Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror

Submission + - CISA: the dirty deal between Google and the NSA that no one is talking about->

schwit1 writes: It's hard to find a more perfect example of this collusion than in a bill that's headed for a vote soon in the U.S. Senate: the Cybersecurity Information Sharing Act, or CISA.

CISA is an out and out surveillance bill masquerading as a cybersecurity bill. It won't stop hackers. Instead, it essentially legalizes all forms of government and corporate spying.

Here's how it works. Companies would be given new authority to monitor their users — on their own systems as well as those of any other entity — and then, in order to get immunity from virtually all existing surveillance laws, they would be encouraged to share vaguely defined "cyber threat indicators" with the government. This could be anything from email content, to passwords, IP addresses, or personal information associated with an account. The language of the bill is written to encourage companies to share liberally and include as many personal details as possible.

That information could then be used to further exploit a loophole in surveillance laws that gives the government legal authority for their holy grail — "upstream" collection of domestic data directly from the cables and switches that make up the Internet.

Link to Original Source

Submission + - Could the Slashdot community take control of Slashdot? 10

turp182 writes: This is intended to be an idea generation story for how the community itself could purchase and then control Slashdot. If this happened I believe a lot of former users would at least come and take a look, and some of them would participate again.

This is not about improving the site, only about aquiring the site.

First, here's what we know:
1. DHI (Dice) paid $20 million for Slashdot, SourceForce, and Freecode, purchased from Geeknet back in 2012:
    http://techcrunch.com/2012/09/...
2. Slashdot has an Alexa Global Rank of 1,689, obtaining actual traffic numbers require money to see:
    http://www.alexa.com/siteinfo/...
3. According to Quantcast, Slashdot has over 250,000 unique monthly views:
    https://www.quantcast.com/slas...
4. Per an Arstechnia article, Slashdot Media (Slashdot and Sourceforge) had 2015Q2 revenues of $1.7 million and have expected full year revenues of $15-$16 million (which doesn't make sense given the quarterly number):
    http://arstechnica.com/informa...

Next, things we don't know:
0. Is Slashdot viable without a corporate owner? (the only question that matters)
1. What would DHI (Dice) sell Slashdot for? Would they split it from Sourceforge?
2. What are the hosting and equipment costs?
3. What are the personnel costs (editors, advertising saleforce, etc.)?
4. What other expenses does the site incur (legal for example)?
5. What is Slashdot's portion of the revenue of Slashdot Media?

These questions would need to be answered in order to valuate the site. Getting that info and performing the valuation would require expensive professional services.

What are possible ways we could proceed?

In my opinion, a non-profit organization would be the best route.

Finally, the hard part: Funding. Here are some ideas.

1. Benefactor(s) — It would be very nice to have people with some wealth that could help.
2. Crowdfunding/Kickstarter — I would contribute to such an effort I think a lot of Slashdotters would contribute. I think this would need to be a part of the funding rather than all of it.
3. Grants and Corporate Donations — Slashdot has a wide and varied membership and audience. We regularly see post from people that work at Google, Apple, and Microsoft. And at universities. We are developers (like me), scientists, experts, and also ordinary (also like me). A revived Slashdot could be a corporate cause in the world of tax deductions for companies.
4. ????
5. Profit!

Oh, the last thing: Is this even a relevant conversation?

I can't say. I think timing is the problem, with generating funds and access to financial information (probably won't get this without the funds) being the most critical barriers. Someone will buy the site, we're inside the top 2,000 global sites per info above.

The best solution, I believe, is to find a large corporate "sponsor" willing to help with the initial purchase and to be the recipient of any crowd sourcing funds to help repay them. The key is the site would have to have autonomy as a separate organization. They could have prime advertising space (so we should focus on IBM...) with the goal would be to repay the sponsor in full over time (no interest please?).

The second best is seeking a combination of "legal pledges" from companies/schools/organizations combined with crowdsourcing. This could get access to the necessary financials.

Also problematic, from a time perspective, a group of people would need to be formed to handle organization (managing fundraising/crowdsourcing) and interations with DHI (Dice). All volunteer for sure.

Is this even a relevant conversation? I say it is, I actually love Slashdot; it offers fun, entertaining, and enlightning conversation (I browse above the sewer), and I find the article selection interesting (this gyrates, but I still check a lot).

And to finish, the most critical question: Is Slashdot financially viable as an independent organization?

