Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

How Hackers Broke Into John Podesta and Colin Powell's Gmail Accounts (

An anonymous reader quotes a report from Motherboard: On March 19 of this year, Hillary Clinton's campaign chairman John Podesta received an alarming email that appeared to come from Google. The email, however, didn't come from the internet giant. It was actually an attempt to hack into his personal account. In fact, the message came from a group of hackers that security researchers, as well as the U.S. government, believe are spies working for the Russian government. At the time, however, Podesta didn't know any of this, and he clicked on the malicious link contained in the email, giving hackers access to his account. The data linking a group of Russian hackers -- known as Fancy Bear, APT28, or Sofacy -- to the hack on Podesta is also yet another piece in a growing heap of evidence pointing toward the Kremlin. And it also shows a clear thread between apparently separate and independent leaks that have appeared on a website called DC Leaks, such as that of Colin Powell's emails; and the Podesta leak, which was publicized on WikiLeaks. All these hacks were done using the same tool: malicious short URLs hidden in fake Gmail messages. And those URLs, according to a security firm that's tracked them for a year, were created with Bitly account linked to a domain under the control of Fancy Bear. The phishing email that Podesta received on March 19 contained a URL, created with the popular Bitly shortening service, pointing to a longer URL that, to an untrained eye, looked like a Google link. Inside that long URL, there's a 30-character string that looks like gibberish but is actually the encoded Gmail address of John Podesta. According to Bitly's own statistics, that link, which has never been published, was clicked two times in March. That's the link that opened Podesta's account to the hackers, a source close to the investigation into the hack confirmed to Motherboard. That link is only one of almost 9,000 links Fancy Bear used to target almost 4,000 individuals from October 2015 to May 2016. Each one of these URLs contained the email and name of the actual target. The hackers created them with with two Bitly accounts in their control, but forgot to set those accounts to private, according to SecureWorks, a security firm that's been tracking Fancy Bear for the last year. Bitly allowed "third parties to see their entire campaign including all their targets -- something you'd want to keep secret," Tom Finney, a researcher at SecureWorks, told Motherboard. Thomas Rid, a professor at King's College who studied the case extensively, wrote a new piece about it in Esquire.
United States

Prosecutors Say Contractor Stole 50 Terabytes of NSA Data ( 34

An NSA contractor siphoned off dozens of hard drives' worth of data from government computers over two decades, prosecutors will allege on Friday. From a ZDNet report: The contractor, Harold T. Martin III, is also accused of stealing thousands of highly classified documents, computers, and other storage devices during his tenure at the agency. It's not known exactly what Martin allegedly stole, but a report from The New York Times on Wednesday suggests that the recently-leaked hacking tools used by the agency to conduct surveillance were among the stolen cache of files. Prosecutors will on Friday charge Martin with violating the Espionage Act. If convicted, he could face ten years in prison on each count. The charges, news of which was first reported by The Washington Post, outline a far deeper case than first thought, compared to the felony theft and a lesser misdemeanor charge of removal and retention of classified information revealed in an unsealed indictment last month.

Yahoo Wants To Know If FBI Ordered Yahoo To Scan Emails ( 75

Reader Trailrunner7 writes: In an odd twist to an already odd story, Yahoo officials have asked the Director of National Intelligence to confirm whether the federal government ordered the company to scan users' emails for specific terms last year and if so, to declassify the order. The letter is the result of news reports earlier this month that detailed an order that the FBI allegedly served on Yahoo in 2015 in an apparent effort to find messages with a specific set of terms. The stories allege that Yahoo complied with the order and installed custom software to accomplish the task. Yahoo officials said at the time the Reuters story came out that there is no such scanning system on its network, but did not say that the scanning software never existed on the network at all. "Yahoo was mentioned specifically in these reports and we find ourselves unable to respond in detail. Your office, however, is well positioned to clarify this matter of public interest. Accordingly, we urge your office to consider the following actions to provide clarity on the matter: (i) confirm whether an order, as described in these media reports, was issued; (ii) declassify in whole or in part such order, if it exists; and (iii) make a sufficiently detailed public and contextual comment to clarify the alleged facts and circumstances," the letter says.

