Slashdot is powered by your submissions, so send in your scoop


Forgot your password?

DOJ Launches New Cybercrime Unit, Claims Privacy Top Priority 61

Posted by Soulskill
from the look-we're-helping-see-look dept.
msm1267 writes: Leslie Caldwell, assistant attorney general in the criminal division of the Department of Justice, announced on Thursday the creation of a new Cybercrime Unit, tasked with enhancing public-private security efforts. A large part of the Cybersecurity Unit's mission will be to quell the growing distrust many Americans have toward law enforcement's high-tech investigative techniques. (Even if that lack of trust, as Caldwell claimed, is based largely on misinformation about the technical abilities of the law enforcement tools and the manners in which they are used.) "In fact, almost every decision we make during an investigation requires us to weigh the effect on privacy and civil liberties, and we take that responsibility seriously," Caldwell said. "Privacy concerns are not just tacked onto our investigations, they are baked in."

Why Pluto Still Matters 91

Posted by samzenpus
from the where-the-mi-go-and-the-terran-federation-play dept.
StartsWithABang writes Nearly a century ago, Pluto was discovered, and for 48 years it remained the only known object whose orbit takes it beyond the gravitational pull of Neptune. In a single generation, we've now discovered more than 1,000 additional objects in the Kuiper Belt, but does that make Pluto any less special? Here's a strong argument for why Pluto might matter now more than ever.

Voting Machines Malfunction: 5,000 Votes Not Counted In Kansas County 127

Posted by samzenpus
from the our-bad dept.
An anonymous reader writes A malfunction in electronic voting machines in Saline County, Kansas, left over 5,000 votes uncounted. That's roughly one-third of the votes cast. Counting those 5,207 votes didn't change any outcomes in this case however. “That’s a huge difference,” county Chairman Randy Duncan said when notified by the Journal of the error. “That’s scary. That makes me wonder about voting machines. Should we go back to paper ballots?”

Comment: Demote 99% of the vulnerabilities (Score 1) 64

by Burz (#48464673) Attached to: The People Who Are Branding Vulnerabilities

Keep all the complex interfaces and code if you need them, but put them behind very small paravirtualization codebase ingrained into the OS which keeps them isolated -- from the core system, and from each other. Really, even your devices like USB controllers and NICs can be treated as untrusted in this way if you have an IOMMU. And you can have it in a normal desktop GUI.

Kernel-implemented security is a failure; Its ridiculous to go through continued years & decades of pain by relying on it and worrying about breakouts from its weak sandboxing tactics.

Comment: Re:Replace Cisco, and Akamai and then maybe.. (Score 1) 212

by Burz (#48415593) Attached to: Launching 2015: a New Certificate Authority To Encrypt the Entire Web

"Lawful intercept" has entered the business models of Verisign and CISCO. I would not trust CISCO...

Not even an inch...

Proper security on a network is properly done at the endpoints. Its doesn't belong anywhere else.

What is Mozilla thinking?? They could help fund They could implement clever ways to get it to ride on existing social networks. They could look at network privacy layers that use public keys as addresses. There are options for improving privacy that don't involve elevating the PKi clusterf*ck any further.

Comment: Re:Immune system for operating systems? (Score 1) 50

by Burz (#48400265) Attached to: Open Source Self-Healing Software For Virtual Machines

This is the one thing QubesOS could use to improve its security-by-isolation approach: Detection and repair in VMs. Even if you assume the hypervisor stays safe (and therefore, your trusted VMs stay safe), you're still relying on VMs to get everything done and the VMs doing the risky tasks are vulnerable to attack. It would be nice if those less-trusted VMs could get automatically restored after a successful attack.


First Victims of the Stuxnet Worm Revealed 39

Posted by Soulskill
from the patient-zero dept.
An anonymous reader writes: Analyzing more than 2,000 Stuxnet files collected over a two-year period, Kaspersky Lab can identify the first victims of the Stuxnet worm. Initially security researchers had no doubt that the whole attack had a targeted nature. The code of the Stuxnet worm looked professional and exclusive; there was evidence that extremely expensive zero-day vulnerabilities were used. However, it wasn't yet known what kind of organizations were attacked first and how the malware ultimately made it right through to the uranium enrichment centrifuges in the particular top secret facilities. Kaspersky Lab analysis sheds light on these questions.

Comment: Come on over to I2P (Score 3, Informative) 135

by Burz (#48357189) Attached to: Tor Project Mulls How Feds Took Down Hidden Websites

There are no privileged routers (or 'guard' nodes) on I2P, and from the perspective of "relays" I2P has many times the number Tor has.

Its way better than Tor when you're looking mainly to communicate with other anon sites/users. Comes with bittorrent and an option for decentralized (serverless) securemail.


Canadian Police Recommend Ending Anonymity On the Internet 231

Posted by samzenpus
from the sign-in dept.
An anonymous reader writes "Michael Geist reports that last week the Ontario Provincial Police, one of Canada's largest police forces, recommended legally ending anonymity on the Internet. Noting the need for drivers licenses to drive or marriage licenses to get married, the police suggested that an Internet license that would reveal all users is needed to address online crime. The Canadian Supreme Court strongly endorsed a right to anonymity earlier this year."

The idle man does not know what it is to enjoy rest.