Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Bitcoin

Kim Dotcom Will Revive Megaupload, Linking File Transfers To Bitcoin Microtransactions (fortune.com) 10

Long-time Slashdot reader SonicSpike quotes an article from Fortune: The controversial entrepreneur Kim Dotcom said last month that he was preparing to relaunch Megaupload, the file-sharing site that U.S. and New Zealand authorities dramatically shut down in 2012, with bitcoins being involved in some way... This system will be called Bitcache, and Dotcom claimed its launch would send the bitcoin price soaring way above its current $575 value.

The launch of Megaupload 2.0 will take place on January 20, 2017, he said, urging people to "buy bitcoin while cheap, like right now, trust me..." Crucially, Dotcom said the Bitcache system would overcome bitcoin's scaling problems. "It eliminates all blockchain limitations," he claimed.

Every file transfer taking place over Megaupload "will be linked to a tiny Bitcoin micro transaction," Dotcom posted on Twitter. His extradition trial begins Monday, and he's asking the court to allow live-streaming of the trial "because of global interest in my case." Meanwhile, the FBI apparently let the registration lapse on the Megaupload domain, which they seized in 2012, and Ars Technica reports that the site is now full of porn ads.
EU

EU Copyright Reform Proposes Search Engines Pay For Snippets (thestack.com) 81

An anonymous Slashdot reader reports that the European Commission "is planning reforms that would allow media outlets to request payment from search engines such as Google, for publishing snippets of their content in search results." The Stack reports: The working paper recommends the introduction of an EU law that covers the rights to digital reproduction of news publications. This would essentially make news publishers a new category of rights holders under copyright law, thereby ensuring that "the creative and economic contribution of news publishers is recognized and incentivized in EU law, as it is today the case for other creative sectors."
Microsoft

Microsoft Lost a City Because They Used Wikipedia Data (theregister.co.uk) 71

"Microsoft can't tell North from South on Bing Maps," joked The Register, reporting that Microsoft's site had "misplaced Melbourne, the four-million-inhabitant capital of the Australian State of Victoria." Long-time Slashdot reader RockDoctor writes: Though they're trying to minimise it, the recent relocation of Melbourne Australia to the ocean east of Japan in Microsoft's flagship mapping application is blamed on someone having flipped a sign in the latitude given for the city's Wikipedia page. Which may or may not be true. But the simple stupidity of using a globally-editable data source for feeding a mapping and navigation system is ... "awesome" is (for once) an appropriate word.

Well, it's Bing, so at least no-one was actually using it.

"Bing's not alone in finding Australia hard to navigate," reports The Register. "In 2012 police warned not to use Apple Maps as it directed those seeking the rural Victorian town of Mildura into the middle of a desert."
Iphone

Apple Fixes Three Zero Days Used In Targeted Attack (onthewire.io) 50

Trailrunner7 quotes a report from On The Wire: Apple has patched three critical vulnerabilities in iOS that were identified when an attacker targeted a human rights activist in the UAE with an exploit chain that used the bugs to attempt to remotely jailbreak and infect his iPhone. The vulnerabilities include two kernel flaws and one in WebKit and Apple released iOS 9.3.5 to fix them.

The attack that set off the investigation into the vulnerabilities targeted Ahmed Mansoor, an activist living in the UAE. Earlier this month, he received a text message that included a link to what was supposedly new information on human rights abuses. Suspicious, Manor forwarded the link to researchers at the University of Toronto's Citizen Lab, who recognized what they were looking at. "On August 10 and 11, 2016, Mansoor received SMS text messages on his iPhone promising ;new secrets' about detainees tortured in UAE jails if he clicked on an included link. Instead of clicking, Mansoor sent the messages to Citizen Lab researchers. We recognized the links as belonging to an exploit infrastructure connected to NSO Group, an Israel-based 'cyber war' company that sells Pegasus, a government-exclusive "lawful intercept" spyware product," Citizen Lab said in a new report on the attack and iOS flaws.

Japan

Japanese Government Plans Cyber Attack Institute (thestack.com) 8

An anonymous reader quotes a report from The Stack: The government of Japan will create an institute to train employees to counter cyber attacks. The institute, which will be operational early next year, will focus on preventing cyber attacks on electrical systems and other infrastructure. The training institute, which will operate as part of Japan's Information Technology Promotion Agency (IPA), is the first center for training in Japan to focus on preventing cyber attacks.

A government source said that the primary aims will be preventing a large-scale blackout during the Tokyo Olympics and Paralympics in 2020, and stopping leaks of sensitive power plant designs. The source also stated that there is potential for a joint exercise in cyber awareness between the Japanese group and foreign cybersecurity engineers in the future.

