Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Comment: Re:Spot-the-Nerd game (Score 1, Troll) 52

by countSudoku() (#49634219) Attached to: FBI Releases Its Files On DEF CON: Not Amused By Spot-the-Fed

This is the same FBI who in the 1950's spent two years investigating the song Louie Louie and the performers and fans of The Kingsmen and came up with what they usually come up with; nothing of interest. Scully and Mulder are a fantasy. The FBI comes to DEF CON because they are about 10 years behind the rest of the world in cybersecurity ops. Plain and simple, the private sector is many years beyond what we currently think of as their current state. i.e. they are hiding any really new ideas and gear for "security purposes" but that's just a bullshit call to hide their questionable and possibly illegal intentions and devices. No, they are genuinely embarrassed at just about every turn these days. Consider this; if you are a top cybersecurity chap are you going to waste your career by working at a shitty gubment shop that activity undermines you, pays you a fraction of real world pay, and generally pushes you into questionable activities and/or makes you go Snowden, or are you going to work at a fun company and do interesting work for better pay for possibly less hostile bosses? Join the US Cybersecurity Forces Today(if you are a low-level script kiddie looking for crap-work)!

+ - What to Say When the Police Tell You to Stop Filming Them 3

Submitted by HughPickens.com
HughPickens.com writes: Robinson Meyer writes in The Atlantic that first of all, police shouldn’t ask. “As a basic principle, we can’t tell you to stop recording,” says Delroy Burton, a 21-year veteran of DC's police force. “If you’re standing across the street videotaping, and I’m in a public place, carrying out my public functions, [then] I’m subject to recording, and there’s nothing legally the police officer can do to stop you from recording.” What you don’t have a right to do is interfere with an officer's work. "“Police officers may legitimately order citizens to cease activities that are truly interfering with legitimate law enforcement operations,” according to Jay Stanley who wrote the ACLU’s “Know Your Rights” guide for photographers, which lays out in plain language the legal protections that are assured people filming in public. Police officers may not confiscate or demand to view your digital photographs or video without a warrant and police may not delete your photographs or video under any circumstances.

What if an officer says you are interfering with legitimate law enforcement operations and you disagree with the officer? “If it were me, and an officer came up and said, ‘You need to turn that camera off, sir,’ I would strive to calmly and politely yet firmly remind the officer of my rights while continuing to record the interaction, and not turn the camera off," says Stanley. The ACLU guide also supplies the one question those stopped for taking photos or video may ask an officer: "The right question to ask is, ‘am I free to go?’ If the officer says no, then you are being detained, something that under the law an officer cannot do without reasonable suspicion that you have or are about to commit a crime or are in the process of doing so. Until you ask to leave, your being stopped is considered voluntary under the law and is legal."

+ - Self-destructing virus kills off PCs->

Submitted by mpicpp
mpicpp writes: A computer virus that tries to avoid detection by making the machine it infects unusable has been found.

If Rombertik's evasion techniques are triggered, it deletes key files on a computer, making it constantly restart.

Analysts said Rombertik was "unique" among malware samples for resisting capture so aggressively.

On Windows machines where it goes unnoticed, the malware steals login data and other confidential information.

Rombertik typically infected a vulnerable machine after a booby-trapped attachment on a phishing message had been opened, security researchers Ben Baker and Alex Chiu, from Cisco, said in a blogpost.

Some of the messages Rombertik travels with pose as business enquiry letters from Microsoft.

The malware "indiscriminately" stole data entered by victims on any website, the researchers said.
And it got even nastier when it spotted someone was trying to understand how it worked.

"Rombertik is unique in that it actively attempts to destroy the computer if it detects certain attributes associated with malware analysis," the researchers said.

Link to Original Source

+ - Rubio is wrong: the United States IS modernizing its nuclear arsenal->

Submitted by Lasrick
Lasrick writes: PolitiFact calls out Marco Rubio on his claim that the US is the only nuclear weapons state that is not modernizing its nuclear weapons arsenal. According the Nuclear Notebook, which a month ago posted an update on US Nuclear Forces 2015: 'Over the next decade, [the US] also plans to spend as much as $350 billion on modernizing and maintaining its nuclear forces.' Rubio seems to be the only one who doesn't know what's happening with the US nuclear weapons budget.
Link to Original Source

+ - Surveymonkey CEO Dave Goldberg's death highlights treadmill dangers->

Submitted by McGruber
McGruber writes: The tragic death of Dave Goldberg, Surveymonkey CEO and husband of Facebook’s chief operating officer, Sheryl Sandberg, (http://tech.slashdot.org/story/15/05/03/1943245/surveymonkeys-ceo-dies-while-vacationing-with-wife-sheryl-sandberg) is bringing attention to the dangers of high-powered treadmills and digital distractions that make the machines even more dangerous.

