Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
For the out-of-band Slashdot experience (mostly headlines), follow us on Twitter, or Facebook. ×

+ - FBI Seeks to Legally Hack You If You're Connected to TOR or a VPN->

SonicSpike writes: The investigative arm of the Department of Justice is attempting to short-circuit the legal checks of the Fourth Amendment by requesting a change in the Federal Rules of Criminal Procedure. These procedural rules dictate how law enforcement agencies must conduct criminal prosecutions, from investigation to trial. Any deviations from the rules can have serious consequences, including dismissal of a case. The specific rule the FBI is targeting outlines the terms for obtaining a search warrant.

It’s called Federal Rule 41(b), and the requested change would allow law enforcement to obtain a warrant to search electronic data without providing any specific details as long as the target computer location has been hidden through a technical tool like Tor or a virtual private network. It would also allow nonspecific search warrants where computers have been intentionally damaged (such as through botnets, but also through common malware and viruses) and are in five or more separate federal judicial districts. Furthermore, the provision would allow investigators to seize electronically stored information regardless of whether that information is stored inside or outside the court’s jurisdiction.

Link to Original Source

Comment: P.S. (Score 1) 308 308

This is a Post Scriptum

A downside of having internet service be a public utility may be NO ONE wants to spend more than the absolute minimum to get into the business. It would be kind of like agreeing to buy a rent-controlled apartment, as an investment, to rent it out.

The government will have to figure some way to reward contribution of infrastructure so there are still some inducements for capitalist investors to create exciting new things.

Comment: Re:Net Neutrality is not the reason (Score 1) 308 308

As a consumer, not seeing much downside in that one. Can only mean we get rates that resemble the rest of the world. The tellcos have a long history of being money grabbing douche bags--at least here in the US. They got slapped for this with the Ma Bell breakup. They didn't learn. An intervention is long overdue.

Agree 200%. From our (the consumers') standpoint, having internet service as a public utility, and regulated as one, is the bees knees. I guess my comment was meant to express surprise that Big Cable says net neutrality is the reason for "pausing" gigabit rollout when their being ruled a public utility is vastly worse (for them).

Comment: The NSA TrueCrypt Ploy Again? (Score 1) 61 61

How can we ever be sure Tor has not morphed into an eviscerated TrueCrypt and that at some point, after achieving their means of compromise, the NSA won't force a version they can easily backdoor on the public?

They like to compromise software and then put it back, so it becomes an intelligence asset. In my understanding only a legal technicality allowed TrueCrypt to issue a cryptic public announcement which effectively let the public know TrueCrypt was potentially compromised. I wonder whether the NSA will even allow Tor to recommend a transparently ineffective alternative.

How can strategies be drawn so if Tor is easily, possibly undetectably breached, the public will have some inkling of it?

Comment: About time! (Score 1) 1 1

About time the motion-picture media really started to look at the rich, rich work of PKD. Though he may have had temporal lobe epilepsy with consequent hypergraphia, he managed to put down some of his own mind's fascinating dreamlike states. Whatever made him unique, we're lucky to have had him. The Man in the High Castle is one of his more grounded stories; a good first chance to get the reader to know him without anything too exotic to frighten him off. (I am reminded of Baudelaire's piece in Paris Spleen, "The Dog and the Scent Bottle", in which he asserts the public should never be given "delicate perfumes to infuriate them".) What I wouldn't give to see The Three Stigmata of Palmer Eldritch" in the cinema!

+ - Ask Slashdot: After TrueCrypt->

TechForensics writes: (Resubmitted because was not identified as "Ask Slashdot"

We all know the TrueCrypt story-- a fine, effective encryption program beginning to achieve wide use. When you see how the national security agency modified this tool so they could easily overcome it, you'll probably understand why they don't complain about PGP anymore. The slip that showed what was happening was the information that NSA "were really ticked about TrueCrypt" either because they couldn't circumvent it or found it too difficult. From the standpoint of privacy advocates, NSA's dislike for TrueCrypt was evidence it was effective.

Next, NSA directly wrapped up the makers of TrueCrypt in legal webs that made them insert an NSA backdoor and forbade them from revealing it was there. It's only because of the cleverness of the TrueCrypt makers the world was able to determine for itself that TrueCrypt was now compromised. (Among other things, though formerly staunch privacy advocates, the makers discontinued development of TrueCrypt and recommended something like Microsoft Bitlocker, which no one with any sense believes could be NSA – hostile. It then became logically defensible, since NSA was not complaining about PGP or other encryption programs, to posit they had already been compromised.

This is the situation we have: all of the main are important encryption programs are compromised at least in use against the federal government. Whether NSA tools are made available to local law enforcement is not known. This all begs the question:

Does the public now have *any* encryption that works? Even if we can see the source code of the encryption algorithm the source code of the program employing that algorithm must be considered false. (TrueCrypt was the only program NSA complained about.) In the case of other software, it becomes believable the NSA has allowed to be published only source code that hides their changes, and the only way around that may be to check and compile the published code yourself. Half the public probably doesn't bother.

Okay, Slashdot, what do you think? Where do we stand? And what ought we to do about it?We all know the TrueCrypt story-- a fine, effective encryption program beginning to achieve wide use. When you see how the national security agency modified this tool so they could easily overcome it, you'll probably understand why they don't complain about PGP anymore. The slip that showed what was happening was the information that NSA "were really ticked about TrueCrypt" either because they couldn't circumvent it or found it too difficult. From the standpoint of privacy advocates, NSA's dislike for TrueCrypt was evidence it was effective.

