Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror

Submission + - FBI Operated 23 Tor-Hidden Child Porn Sites, Deployed Malware From Them (arstechnica.com)

An anonymous reader writes: Federal investigators temporarily seized a Tor-hidden site known as Playpen in 2015 and operated it for 13 days before shutting it down. The agency then used a “network investigative technique” (NIT) as a way to ensnare site users. However, according to newly unsealed documents recently obtained by the American Civil Liberties Union, the FBI not only temporarily took over one Tor-hidden child pornography website in order to investigate it, the organization was in fact authorized to run a total of 23 other such websites. According to an FBI affidavit among the unsealed documents: "In the normal course of the operation of a web site, a user sends "request data" to the web site in order to access that site. While Websites 1-23 operate at a government facility, such request data associated with a user's actions on Websites 1-23 will be collected. That data collection is not a function of the NIT. Such request data can be paired with data collected by the NIT, however, in order to attempt to identify a particular user and to determine that particular user's actions on Websites 1-23." Security researcher Sarah Jamie Lewis told Ars that “it’s a pretty reasonable assumption” that at one point the FBI was running roughly half of the known child porn sites hosted on Tor-hidden servers. Lewis runs OnionScan, an ongoing bot-driven analysis of the Tor-hidden darknet. Her research began in April 2016, and it shows that as of August 2016, there were 29 unique child porn related sites on Tor-hidden servers. That NIT, which many security experts have dubbed as malware, used a Tor exploit of some kind to force the browser to return the user’s actual IP address, operating system, MAC address, and other data. As part of the operation that took down Playpen, the FBI was then able to identify and arrest the nearly 200 child porn suspects. (However, nearly 1,000 IP addresses were revealed as a result of the NIT’s deployment, which could suggest that even more charges may be filed.)

Submission + - AVTECH Shuns Security Firm and Leaves All Products Vulnerable Without a Patch (softpedia.com)

An anonymous reader writes: AVTECH, a Taiwanese CCTV equipment manufacturer, has failed to respond to Search-Lab, a Hungarian security firm, who spent more than a year trying to inform the company about 14 security bugs affecting the firmware of ALL its products. Almost a year after it first contacted the hardware maker, Search-Lab published a public advisory about the vulnerabilities it discovered, warning sysadmins that their AVTECH products may be in danger of exploitation and remote takeover.

Search-Lab says their researchers is not the only one that spotted these issues. Currently, the term "AVTECH" is the second most popular search term on Shodan, where anyone can find more than 130,000 of these devices available online. Taking into account the recent attacks from IoT botnets, AVTECH is now on the same level of incompetence and indifference as other CCTV hardware makers such as AVer, Dahua, and TVT, all Chinese and Taiwanese companies.

A list of confirmed affected firmware versions is available here, proof of concept exploitation code is available on GitHub, and an exploitation video is available here.

Submission + - "The Internet is Oreos", ISP Claims To FCC (consumerist.com)

Rick Schumann writes:

Ars Technica first spotted the crumbly filing, from small (and much-loathed) provider Mediacom.

Mediacom’s comment is in response to the same proceeding that Netflix commented on earlier this month. However, while Netflix actually addressed data and the ways in which their customers use it, Mediacom went for the more metaphor-driven approach.

The letter literally starts out under the header, “You Have to Pay Extra For Double-Stuffed,” and posits that you, the consumer, are out for a walk with $2 in your pocket when you suddenly develop a ferocious craving for Oreo (®) cookies.

Submitter Rick Schumann adds:

Of course their analogy is highly questionable, since transmitting data over a network doesn't actually consume anything, now does it? You eat the cookie, the cookie is gone, but you transmit data over a network, the network is still there and can transmit data endlessly. Mediacom's assertion that the Internet is like a cookie you eat, is like saying copying a file on your computer somehow diminishes or degrades the original file, which of course is rediculous.


Submission + - Double KO! Capcom's Street Fighter V installs hidden rootkit on PCs (theregister.co.uk)

An anonymous reader writes: A fresh update for Capcom's Street Fighter V for PCs includes a knock-out move: a secret rootkit that gives any installed application kernel-level privileges.