According to CNN, Goldberg fell and hit his head while using a treadmill. He was found shortly thereafter, still alive. He was then transported to a hospital, where he was declared dead. Goldberg suffered from traumatic brain injury and hypovolemic shock, a condition tied to severe blood and fluid loss. [http://money.cnn.com/2015/05/04/technology/dave-goldberg-cause-of-death/index.html?iid=Lead]

The freakish accident actually isn’t that rare. Treadmills account for the majority of such exercise equipment injuries, according to Janessa M. Graves, a professor at the College of Nursing at Washington State University. In a study of 1,782 injury reports from 2007 to 2011, she found that “treadmill machines comprise 66% of injuries but constitute approximately only one-fourth the market share of such equipment.”

Graves says she was shocked not only by the proportion of injuries caused by treadmills but also by the victims. “We were surprised by the number of pediatric injuries that we saw,” she says. “There was a pretty high incidence among kids, especially 0 to 4 years old, also 5 to 9 years old.” In many cases, kids turned on their parents’ treadmills, only to burn their hands on the fast-moving tracks or, worse, get their fingers caught in the powerful machines.

According to data from the National Electronic Injury Surveillance System (NEISS) [http://www.cpsc.gov/en/Safety-Education/Safety-Guides/General-Information/National-Electronic-Injury-Surveillance-System-NEISS/], roughly 19,000 people went to emergency rooms in 2009 because of treadmill injuries, including nearly 6,000 children.

Link to Original Source

+ - Prenda Law's 9th Circuit Appeal Does Not Go Well->

Submitted by UnknowingFool
UnknowingFool writes: In May 2013, US District Court Judge Otis Wright issued a blistering and Star Trek referencing sanctions order against copyright troll Prenda Law fining them for $80,000 for conduct and referring them for criminal action. Since then the firm has dissolved but their lawyer appeared before three judges of 9th Circuit Court of Appeals to have them overturn the decision and the now $250,000 fine ($80,000 plus accrued penalties). It did not go well for their lawyer Daniel Voelker who at times evaded basic questions about who ran the firm and a forged document irking judges Pregerson and Tallman. Mr. Voelker kept repeating his argument that since Judge Wright threatened criminal penalties and denied a witness to appear, his clients were denied due process and thus everything should be remanded back for criminal contempt. Judge Nguyen seemingly rebuffed this argument stating that the fines were civil and not subject to criminal proceedings and tried to focus Voelker on legal arguments on the amount of the fines. Judge Tallman also expressed incredulity that Voelker was asking the court for criminal contempt as the maximum penalty for that was life imprisonment and not the $250,000 fine that was owed. Judge Pregerson at one point explicitly stated that Prenda had engaged in extortion.

Part of Prenda's Law problem was that Judge Wright had written much about their operations in his Findings of Fact which is rarely overturned by higher courts as opposed to the Findings of Law which can be scrutinized by higher courts. The court's first question to Voelker expressly asked that for the appeal court to rule in his client's favor they would have to find clear error in the Findings of Fact which he characteristically dodged again and again.

Morgan Pietz representing the opposing side did better on answering the Judges' questions. For example in doubling the original fine which may have crossed the line between criminal and civil, Pietz responded that deterrence is an important element of sanctions and doubling the fine was justified. Pietz also argued that a separate criminal proceeding could still be held without voiding the civil result.

Link to Original Source

+ - Ancestery.com caught sharing DNA database with government->

Submitted by SonicSpike
SonicSpike writes: In 1996, a young woman named Angie Dodge was murdered in her apartment in a small town in Idaho. Although the police collected DNA from semen left at the crime scene, they haven’t been able to match the DNA to existing profiles in any criminal database, and the murder has never been solved.

Fast forward to 2014. The Idaho police sent the semen sample to a private lab to extract a DNA profile that included YSTR and mtDNA—the two genetic markers used to determine patrilineal and matrilineal relationships (it’s unclear why they reopened the case after nearly 20 years). These markers would allow investigators to search some existing databases to try to find a match between the sample and genetic relatives.

The cops chose to use a lab linked to a private collection of genetic genealogical data called the Sorenson Database (now owned by Ancestry.com), which claims it’s “the foremost collection of genetic genealogy data in the world.” The reason the Sorenson Database can make such an audacious claim is because it has obtained its more than 100,000 DNA samples and documented multi-generational family histories from “volunteers in more than 100 countries around the world.”

Sorenson promised volunteers their genetic data would only be used for “genealogical services, including the determination of family migration patterns and geographic origins” and would not be shared outside Sorenson.

