Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Submission + - Hacker Set to Demonstrate 60 Second BRINKS Safe Hack at DEFCON (eweek.com)

Submitted by darthcamaro
darthcamaro writes: Ok so we know that Chrysler cars will be hacked at Black Hat, Android will be hacked at DEFCON with Stagefright, and now word has come out that a pair of security researchers plan on bringing a BRINKS safe onstage at DEFCON to demonstrate how it can be digitally hacked. No this isn't some kind of lockpick, but rather a digital hack, abusing the safe's exposed USB port. And oh yeah, it doesn't hurt that the new safe is running Windows XP either.

Submission + - Cold War, NSA, GCHQ and Encryption (bbc.com)

Submitted by Taco Cowboy
Taco Cowboy writes: In the 1980s, the historian James Bamford was researching his book The Puzzle Palace about the US National Security Agency (NSA) and came across references to the "Boris project" in papers written by William F Friedman, the founding father of code-breaking in America. The "Boris project' details a secret agreement between Boris Hagelin, the founder of Crypto AG, a Switzerland company which sold Enigma-like machines to nations and spy agencies around the world, and NSA

Upon learning of Mr. Bamford's discovery the NSA promptly had the papers locked up in a vault

In 1995, journalist Scott Shane, then at the Baltimore Sun, found indications of contacts between the company and the NSA in the 1970s, but the company said claims of a deal were "pure invention"

The new revelations of a deal do not come from a whistleblower or leaked reports, but are buried within 52,000 pages of documents declassified by the NSA itself this April and investigated by the BBC

The relationship was based on a deep personal friendship between Hagelin and Friedman, forged during the War. The central document is a once top-secret 22-page report of a 1955 visit by Friedman to Zug in Switzerland, where Crypto AG was based

Some elements of the memo have been redacted — or blacked out — by the NSA. But within the released material, are two versions of the same memo, as well as a draft

Each of the versions has different parts redacted. By placing them side by side and cross referencing with other documents, it is possible to learn many — but not all — details. The different versions of the report make clear Friedman — described as special assistant to the director of NSA — went with a proposal agreed not just by US, but also British intelligence

http://ichef.bbci.co.uk/news/4...

Friedman offered Hagelin time to think his proposal over, but Hagelin accepted on the spot

The relationship, initially referred to as a "gentleman's agreement", included Hagelin keeping the NSA and GCHQ informed about the technical specifications of different machines and which countries were buying which ones. The provision of technical details "is a revelation of the first order," says Paul Reuvers, an engineer who runs the Crypto Museum website

"That's extremely valuable. It is something you would not normally do because the integrity and secrecy of your own customer is mandatory in this business"

The key to breaking mechanical encryption machines — such as Enigma or those produced by Hagelin — is to understand in detail how they work and how they are used. This knowledge can allow smart code breakers to look for weaknesses and use a combination of maths and computing to work through permutations to find a solution. In one document, Hagelin hints to Friedman he is going to be able "to supply certain customers" with a specific machine which, Friedman notes, is of course "easier to solve than the new models"

Previous reports of the deal suggested it may have involved some kind of backdoor in the machines, which would provide the NSA with the keys. But there is no evidence for this in the documents (although some parts remain redacted)

Rather, it seems the detailed knowledge of the machines and their operations may have allowed code-breakers to cut the time needed to decrypt messages from the impossible to the possible

The relationship also involved not selling machines such as the CX-52, a more advanced version of the C-52 — to certain countries. "The reason that CX-52 is so terrifying is because it can be customised," says Prof Richard Aldrich, of the University of Warwick. "So it's a bit like defeating Enigma and then moving to the next country and then you've got to defeat Enigma again and again and again"

Some countries — including Egypt and India — were not told of the more advanced models and so bought those easier for the US and UK to break

In some cases, customers appear to have been deceived. One memo indicates Crypto AG was providing different customers with encryption machines of different strengths at the behest of Nato and that "the different brochures are distinguishable only by 'secret marks' printed thereon"

Historian Stephen Budiansky says: "There was a certain degree of deception going on of the customers who were buying [machines] and thinking they were getting something the same as what Hagelin was selling everywhere when in fact it was a watered-down version"

Among the customers of Hagelin listed are Egypt, Iraq, Saudi Arabia, Syria, Pakistan, India, Jordan and others in the developing world

In the summer of 1958, army officers apparently sympathetic to Egyptian President Gamal Abdel Nasser overthrew the regime in Iraq. Historian David Easter, of King's College, London, says intelligence from decrypted Egyptian communications was vital in Britain being able to rapidly deploy troops to neighbouring Jordan to forestall a potential follow-up coup against a British ally

