Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Note: You can take 10% off all Slashdot Deals with coupon code "slashdot10off." ×

Submission + - "Einstein 3" Fooled By "Chinese" Hackers In Massive Government Data Breach-> 1

schwit1 writes: On Friday, Beijing responded to allegations from Washington that China was responsible for a cyberattack on the US Office of Personnel Management that compromised the personal data of some 4 million government employees.

The accusations, China's foreign ministry said, are "irresponsible" and "groundless."

The OPM breach is the latest in a string of cyber âincidents' that have coincidentally occurred in the wake of the Pentagon's new cyber strategy. Here's a recap:

Since the announcement by Defense Secretary Ash Carter, the following cyber âevents have occurred': Penn State reports hackers have been stealing data from the university's DoD-affiliated engineering department for years (blamed on Chinese hacker spies), the IRS says at least 10,000 tax returns have been compromised (blamed on "Russian organized crime syndicates"), and, on Thursday evening, Washington reportswhat may end up being the largest data breach in history (blamed on China). As noted last month, these events represent a remarkable step up the cyber attack accusation ladder compared to Washington's attempt to blame North Korea for cyber-sabotaging James Franco and Seth Rogen last year.

Whether or not the most recent virtual attack on the US did indeed emanate from China or one of Washington's other so-called "cyberadversaries" (the list includes Iran, Russia, and North Korea) will likely never be known the public, but rest assured the blame will be placed with a state actor so as to ensure the DoD has some precedent to refer to when, for whatever reason, the Pentagon decides it's time to deploy an "offensive" cyberattack later on down the road.

Irrespective of where the attack originated, it appears obsolete technology was ultimately to blame, because as Bloomberg reports, "Einstein" wasn't much help in preventing the intrusion.

Via Bloomberg:

The hackers who stole personal data on 4 million government employees from the U.S. Office of Personnel Management sneaked past a sophisticated counter-hacking system called Einstein 3, a highly-touted, multimillion-dollar and mostly secret technology that's been years in the making.

It's behind schedule, the result of inter-agency fights over privacy, control and other matters, and only about half of the government was protected when the hackers raided OPM's databases last December.

It's also, by the government's own admission, already obsolete..

Over the last several months, U.S. officials have said that perimeter-based defenses such as Einstein, even backed by the National Security Agency's own corps of hackers, can never prevent break-ins.

Like banks and technology companies, government agencies must move to a model that assumes hackers will always get in, specialists said. They'll need to buy cutting-edge technologies that can detect intruders inside networks and eject them quickly, before the data is gone.

Of course that likely won't be possible, because after all, no self-respecting bureaucracy processes important initiatives expeditiously and no modern US lawmaking body actually legislates.

Given the slow pace of government acquisition, the inter-agency rivalries and budget fights, though, the initiative may take several years or more to implement, leaving the possibility that the new technology will be old by the time it's installed.

Congress has yet to act on the personnel agency's Feb. 2 request for a $32 million budget increase for fiscal 2016, said Senator Angus King, a Maine independent, in an interview.

"Most of the funds," the agency said, "will be directed towards investments in IT network infrastructure and security."

The latest intrusion points to the need for Congress to pass a cybersecurity bill, White House Press Secretary Josh Earnest said. He stopped short of saying whether the measure would have prevented the OPM breach.

That looks a bit like an attempt on the administration's part to put the blame on an ineffectual Congress, which would seem to be counterproductive at a time when there is clearly a need for less pettiness and more compromise. Some lawmakers were quick to acknowledge this and moved swiftly to rise above Presidential finger-pointing by ... pointing fingers back at the President.

"It's too early to determine at this point what precisely would have prevented this particular cyber-intrusion," Earnest said Friday at a press briefing. "What is beyond argument is that these three pieces of legislation that the president sent to Congress five months ago would significantly improve the cybersecurity of the United States, not just the federal government's cybersecurity, but even our ability to protect private computer networks".

