Privacy

Sweden Accidentally Leaks Personal Details of Nearly All Citizens (thehackernews.com) 200

An anonymous reader quotes a report from The Hacker News: Swedish media is reporting of a massive data breach in the Swedish Transport Agency (Transportstyrelsen) after the agency mishandled an outsourcing deal with IBM, which led to the leak of the private data about every vehicle in the country, including those used by both police and military. The data breach exposed the names, photos and home addresses of millions of Swedish citizen, including fighter pilots of Swedish air force, members of the military's most secretive units, police suspects, people under the witness relocation program, the weight capacity of all roads and bridges, and much more. The incident is believed to be one of the worst government information security disasters ever.

In 2015, the Swedish Transport Agency hand over IBM an IT maintenance contract to manage its databases and networks. However, the Swedish Transport Agency uploaded IBM's entire database onto cloud servers, which covered details on every vehicle in the country, including police and military registrations, and individuals on witness protection programs. The transport agency then emailed the entire database in messages to marketers that subscribe to it. And what's terrible is that the messages were sent in clear text. When the error was discovered, the transport agency merely thought of sending a new list in another email, asking the subscribers to delete the old list themselves.

The Military

Top US General Warns Against Rogue Killer Robots (thehill.com) 159

Long-time Slashdot reader Zorro quotes The Hill: The second-highest-ranking general in the U.S. military last Tuesday warned lawmakers against equipping the armed forces with autonomous weapons systems... Gen. Paul Selva warned lawmakers that the military should keep "the ethical rules of war in place lest we unleash on humanity a set of robots that we don't know how to control. I don't think it's reasonable for us to put robots in charge of whether or not we take a human life," Selva told the committee.
There's already a Defense Department directive that requires humans in the decision-making process for lethal autonomous weapons systems. But it expires later this year...
The Military

The US Army Wants Distributed Bot Swarms And An 'Internet of Battlefield Things' (defenseone.com) 87

turkeydance shares a new report about the U.S. Army Research Lab: In the coming months, the Lab will fund new programs related to highly (but not fully) autonomous drones and robots that can withstand adversary electronic warfare operations... A second program called the Internet of Battlefield Things seeks to put to military use "the research that's going on in the commercial space" on distributed sensors and Internet-connected devices... One thrust will be equipping drones and other autonomous systems with bigger brains and better networking so that they can function even when an enemy jams their ability to radio back to a human controller for direction... "When you don't have bandwidth, when you're under cyber attack, when you're being jammed. That's the problem we're trying to address."
The lab's director also says they want "as much processing as possible on the node" so it can continue functioning in "contested environments."
The Military

The US And Australia Are Testing Hypersonic Missiles (engadget.com) 99

schwit1 quotes Engadget: Both the U.S. and Australia have confirmed that they recently completed a series of mysterious hypersonic missile tests. All the countries will say is that the flights were successful, and that they represented "significant milestones" in testing everything from the design assembly to the control mechanisms. They won't even say which vehicles were used or how quickly they traveled, although past tests have usually relied on Terrier Orion rockets and have reached speeds as high as Mach 8.

The tests are part of the long-running HIFiRE (Hypersonic International Flight Research Experimentation) program, whose first launch took place way back in 2009. They should help bring hypersonic flight to a "range of applications," according to HIFiRE partner BAE. That could easily include ultra-fast aircraft, but it's widely believed the focus here is on missiles and similar unmanned weapons. A hypersonic missile would fulfill the US military's goal of building a conventional weapon that can strike anywhere within an hour, and it would be virtually impossible to stop using existing missile defenses. In theory, enemy nations wouldn't dare attack if they knew they'd face certain retaliation within minutes.

Originally NASA was involved in the project, which has been ongoing for more than eight years. But it's timeline may have shortened after reports that foreign powers including Russia and China are already building their own hypersonic missiles.
China

Beijing Wants AI To Be Made In China By 2030 (nytimes.com) 169

Reader cdreimer writes: According to a report on The New York Times (may be paywalled, alternative story here): "If Beijing has its way, the future of artificial intelligence will be made in China. The country laid out a development plan on Thursday to become the world leader in A.I. by 2030, aiming to surpass its rivals technologically and build a domestic industry worth almost $150 billion. Released by the State Council, the policy is a statement of intent from the top rungs of China's government: The world's second-largest economy will be investing heavily to ensure its companies, government and military leap to the front of the pack in a technology many think will one day form the basis of computing. The plan comes with China preparing a multibillion-dollar national investment initiative to support "moonshot" projects, start-ups and academic research in A.I., according to two professors who consulted with the government about the effort."
The Military

