Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

Submission + - NTSB reminds pilots to land at correct airport (networkworld.com)

Submitted by coondoggie
coondoggie writes: There are a ton of details involved in flying an aircraft no doubt but you might think landing at the correct airport would be one of those things that just wouldn't be a serious problem. Well I guess we'd be wrong on that score because today the National Transportation Safety Board has issued a Safety Alert to remind pilots to um, land at the right airport. There have been at least two wrong landing incidents in the past year that prompted the NTSB's missive entitled "Landing at the Wrong Airport." The most recent occurred in January when a Southwest Airlines 737 landed at the wrong airport in Branson, Missouri (the video in this story shows the plane leaving that airport); then last November a Boeing 747 cargo plane landed on a 6,100-foot runway instead of the 12,000-foot one at its intended airport 12 miles away.

Submission + - TSA missed Boston bomber because his name was misspelled in a database (nbcnews.com) 3

Submitted by schwit1
schwit1 writes: Tamerlan Tsarnaev, the primary conspirator in the Boston Marathon bombing that killed three people, slipped through airport security because his name was misspelled in a database, according to a new Congressional report.

The Russian intelligence agency warned US authorities twice that Tsarnaev was a radical Islamist and potentially dangerous. As a result, Tsarnaev was entered into two US government databases: the Terrorist Identities Datamart Environment and the Treasury Enforcement Communications System (TECS), an interagency border inspection database.

A special note was added to TECS in October of 2011 requiring a mandatory search and detention of Tsarnaev if he left the country. "Detain isolated and immediately call the lookout duty officer," the note reportedly said. "Call is mandatory whether or not the officer believes there is an exact match."

"Detain isolated and immediately call the lookout duty officer."

Unfortunately, Tsarnaev's name was not an exact match: it was misspelled by one letter. Whoever entered it in the database spelled it as "Tsarnayev." When Tsarnaev flew to Russia in January of 2012 on his way to terrorist training, the system was alerted but the mandatory detention was not triggered. Because officers did not realize Tsarnaev was a high-priority target, he was allowed to travel without questioning.

Submission + - Fearing HIPAA, Google Rules Out Health Apps For Android Wear (securityledger.com) 1

Submitted by chicksdaddy
chicksdaddy writes: The Security Ledger reports (https://securityledger.com/2014/03/google-android-wear-isnt-ready-for-health-data/) that amid all the hype over what great new products might come out of Google's foray into wearable technology with Android Wear (http://www.android.com/wear/), there's one big category of application that is off the list: medical applications. The reason? HIPAA — the Health Insurance Portability and Accountability Act, which protects the privacy of patients personal health information in the U.S.

Deep down in Google’s Developer Preview License Agreement (http://developer.android.com/wear/license.html) is language prohibiting Android Wear applications that involve personal health information:

“Unless otherwise specified in writing by Google, Google does not intend use of Android Wear to create obligations under the Health Insurance Portability and Accountability Act, as amended, (“HIPAA”), and makes no representations that Android Wear satisfies HIPAA requirements."

Android Wear users who "are (or become) a Covered Entity or Business Associate under HIPAA... agree not to use Android Wear for any purpose or in any manner involving Protected Health Information unless you have received prior written consent to such use from Google.”

Google’s prohibition of medical applications is interesting. The market for personal health devices is evolving quickly, and the U.S. government has already warned that – in some cases – mobile applications may count as a type of medical device regulated by the FDA.(https://securityledger.com/2013/09/fda-says-some-medical-apps-a-kind-of-medical-device/)

No word from Google yet on how it plans to enforce the ban on medical applications for Google Wear, or what process it will set up to vet and approve health-related wearables. Given the potential for wearables to be used in health monitoring and the delivery of medical care, however, its a problem that the company might want to jump on — fast!

Submission + - Land Sinking with California Groundwater Drain (nationalgeographic.com)

Submitted by Maria_Celeste
Maria_Celeste writes: In the middle of a major drought, Californians' demand for groundwater is causing at least one 2-sq-mile area to subside by 1 foot per year, according to one researcher. Other areas are subsiding as well, but at less dramatic rates. Not only does that kind of subsidence jeopardize infrastructure (roads, pipelines, etc.), it increases flood risk as well. More importantly, it could put future groundwater reserves at risk by compressing the space available for storage — and minimizing California's ability to outlast future droughts.