All Tesla Vehicles Being Produced Now Have Full Self-Driving Hardware ( 167

An anonymous reader quotes a report from Jalopnik: All current Tesla models that will be produced in its Fremont, California factory will come with self-driving hardware built-in capable of Level 5 autonomy, including the upcoming Tesla Model 3, the company announced tonight. According to the announcement, Tesla will manufacture all of its cars with the hardware necessary for Level 5 self-driving systems going forward, including the Model S, Model X and new Model 3. At the introduction of the Model 3, it wasn't clear whether or not every Model 3 package would come standard with the hardware and software to handle Autopilot and any other self-driving features. That's been cleared up now, but there's a kicker. Just like on current Model S and Model X models, you can purchase the cars with the self-driving hardware included. But, in order to activate the software and actually use the Autopilot or upcoming advanced self-driving safety features, you will have to option it when you order the car, or pay more for it later. Elon Musk stated that the new hardware in all of Tesla's cars going forward are Tesla's own vision software, with a Tesla-developed neural net. The new hardware and software capabilities still need to undergo all of the testing required by Tesla's own standards, as well as government approval before unleashing Level 5 autonomous cars onto the streets.
The Internet

Ecuador Acknowledges Limiting Julian Assange's Web Access ( 403

Alexandra Valencia, reporting for Reuters: Ecuador's government acknowledged on Tuesday it had partly restricted internet access for Julian Assange, the founder of anti-secrecy group WikiLeaks who has lived in the South American country's London embassy since mid-2012. WikiLeaks said Assange lost connectivity on Sunday, sparking speculation Ecuador might have been pressured by the United States due to the group's publication of hacked material linked to U.S. Democratic presidential candidate Hillary Clinton. In a statement, Ecuador's leftist government said WikiLeaks' decision to publish documents impacting the U.S. election campaign was entirely its own responsibility, and the South American country did not cede to pressure from other nations. "In that respect, Ecuador, exercising its sovereign right, has temporarily restricted access to part of its communications systems in its UK Embassy," it added in a statement. "The Ecuador government respects the principle of non-intervention in other countries' affairs, it does not meddle in election processes underway, nor does it support any candidate specially."

Half of American Adults Are In a Face-Recognition Database ( 63

An anonymous reader quotes a report from Ars Technica: Half of American adults are in a face-recognition database, according to a Georgetown University study released Wednesday. That means there's about 117 million adults in a law enforcement facial-recognition database, the study by Georgetown's Center on Privacy and Technology says. The report (PDF), titled "The Perpetual Line-up: Unregulated Police Face Recognition in America," shows that one-fourth of the nation's law enforcement agencies have access to face-recognition databases, and their use by those agencies is virtually unregulated. Where do the mug shots come from? For starters, about 16 states allow the FBI to use facial recognition to compare faces of suspected criminals to their driver's licenses or ID photos, according to the study. "In this line-up," the study says, "it's not a human that points to the suspect -- it's an algorithm." The study says 26 states or more allow police agencies to "run or request searches" against their databases or driver's licenses and ID photos. This equates to "roughly one in two American adults has their photos searched this way," according to the study. Many local police agencies also insert mug shots of people they arrest into searchable, biometric databases, according to the report. According to the report, researchers obtained documents stating that at least five "major police departments," including those in Chicago, Dallas, and Los Angeles, "either claimed to run real-time face recognition off of street cameras, bought technology that can do so, or expressed an interest in buying it." The Georgetown report's release comes three months after the U.S. Government Accountability Office (GAO) concluded that the FBI has access to as many as 411.9 million images as part of its face-recognition database. The study also mentioned that the police departments have little oversight of their databases and don't audit them for misuse: "Maryland's system, which includes the license photos of over two million residents, was launched in 2011. It has never been audited. The Pinellas Country Sheriff's Office system is almost 15 years old and may be the most frequently used system in the country. When asked if his office audits searches for misuse, Sheriff Bob Gualtieri replied, "No, not really." Despite assurances to Congress, the FBI has not audited use of its face recognition system, either. Only nine of 52 agencies (17%) indicated that they log and audit their officers' face recognition searchers for improper use. Of those, only one agency, the Michigan State Police, provided documentation showing that their audit regime was actually functional."