Navy Unveils First Active Laser Weapon In Persian Gulf (cnn.com) 368

schwit1 shares a report from CNN: In the sometimes hostile waters of the Persian Gulf looms the U.S. Navy's first -- in fact, the world's first -- active laser weapon. The LaWS, an acronym for Laser Weapons System, is not science fiction. It is not experimental. It is deployed on board the USS Ponce amphibious transport ship, ready to be fired at targets today and every day by Capt. Christopher Wells and his crew. It costs "about a dollar a shot" to fire, said Lt. Cale Hughes, laser weapons system officer. LaWS begins with an advantage no other weapon ever invented comes even close to matching. It moves, by definition, at the speed of light. For comparison, that is 50,000 times the speed of an incoming ICBM. For the test, the USS Ponce crew launched the target -- a drone aircraft, a weapon in increasing use by Iran, North Korea, China, Russia and other adversaries. In an instant, the drone's wing lit up, heated to a temperature of thousands of degrees, lethally damaging the aircraft and sending it hurtling down to the sea. "It operates in an invisible part of the electromagnetic spectrum so you don't see the beam, it doesn't make any sound, it's completely silent and it's incredibly effective at what it does," said Hughes.
Security

US To Create the Independent US Cyber Command, Split Off From NSA (pbs.org) 103

An anonymous reader quotes a report from PBS: After months of delay, the Trump administration is finalizing plans to revamp the nation's military command for defensive and offensive cyber operations in hopes of intensifying America's ability to wage cyberwar against the Islamic State group and other foes, according to U.S. officials. Under the plans, U.S. Cyber Command would eventually be split off from the intelligence-focused National Security Agency. The goal, they said, is to give U.S. Cyber Command more autonomy, freeing it from any constraints that stem from working alongside the NSA, which is responsible for monitoring and collecting telephone, internet and other intelligence data from around the world -- a responsibility that can sometimes clash with military operations against enemy forces. Making cyber an independent military command will put the fight in digital space on the same footing as more traditional realms of battle on land, in the air, at sea and in space. The move reflects the escalating threat of cyberattacks and intrusions from other nation states, terrorist groups and hackers, and comes as the U.S. faces ever-widening fears about Russian hacking following Moscow's efforts to meddle in the 2016 American election.
Government

NATO Providing Cybersecurity Equipment To Ukraine (securityweek.com) 53

wiredmikey "Ukraine is an area of great geopolitical significance -- a sort of buffer zone between NATO and Russia -- that both sides seek to influence," reports SecurityWeek. "Crimea aside, neither side wishes to be too overt with military intervention, and the result is tailor-made for modern cyber warfare... NATO's official policy towards Ukraine is to bolster its independence." As a result, NATO is providing Ukraine with cybersecurity equipment for some government institutions and authorities, which NATO secretary general Jens Stoltenberg says will enable Ukraine to investigate who is behind certain cyber-attacks, because the response to them is extremely important.
Microsoft

Microsoft's Default Font Is at the Center Of a Government Corruption Case (thenextweb.com) 186

Calibri, a font that was created in 2004 and made default option on PowerPoint, Excel, Outlook, and WordPad by Microsoft in 2007, is currently sitting at the center of a corruption investigation involving Pakistan's Prime Minister, Nawaz Sharif. From a report: Accused of illegally profiting from his position since the 1990s, Sharif is now under investigation by the Joint Investigative Team -- a collective of Pakistani police, military, and financial regulators -- after a treasure trove of evidence surfaced with 2016's release of The Panama Papers. In a report obtained by Al Jazeera, investigators recommended a case be filed in the National Accountability Court after concluding there were "significant gap[s]" in Sharif's ability to account for his familial assets. [...] Sharif contends that neither he, nor his family, profited from his position of power, a denial that came under scrutiny today after his daughter and political heir apparent, Maryam Nawaz, produced documents from 2006 that prove her father's innocence. Unfortunately for the Nawaz family, type experts today confirmed the documents were written in Calibri, a font that wasn't available until 2007.
Security

Company Accused of Selling User Data Shuts Down After $104 Million Settlement (bleepingcomputer.com) 35

