Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Security

Submission + - In search of Mitt Romney's stance on cybersecurity (networkworld.com)

colinneagle writes: After poking around the web for several days, I’m still unclear what Mitt Romney's position is on cybersecurity, so allow me to speculate based upon what I did discover.

It’s likely that candidate Romney would default to the Republican platform created at the recent convention. There isn’t much substance in this platform but there is a fair amount of condemnation. For example, the Republicans call Mr. Obama’s cybersecurity strategy, “costly and heavy handed,” and say that it will “increase the cost and size of the federal bureaucracy and harm innovation in cybersecurity.” It also claims that the President’s approach has been “overly reliant on developing defensive capabilities,” and that there is no “active deterrence protocol.”

Okay, so I get the politics here – criticize the other guy in a way that fits your agenda. Thus it’s not surprising that the Republicans play the costly big government card when reviewing the President’s cybersecurity approach. Aside from this point, the Republican platforms seems like it was crafted by people who really don’t understand the issues here. “Harm innovation in cybersecurity?” How? By cooperating on best practices? By funding NSF grants and increasing investment in information assurance education programs?

And what about the statement that the President’s position is “overly reliant of developing defensive capabilities,” and that there is “no deterrence protocol.” What the heck does that mean? Have these guys looked at their own NIST-800 best practices on risk management which are heavily weighted to defensive capabilities? Have they seen what the regulatory-averse credit card industry demands for defensive capabilities with PCI DSS? And what should we do in terms of deterrence? Bomb data centers if we discover an attack coming from a hosted server?

Piracy

Submission + - Cloud Firm MediaFire Flags Malware Samples For DMCA Violation, Bans Researcher (sophos.com)

chicksdaddy writes: "A malicious software researcher finds herself in company with First Lady Michelle Obama and science fiction author Neil Gaiman: booted from the Web by hard-headed copyright protection algorithms, according to the Naked Security blog.

Mila Parkour, a researcher who operates the Contagio malware blog, said on Thursday that she was kicked off the cloud based hosting service Mediafire, after three files she hosted there were flagged for copyright violations and ordered removed under the terms of the Digital Millennium Copyright Act (DMCA). The files included two compressed and encrypted malicious PDF files linked to Contagio blog posts from 2010.

The firm responsible for filing the DMCA take down notice was Paris-based LeakID, which describes itself as a "digital agency ...founded by experts from the world of radio, television and Internet." LeakID markets "Leaksearch," an "ownership tool that will alert you within seconds if your content...is being pirated."

According to Parkour, Mediafire received a notice from LeakID claiming that it was "acting on behalf of the copyright owners," though the owners and presumed copyrighted content weren't named. Mediafire demurred, noting that under the DMCA, organizations that receive notices of copyright infringement must prevent the file from being shared, regardless of the legitimacy of the complaint.

In a conversation with Naked Security, Parkour said that she doubts the malicious PDF contain any copyright violations. LeakID seems to have a business model to "scout the web for all they find and then offer it for sale to copyright owners... there is no explanation of WHY and HOW they decided it was copyrighted," she wrote."

Google

Submission + - Legal fight over access to cell phone passwords (wsj.com)

dstates writes: The Wall Street Journal reports that Google is in a legal fight with the FBI over access to passwords that will unlock the data on a cell phone. Earlier this year Google refused to unlock an alleged pimp's Android cellphone even after the Federal Bureau of Investigation obtained a search warrant. The problem is that the FBI may have a warrant for a very specific piece of information, but once they have unrestricted access to a person's smartphone, they have access to information about vast swaths of the individual's life. Apple has taken a different strategy burning a unique encryption key into the silicon of each iPhone which neither Apple nor its suppliers retain. As a result, once someone makes 10 unsuccessful unlock attempts on an iPhone, the data is irretrievably gone.

Submission + - The Motivated Rejection of Science (guardian.co.uk)

Layzej writes: New research to be published in a forthcoming issue of Psychological Science has found that that those who subscribed to one or more conspiracy theories or who strongly supported a free market economy were more likely to reject the findings from climate science as well as other sciences. The researchers, led by UWA School of Psychology Professor Stephan Lewandowsky, found that free-market ideology was an overwhelmingly strong determinant of the rejection of climate science. It also predicted the rejection of the link between tobacco and lung cancer and between HIV and AIDS. Conspiratorial thinking was a lesser but still significant determinant of the rejection of all scientific propositions examined, from climate to lung cancer. Curiously, public response to the paper has provided a perfect real-life illustration of the very cognitive processes at the center of the research.
Programming

Submission + - How Would You Fix the Linux Desktop? (itworld.com) 2

itwbennett writes: "Slashdot readers are familiar with the Torvalds/de Icaza slugfest over 'the lack of development in Linux desktop initiatives.' The problem with the Linux desktop boils down to this: We need more apps, and that means making it easier for developers to build them, says Brian Proffitt. 'It's easy to point at solutions like the Linux Standard Base, but that dog won't hunt, possibly because it's not in the commercial vendors' interests to create true cross-distro compatibility. United Linux or a similar consortium probably won't work, for the same reasons,' says Proffitt. So, we put it to the Slashdot community: How would you fix the Linux desktop?"
Privacy

Submission + - Sir Tim Berners-Lee accuses UK government of "Draconian Internet Snooping" (telegraph.co.uk)

An anonymous reader writes: According to British daily The Telegraph, Sir Tim Berners-Lee has warned that plans to monitor individuals' use of the internet would result in Britain losing its reputation as an upholder of web freedom. The plans, by Home Secretary Theresa May, would force British ISPs and other service providers to keep records of every phone call, email and website visit in Britain. Sir Tim has told the Times: "In Britain, like in the US, there has been a series of Bills that would give government very strong powers to, for example, collect data. I am worried about that." Sir Tim has also warned that the UK may wind up slipping down the list of countries with the most Internet freedom, if the proposed data-snooping laws pass parliament. The draft bill extends the type of data that internet service providers must store for at least 12 months. Providers would also be required to keep details of a much wider set of data, including use of social network sites, webmail and voice calls over the internet.

Slashdot Top Deals

Why do we want intelligent terminals when there are so many stupid users?

Working...