Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×

Submission + - New documents reveal 7 cases in New York DA's iPhone-unlocking push (dailydot.com)

Patrick O'Neill writes: Manhattan District Attorney Cyrus Vance is one of America's most vocal critics of strong encryption. Testifying before congress, he's criticized Apple and other companies that have helped take strong encryption mainstream. He said on multiple occasions that his office has hundreds of locked phones from criminal cases that contains “evidence believed to be critical stored on the devices." New documents reveal seven cases in the DA's push to legally unlock iPhones, all of which resulted in convictions.

Submission + - California Crypto Backdoor Bill Dies in Assembly

Trailrunner7 writes: A California bill that would require backdoors in phone encryption has died in the state assembly after failing to gain enough support to move out of committee.

The bill, proposed in January, would have required that device manufacturers have the capability of decrypting and unlocking any phone sold in California after Jan. 1, 2017. A similar bill proposed in New York is still making its way through that state’s legislature.

The California bill ran aground in the Committee on Privacy and Consumer Protection, where it did not even go to a vote after failing to get a second from a committee member. Privacy advocates hailed the bill’s defeat as a key win for users and tech vendors.

Submission + - F.B.I. Tried to Defeat Encryption 10 Years Ago, Files Show (nytimes.com)

An anonymous reader writes: In early 2003, F.B.I. agents hit a roadblock in a secret investigation, called Operation Trail Mix. For months, agents had been intercepting phone calls and emails belonging to members of an animal welfare group that was believed to be sabotaging operations of a company that was using animals to test drugs. But encryption software had made the emails unreadable. So investigators tried something new. They persuaded a judge to let them remotely, and secretly, install software on the group’s computers to help get around the encryption. That effort, revealed in newly declassified and released records, shows in new detail how F.B.I. hackers worked to defeat encryption more than a decade before the agency’s recent fight with Apple over access to a locked iPhone. The Trail Mix case was, in some ways, a precursor to the Apple dispute. In both cases, the agents could not decode the data themselves, but found a clever workaround. The Trail Mix records also reveal what is believed to be the first example of the F.B.I. remotely installing surveillance software, known as spyware or malware, as part of a criminal wiretap. “This was the first time that the Department of Justice had ever approved such an intercept of this type,” an F.B.I. agent wrote in a 2005 document summing up the case.

Submission + - FBI couldn't tell Apple what hack it used, even if it wanted to (qz.com)

An anonymous reader writes: The US Federal Bureau of Investigation doesn’t own the technique used to unlock the San Bernardino iPhone, so it can’t reveal the method to Apple even if it wanted to, Reuters reported, citing unnamed White House sources. The Washington Post reported yesterday, citing unnamed sources, that the FBI had paid a hacker a one-time fee to use a piece of hardware that allowed it to access the iPhone 5c belonging to one of the San Bernardino, California assailants. The vendor that supplied the hack is a non-US company, according to Reuters. But according to the Post report, it is not the Israeli firm Cellebrite, which had previously been named. The FBI would require the vendor’s cooperation in order to submit the technique it used to Vulnerabilities Equities Process, a mechanism that allows the government to consider whether it should disclose security flaws to manufacturers. It’s a move that mirrors Apple’s own efforts to create security systems on its phones that even it wouldn’t be able to crack, meaning it can’t comply with a government order to hand over user data even if it wanted to.

Submission + - Brazil passes law to use phosphoethanolamine as cancer cure (senado.leg.br)

Flavianoep writes: Brazilian president Dilma Rousseff has signed into law a proposition that allows the prescription of synthetic phosphoethanolamine as cancer treatment (original source here (Portuguese); machine translation here. Despite the lack of enough studies to assess the efficacy and safety of such a drug, since last year a series of court decisions granted, while some denied, access to it to terminally ill cancer patients. The drug is not registered within Anvisa (the Brazilian FDA counterpart) and specialists oppose its use without further studies. The proposition had been approved by both houses of Brazilian Congress before being submitted to Rousseff's signature, but among a political crisis, in which she is trying to keep her seat, it was unlikely that she would veto it.

Submission + - Flexible Sheet Camera Bends to Give a New Field of View (gizmag.com)

Zothecula writes: Researchers have developed a sheet camera with a flexible lens array which could be wrapped around everyday objects, turning them into cameras. The project, which uses elastic optics, could also see the development of credit card-thin cameras which a photographer simply bends to change the field of view.

