Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - FAA-2014-0396: Only a 8 more days to comment. (regulations.gov)

An anonymous reader writes: There's only 8 days left to comment on the FAA's proposed rule — (FAA 2014-0396) "The Interpretation of the Special Rule for Model Aircraft" — also known as the "Retribution for we lost the Trappy Case Interpretation" — to prevent the FAA from implementing draconian regulations on owners, flyers, and operators of radio control aircraft.

Submission + - Energy Firms in Europe, US Hit by Cyberattack (securityweek.com)

wiredmikey writes: Symantec said on Monday that it has identified malware targeting industrial control systems which could sabotage electric grids, power generators and pipelines. Known as the "Dragonfly group" or 'Energetic Bear', the attackers are believed to have been in operation since at least 2011. Initially, its targets were in the defense and aviation industry in the United States and Canada. In early 2013, it shifted its focus to energy firms in the U.S. and Europe.

The attacks on the energy sector began with malware sent via phishing emails to targeted personnel. Symantec observed the spear phishing attempts hitting organizations in the form of PDF attachments between February 2013 and June 2013, mostly targeting the US and UK. They emails were disguised as messages about administration issues such as delivery problems or issues with an account.

Later on, the group added watering hole attacks into its repertoire by compromising websites likely to be visited by people working in the industry and redirecting them to sites hosting an exploit kit known as Lightsout. The Lightsout kit has been upgraded over time, and eventually became known as the Hello exploit kit.

The third phase of the campaign involved the Trojanizing of legitimate software bundles belonging to three different industrial control system (ICS) equipment manufacturers using malware detected as Backdoor.Oldrea (Havex), according to Symantec's report (PDF). "The Dragonfly group is technically adept and able to think strategically," the researchers noted. "Given the size of some of its targets, the group found a “soft underbelly” by compromising their suppliers, which are invariably smaller, less protected companies."

Submission + - Secret state: the hidden world of governmental black sites (independent.co.uk)

An anonymous reader writes: To carry out the extraordinary rendition programme which was one of President George W Bush's answers to the 9/11 attacks, seizing suspects from the streets and spiriting them off to countries relaxed about torture, the CIA created numerous front companies: grinding through flight records and using the methods of a private detective, Paglen identified them, visiting and covertly photographing their offices and managers.

The men and women who carried out the rendition programme were equipped with fake identities: Paglen has made a collection of these people's unconvincing and fluctuating signatures, "people," as he puts it, "who don't exist because they're in the business of disappearing other people".

Submission + - Daniel Ellsberg criticizes Kerry for calling Snowden a coward and traitor (theguardian.com)

An anonymous reader writes: Daniel Ellsberg, the former Defence Department staff who leaked the Vietnam War Pentagon Papers to the New York Times has some harsh criticism of Kerry's recent call for Snowden to come back to USA and "man up".

"Nothing excuses Kerry's slanderous and despicable characterisations of a young man who, in my opinion, has done more than anyone in or out of government in this century to demonstrate his patriotism, moral courage and loyalty to the oath of office the three of us swore: to support and defend the Constitution of the United States," he concludes.

Submission + - Iran Behind 'Saffron Rose' Cyberespionage Campaign (fireeye.com)

Arthur Liberty writes: A group of Iranian hackers has been targeting American defense contractors since October 2013 in an elaborate and technically advanced campaign that American security researchers call "Operation Saffron Rose." The group behind Saffron Rose is Ajax Security Team, whose members are thought to have conducted politically-motivated website defacements for several years. The group's "graduation" from vandalism to espionage shows that Iranian actors in the cyber attack space are becoming more sophisticated.

Ajax Security Team uses a combination of fake login pages, phishing emails and custom-built malware to steal login credentials and other data. In one attack, the group targeted U.S.-based aerospace companies by creating a fake registration page for the 2014 IEEE Aerospace conference. Ajax Security Team then uses a Trojan Horse spyware called "Stealer." Stealer snoops on infected computers by keylogging, taking screenshots, gathering system information (IP addresses, usernames, hostnames, open ports, installed applications), collecting email and instant messaging information, and collecting browser-based information such as login credentials, browsing history, cookies and bookmarks.

