Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×

Submission + - The CIA Does Las Vegas (belowgotham.com)

Submitted by Nicola Hahn
Nicola Hahn writes: Despite the long line of covert operations that Ed Snowden’s documents have exposed public outcry hasn’t come anywhere near the level of social unrest that characterized the 1960s. Journalists like Conor Friedersdorf have suggested that one explanation for this is that the public is “informed by a press that treats officials who get caught lying and misleading (e.g., James Clapper and Keith Alexander) as if they're credible.”

Certainly there are a number of well-known popular venues which offer a stage for spies to broadcast their messages from while simultaneously claiming to “cultivate conversations among all members of the security community, both public and private.” This year, for instance, Black Hat USA will host Dan Greer (the CISO of In-Q-Tel) as a keynote speaker.

But after all of the lies and subterfuge is it even constructive to give voice to the talking points of intelligence officials? Or are they just muddying the water? As one observer put it, “high-profile members of the intelligence community like Cofer Black, Shawn Henry, Keith Alexander, and Dan Greer are positioned front and center in keynote slots, as if they were glamorous Hollywood celebrities. While those who value their civil liberties might opine that they should more aptly be treated like pariahs”

Submission + - Was America's #1 Rocketeer a Communist Spy? The FBI thought so.

Submitted by IMissAlexChilton
IMissAlexChilton writes: Frank Malina masterfully led the World War II effort to build U.S. rockets for jet-assisted takeoff and guided missiles. As described in IEEE Spectrum, Malina’s motley crew of engineers and enthusiasts (including occultist Jack Parsons) founded the Jet Propulsion Lab and made critical breakthroughs in solid fuels, hypergolics, and high-altitude sounding rockets, laying the groundwork for NASA’s future successes. And yet, under suspicion by the Feds at the war’s end, Malina gave up his research career, and his team’s efforts sank into obscurity. Taking his place: the former Nazi Wernher von Braun. Read “Frank Malina: America’s Forgotten Rocketeer”. Includes cool vintage footage of early JPL rocket tests. Disclosure: I am a staff editor with IEEE Spectrum.

Submission + - Programmers: Why Haven't You Joined The ACM? (itworld.com) 1

Submitted by jfruh
jfruh writes: The Association for Computing Machinery is a storied professional group for computer programmers, but its membership hasn't grown in recent years to keep pace with the industry. Vint Cerf, who recently concluded his term as ACM president, asked developers what was keeping them from signing up. Their answers: paywalled content, lack of information relevant to non-academics, and code that wasn't freely available.

Submission + - a NEW Road Warrior movie

Submitted by turkeydance
turkeydance writes: Following more than a decade of gestation and interruptions and coming nearly 40 years after the original film, the latest installment of George Miller’s apocalyptic action series Mad Max will finally see the light of day.
http://www.slate.com/blogs/bro...

Submission + - Ask Slashdot: After TrueCrypt (slashdot.org)

Submitted by TechForensics
TechForensics writes: (Resubmitted because was not identified as "Ask Slashdot"

We all know the TrueCrypt story-- a fine, effective encryption program beginning to achieve wide use. When you see how the national security agency modified this tool so they could easily overcome it, you'll probably understand why they don't complain about PGP anymore. The slip that showed what was happening was the information that NSA "were really ticked about TrueCrypt" either because they couldn't circumvent it or found it too difficult. From the standpoint of privacy advocates, NSA's dislike for TrueCrypt was evidence it was effective.

Next, NSA directly wrapped up the makers of TrueCrypt in legal webs that made them insert an NSA backdoor and forbade them from revealing it was there. It's only because of the cleverness of the TrueCrypt makers the world was able to determine for itself that TrueCrypt was now compromised. (Among other things, though formerly staunch privacy advocates, the makers discontinued development of TrueCrypt and recommended something like Microsoft Bitlocker, which no one with any sense believes could be NSA – hostile. It then became logically defensible, since NSA was not complaining about PGP or other encryption programs, to posit they had already been compromised.

This is the situation we have: all of the main are important encryption programs are compromised at least in use against the federal government. Whether NSA tools are made available to local law enforcement is not known. This all begs the question:

Does the public now have *any* encryption that works? Even if we can see the source code of the encryption algorithm the source code of the program employing that algorithm must be considered false. (TrueCrypt was the only program NSA complained about.) In the case of other software, it becomes believable the NSA has allowed to be published only source code that hides their changes, and the only way around that may be to check and compile the published code yourself. Half the public probably doesn't bother.

Okay, Slashdot, what do you think? Where do we stand? And what ought we to do about it?We all know the TrueCrypt story-- a fine, effective encryption program beginning to achieve wide use. When you see how the national security agency modified this tool so they could easily overcome it, you'll probably understand why they don't complain about PGP anymore. The slip that showed what was happening was the information that NSA "were really ticked about TrueCrypt" either because they couldn't circumvent it or found it too difficult. From the standpoint of privacy advocates, NSA's dislike for TrueCrypt was evidence it was effective.