Despite this promise, Sorenson shared its vast collection of data with the Idaho police. Without a warrant or court order, investigators asked the lab to run the crime scene DNA against Sorenson’s private genealogical DNA database. Sorenson found 41 potential familial matches, one of which matched on 34 out of 35 alleles—a very close match that would generally indicate a close familial relationship. The cops then asked, not only for the “protected” name associated with that profile, but also for all “all information including full names, date of births, date and other information pertaining to the original donor to the Sorenson Molecular Genealogy project.”

Link to Original Source

+ - Uber? It's not in Kansas anymore->

Submitted by mpicpp
mpicpp writes: Need a cab in Kansas? You'll have to hail one the old-fashioned way. Uber isn't in Kansas anymore.

It stopped operations there Tuesday after the state legislature approved a new law the company says makes it "impossible" to keep operating.

Kansas legislators voted to override Gov. Sam Brownback's veto of new, stricter regulations on companies like Uber, that allow people to hail a ride with an app on their smartphone.

The governor said the new rules are "premature."
"To over-regulate or improperly regulate an emerging industry before the marketplace actors make proper arrangements is to invite more, problems, not less," he said in April, when he vetoed the legislation.

Uber first launched in Kansas about a year ago.
The company was actually on board with the original draft of the new rules. It required Uber to disclose certain information to customers, including how fares are calculated and the driver's license plate number before they get in the car. Uber already does those things in its app.

But, the final bill also requires Uber drivers to carry a level of insurance that the company said is not required in any other state.

Link to Original Source

+ - The Ambitions And Challenges Of Mesh Networks and The Local Internet Movement->

Submitted by Lashdots
Lashdots writes: Recently, a pair of artists in New York put forward an unusual plan for teaching middle school students about the Internet: specifically, by teaching them how to get off it and build their own. With a private social network and a wireless "darknet," OurNet is part of a growing movement that aims to consider and build alternative digital networks. Using affordable, off-the-shelf hardware and open-source software, communities around the world are assembling small, independent, nonprofit wireless mesh networks... And yet, while the decentralized, ad hoc network architecture appeals philosophically to tech-savvy users fed up with monopolistic ISPs, nobody’s found a way to make mesh networks work easily and efficiently enough to replace many home Internet connections. Meanwhile, in spite of the challenges, hackers and artists have located a broader educational and philosophical element to these projects. Says Dan Phiffer, an artist and programmer: "We kind of realize that none of these systems that we use are inevitable."
Link to Original Source

+ - Cyberlock lawyers threaten security researcher over vulnerability disclosure

Submitted by qubezz
qubezz writes: Security researcher Phar (Mike Davis/IOActive) gave his 30 days of disclosure notice to Cyberlock (apparently a company that makes electronic lock cylinders) that he would release a public advisory on vulnerabilities he found with the company's security devices. On day 29, their lawyers responded with a request to refrain, feigning ignorance of the previous notice, and invoking mention of the DMCA (this is not actually a DMCA takedown notice, as the law firm is attempting to suppress initial disclosure through legal wrangling). Mike's blog states:


The previous DMCA threats are from a company called Cyberlock, I had planned to do a fun little blog post (cause i .. hate blog posts) on the fun of how I obtained one, extracted the firmware bypassing the code protection and figured out its "encryption" and did various other fun things a lock shouldn't do for what its marketed as.. But before I could write that post I needed to let them know what issues we have deemed weaknesses in their gear.. the below axe grinderery is the results.

What should researchers do when companies make baseless legal threats to maintain their security-through-obscurity?

Comment: Re:Is this Google's fault? (Score 1, Interesting) 386

by countSudoku() (#49625311) Attached to: Google Can't Ignore the Android Update Problem Any Longer

" it was available on our iPad Air the next day"

Nice! Can I get an illegal copy your U2 mp3s? Personally, my daughter had to offload MANY apps from her iPodpad to make room for that "next day update" which we installed some many months later, I suspect.

Comment: Re:Is this Google's fault? (Score 0) 386

by countSudoku() (#49625291) Attached to: Google Can't Ignore the Android Update Problem Any Longer

Thank you, good ser! You and the other "earliest adopters" are my heroes who barge into the latest releases and expose all the ugliness at your own sanity's expense! Thank you!^3

I think we can all glean from the mini-article that this is a problem with the many manufacturers out there just sitting on their last OS release/update like that's all they'll ever need to do... And it's so easy to pick on Android, Apple does all their own hardware so natch' there is going to be tight integration with their in-house OS, guy.

Also, there is no easy porting tool for Android/iOS apps to compile into WinX, er I mean Win10. What the HELL am I smoking?! They are just making the various native languages available to their OS API. There is NO magic tool to port the mobile OS apps to WinX. You'll be doing this by hand, good luck with your new friend DirectX or whichever graphics libs they offer now, as I will be doing with the counting of how many "ports" get ported to WinX10, bros! That's zero so far.

Competence, like truth, beauty, and contact lenses, is in the eye of the beholder. -- Dr. Laurence J. Peter

Working...