_AustinPowell - Slashdot User

Submission + - Leaky Database Leaves Oklahoma Police, Bank Vulnerable To Intruders

Submitted by blottsie on Tuesday July 12, 2016 @01:51PM

blottsie writes: A leaky database has exposed the physical security of multiple Oklahoma Department of Public Safety facilities and at least one Oklahoma bank.

The vulnerability—which has reportedly been fixed—was revealed on Tuesday by Chris Vickery, a MacKeeper security researcher who this year has revealed numerous data breaches affecting millions of Americans.

The misconfigured database, which was managed by a company called Automation Integrated, was exposed for at least a week, according to Vickery, who said he spoke to the company’s vice president on Saturday. Reached on Tuesday, however, an Automation Integrated employee said “no one” in the office was aware of the problem.

Submission + - 154 Million Voter Records Exposed Due To Database Error

Submitted by blottsie on Wednesday June 22, 2016 @03:14PM

blottsie writes: Chris Vickery, a security researcher at MacKeeper, has uncovered a new voter database, containing 154 million voter records, exposed as a result of a CouchDB installation error. The database includes names, address, Facebook profile URLs, gun ownership, and more.

Submission + - Jacob Appelbaum Allegedly Intimidated Victims Into Silence and Anonymity

Submitted by blottsie on Tuesday June 07, 2016 @03:47PM

blottsie writes: In the wake of programmer Jacob Appelbaum’s abrupt departure from the Tor Project, rumors and accusations about both sexual misconduct and bullying have surfaced that extend back years.

Now, four witnesses—including a current senior Tor employee—are stepping forward into the public eye, adding valuable insight into how Appelbaum allegedly intimidated those around him to keep accusations of sexual misconduct secret and pressure those who are speaking out to remain anonymous.

Submission + - FBI Raids Dental Software Researcher Who Found Patient Records On Public Server

Submitted by blottsie on Friday May 27, 2016 @09:45AM

blottsie writes: Yet another security researcher is facing possible prosecution under the CFAA for accessing data on a publicly accessible server. The FBI on Tuesday raided Texas-based dental software security researcher Justin Shafer, who found the protected health records of 22,000 patients stored on an anonymous FTP.

“This is a troubling development. I hope the government doesn't think that accessing unsecured files on a public FTP server counts as an unauthorized access under the CFAA,” Orin Kerr, a George Washington University law professor and CFAA scholar told the Daily Dot. “If that turns out to be the government's theory—which we don't know yet, as we only have the warrant so far—it will be a significant overreach that raises the same issues as were briefed but not resolved in [Andrew 'weev' Auernheimer's] case. I'll be watching this closely.”

Submission + - It's Trivially Easy To Identify You Based On Records Of Your Calls And Texts

Submitted by erier2003 on Tuesday May 17, 2016 @02:13PM

erier2003 writes: Contrary to the claims of America's top spies, the details of your phone calls and text messages—including when they took place and whom they involved—are no less revealing than the actual contents of those communications.

In a study published online Monday in the journal Proceedings of the National Academy of Sciences, Stanford University researchers demonstrated how they used publicly available sources—like Google searches and the paid background-check service Intelius—to identify "the overwhelming majority" of their 823 volunteers based only on their anonymized call and SMS metadata.

Submission + - The company that poached the FBI's entire Silk Road investigation team (dailydot.com)

Submitted by Patrick O'Neill on Thursday May 05, 2016 @10:52AM

Patrick O'Neill writes: The FBI team that brought down Silk Road has a new home. After headline-grabbing investigations, arrests, and prosecutions on some of America's highest-profile cybercriminals, five of U.S. law enforcement’s most prized cybercrime aces have all left government service for greener pastures—a titan consulting firm called Berkeley Research Group (BRG).

BRG's newly hired gang of five includes former federal prosecutor Thomas Brown, as well as former FBI agents Christopher Tarbell, Thomas Kiernan, and Ilhwan Yum—names that punctuated many of the biggest cybercrime stories of the last decade including Silk Road, LulzSec, Liberty Reserve, as well as the hacks of Citibank, PNC Bank, Société Générale, and more.

Submission + - Top Security Experts Say Anti-Encryption Bill Authors Are 'Woefully Ignorant'

Submitted by blottsie on Thursday April 28, 2016 @01:33PM

blottsie writes: In a Wall Street Journal editorial titled "Encryption Without Tears," Sens. Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.) pushed back on widespread condemnation of their Compliance with Court Orders Act, which would require tech companies to provide authorities with user data in an "intelligible" format if served with a warrant.

But security experts Bruce Schneir, Matthew Green, and others say the lawmakers entirely misunderstand the issue. "On a weekly basis we see gigabytes of that information dumped to the Internet," Green told the Daily Dot. "This is the whole problem that encryption is intended to solve." He added: "You can't hold out the current flaws in the Internet as a justification for why the Internet shouldn't be made secure."

