Earlier today, Australia's House of Representatives passed the Assistance and Access Bill. The Anti-Encryption Bill, as it is known as, would allow the nation's police and anti-corruption forces to ask, before forcing, internet companies, telcos, messaging providers, or anyone deemed necessary, to break into whatever content agencies they want access to. "While the Bill can still be blocked by the Senate -- Australian Twitter has been quite vocal over today's proceedings, especially in regards to the [Australian Labor Party's] involvement," reports Gizmodo. ZDNet highlights the key findings from a report from the Parliamentary Joint Committee on Intelligence and Security (PJCIS): The threshold for industry assistance is recommended to be lifted to offenses with maximum penalties in excess of three years; Technical Assistance Notices (TANs) and Technical Capability Notices (TCNs) will be subjected to statutory time limits, as well as any extension, renewal, or variation to the notices; the systemic weakness clause to apply to all listing acts and things; and the double-lock mechanism of approval from Attorney-General and Minister of Communications will be needed, with the report saying the Communications Minister will provide "a direct avenue for the concerns of the relevant industry to be considered as part of the approval process."

The report's recommendations also call for a review after 18 months of the Bill coming into effect by the Independent National Security Legislation Monitor; TANs issued by state and territory police forces to be approved by the Australian Federal Police commissioner; companies issued with notices are able to appeal to the Attorney-General to disclose publicly the fact they are issued a TCN; and the committee will review the passed legislation in the new year and report by April 3, 2019, right around when the next election is expected to be called. In short: "Testimony from experts has been ignored; actual scrutiny of the Bill is kicked down the road for the next Parliament; Labor has made sure it is not skewered by the Coalition and seen to be voting against national security legislation on the floor of Parliament; and any technical expert must have security clearance equal to the Australia's spies, i.e. someone who has been in the spy sector." Further reading: Australia Set To Spy on WhatsApp Messages With Encryption Law.

UPDATE: The encryption bill has passed the Senate with a final vote of 44-12, with Labor and the Coalition voting for it. "Australia's security and intelligence agencies now have legal authority to force encryption services to break the encryptions, reports The Guardian. Story is developing...

An anonymous reader quotes the Los Angeles Times: Jerry Brown closed his climate summit in San Francisco on Friday with a dramatic announcement: California will launch its own satellite into orbit to track and monitor the formation of pollutants that cause climate change. "With science still under attack and the climate threat growing, we're launching our own damn satellite," Brown said in prepared remarks. "This groundbreaking initiative will help governments, businesses and landowners pinpoint -- and stop -- destructive emissions with unprecedented precision, on a scale that's never been done before...."

The state will develop the satellite with the San Francisco-based Earth-imaging firm Planet Labs, a company founded by former NASA scientists in 2010. The state may ultimately launch multiple satellites into space, according to the governor's office.... Robbie Schingler, co-founder of Planet Labs, said the project will inform "how advanced satellite technology can enhance our ability to measure, monitor, and ultimately, mitigate the impacts of climate change..." Brown's announcement came in quickly delivered remarks at the close of the three-day gathering and received a standing ovation from many in the audience.
Governors from 17 states (and from both political parties) also pledged to spend $1.4 billion to lower auto emissions, using money from Volkwagen's legal settlement over falsifying clean-air performance data. New York City also announced that its pension fund would invest $4 billion in companies offering climate change solution over the next three years.

And 26 states, cities and businesses said they'd procure non-polluting vehicle fleets by 2030, while ChargePoint and EV Box pledged to build 3.5 million new charging stations around the world.