Submission + - Remote ATM Attack Uses SMS To Dispense Cash (techweekeurope.co.uk)

Submitted by judgecorp
judgecorp writes: A newly discovered malware attack uses a smartphone connected to the computer that manages an ATM, and then sends an SMS message to instruct it to dispense cash. The attack was reported by Symantec, and builds on a previous piece of malware called Backdoor.Ploutus. It is being used in actual attacks, and Symantec has demonstrated it with an ATM in its labs, though it is not revealing the brand of the vulnerable machines.

Submission + - WHO: Air Pollution "Killed 7 Million People" In 2012 (bbc.com)

Submitted by dryriver
dryriver writes: The BBC reports: Seven million people died as a result of air pollution in 2012, the World Health Organization estimates. Its findings suggest a link between air pollution and heart disease, respiratory problems and cancer. One in eight global deaths were linked with air pollution, making it 'the world's largest single environmental health risk', the WHO said. Nearly six million of the deaths had been in South East Asia and the WHO's Western Pacific region, it found. The WHO said about 3.3 million people had died as a result of indoor air pollution and 2.6 million deaths were related to outdoor air pollution, mainly in low- and middle-income countries in those regions. WHO public health, environmental and social determinants of health department director Dr Maria Neira said: 'The risks from air pollution are now far greater than previously thought or understood, particularly for heart disease and strokes. Few risks have a greater impact on global health today than air pollution.' 'The evidence signals the need for concerted action to clean up the air we all breathe.' Reducing air pollution could save millions of lives, said the WHO. 'Poor women and children pay a heavy price from indoor air pollution since they spend more time at home breathing in smoke and soot from leaky coal and wood cook stoves.'

Submission + - Jimmy Wales rants at holistic healers petitioning Wikipedia (pcpro.co.uk)

Submitted by Barence
Barence writes: Wikipedia founder Jimmy Wales has issued a sharp response to petitioners calling for his site to "allow for true scientific discourse" on holistic healing. The petition, currently running on the Change.org site, claims that much of the information on Wikipedia relating to holistic approaches to healing is "biased, misleading, out of date, or just plain wrong". It has attracted almost 8,000 supporters at the time of publication.

Wales's response to the petition, posted on the same page, is far from conciliatory: "No, you have to be kidding me," he writes. "Every single person who signed this petition needs to go back to check their premises and think harder about what it means to be honest, factual, truthful. What we won't do is pretend that the work of lunatic charlatans is the equivalent of 'true scientific discourse'. It isn't."

Comment Re:Taking bets here.. (Score 1) 103

by ripvlan (#46537231) Attached to: NSA General Counsel Insists US Companies Assisted In Data Collection

Yeah - that was my first thought. Kind of like when a bully is beating a weak kid with his own arms. "he was hitting himself"

Wasn't that the definition of "the letter" - the one that companies aren't allowed to acknowledge they received?! Maybe they aren't allowed to even say that they heard of the program.

Comment Re:Laughable (Score 1) 260

by ripvlan (#46507589) Attached to: The Era of Facebook Is an Anomaly

I didn't interpret her words in that manner. She seems to be suggesting that we would NOT come to a common place for *all* interactions. Ever been to a company party with your parents? You probably don't know many of the other kids - and the adults are a bit different too from the ones who came to your house for a BBQ. We all interact differently, even with the same people, when the context is different.

When I was in college there was a bar/pub that "everyone" hung out at on Friday nights. There were two guys who played Irish songs in sing-along fashion - we'd all sing and drink and otherwise socialize. But after last-call we'd all head our separate ways - until the next weekend. Sunday morning I would meet other friends at a different location to play games.

Different places for different kinds of interactions - I believe that is her point. We don't all go to FB for everything.

Even now I use other web-forums for things like car racing, or software-architecture, or other hobbies. Gosh - that's almost the design of meetup.com - a board for like minded people to find each other - and then they meet externally in a place conducive to the theme of the meetup.