Slashdot Asks: Do We Need To Plan For a Future Without Jobs And Should We Resort To Universal Basic Income? ( 877

Andy Stern (former president of the Service Employees International Union (SEIU), which today represents close to 2 million workers in the United States and Canada) has spent his career organizing workers. He has a warning for all of us: our jobs are really, really doomed. Stern adds that one of the only way outs of this is a universal basic income. Stern has been arguing about the need for a universal basic income (UBI) for more than a year now. Stern pointed out that people with college degrees are not making anywhere near the kind of progress that their parents made, and that it's not their fault. He adds: The possibility that you can end up with job security and retirement attached to it is statistically diminishing over time. The American dream doesn't have to be dead, but it is dying. All the resources and assets are available to make it real. It's just that we have a huge distribution problem. Unions and the government used to play an important part at the top of the market, but this is less true today. The market completely distributes toward those at the top. Unions simply aren't as effective in terms of their impact on the economy, and government has been somewhat on the sidelines in recent years.Making a case for the need of universal basic income, he adds:A universal basic income is essentially giving every single working-age American a check every month, much like we do with social security for elderly people. It's an unconditional stipend, as it were. The reason it's necessary is we're now learning through lots of reputable research that technological change is accelerating, and that this process will continue to displace workers and terminate careers. A significant number of tasks now performed by humans will be performed by machines and artificial intelligence. He warned that we could very well see five million jobs eliminated by the end of the decade because of technology. He elaborates: It looks like the Hunger Games. It's more of what we're beginning to see now: an enclave of extremely successful people at the center and then everyone else on the margins. There will be fewer opportunities in a hollowed out and increasingly zero-sum economy. If capital trumps labor, the people who own will keep getting wealthier and the people who supply labor will become less necessary. And this is exactly what AI and robotics and software are now doing: substituting capital for labor.What's your thoughts on this? Do you think in the next two-three decades to come we will have significantly fewer jobs than we do now?
The Almighty Buck

It's Entirely Reasonable For Police To Swipe a Suspicious Gift Card, Says Court ( 203

An anonymous reader quotes Ars Technica: A U.S. federal appeals court has found that law enforcement can, without a warrant, swipe credit cards and gift cards to reveal the information encoded on the magnetic stripe. It's the third such federal appellate court to reach this conclusion. Last week, the 5th U.S. Circuit Court of Appeals found in favor of the government in United States v. Turner, establishing that it was entirely reasonable for Texas police officers to scan approximately 100 gift cards found in a car that was pulled over at a traffic stop. Like the previous similar 8th Circuit case that Ars covered in June 2016, the defendants challenged the search of the gift cards as being unreasonable. (The second case was from the 3rd Circuit in July 2015, in a case known as U.S. v. Bah.) In this case, after pulling over the car and running the IDs of both men, police found that there was an outstanding warrant for the passenger, Courtland Turner. When Turner was told to get out of the car and was placed in the patrol car, the officer returned to the stopped car and noticed an "opaque plastic bag partially protruding from the front passenger seat," as if someone had tried to push it under the seat to keep it hidden. The cop then asked the driver, Broderick Henderson, what was in the bag. Henderson replied that they had bought gift cards. When the officer then asked if he had receipts for them, Henderson replied that they had "bought the gift cards from another individual who sells them to make money." Turner's lawyers later challenged the scanning, arguing that this "search" of these gift cards went against their client's "reasonable expectation of privacy," an argument that neither the district court nor the appellate court found convincing. The 5th Circuit summarized: "After conferring with other officers about past experiences with stolen gift cards, the officer seized the gift cards as evidence of suspected criminal activity. Henderson was ticketed for failing to display a driver's license and signed an inventory sheet that had an entry for 143 gift cards. Turner was arrested pursuant to his warrant. The officer, without obtaining a search warrant, swiped the gift cards with his in-car computer. Unable to make use of the information shown, the officer turned the gift cards over to the Secret Service. A subsequent scan of the gift cards revealed that at least forty-three were altered, meaning the numbers encoded in the card did not match the numbers printed on the card. The investigating officer also contacted the stores where the gift cards were purchased -- a grocery store and a Walmart in Bryan, Texas provided photos of Henderson and Turner purchasing gift cards."

