Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Comment Re:Block spoofing. Or charge for that privilege (Score 2) 145

by bswarm (#48924271) Attached to: How One Small Company Blocked 15.1 Million Robocalls Last Year
AT&T lost me as a customer due to the ridiculous amount of telemarketers calling me. They wanted to charge me even more money to add call blocking or Caller ID. No thanks, got a cell phone for 1/3 the price of my landline and only family got that number, all others get my google call number.

Submission + - Facebook Is Being Skimmed For Info By Bots

Submitted by Anonymous Coward
An anonymous reader writes: I've started receiving spam emails using forged names from my Facebook friends. These spam emails have their names, but come from various foreign email addresses that they don't own. I do not have their email address and they do not have mine, so the only way this could happen is by bots skimming Facebook for names, emails, and friends lists. After trying for half an hour trying to find some way to contact Facebook and only being redirected to their help pages, I gave up. Apparently Facebook doesn't want to be contacted for a serious problem.

Submission + - Doomsday Clock is now 3 minutes to midnight! (thebulletin.org) 1

Submitted by Lasrick
Lasrick writes: Founded in 1945 by University of Chicago scientists who had helped develop the first atomic weapons in the Manhattan Project, the Bulletin of the Atomic Scientists created the Doomsday Clock two years later, using the imagery of apocalypse (midnight) and the contemporary idiom of nuclear explosion (countdown to zero) to convey threats to humanity and the planet. The decision to move (or to leave in place) the minute hand of the Doomsday Clock is made every year by the Bulletin's Science and Security Board in consultation with its Board of Sponsors, which includes 17 Nobel laureates. The Clock has become a universally recognized indicator of the world's vulnerability to catastrophe from nuclear weapons, climate change, and new technologies emerging in other domains. Today, the Clock was moved up 2 minutes; it is now 3 minutes to midnight. Here is the Board's statement on the move.

Submission + - Classic Rock Concert Website Set to Shut It's Doors

Submitted by realperseus
realperseus writes: I just received an email from Alex Reisner, the administrator of Classic Rock Concerts, a website that allows users to document old Rock concerts they have attended by telling their personal stories and uploading pictures of ticket stubs. His current site is a "Ruby on Rails application, currently running on Ruby 1.8.7 and Rails 2.3.18." His current host, Heroku has announced its plans to shut down the Bamboo stack on June 16, 2015 and recommends that all apps be migrated to the Cedar stack. Alex is looking to get the site upgraded to Ruby 2.0 at minimum and has started a Kickstarter to keep food on his table and a roof over his head while he carrys out this work.

Submission + - Hacked news companies tweet Chinese fired on U.S. warship (cnn.com)

Submitted by mpicpp
mpicpp writes: The Twitter accounts of the New York Post and United Press International were hacked Friday. Both companies tweeted that a war had broken out between the United States and China.

At 1 p.m. ET, the Twitter accounts of both companies reported that the Chinese military had fired a missile on a U.S. warship, sparking a full-blown battle. They also claimed the U.S. Federal Reserve was to make an emergency announcement about interest rates.

The stock markets were unmoved by the fake news reports.

"Give the hackers this much credit, the George Washington is our permanent Pacific based carrier," tweeted John Noonan, spokesman for House Armed Services committee. "They at least did their homework."

Comment Re:um... (Score 1) 43

by bswarm (#48696733) Attached to: BU Students Working On a Cheaper, Gentler Suborbital Rocket
Don't you hate the term "model rocket" when you're spending an easy grand on Aerotech 98mm casings and propellant, not to mention the rocket, licensing and FAA waivers? I gave up after my license qualifying H engine flight because the regulations in California are too strict to go any further.

Submission + - How should email change to stop spam? 2

Submitted by Anonymous Coward
An anonymous reader writes: Email has been on the internet for a long time and so has spam. Although anti-spam techniques are not losing the battle, it is not winning either.

