Follow Slashdot blog updates by subscribing to our blog RSS feed


Forgot your password?
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Someone Is Learning How To Take Down the Internet, Warns Bruce Schneier ( 237

Some of the major companies that provide the basic infrastructure that makes the internet work have seen an increase in DDoS attacks against them, says Bruce Schneier. He adds that these attacks are of much larger scale -- including the duration -- than the ones we have seen previously. These attacks, he adds, are also designed to test what all defense measures a company has got -- and they ensure that the company uses every they have got, leaving them with no choice but to demonstrate their defense capabilities to the attacker. He hasn't specifically shared details about the organizations that are under attack, but what little he has elaborated should give us a chill. From his blog post: [...] This all is consistent with what Verisign is reporting. Verisign is the registrar for many popular top-level Internet domains, like .com and .net. If it goes down, there's a global blackout of all websites and e-mail addresses in the most common top-level domains. Every quarter, Verisign publishes (PDF) a DDoS trends report. While its publication doesn't have the level of detail I heard from the companies I spoke with, the trends are the same: "in Q2 2016, attacks continued to become more frequent, persistent, and complex." There's more. One company told me about a variety of probing attacks in addition to the DDoS attacks: testing the ability to manipulate internet addresses and routes, seeing how long it takes the defenders to respond, and so on. Someone is extensively testing the core defensive capabilities of the companies that provide critical Internet services. Who would do this? It doesn't seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It's not normal for companies to do that. Furthermore, the size and scale of these probes -- and especially their persistence -- points to state actors. It feels like a nation's military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US's Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities.

Ray Kurzeil's Google Team Is Building Intelligent Chatbots ( 98

An anonymous reader quotes an article from The Verge. Inventor Ray Kurzweil made his name as a pioneer in technology that helped machines understand human language, both written and spoken. In a video from a recent Singularity conference Kurzweil says he and his team at Google are building a chatbot, and that it will be released sometime later this year... "My team, among other things, is working on chatbots. We expect to release some chatbots you can talk to later this year."

One of the bots will be named Danielle, and according to Kurzweil, it will draw on dialog from a character named Danielle, who appears in a novel he wrote -- a book titled, what else, Danielle... He said that anyone will be able to create their own unique chatbot by feeding it a large sample of your writing, for example by letting it ingest your blog. This would allow the bot to adopt your "style, personality, and ideas."

Kurzweil also predicted that we won't see AIs with full "human-level" language abilities until 2029, "But you'll be able to have interesting conversations before that."

Don't Use Google Allo ( 127

At its developer conference on Wednesday, Google announced Allo, a chatbot-enabled messaging app. The app offers a range of interesting features such as the ability to quickly doodle on an image and get prompt responses. Additionally, it is the "first Google" product to offer end-to-end encryption, though that is not turned on by default. If you're concerned about privacy, you will probably still want to avoid Allo, says the publication. From the report: Allo's big innovation is "Google Assistant," a Siri competitor that will give personalized suggestions and answers to your questions on Allo as well as on the newly announced Google Home, which is a competitor to Amazon's Echo. On Allo, Google Assistant will learn how you talk to certain friends and offer suggested replies to make responding easier. Let that sink in for a moment: The selling point of this app is that Google will read your messages, for your convenience. Google would be insane to not offer some version of end-to-end encryption in a chat app in 2016, when all of its biggest competitors have it enabled by default. Allo uses the Signal Protocol for its encryption, which is good. But as with all other Google products, Allo will work much better if you let Google into your life. Google is banking on the idea that you won't want to enable Incognito Mode, and thus won't enable encryption.Edward Snowden also chimed in on the matter. He said, "Google's decision to disable end-to-end encryption by default in its new Allo chat app is dangerous, and makes it unsafe. Avoid it for now."

