Follow Slashdot stories on Twitter

 



Forgot your password?
typodupeerror
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×

Submission + - Inside the Tech Support Scam Ecosystem

Trailrunner7 writes: A team of three doctoral students, looking for insights into the inner workings of tech support scams, spent eight months collecting data on and studying the tactics and infrastructure of the scammers, using a purpose-built tool. What they uncovered is a complex, technically sophisticated ecosystem supported by malvertising and victimizing people around the world.

The study is the first analysis of its kind on tech support scams, and it’s the work of three PhD candidates at Stony Brook University. The team built a custom tool called RoboVic that performed a “systematic analysis of technical support scam pages: identified their techniques, abused infrastructure, and campaigns”. The tool includes a man-in-the-middle proxy that catalogs requests and responses and also will click on pop-up ads, which are key to many tech-support scams.

In their study, the researchers found that the source for many of these scams were “malvertisements”, advertisements on legitimate websites, particularly using ad-based URL shorteners, that advertised for malicious scams. This gives the scammers an opportunity to strike on what would seem like a relatively safe page. Although victims of these scams can be anywhere, the researchers found that 85.4 percentof the IP addresses in these scams were located across different regions of India, with 9.7 percentlocated in the United States and 4.9 percent in Costa Rica. Scammers typically asked users for an average of $291, with prices ranging from $70 to $1,000.

Submission + - Kimbal Musk's Tech Revolution Starts with Mustard Greens (backchannel.com)

mirandakatz writes: Farmers have always had a tough time—and now they're facing new competition in the form of Brooklyn hipsters, growing crops in high-tech farms at a startup co-founded by Kimbal Musk, sibling to Elon and board member of Tesla and SpaceX. Square Roots is headquartered in Brooklyn's Bedford-Stuyvesant, and is currently made up of 10 shipping container farms, each manned by an individual entrepreneur. At Backchannel, Steven Levy offers a deep look at Square Roots's mission to become "the Amazon of real food" and, in the process, overthrow Big Ag.

Submission + - With this new system, scientists never have to write a grant application again (sciencemag.org)

sciencehabit writes: Almost every scientist agrees: Applying for research funding is a drag. Writing a good proposal can take months, and the chances of getting funded are often slim. Funding agencies, meanwhile, spend more and more time and money reviewing growing stacks of applications.

That’s why two researchers are proposing a radically different system that would do away with applications and reviews; instead scientists would just give each other money. “Self-organized fund allocation” (SOFA), as it’s called, was developed by computer scientist Johan Bollen at Indiana University in Bloomington. When he first published about the idea in 2014, many people were skeptical. But interest appears to be growing, and thanks to the work of an enthusiastic advocate, ecologist Marten Scheffer of Wageningen University in the Netherlands, the Dutch parliament adopted a motion last year asking the country’s main funding agency, the Netherlands Organization for Scientific Research (NWO), to set up a SOFA pilot project.

Submission + - Does space heat up when you accelerate? Physicists to test controversial idea (sciencemag.org)

sciencehabit writes: More than 40 years ago, a leading relativity theorist made a surprising prediction. Whereas empty space should feel immeasurably cold to any observer gliding along at a constant speed, one who is accelerating, say because he's riding a rocket, would find empty space hot. This so-called Unruh effect seemed practically impossible to measure, but now four theorists claim they have devised a doable experiment that could confirm the underlying physics. Skeptics say it will do no such thing—but for contradictory reasons.

"The hope is that this will convince skeptics that the whole thing is coherent," says Stephen Fulling, a theoretical physicist and mathematician at Texas A&M University in College Station who was not involved in the work. But Vladimir Belinski, a theorist at International Network of Centers for Relativistic Astrophysics in Pescara, Italy, says, "The Unruh effect is nonsense, it's based on a mathematical mistake."

Submission + - New theory may explain the 'music of the meteors' (sciencemag.org)

sciencehabit writes: For centuries, some observers have claimed that shooting stars or meteors hiss as they arc through the night sky. And for just as long, skeptics have scoffed on the grounds that sound waves coming from meteors should arrive several minutes after the light waves, which travel nearly a million times faster. Now, scientists have proposed a theory to explain how our eyes and ears could perceive a meteor at nearly the same time. The hypothesis might also explain how auroras produce sound, a claim made by many indigenous peoples living at high latitudes

Submission + - FDA slams St. Jude Medical for ignoring security flaws in medical devices (securityledger.com)

chicksdaddy writes: The U.S. Food and Drug Administration issued a letter of warning to medical device maker Abbott on Wednesday, slamming the company for what it said was a pattern of overlooking security and reliability problems in its implantable medical devices at its St. Jude Medical division and describing a range of the company’s devices as “adulterated,” in violation of the US Federal Food, Drug and Cosmetic Act, the Security Ledger reports. (https://securityledger.com/2017/04/fda-st-judes-knew-about-device-flaws-2-years-before-muddy-waters-report/)

In a damning warning letter (https://www.fda.gov/ICECI/EnforcementActions/WarningLetters/2017/ucm552687.htm), the FDA said that St. Jude Medical knew about serious security flaws in its implantable medical devices as early as 2014, but failed to address them with software updates or by replacing those devices. The government found that St. Jude, time and again, failed to adhere to internal security and product quality guidelines, a lapse that resulted in at least one patient death.