Catalin Cimpanu, reporting for BleepingComputer: The Federal Trade Commission has shut down the operator of a large network of online loan sites that promised to find people the loans with the lowest rates, but actually sold users' data to third-parties, most of which weren't even lenders. The target of FTC's ire is a company named Blue Global Media, LLC and its CEO, Christopher Kay, against which the FTC filed an official complaint last Monday, July 3. According to the FTC, since 2012 Blue Global Media operated a network of 38 websites that promised users to match them with the best payday, personal, or auto loans using Blue Global Media's proprietary technology. Hoping to find loans with the smaller interest rate and friendlier terms, users entered a slew of personal details on Blue Global Media's websites, such as names, email addresses, home addresses, phone numbers, Social Security numbers, financial and banking information, driver's license, state ID numbers, income data, military status, home ownership info, and many other more.
Space

Congressmen Propose a New Military Branch: The 'US Space Corps' (gizmodo.com) 228

An anonymous reader quotes Gizmodo: This week, the House Armed Services Committee voted 60 to 1 in favor of the creation of a new military branch to be called the United States Space Corps... The United States Space Corps would be the first new branch of the military since 1947, when the Air Force was formed. The current proposal would classify the USSC under the Air Force in a way that mirrors the Marines classification under the Navy. The Space Corps' chief of staff would be ranked as equal to the Air Force chief of staff and would report to the Secretary of the Air Force...

According to CNN, the Air Force's secretary and chief of staff are opposed to the plan. One reason is that we already have the Air Force Space Command and the military believes that the creation of the Space Corps would just cause more complications. Secretary Heather Wilson told reporters that "this will make it more complex, add more boxes to the organizational chart, and cost more money."

The bill charges the division of the military with providing "combat-ready space forces," though CNN adds "There are still plenty more congressional hoops for the Space Corps to jump through before it would become official. But, hey, at least the name sounds cool." And Gizmodo's reporter thoughtfully weighs the pro's and cons before concluding, "Yeah, this is probably stupid."
Encryption

The Pentagon Says It Will Start Encrypting Soldiers' Emails Next Year (vice.com) 63

An anonymous reader shares a Motherboard report: Basic decade-old encryption technology is finally coming to Pentagon email servers next year. For years, major online email providers such as Google and Microsoft have used encryption to protect your emails as they travel across the internet. That technology, technically known as STARTTLS, isn't a cutting edge development -- it's been around since 2002. But since that time the Pentagon never implemented it. As a Motherboard investigation revealed in 2015, the lack of encryption potentially left some soldiers' emails open to being intercepted by enemies as they travel across the internet. The US military uses its own internal service, mail.mil, which is hosted on the cloud for 4.5 million users. But now the Defense Information Systems Agency or DISA, the Pentagon's branch that oversees email, says it will finally start using STARTTLS within the year, according to a letter from DISA. DISA's promise comes months after Senator Ron Wyden (D-Oregon) said he was concerned that the agency wasn't taking advantage of "a basic, widely used, easily-enabled cybersecurity technology."
Education

Chicago To Make Future Plans a Graduation Requirement (thehill.com) 399

Chicago Mayor Rahm Emanual's recently approved plan will require high school students show their plans for the future before obtaining their diploma. "Students will soon have to show that they've secured a job or received a letter of acceptance to college, a trade apprenticeship, a gap year program or the military in order to graduate," reports The Hill. From the report: "We are going to help kids have a plan, because they're going to need it to succeed," Emanuel told the Post. "You cannot have kids think that 12th grade is done." But critics say the district may not be able to provide mentoring to help needy students when the rule takes effect in 2020. "It sounds good on paper, but the problem is that when you've cut the number of counselors in schools, when you've cut the kind of services that kids need, who is going to do this work?" Karen Lewis, president of the Chicago Teachers Union, told the Post. "If you've done the work to earn a diploma, then you should get a diploma. Because if you don't, you are forcing kids into more poverty."
Security

Should Kaspersky Lab Show Its Source Code To The US Government? (gizmodo.com) 182

Today the CEO of Kaspersky Lab said he's willing to show the company's source code to the U.S. government, testify before Congress, and even move part of his research work to the U.S. to dispel suspicious about his company. The Associated Press reports: Kaspersky, a mathematical engineer who attended a KGB-sponsored school and once worked for Russia's Ministry of Defense, has long been eyed suspiciously by his competitors, particularly as his anti-virus products became popular in the U.S. market. Some speculate that Kaspersky, an engaging speaker and a fixture of the conference circuit, kept his Soviet-era intelligence connections. Others say it's unlikely that his company could operate independently in Russia, where the economy is dominated by state-owned companies and the power of spy agencies has expanded dramatically under President Vladimir Putin. No firm evidence has ever been produced to back up the claims...