Some background terms: Current smtp/email standars are RFC5321 and RFC5322. To avoid spam most people use DNSBLs and URIBLs for checking IP addresses and URLs. And there are some other content checks being done in spam-filters (e.g. by Spamassassin or non-free). Furthermore there are reputation-based systems such as SenderScore. There are some standards to avoid your domains being abused: SPF and DMARC. The large inbox-providers like Live.com and Gmail have additional filtering and throttling based on reputation and engagement (= is someone actually reading/clicking your company email).

And then there are some players in the field: ISPs send email for individuals and very small companies. ESPs (e.g. Constant Contact or MailChimp) send email for larger companies. Anti-spam organisations (such as Spamhaus, Spamcop or Sorbs) use spam information to create blocklists. Spamfilter companies (e.g. Proofpoint, Barracuda and SpamExperts) sell you a spamfilter-service and/or device. Furthermore there are a whole slew of email receivers: Large (such as Apple and Live.com/Gmail type) and smaller (companies and ISP/hosting companies). Then there are law-makers and regulatory bodies (who set and maintain laws) and I will include MAAWG here. And to not forget the spammers: Legitimate companies and criminal organisations (who spam for all sorts of reasons: marketing, selling, phishing, scamming, spear-phishing ...). I would define spam as all email that I would not expect to get (no opt-in, too long ago or inappropriate content given the relationship).

So my question is: Current anti-spam methods are not good enough. What should change in email so spam (of all sorts) is more effectivly countered?

Submission + - Investigation IDs Crew of 6 Behind Hack of Sony, Including Former Employee (securityledger.com)

Submitted by chicksdaddy
chicksdaddy writes: Alternative theories of who is responsible for the hack of Sony Pictures Entertainment have come fast and furious (http://it.slashdot.org/story/14/12/24/1757224/did-north-korea-really-attack-sony)in recent weeks- especially since the FBI pointed a finger at the government of North Korea last week. (http://news.slashdot.org/story/14/12/18/0249222/us-links-north-korea-to-sony-hacking) But Norse Security is taking the debate up a notch: saying that they have conclusive evidence pointing to group of disgruntled former employees as the source of the attack and data theft.

The Security Ledger quotes Norse Vice President Kurt Stammberger saying that Norse has identified a group of six individuals — in the U.S., Canada, Singapore and Thailand — that it believes carried out the attack, including at least one 10 year employee of SPE who worked in a technical capacity before being laid off in May.(https://securityledger.com/2014/12/new-clues-in-sony-hack-point-to-insiders-away-from-dprk/)

Rather than starting from the premise that the Sony hack was a state sponsored attack, Norse researchers worked their investigation like any other criminal matter: starting by looking for individuals with the "means and motive" to do the attack. HR files leaked in the hack provided the motive part: a massive restructuring in Spring, 2014, in which many longtime SPE employees were laid off.

After researching the online footprint of a list of all the individuals who were fired and had the means to be able to access sensitive data on Sony's network, Norse said it identified a handful who expressed anger in social media posts following their firing. They included one former employee — a 10 year SPE veteran who he described as having a “very technical background.” Researchers from the company followed that individual online, noting participation in IRC (Internet Relay Chat) forums where they observed communications with other individuals affiliated with underground hacking and hacktivist groups in Europe and Asia.

According to Stammberger, the Norse investigation was eventually able to connect an individual directly involved in conversations with the Sony employee with a server on which the earliest known version of the malware used in the attack was compiled, in July, 2014.

While Stammberger admits that some clues in the investigation seemed to point to attackers in one of the Koreas, he says those paths all turned into dead ends, and that Norse investigators found no convincing evidence of North Korean involvement in the incident.

According to Stammberger, the company is briefing the FBI on its investigation on Monday. I'd love to be a fly on the wall in that room!

Submission + - Adobe Flash Update Installs McAfee Security Scan Plus Crapware

Submitted by Anonymous Coward
An anonymous reader writes: If you get an update notification for Adobe Flash you will also be installing McAfee Security Scan Plus. This mornings update did open an Adobe webpage but did not give the option of unticking a box to prevent installation of McAfee crapware like previous updates have had. To uninstall — Start, McAfee Security Scan Plus, Uninstall, restart, cross your fingers nothing gets borked.

Slashdot Top Deals

The hardest part of climbing the ladder of success is getting through the crowd at the bottom.

Close