Next, NSA directly wrapped up the makers of TrueCrypt in legal webs that made them insert an NSA backdoor and forbade them from revealing it was there. It's only because of the cleverness of the TrueCrypt makers the world was able to determine for itself that TrueCrypt was now compromised. (Among other things, though formerly staunch privacy advocates, the makers discontinued development of TrueCrypt and recommended something like Microsoft Bitlocker, which no one with any sense believes could be NSA–hostile. It then became logically defensible, since NSA was not complaining about PGP or other encryption programs, to posit they had already been vitiated.

This is the situation we have: all of the main or important encryption programs are compromised at least in use against the federal government. Whether NSA tools are made available to local law enforcement is not known. This all begs the question:

Does the public now have *any* encryption that works? Even if we can see the source code of the encryption algorithm the source code of the program employing that algorithm must be considered tainted. (TrueCrypt was the only program NSA complained about.) In the case of other software, it becomes believable the NSA has allowed to be published only source code that hides their changes, and the only way around that may be to check and compile the published code yourself. Half the public probably doesn't bother. (Would it not be possible for the NSA to create a second TrueCrypt that has the same hash value as the original?)

Okay, Slashdot, what do you think? Where do we stand? And what ought we to do about it?

Submission + - Open-Source Blu-Ray Library Now Supports BD-J Java (phoronix.com)

Submitted by Anonymous Coward
An anonymous reader writes: Updates to the open-source libbluray, libaacs, and libbdplus libraries have improved the open-source Blu-ray disc support to now enable the Blu-ray Java interactivity layer (BD-J). The Blu-ray Java code is in turn executed by OpenJDK or the Oracle JDK and is working well enough to play a Blu-ray disc on the Raspberry Pi when paired with the VLC media player.

Submission + - NSA Admits Retaining Snowden Emails, no FOIA for US press (matthewkeys.net)

Submitted by AHuxley
AHuxley writes: The http://thedesk.matthewkeys.net... reports on a FOIA request covering "... all e-mails sent by Edward Snowden"
Remember how Snowden should have raised his concerns with his superiors within the NSA?
Remember how no such communication could be found?
Remember how one such communication was released but did not seem to be raising direct concerns?
Well some record of e-mail communications seems to exist but they are exempt from public disclosure under the federal Freedom of Information Act.

Submission + - In New Zealand The Right To Silence And Presumption Of Innocence Are In Danger (nzherald.co.nz)

Submitted by cold fjord
cold fjord writes: The New Zealand Herald reports, "Fundamental pillars of the criminal justice system may be eroded whichever party wins the election this year, as both National's and Labour's proposals would look into changing the right to silence or the presumption of innocence in rape cases. Both major parties claim the current system is not upholding justice for victims, and are looking at changes that would effectively make it easier for prosecutors to obtain convictions. National wants to explore allowing a judge or jury to see an accused's refusal to give evidence in a negative light, while Labour wants to shift the burden of proof of consent from the alleged victim to the accused."

Submission + - Ask Slashdot: How can I prepare for the Theft of my Android Phone? 5

Submitted by Adam Jorgensen
Adam Jorgensen writes: Last week my 4-week old Moto G phone was stolen while getting onto the train at Salt River in Cape Town, South Africa. That in itself is no big deal. Cellphone theft is a huge problem here in South Africa and I've had at least two previous cellphones stolen. The big deal this time, for me at least, was that this was the first time I've lost an Android phone to theft.

When I actually sat down and through about it, losing a fully configured Android phone is actually a big deal as it provides ready access to all kinds of accounts, including ones Google account. This could potentially allow the thief to engage in all kinds of malicious behaviour, some of which could have major implications beyond the scope of the theft.

Luckily for me it seems that the thief did the usual thing: Dumped the sim card, wiped the phone and switched it off. It's probably had it's IMEI changed by now and been sold on to some oblivious punter, possibly some oblivious punter in another country.

Still, the potential for serious issue is making me have second thoughts about replacing the phone with anything capable of doing much more than calling.

My question is this: Are there any serious solutions out there for Android that secure against theft?

By serious I mean solutions that go beyond the laughably easy to defeat "Find My Phone" and "Remote Wipe" options provided at present. Presently I'm thinking along the lines of:
  • Full encryption of phone contents
  • Some kind of "Travel Safe" mode that would lock the phone down and trigger a full wipe of not unlocked correctly (Including wiping the phone on next boot if not unlocked before being switched off/running out of battery).

So, any ideas?

Slashdot Top Deals

"The four building blocks of the universe are fire, water, gravel and vinyl." -- Dave Barry

Close