Submission + - Former Tor developer created malware to hack Tor users for the FBI (dailydot.com)

Submitted by Patrick O'Neill on Wednesday April 27, 2016 @04:35PM

Patrick O'Neill writes: Matt Edman is a cybersecurity expert who worked as a part-time employee at Tor Project, the nonprofit that builds Tor software and maintains the network, almost a decade ago. Since then, he's developed potent malware used by law enforcement to unmask Tor users. It's been wielded in multiple investigations by federal law-enforcement and U.S. intelligence agencies in several high-profile cases.

Submission + - 'Crypto Wars' Timeline: A Complete History Of The New Encryption Debate

Submitted by blottsie on Tuesday April 26, 2016 @03:46PM

blottsie writes: The latest debate over encryption did not begin with a court order demanding Apple help the FBI unlock a dead terrorist's iPhone. The new "Crypto Wars," chronicled in an comprehensive timeline by Eric Geller of the Daily Dot, dates back to at least 2003, with the introduction of "Patriot Act II." The battle over privacy and personal security versus crime-fighting and national security has, however, become a mainstream debate in recent months.

Submission + - Why Are Apple's Competitors Staying Silent On The iPhone Unlocking Fight?

Submitted by erier2003 on Friday February 19, 2016 @05:18PM

erier2003 writes: A court order forcing Apple to help the FBI access a terrorism suspect's iPhone has drawn responses from leading tech companies, newspaper editorial boards, and security experts. But one major faction is staying largely silent: the computer and smartphone manufacturers who compete with Apple for business and could be subject to similar orders in the future if the company loses its high-profile case.

Silicon Valley software firms have universally backed Apple in its fight against the Justice Department, which won a ruling Tuesday from a California magistrate judge compelling Apple to design custom software to bypass security features on an iPhone used by one of the San Bernardino shooters. But Apple's hardware competitors are staying on the sidelines.

Submission + - The Widely Reported ISIS Encrypted Messaging App Is Not Real

Submitted by blottsie on Wednesday January 27, 2016 @02:01PM

blottsie writes: Despite widespread reports to the contrary, an app created for Islamic State militants to send private encrypted messages does not exist, a week-long Daily Dot investigation found.

All of the media articles on the Alrawi app showed screenshots of a different app entirely, one that is a glorified RSS reader with a totally different name. The Defense One journalist who first reported on GSG's claims about the app told the Daily Dot that he hadn't seen any version of Alrawi at all, and the subsequent reports on the app largely relied on Defense One's reporting. The Daily Dot was the first media outlet to receive, on Jan. 18, what GSG claimed was the Alrawi encryption app.

The app, called “Alrawi.apk,” contained no ability to send or encrypt messages. It was created using MIT's App Inventor, a plug-and-play tool meant primarily for children.

Submission + - How To Destroy An American Family

Submitted by blottsie on Tuesday November 24, 2015 @07:25AM

blottsie writes: Since 2010, the Straters have been under assault from an online campaign of ever-increasing harassment—prank deliveries, smear attacks, high-profile hacks, and threats of violence against schools and law enforcement officials in their name—and it’s slowly torn them apart. Masterminding it all is a teenage Lizard Squad hacker from Finland, at war with their son, Blair, over a seemingly minor dispute spun completely out of control.

Submission + - The Global Struggle To Prevent Cyberwar

Submitted by blottsie on Wednesday September 30, 2015 @08:46AM

blottsie writes: What constitutes war in the 21st century? In an age of almost constant cyberattacks against major corporations and world governments, the consensus among international-law experts is clear: Nobody knows. This sweeping Daily Dot investigation explores the ongoing struggle to define “cyberwar,” the increasing geopolitical aggression in cyberspace, and the major players now attempting to write the rules of online battlefields before it’s too late.

Submission + - AT&T patents system to 'fast-lane' BitTorrent traffic (thestack.com) 1

Submitted by Anonymous Coward on Thursday February 19, 2015 @10:11AM

An anonymous reader writes: Telecom giant AT&T has been awarded a patent for speeding up BitTorrent and other peer-to-peer traffic, and reducing the impact that these transactions have on the speed of its network. Unauthorized file-sharing generates thousands of petabytes of downloads every month, sparking considerable concern among the ISP community due to its detrimental effect on network speeds. AT&T and its Intellectual Property team has targeted the issue in a positive manner, and has appealed for the new patent to create a ‘fast lane’ for BitTorrent and other file-sharing traffic. As well as developing systems around the caching of local files, the ISP has proposed analyzing BitTorrent traffic to connect high-impact clients to peers who use fewer resources.

Submission + - Darkleaks: An Online Black Market For Selling Secrets

Submitted by Anonymous Coward on Thursday February 19, 2015 @09:38AM

An anonymous reader writes: Whistleblowers and those individuals that are simply out to make a buck out of any confidential and valuable information, can now offer it for sale on Darkleaks, a decentralized, anonymous black market on the Internet. The Darkleaks project is built on top of the Bitcoin blockchain, and can be used by downloading this software package (source code is open).

Slashdot Top Deals