Ethiopia's State of Emergency Makes Posting To Facebook a Crime ( 38

Due to anti-government protests occurring in the country, Ethiopia has declared a state of emergency that, among other things, makes it a crime to post updates on Facebook about the current status of the country. "The military command will take action on those watching and posting on these social media outlets," Siraj Fegessa, Ethiopia's minister of defense, said on state television. Those who violate the terms of the state of emergency may be subject to prison for up to five years. Quartz reports: Ethiopia's largest ethnic groups, the Oromo and the Amhara, are protesting what they see as the marginalization of their rights and freedoms by the ruling Ethiopian People's Revolutionary Democratic Front (EPRDF), dominated by the Tigray minority. After a week of intensified protests that left businesses and government property destroyed, prime minister Hailemariam Desalegn declared a state of emergency on Oct 9 for the next six months. Under the state of emergency, all expressions or communication that could incite violence have been banned, including the now famous protest gesture of raised hands, crossed at the wrist. Authorities can search and detain citizens without prior approval. Discussing issues with foreigners that could incite violence or communicating with groups deemed terrorists is also illegal.

Russia Today: NatWest To Close Russian Channel's UK Bank Accounts ( 129

According to the editor-in-chief of state-run broadcaster Russia Today (RT), NatWest bank froze its account. Margarita Simonyan said, "They've closed our accounts in Britain. All our accounts. 'The decision is not subject to review.' Praise be to freedom of speech!" The Guardian adds: Russia has angrily accused Britain of trampling on freedom of speech after NatWest said it was closing down the bank accounts of the Kremlin TV channel Russia Today (RT). Russian MPs, the foreign ministry and human rights officials all condemned the move, and said the UK government was guilty of violating press freedom and of double standards. Simonyan said she had received a letter out of the blue from NatWest saying that it was pulling the plug on the broadcaster's accounts from mid-December. "We have recently undertaken a review of your banking arrangements with us and reached the conclusion that we will no longer provide these facilities," it said.

Journalists Face Jail Time After Reporting on North Dakota Pipeline Protest ( 355

Investigative reporter and co-founder of Democracy Now!, Amy Goodman, is now facing riot charges in the state of North Dakota after her report on a Native American-led pipeline protest there went viral on Facebook. From a TechCrunch report:Democracy Now! issued a statement about the new charges against Goodman late Saturday. Goodman's story, posted to Facebook on September 4th, has been viewed more than 14 million times on the social media platform, Democracy Now! said, and was picked up by mainstream media outlets and networks including CBS, NBC, NPR, CNN, MSNBC and The Huffington Post. Additionally, documentary filmmaker Deia Schlosberg, is facing felony and conspiracy charges that could carry a 45-year sentence for filming at the protest, IndieWire reports.

The White House Open Sources President Obama's Facebook Messenger Bot To 'Bring the Gov't To You' ( 37

The White House has open sourced the code for President Obama's Facebook Messenger bot in a hope that this will help other governments and developers build similar services. These services will ideally foster similar connections with their citizens with significantly less upfront investment. From the official post: It's also an important part of furthering our mission to "meet the public where they are." Millions of people contact their friends and family using Facebook Messenger. Why shouldn't they be able to contact the White House, too? And President Obama really reads these messages. Since 2009, he's made it part of his daily routine to read 10 letters sent to him by citizens -- something he refers to as the best part of his day. [...] To be specific, we are open-sourcing a Drupal module, complete with easy steps and boiler plate code. This will enable Drupal 8 developers to quickly launch a Facebook Messenger bot. We also left a few lines in the repository describing our hopes for the future of the code and encouraging members of the developer community to get involved.