St. Jude Medical, which is now wholly owned by the firm Abbott, learned of serious and exploitable security holes in the company’s “high voltage and peripheral devices” in an April, 2014 “third party assessment” commissioned by the company. But St. Jude “failed to accurately incorporate the findings of that assessment” in subsequent risk assessments for the affected products, including Merlin@home, a home-based wireless transmitter that is used to provide remote care for patients with implanted cardiac devices, the FDA revealed. Among the security flaws: a “hardcoded universal unlock code” for the company’s implantable, high voltage devices.

The report casts doubt on a defamation lawsuit St. Jude filed against the firm MedSec Holdings Ltd over its August, 2016 report that warned of widespread security flaws in St. Jude products, including Merlin@home. The MedSec report on St. Judes technology was released in conjunction with a report by the investment firm Muddy Waters Research, which specializes in taking “short” positions on firms. (https://securityledger.com/2016/08/the-big-short-alleged-security-flaws-fuel-bet-against-st-jude-medical/) At the time, MedSec said that the security of the company’s medical devices and support software was “grossly inadequate compared with other leading manufacturers,” and represents “unnecessary health risks and should receive serious notice among hospitals, regulators, physicians and cardiac patients.” St. Judes has called the MedSec allegations false, but it now appears that the company had heard similar warnings raised by its own third-party security auditor more than a year prior.

Submission + - Shadow Brokers Release New Batch of Files Containing Windows and SWIFT Exploits (bleepingcomputer.com)

An anonymous reader writes: On Good Friday and ahead of the Easter holiday, the Shadow Brokers have dumped a new collection of files, containing what appears to be exploits and hacking tools targeting Microsoft's Windows OS and the SWIFT banking system. The tools were dumped via the Shadow Brokers Twitter account and were accompanied by a blog post, as the group did in the past. This dump contains three folders named Windows, Swift, and Oddjob. The Windows folder contains 23 Windows exploits ranging from SMB to IIS, while the OddJob folder contains an eponymous implant for Windows operating systems. The folder claiming to hold SWIFT exploits also contains Excel files that hint the Equation Group had hacked several banks across the world, mainly in the Middle East. One of these tools was previously linked to the NSA by Snowden.

Submission + - How to upgrade Bash/Windows Subsystem for Linux in Windows 10 Creators Update (betanews.com)

Mark Wilson writes: You can't help but have noticed that Microsoft has started the rollout of Windows 10 Creators Update. After testing with Windows Insiders, the third big update to Windows 10 is finally making its way to the masses. But while Creators Update brings some pretty major changes to Windows 10, Windows Subsystem for Linux is not automatically updated.

The arrival of Bash/Windows Subsystem for Linux (WSL) in Windows 10 Anniversary Update meant Ubuntu 14.04 support, but you can now manually update to gain Ubuntu 16.04 support in Creators Update. Microsoft says you need to perform one of two manual update methods: the recommended option of "Remove & Replace", or "Upgrade In-Place." Here's how to perform the update.

Comment Would you like some toast? (Score 1) 49

"Would you like some toast? Some nice hot crisp brown buttered toast. No? How about a muffin then? Nothing? You know the last time you had toast. 18 days ago, 11.36, Tuesday 3rd, two rounds. I mean, what's the point in buying a toaster with artificial intelligence if you don't like toast. I mean, this is my job. This is cruel, just cruel." I was surprised when I heard that they pushed an advertisement out, and shocked when they tried to defend it. Now they're saying it's not an ad because they didn't get money (note the weaseling) for it? That's Don Draper-esque level hubris.

Submission + - Social media is getting young people drunk (vice.com)

Daniel_Stuckey writes: The Fear of Missing Out (FOMO) phenomenon is part of why people tend to get addicted to social networking and then depressed. And if you're a young, impressionable teenager, it could pressure you into making sure you, too, are happily intoxicated the next time someone snaps a group shot. That's the gist of the latest study to find that social media photos of people drinking and smoking can influence teens into partaking in the same degenerate behavior. The University of Southern California study was published online today in the Journal of Adolescent Health.

Slashdot Top Deals

"Being against torture ought to be sort of a bipartisan thing." -- Karl Lehenbauer

Working...