Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Encryption

Lavabit Is Relaunching (theintercept.com) 51

The encrypted email service once used by whistleblower Edward Snowden is relaunching today. Ladar Levison, the founder of the encrypted email service Lavabit, announced on Friday that he's relaunching the service with a new architecture that fixes the SSL problem and includes other privacy-enhancing features as well, such as one that obscures the metadata on emails to prevent government agencies like the NSA and FBI from being able to find out with whom Lavabit users communicate. In addition, he's also announcing plans to roll out end-to-end encryption later this year. The Intercept provides some backstory in its report: In 2013, [Levison] took the defiant step of shutting down the company's service rather than comply with a federal law enforcement request that could compromise its customers' communications. The FBI had sought access to the email account of one of Lavabit's most prominent users -- Edward Snowden. Levison had custody of his service's SSL encryption key that could help the government obtain Snowden's password. And though the feds insisted they were only after Snowden's account, the key would have helped them obtain the credentials for other users as well. Lavabit had 410,000 user accounts at the time. Rather than undermine the trust and privacy of his users, Levison ended the company's email service entirely, preventing the feds from getting access to emails stored on his servers. But the company's users lost access to their accounts as well. Levison, who became a hero of the privacy community for his tough stance, has spent the last three years trying to ensure he'll never have to help the feds break into customer accounts again. "The SSL key was our biggest threat," he says.

Submission + - Elite Scientists Have Told the Pentagon That AI Won't Threaten Humanity (vice.com)

An anonymous reader writes: A new report authored by a group of independent U.S. scientists advising the US Dept. of Defense (DoD) on artificial intelligence (AI) claims that perceived existential threats to humanity posed by the technology, such as drones seen by the public as killer robots, are at best “uninformed." Still, the scientists acknowledge that AI will be integral to most future DoD systems and platforms, but AI that could act like a human “is at most a small part of AI’s relevance to the DoD mission." Instead, a key application area of AI for the DoD is in augmenting human performance. Perspectives on Research in Artificial Intelligence and Artificial General Intelligence Relevant to DoD, first reported by Steven Aftergood at the Federation of American Scientists, has been researched and written by scientists belonging to JASON, the historically secretive organization that counsels the US government on scientific matters. Outlining the potential use cases of AI for the DoD, the JASON scientists make sure to point out that the growing public suspicion of AI is “not always based on fact,” especially when it comes to military technologies. Highlighting SpaceX boss Elon Musk’s opinion that AI “is our biggest existential threat” as an example of this, the report argues that these purported threats “do not align with the most rapidly advancing current research directions of AI as a field, but rather spring from dire predictions about one small area of research within AI, Artificial General Intelligence (AGI)." AGI, as the report describes, is the pursuit of developing machines that are capable of long-term decision making and intent, i.e. thinking and acting like a real human. “On account of this specific goal, AGI has high visibility, disproportionate to its size or present level of success,” the researchers say.

Submission + - Man doxxes laptop thief by taking control remotely and pilfering her Facebook (ibtimes.co.uk) 1

drunkdrone writes: A Canadian man took matters into his own hands after his laptop was stolen when he logged into it remotely and posted the thief's misdeeds online. Stu Gale, from Cochrane, Alberta, had his computer swiped after leaving it in an unlocked car and days later received a notification informing him that someone had logged onto the device.

The 51-year-old computer security expert tried to access his computer by beginning a remote connection, which allows someone to connect to and take control of a device from another location. To begin with the thief kept closing the pop-up window, but she eventually left the room, unwisely while still logged into her Facebook account.

