Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Privacy

LinkedIn Used To Create Database of 27,000 US Intelligence Personnel 11

Posted by samzenpus
from the running-the-numbers dept.
An anonymous reader writes: A new group, Transparency Toolkit, has mined LinkedIn to reveal and analyze the resumes of over 27,000 people in the U.S. intelligence community. In the process, Transparency Toolkit said it found previously unknown secret codewords and references to surveillance technologies and projects. "'Transparency Toolkit uses open data to watch the watchers and hold the powerful to account,' the group's website says. 'We build free software to collect and analyze open data from a variety of sources. Then we work with investigative journalists and human rights organizations to turn that into useful, actionable knowledge. Currently, our primary focuses are investigating surveillance and human rights abuses.'"

+ - C Code On GitHub Has the Most 'Ugly Hacks'->

Submitted by itwbennett
itwbennett writes: An analysis of GitHub data shows that C developers are creating the most ugly hacks — or are at least the most willing to admit to it. To answer the question of which programming language produces the most ugly hacks, ITworld's Phil Johnson first used the search feature on GitHub, looking for code files that contained the string 'ugly hack'. In that case, C comes up first by a wide margin, with over 181,000 code files containing that string. The rest of the top ten languages were PHP (79k files), JavaScript (38k), C++ (22k), Python (19k), Text (11k), Makefile (11k), HTML, (10k), Java (7k), and Perl (4k). Even when controlling for the number of repositories, C wins the ugly-hack-athon by a landslide, Johnson found.
Link to Original Source

+ - 3-D Printed Gun Lawsuit Starts the War Between Arms Control and Free Speech->

Submitted by SonicSpike
SonicSpike writes: This week marks the two-year anniversary since Cody Wilson, the inventor of the world’s first 3-D printable gun, received a letter from the State Department demanding that he remove the blueprints for his plastic-printed firearm from the internet. The alternative: face possible prosecution for violating regulations that forbid the international export of unapproved arms.

Now Wilson is challenging that letter. And in doing so, he’s picking a fight that could pit proponents of gun control and defenders of free speech against each other in an age when the line between a lethal weapon and a collection of bits is blurrier than ever before.

Wilson’s gun manufacturing advocacy group Defense Distributed, along with the gun rights group the Second Amendment Foundation, on Wednesday filed a lawsuit against the State Department and several of its officials, including Secretary of State John Kerry. In their complaint, they claim that a State Department agency called the Directorate of Defense Trade Controls (DDTC) violated their first amendment right to free speech by telling Defense Distributed that it couldn’t publish a 3-D printable file for its one-shot plastic pistol known as the Liberator, along with a collection of other printable gun parts, on its website.

Link to Original Source

+ - Researcher: drug Infusion Pump is the 'least secure IP device' he's ever seen->

Submitted by chicksdaddy
chicksdaddy writes: This is a bad month for the medical equipment maker Hospira. First, security researcher Billy Rios finds a raft of serious and remotely exploitable holes in the company's MedNet software, prompting a vulnerability alert from ICS CERT. Now, one month later, ICS CERT is again warning of a "10 out of 10" critical vulnerability, this time in Hospira's LifeCare PCA drug infusion pump.(https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-3459)

The problem? According to this report by Security Ledger (https://securityledger.com/2015/05/researcher-drug-pump-the-least-secure-ip-device-ive-ever-seen/) the main problem was an almost total lack of security controls on the device. According to independent researcher Jeremy Williams, the PCA pump listens on Telnet port 23. Connecting to the device via Telnet, he was brought immediately to a root shell account that gave him total, administrator level access to the pump without authentication. “The only thing I needed to get in was an interest in the pump,” he said.

Richards found other examples of loose security on the PCA 3: a FTP server that could be accessed without authentication and an embedded web server that runs Common Gateway Interface (CGI). That could allow an attacker to tamper with the pump’s operation using fairly simple scripts.

Also: The PCA pump stores wireless keys used to connect to the local (medical device) wireless network in plain text on the device. That means anyone with physical access to the Pump (which has an ethernet port) could gain access to the local medical device network and other devices on it.
The problems prompted Richards to call the PCA 3 pump “the least secure IP enabled device” he has ever worked with. (http://hextechsecurity.com/?p=123)

Hospira did not responded to requests for comment prior to publication.

Link to Original Source

+ - MacKeeper May Have To Pay Millions In Class-Action Suit->

Submitted by jfruh
jfruh writes: If you use a Mac, you probably recognize MacKeeper from the omnipresent popup ads designed to look vaguely like system warnings urging you to download the product and use it to keep your computer safe. Now the Ukranian company behind the software and the ads may have to pay millions in a class action suit that accuses them of exaggerating security problems in order to convince customers to download the software.
Link to Original Source
Space

17-Year-Old Radio Astronomy Mystery Traced Back To Kitchen Microwave 198

Posted by samzenpus
from the give-it-another-30-secs dept.
New submitter Bo'Bob'O writes: The BBC reports that the scientists at the Parkes and Bleien Radio Observatories in New South Whales, Australia, have tracked down earth-based signals that had been eluding observation for 17 years. These signals, which came to be called Perytons "occurred only during office hours and predominantly on weekdays." The source, as it turned out, was located right inside the antenna's tower where impatient scientists had been opening the kitchen microwave door before its cycle had finished. As the linked paper concludes, this, and a worn magnetron caused a condition that allowed the microwaves to emit a burst of frequencies not expected by the scientists, only compounding the original mystery.
Open Source

