Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Back for a limited time - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

NSA To End Bulk Phone Surveillance By Sunday (reuters.com) 128

An anonymous reader writes: The White House announced today that the NSA will be shutting down the program responsible for the bulk collection of phone records by the end of tomorrow. The program will be immediately replace with a new, scaled back version as enumerated by the USA Freedom Act. "Under the Freedom Act, the NSA and law enforcement agencies can no longer collect telephone calling records in bulk in an effort to sniff out suspicious activity. Such records, known as "metadata," reveal which numbers Americans are calling and what time they place those calls, but not the content of the conversations. Instead analysts must now get a court order to ask telecommunications companies ... to enable monitoring of call records of specific people or groups for up to six months."

Nearly 35,000 Comment On New Federal STEM OPT Extension Rule (computerworld.com) 55

theodp writes: Computerworld reports that the comments are in on the Department of Homeland Security's new proposed rule to extend OPT for international STEM students from 29 months to at least 36 months. The majority of the comments received by DHS support extending the program, CW notes, which is probably not surprising. Rather than choosing to "avoid the appearance of improper influence" by declining to respond to a "We the People" petition protesting a pending U.S. Federal judge's ruling that threatens to eliminate OPT STEM extensions altogether in February, the White House informed the 100k petition signers that they had the President's support, and pointed to the comment site for the proposed DHS OPT STEM rule workaround. Like the "We the People" petitioners, it's unclear whether the DHS commenters might represent corporate, university, and/or student interests, although a word cloud of the top 100 names of commenters (which accounted for 17,000+ comments) hints that international students are well-represented. By the way, in rejecting the 'emergency changes' that were enacted by DHS in 2008 to extend OPT for STEM students without public comment, Judge Ellen Huvelle said, "the 17-month duration of the STEM extension appears to have been adopted directly from the unanimous suggestions by Microsoft and similar industry groups."

How Anonymous' War With Isis Is Actually Harming Counter-Terrorism (metro.co.uk) 391

retroworks writes: According to a recent tweet from the #OpParis account, Anonymous are delivering on their threat to hack Isis, and are now flooding all pro-Isis hastags with the grandfather of all 2007 memes — Rick Astley's "Never Gonna Give You Up" music video. Whenever a targeted Isis account tries to spread a message, the topic will instead be flooded with countless videos of Rick Astley circa 1987. Not all are praising Anonymous methods, however. While Metro UK reports that the attacks have been successful, finding and shutting down 5,500 Twitter accounts, the article also indicates that professional security agencies have seen sources they monitor shut down. Rick Astley drowns out intelligence as well as recruitment.

Blackberry Offers 'Lawful Device Interception Capabilities' (itnews.com.au) 137

An anonymous reader writes: Apple and Google have been vocal in their opposition to any kind of government regulation of cell phone encryption. BlackBerry, however, is taking a different stance, saying it specifically supports "lawful interception capabilities" for government surveillance. BlackBerry COO Marty Beard as much at a recent IT summit. He declined to explain how the interception works, but he denied the phones would contain "backdoors" and said governments would have no direct access to BlackBerry servers. The company may see this as a way to differentiate themselves from the competition.

Florida Group Wants To Make Space a 2016 Presidential Campaign Issue (examiner.com) 118

MarkWhittington writes: According to a story on News 13, an Orlando TV station, Space Florida is working to make space a political issue in the 2016 presidential election. Thus far the campaign for the presidency has been dominated by more mundane issues such as the economy, illegal immigration, and the threat of terrorism. Space Florida, which is "the State of Florida's aerospace economic development agency," is said to be "working with three other battleground states to make sure America's space program is a part of the campaign for president." Presumably one of those states is Texas, which has lots of electoral votes

Ex-CIA Director Says Snowden Should Be 'Hanged' For Paris Attacks (thehill.com) 486

