Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - US border searches of phones and laptops have almost doubled (zdnet.com)

An anonymous reader writes: CBP said only in its statement that it has "adapted and adjusted its actions to align with current threat information," without providing specifics.

A spokesperson for Homeland Security did not respond to our questions, including why the number of searches has risen year-over-year.

Mary Ellen Callahan, former former chief privacy officer at Homeland Security, said in an email that the increase in searches is "a conscious strategy on CBP to better leverage the border search loophole," which allows border agents to search devices without a warrant.

The agency says that "no court has concluded that the border search of electronic devices requires a warrant, and CBP's use of this authority has been repeatedly upheld," but while the Supreme Court unanimously ruled in 2014 that generally a warrant must be obtained, the doctrine governing the bizarre, semi-stateless space at the US border allows agents to carry out warrantless device searches.

Submission + - Think Your Phone's Fingerprint Sensor is Safe? Think Again (nytimes.com)

SuperLocrian writes: Human fingerprints are unique but they comprise whorls and other patterns that are not. And that could be a security problem for the sensors on electronic devices, which use only portions of fingerprints to unlock their secrets. Researchers at New York University Tandon School of Engineering and Michigan State University have published a study showing that these sensors can be 'faked out' by digitally produced fingerprints that are a composite of commonly found portions of fingerprint. The researchers, including Nasir Memon, professor of computer science and engineering at NYU Tandon, created a set of artificial “MasterPrints” that matched partial prints similar to those used by phones 26-65 percent of the time.

Submission + - Oracle Charged $293M In Korean Back Taxes

An anonymous reader writes: Multinational tech giant Oracle has been charged $293 million USD ($300 billion won) for corporate tax evasion in South Korea. The $293 million charge is made up of back taxes, as well as a punitive charge from the government tax agency. The of the tax debt in January of last year, when the National Tax Service (NTS) charged Oracle with evasion of corporate tax payments on 2 trillion won in earnings from 2008-2014. Oracle was accused of funneling revenues to Ireland to avoid paying taxes in South Korea. In an audit of the company’s books, the tax authority found that Oracle had channeled profits generated in South Korea to an Irish subsidiary; however, it was found that those funds ultimately profited the company’s headquarters in the United States. Because of this, the NTS determined that Oracle should have paid taxes on profits generated in South Korea to the South Korean government.

Submission + - Twitter Sues US Government Over Attempt To Unmask Anti-Trump Account (theverge.com)

An anonymous reader writes: According to Twitter’s suit, filed today in Northern California District Court, U.S. Customs and Border Protection has attempted to use a “limited-purpose investigatory tool” to unmask the owner of the Twitter account “@ALT_USCIS.” The account, one of several “alt” or “rogue” government accounts that appeared in the wake of Trump’s ascent to the presidency, was used “to express public criticism of the Department and the current Administration,” according to Twitter’s complaint. In the suit, Twitter writes that @ALT_USCIS has purported to be a dissenting member of US Citizenship and Immigration Services. On March 14, Twitter received a summons from Customs requesting records that could reveal the identity of the account’s operator, including IP logs and any associated phone number or mailing address. In addition to the Department of Homeland Security and its subagency, the lawsuit names four individuals as defendants: DHS secretary John Kelly, acting CBP commissioner Kevin McAleenan, and special agents Stephen P. Caruso and Adam Hoffman, who issued and served the order itself.

Submission + - DARPA building full-sized electric VTOL X-Plane following successful tests (ibtimes.co.uk)

drunkdrone writes: The US Defense Advanced Research Projects Agency (Darpa) has completed test flights of its prototype vertical take-off and landing (VTOL) X-Plane, an experimental, high-speed electric aircraft that can be deployed on missions without needing a runway.

The X-Plane, which is now officially recognised by the US military as the XV-24A, is powered by 24 fan propellers distributed across the wings and tail of the unmanned aircraft, which are driven by a 4,000 horsepower hybrid turboshaft engine.

The tests, which began in March 2016, involved a scaled-down version of the craft. Over the course of six flights, the demonstrator was used to test the X-Plane's flight systems, navigation, manoeuvrability, hovering, navigation and the craft's automatic take-off and landing capabilities.

Submission + - Web Inventor Sir Tim Berners-Lee Slams UK and US Internet Plans (bbc.com) 1

dryriver writes: The BBC reports: "Sir Tim Berners-Lee was speaking to the BBC following the news that he has been given the Turing Award. It is sometimes known as the Nobel Prize of computing. Sir Tim said moves to undermine encryption would be a 'bad idea' and represent a massive security breach. 'Now I know that if you're trying to catch terrorists it's really tempting to demand to be able to break all that encryption but if you break that encryption then guess what — so could other people and guess what — they may end up getting better at it than you are,' he said. Sir Tim also criticised moves by legislators on both sides of the Atlantic, which he sees as an assault on the privacy of web users. He attacked the UK's recent Investigatory Powers Act, which he had criticised when it went through Parliament: 'The idea that all ISPs should be required to spy on citizens and hold the data for six months is appalling.'