Space

Galileo Satellites Are Experiencing Multiple Clock Failures (bbc.com) 188

elgatozorbas writes: According to a BBC article, the onboard atomic clocks that drive the satellite-navigation signals on Europe's Galileo network have been failing at an alarming rate. From the report: "Across the 18 satellites now in orbit, nine clocks have stopped operating. Three are traditional rubidium devices; six are the more precise hydrogen maser instruments that were designed to give Galileo superior performance to the American GPS network. Each Galileo satellite carries two rubidium and two hydrogen maser clocks. The multiple installation enables a satellite to keep working after an initial failure. All 18 spacecraft currently in space continue to operate, but one of them is now down to just two clocks. Most of the maser failures (5) have occurred on the satellites that were originally sent into orbit to validate the system, whereas all three rubidium stoppages are on the spacecraft that were subsequently launched to fill out the network. Esa staff at its technical centre, ESTEC, in the Netherlands are trying to isolate the cause the of failures - with the assistance of the clock (Spectratime of Switzerland) and satellite manufacturers (Airbus and Thales Alenia Space; OHB and SSTL). It is understood engineers have managed to restart another hydrogen clock that had stopped. It appears the rubidium failures 'all seem to have a consistent signature, linked to probable short circuits, and possibly a particular test procedure performed on the ground.'"

Submission + - Senate bills ends visa lottery, gives U.S. grads preference (computerworld.com)

dcblogs writes: A new bill in Congress would give foreign students who graduate from U.S. schools priority in getting an H-1B visa. The legislation also "explicitly prohibits" the replacement of American workers by visa holders. This bill, the H-1B and L-1 Visa Reform Act, was announced Thursday by its co-sponsors, U.S. Senators Chuck Grassley (R-Iowa) and Sen. Dick Durbin (D-Ill.), longtime allies on H-1B reform. Grassley is chairman of the Senate Judiciary Committee, which gives this bill an immediate big leg up in the legislative process. This legislation would end the annual random distribution, via a lottery, of H-1B visas, and replace it with a system to give priority to certain types of students. Foreign nationals in the best position to get one of the 85,000 H-1B visas issued annually will have earned an advanced degree from a U.S. school, have a well-paying job offer, and have preferred skills. The specific skills weren't identified, but will likely be STEM-related.
Operating Systems

Oracle Scraps Plans For Solaris 12 (theregister.co.uk) 121

bobthesungeek76036 writes: According to The Register, Solaris 12 has been removed from Oracle roadmaps. This pretty much signals the demise of Solaris (as if we didn't already know that...) From the report: "The new blueprint -- dated January 13, 2017 -- omits any word of Solaris 12 that Oracle included in the same document's 2014 edition, instead mentioning 'Solaris 11.next' as due to debut during this year or the next complete with 'Cloud Deployment and Integration Enhancements.' At the time of writing, search engines produce no results for 'Solaris 11.next.' The Register has asked Oracle for more information. The roadmap also mentions a new generation of SPARC silicon in 2017, dubbed SPARC Next, and then in 2020 SPARC Next+. The speeds and capabilities mentioned in the 2017 document improve slightly on those mentioned in the 2014 roadmap.
AT&T

New FCC Report Says AT&T and Verizon Zero-Rating Violates Net Neutrality (theverge.com) 74

An anonymous reader quotes a report from The Verge: Just a week and a half before he is set to leave office, FCC Chairman Tom Wheeler has issued a new report stating that the zero-rated video services offered by ATT and Verizon may violate the FCC's Open Internet Order. Assembled by the FCC's Wireless Telecommunications Bureau, the report focuses on sponsored data programs, which allow companies to pay carriers to exempt exempt their data from customers' data caps. According to the report, many of those packages simply aren't playing fair. "While observing that ATT provided incomplete responses to staff inquires," Wheeler wrote to Senators, "the report states that the limited information available supports a conclusion that ATT offers Sponsored Data to third-party content providers at terms and conditions that are effectively less favorable than those it offers to its affiliate, DirecTV." In theory, sponsored data should be an even playing field, with providers bearing the costs and making the same charges regardless of who's footing the bill. But according to the report, ATT treats the DirectTV partnership very differently from an unaffiliated sponsored data system, giving the service a strong advantage over competitors. "ATT appears to view the network cost of Sponsored Data for DIRECTV Now as effectively de minimis," the report concludes. While ATT still bears some cost for all that free traffic, it's small enough that the carrier doesn't seem to care. The report raises similar concerns regarding Verizon's Go90 program, although it concludes Verizon's program may be less damaging. Notably, the letter does not raise the same concerns about T-Mobile's BingeOn video deal, since it "charges all edge providers the same zero rate for participating."
Privacy