Recently the Palm Beach Post noted that 20% of the academic credit awarded at Florida Atlantic University is for online courses. So how can they stop cheaters? Where once it was enough for a professor to roam the aisles of a classroom, checking for cheat sheets and keeping an eye out for students signaling one another, proctoring today's tests often requires web cams and biometric IDs. A field of more than a dozen test-proctoring services has emerged in the past decade. Typically, the company gets some sort of visual on the test taker via a web cam and then asks the student to show the camera his or her ID. Other security layers can include software that recognizes faces or even keystroking patterns. The next step is to monitor the student during the test. In the online proctoring world, that is done in one of three ways:

* A remote but live proctor who watches in real time.
* A record-and-review method in which a proctor watches the testing session, but not in real time.
* An automated system, in which the software is programmed to spot abnormalities and flag them.
Honorlock -- one of the record-and-review outfits -- expected to proctor roughly 100,000 tests in the 2017-2018 school year, and promises schools that their solution also searches the web for copies of the test and automatically files takedown notices for any leaked copies, according to a link shared by Slashdot reader Presto Vivace. Besides filming students during tests, it also includes patented technology that "detects and prevents searching for test answers online from any secondary device." And it even verifies the identity of test takers using "any government issued" i.d. (like a driver's license or passport) or student ID which includes a photo.

One student complained on Reddit that "This seems crazy invasive and should probably be illegal," adding "is there anything passive aggressive you want me to say into the mic?" But what do Slashdot readers think? Should professors be remotely detecting searches on handheld devices, using photo IDs to verify identities -- and filming students taking tests?

Earlier this week, Emmanuel Macron, President of France, pledged to spend $1.9 billion over the next five years and allow expanded data-sharing to help make France a leader in artificial intelligence. In an interview with Wired, Emmanuel Macron, President of France, explained why he is making big investments to bring France into the "winner takes all" race with the U.S. and China on artificial intelligence. An interesting quote, "At some point, as citizens, people will say, 'I want to be sure that all of this personal data is not used against me, but used ethically, and that everything is monitored. I want to understand what is behind this algorithm that plays a role in my life." An excerpt from the story: AI will raise a lot of issues in ethics, in politics, it will question our democracy and our collective preferences. For instance, if you take healthcare: you can totally transform medical care making it much more predictive and personalized if you get access to a lot of data. We will open our data in France. I made this decision and announced it this afternoon. But the day you start dealing with privacy issues, the day you open this data and unveil personal information, you open a Pandora's Box, with potential use cases that will not be increasing the common good and improving the way to treat you.

In particular, it's creating a potential for all the players to select you. This can be a very profitable business model: this data can be used to better treat people, it can be used to monitor patients, but it can also be sold to an insurer that will have intelligence on you and your medical risks, and could get a lot of money out of this information. The day we start to make such business out of this data is when a huge opportunity becomes a huge risk. It could totally dismantle our national cohesion and the way we live together. This leads me to the conclusion that this huge technological revolution is in fact a political revolution.

According to The Verge, Facebook hired a full-time pollster to track Mark Zuckerberg's approval ratings last year as the young CEO was making his 50-state tour across the country. The pollster, Tavis McGinn, reportedly "decided to leave the company after only six months after coming to believe that Facebook had a negative effect on the world." From the report: It was April, and Facebook was caught up in the fallout of the 2016 U.S. presidential election. After initially discounting the possibility that fake news had contributed to Donald Trump's victory, Facebook acknowledged that Russia-linked groups had spent more than $100,000 on political advertising. Zuckerberg undertook a nationwide listening tour modeled after a modern political campaign. McGinn would fill another role common to political campaigns: leading an ongoing poll operation dedicated to tracking minute changes in Zuckerberg's public perception. "It was a very unusual role," McGinn says. "It was my job to do surveys and focus groups globally to understand why people like Mark Zuckerberg, whether they think they can trust him, and whether they've even heard of him. That's especially important outside of the United States."

McGinn tracked a wide range of questions related to Zuckerberg's public perception. "Not just him in the abstract, but do people like Mark's speeches? Do they like his interviews with the press? Do people like his posts on Facebook? It's a bit like a political campaign, in the sense that you're constantly measuring how every piece of communication lands. If Mark's doing a barbecue in his backyard and he hops on Facebook Live, how do people respond to that?" Facebook worked to develop an understanding of Zuckerberg's perception that went beyond simple "thumbs-up" or "thumbs-down" metrics, McGinn says. "If Mark gives a speech and he's talking about immigration and universal health care and access to equal education, it's looking at all the different topics that Mark mentions and seeing what resonates with different audiences in the United States," he says. "It's very advanced research."