Submission + - Optional Windows Update Aims To Halt Wireless Mouse Hijacking

itwbennett writes: An optional Windows patch released Tuesday protects against an attack, dubbed MouseJack, that affects wireless mice and keyboards from many manufacturers, including Microsoft and allows attackers to spoof a wireless mouse from up to 100 meters away and send rogue keystrokes instead of clicks to a computer. According to a Microsoft security advisory, the devices affected by this attack are: Sculpt Ergonomic mouse, Sculpt Mobile Mouse, Wireless Mobile Mouse 3000 v2.0, Wireless Mobile Mouse 3500, Wireless Mobile Mouse 4000, Wireless Mouse 1000, Wireless Mouse 2000, Wireless Mouse 5000 and Arc Touch Mouse. But Marc Newlin, one of the researchers who developed the attack said on Twitter that the patch doesn't go far enough and 'injection still works against MS Sculpt Ergonomic Mouse and non-MS mice.'

Submission + - iOS 1970 Bug Is Back, Can Be Exploited via Rogue WiFi Networks (softpedia.com)

An anonymous reader writes: Back in February iOS users noted that setting your phone/tablet's date to January 1, 1970 would permanently brick their devices. After Apple fixed the issue in iOS 9.3.1, two security researchers have now uploaded a video on YouTube showing how to exploit this bug from a remote location, with no access to the user's phone. The setup involves attackers putting up a WiFi network on which they're running a rogue NTP server. This server tells iOS devices syncing their time that it's December 31, 1969, 23:59:00. Twenty minutes later, if the battery didn't catch fire (which is possible with this new exploit), the iPad or iPhone device is permanently and irreversibly bricked.

Submission + - London police still to decide on iPad plans 12 months after £6m pilot ende (google.co.uk)

DW100 writes: The London Police service has not made any decision on whether to rollout between 15,000-20,000 iPads to frontline officers over a year after a £6m trial that deployed 641 devices to frontline officer. The force had hoped the tablets would become a key part of its crime fighting arsenal, but issues of portability and battery life have put the plans on the back-burner.

Submission + - A Pinch of Graphene Could Keep Airplane Wings Ice-Free (gizmag.com)

Zothecula writes: Both airplane wings and helicopter rotor blades are subject to one problem – they can both ice up. Although de-icing solutions can be applied when aircraft are on the ground, that doesn't stop ice from eventually forming once they're in the air. That's why scientists at Texas' Rice University have developed a new graphene-based coating that continuously melts ice by conducting an electrical current.

Submission + - Crowd funding For Begslist (amazines.com)

An anonymous reader writes: Since 2007, Begslist has tried to keep the reputation of establishing itself as free cyber begging website, Just as the term suggests, Crowd funding is basically a way used to raise money by simply asking a multitude of people to each chip in a small amount of money towards a given cause/project such as disaster management. As such, the downside to this kind of funding include fraudulence with the aim of fleecing an unsuspecting public, exhaustion of potential contributors and the issue of one's idea being plagiarized For Fundraising websites.

Submission + - Fatal statistical flaw in premiss renders ACLU racial profiling report invalid (aclu.org) 1

ranavir writes: According to ACLU and their sources in the newly released report on racial profiling in Florida's seatbelt enforcement, the seatbelt use rate is 91.5% among whites, and 85.8% among blacks. ACLU concludes racial profiling by Florida police, and is outraged that blacks get fined 1.9x more often, which is by far not explained by the difference in seatbelt use rate, which they consider negligible. The report further claims that "For differences in seatbelt use to explain the statistically significant racial disparities in citation rates documented by this report, Black people in Florida would have to wear seatbelts at a rate nearly forty-five percentage points lower than white people." This is mathematically false, because they mistake and substitute seatbelt-use rate ratio for not-wearing seatbelt ratio. (According to their numbers, the offense rate among blacks is currently rounded to 1.7x higher, 14.2% vs 8.5%, which is responsible for majority of the extra citations, whereas if blacks wore seatbelts 45pp less often than whites, the offense ratio would be 6.3x higher — 53.5% vs. 8.5%) Such a major flaw in the premiss unfortunately renders the report and its conclusions invalid.

Submission + - How your WiFi Password could be stolen through your IoT Doorbell

goatt writes: A flaw in the IoT doorbell, Ring, was revealed recently that allows a visitor to steal your home WiFi password from your doorstep, without ringing the bell & without leaving traces of an attack

Although the announcement was made a few weeks back, another post recently revealed that the flaw was in fact disclosed to Ring in March last year but wasn't fixed by the vendor

Here you can see how your WiFi password could be stolen using only a screwdriver, a pin and a mobile phone

Yet another bad day for IoT Security

Submission + - Data Breaches In 2015: Plenty Of Them, But Not Record-Breaking (csoonline.com)

itwbennett writes: 2015 fell just two short of tying 2014's record 783 data breaches, according to a report released by the Identity Theft Resource Center. The Anthem breach in February 2015, in which 78.8 million records were compromised was by far the biggest of the year. The Office of Personnel Management breaches in April and May together affected 25.7 million records.

Slashdot Top Deals

!07/11 PDP a ni deppart m'I !pleH

Working...