Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×

Submission + - When Google Sells Your Data, It Might Be Illegally Killing Your Phone's Battery

Submitted by Jason Koebler
Jason Koebler writes: Personal information about you and your browsing, email, and app-using habits is regularly sent between apps on your Android phone, a potentially illegal practice that could be killing your battery life. A federal judge ruled that the claim, raised in a class action lawsuit against the company, "requires a heavily and inherently fact-bound inquiry."
That means that there's a good chance we're about to get a look into the ins and outs of Google's advertising backbone: what information is shared with who, and when.

Submission + - The daily harassment of women in the game industry (polygon.com)

Submitted by Anonymous Coward
An anonymous reader writes: Brianna Wu, leader of a game development studio, has an article exposing the constant harassment of women in the games industry. She says, "I’m not writing this piece to evoke your sympathy. I’m writing to share with you what prominent, successful women in the industry experience, in their own words." She goes through the individual stories of several women targeted by this vitriol, and tries to figure out why it happens. Quoting: "We live in a society that’s sexist in ways it doesn’t understand. One of the consequences is that men are extremely sensitive to being criticized by women. ... This is why women are socialized to carefully dance around these issues, disagreeing with men in an extremely gentle manner. Not because women are nicer creatures than men. But because our very survival can depend on it. ... Growing a thicker skin isn't the answer, nor is it a proper response. Listening, and making the industry safer for the existence of visible women is the best, and only, way forward."

Submission + - CNN iPhone App Sends iReporters' Passwords In The Clear (securityledger.com)

Submitted by chicksdaddy
chicksdaddy writes: The Security Ledger reports on newly published research from the firm zScaler that reveals CNN's iPhone application — one of the leading mobile news apps — transmits user login session information in clear text. (https://securityledger.com/2014/07/cnn-app-leaks-passwords-of-citizen-reporters/). The security flaw could leave users of the application vulnerable to having their login credential snooped by malicious actors on the same network or connected to the same insecure wifi hotspot. That's particularly bad news if you're one of CNN's iReporters — citizen journalists — who use the app to upload photos, video and other text as they report on breaking news events, zScaler warned in a blog post.

According to a zScaler analysis (http://research.zscaler.com/2014/07/cnn-app-for-iphone.html), CNN's app for iPhone exposes user credentials in the clear both during initial setup of the account and in subsequent mobile sessions. The iPad version of the CNN app is not affected, nor is the CNN mobile application for Android. A spokesman for CNN said the company had a fix ready and was working with Apple to have it approved and released to the iTunes AppStore.

The privacy of journalists' private communications has never been more a risk. Reporters find themselves in the crosshairs of sophisticated hacking crews, often working at the beck and call of anti-democratic regimes. They have infiltrated the networks of newspapers like The New York Times and The Washington Post — often in search of confidential communications between reporters and policy makers or human rights activists. (http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html) Here in the U.S., the Obama Administration is aggressively pursuing Pulitzer Prize winning journalist James Risen of The New York Times in order to uncover the source for a chapter in his book State of War concerning a covert US operation against Iran. (http://www.npr.org/blogs/thetwo-way/2014/06/02/318214947/times-reporter-must-testify-about-source-court-decides)

Submission + - UK to use Open Document Format for government documents (themukt.com)

Submitted by sfcrazy
sfcrazy writes: UK has decided to use ‘open standards’ for sharing and viewing government documents. The announcement was made by the Minister for the Cabinet Office, Francis Maude. One of the primary objectives of this move is to create a level playing field for suppliers of all sizes. The move must put some pressure on Google to offer full support for ODF in Chrome, Android and Google Docs.

Submission + - Researcher Finds Hidden Data-Dumping Services in iOS

Submitted by Trailrunner7
Trailrunner7 writes: There are a number of undocumented and hidden features and services in Apple iOS that can be used to bypass the backup encryption on iOS devices and remove large amounts of users’ personal data. Several of these features began as benign services but have evolved in recent years to become powerful tools for acquiring user data.

Jonathan Zdziarski, a forensic scientist and researcher who has worked extensively with law enforcement and intelligence agencies, has spent quite a bit of time looking at the capabilities and services available in iOS for data acquisition and found that some of the services have no real reason to be on these devices and that several have the ability to bypass the iOS backup encryption. One of the services in iOS, called mobile file_relay, can be accessed remotely or through a USB connection can be used to bypass the backup encryption. If the device has not been rebooted since the last time the user entered the PIN, all of the data encrypted via data protection can be accessed, whether by an attacker or law enforcement, Zdziarski said.

Zdziarski discussed his findings in a talk at the HOPE X conference recently and published the slides and paper, as well. The file_relay service has been in iOS for some time and originally was benign, but Zdziarski said that in recent versions it has turned into a tool that can dump loads of user data on command. The file_relay tool can dump a list of the email and social media accounts, the address book, the user cache folder, which contains screenshots, offline content, copy/paste data, keyboard typing cache and other personal data. The tool can also provide a log of periodic location snapshots from the device.

Submission + - What do WhiteHouse.gov and YouPorn.com have in common? (propublica.org)

Submitted by Anonymous Coward
An anonymous reader writes: Both sites use a new, extremely persistent type of online tracking called "canvas fingerprinting" that can't be blocked by standard Web browser privacy settings or even anti-tracking tools such as AdBlock Plus.

Companies are looking to this method to replace cookies as Web users increasingly rely on more sophisticated ad-blocking software.

Submission + - Stop DRIP: What The Data Retention and Investigatory Powers Bill Actually Means

Submitted by concertina226
concertina226 writes: David Cameron has decided to rush through new emergency legislation known as the Data Retention and Investigatory Powers Bill (DRIP) into law this week, saying that there is an urgent need for better legislation since the European Court of Justice (ECJ) overturned the EU Data Retention Directive in April.

Some of the changes from the 2009 Data Retention Regulations potentially give the UK government more powers for monitoring our data, from allowing the UK government to give warrants to non-UK companies to issuing warrants to forum owners, online storage services like Dropbox and webmail providers.

Submission + - Prevalence of offshoring in the Information Security industry

Submitted by sundarvenkata
sundarvenkata writes: After having been a regular (C# .NET, C++) code monkey in the US for 6 years now with readily offshoreable skills, I feel like I am fighting an uphill battle against third world wages. While I am not prepared for a drastic career change that will be completely incompatible with my Computer Science background, I was wondering if investing money and resources in getting a degree in Information Security would be worthwhile to get a job that can't easily be offshored.

I would welcome insights from the industry insiders on the level of offshoring that they have witnessed in this industry (in the US) and the barriers-to-entry for someone with an undergrad in Computer Science.

Submission + - 10000 year old drawings of aliens and UFOs found in caves of India (indiatimes.com)

Submitted by Anonymous Coward
An anonymous reader writes: The archeological department of the Indian state of Chattisgarh has found some interesting paintings in caves. They are now asking NASA, ISRO and other archeologists for help for more research into this. According to the folklore among the villages, the small sized aliens, who used to land from sky in a round shaped flying object and take away one or two persons of village who never returned.
Full story at
http://timesofindia.indiatimes...

Submission + - Comcast Customer Service Rep Just Won't Take No For An Answer

Submitted by RevWaldo
RevWaldo writes: The Verge and other sources post how AOL's Ryan Block ultimately succeeded in cancelling his Comcast account over the phone, but not before the customer service representative pressed him for eight solid minutes (audio) to explain his reasoning for leaving "the number one provider of TV and internet service in the country" in a manner that would cause a character in Glengarry Glen Ross to blanch. Comcast has as of now issued an apology.

Slashdot Top Deals

Trap full -- please empty.

Close