Social Networks

'Social Media ID, Please?' Proposed US Law Greeted With Anger (computerworld.com) 155

The U.S. government announced plans to require some foreign travelers to provide their social media account names when entering the country -- and in June requested comments. Now the plan is being called "ludicrous," an "all-around bad idea," "blatant overreach," "desperate, paranoid heavy-handedness," "preposterous," "appalling," and "un-American," reports Slashdot reader dcblogs: That's just a sampling of the outrage. Some 800 responded to the U.S. request for comments about a proposed rule affecting people traveling from "visa waiver" countries to the U.S., where a visa is not required. This includes most of Europe, Singapore, Chile, Japan, South Korea, Australia and New Zealand... In a little twist of irony, some critics said U.S. President Obama's proposal for foreign travelers is so bad, it must have been hatched by Donald Trump.
"Travelers will be asked to provide their Twitter, Facebook, Instagram, LinkedIn, Google+, and whatever other social ID you can imagine to U.S. authorities," reports Computer World. "It's technically an 'optional' request, but since it's the government asking, critics believe travelers will fear consequences if they ignore it..."
Transportation

Domino's Will Deliver Pizza By Drone and By Robot (roboticstrends.com) 56

An anonymous Slashdot reader quotes CNN Money's report that "pizzas will soon be dropping from the heavens": Domino's demonstrated its ability to deliver food via a drone Thursday in New Zealand and plans to test actual deliveries to customers next month. "It doesn't add up to deliver a two kilogram package in a two-ton vehicle," said Scott Bush, a general manager for Domino's Pizza Enterprises, which is independent of the U.S. chain and operates in seven countries. "In Auckland, we have such massive traffic congestion it just makes sense to take to the airways."

A Domino's customer who requests a drone delivery will receive a notification when their delivery is approaching. After going outside and hitting a button on their smartphone, the drone will lower the food via a tether. Once the package is released, the drone pulls the tether back up and flies back to the Domino's store.

Robotics Trends has video from the flight, and reports that Domino's is also testing a pizza-delivering robot. Their Domino's Robotics Unit "has four wheels, is less than three feet tall, and has a heated compartment that can hold up to 10 pizzas. It can deliver pizzas within a 12.5-mile radius before needing to be recharged."
Democrats

US Patients Battle EpiPen Prices And Regulations By Shopping Online (cnn.com) 269

"The incredible increase in the cost of EpiPens, auto-injectors that can stop life-threatening emergencies caused by allergic reactions, has hit home on Capitol Hill," reports CNN. Slashdot reader Applehu Akbar reports that the argument "has now turned into civil war in the US Senate": One senator's daughter relies on Epi-Pen, while another senator's daughter is CEO of Mylan, the single company that is licensed to sell these injectors in the US. On the worldwide market there is no monopoly on these devices... Is it finally time to allow Americans to go online and fill their prescriptions on the world market?
Time reports some patients are ordering cheaper EpiPens from Canada and other countries online, "an act that the FDA says is technically illegal and potentially dangerous." But the FDA also has "a backlog of about 4,000 generic drugs" awaiting FDA approval, reports PRI, noting that in the meantime prices have also increased for drugs treating cancer, hepatitis C, and high cholesterol. In Australia, where the drug costs just $38, one news outlet reports that the U.S. "is the only developed nation on Earth which allows pharmaceutical companies to set their own prices."
Open Source

Linus Loves GPL, But Hates GPL Lawsuits (cio.com) 155

Long-time Slashdot reader sfcrazy writes: During LinuxCon, Torvalds was full of praise for GNU GPL: "The GPL ensures that nobody is ever going to take advantage of your code. It will remain free and nobody can take that away from you. I think that's a big deal for community management... FSF [Free Software Foundation] and I don't have a loving relationship, but I love GPL v2. I really think the license has been one of the defining factors in the success of Linux because it enforced that you have to give back, which meant that the fragmentation has never been something that has been viable from a technical standpoint."

And he thinks the BSD license is bad for everyone: "Over the years, I've become convinced that the BSD license is great for code you don't care about," Torvalds said.

But Linus also addressed the issue of enforcing the GPL on the Linux foundation mailing list when someone proposed a discussion of it at Linuxcon. "I think the whole GPL enforcement issue is absolutely something that should be discussed, but it should be discussed with the working title 'Lawyers: poisonous to openness, poisonous to community, poisonous to projects'... quite apart from the risk of loss in a court, the real risk is something that happens whether you win or lose, and in fact whether you go to court or just threaten: the loss of community, and in particular exactly the kind of community that can (and does) help. You lose your friends."
DRM

BitTorrent Cases Filed By Malibu Media Will Proceed, Rules Judge 49

Long-time Slashdot reader NewYorkCountryLawyer writes: In the federal court for the Eastern District of New York, where all Malibu Media cases have been stayed for the past year, the Court has lifted the stay and denied the motion to quash in the lead case, thus permitting all 84 cases to move forward.