SonicSpike writes with this excerpt from The HIll: A former CIA director says leaker Edward Snowden should be convicted of treason and given the death penalty in the wake of the terrorist attack on Paris. "It's still a capital crime, and I would give him the death sentence, and I would prefer to see him hanged by the neck until he's dead, rather than merely electrocuted," James Woolsey told CNN's Brooke Baldwin on Thursday. Woolsey said Snowden, who divulged classified information in 2013, is partly responsible for the terrorist attack in France last week that left at least 120 dead and hundreds injured. "I think the blood of a lot of these French young people is on his hands," he said.
The Courts

Judge: Stingrays Are 'Simply Too Powerful' Without Adequate Oversight (arstechnica.com) 111

New submitter managerialslime sends news that an Illinois judge has issued new requirements the government must meet before it can use cell-site simulators, a.k.a. "stingrays," to monitor the communications of suspected criminals. While it's likely to set precedent for pushing back against government surveillance powers, the ruling is specific to the Northern District of Illinois for now. What is surprising is Judge Johnston’s order to compel government investigators to not only obtain a warrant (which he acknowledges they do in this case), but also to not use them when "an inordinate number of innocent third parties’ information will be collected," such as at a public sporting event. This first requirement runs counter to the FBI’s previous claim that it can warrantlessly use stingrays in public places, where no reasonable expectation of privacy is granted. Second, the judge requires that the government "immediately destroy" collateral data collection within 48 hours (and prove it to the court). Finally, Judge Johnston also notes: "Third, law enforcement officers are prohibited from using any data acquired beyond that necessary to determine the cell phone information of the target. A cell-site simulator is simply too powerful of a device to be used and the information captured by it too vast to allow its use without specific authorization from a fully informed court."

File Says NSA Found Way To Replace Email Program (nytimes.com) 93

schwit1 writes: Newly disclosed documents show that the NSA had found a way to create the functional equivalent of programs that had been shut down. The shift has permitted the agency to continue analyzing social links revealed by Americans' email patterns, but without collecting the data in bulk from American telecommunications companies — and with less oversight by the Foreign Intelligence Surveillance Court.

The disclosure comes as a sister program that collects Americans' phone records in bulk is set to end this month. Under a law enacted in June, known as the USA Freedom Act, the program will be replaced with a system in which the NSA can still gain access to the data to hunt for associates of terrorism suspects, but the bulk logs will stay in the hands of phone companies.

The newly disclosed information about the email records program is contained in a report by the NSA's inspector general that was obtained through a lawsuit under the Freedom of Information Act. One passage lists four reasons the NSA decided to end the email program and purge previously collected data. Three were redacted, but the fourth was uncensored. It said that "other authorities can satisfy certain foreign intelligence requirements" that the bulk email records program "had been designed to meet."


EU Set To Crack Down On Bitcoin and Anonymous Payments After Paris Attack (thestack.com) 274

An anonymous reader writes: Home affairs ministers from the European Union are set to gather in Brussels for crisis talks in the wake of the Paris attacks, and a crackdown on Bitcoin, pre-paid credit card and other forms of 'anonymous' online payments are on the agenda. From the article: "According to draft conclusions of the meeting, European interior and justice ministers will urge the European Commission (the EU executive arm) to propose measures to strengthen the controls of non-banking payment methods. These include electronic/anonymous payments, virtual currencies and the transfers of gold and precious metals by pre-paid cards."
The Internet

US Rep. Joe Barton Has a Plan To Stop Terrorists: Shut Down Websites (arstechnica.com) 275

Earthquake Retrofit writes: In an FCC oversight hearing, U.S. Representative Joe Barton (R-TX) asked Chairman Tom Wheeler if it's possible to shut down websites used by ISIS and other terrorist groups. He said, "Isn't there something we can do under existing law to shut those Internet sites down, and I know they pop up like weeds, but once they do pop up, shut them down and then turn those Internet addresses over to the appropriate law enforcement agencies to try to track them down? I would think that even in an open society, when there is a clear threat, they've declared war against us, our way of life, they've threatened to attack this very city our capital is in, that we could do something about the Internet and social media side of the equation." Wheeler pointed out that the legal definition of "lawful intercept" did not support such actions, but added that Congress could expand the law to validate the concept. Meanwhile, the Senate Intelligence Committee is exploring the idea of using the recent terror attacks in France as ammunition to force tech companies away from end-to-end encryption. "Lawmakers said it was time to intensify discussions over what technology companies such as Apple and Google could do to help unscramble key information on devices such as iPhones and apps like WhatsApp, where suspected terrorists have communicated."

