Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Submission + - FBI Accuses Researcher of Hacking Plane, Seizes Equipment (securityledger.com)

chicksdaddy writes: The Feds are listening and they really can't take a joke. That's the apparent moral of security researcher Chris Roberts' legal odyssey on Wednesday, which saw him escorted off a plane in Syracuse by two FBI agents and questioned for four hours over a humorous tweet Roberts posted about his ability to hack into the cabin control systems of the Boeing 737 he was flying.(https://twitter.com/Sidragon1/status/588433855184375808) Roberts (aka @sidragon1), joked that he could "start playing with EICAS messages," a reference to the Engine Indicating and Crew Alerting System (http://en.wikipedia.org/wiki/Engine-indicating_and_crew-alerting_system).

Roberts was traveling to Syracuse to give a presentation. He said local law enforcement and FBI agents boarded the plane on the tarmac and escorted him off. He was questioned for four hours, with officers alleging they had evidence he had tampered with in-flight systems on an earlier leg of his flight from Colorado to Chicago.

In an interview with The Security Ledger (https://securityledger.com/2015/04/hacker-on-a-plane-fbi-seizes-researchers-gear/), Roberts said the agents questioned him about his tweet and whether he tampered with the systems on the United flight -something he denies doing.

Roberts had been approached earlier by the Denver office of the FBI which warned him away from further research on airplanes. The FBI was also looking to approach airplane makers Boeing and Airbus and wanted him to rebuild a virtualized environment he built to test airplane vulnerabilities to verify what he was saying.

Roberts refused, and the FBI seized his encrypted laptop and storage devices and has yet to return them, he said. The agents said they wished to do a forensic analysis of his laptop. Roberts said he declined to provide that information and requested a warrant to search his equipment. As of Friday, Roberts said he has not received a warrant.

Submission + - Google Announces "End-To-End" Encryption Extension for Chrome

Nexus Unplugged writes: On their security blog today, Google announced a new Chrome extension called "End-To-End" intended to make browser-based encryption of messages easier for users. The extension, which was rumored to be "underway" a couple months ago, is currently in an "alpha" version and is not yet available pre-packaged or in the Chrome Web Store. It utilizes a Javascript implementation of OpenPGP, meaning that your private keys are never sent to Google. However, if you'd like to use the extension on multiple machines, its keyring is saved in localStorage, which can be encrypted with a passphrase before being synced. The extension still qualifies for Google's Vulnerability Reward Program, and joins a host of PGP-related extensions already available for Chrome.

Submission + - Scientists Building Sperm-Size Robots To Deliver Drugs Inside The Human Body (itworld.com)

jfruh writes: One of the difficulties of treating certain diseases is that it's necessary to deliver tiny amounts of medicine to very specific parts of the human body. Dutch scientists are hoping that the tiny robots they're building, inspired by sperm cells, can help. In addition to delivering drugs, the sperm-bots could clean arteries or (appropriately) assist with in vitro fertilization.

Submission + - Google Launches 64-bit Version Of Chrome For Windows

An anonymous reader writes: Google today announced the debut of a 64-bit version of Chrome for Windows, starting with the introduction of 64-bit Dev and Canary channels for Windows 7 and Windows 8 users. You can download both now from their respective pages: Dev and Canary. It's worth noting that in both cases the 64-bit version is offered by default if you are running a 64-bit flavor of Windows, though the 32-bit version is still available. This would suggest Google eventually plans to serve up the 64-bit version of Chrome as the default version for 64-bit Windows users.

Submission + - SPAM: Try Out Chrome OS In a Virtual Machine

itwbennett writes: Some very generous Alpha OS geeks have snagged the Chrome OS source code and compiled a version to share with the rest of us, writes blogger Peter Smith. 'The build comes in the form of a virtual machine, when means you'll need VMWare or VirtualBox running, and of course the image of Chrome OS itself. The folks at gdgt are distributing the latter and they've set up a page with all the links you'll need. You'll need to create a gdgt account if you don't have one yet. The Chrome OS image is only a bit over 300 megs so it's a fast download. If you need a little more handholding, TechCrunch has a step-by-step guide to getting Chrome OS installed and running using VirtualBox and a Chrome OS torrent they link to.'
Link to Original Source

Submission + - Virus in Dominion Voting Machines (gouverneurtimes.com)

An anonymous reader writes: from an article in The Gouverneur Times: "The computerized voting machines used by many voters in the 23rd district had a computer virus — tainting the results, not just from those machines known to have been infected, but casting doubt on the accuracy of counts retrieved from any of the machines." and The Dominion/Sequoia Voting Systems representative "reprogrammed" their machines in time for them to use in the Nov. 3rd Special Election.