Next, NSA directly wrapped up the makers of TrueCrypt in legal webs that made them insert an NSA backdoor and forbade them from revealing it was there. It's only because of the cleverness of the TrueCrypt makers the world was able to determine for itself that TrueCrypt was now compromised. (Among other things, though formerly staunch privacy advocates, the makers discontinued development of TrueCrypt and recommended something like Microsoft Bitlocker, which no one with any sense believes could be NSA–hostile. It then became logically defensible, since NSA was not complaining about PGP or other encryption programs, to posit they had already been vitiated.

This is the situation we have: all of the main or important encryption programs are compromised at least in use against the federal government. Whether NSA tools are made available to local law enforcement is not known. This all begs the question:

Does the public now have *any* encryption that works? Even if we can see the source code of the encryption algorithm the source code of the program employing that algorithm must be considered tainted. (TrueCrypt was the only program NSA complained about.) In the case of other software, it becomes believable the NSA has allowed to be published only source code that hides their changes, and the only way around that may be to check and compile the published code yourself. Half the public probably doesn't bother. (Would it not be possible for the NSA to create a second TrueCrypt that has the same hash value as the original?)

Okay, Slashdot, what do you think? Where do we stand? And what ought we to do about it?

Link to Original Source

+ - Is encryption for the public now a myth?

TechForensics writes: We all know the TrueCrypt story-- a fine, effective encryption program beginning to achieve wide use. When you see how the national security agency modified this tool so they could easily overcome it, you'll probably understand why they don't complain about PGP anymore. The slip that showed what was happening was the information that NSA "were really ticked about TrueCrypt" either because they couldn't circumvent it or found it too difficult. From the standpoint of privacy advocates, NSA's dislike for TrueCrypt was evidence it was effective.

Next, NSA directly wrapped up the makers of TrueCrypt in legal webs that made them insert an NSA backdoor and forbade them from revealing it was there. It's only because of the cleverness of the TrueCrypt makers the world was able to determine for itself that TrueCrypt was now compromised. (Among other things, though formerly staunch privacy advocates, the makers discontinued development of TrueCrypt and recommended something like Microsoft Bitlocker, which no one with any sense believes could be NSA – hostile. It then became logically defensible, since NSA was not complaining about PGP or other encryption programs, to posit they had already been vitiated.

This is the situation we have: all of the main are important encryption programs are compromised at least in use against the federal government. Whether NSA tools are made available to local law enforcement is not known. This all begs the question:

Does the public now have *any* encryption that works? Even if we can see the source code of the encryption algorithm the source code of the program employing that algorithm must be considered false. (TrueCrypt was the only program NSA complained about.) In the case of other software, it becomes believable the NSA has allowed to be published only source code that hides their changes, and the only way around that may be to check and compile the published code yourself. Half the public probably doesn't bother.

Okay, Slashdot, what do you think? Where do we stand? And what ought we to do about it?

+ - ASK SLASHHas encryption for the public been defeated?

TechForensics writes: We all know the TrueCrypt story-- a fine, effective encryption program beginning to achieve wide use. When you see how the national security agency modified this tool so they could easily overcome it, you'll probably understand why they don't complain about PGP anymore. The slip that showed what was happening was the information that NSA "were really ticked about TrueCrypt" either because they couldn't circumvent it or found it too difficult. From the standpoint of privacy advocates, NSA's dislike for TrueCrypt was evidence it was effective.

Next, NSA directly wrapped up the makers of TrueCrypt in legal webs that made them insert an NSA backdoor and forbade them from revealing it was there. It's only because of the cleverness of the TrueCrypt makers the world was able to determine for itself that TrueCrypt was now compromised. (Among other things, though formerly staunch privacy advocates, the makers discontinued development of TrueCrypt and recommended something like Microsoft Bitlocker, which no one with any sense believes could be NSA – hostile. It then became logically defensible, since NSA was not complaining about PGP or other encryption programs, to posit they had already been vitiated.

This is the situation we have: all of the main are important encryption programs are compromised at least in use against the federal government. Whether NSA tools are made available to local law enforcement is not known. This all begs the question:

Does the public now have *any* encryption that works? Even if we can see the source code of the encryption algorithm the source code of the program employing that algorithm must be considered false. (TrueCrypt was the only program NSA complained about.) In the case of other software, it becomes believable the NSA has allowed to be published only source code that hides their changes, and the only way around that may be to check and compile the published code yourself. Half the public probably doesn't bother.

Okay, Slashdot, what do you think? Where do we stand? And what ought we to do about it?

Comment: As Easy to See Through as Glass (Score 1) 132 132

Hmmmm.... Let's see... Snowden embarrasses NSA using Tails; suddenly tails has scary "vulnerabilities"; a new company / entity on the scene says it will make everything nice.

What's the likely truth here? Snowden embarrassed NSA using Tails; NSA plants disinformation campaign to the exent of "vulnerabilities"; the new company / entity is an NSA puppet that will give you a new Tails every bit as reliable as the new TrueCrypt.

First grade simple so it's not suspected until..... (complete the sentence).

What do YOU think?

Comment: The SmartWatch is here to stay (Score 1) 427 427

I already have a smartwatch, but if I didn't these would be the reasons today I would get one:
(These are all real, existing apps.)

App that ..sends slow-scan video to watch from phone or takes and displays pictures ..sends nav screen to watch ..can display forecast, barometric pressure, wind direction and velocity ..gets full weather report ..lets you activate watch features based on a value on the internet e.g. **buy alert** goog is at $450
or "new post on your blog", etc. ..lets you know your phone needs charging ..keeps you on-time with buzzing alarms ..(maybe not yet) tells you if your flight is on time ..displays your track as you wander around hoping to wander back

The only thing necessary for the triumph of evil is for good men to do nothing. - Edmund Burke

Working...