An anonymous reader quotes CNN: The U.S. military command that is charged with protecting the airspace for North America is on alert this Christmas weekend for a man with a white beard and a red suit. The North American Aerospace Defense Command (NORAD) is tracking a sleigh and eight tiny reindeer around the world as it heads for U.S. airspace Sunday night. The public can access NORAD's official Santa Tracker to watch Santa Claus' voyage... [NOTE: The site will request access to your physical location before revealing Santa's whereabouts...]

The public can also call 1-877-HI-NORAD (1-877-446-6723) and speak live with NORAD trackers. People stuck in the car on the way to Grandmother's house, and with an OnStar subscription, can access the tracker by hitting their OnStar button... Marine Col. Bob Brodie of the 601st Air Operations Center said fighter jets will "fly along (Santa's) wing" in a "close escort," and that the center will "monitor him with our satellites and even have infrared trackers to follow Rudolph."
CNN reports NORAD first began tracking Santa in 1955 when a Sears ad misprinted the telephone number for children to call for updates on Mr. Claus's progress. "On December 24, 1955, Air Force Col. Harry Shoup was on duty, and instead of hanging up on countless children that night, Shoup checked the radar and updated the eager children on jolly old Saint Nick's location." But Gizmodo reports a different origin story: that one child had simply dialed the number incorrectly (in November), and weeks later that gave NORAD the idea for "one of the most successful military PR campaigns of the last century."

This year fifteen of the children's calls to NORAD were remotely answered by President Trump and first lady Melania.

Citizen Lab has been studying information controls since 2001, and this week their director -- a Toronto political science professor -- revealed how governments (including Ethiopia's) are using powerful commercial spyware. Slashdot reader mspohr shared their report: We monitored the command and control servers used in the campaign and in doing so discovered a public log file that the operators mistakenly left open... We were also able to identify the IP addresses of those who were targeted and successfully infected: a group that includes journalists, a lawyer, activists, and academics... Many of the countries in which the targets live -- the United States, Canada, and Germany, among others -- have strict wiretapping laws that make it illegal to eavesdrop without a warrant... Our team reverse-engineered the malware used in this instance, and over time this allowed us to positively identify the company whose spyware was being employed by Ethiopia: Cyberbit Solutions, a subsidiary of the Israel-based homeland security company Elbit Systems. Notably, Cyberbit is the fourth company we have identified, alongside Hacking Team, Finfisher, and NSO Group, whose products and services have been abused by autocratic regimes to target dissidents, journalists, and others...

Remarkably, by analyzing the command and control servers of the cyber espionage campaign, we were also able to monitor Cyberbit employees as they traveled the world with infected laptops that checked in to those servers, apparently demonstrating Cyberbit's products to prospective clients. Those clients include the Royal Thai Army, Uzbekistan's National Security Service, Zambia's Financial Intelligence Centre, and the Philippine president's Malacañang Palace. Outlining the human rights abuses associated with those government entities would fill volumes.... Governments like Ethiopia no longer depend on their own in-country advanced computer science, engineering, and mathematical capacity in order to build a globe-spanning cyber espionage operation. They can simply buy it off the shelf from a company like Cyberbit. Thanks to companies like these, an autocrat whose country has poor national infrastructure but whose regime has billions of dollars, can order up their own NSA. To wit: Elbit Systems, the parent company of Cyberbit, says it has a backlog of orders valuing $7 billion.
Reached for comment, Cyberbit said they were not responsible with what others do with their software, arguing that "governmental authorities and law enforcement agencies are responsible to ensure that they are legally authorized to use the products in their jurisdictions."

An anonymous reader writes: Since mid-September, a new IoT botnet has grown to massive proportions. Codenamed IoT_reaper, researchers estimate its current size at nearly two million infected devices. According to researchers, the botnet is mainly made up of IP-based security cameras, routers, network-attached storage (NAS) devices, network video recorders (NVRs), and digital video recorders (DVRs), primarily from vendors such as Netgear, D-Link, Linksys, GoAhead, JAWS, Vacron, AVTECH, MicroTik, TP-Link, and Synology.

