Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 internet speed test! ×

Submission + - Proposed US Law Would Allow Employers to Demand Genetic Testing (businessinsider.com)

capedgirardeau writes: A little-noticed bill moving through the US Congress would allow companies to require employees to undergo genetic testing or risk paying a penalty of thousands of dollars, and would let employers see that genetic and other health information. Giving employers such power is now prohibited by US law, including the 2008 genetic privacy and nondiscrimination law known as GINA. The new bill gets around that landmark law by stating explicitly that GINA and other protections do not apply when genetic tests are part of a 'workplace wellness' program.

Submission + - Java and Python FTP Attacks Can Punch Holes Through Firewalls (csoonline.com)

itwbennett writes: Over the weekend, security researcher Alexander Klink disclosed an interesting attack where exploiting an XXE (XML External Entity) vulnerability in a Java application can be used to send emails. At the same time, he showed that this type of vulnerability can be used to trick the Java runtime to initiate FTP connections to remote servers. After seeing Klink's exploit, Timothy Morgan, a researcher with Blindspot Security, decided to disclose a similar attack that works against both Java's and Python's FTP implementations. 'But his attack is more serious because it can be used to punch holes through firewalls,' writes Lucian Constantin in CSO Online.

Submission + - Wyden to Introduce Bill to Prohibit Warrantless Phone Searches at Border

Trailrunner7 writes: A senator from Oregon who has a long track record of involvement on security and privacy issues says he plans to introduce a bill soon that would prevent border agents from forcing Americans returning to the country to unlock their phones without a warrant.

Sen. Ron Wyden said in a letter to the secretary of the Department of Homeland Security that he is concerned about reports that Customs and Border Patrol agents are pressuring returning Americans into handing over their phone PINs or using their fingerprints to unlock their phones. DHS Secretary John Kelly has said that he’s considering the idea of asking visitors for the login data for their various social media accounts, information that typically would require a warrant to obtain.

“Circumventing the normal protection for such private information is simply unacceptable,” Wyden said in the letter, sent Monday.

Submission + - Deleting your Yahoo email account? Yeah, good luck with that (zdnet.com)

An anonymous reader writes: Several Yahoo users, who last year decided to leave the service, told us that their accounts remained open for weeks or months after the company said they would be closed.

News broke in September of a massive state-sponsored cyberattack that led to the theft of 500 million records — then thought to be the largest theft of records in history. That alone was enough for some to take action and delete their accounts, months before the company admitted it was hacked again — this time taking 1 billion accounts.

One user told me that they deleted their account "the day the breach was announced" in late September. But as of the end of January, he was still receiving messages that were automatically forwarded from his Yahoo inbox.

Another user told me that they thought their account was "supposedly-terminated" days after news of the hack broke, but confirmed his account was still active — when it should have closed by December.

Submission + - Woolly Mammoth On Verge of Resurrection, Scientists Reveal (theguardian.com)

An anonymous reader writes: The woolly mammoth vanished from the Earth 4,000 years ago, but now scientists say they are on the brink of resurrecting the ancient beast in a revised form, through an ambitious feat of genetic engineering. Speaking ahead of the American Association for the Advancement of Science (AAAS) annual meeting in Boston this week, the scientist leading the “de-extinction” effort said the Harvard team is just two years away from creating a hybrid embryo, in which mammoth traits would be programmed into an Asian elephant. “Our aim is to produce a hybrid elephant-mammoth embryo,” said Prof George Church. “Actually, it would be more like an elephant with a number of mammoth traits. We’re not there yet, but it could happen in a couple of years.” The creature, sometimes referred to as a “mammophant”, would be partly elephant, but with features such as small ears, subcutaneous fat, long shaggy hair and cold-adapted blood. The mammoth genes for these traits are spliced into the elephant DNA using the powerful gene-editing tool, Crispr. Until now, the team have stopped at the cell stage, but are now moving towards creating embryos – although, they said that it would be many years before any serious attempt at producing a living creature.

Submission + - SPAM: Scottish court awards damages for CCTV camera pointed at neighbour's house

AmiMoJo writes: Edinburgh's Nahid Akram installed a CCTV system that let him record his downstairs neighbours Debbie and Tony Woolley in their back garden, capturing both images and audio of their private conversations, with a system that had the capacity to record continuously for five days. A Scottish court has ruled that the distress caused by their neighbour's camera entitled the Woolleys to £17,000 in damages, without the need for them to demonstrate any actual financial loss. The judgment builds on a 2015 English court ruling against Google for spying on logged out Safari users, where the users were not required to show financial losses to receive compensation for private surveillance.
Link to Original Source

Submission + - MuckRock launching volley of FOIA requests at Trump administration

v3rgEz writes: For seven years, MuckRock has helped journalists, activists, and every day people extract information from the government using public records laws. Now we're doing to the same for the Trump administration, and want to get as many people who care about transparency involved as possible.

We've launched a dedicated page collecting and discussing FOIA requests about the incoming Trump administration, and are experimenting with a new Slack channel to help folks workshop their requests and disseminate documents that come back.