Last time I saw a company on the web try to be everything - we later laughed at it. It was called AOL.

Submission + - Microsoft Shares Untold Story Behind Security Development Lifecycle (securityweek.com)

Submitted by wiredmikey
wiredmikey writes: Microsoft launched a new web site dedicated to sharing the untold story behind its Security Development Lifecycle (SDL). The Security Development Lifecycle, a process for writing more secure software, is now mandatory within Microsoft, and was the work of early security teams and the impact of Bill Gates’ Trustworthy Computing (TwC) memo in 2002.

The dedicated site, hosted at SDLstory.com, provides never-before-seen video footage and photos from many of the SDL’s key players, and uncovers a collection of little-known anecdotes. For example, Microsoft said that in the early 2000s, the company had to bus engineers to the customer support call center to keep up with high call volumes coming in as a result of security incidents. Microsoft also said that in early February 2002 the entire Windows division shut down development and diverted all developers to focus on security.

Submission + - Take me to your leader: Who will control the facebook robots? (ssrn.com)

Submitted by alisonuw
alisonuw writes: Facebook is reportedly buying Titan Aerospace for $60 million, following Amazon and Google into the drone-o-sphere. The idea being that they'll use the drones to provide wireless internet to the developing world and therefore expand their market of potential users.

But the laws governing these robots are the same laws that govern the internet, despite the difference in technology/use. Simply put, the laws haven't caught up with the technology. The skies above Africa aren't exactly a no man's land of cyberlaw, but they're close.

Professor Ryan Calo has has written a new paper called Robotics and the New Cyberlaw that looks at the new legal challenges posed by these new technologies and the ways that the law needs to evolve to catch up to the pace of innovation.

"Two decades of analysis have produced a rich set of insights as to how the law should apply to the Internet’s peculiar characteristics. But, in the meantime, technology has not stood still. The same public and private institutions that developed the Internet, from the armed forces to search engines, have initiated a significant shift toward robotics and artificial intelligence...

Cyberlaw can and should evolve to meet these challenges. Cyberlaw is interested, for instance, in how people are hardwired to think of going online as entering a “place,” and in the ways software constrains human behavior. The new cyberlaw will consider how we are hardwired to think of anthropomorphic machines as though they were social, and ponder the ways institutions and jurists can manage the behavior of software. Ultimately the methods and norms of cyberlaw — particularly its commitments to interdisciplinary pragmatism — will prove crucial in integrating robotics, and perhaps whatever technology follows."

Comment Well gosh darn (Score 1) 1

How would employees know that such a system was installed?

I can understand a company needing to monitor for leaks - and granted they do own everything. Yes - my cell phone is my "trusted" way out to the internet that my employer can't snoop on (and I'm not using their resources).

Seriously though - how could anyone know the difference between "good" vs "bad" MITM ? Could DNSSEC be fooled in this same way?

Please - get back to work. Nothing else shall be tolerated.

Submission + - Hackers Paying Attention to Microsoft EMET Bypasses (threatpost.com)

Submitted by msm1267
msm1267 writes: Exploits bypassing Microsoft’s Enhanced Mitigation Experience Toolkit, or EMET, are quickly becoming a parlor game for security researchers. With increasing frequency, white hats are poking holes in EMET, and to its credit, Microsoft has been quick to not only address those issues but challenge and reward researchers who successfully submit bypasses to its bounty program.

The tide may be turning, however, if the latest Internet Explorer zero day is any indication. An exploit used as part of the Operation SnowMan espionage campaign against U.S. military targets contained a feature that checked whether an EMET library was running on the compromised host, and if so, the attack would not execute.

That’s not the same as an in-the-wild exploit for EMET, but that may not be too far down the road, especially when you take into consideration two important factors: Microsoft continues to market EMET as an effective and temporary zero-day mitigation until a patch is released; and the impending end-of-life of Windows XP in three days could spark a surge in EMET installations as a stopgap.

Slashdot Top Deals

Those who can, do; those who can't, write. Those who can't write work for the Bell Labs Record.

Close