Why Was Linux the Kernel That Succeeded? 314

Posted by samzenpus
from the belle-of-the-ball dept.
jones_supa writes: One of the most puzzling questions about the history of free and open source software is this: Why did Linux succeed so spectacularly, whereas similar attempts to build a free or open source, Unix-like operating system kernel met with considerably less success? Christopher Tozzi has rounded up some theories, focusing specifically on kernels, not complete operating systems. These theories take a detailed look at the decentralized development structure, pragmatic approach to things, and the rich developer community, all of which worked in favor of Linux.
Biotech

Apple's Plans For Your DNA 93

Posted by Soulskill
from the download-a-parkinson's-cure-from-itunes dept.
An anonymous reader writes: MIT's Technology Review breaks news that Apple is working with scientists to create apps that collect and evaluate users' DNA. "The apps are based on ResearchKit, a software platform Apple introduced in March that helps hospitals or scientists run medical studies on iPhones by collecting data from the devices' sensors or through surveys." A source says Apple's plan is to enable users to easily share their DNA information with medical workers and researchers performing studies. "To join one of the studies, a person would agree to have a gene test carried out—for instance, by returning a "spit kit" to a laboratory approved by Apple. The first such labs are said to be the advanced gene-sequencing centers operated by UCSF and Mount Sinai."
EU

Europe Vows To Get Rid of Geo-Blocking 104

Posted by Soulskill
from the this-article-only-available-at-select-latitudes dept.
AmiMoJo writes: The European Commission has adopted a new set of initiatives for digital technologies that aims to improve access to online services for everyday users. Among other things, Europe vows to end geo-blocking, which it describes as "a discriminatory practice used for commercial reasons," and lift other unwarranted copyright restrictions. Consumers will have the right to access content they purchased at home in other European countries. "I want to see every consumer getting the best deals and every business accessing the widest market – wherever they are in Europe," Commission President Jean-Claude Juncker says.
News

Two Programmers Expose Dysfunction and Abuse In the Seattle Police Department 230

Posted by Soulskill
from the now-keep-your-heads-down dept.
reifman writes: Programmers Eric Rachner and Phil Mocek are now the closest thing Seattle has to a civilian police-oversight board. Through shrewd use of Washington's Public Records Act, the two have acquired hundreds of reports, videos, and 911 calls related to the Seattle Police Department's internal investigations of officer misconduct. Among some of Rachner and Mocek's findings: a total of 1,028 SPD employees (including civilian employees) were investigated between 2010 and 2013. (The current number of total SPD staff is 1,820.) Of the 11 most-investigated employees—one was investigated 18 times during the three-year period—every single one of them is still on the force, according to SPD.

In 569 allegations of excessive or inappropriate use of force (arising from 363 incidents), only seven were sustained—meaning 99 percent of cases were dismissed. Exoneration rates were only slightly smaller when looking at all the cases — of the total 2,232 allegations, 284 were sustained. This is partly why the Seattle PD is under a federal consent decree for retraining and oversight. You can check out some of the typically excellent Twitter coverage by Mocek from his #MayDaySea coverage.

+ - Apple's Plans For Your DNA->

Submitted by Anonymous Coward
An anonymous reader writes: MIT's Technology Review breaks news that Apple is working with scientists to create apps that test and evaluate users' DNA. "The apps are based on ResearchKit, a software platform Apple introduced in March that helps hospitals or scientists run medical studies on iPhones by collecting data from the devices’ sensors or through surveys." A source says Apple's plan is to enable users to easily share their DNA information with medical workers and researchers performing studies. "To join one of the studies, a person would agree to have a gene test carried out—for instance, by returning a “spit kit” to a laboratory approved by Apple. The first such labs are said to be the advanced gene-sequencing centers operated by UCSF and Mount Sinai."
Link to Original Source

+ - Capitol Hill's Uber caucus->

Submitted by Anonymous Coward
An anonymous reader writes: In all, some 275 federal politicians and political committees together spent more than $278,000 on at least 7,625 Uber rides during the 2013-2014 election cycle, a Center for Public Integrity analysis of campaign spending records indicates.

That’s a roughly 18-fold spending increase from the previous election cycle, when federal committees together spent about $15,000 on Uber services. It represents a veritable monopoly, too: Almost no political committee used Uber’s direct competitors, Lyft and Sidecar, according to the analysis, and traditional taxi use declined precipitously.

Bipartisan love of Uber abounds, with politicos of all stripes composing a de facto Uber caucus, voting with their money for a wildly popular but controversial company.

Link to Original Source
Displays

Oculus Rift Launching In Q1 2016 71

Posted by Soulskill
from the virtually-immediately dept.
An anonymous reader writes: Oculus has announced that their Rift virtual reality headset will be coming out sometime in the first quarter of 2016. They've also posted a couple images of the final consumer headset design. The device was Kickstarted in August, 2012. Consumer-level release dates have slowly slipped further and further out since then, though they've shipped two different development kits. Ars points out that a 2016 launch date will bring the Oculus Rift to market after the Valve/HTC VR headset, and possibly after Sony's Project Morpheus.
Businesses

Apple Gets Antitrust Scrutiny Over Music Deals 42

Posted by Soulskill
from the apple-a-day-keeps-the-competition-at-bay dept.
An anonymous reader writes: Bloomberg reports that the U.S. Federal Trade Commission is probing Apple after its acquisition of Beats Electronics, and its various deals with record labels to sell music through the iTunes store. As part of the acquisition, Apple now owns the music streaming service created by Beats, and they're planning to release a new version sometime soon. This makes their ties to the record labels, already deep because of iTunes, even stronger — and could affect the labels' relationships with other streaming services, like Spotify. Investigators want to know if Apple is using these business deals as leverage for "curtailing ad-supported music and pushing more songs into paid tiers of service at higher rates."

If I have not seen as far as others, it is because giants were standing on my shoulders. -- Hal Abelson

Working...