"Where is the leadership?" said Cory Fritz, a spokesman for House Speaker John Boehner, an Ohio Republican. "The federal government has just been hit by one of the largest thefts of sensitive data in history, and this White House is trying blame anyone but itself. It's absolutely disgusting."

As you can see, everyone appears to be on the same page here as both the Executive and Legislative branches look set to work together on a comprehensive, bipartisan approach to preventing cyber intrusions. Fortunately for the millions of federal employees who are now left to wonder whether or not their personal information is safe on government servers, Defense Secretary Ash Carter may ultimately take matters into his own hands by consulting someone who knows a thing or two about using technology to co-opt personal information:

Defense Secretary Ashton Carter spoke to technology leaders in Palo Alto, California, in April, tossing around ideas for recruiting engineers for temporary missions in government and meeting with Facebook's Mark Zuckerberg.

Have no fear America, Facebook will cyber-protect you from belligerent foreign governments.
Link to Original Source

Submission + - IE does not allow Google as Search provider 1

psherman2001 writes: For the last couple years Microsoft has been increasing the effort needed to change the default search provider in Internet Explorer from Bing to Google Search. For instance, the need to be shown an online add-on page, then Google not on default page (need to select "All"), then even a Windows update that prevented Google, specifically, from being selected (KB3038314)... So imagine my lack of surprise when now, on IE 11, Google Search, as a search provider add-on, is no longer available at all.
    Didn't Microsoft learn anything about their old tricks turning people off?

Submission + - Amazon Hiring Devs For Its First PC Game->

An anonymous reader writes: Several outlets are reporting that Amazon is preparing to dip its toes in yet another market: PC video games. They're specifically hiring for this purpose now, though they seem to have had plans for some time: "In addition to acquiring Killer Instinct developer Double Helix last year, Amazon has also hired notable developers like Kim Swift, designer of Portal, as well as Clint Hocking, who previously worked on franchises like Far Cry and Splinter Cell. Meanwhile, according to a report from Kotaku, Amazon has spent a lot of cash licensing the CryEngine, the same one used to make high-end PC games like Crysis 3. Outside of development, Amazon also acquired game streaming service Twitch last August for $970 million, and made gaming a big focus for its Fire TV media box."
Link to Original Source

Submission + - Cuba forms a CS professional society -- it's no ACM

lpress writes: The formation of the Unión de Informáticos de Cuba (UIC) was announced at a Havana conference and a 7,500 person teleconference (no mean feat in Cuba). My first reaction was "cool — like a Cuban ACM," but there are signfificant differences between ACM and UIC. For example, one must apply to the Ministry of Communication to be accepted into the UIC and the application form asks about membership in political organizations like the Communist Party or Young Communists League along with technical qualifications. A CS degree is required (sorry Bill Gates). UIC members must be Cuban, while ACM has chapters in 57 nations. ACM has student chapters, but they are less needed in Cuba, which has over 600 youth computer clubs where kids take classes and play games and promising students are tracked and channeled into technical schools.

Submission + - Have Some Physicists Abandoned the Empirical Method? 2

HughPickens.com writes: Adam Frank and Marcelo Gleiser write in the NYT that two leading researchers, George Ellis and Joseph Silk, recently published a controversial piece called “Scientific Method: Defend the Integrity of Physics" that criticized a newfound willingness among some scientists to explicitly set aside the need for experimental confirmation of today’s most ambitious cosmic theories — so long as those theories are “sufficiently elegant and explanatory.” Whether or not you agree with them, Ellis and Silk have identified a mounting concern in fundamental physics: Today, our most ambitious science can seem at odds with the empirical methodology that has historically given physics its credibility:

Chief among the 'elegance will suffice' advocates are some string theorists. Because string theory is supposedly the 'only game in town' capable of unifying the four fundamental forces, they believe that it must contain a grain of truth even though it relies on extra dimensions that we can never observe. Some cosmologists, too, are seeking to abandon experimental verification of grand hypotheses that invoke imperceptible domains such as the kaleidoscopic multiverse (comprising myriad universes), the 'many worlds' version of quantum reality (in which observations spawn parallel branches of reality) and pre-Big Bang concepts. These unprovable hypotheses are quite different from those that relate directly to the real world and that are testable through observations — such as the standard model of particle physics and the existence of dark matter and dark energy. As we see it, theoretical physics risks becoming a no-man's-land between mathematics, physics and philosophy that does not truly meet the requirements of any.