The 1955 deal also appears to have involved the NSA itself writing "brochures", instruction manuals for the CX-52, to ensure "proper use". One interpretation is these were written so certain countries could use the machines securely — but in others, they were set up so the number of possible permutations was small enough for the NSA to crack

In a statement, a GCHQ spokesman said the agency "does not comment on its operational activities and neither confirms nor denies the accuracy of the specific inferences that have been drawn from the document you are discussing"

The NSA also declined to comment on the specific conclusions
Google

Plan To Run Anti-Google Smear Campaign Revealed In MPAA Emails 256

Posted by samzenpus from the put-everything-down-in-writing dept.
vivaoporto writes: Techdirt reports on a plan to run an anti-Google smear campaign via the Today Show and the WSJ discovered in MPAA emails. Despite the resistance of the Hollywood studios to comply with the subpoenas obtained by Google concerning their relationship with Mississippi Attorney General Jim Hood (whose investigation of the company appeared to actually be run by the MPAA and the studios themselves) one of the few emails that Google have been able to get access to so far was revealed this Thursday in a filling. It's an email between the MPAA and two of Jim Hood's top lawyers in the Mississippi AG's office, discussing the big plan to "hurt" Google.

The lawyers from Hood's office flat out admit that they're expecting the MPAA and the major studios to have its media arms run a coordinated propaganda campaign of bogus anti-Google stories. One email reads: "Media: We want to make sure that the media is at the NAAG meeting. We propose working with MPAA (Vans), Comcast, and NewsCorp (Bill Guidera) to see about working with a PR firm to create an attack on Google (and others who are resisting AG efforts to address online piracy). This PR firm can be funded through a nonprofit dedicated to IP issues. The "live buys" should be available for the media to see, followed by a segment the next day on the Today Show (David green can help with this). After the Today Show segment, you want to have a large investor of Google (George can help us determine that) come forward and say that Google needs to change its behavior/demand reform. Next, you want NewsCorp to develop and place an editorial in the WSJ emphasizing that Google's stock will lose value in the face of a sustained attack by AGs and noting some of the possible causes of action we have developed."

As Google notes in its legal filing about this email, the "plan" states that if this effort fails, then the next step will be to file the subpoena (technically a CID or "civil investigatory demand") on Google, written by the MPAA but signed by Hood. This makes it pretty clear that the MPAA, studios and Hood were working hand in hand in all of this and that the subpoena had no legitimate purpose behind it, but rather was the final step in a coordinated media campaign to pressure Google to change the way its search engine works.
Education

Senate Passes 'No Microsoft National Talent Strategy Goal Left Behind Act' 132

Posted by samzenpus from the won't-somebody-please-think-of-the-children? dept.
theodp writes: Microsoft is applauding the Senate's passage of the Every Child Achieves Act, a rewrite of the No Child Left Behind Act, saying the move will improve access to K-12 STEM learning nationwide. The legislation elevates Computer Science to a "core academic subject", opening the door to a number of funding opportunities. The major overhaul of the U.S. K-12 education system, adds Microsoft on the Issues, also "advances some of the goals outlined in Microsoft's National Talent Strategy," its "two-pronged" plan to increase K-12 CS education and tech immigration. Perhaps Microsoft is tackling the latter goal in under-the-radar White House visits with the leaders of Mark Zuckerberg's FWD.us PAC, like this one, attended by Microsoft's William "It's Our Way Or the Canadian Highway" Kamela and FWD.us President Joe "Save Us From Just-Sort-of-OK US Workers" Green.

Submission + - Senator Ted Cruz believes that Kirk is a Republican while Picard is a Democrat (nytimes.com) 1

Submitted by McGruber
McGruber writes: Republican presidential candidate and Trekker Ted Cruz claimed in an interview with The New York Times Magazine that "It is quite likely that Kirk is a Republican and Picard is a Democrat.”

Cruz also stated a strong preference for Kirk: "Let me do a little psychoanalysis. If you look at ‘‘Star Trek: The Next Generation,’’ it basically split James T. Kirk into two people. Picard was Kirk’s rational side, and William Riker was his passionate side. I prefer a complete captain. To be effective, you need both heart and mind."

William Shanter responded via Twitter: "Star Trek wasn't political. I'm not political; I can't even vote in the US. So to put a geocentric label on interstellar characters is silly"

Submission + - HP conversion to corporate hell complete as R&D dress code enforced. 1

Submitted by Anonymous Coward
An anonymous reader writes: HP was once known as a research ant technology giant, a company founded in a garage by a pair of engineers and dominated by researchers. Whilst a part of that lives on in Agilent any hope for the rest of the company has now died with the announcement that HP R&D will have to dress in business "smart casual" with T-shirts, baseball caps, short skirts, low cut dresses and sportsware all being banned.