This means any malicious software on the system can poke a dodgy driver installed by SFV to completely take over the Windows machine. Capcom claims it uses the driver to stop players from hacking the high-def beat 'em up to cheat. Unfortunately, the code is so badly designed, it opens up a full-blown local backdoor. Gamers realized something was a little off when the upgrade brought in a new driver and demanded operating-system-grade access to the computer before the game starts. A number of players say they couldn't even get the new version to work at all. A full-blown online meltdown ensued.

Submission + - Fake Hacker Found Guilty Following Gutsy Mitt Romney Extortion Scheme (softpedia.com)

An anonymous reader writes: Michael Mancil Brown, 37, of Franklin, Tennessee, faces up to thirty years in prison, a fine up to $250,000, and orders of restitution to victims, because of a daring stunt he pulled off in 2012 that involved fake hacking, the PricewaterhouseCoopers consulting firm, and US presidential candidate Mitt Romney.

Back in 2012, Brown had the bright idea to write a letter alleging to have hacked PricewaterhouseCoopers (PwC) servers and stolen tax documents prior to 2010 for Mitt Romney and his wife, Ann. The "hacker" asked for $1 million in Bitcoin, and after publishing details about his fake hack online, he almost received it from a "third-party", but not before the FBI arrested him and then uncovered his lie.

Submission + - ISS Completes 100,000th Orbit Of Earth (phys.org)

An anonymous reader writes: The International Space Station, the space laboratory that showcases cooperation between Russia and the United States, on Monday orbited Earth for the 100,000th time, Russian mission control said. Traveling at an altitude of about 250 miles (400 kilometers) and a speed of about 17,500 miles (28,000 kilometers) per hour, the space station circles the Earth once every 90 minutes. The ISS has now travelled 2.6 billion miles "or about the distance of 10 round trips to Mars," NASA said on the station's official Twitter feed. From two modules, it has grown to 15 modules, occupying a space the size of a football pitch and represents around $100 billion in investment. "Such a long lifespan of the ISS proves that mankind has the necessary technologies for constant presence in orbit, that we have the potential for further space exploration," said Matyushin.

Submission + - Highly-Conductive Shark Jelly Could Inspire New Tech (gizmag.com)

An anonymous reader writes: Researchers from UC Santa Cruz, the University of Washington, and the Benaroya Research Institute at Virginia Mason found shark jelly to have the highest proton conductivity ever seen in a biological material. The jelly's conductivity begins to approach that of leading proton-conducting polymers. Tiny organs in the skin of sharks, skates and rays, called the ampullae of Lorenzini, are key to the ability. Scientists believe that the jelly is what has been able to allow these animals to detect weak electric fields produced by their prey, as the organs, which are visible as pores in the skin, are connected to electrosensory cells via long, jelly-filled canals. Marco Rolandi, a co-author on a paper detailing the findings in Science Advances, sees potential use for the "shark jelly" in the development of new or enhanced materials or even the creation of new sensor technology. "The observation of high proton conductivity in the jelly is very exciting," Rolandi said. "We hope that our findings may contribute to future studies of the electrosensing function of the ampullae of Lorenzini and the organ overall, which is itself rather exceptional."

Submission + - Raspberry Pi Zero Gains Camera Support, Keeps $5 Price (engadget.com)

An anonymous reader writes: The Raspberry Pi Zero has received its first major hardware upgrade today: a camera connector. The new addition of a camera connector works well with the two new Sony imaging modules announced last month. The board will retain its $5 price, too. Eben Upton, Raspberry Pi founder, said in a blog post that "through dumb luck, the same fine-pitch FPC connector that we use on the Compute Module Development Kit just fits onto the right hand side of the board." The team was able to close the feature gap between the Zero and larger Pi boards by moving the surface components towards the left, and rotating the activity LEDs. The CSI connector on the Zero is 3.5mm smaller than the adapter on the Pi 3, so you will need to invest in a new cable if you've already invested in a camera module for an existing project.