In his 28-page decision (PDF), Magistrate Judge Steven I. Locke accepted the representations of Malibu's expert, one Michael Patzer from a company called Excipio, that in detecting BitTorrent infringement he relies on "direct detection" rather than "indirect detection", and that it is "not possible" for there to be misidentification.
The Internet

New SWEET32 Crypto Attacks Speed Up Deprecation of 3DES, Blowfish (threatpost.com) 43

Researchers "have devised a new way to decrypt secret cookies which could leave your passwords vulnerable to theft," reports Digital Trends. Slashdot reader msm1267 writes: New attacks revealed today against 64-bit block ciphers push cryptographic ciphers such as Triple-DES (3DES) and Blowfish closer to extinction. The attacks, known as SWEET32, allow for the recovery of authentication cookies from HTTPS traffic protected by 3DES, and BasicAUTH credentials from OpenVPN traffic protected by default by Blowfish.

In response, OpenSSL is expected to remove 3DES from its default bulid in 1.1.0, and lower its designation from High to Medium 1.0.2 and 1.0.1. OpenVPN, meanwhile, is expected to release a new version as well with a warning about Blowfish and new configuration advice protecting against the SWEET32 attacks. The researchers behind SWEET32 said this is a practical attack because collisions begin after a relatively short amount of data is introduced. By luring a victim to a malicious site, the attacker can inject JavaScript into the browser that forces the victim to connect over and over to a site they're authenticated to. The attacker can then collect enough of that traffic -- from a connection that is kept alive for a long period of time -- to recover the session cookie.

Emulation (Games)

ReactOS 0.4.2 Released: Supports Linux Filesystems, .NET Applications, and Doom 3 (reactos.org) 126

Continuing its rapid release cycle, ReactOS has unveiled version 0.4.2 of its free "open-source binary-compatible Windows re-implementation." Slashdot reader jeditobe reports that this new version can now read and write various Linux/Unix file systems like Btrfs and ext (and can read ReiserFS and UFS), and also runs applications like Thunderbird and 7-Zip. ReactOS 0.4.2 also features Cygwin support, .NET 2.0 and 4.0 application support, among other updated packages and revised external dependencies such as Wine and UniATA. The team also worked to improve overall user experience...

ReactOS is free. You can boot your desktop or laptop from it. It looks like Windows (a 10-year-old version, anyway), so you already know how to use it. And it'll run some Windows and DOS applications, maybe including DOS games that regular 64-bit Windows can no longer touch.
These videos even show ReactOS running Elder Scrolls: Skyrim and Doom 3.
Communications

Cybercriminals Select Insiders To Attack Telecom Providers (helpnetsecurity.com) 23

An anonymous reader quotes a report from Help Net Security: Cybercriminals are using insiders to gain access to telecommunications networks and subscriber data, according to Kaspersky Lab. In addition, these criminals are also recruiting disillusioned employees through underground channels and blackmailing staff using compromising information gathered from open sources...

According to Kaspersky Lab researchers, if an attack on a cellular service provider is planned, criminals will seek out employees who can provide fast track access to subscriber and company data or SIM card duplication/illegal reissuing. If the target is an Internet service provider, the attackers will try to identify the employees who can enable network mapping and man-in-the-middle attacks.

United States

HAARP Holds Open House To Dispel Rumors Of Mind Control (adn.com) 132

An anonymous Slashdot reader writes: HAARP -- the former Air Force/Navy/DARPA research program in Alaska -- will host an open house Saturday where "We hope to show people that it is not capable of mind control and not capable of weather control and all the other things it's been accused of..." said Sue Mitchell, spokesperson for the geophysical institute at the University of Alaska. "We hope that people will be able to see the actual science of it." HAARP, which was turned over to The University of Alaska last August, has been blamed for poor crop yields in Russia, with conspiracy theorists also warning of "a super weapon capable of mind control or weather control, with enough juice to trigger hurricanes, tornadoes and earthquakes."

The facility's 180 high-frequency antennas -- spread across 33 acres -- will be made available for public tours, and there will also be interactive displays and an unmanned aircraft 'petting zoo'. The Alaska Dispatch News describes it as "one of the world's few centers for high-power and high-frequency study of the ionosphere... important because radio waves used for communication and navigation reflect back to Earth, allowing long-distance, short-wave broadcasting."

Privacy

Eavesdropping On Tinder: Researcher Demonstrates Man-in-the-Middle Attacks (hert.org) 16

An anonymous Slashdot reader writes: Security expert Anthony Zboralski posted on HERT a social engineering attack for Tinder that lets you perform a man-in-the-middle attack against unsuspecting users. Zboralski says, "Not only we can eavesdrop on the conversation of two strangers, we can also change their reality." The attack can easily be extended to SMS, Whatsapp, iMessage and voice.
"At some point people exchange phone numbers and the Tinder convo stops. That's not a problem..." Zboralski explains, suggesting more ways to continue the man-in-the-middle exploits..

His article drew a response from Tinder, arguing they "employ several manual and automated mechanisms" to deter fake and duplicate profiles. But while they're looking for ways to improve, "ultimately, it is unrealistic for any company to positively validate the real-world identity of millions of users while maintaining the commonly expected level of usability."

Slashdot Top Deals