Submission + - The Android L Update for Nvidia Shield Portable Removes Features

Submitted by Anonymous Coward
An anonymous reader writes: For those of us who still remember the hobson's choice with the 3.21 update of the PS3 firmware, the most recent update to the Nvidia Shield Portable is eerily similar. The update, which is necessary to run recent games and apps that require Android 5.0 APIs, removes some features from the device, and removes the games that were bundled with the device, Sonic 4 Episode II and The Expendables: ReArmed. Nvidia has stressed that it is an optional update, but how many users have been told for months that the update was coming, some of whom may have bought the device after the update was announced, only to find out now they won't receive all the functionality they paid for? How is it still legal for these companies to advertise and sell a whole product but only deliver part of it?

Submission + - LinkedIn Quietly Removes Tool To Export Contacts

Submitted by Anonymous Coward
An anonymous reader writes: LinkedIn has removed the option to export your contacts. Instead, the company is asking users to request an archive of their data, but that process can take up to 72 hours to complete. Before it disappeared today, LinkedIn’s export contacts feature allowed you to easily export your own contacts as a downloadable CSV or VCF file. That included contacts you made while using the service, as well as any you manually imported into LinkedIn. Now that feature is gone, without even a simple warning.

Submission + - Remote control of a car, with no phone or network connection required

Submitted by Albanach
Albanach writes: Following on from this week's Wired report showing the remote control of a Jeep using a cell phone, security researchers claim to have achieved a similar result using just the car radio. Using off the shelf components to create a fake radio station, the researchers sent signals using the DAB digital radio standard used in Europe and the Asia Pacific region. After taking control of the car's entertainment system it was possible to gain control of vital car systems such as the brakes. In the wild, such an exploit could allow widespread simultaneous deployment of a hack affecting huge numbers of vehicles.

Submission + - How pentaquarks may lead to the discovery of new fundamental physics

Submitted by StartsWithABang
StartsWithABang writes: Over 100 years ago, Rutherford's gold foil experiment discovered the atomic nucleus. At higher energies, we can split that nucleus apart into protons and neutrons, and at still higher ones, into individual quarks and gluons. But these quarks and gluons can combine in amazing ways: not just into mesons and baryons, but into exotic states like tetraquarks, pentaquarks and even glueballs. As the LHC brings these states from theory to reality, here's what we're poised to learn, and probe, by pushing the limits of quantum chromodynamics.

Submission + - IT workers who train foreign replacements 'troubling' says White House (computerworld.com)

Submitted by dcblogs
dcblogs writes: A top White House official told House lawmakers this week that the replacement of U.S. workers by H-1B visa holders is 'troubling' and not supposed to happen. That answer came in reponse to a question from U.S. Rep. Jerrold Nadler (D-N.Y.) that referenced Disney workers who had to train their temporary visa holding replacements. Jeh Johnson, the secretary of the U.S. Department of Homeland Security said if H-1B workers are being used to replace U.S. workers, then "it's a very serious failing of the H-1B program." But Johnson also told lawmakers that they may not be able to stop it, based on current law. Ron Hira,an associate professor of public policy at Howard University who has testified before Congress multiple times on H-1B visa use, sees that as a "bizarre interpretation" of the law.

Submission + - Scientists Develop Seaweed Twice As Nutritious As Kale But Tastes Like Bacon (nzherald.co.nz)

Submitted by cold fjord
cold fjord writes: The New Zealand Herald reports, "Researchers at Oregon State University have patented a new strain of succulent red marine algae that tastes like bacon when it's cooked. The protein-packed algae sea vegetable called dulse grows extraordinarily fast and is wild along the Pacific and Atlantic coastlines. It has been sold for centuries in a dried form around northern Europe, used in cooking and as a nutritional supplement ... Chris Langdon has created a new strain of the weed which looks like a translucent red lettuce. An excellent source of minerals, vitamins and antioxidants the "superfood" contains up to 16 per cent protein in dry weight ... It has twice the nutritional value of kale. ... "... this stuff is pretty amazing. When you fry it, which I have done, it tastes like bacon, not seaweed. And it's a pretty strong bacon flavour."" — More at OSU.

Submission + - How do you measure a supercomputer's speed? (scientific-computing.com)

Submitted by AG_2011
AG_2011 writes: The 45th TOP 500 list of the world’s fastest supercomputers has just been announced. But, what benchmarks should be applied in the future as supercomputing advances on its way to an exascale supercomputer: the hope for a machine that can do a billion billion calculations a second.

Slashdot Top Deals

Top Ten Things Overheard At The ANSI C Draft Committee Meetings: (5) All right, who's the wiseguy who stuck this trigraph stuff in here?

Close