The botnet reuses some Mirai source code, but it's unique in its own right. Unlike Mirai, which relied on scanning for devices with weak or default passwords, this botnet was put together using exploits for unpatched vulnerabilities. The botnet's author is still struggling to control his botnet, as researchers spotted over two million infected devices sitting in the botnet's C&C servers' queue, waiting to be processed. As of now, the botnet has not been used in live DDoS attacks, but the capability is in there.
Today is the one-year anniversary of the Dyn DDoS attack, the article points out, adding that "This week both the FBI and Europol warned about the dangers of leaving Internet of Things devices exposed online."

An anonymous reader shares a report: Google is turning Drive into a much more robust backup tool. Soon, instead of files having to live inside of the Drive folder, Google will be able to monitor and backup files inside of any folder you point it to. That can include your desktop, your entire documents folder, or other more specific locations. The backup feature will come out later this month, on June 28th, in the form of a new app called Backup and Sync. In some other news, Box announced on Wednesday desktop apps for its storage service.

The functionality of Google Maps is expanding to include air pollution levels. Depending on where you live, you will soon be able to see the specific air quality in your neighborhood. Oakland, California is the first city to have air quality information, but data should be released soon for the Los Angeles and Central Valley regions of California. Android Authority reports: In a blog post, Google says it has been working with the Environmental Defense Fund (EDF) and Aclima since 2015 on this project. Google Street View cars were equipped with devices from Aclima to monitor the levels of nitric oxide (NO), nitrogen dioxide (NO2) and black carbon in the city of Oakland, California. You can now see those modified Google Maps on the EDF website. The Google Maps that have this information show how pollution levels can change in Oakland based on specific locations, street activity, and more. The idea is that posting this data in an easy visual way will assist communities to campaign for better air quality standards in their neighborhoods to their local and state governments.

Facebook will add 3,000 more people to its community team to review videos on the social network, says CEO Mark Zuckerberg, after several surfaced in recent weeks including a father livestreaming the killing of his daughter. From a report: In a statement published to Facebook on Wednesday, Zuckerberg says it is "heartbreaking" to see videos streamed or posted to the platform showing users "hurting themselves or others." He says 4,500 employees currently work on the community team reviewing reports on videos, and will add 3,000 over the next year. "If we're going to build a safe community, we need to respond quickly," said Zuckerberg. "We're working to make these videos easier to report so we can take the right action sooner -- whether that's responding quickly when someone needs help or taking a post down." Will Oremus, reporter at Slate said, "I asked Facebook whether the 3,000 new content-moderation jobs will be employees or contractors. The company declined to comment."

The International Potato Center (CIP) has launched a series of experiments to discover if potatoes can grow under Mars' atmospheric conditions, as well as under extreme conditions on Earth. The CIP placed a potato inside a "specially constructed CubeSat contained environment" that simulates Mars temperature, air pressure, oxygen and carbon dioxide levels. They then used sensors and live-streaming cameras to record the soil and monitor the status of the potato. Preliminary results are positive as cameras inside the container show sprouts. Phys.Org reports: "We have been looking at the very dry soils found in the southern Peruvian desert. These are the most Mars-like soils found on Earth." Chris McKay of NASA ARC. "This [research] could have a direct technological benefit on Earth and a direct biological benefit on Earth," says Chris McKay of NASA ARC. From the initial experiment, CIP scientists concluded that future Mars missions that hope to grow potatoes will have to prepare soil with a loose structure and nutrients to allow the tubers to obtain enough air and water to allow it to tuberize. "It was a pleasant surprise to see that potatoes we've bred to tolerate abiotic stress were able to produce tubers in this soil," Amoros said. He added that one of the best performing varieties was very salt-tolerant from the CIP breeding program for adaptation to subtropical lowlands with tolerance to abiotic stress that was also recently released as a variety in Bangladesh for cultivation in coastal areas with high soil salinity. Amoros noted that whatever their implications for Mars missions, the experiments have already provided good news about potato's potential for helping people survive in extreme environments on Earth.