Submission + - RIP Thawte Freemail certificates

Alphazo writes: As planned, the free Thawte personal email certificates and web of trust has been discontinued on November 16th. http://www.thawte.com/resources/personal-email-certificates/index.html.
I have extensively used Thawte certificates for both personal and professional uses since 2001. I even went to the trouble of meeting "strangers" to get my ID certified so my first and last names could appear in my personal certificate. This has now been vanished and I feel bad for all the Thawte notaries who spent time to build a quality web of trust. I was curious to see how this would apply to my previous correspondence so I looked at some of my sent emails and discovered that there were all signed and still valid. Reason for that is that revocation lists are not automatically fetched. Under Thunderbird you have at least to indicate the URL and enable the automatic refresh function. For those interested you can specify the following CRL url in order to get the updated Thawte revocation list that will revoke all your valid certificates in a flash: http://crl.thawte.com/ThawtePersonalFreemailIssuingCA.crl. When doing that all your past emails will be marked as invalid. Thawte offered a free one-year Verisign certificate for the end-of-life. However I don't feel I can trust this/any company anymore so I went to CACert, http://www.cacert.org/ even if their rootCA is not in browsers and MUA by default. It doesn't look too bad considering that most of my recipients are using Outlook which allows an easy one-click-I-trust-CACert feature. CACert welcomes former Thawte users by converting some of the trust level acquired in Thawte web of trust. Normally you should get enough points to put your last name and first names in the certificate. It then takes two face to face meetings (and a quizz) to become a CACert assurer. In parallel I've also joined a GSWoT, http://www.gswot.org/, a PGP web of trust that takes advantage of the CACert trust system in order to build a strong PGP keyset where actual members don't necessarily have to meet each others.
The Courts

Submission + - Wiretap chage for video of traffic stop (pennlive.com)

An anonymous reader writes: Brian D. Kelly didn't think he was doing anything illegal when he used his videocamera to record a Carlisle police officer during a traffic stop. Making movies is one of his hobbies, he said, and the stop was just another interesting event to film.

Now he's worried about going to prison or being burdened with a criminal record.

Kelly, 18, of Carlisle, was arrested on a felony wiretapping charge, with a penalty of up to 7 years in state prison.


Submission + - Pirates protected in Sweden (aftonbladet.se)

mno writes: The Swedish Chambers Court (Kammarrätten) has ordered Antipiratbyrån, the Swedish version of MPA, to stop collecting IP-address of file sharers. Basically, the Swedish privacy law states that companies cannot collect personal information without your consent or proof of business relation. Since an IP-address can be used to uniquely identify a person, it is now considered as personal information. This is the second time that Antipiratbyrån lost this case. Most likely they will appeal to the highest instance, but it's uncertain if that appeal will be granted. The implications of this ruling is that the hunt for Swedish file sharers is effectively stopped. Since the Swedish privacy law is based on EU law, the whole of Europe was just granted a shimmer of hope for similar rulings. The article is in Swedish.

Submission + - Which ISPs Are Spying on You? (wired.com)

firesquirt writes: In an article from WIRED http://www.wired.com/politics/onlinerights/news/20 07/05/isp_privacy The few souls that attempt to read and understand website privacy policies know they are almost universally unintelligible and shot through with clever loopholes. But one of the most important policies to know is your internet service provider's — the company that ferries all your traffic to and from the internet, from search queries to BitTorrent uploads, flirty IMs to porn.
User Journal

Journal Journal: Predictions of Doom 2

There was a time they trained us to "Duck And Cover" to protect
ourselves from nuclear attack. (helpful I am sure)
Then we were told of the coming food riots.
Then of the coming Ice Age.
Next we were told to fear the hole in the ozone.
Don't forget the dire warnings of the breakdown in society due to Y2K.
We were told how to seal our houses, to protect against terrorist biological attack.

Now we are to fear GLOBAL WARMING.

College Demands RIAA Pay Up For Wasting Its Time 261

An anonymous reader writes "We've already seen the University of Wisconsin tell the RIAA to go away, but the University of Nebaska has gone one step further: it's asking the RIAA to pay up for wasting its time with the silly demand to push students into paying up. The spokesperson for the University also notes that since they constantly rotate IP addresses and have no need to hang onto that information for very long, they simply cannot help the RIAA. They have no clue who was attached to which IP address at the time the RIAA is complaining about."

Judge Strikes Down COPA, 1998 Online Porn Law 348

Begopa sends in word that a federal judge has struck down the Child Online Protection Act. The judge said that parents can protect their children through software filters and other less restrictive means that do not limit others' rights to free speech. This was the case for which the US Department of Justice subpoenaed several search companies for search records; only Google fought the order. The case has already been to the Supreme Court. Senior U.S. District Judge Lowell Reed Jr. wrote in his decision: "Perhaps we do the minors of this country harm if First Amendment protections, which they will with age inherit fully, are chipped away in the name of their protection."

Slashdot Top Deals

The herd instinct among economists makes sheep look like independent thinkers.