Japan Researchers Warn of Fingerprint Theft From 'Peace' Sign (phys.org) 119

Tulsa_Time quotes a report from Phys.Org: Could flashing the "peace" sign in photos lead to fingerprint data being stolen? Research by a team at Japan's National Institute of Informatics (NII) says so, raising alarm bells over the popular two-fingered pose. Fingerprint recognition technology is becoming widely available to verify identities, such as when logging on to smartphones, tablets and laptop computers. But the proliferation of mobile devices with high-quality cameras and social media sites where photographs can be easily posted is raising the risk of personal information being leaked, reports said. The NII researchers were able to copy fingerprints based on photos taken by a digital camera three meters (nine feet) away from the subject.
Bug

Buggy Domain Validation Forces GoDaddy To Revoke SSL Certificates (threatpost.com) 33

msm1267 quotes a report from Threatpost: GoDaddy has revoked, and begun the process of re-issuing, new SSL certificates for more than 6,000 customers after a bug was discovered in the registrar's domain validation process. The bug was introduced July 29 and impacted fewer than two percent of the certificates GoDaddy issued from that date through yesterday, said vice president and general manager of security products Wayne Thayer. "GoDaddy inadvertently introduced the bug during a routine code change intended to improve our certificate issuance process," Thayer said in a statement. "The bug caused the domain validation process to fail in certain circumstances." GoDaddy said it was not aware of any compromises related to the bug. The issue did expose sites running SSL certs from GoDaddy to spoofing where a hacker could gain access to certificates and pose as a legitimate site in order to spread malware or steal personal information such as banking credentials. GoDaddy has already submitted new certificate requests for affected customers. Customers will need to take action and log in to their accounts and initiate the certificate process in the SSL Panel, Thayer said.
Microsoft

Microsoft To Enhance User Privacy Controls In Upcoming Windows 10 Update (hothardware.com) 183

MojoKid writes: When Microsoft first launched Windows 10, it was generally well-received but also came saddled with a number of privacy concerns. It has taken quite a while for Microsoft to respond to these concerns in a meaningful way, but the company is finally proving that it's taking things seriously by detailing some enhanced privacy features coming to a future Windows 10 build. Microsoft is launching what it calls a (web-based) privacy dashboard, which lets you configure anything and everything about information that might be sent to back to the mothership. You can turn all tracking off, or pick and choose, if certain criteria don't concern you too much, like location or health activity, for example. Also, for fresh installs, you'll be given more specific privacy options so that you can feel confident from the get-go about the information you're sending Redmond's way. If you do decide to send any information Microsoft's way, the company promises that it won't use your information for the sake of targeted advertising.
Government

US Releases Declassified Report On Russian Hacking, Concludes That Putin 'Developed a Clear Preference' For Trump (theverge.com) 734