Facebook is working on automatically flagging offensive material in live video streams, building on a growing effort to use artificial intelligence to monitor content, said Joaquin Candela, the company's director of applied machine learning. Reuters added: The social media company has been embroiled in a number of content moderation controversies this year, from facing international outcry after removing an iconic Vietnam War photo due to nudity, to allowing the spread of fake news on its site. Facebook has historically relied mostly on users to report offensive posts, which are then checked by Facebook employees against company "community standards." Decisions on especially thorny content issues that might require policy changes are made by top executives at the company. Candela told reporters that Facebook increasingly was using artificial intelligence to find offensive material. It is "an algorithm that detects nudity, violence, or any of the things that are not according to our policies," he said.

Beginning next year, internet service providers in the UK will send email notifications to subscribers whose connections have been allegedly used to download copyright infringing content. In what is an attempt to curtail piracy rates, these alerts would try to educate those who pirate about legal alternates. TorrentFreak adds: Mimicking its American counterpart, the copyright alert program will monitor the illegal file-sharing habits of UK citizens with a strong focus on repeat infringers. The piracy alerts program is part of the larger Creative Content UK (CCUK) initiative which already introduced several anti-piracy PR campaigns, targeted at the general public as well as the classroom. The plan to send out email alerts was first announced several years ago when we discussed it in detail, but it took some time to get everything ready. This week, a spokesperson from CCUK's "Get it Right From a Genuine Site" campaign informed us that it will go live in first few months of 2017. It's likely that ISPs and copyright holders needed to fine-tune their systems to get going, but the general purpose of the campaign remains the same.

Researchers at Imperial College London have developed a USB stick that can measure the presence and amount of HIV in a person's blood in under 30 minutes and with 95% accuracy. The USB stick should help make testing easier in places like sub-Saharan Africa, where HIV is a serious problem and where many people live in rural regions hours or days travel away from hospitals or clinics. Also, traditional HIV testing can take days to show results, whereas the USB stick can show results in minutes. Quartz reports: The new diagnostic tool, co-created by the university and biotech company DNA Electronics, requires simply putting a single drop of blood onto a designated spot on the USB stick. The device contains a mechanism that can detect if there's any HIV genetic material -- RNA -- in the drop of blood, and if so, how much. Then, when the stick is connected to a laptop or handheld device, the data are automatically delivered to an app where the patient can quickly read his or her results. One of the most effective HIV treatments currently, called anti-retroviral treatment, reduces virus levels to near zero. However, in some cases, the virus may develop a resistance to medication or therapy, causing the virus to resurface. To catch such developments early, patients can use the devices for monitoring purposes. "The disposable test could be used by HIV patients to monitor their own treatment and help patients in remote regions of the world, where more standard HIV tests are inaccessible," the authors of the study write. For now, it's still in the proof-of-concept stage, and years away from hitting the market.

You asked, he answered!

VideoLan President and Lead Developer of VLC Jean-Baptiste Kempf has responded to questions submitted by Slashdot readers. Read on to find out about the upcoming VideoLAN projects; how they keep VLC sustainable; what are some mistakes they wish they hadn't made; and what security challenges they face, among others!

"We can now hack the monitor and you shouldn't have blind trust in those pixels coming out of your monitor..." a security researcher tells Motherboard. "If you have a monitor, chances are your monitor is affected." An anonymous Slashdot reader quotes Motherboard's article: if a hacker can get you to visit a malicious website or click on a phishing link, they can then target the monitor's embedded computer, specifically its firmware...the computer that controls the menu to change brightness and other simple settings on the monitor. The hacker can then put an implant there programmed to wait...for commands sent over by a blinking pixel, which could be included in any video or a website. Essentially, that pixel is uploading code to the monitor. At that point, the hacker can mess with your monitor...

[T]his could be used to both spy on you, but also show you stuff that's actually not there. A scenario where that could dangerous is if hackers mess with the monitor displaying controls for a power plant, perhaps faking an emergency. The researchers warn that this is an issue that could potentially affect one billion monitors, given that the most common brands all have processors that are vulnerable...
"We now live in a world where you can't trust your monitor," one researcher told Motherboard, which added "we shouldn't consider monitors as untouchable, unhackable things."

