Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Take advantage of Black Friday with 15% off sitewide with coupon code "BLACKFRIDAY" on Slashdot Deals (some exclusions apply)". ×

Lawmakers Say CFAA Is Too Hard On Hackers 154

GovTechGuy writes "A number of lawmakers are using the death of Internet activist Aaron Swartz to speak out against the Justice Department's handling of the case, and application of the Computer Fraud and Abuse Act. The controversy surrounding the Swartz case could finally give activists the momentum they need to halt the steady increase in penalties for even minor computer crimes."
Hardware Hacking

Makerbot Cracks Down On 3D-Printable Gun Parts 528

Sparrowvsrevolution writes in with a story at Forbes about Makerbot deleting gun component blueprints on Thingiverse. "In the wake of the Newtown, Connecticut shootings, the 3D-printing firm Makerbot has deleted a collection of blueprints for gun components from Thingiverse, its popular user-generated content website that hosts 3D-printable files. Though Thingiverse has long banned designs for weapons and their components in its terms of service, it rarely enforced the rule until the last few days, when the company's lawyer sent notices to users that their software models for gun parts were being purged from the site. Gun control advocates were especially concerned about the appearance of lower receivers for semi-automatic weapons that have appeared on Thingiverse. The lower receiver is the the 'body' of a gun, and its most regulated component. So 3D-printing that piece at home and attaching other parts ordered by mail might allow a lethal weapon to be obtained without any legal barriers or identification. Makerbot's move to delete those files may have been inspired in part by a group calling itself Defense Distributed, which announced its intention to create an entirely 3D-printable gun in August and planned to potentially upload it to Thingiverse. Defense Distributed says it's not deterred by Makerbot's move and will host the plans on its own site."

Maker of Hackable Hotel Locks Finally Agrees To Pay For Bug Fix 66

Sparrowvsrevolution writes "Slashdot readers are no doubt familiar by now with the case of Onity, the company whose locks are found on 4 million hotel room doors worldwide and, as came to light over the summer, can be opened in seconds with a $50 Arduino device. Since that hacking technique was unveiled by Mozilla developer Cody Brocious at Black Hat, Onity first downplayed its security flaws and then tried to force its hotel customers to pay the cost of the necessary circuit board replacements to fix the bug. But now, after at least one series of burglaries exploiting the bug hit a series of hotel rooms in Texas, Onity has finally agreed to shoulder the cost of replacing the hardware itself — at least for its locks in major chain hotels in the U.S. installed after 2005. Score one point for full disclosure."

Anthropologist Spends Three Years Living With Hackers 252

concealment writes "Coleman, an anthropologist who teaches at McGill University, spent three years studying the community that builds the Debian GNU/Linux open source operating system and hackers in the Bay Area. More recently, she's been peeling away the onion that is the Anonymous movement, a group that hacks as a means of protest — and mischief. When she moved to San Francisco, she volunteered with the Electronic Frontier Foundation — she believed, correctly, that having an eff.org address would make people more willing to talk to her — and started making the scene. She talked free software over Chinese food at the Bay Area Linux User Group's monthly meetings upstairs at San Francisco's Four Seas Restaurant. She marched with geeks demanding the release of Adobe eBooks hacker Dmitry Sklyarov. She learned the culture inside-out."

FBI Says They're Now Working 24/7 To Investigate Hackers and Network Attacks 74

An anonymous reader writes "The Federal Bureau of Investigation (FBI) is finally stepping up its game when it comes to hackers. Maybe it was Anonymous that did it or maybe it was statements from the US Secretary of Defense two weeks ago, but either way, the FBI is now hunting hackers 24/7." I'm happy that the FBI no longer has an investigation schedule when it comes to online crime, but I have to think that I'm not the only one who assumed they were doing this before.

JavaScript Botnet Sheds Light On Criminal Activity 50

CowboyRobot writes "Informatica64, a security research group, demonstrated the use of cached JavaScript to control computers connecting to a malicious proxy. 'The researchers found a variety of low-level criminals using their proxy server: fraudsters posing as British immigration officials offering work permits in hopes of stealing money and sensitive documents from their victims; a man pretending to be a pretty woman on a number of dating sites to con victims into sending money for a plane ticket; and another fraudster selling nonexistent Yorkshire Terriers.'"

Witness In Secret WikiLeaks Grand Jury Hearing Posts Transcript of Questioning 184

Sparrowvsrevolution writes "A year ago, free information advocate and Bradley Manning supporter David House was subpoenaed to testify in the grand jury investigation of WikiLeaks that's taking place in Alexandria, Virginia. Now he's released a transcript of his interrogation that he produced by taking handwritten notes on a legal pad and handing pages to his lawyer during their consultations. Though House pled the fifth and didn't tell the prosecutors much, the notes show the prosecution attorneys focusing their questions on Boston-area hackers as well as Tor developer and WikiLeaks supporter Jacob Appelbaum."

