Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Pentagon admits to having deployed miitary spy drones over the US (msn.com)

lightbox32 writes: A report by a Pentagon inspector general, made public under a Freedom of Information Act request, said spy drones on non-military missions have occurred fewer than 20 times between 2006 and 2015 and always in compliance with existing law. The use of unmanned aerial surveillance (UAS) drones over U.S. surfaced in 2013 when then-FBI director Robert Mueller testified before Congress that the bureau employed spy drones to aid investigations, but in a "very, very minimal way, very seldom."

The inspector general analysis was completed March 20, 2015, but not released publicly until last Friday.

The report also quoted a military law review article that said "the appetite to use them (spy drones) in the domestic environment to collect airborne imagery continues to grow, as does Congressional and media interest in their deployment."

Submission + - 18TB of Fraternal Order of Police data hacked (thecthulhu.com) 1

Dave_Minsky writes: Yesterday, someone by the name of Cthulhu released 18TB of sensitive data from the Fraternal Order of Police. The FOP is America's largest police union with more than 325,000 members in more than 2,100 lodges nationwide.

According to Cthulhu's website, the data were "submitted to me through a confidential source, and have asked me to distribute it in the public interest."

Submission + - VMWare lays off Fusion and Workstation development team (chipx86.com)

An anonymous reader writes: The entire Hosted UI team, responsible for VMware’s Workstation and Fusion products, have been laid off and the future of these products is now unclear with rumors future maintenance will be outsourced to China.

Submission + - The Dark Arts: Meet the LulzSec Hackers (hackaday.com)

szczys writes: Reputations are earned. When a small group of hackers who were part of Anonymous learned they were being targeted for doxing (having their identities exposed) they went after the person hard, taking down two of the company websites, the CEO's Facebook, Twitter, Yahoo, and even his World of Warcraft accounts. The process was fast, professional, and like nothing ever seen before. This was the foundation of Lulz Security and the birth of a reputation that makes LulzSec an important part of black hat history.

Submission + - Under New Management (bizx.info)

kodiaktau writes: DHI Group, Inc. (NYSE: DHX), today announced that it completed the sale of its Slashdot and SourceForge businesses (together referred to as "Slashdot Media") to BIZX, LLC in a transaction that closed on January 27, 2016. Financial terms were not disclosed.

DHI first announced its plan to sell Slashdot Media in July 2015 as part of its strategy to focus on its core brands, as Slashdot Media no longer fits within the Company's core strategic initiatives.

KeyBanc Capital Markets Inc. served as the Company's exclusive financial advisor for the transaction.

Submission + - Slashdot Media sold to BIZX, LCC

An anonymous reader writes: DHI (formerly Dice Holdings) has finalized the sale of Slashdot Media (consisting of Slashdot and SoureForge) to BIZX, LLC on January 27th, 2016, according to a press release on Thursday morning. No financial details were given in the press release, nor any details about how Slashdot or SourceForge will be handled by their new owners.

Submission + - Abe Vigoda dead for sure this time (cnn.com)

sandbagger writes: Character actor Abe Vigoda, known in part for his role in the long-running police comedy Barney Miller, has died at 94. Reports of his death rocketed around the world a few years ago thanks to the internet but it seems pretty certain this time.

Submission + - US OPM getting Out of the 'Background Checking business'

bbsguru writes: An article in the Register notes that, following last years' embarrassing and costly data breaches:

The US government is creating a new agency to process background checks for federal employees and contractors seeking security clearance.

The [...] Department of Defense (DoD)
[will] oversee the establishment of the National Background Investigations Bureau (NBIB). The new agency will take over running the Federal Investigative Service (FIS) and will perform all background checks.

[...]
Currently, the FIS handles around 95 per cent of federal background checks on an estimated 600,000 people each year. Those duties, going forward, will still be handled by FIS, but will be done as part of the new NBIB and its proposed $95m annual (FY 2017) IT budget.

Previously, the FIS had operated as part of the US Office of Personnel Management (OPM), conducting background checks for those seeking positions within US government agencies or working on contracts for the government.


In other news, the barn doors are now closed. Horses are nowhere in sight.

Submission + - Internet of Things security is so bad, there's a search engine for sleeping kids (arstechnica.com)

An anonymous reader writes: Shodan, a search engine for the Internet of Things (IoT), recently launched a new section that lets users easily browse vulnerable webcams. The feed includes images of marijuana plantations, back rooms of banks, children, kitchens, living rooms, garages, front gardens, back gardens, ski slopes, swimming pools, colleges and schools, laboratories, and cash register cameras in retail stores. While IoT manufacturers are to blame, this also highlights the creepy stuff you can do with Shodan these days. At the start of January, Check Point recommended companies to block Shodan's crawlers. The infosec community came to defend Shodan, and even its founder said that Shodan is uselessly branded as a tool of evil, saying that attackers have their own scanning tools.