Submission + - An unexpected relationship between nuclear power and low birth weight (arstechnica.com)

Applehu Akbar writes: Ars Technica reports on a Carnegie-Mellon study of an unexpected side effect of the slowdown in nuclear plant construction after Chernobyl and Three Mile Island. The pollution associated with replacing the power in places where nuclear plants were delayed or canceled has resulted in significantly lower birth weights for children born in the region. The impact on birth weight starts at 97g less in the second quarter after a nuclear shutdown and goes to 146g for qquatres thereafter.

Though the steady shift in recent years from coal to natural gas has probably slowed this trend down (no update to the study has been announced) because gas pollutes less, Trump's policy of bringing back coal may mean that micro-babies are back in fashion.

Submission + - Proposed US Law Would Allow Employers to Demand Genetic Testing (businessinsider.com)

capedgirardeau writes: A little-noticed bill moving through the US Congress would allow companies to require employees to undergo genetic testing or risk paying a penalty of thousands of dollars, and would let employers see that genetic and other health information. Giving employers such power is now prohibited by US law, including the 2008 genetic privacy and nondiscrimination law known as GINA. The new bill gets around that landmark law by stating explicitly that GINA and other protections do not apply when genetic tests are part of a 'workplace wellness' program.

Submission + - Java and Python FTP Attacks Can Punch Holes Through Firewalls (csoonline.com)

itwbennett writes: Over the weekend, security researcher Alexander Klink disclosed an interesting attack where exploiting an XXE (XML External Entity) vulnerability in a Java application can be used to send emails. At the same time, he showed that this type of vulnerability can be used to trick the Java runtime to initiate FTP connections to remote servers. After seeing Klink's exploit, Timothy Morgan, a researcher with Blindspot Security, decided to disclose a similar attack that works against both Java's and Python's FTP implementations. 'But his attack is more serious because it can be used to punch holes through firewalls,' writes Lucian Constantin in CSO Online.

Submission + - Wyden to Introduce Bill to Prohibit Warrantless Phone Searches at Border

Trailrunner7 writes: A senator from Oregon who has a long track record of involvement on security and privacy issues says he plans to introduce a bill soon that would prevent border agents from forcing Americans returning to the country to unlock their phones without a warrant.

Sen. Ron Wyden said in a letter to the secretary of the Department of Homeland Security that he is concerned about reports that Customs and Border Patrol agents are pressuring returning Americans into handing over their phone PINs or using their fingerprints to unlock their phones. DHS Secretary John Kelly has said that he’s considering the idea of asking visitors for the login data for their various social media accounts, information that typically would require a warrant to obtain.

“Circumventing the normal protection for such private information is simply unacceptable,” Wyden said in the letter, sent Monday.

Submission + - Deleting your Yahoo email account? Yeah, good luck with that (zdnet.com)

An anonymous reader writes: Several Yahoo users, who last year decided to leave the service, told us that their accounts remained open for weeks or months after the company said they would be closed.

News broke in September of a massive state-sponsored cyberattack that led to the theft of 500 million records — then thought to be the largest theft of records in history. That alone was enough for some to take action and delete their accounts, months before the company admitted it was hacked again — this time taking 1 billion accounts.

One user told me that they deleted their account "the day the breach was announced" in late September. But as of the end of January, he was still receiving messages that were automatically forwarded from his Yahoo inbox.

Another user told me that they thought their account was "supposedly-terminated" days after news of the hack broke, but confirmed his account was still active — when it should have closed by December.

Submission + - Woolly Mammoth On Verge of Resurrection, Scientists Reveal (theguardian.com)

An anonymous reader writes: The woolly mammoth vanished from the Earth 4,000 years ago, but now scientists say they are on the brink of resurrecting the ancient beast in a revised form, through an ambitious feat of genetic engineering. Speaking ahead of the American Association for the Advancement of Science (AAAS) annual meeting in Boston this week, the scientist leading the “de-extinction” effort said the Harvard team is just two years away from creating a hybrid embryo, in which mammoth traits would be programmed into an Asian elephant. “Our aim is to produce a hybrid elephant-mammoth embryo,” said Prof George Church. “Actually, it would be more like an elephant with a number of mammoth traits. We’re not there yet, but it could happen in a couple of years.” The creature, sometimes referred to as a “mammophant”, would be partly elephant, but with features such as small ears, subcutaneous fat, long shaggy hair and cold-adapted blood. The mammoth genes for these traits are spliced into the elephant DNA using the powerful gene-editing tool, Crispr. Until now, the team have stopped at the cell stage, but are now moving towards creating embryos – although, they said that it would be many years before any serious attempt at producing a living creature.

Submission + - SPAM: Scottish court awards damages for CCTV camera pointed at neighbour's house

AmiMoJo writes: Edinburgh's Nahid Akram installed a CCTV system that let him record his downstairs neighbours Debbie and Tony Woolley in their back garden, capturing both images and audio of their private conversations, with a system that had the capacity to record continuously for five days. A Scottish court has ruled that the distress caused by their neighbour's camera entitled the Woolleys to £17,000 in damages, without the need for them to demonstrate any actual financial loss. The judgment builds on a 2015 English court ruling against Google for spying on logged out Safari users, where the users were not required to show financial losses to receive compensation for private surveillance.
Link to Original Source

Slashdot Top Deals

Where are the calculations that go with a calculated risk?