Google Reveals It Received Secret FBI Subpoena ( 60

An anonymous reader quotes a report from The Intercept: Google revealed Wednesday it had been released from an FBI gag order that came with a secret demand for its customers' personal information. The FBI secret subpoena, known as a national security letter, does not require a court approval. Investigators simply need to clear a low internal bar demonstrating that the information is "relevant to an authorized investigation to protect against international terrorism or clandestine intelligence activities." The national security letter issued to Google was mentioned without fanfare in Google's latest bi-annual transparency report, which includes information on government requests for data the company received from around the world in the first half of 2016. Google received the secret subpoena in first half of 2015, according to the report. An accompanying blog post titled "Building on Surveillance Reform," also identified new countries that made requests -- Algeria, Belarus, and Saudi Arabia among them -- and reveals that Google saw an increase in requests made under the Foreign Intelligence Surveillance Act. But Google in its short blog post did not publish the contents of the actual letter the way other companies, including Yahoo, have done in recent months. Asked about plans to release the national security letter, a Google spokesperson told The Intercept it will release it, though it wouldn't say when or in what form it will do so. Google hasn't previously published any national security letters, though it's possible gag orders for prior demands are still in place. It's also unclear why Google wouldn't immediately publish the document -- unless the gag is only partially lifted, or the company is involved in ongoing litigation to challenge the order, neither of which were cited as reasons for holding it back

Top Democrats Request FBI Investigation of Trump Campaign Ties To Russia Over Hacking ( 490

As the Trump campaign refuses to point blame at Russia for the DNC hacks, top democrats on four House committees are questioning possible connections between Donald Trump's presidential campaign and Russia. They have formally asked the FBI to investigate the matter, citing new comments from a Trump confidant. Politico reports: "Troubling new evidence appears to show that the Trump campaign not only was aware of cyber attacks against Secretary [Hillary] Clinton's campaign chairman, but was openly bragging about it as far back as August," said Reps. Elijah Cummings from Government Affairs, John Conyers from Judiciary, Eliot Engel from Foreign Affairs and Bennie Thompson from Homeland Security. "For months, we have been asking the FBI to examine links between the Trump campaign and illegal Russian efforts to affect our election, including interviewing Trump advisor Roger Stone," they said. "In light of this new evidence -- and these exceptional circumstances -- we call on the FBI to fully investigate and explain to the American people what steps it is taking to disrupt this ongoing criminal activity." Earlier this week Stone said that "I do have a back-channel communication with Assange," referring to WikiLeaks founder Julian Assange, whose organization has been dropping documents online from Hillary Clinton campaign chairman John Podesta, and has been unloading documents from other Democrats as well. U.S. intelligence agencies last week declared that a connection exists between Russia and allegedly hacked documents leaked by WikiLeaks and others.

Russia Builds Microwave Weapon To Take Down Enemy Drones ( 154

An anonymous reader writes: The Russian government is backing a military research project to develop a powerful microwave-based weapon designed to take out unmanned enemy drones from up to half a mile away. The country's United Instrument Manufacturing Corporation (UIMC) created the microwave gun specifically to disrupt the electronics of enemy missiles. Using the ultra-high frequency waves the weapon can completely disable aircraft communications, resulting in loss of control. The destructive rays, which belong to a group of warfare technologies known as directed-energy weapons (DEW), will be emitted from surface-to-air Buk missile systems. Military analyst Alexander Perendzhiyev noted that the new weapon would be particularly effective against systems carrying microelectronic equipment. He also suggested that the impact of the radio-electronic waves could even be deadly to humans -- and referred to potential use against terrorists.

Slashdot Top Deals