Submission + - Senate Report On CIA Torture Is One Step Closer To Disappearing (yahoo.com)

An anonymous reader writes: According to Yahoo News, the CIA inspector general's office "mistakenly" destroyed its only copy of a mammoth Senate torture report at the same time lawyers for the Justice Department were assuring a federal judge that copies of the document were being preserved. Agency officials described the deletion of the document to Senate investigators as an "inadvertent" foul-up by the inspector general. "CIA inspector general officials deleted an uploaded computer file with the report and then accidentally destroyed a disk that also contained the document, filled with thousands of secret files about the CIA's use of 'enhanced' interrogation methods," reports Yahoo News. The Senate Intelligence Committee and Justice Department knew about the incident last summer, sources said. However, the destruction of a copy of the sensitive report was never made public, nor was it reported to the federal judge at the time who was overseeing a lawsuit seeking access to the still classified document under the Freedom of Information Act.

Submission + - Iran Arrests Eight For 'Un-Islamic' Instagram Modeling (bbc.com)

An anonymous reader writes: The Tehran cybercrimes court said the country has arrested eight people working for online modeling agencies deemed to be "un-Islamic." The women models were arrested for starring in photos on Instagram and elsewhere without wearing their headscarves, which has been required in public since 1979. A total of 170 people have been identified by investigators for being involved in online modeling, including 59 photographers and make-up artists, 58 models and 51 fashion salon managers and designers. The court's prosecutor Javad Babaei announced the the threats on TV, claiming modeling agencies accounted for about 20 percent of posts on Instagram from Iran and that they had been "making and spreading immoral and un-Islamic culture and promiscuity." He added, "We carried out this plan in 2013 with Facebook, and now Instagram is the focus."

Submission + - The 2015 Nebula Awards

Dave Knott writes: The winners of the 2015 Nebula Awards (presented 2016) have been announced. The Nebulas are voted on by members of the Science Fiction and Fantasy Writers of America and (along with the Hugos) are considered to be one of the two most prestigious awards in science fiction. This year's winners are:

Best Novel: Uprooted , Naomi Novik
Best Novella: Binti , Nnedi Okorafor
Best Novelette: “Our Lady of the Open Road,” Sarah Pinsker
Best Short Story: “Hungry Daughters of Starving Mothers,” Alyssa Wong
Ray Bradbury Award for Outstanding Dramatic Presentation: Mad Max: Fury Road , Written by George Miller, Brendan McCarthy, Nick Lathouris
Andre Norton Award for Young Adult Science Fiction and Fantasy: Updraft , Fran Wilde
Kate Wilhelm Solstice Award: Sir Terry Pratchett
Kevin O'Donnell Jr. Service Award: Lawrence M. Schoen
2016 Damon Knight Grand Master Award: C.J. Cherryh

Submission + - Linux Kernel 4.6 Officially Released

prisoninmate writes: Linus Torvalds announced the final release of the anticipated Linux 4.6 kernel, which, after seven Release Candidate builds introduces features like the OrangeFS distributed file system, support for the USB 3.1 SuperSpeed Plus (SSP) protocol, offering transfer speeds of up to 10Gbps, improvements to the reliability of the Out Of Memory task killer, as well as support for Intel Memory protection keys. Moreover, Linux kernel 4.6 ships with Kernel Connection Multiplexor, a new component designed for accelerating application layer protocols, 802.1AE MAC-level encryption (MACsec) support, online inode checker for the OCFS2 file system, support for the BATMAN V protocol, and support for the pNFS SCSI layout.

Submission + - Three classes of interstellar travel are possible

An anonymous reader writes: The stars call to us through the ages, with each and every one holding the promise of a future for humanity beyond Earth. For generations, this was a mere dream, as our technology allowed us to neither know what worlds might lie beyond our own Solar System or to reach beyond our planet. But time and development has changed both of those things significantly. Now, when we look to the stars, we know that potentially habitable worlds lurk throughout our galaxy, and our spaceflight capabilities can bring us there. But so far, it would only be a very long, lonely, one-way trip. This isn’t necessarily going to be the case forever, though, as physically feasible technology could get humans to another star within a single lifetime, and potentially groundbreaking technology might make the journey almost instantaneous.

Slashdot Top Deals

VMS is like a nightmare about RXS-11M.

Working...