An anonymous reader quotes a report from The Verge: The Office of the Director of National Intelligence has released its unclassified report on Russian hacking operations in the United States. "We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the U.S. presidential election," according to the report. "Russia's goals were to undermine public faith in the U.S. democratic process, denigrate Secretary Clinton, and harm her electability and potential presidency. We further assess Putin and the Russian Government developed a clear preference for President-elect Trump." The report, titled "Assessing Russian Activities and Intentions in Recent U.S. Elections," details the successful hack of the Democratic National Committee. "The Kremlin's campaign aimed at the U.S. election featured disclosures of data obtained through Russian cyber operations; intrusions into U.S. state and local electoral boards; and overt propaganda," according to the report. The report states that Russian intelligence services made cyber-attacks against "both major U.S. political parties" to influence the 2016 election. The report also publicly names Guccifer 2.0 and DCLeaks.com, two sources of stolen information released to the public, as Russian operatives working on behalf of the country's military intelligence unit, the GRU. Officials from the organization were recently the target of U.S. sanctions. WikiLeaks is also cited as a recipient of stolen information. The report also notes that the U.S. has determined Russia "accessed elements of multiple state or local electoral boards," though no vote-tallying processes were tampered with. The FBI and CIA have "high confidence" the election tampering was ordered by Putin to help then-candidate Trump, according to the report. NSA has "moderate confidence" in the assessment. bongey writes: The declassified DNI report offers no direct evidence of Russia hacking DNC or Podesta emails. Exactly half of the report (subtract blank and TOC) 9 of 18 is just devoted to going after RT.com by claiming they have close ties to Russia and therefore a propaganda arm, trying to imply that rt.com is related to the hacking. "Many of the key judgments in this assessment rely on a body of reporting from multiple sources that are consistent with our understanding of Russian behavior. Insights into Russian efforts -- including specific cyber operations -- and Russian views of key U.S. players derive from multiple corroborating sources. Some of our judgments about Kremlin preferences and intent are drawn from the behavior of Kremlin loyal political figures, state media, and pro-Kremlin social media actors, all of whom the Kremlin either directly uses to convey messages or who are answerable to the Kremlin." UPDATE 1/6/17: President-elect Donald Trump met with U.S. intelligence officials Friday, calling the meeting "constructive" and offering praise for intel officials. "While Russia, China, other countries, outside groups and people are consistently trying to break through the cyber infrastructure of our governmental institutions, businesses and organizations including the Democrat National Committee, there was absolutely no effect on the outcome of the election, including the fact that there was no tampering whatsoever with voting machines," Trump said in a statement after the meeting.

Submission + - Possibly fatal blow against a patent trolls. (computerworld.com)

whoever57 writes: Patent trolls rely on the fact that they have no assets and, if they lose a case, they can fold the company that owned the patent and sued, thus avoiding paying any the defendant's legal bills. However, in a recent case, the judge has told the winning defendant that it can claim its legal bills from the law firm. The decision is based on the plaintiff's law firm using a contract under which it would take a portion of any judgment, making it more than just counsel, but instead a partner with the plaintiff. This will likely result in law firms wanting to be paid up front, instead of offering a contingency-based fee.

Submission + - A Coal-Fired Power Plant in India Is Turning Carbon Dioxide Into Baking Soda (technologyreview.com)

schwit1 writes: In the southern Indian city of Tuticorin, locals are unlikely to suffer from a poorly risen cake. That’s because acoal-fired thermal power station in the area captures carbon dioxide and turns it into baking soda.

Carbon capture schemes are nothing new. Typically, they use a solvent, such as amine, to catch carbon dioxide and prevent it from escaping into the atmosphere. From there, the CO2 can either be stored away or used.

But the Guardian reports that a system installed in the Tuticorin plant uses a new proprietary solvent developed by the company Carbon Clean Solutions. The solvent is reportedly just slightly more efficient than those used conventionally, requiring a little less energy and smaller apparatus to run. The collected CO2 is used to create baking soda, and it claims that as much as 66,000 tons of the gas could be captured at the plant each year.

Its operators say that the marginal gain in efficiency is just enough to make it feasible to run the plant without a subsidy. In fact, it’s claimed to be the first example of an unsubsidized industrial plant capturing CO2 for use.

A “climate change” project that doesn’t involve taxpayer dollars? Is that even allowed?

China

Apple Removes NYTimes App in China, Shows How Far It Is Willing To Go To Please Local Authority (theguardian.com) 174

Apple has removed the New York Times app from its store in China after a government request, in an example of how far the company will go to please the authorities in its third-largest market. From a report: China operates what is thought to be the largest internet censorship regime in the world, blocking thousands of foreign websites viewed as a threat by the ruling Communist party. Google, Twitter, Facebook Youtube and Instagram are all inaccessible. Apple removed the English and Chinese-language versions of the New York Times app on 23 December, although it was not immediately clear why. "We have been informed that the app is in violation of local regulations," said Carolyn Wu, an Apple spokeswoman. "As a result the app must be taken down off the China app store. When this situation changes the app store will once again offer the New York Times app for download in China."

Slashdot Top Deals

"Regardless of the legal speed limit, your Buick must be operated at speeds faster than 85 MPH (140kph)." -- 1987 Buick Grand National owners manual.

Working...