For all its sophistication, Iranian fingerprints were not difficult to find as Stealer was set to Iran Standard Time (which is uniquely three and a half hours ahead of Greenwich Mean Time) and had a Persian-language setting.

Submission + - Why tech activists must become campaign finance reform activists (nathanmarz.com)

Funksaw writes: In a blog post called: 'Why we in tech must support Lawrence Lessig', former Twitter engineer Nathan Marz makes the argument that technological issues, such as net neutrality, broadband monopolies, and extended copyrights, can't be addressed until campaign finance reforms are enacted, and that initiatives such as Lawrence Lessig's Mayday PAC need to be supported. FTA:

This issue is so important and touches so many aspects of our society that I believe it's our duty as citizens to fight for change any way we can. We have to support people who are working day and night on this, who have excellent ideas on how to achieve reform.

Submission + - Sony Warns Demand for Blu-ray Diminishing Faster Than Expected (computerworld.com)

Lucas123 writes: Sony has warned investors that it expects to take a hit on expected earnings, due in part to the fact that demand for Blu-ray Disc media is contracting faster than anticipated. In two weeks, Sony will announce its financial results. The company expects to post a net loss. Sony's warning is in line with other industry indicators, such as a report released earlier this year by Generator Research showed revenue from DVD and Blu-ray sales will likely decrease by 38% over the next four years. By comparison, online movie revenue is expected to grow 260% from $3.5 billion this year to $12.7 billion in 2018, the report states. Paul Gray, director of TV Electronics & Europe TV Research at market research firm DisplaySearch, said consumers are now accustomed to the instant availability of online media, and "the idea of buying a physical copy seems quaint if you're under 25."

Submission + - Norway Is Gamifying Warfare By Driving Tanks With Oculus Rift (vice.com)

Daniel_Stuckey writes: Look at Norway, where the Army has started using Oculus Rift to drive tanks with increased visibility, according to the Norwegian TV station tu.no. Four VR cameras are mounted on the sides of the tank to give the soldier inside donning the headset a full 360 degree view of what's going on outside, like X-ray vision. Using cameras to "see through" a vehicle isn't a new concept; when the hatches are down tanks are notoriously hard to navigate. But the Oculus Rift dev kit is just a fraction of the price of traditional 360-degree camera equipment: Lockheed Martin's F-35 helmet for pilots can cost tens of thousands of dollars.

Submission + - Gary Kildall, Father of the PC OS, Finally Gets His Due

theodp writes: GeekWire reports that Gary Kildall, the creator of the landmark personal computer operating system CP/M, will be recognized posthumously by the IEEE for that contribution, in addition to his invention of BIOS, with a rare IEEE Milestone plaque. Kildall, who passed away in 1994 at the age of 52, has been called the man who could have been Bill Gates. But according to Kildall's son, his dad wasn't actually interested in being what Bill Gates became: "He was a real inventor," said Scott Kildall. "He was much more interested in creating new ideas and bringing them to the world, rather than being the one that was bringing them to market and leveraging a huge amount of profits. He was such a kind human being. He was always sharing his ideas, and would sit down with people and show flowcharts of what he was thinking. I think if he were around for the open-source movement, he would be such a huge proponent of it." Techies of a certain age will also remember Gary's work as a co-host of Computer Chronicles.

Submission + - History's 15 Most Popular Computer Scientists (itworld.com)

itwbennett writes: Researcher’s at MIT’s Media Lab have launched a new project called Pantheon, in which they attempt to quantify the cultural impact of people throughout time. Using data from Wikipedia, they’ve developed a Historical Popularity Index (HPI) — based on a number of things, including the number of languages in which one’s Wikipedia bio exists and the number and distribution of page views to those bio pages — to rank more than 11,000 famous people from the past and present. (Spoiler alert: Aristotle, Plato, Jesus, Socrates and Alexander the Great take the top slots.) While famous techies still generally score much lower HPIs than actors, athletes and artists, some computer scientists, including Linus Torvalds, Martin Minsky, and Tim Berners-Lee, did make the list. And Alan Turing's HPI of 24.989 made him the most popular of the bunch.