Like many cybersecurity outfits in the U.S. and elsewhere, some Kaspersky employees are former spies. Kaspersky acknowledged having ex-Russian intelligence workers on his staff, mainly "in our sales department for their relationship with the government sector." But he added that his company's internal network was too segregated for a single rogue employee to abuse it. "It's almost not possible," he said. "Because to do that, you have to have not just one person in the company, but a group of people that have access to different parts of our technological processes. It's too complicated." And he insisted his company would never knowingly cooperate with any country's offensive cyber operations.

A key Democrat on the Senate Armed Services Committee has told ABC that "a consensus in Congress and among administration officials that Kaspersky Lab cannot be trusted to protect critical infrastructure." Meanwhile, Slashdot reader Kiralan shares this article from Gizmodo noting Kaspersky Lab "has worked with both Moscow and the FBI in the past, often serving as a go-between to help the two governments cooperate." But setting the precedent of gaining trust through source code access is dangerous, as is capitulating to those demands. Russia has been making the same requests of private companies recently. Major technology companies like Cisco, IBM, Hewlett Packard Enterprise, McAfee, and SAP have agreed to give the Russian government access to "code for security products such as firewalls, anti-virus applications and software containing encryption," according to Reuters. Security firm Symantec pointedly refused to cooperate with Russian demands last week. "It poses a risk to the integrity of our products that we are not willing to accept," a Symantec spokesperson said in a statement.
Government

US Senators Seek Military Ban on Kaspersky Lab Products Amid FBI Probe (reuters.com) 96

An anonymous reader shares a report: U.S. senators sought on Wednesday to ban Moscow-based cyber security firm Kaspersky Lab's products from use by the military because of fears the company is vulnerable to "Russian government influence," a day after the FBI interviewed several of its U.S. employees as part of a probe into its operations. Federal Bureau of Investigation agents visited the homes of Kaspersky employees late on Tuesday in multiple U.S. cities, although no search warrants were served, according to two sources, who spoke on condition of anonymity because they were not authorized to discuss the FBI probe. Kaspersky Lab confirmed in a statement on Wednesday that FBI agents have had "brief interactions" with some of its U.S. employees, discussions that the company described as "due diligence" chats. The interviews were followed on Wednesday by the release of a defense spending policy bill passed by the Senate Armed Services Committee, which would prohibit the U.S. Defense Department from using Kaspersky software platforms because the company "might be vulnerable to Russian government influence," according to a summary of the legislation.
Space

Blue Origin To Build Its BE-4 Rocket Engine In Alabama, Creating Hundreds of Jobs (theverge.com) 53

Blue Origin has recently announced its plans to manufacture the company's new rocket engine, the BE-4, at a state-of-the-art facility in Huntsville, Alabama. According to The Verge, the benefits for Blue Origin are both practical and political. From the report: On the surface, it's a seemingly innocuous decision meant to capitalize on Huntsville's decades-long history of rocket development. The city is home to NASA's Marshall Space Flight Center, where the Saturn V rocket was developed and where NASA's future massive deep-space rocket, the Space Launch System, will also be worked on. Plus, many private space contractors are based in Huntsville, making spaceflight a key part of the city's economy and a huge jobs creator. It's why Huntsville has been nicknamed Rocket City. But the move is most likely motivated by politics as well, given Blue Origin's plans for the BE-4. The company ultimately hopes to use seven BE-4 engines to power its future massive rocket called the New Glenn, which is supposed to launch sometime before 2020. But that's not the only rocket that the BE-4 could fly on. The United Launch Alliance -- a company responsible for launching most of the satellites for the U.S. military -- is developing a new rocket called Vulcan, and it needs new U.S.-made engines for the vehicle. Blue Origin's move to Huntsville will supposedly generate 342 jobs at the new facility, with salaries averaging $75,000, reports The Verge. Given the city's history, the company should have no problem finding aerospace experts in the area. The only problem that could arise would be if ULA doesn't select the BE-4 as the Vulcan's main engine. "ULA is also considering a second option in case the BE-4 doesn't work out: an engine being developed by longtime manufacturer Aerojet Rocketdyne called the AR-1," reports The Verge. "Aerojet is only meant to be Plan B for ULA. But it has one advantage that Blue Origin didn't have until now: it's building its engine in Huntsville, Alabama -- and that comes with some very key political protection."
United Kingdom