Richard Dawid argues that physics, or at least parts of it, are about to enter an era of post-empirical science. "How are we to determine whether a theory is true if it cannot be validated experimentally ask Frank and Gleiser. "Are superstrings and the multiverse, painstakingly theorized by hundreds of brilliant scientists, anything more than modern-day epicycles?"

Submission + - Quantum gravity will be just fine without string theory

StartsWithABang writes: It’s a difficult fact to accept: our two most fundamental theories that describe reality, General Relativity for gravitation and the Standard Model / Quantum Field Theory for the other three forces, are fundamentally incompatible with one another. When an electron moves through a double slit, for example, its gravitational field can’t move through both slits, at least not without a quantum theory of gravity. String Theory is often touted as the only game in town as far as formulating a quantum theory of gravity is concerned, but in fact there are five viable options, each with different pros, cons, and approaches to the problem. Many of them, in fact, have undergone significant developments in the past 5-10 years, something String Theory cannot claim.

Submission + - Placenta Eating Offers No Benefit To Mom

Dave Knott writes: While some celebrity moms swear by it and have made it trendy, a new study says that consuming the placenta after birth offers women and their babies no benefit. In fact, the practice — known as placentophagy — may even pose unknown risks to mothers and infants, according to a team from Northwestern University in Chicago, who pored over the accumulated research on the issue. They found no data to support that eating the placenta — either raw, cooked or in pill form — protects against postpartum depression, reduces pain after childbirth, increases a woman's energy, helps with lactation, improves mother-child bonding, replenishes iron in the body, or improves skin elasticity. The researchers also said that there are no studies examining the risks associated with eating the placenta, which acts as a filter to absorb and protect fetuses from toxins and pollutants.

Comment Vulnerability? In software? (Score 1) 193

Yes, yes. Panic! There's a Java 0day! Dear Lord forfend! Of course, as you read this you are probably running Windows, with tons of extensions and software. You're probably using Flash. You probably have a web browser - heck, obviously you have a web browser. Well, not to worry: After disabling Java you will be completely safe.

Comment Hey! Wait a minute! (Score 1) 142

Didn't I just read on this very site (or possibly Gizmodo; they all run together) that Jurassic Park was impossible because DNA degrades too fast? So how is this going to work? Because I'm pretty sure DNA (if that was how Martian life worked) would be subject to conditions that were even more harsh.

Comment Re:It's all tied together (Score 2) 550

Okay. I read your blog post at the link. Your definition of rape omits the concept of consent, and randomly includes premarital sex (which would fit the definition in the first line) and homosexuality. Good luck with your mimeographed newsletter; I shall file you under "troll" and carry on. I sine Deus.

Comment Re:It's all tied together (Score 5, Insightful) 550

Atheism leads to this.

I'm pretty sure you don't need to believe in God to consider rape and murder unethical, immoral, and just wrong. In fact, plenty of people have pointed out (repeatedly) the fallacy of assuming that one needs God and/or religion to be good, so there is no reason to say more on that topic here. Go forth and Google.

The culture of consent and contraception, leads to this.

I'm not sure what the "culture of contraception" is, but I am pretty sure it does not lead to this kind of behavior, either. In fact, I strongly suspect this behavior - in general, minus the Internet - predates the widespread availability of contraception.

Comment Re:GPL requires no DRM? (Score 2, Informative) 717

FTFA:
http://www.fsf.org/news/blogs/licensing/more-about-the-app-store-gpl-enforcement

Basically:

Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein.

In short, I think there are problems beyond DRM with GPL software being distributed through the app store.

"Floggings will continue until morale improves." -- anonymous flyer being distributed at Exxon USA

Working...