Dept. of Homeland Security To Build Better Cyber Workforce 57

coondoggie writes "Secretary of Homeland Security Janet Napolitano today said the agency will form a cybersecurity workforce task group that will consider strategies such as expanding DHS involvement in cyber competitions and university programs, enhancing public-private security partnerships and working with other government agencies to develop a more agile cyber workforce across the federal government. The new task force will be co-chaired by hacking expert Jeff Moss who now works for the Homeland Security Advisory Council and Alan Paller is director of research at the SANS Institute."

Meet the Hackers Who Get Rich Selling Spies Zero-Day Exploits 158

Sparrowvsrevolution writes "Forbes profiles Vupen, a French security firm that openly sells secret software exploits to spies and government agencies. Its customers pay a $100,000 annual fee simply for the privilege of paying extra fees for the exploits that Vupen's hackers develop, which the company says can penetrate every major browser, as well as other targets like iOS, Android, Adobe Reader and Microsoft Word. Those individual fees often cost much more than that six-figure subscription, and Vupen sells them non-exclusively to play its customers off each other in an espionage arms race. The company's CEO, Chaouki Bekrar, says Vupen only sells to NATO governments and 'NATO partners' but he admits 'if you sell weapons to someone, there's no way to ensure that they won't sell to another agency.'"

Hackers Nab Unreleased Michael Jackson Tracks From Sony 192

wiredmikey writes "Sony once again has found itself in the news surrounding another hacking-related incident. This time around, the breach doesn't appear to involve any lost user data or customer accounts, but instead, some valuable property owned by the record company. Today, several British news outlets have reported that more than 50,000 music tracks have been illegally accessed and downloaded by hackers, including a large number from the late Michael Jackson. Sony bought the catalog from Jackson's estate for $250 million in 2010, giving the company distribution rights to the unreleased music. The attack reportedly occurred shortly after details of the massive PlayStation Network breach last April, but details were only revealed this past weekend."

Google Wallet Stores Card Data In Plain Text 213

nut writes "The much-hyped payment application from Google on Android has been examined by viaForensics and appears to store some cardholder data in plaintext. Google wallet is the first real payment system to use NFC on Android. Version 2 of the PCI DSS (the current standard) mandates the encryption of transmitted cardholder data encourages strong encryption for its storage. viaForensics suggest that the data stored in plain text might be sufficient to allow social engineering to obtain a credit card number."
The Internet

Researcher's Tool Catches Net Neutrality Cheaters 131

Sparrowvsrevolution writes "At the Black Hat security conference in Las Vegas Wednesday, researcher Dan Kaminsky announced he will release a free software tool for detecting when an Internet service provider is artificially slowing down or speeding up traffic to and from a website, a tool he is calling N00ter, or 'neutral router.' N00ter functions like a VPN, routing traffic through a proxy and disguising its source and destination. But instead of encrypting the traffic in both directions as VPNs do, it instead spoofs the traffic from a Web site to a user to make it seem to be coming from any Web site that the user wants to test. That traffic can be compared with a normal connection to the N00ter server without a spoofed IP address, to spot any artificial changes in speed."

Is This the Golden Age of Hacking? 213

Barence writes "With a seemingly continuous wave of attacks hitting the public and commercial sectors, there has never been a more prodigious period for hackers, argues PC Pro. What has led to the sudden hacking boom? Ease of access to tools has also led to an explosion in the numbers of people actively looking for companies with weakened defenses, according to security experts. Meanwhile, the recession has left thousands of highly skilled IT staff out of work and desperate for money, while simultaneously crimping companies' IT security budgets. The pressure to get systems up and running as quickly as possible also means that networks aren't locked down as tightly as they should be, which can leave back doors open for hackers."

Turkish Police Nab 32 Suspects Tied To Anonymous 153

wiredmikey writes "Following the arrest of three alleged 'Anonymous' members by Spanish authorities on Friday, Turkey's state-run news agency has reported that police have detained 32 individuals allegedly linked to the hacktivist group. The Anatolia news agency said today that the suspects were taken into custody after conducting raids in a dozen cities for suspected ties to Anonymous. The group recently targeted Web sites of the country's telecommunications watchdog, the prime minister's office and parliament as a protest to Turkey's plans to introduce Internet filters."

A Look Inside the Bustling Cybercrime Marketplace 44

wiredmikey writes "Cybercrime's underground activity, much like a Middle Eastern bazaar, is a loud and boisterous market. Buying, selling, haggling and cheating all take place in these marketplaces. Each marketplace houses other specialized-markets of illegitimate goods. There's the credit cards market, the bot rental market, another one for viruses, and one more for the credentials – to name a few. The column discusses how cybercriminals communicate, how these markets operate and how hacker transactions are being performed."

Neutrinos have bad breadth.