Submission + - Who Is Killing the Towns of Western Massachusetts? (backchannel.com) 1

mirandakatz writes: If Western Massachusetts is going to retain its population—particularly its younger residents—it needs 21st century internet. That's easier said than done: Governor Charlie Baker appears to be favoring an approach that gives money to incumbent telecoms companies, and prevents towns from seizing control of their connectivity. At Backchannel, Susan Crawford argues that "because of Governor Baker, many of the people of Western MA, especially younger residents, will have to move somewhere. And even a region rich in culture, with second-home owners who otherwise might want to stay full time, will find itself populated with ghosts. Unhappy ghosts, with lousy, overpriced internet access."

Submission + - FTC Dismantles Two Huge Robocall Organizations

Trailrunner7 writes: Continuing its campaign against phone fraud operations, the FTC has dismantled two major robocall organizations that the commission alleges were making hundreds of millions of calls over the course of several years to consumers who were on the Do Not Call registry.

The FTC filed complaints against two separate groups of defendants, the leaders of which have both been involved in previous legal actions for robocalling operations. The defendants each controlled several different corporate entities that were involved in selling home security systems, extended auto warranties, and other products through repeated automated phone calls. Many of the calls were to numbers on the DNC list, a violation of the telemarketing regulations.

The two main defendants in the complaints are Justin Ramsey and Aaron Michael Jones, and in separate actions, they and many of their co-defendants have agreed to court-ordered bans on robocall activities and financial settlements. The FTC alleges that Ramsey directed an operation that made millions of robocalls a month.

Submission + - UK Data Protection Authority Broke Its Own Rules... And Kept It Quiet

Mickeycaskill writes: The UK's data protection authority, the Information Commissioner's Office (ICO), has confirmed it investigated itself several times since 2013 and found itself guilty on 14 occasions.

It neglected to make this public information and the revelations were only uncovered by a Freedom of Information (FoI) request made by a member of the House of Lords.

“More and more of our data is being held by government agencies, if even the ICO can’t stick to the rules it does raise questions about how secure our data really is,” said Lord Paddick.

Most of the complaints were submitted by members of the public but it self-reported incidents in three instances. 29 complaints ended with no breaches of the law being found.

Submission + - Tesla Falls Just Short of Their 80,000 Vehicle Goal for 2016

randomErr writes: Tesla targeted to sell 80,000 cars for 2016 but only delivered 76,230 vehicles. The carmaker said that 'short-term production challenges' at the end of October were to blame. The slowdown to new Autopilot hardware resulted in made 2,750 Tesla vehicles missed being counted as deliveries for the year. Tesla says about 6,450 vehicles on their way and will be counted toward the first quarter of 2017.

Submission + - Sensitive Data Stored on Box.com Accounts Accessible Via Search Queries (threatpost.com)

msm1267 writes: Last week Box.com moved quickly and quietly to block search engines from indexing links to confidential data owned by its users. That is after security researcher Markus Neis surfaced private data belonging to a number of Fortune 500 companies via Google, Bing and other search engines. Box.com said it’s a classic case of users accidentally oversharing. Neis isn’t convinced and says Box.com’s so-called Collaboration links shouldn’t have been indexed in the first place. Box.com has since blocked access to what security researchers say was a treasure trove confidential data and fodder for phishing scams.

Submission + - Russian hacks into Ukraine power grids a sign of things to come for U.S.? (cbsnews.com)

schwit1 writes: Russian hacking to influence the election has dominated the news. But CBS News has also noticed a hacking attack that could be a future means to the U.S. Last weekend, parts of the Ukrainian capitol Kiev went dark. It appears Russia has figured out how to crash a power grid with a click.

Last December, a similar attack occurred when nearly a quarter of a million people lost power in the Ivano-Frankivsk region of Ukraine when it was targeted by a suspected Russian attack.

Vasyl Pemchuk is the electric control center manager, and said that when hackers took over their computers, all his workers could do was film it with their cell phones.

... some U.S. electric utilities have weaker security than Ukraine, and the malicious software the hackers used has already been detected in the U.S.

Submission + - Silicon Valley's Trump rebellion now has EFF calling for more encryption (computerworld.com)

dcblogs writes: The Electronic Frontier Foundation is keenly worried that President-elect Donald Trump and the Republican-controlled Congress will step up surveillance activities and pass laws that infringe on electronic rights. The EFF is advising the tech sector to use end-to-end encryption for every transaction by default and to scrub logs. "You cannot be made to surrender data you do not have," the EFF said. "It's very clear to us that he (President-elect Donald Trump) is no friend to civil liberties," sais Rainey Reitman, director of the EFF's activism team. It believes Trump and the new Congress will seek encryption backdoors. The tech community is wary, generally, of Trump. More than 1,000 people who work at tech firms have signed a pledge, Neveragain.tech, not to help the incoming administration create a database to target people because of race or religion or to facilitate mass deportations. In arguing for resistance, Neveragain is pointing to the importance of databases used in atrocities back to World War II. Commenting generally on the use of data collection by governments, Christopher Browning, a Holocaust researcher who wrote a number of books on the Holocaust, Ordinary Men: Reserve Police Battalion 101 and the Final Solution in Poland said that in western Europe, especially The Netherlands, "registration is a key, endangering factor."

Slashdot Top Deals

How many NASA managers does it take to screw in a lightbulb? "That's a known problem... don't worry about it."

Working...