An anonymous reader writes from a report via The Guardian: Director Oliver Stone talked to whistleblower Edward Snowden in front of an audience at a question and answer session on Thursday evening. He compared Snowden's anxiety over his own appearance in his Snowden biopic film "Snowden" to that of Donald Trump, who was cut from one of his films six years before. Snowden replied: "I'd like to avoid that association." At the event, Snowden did also shed some light on his personal life, years after his revelation of the NSA's secret surveillance of the American public's internet activity resulted in criminal charges under the Espionage Act that led to his exile in Russia. "I can confirm that I am not living in a box," Snowden said. "I actually live a surprisingly free life. This was not the most likely outcome. I didn't actually expect to make it out of Hawaii. I thought it was incredibly risky. I had a lot of advantages in doing what I did; I worked for the CIA on the human intelligence side, I worked for the NSA on the signals intelligence side, and I taught counterintelligence. This is not something that's covered that well in the media. I was about as well placed as anybody could be, and I still thought I was going to get rolled up at the airport and that there were going to be knocks on the doors of the journalists." When asked what he thought about Gordon-Levitt's performance in the film where he plays Edward Snowden, Snowden responded: "This is one of the things that's kind of crazy and surreal about this kind of experience: I don't think anybody looks forward to having a movie made about themselves, especially someone who is a privacy advocate. Some of my family members have said, 'He sounds just like you!' I can't hear it myself but if he can pass the family test he's doing all right." Snowden agreed to participate on the film because he thought it could raise awareness in ways his own advocacy could not. Snowden was also in the news recently for developing a way for potentially imperiled smartphone users to monitor whether their devices are making any potentially compromising radio transmissions.

Reader kheldan questions the need for a Smart TV (edited for clarity): Yesterday we read about how Samsung is planning on 'upgrading' the firmware in its smart TVs so that it could inject ads into your video streams. This raises the question yet again: Why do you even need a 'smart TV' in the first place? We live in an age where media-center computers and DVRs are ubiquitous, and all your TV really needs to be is a high-def monitor to connect to these devices. Even many smartphones have HDMI connectivity, and a Raspberry Pi is inexpensive and can play 1080 content at full framerate. None of these devices are terribly expensive anymore, and the price jump from a non-smart TV to a smart TV makes it difficult to justify the expense. Also, remember previous articles posted on the subject of surveillance many of these smart TVs have been found guilty of. So I put it to you, denizens of Slashdot: Why does anyone really want a 'smart TV'?

HughPickens.com writes: More than one million Americans live with Type 1 diabetes, an autoimmune condition in which the pancreas stops producing insulin, a hormone needed to turn sugar into energy. Now Kate Linebaugh writes at the WSJ that Jason Calabrese, a software engineer, followed instructions that had been shared online to hack an old insulin pump so it could automatically dose the hormone in response to his son's blood-sugar levels. The Calabreses aren't alone. More than 50 people have soldered, tinkered and written software to make such devices for themselves or their children. Initially, Calabrese worried about the safety of the do-it-yourself project. He built it over two months, and spent weeks testing. At first, he only tried it out on his son on weekends and at night. Once it performed well enough, he said it felt irresponsible not to use it on his 9-year-old son. "Diabetes is dangerous anyway. Insulin is dangerous. I think what we are doing is actually improving that and lowering the risk," says Calabrese. The home-built project that the Calabreses followed is known as OpenAPS. The only restriction of the project is users have to put the system together on their own. As long as the people tinkering with their insulin pumps aren't selling or distributing them, the FDA doesn't have a legal means to stop it. The system involves an outdated insulin pump that communicates with a small radio stick connected to a continuous glucose monitor, a computer motherboard and a battery pack. It is an outgrowth of another open-source project where caregivers developed software to remotely monitor blood-sugar levels. The size of the homemade system varies, and the one that Calabrese carries has come down from the size of a small shoebox to that of a headphone case. He wears his insulin pump and glucose monitor on his belt. "It is clearly for people who have some expertise in computer programming," says Bruce Buckingham. "What it shows is that people are anxious to get something going."