Submission + - Dice Ditches Slashdot and SourceForge->

lq_x_pl writes: After failing to effectively capitalize on Slashdot's user base, Dice Holdings is deciding to sell off Slashdot and Sourceforge. Dice also announced that they would be selling off Sourceforge. The change of ownership is likely welcome, as Dice has been much-maligned by Slashdot's regulars.
Link to Original Source

Submission + - Hacker Set to Demonstrate 60 Second BRINKS Safe Hack at DEFCON->

darthcamaro writes: Ok so we know that Chrysler cars will be hacked at Black Hat, Android will be hacked at DEFCON with Stagefright, and now word has come out that a pair of security researchers plan on bringing a BRINKS safe onstage at DEFCON to demonstrate how it can be digitally hacked. No this isn't some kind of lockpick, but rather a digital hack, abusing the safe's exposed USB port. And oh yeah, it doesn't hurt that the new safe is running Windows XP either.
Link to Original Source

Submission + - Cold War, NSA, GCHQ and Encryption->

Taco Cowboy writes: In the 1980s, the historian James Bamford was researching his book The Puzzle Palace about the US National Security Agency (NSA) and came across references to the "Boris project" in papers written by William F Friedman, the founding father of code-breaking in America. The "Boris project' details a secret agreement between Boris Hagelin, the founder of Crypto AG, a Switzerland company which sold Enigma-like machines to nations and spy agencies around the world, and NSA

Upon learning of Mr. Bamford's discovery the NSA promptly had the papers locked up in a vault

In 1995, journalist Scott Shane, then at the Baltimore Sun, found indications of contacts between the company and the NSA in the 1970s, but the company said claims of a deal were "pure invention"

The new revelations of a deal do not come from a whistleblower or leaked reports, but are buried within 52,000 pages of documents declassified by the NSA itself this April and investigated by the BBC

The relationship was based on a deep personal friendship between Hagelin and Friedman, forged during the War. The central document is a once top-secret 22-page report of a 1955 visit by Friedman to Zug in Switzerland, where Crypto AG was based

Some elements of the memo have been redacted — or blacked out — by the NSA. But within the released material, are two versions of the same memo, as well as a draft

Each of the versions has different parts redacted. By placing them side by side and cross referencing with other documents, it is possible to learn many — but not all — details. The different versions of the report make clear Friedman — described as special assistant to the director of NSA — went with a proposal agreed not just by US, but also British intelligence

http://ichef.bbci.co.uk/news/4...

Friedman offered Hagelin time to think his proposal over, but Hagelin accepted on the spot

The relationship, initially referred to as a "gentleman's agreement", included Hagelin keeping the NSA and GCHQ informed about the technical specifications of different machines and which countries were buying which ones. The provision of technical details "is a revelation of the first order," says Paul Reuvers, an engineer who runs the Crypto Museum website

"That's extremely valuable. It is something you would not normally do because the integrity and secrecy of your own customer is mandatory in this business"

The key to breaking mechanical encryption machines — such as Enigma or those produced by Hagelin — is to understand in detail how they work and how they are used. This knowledge can allow smart code breakers to look for weaknesses and use a combination of maths and computing to work through permutations to find a solution. In one document, Hagelin hints to Friedman he is going to be able "to supply certain customers" with a specific machine which, Friedman notes, is of course "easier to solve than the new models"

Previous reports of the deal suggested it may have involved some kind of backdoor in the machines, which would provide the NSA with the keys. But there is no evidence for this in the documents (although some parts remain redacted)

Rather, it seems the detailed knowledge of the machines and their operations may have allowed code-breakers to cut the time needed to decrypt messages from the impossible to the possible

The relationship also involved not selling machines such as the CX-52, a more advanced version of the C-52 — to certain countries. "The reason that CX-52 is so terrifying is because it can be customised," says Prof Richard Aldrich, of the University of Warwick. "So it's a bit like defeating Enigma and then moving to the next country and then you've got to defeat Enigma again and again and again"

Some countries — including Egypt and India — were not told of the more advanced models and so bought those easier for the US and UK to break

In some cases, customers appear to have been deceived. One memo indicates Crypto AG was providing different customers with encryption machines of different strengths at the behest of Nato and that "the different brochures are distinguishable only by 'secret marks' printed thereon"

Historian Stephen Budiansky says: "There was a certain degree of deception going on of the customers who were buying [machines] and thinking they were getting something the same as what Hagelin was selling everywhere when in fact it was a watered-down version"

