old. 'Young people are just smarter,' Facebook CEO Mark Zuckerberg told an audience at Stanford back in 2007. As I write, the website of ServiceNow, a large Santa Clara–based I.T. services company, features the following advisory in large letters atop its 'careers' page: 'We Want People Who Have Their Best Work Ahead of Them, Not Behind Them.' And that’s just what gets said in public. An engineer in his forties recently told me about meeting a tech CEO who was trying to acquire his company. 'You must be the token graybeard,' said the CEO, who was in his late twenties or early thirties. 'I looked at him and said, "No, I’m the token grown-up." ' In talking to dozens of people around Silicon Valley over the past eight months—engineers, entrepreneurs, moneymen, uncomfortably inquisitive cosmetic surgeons—I got the distinct sense that it’s better to be perceived as naïve and immature than to have voted in the 1980s. And so it has fallen to Dr. Matarasso to make older workers look like they still belong at the office. 'It’s really morphed into, "Hey, I’m forty years old and I have to get in front of a board of fresh-faced kids. I can’t look like I have a wife and two-point-five kids and a mortgage," ' he told me. Dr. Matarasso told me that, in ascending order of popularity, the male techies favor laser treatments to clear up broken blood vessels and skin splotches. Next is a treatment called ultherapy—essentially an ultrasound that tightens the skin. 'I’ve had it done of course. I was back at work the next day. There’s zero downtime.' But, as yet, there is no technology that trumps good old-fashioned toxins, the most common treatment for the men of tech. They will go in for a little Botox between the eyes and around the mouth. Like most overachievers, they are preoccupied with the jugular. 'Men really like the neck,' Matarasso said, pointing out the spot in my own platysma muscle where he would inject some toxin to firm things up.

Submission + - Inside the NSA's Secret Efforts to Hunt and Hack System Administrators (firstlook.org) 1

Submitted by Advocatus Diaboli
Advocatus Diaboli writes: Across the world, people who work as system administrators keep computer networks in order – and this has turned them into unwitting targets of the National Security Agency for simply doing their jobs. According to a secret document provided by NSA whistleblower Edward Snowden, the agency tracks down the private email and Facebook accounts of system administrators (or sys admins, as they are often called), before hacking their computers to gain access to the networks they control. The document consists of several posts – one of them is titled “I hunt sys admins” – that were published in 2012 on an internal discussion board hosted on the agency’s classified servers. They were written by an NSA official involved in the agency’s effort to break into foreign network routers, the devices that connect computer networks and transport data across the Internet. By infiltrating the computers of system administrators who work for foreign phone and Internet companies, the NSA can gain access to the calls and emails that flow over their networks.

Submission + - Inside NSA's Efforts to Hunt Sysadmins (firstlook.org)

Submitted by Anonymous Coward
An anonymous reader writes: The Snowden revelations continue today with The Intercept releasing an NSA document titled “I hunt sys admins” (PDF on Cryptome). The document details techniques used by the NSA to break into systems administrators' computers in order to gain access to the networks they control. The Intercept has a detailed analysis of the leaked document.

Submission + - US tech giants knew of NSA data collection, agency's top lawyer insists (theguardian.com) 1

Submitted by Advocatus Diaboli
Advocatus Diaboli writes: The senior lawyer for the National Security Agency stated unequivocally on Wednesday that US technology companies were fully aware of the surveillance agency’s widespread collection of data, contradicting months of angry denials from the firms. Rajesh De, the NSA general counsel, said all communications content and associated metadata harvested by the NSA under a 2008 surveillance law occurred with the knowledge of the companies – both for the internet collection program known as Prism and for the so-called “upstream” collection of communications moving across the internet.

Submission + - Weev Is in Jail Because the Government Doesn't Know What Hacking Is (vice.com)

Submitted by Daniel_Stuckey
Daniel_Stuckey writes: Last March, weev, the notorious internet troll who seems to be equally celebrated and reviled, was convicted of accessing a computer without authorization and identity fraud, and sentenced to serve 41 months in prison.

"He had to decrypt and decode, and do all of these things I don't even understand," Assistant US Attorney Glenn Moramarco argued. Here, on a Wednesday morning in Philadelphia, before a packed courtroom, the federal prosecution argued that a hacker should spend three and a half years in prison for committing a crime it couldn't fully comprehend.

Previously, Orin Kerr, a law professor at George Washington University and weev's defense attorney, had argued first and foremost that there was no criminal hacking to speak of. According to Kerr, what weev and Daniel Spitler (who pleaded guilty to avoid jail time) had done while working as an outfit called Goatse Security was entirely legal, even though it embarrassed public officials and some of the country's biggest corporations.

Submission + - Homeland Security is seeking a national license plate tracking system (washingtonpost.com)

Submitted by Advocatus Diaboli
Advocatus Diaboli writes: The Department of Homeland Security wants a private company to provide a national license-plate tracking system that would give the agency access to vast amounts of information from commercial and law enforcement tag readers, according to a government proposal that does not specify what privacy safeguards would be put in place.
The national license-plate recognition database, which would draw data from readers that scan the tags of every vehicle crossing their paths, would help catch fugitive illegal immigrants, according to a DHS solicitation. But the database could easily contain more than 1 billion records and could be shared with other law enforcement agencies, raising concerns that the movements of ordinary citizens who are under no criminal suspicion could be scrutinized.

Also see this..

Reports of the Death of a National License-Plate Tracking Database Have Been Greatly Exaggerated (https://firstlook.org/theintercept/2014/03/17/1756license-plate-tracking-database/)

Submission + - NSA's MYSTIC and RETRO (washingtonpost.com)

Submitted by Advocatus Diaboli
Advocatus Diaboli writes: The National Security Agency has built a surveillance system capable of recording “100 percent” of a foreign country’s telephone calls, enabling the agency to rewind and review conversations as long as a month after they take place, according to people with direct knowledge of the effort and documents supplied by former contractor Edward Snowden. A senior manager for the program compares it to a time machine — one that can replay the voices from any call without requiring that a person be identified in advance for surveillance.

Comment The real puzzle (Score 5, Insightful) 382

Evidently the aircraft had enough power to run the pinging transmitter for over 4 hours after the transponder went dead (or was turned off). This implies that the aircraft also had enough power and structural integrity for at least some of its communication systems to work. But the experienced pilots did not make even one distress call or issue a single distress code. Why not? What prevented them from doing it?

Comment The plane was pinging hours after it disappeared (Score 2) 382

A satellite transmitter on the plane was active for about five hours, indicating the plane was operational after its transponder shut down less than an hour after takeoff, said three U.S. government officials. The 777 can cruise at 500 miles (805 kilometers) an hour or more, meaning it may have flown for as far as 2,500 miles beyond its last point of contact if it was intact and had enough fuel. Link (http://www.bloomberg.com/news/2014-03-13/missing-malaysian-jet-said-to-have-flown-with-beacon-off.html)

Slashdot Top Deals

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (5) All right, who's the wiseguy who stuck this trigraph stuff in here?

Close