Submission + - UK Voice Crypto Standard Built for Key Escrow, Mass Surveillance

Trailrunner7 writes: The U.K. government’s standard for encrypted voice communications, which already is in use in intelligence and other sectors and could be mandated for use in critical infrastructure applications, is set up to enable easy key escrow, according to new research.

The standard is known as Secure Chorus, which implements an encryption protocol called MIKEY-SAKKE. The protocol was designed by GCHQ, the U.K.’s signals intelligence agency, the equivalent in many ways to the National Security Agency in the United States. MIKEY-SAKKE is designed for voice and video encryption specifically, and is an extension of the MIKEY (Multimedia Internet Keying) protocol, which supports the use of EDH (Ephemeral Diffie Hellman) for key exchange.

“MIKEY supports EDH but MIKEY-SAKKE works in a way much closer to email encryption. The initiator of a call generates key material, uses SAKKE to encrypt it to the other communication partner (responder), and sends this message to the responder during the set-up of the call. However, SAKKE does not require that the initiator discover the responder’s public key because it uses identity-based encryption (IBE),” Dr. Steven Murdoch of University College London’s Department of Computer Science, wrote in a new analysis of the security of the Secure Chorus standard.

“By design there is always a third party who generates and distributes the private keys for all users. This third party therefore always has the ability to decrypt conversations which are encrypted using these private keys,” Murdoch said by email.

He added that the design of Secure Chorus “is not an accident.”

Submission + - Human Rights Watch Blasts TPP for "Serious Rights Concerns" (freezenet.ca)

Dangerous_Minds writes: Freezenet is reporting that Human Rights Watch, an international human rights organization, has blasted the TPP over what they call "serious rights concerns". Among the concerns are privacy rights as well as the implications the trade deal would have on free speech. Already, some are expecting all 12 countries to sign off on the TPP next month.

Further reading: Human Rights Watch press release and TPP Q & A.

Submission + - Inside NASA's Space Rock Vault (arstechnica.com)

An anonymous reader writes: In an unassuming building a Johnson Space Center, NASA maintains clean rooms and employs curators to support its collection of rocks and other matter from elsewhere in the solar system. Ars got to tour the facility and take pictures of the samples inside. "The collection houses about 20,000 rocks, but the most famous of those rocks is ALH84001. Sometime around 16 million years ago, a large meteorite or asteroid 0.5 to 1 km across or larger struck the Martian surface and blasted some rocks into space at a speed greater than the red planet’s escape velocity. One of them flew through space until about 13,000 years ago when it crashed into Antarctica." NASA keeps bits of a comet trapped in aerogel, as well as the remains of the Genesis probe that captured particles of solar wind. Of course, this is dwarfed by the vast collection of lunar rock samples brought back by the Apollo missions. Some of them have yet to be opened. "They were collected in the vacuum of the lunar surface, placed inside vacuum sealed tubes, and remain that way to this day. NASA is preserving them for some theoretical future where science has progressed to enable some new, powerful method of analysis."

Submission + - Malware on Point-of-Sale Systems Caused Hyatt Data Breach

Trailrunner7 writes: A data breach at hundreds of Hyatt hotels that was revealed in December was caused by point-of-sale device malware that stole victims’ payment card information in transactions in hotel restaurants, spas, golf shops, and other locations.

The malware was on PoS systems in more than 300 Hyatt hotels around the world, including dozens in the United States, the company said. Hyatt officials disclosed the breach last month, but the details of what caused the incident just came out this week after the company completed the investigation. The breach affects people who used cards at the compromised hotels between mid-August and early December.

“The malware was designed to collect payment card data – cardholder name, card number, expiration date and internal verification code – from cards used onsite as the data was being routed through affected payment processing systems. There is no indication that other customer information was affected,” Hyatt said in its statement.

Submission + - Server retired after 18 years and ten months - Beat that, Readers! (theregister.co.uk)

DesertNomad writes: Article in ElReg about a fairly aged Pentium-based server that lasted 18+ years without much in the way of service. Reminds me that I have a pair of working, occasionally used, Pentium-based notebooks (more like lug-books), one of which is a 1999 Thinkpad, and the other a 1996 CTX. I'm sure that there's plenty of boxes out there that have survived at least 18 years and that are in daily or constant use. The fans are always the tricky part!

Slashdot Top Deals

It is much easier to suggest solutions when you know nothing about the problem.

Working...