DoJ Going After Makers of Dietary Supplement (reuters.com) 161

schwit1 writes: Several federal agencies, including the U.S. Department of Justice, have announced criminal and civil actions related to unlawful advertising and sale of dietary supplements. "Six executives with USPlabs LLC and a related company, S.K. Laboratories, face criminal charges related to the sale of unlawful dietary supplements. Four were arrested on Tuesday and two are expected to surrender, the Justice department said. The indictment says that USPlabs used a synthetic stimulant manufactured in China to make Jack3d and OxyElite Pro but told retailers that the supplements were made from plant extracts." The FTC is working on this as well, and their press release has more details. The DoJ's case involves "more than 100 makers and marketers" of these supplements. It's about time.

Quebec Introduces Bill To Mandate ISP Website Blocking (michaelgeist.ca) 137

An anonymous reader writes: The Government of Quebec has introduced new legislation that requires Internet service providers to block access to unlicensed online gambling sites. The provisions are contained in an omnibus bill implementing elements of the government's spring budget, which included a promise to establish website blocking requirements. The bill provides that "an Internet service provider may not give access to an online gambling site whose operation is not authorized under Québec law." The government's lottery commission will establish the list of banned websites.

Bill Confirming Property Rights For Asteroid Miners Passes the Senate (examiner.com) 171

MarkWhittington writes: The Senate Commerce, Science, and Transportation Committee announced the passage of a bill called H.R.2262 — SPACE Act of 2015, which is designed to facilitate commercial space. The bill has a number of provisions for that purpose, including extending the "learning period" during which the government would be restricted from imposing regulations on the commercial launch industry to September 2023. The most interesting and potentially far-reaching provision concerned property rights for companies proposing to mine asteroids for their resources. In essence, the bill confirms that private companies own what they mine. The bill is a compromise between previous Senate and House versions.

2016 Presidential Candidate Security Investigation (infosecinstitute.com) 97

New submitter Fryan writes: InfoSec Institute has assessed the security posture of 16 of the presidential candidates' websites. This is an indicator of the level of security awareness the candidate and the campaign staff has. The recent breaches and security lapses of high profile individuals highlight the absolute need for everyone to take security awareness seriously. The hacking of the Director of the CIA's (John Brennan) personal email account, and the storage of classified emails on a personal email server with Hillary Clinton, show how damaging a lack of basic good security hygiene can be. In this survey (of only the best known presidential candidates, not the scads of others), the authors give both their highest grade (an A) and lowest (a D) for candidates still in the race to two Republicans, Ben Carson and Jim Gilmore, respectively; surprising for a tech-focused campaign, Lawrence Lessig (who has ended his candidacy since the survey began) ranked even lower, with a D-.

Speaking of presidential candidates, the fourth Republican debate, hosted by Fox Business, will kick off about an hour after this post goes live (9:00 PM Eastern, 0200 GMT). Feel free to discuss it alongside the security report.

DNA Data From California Newborn Blood Samples Stored, Sold To 3rd Parties (cbslocal.com) 187

schwit1 writes: "This might come as a surprise to California natives in their 20s and early 30s: The state owns your DNA. Every year about four million newborns in the U.S. get a heel prick at birth, to screen for congenital disorders, that if found early enough, can save their life." However, when those tests are done, the leftover blood isn't simply thrown away. Instead, they're taken to an office building and the DNA data is stored in a database. "It’s a treasure trove of information about you, from the color of your eyes and hair to your pre-disposition to diseases like Alzheimer’s and cancer." And that's not the end of it: "The California Department of Public Health (CDPH) is not the only agency using the blood spots. Law enforcement can request them. Private companies can buy them to do research – without your consent."

The hardest part of climbing the ladder of success is getting through the crowd at the bottom.