Among the customers of Hagelin listed are Egypt, Iraq, Saudi Arabia, Syria, Pakistan, India, Jordan and others in the developing world

In the summer of 1958, army officers apparently sympathetic to Egyptian President Gamal Abdel Nasser overthrew the regime in Iraq. Historian David Easter, of King's College, London, says intelligence from decrypted Egyptian communications was vital in Britain being able to rapidly deploy troops to neighbouring Jordan to forestall a potential follow-up coup against a British ally

The 1955 deal also appears to have involved the NSA itself writing "brochures", instruction manuals for the CX-52, to ensure "proper use". One interpretation is these were written so certain countries could use the machines securely — but in others, they were set up so the number of possible permutations was small enough for the NSA to crack

In a statement, a GCHQ spokesman said the agency "does not comment on its operational activities and neither confirms nor denies the accuracy of the specific inferences that have been drawn from the document you are discussing"

The NSA also declined to comment on the specific conclusions

Link to Original Source

Submission + - Senator Ted Cruz believes that Kirk is a Republican while Picard is a Democrat-> 1

McGruber writes: Republican presidential candidate and Trekker Ted Cruz claimed in an interview with The New York Times Magazine that "It is quite likely that Kirk is a Republican and Picard is a Democrat.”

Cruz also stated a strong preference for Kirk: "Let me do a little psychoanalysis. If you look at ‘‘Star Trek: The Next Generation,’’ it basically split James T. Kirk into two people. Picard was Kirk’s rational side, and William Riker was his passionate side. I prefer a complete captain. To be effective, you need both heart and mind."

William Shanter responded via Twitter: "Star Trek wasn't political. I'm not political; I can't even vote in the US. So to put a geocentric label on interstellar characters is silly"

Link to Original Source

Submission + - HP conversion to corporate hell complete as R&D dress code enforced. 1

An anonymous reader writes: HP was once known as a research ant technology giant, a company founded in a garage by a pair of engineers and dominated by researchers. Whilst a part of that lives on in Agilent any hope for the rest of the company has now died with the announcement that HP R&D will have to dress in business "smart casual" with T-shirts, baseball caps, short skirts, low cut dresses and sportsware all being banned.

Submission + - The Android L Update for Nvidia Shield Portable Removes Features

An anonymous reader writes: For those of us who still remember the hobson's choice with the 3.21 update of the PS3 firmware, the most recent update to the Nvidia Shield Portable is eerily similar. The update, which is necessary to run recent games and apps that require Android 5.0 APIs, removes some features from the device, and removes the games that were bundled with the device, Sonic 4 Episode II and The Expendables: ReArmed. Nvidia has stressed that it is an optional update, but how many users have been told for months that the update was coming, some of whom may have bought the device after the update was announced, only to find out now they won't receive all the functionality they paid for? How is it still legal for these companies to advertise and sell a whole product but only deliver part of it?

Submission + - Remote control of a car, with no phone or network connection required

Albanach writes: Following on from this week's Wired report showing the remote control of a Jeep using a cell phone, security researchers claim to have achieved a similar result using just the car radio. Using off the shelf components to create a fake radio station, the researchers sent signals using the DAB digital radio standard used in Europe and the Asia Pacific region. After taking control of the car's entertainment system it was possible to gain control of vital car systems such as the brakes. In the wild, such an exploit could allow widespread simultaneous deployment of a hack affecting huge numbers of vehicles.

Submission + - LinkedIn Quietly Removes Tool To Export Contacts

An anonymous reader writes: LinkedIn has removed the option to export your contacts. Instead, the company is asking users to request an archive of their data, but that process can take up to 72 hours to complete. Before it disappeared today, LinkedIn’s export contacts feature allowed you to easily export your own contacts as a downloadable CSV or VCF file. That included contacts you made while using the service, as well as any you manually imported into LinkedIn. Now that feature is gone, without even a simple warning.

Submission + - How pentaquarks may lead to the discovery of new fundamental physics

StartsWithABang writes: Over 100 years ago, Rutherford's gold foil experiment discovered the atomic nucleus. At higher energies, we can split that nucleus apart into protons and neutrons, and at still higher ones, into individual quarks and gluons. But these quarks and gluons can combine in amazing ways: not just into mesons and baryons, but into exotic states like tetraquarks, pentaquarks and even glueballs. As the LHC brings these states from theory to reality, here's what we're poised to learn, and probe, by pushing the limits of quantum chromodynamics.

Unix will self-destruct in five seconds... 4... 3... 2... 1...

Working...