Submission + - Getty Images makes 35 million images free for non-comercial usage 1

kc123 writes: In an effort to deal with copyright infringement Getty Images is launching a new embedding feature that will make more than 35 million images freely available to anyone for non-commercial usage. Anyone will be able to visit Getty Images’ library of content, select an image and copy an embed HTML code to use that image on their own websites. Getty Images will serve the image in an embedded player – very much like YouTube currently does with its videos – which will include the full copyright information and a link back to the image’s dedicated licensing page on the Getty Images website.

Submission + - ICANN's cosy relationship with the US must end, says EU (networkworld.com)

alphadogg writes: The exclusive relationship of ICANN (the Internet Corporation for Assigned Names and Numbers) with the U.S. must end, said the European Union's digital agenda chief on Wednesday. California-based ICANN is responsible for the assignment of top-level domains and has a long-standing operating agreement with the U.S. However, following the revelations by Edward Snowden of widespread surveillance of the Internet by the National Security Agency, many countries have questioned the arrangement. The historical relationship, noted in ICANN's Affirmation of Commitments, is outdated and the governance of the Internet must become more global, said the E.U. Digital Agenda Commissioner Neelie Kroes. Kroes was presenting the European Commission's new policy on Internet governance, which rejects any United Nations or governmental takeover of Internet governance and calls for a move to globalize ICANN.

Submission + - Google Pushes Back Against Data Localization (nytimes.com)

Boweravid writes: The big tech companies have put forth a united front when it comes to pushing back against the government after revelations of mass surveillance. But their cooperation goes only so far.

Microsoft this week suggested that it would deepen its existing efforts to allow customers to store their data near them and outside the United States. Google, for its part, has been fighting this notion of so-called data localization.

“If data localization and other efforts are successful, then what we will face is the effective Balkanization of the Internet and the creation of a ‘splinternet’ broken up into smaller national and regional pieces, with barriers around each of the splintered Internets to replace the global Internet we know today,” Richard Salgado, Google’s director of law enforcement and information security, told a congressional panel in November.

Submission + - CBS 60 MInutes: NSA speaks out on Snowden, spying (cbsnews.com) 7

An anonymous reader writes: This week CBS New's 60 Minutes program had a broadcast segment devoted to the NSA, and additional online features. It revealed that the first secret Snowden stole was the test and answers for a technical examination to get a job at NSA. When working at home, Snowden covered his head and screen with a hood so that his girlfriend couldn't see what he was doing. NSA considered the possibility that Snowden left malicious software behind and removed every computer and cable that Snowden had access to from its classified network, costing tens of millions of dollars. Snowden took approximately 1.7 million classified documents. Snowden never approached any of multiple Inspectors General, supervisors, or Congressional oversight committee members about his concerns. Snowden's activity caught the notice of other System Administrators. There were also other interesting details, such as the NSA has a highly competitive intern program for High School students that are given a Top Secret clearance and a chance to break codes that have resisted the efforts of NSA's analysts — some succeed. The NSA is only targeting the communications, as opposed to metadata, of less than 60 Americans. Targeting the actual communications of Americans, rather than metadata, requires a probable cause finding and a specific court order. NSA analysts working with metadata don't have access to the name, and can't listen to the call. The NSA's work is driven by requests for information by other parts of the government, and there are about 31,000 requests. Snowden apparently managed to steal a copy of that document, the "crown jewels" of the intelligence world. With that information, foreign nations would know what the US does and doesn't know, and how to exploit it.

Slashdot Top Deals

If a subordinate asks you a pertinent question, look at him as if he had lost his senses. When he looks down, paraphrase the question back at him.