Britain's Newest Warship Runs Windows XP, Raising Cyber Attack Fears (telegraph.co.uk) 302

Chrisq shares a report from The Telegraph: Fears have been raised that Britain's largest ever warship could be vulnerable to cyber attacks after it emerged it appears to be running the outdated Microsoft Windows XP. A defense source told The telegraph that some of the on-board hardware and software "would have been good in 2004" when the carrier was designed, "but now seems rather antiquated." However, he added that HMS Queen Elizabeth is due to be given a computer refit within a decade. And senior officers said they will have cyber specialists on board to defend the carrier from such attacks.
Businesses

Leaked Recording: Inside Apple's Global War On Leakers (theoutline.com) 81

Reader citadrianne writes: A recording of an internal briefing at Apple earlier this month obtained by The Outline sheds new light on how far the most valuable company in the world will go to prevent leaks about new products. The briefing, titled 'Stopping Leakers -- Keeping Confidential at Apple,' was led by Director of Global Security David Rice, Director of Worldwide Investigations Lee Freedman, and Jenny Hubbert, who works on the Global Security communications and training team. According to the hour-long presentation, Apple's Global Security team employs an undisclosed number of investigators around the world to prevent information from reaching competitors, counterfeiters, and the press, as well as hunt down the source when leaks do occur. Some of these investigators have previously worked at U.S. intelligence agencies like the National Security Administration (NSA), law enforcement agencies like the FBI and the U.S. Secret Service, and in the U.S. military. Top-notch reporting from The Outline, consider reading the full report. During the briefing, a company executive said they have been able to find two employees who leaked information to media.
The Military

Pentagon Cyberweapons 'Disappointing' Against ISIS (nytimes.com) 118

An anonymous reader quotes the New York Times: It has been more than a year since the Pentagon announced that it was opening a new line of combat against the Islamic State, directing Cyber Command, then six years old, to mount computer-network attacks... "In general, there was some sense of disappointment in the overall ability for cyberoperations to land a major blow against ISIS," or the Islamic State, said Joshua Geltzer, who was the senior director for counterterrorism at the National Security Council until March. "This is just much harder in practice than people think..."

Even one of the rare successes against the Islamic State belongs at least in part to Israel, which was America's partner in the attacks against Iran's nuclear facilities. Top Israeli cyberoperators penetrated a small cell of extremist bombmakers in Syria months ago, the officials said. That was how the United States learned that the terrorist group was working to make explosives that fooled airport X-ray machines and other screening by looking exactly like batteries for laptop computers... The information helped prompt a ban in March on large electronic devices in carry-on luggage on flights from 10 airports in eight Muslim-majority countries to the United States and Britain.

Citing military officials, the Times also reports that "locking Islamic State propaganda specialists out of their accounts -- or using the coordinates of their phones and computers to target them for a drone attack -- is now standard operating procedure."
The Almighty Buck

Air Force Budget Reveals How Much SpaceX Undercuts Launch Prices (arstechnica.com) 97

An anonymous reader quotes a report from Ars Technica: In 2014, the U.S. Government Accountability Office issued a report on cost estimates for the U.S. Air Force's program to launch national security payloads, which at the time consisted of a fleet of rockets maintained and flown entirely by United Launch Alliance (ULA). The report was critical of the non-transparent nature of ULA's launch prices and noted that the government "lacked sufficient knowledge to negotiate fair and reasonable launch prices" with the monopoly. At around the same time, the new space rocket company SpaceX began to aggressively pursue the opportunity to launch national security payloads for the government. SpaceX claimed to offer a substantially lower price for delivering satellites into various orbits around Earth. But because of the lack of transparency, comparing prices was difficult. The Air Force recently released budget estimates for fiscal year 2018, and these include a run out into the early 2020s. For these years, the budget combines the fixed price rocket and ELC contract costs into a single budget line. (See page 109 of this document). They are strikingly high. According to the Air Force estimate, the "unit cost" of a single rocket launch in fiscal year 2020 is $422 million, and $424 million for a year later. SpaceX sells basic commercial launches of its Falcon 9 rocket for about $65 million. But, for military launches, there are additional range costs and service contracts that add tens of millions of dollars to the total price. It therefore seems possible that SpaceX is taking a loss or launching at little or no profit to undercut its rival and gain market share in the high-volume military launch market. Elon Musk retweeted the article, adding "$300M cost diff between SpaceX and Boeing/Lockheed exceeds avg value of satellite, so flying with SpaceX means satellite is basically free."

Slashdot Top Deals