This Unusual Botnet Targets Scientists, Engineers, and Academics ( 67

schwit1 quotes a report from ZDNet: A botnet and cyberattack campaign is infecting victims across the globe and appears to be tracking the actions of specially selected targets in sectors ranging from government to engineering. Researchers from Forcepoint Security Labs have warned that the campaign it has dubbed 'Jaku' -- after a planet in the Star Wars universe because of references to the sci-fi saga in the malware code -- is different to and more sophisticated than many botnet campaigns. Rather than indiscriminately infecting victims, this campaign is capable of performing "a separate, highly targeted operation" used to monitor members of international non-governmental organizations, engineering companies, academics, scientists and government employees, the researchers said. The findings are set out in Forcepoint's report on Jaku, which outlines how of the estimated 19,000 unique victims, 42 percent are in South Korea and a further 31 percent in Japan. Both are countries and neighbors of North Korea. A further nine percent of Jaku victims are in China, six percent in the US, with the remainder spread across 130 other countries.

Within 6 Years, Most Vehicles Will Allow OTA Software Updates ( 199

Lucas123 writes: By 2022, using a thumb drive or taking your vehicle to the location you bought it for a software update will seem as strange as it would be for a smartphone or laptop today. By 2022, there will be 203 million vehicles on the road that can receive software over-the-air (SOTA) upgrades; among those vehicles, at least 22 million will also be able to get firmware upgrades, according to a new report by ABI Research. Today, there are about 253 million cars and trucks on the road, according to IHS Automotive. The main reasons automakers are moving quickly to enable OTA upgrades: recall costs, autonomous driving and security risks based on software complexities, according to Susan Beardslee, a senior analyst at ABI Research. "It is a welcome transformation, as OTA is the only way to accomplish secure management of all of a connected car's software in a seamless, comprehensive, and fully integrated manner," Beardslee said.

German Parliament May Need To Replace All Hardware and Software To Stop Malware 189

jfruh writes: Trojan spyware has been running on computers in the German parliament for over four weeks, sending data to an unknown destination; and despite best efforts, nobody's been able to remove it. The German government is seriously considering replacing all hardware and software to get rid of it. From the ITWorld article: "After the attack, part of the parliament’s traffic was routed over the federal government’s more secure data network by the Federal Office For Information Security, Der Spiegel reported. Some Germans suspect that the Russian foreign intelligence service SVR is behind the attack. On Thursday, the parliament will discuss how to address the situation."

"Hello Barbie" Listens To Children Via Cloud 163

jones_supa writes For a long time we have had toys that talk back to their owners, but a new "smart" Barbie doll's eavesdropping and data-gathering functions have privacy advocates crying foul. Toymaker Mattel bills Hello Barbie as the world's first "interactive doll" due to its ability to record children's playtime conversations and respond to them, once the audio is transmitted over WiFi to a cloud server. In a demo video, a Mattel presenter at the 2015 Toy Fair in New York says the new doll fulfills the top request that Mattel receives from girls: to have a two-way dialogue. "They want to have a conversation with Barbie," she said, adding that the new toy will be "the very first fashion doll that has continuous learning, so that she can have a unique relationship with each girl." Susan Linn, the executive director of Campaign for a Commercial-Free Childhood, has written a statement in which she says how the product is seriously creepy and creates a host of dangers for children and families. She asks people to join her in a petition under the proposal of Mattel discontinuing the toy.
The Military

US May Sell Armed Drones 131

An anonymous reader writes: Nations allied with the United States may soon be able to purchase armed, unmanned aircraft, according to an updated U.S. arms policy. Purchase requests will be evaluated on a case-by-case basis, and foreign military bodies would have to agree to a set of "proper use" rules in order for the U.S. to go ahead with the sale. For example: "Armed and other advanced UAS are to be used in operations involving the use of force only when there is a lawful basis for use of force under international law, such as national self-defense." These rules have done nothing to silence critics of the plan, who point out that the U.S. has killed civilians during remote strikes without much accountability. The drones are estimated to cost $10-15 million apiece.
Data Storage

Former NATO Nuclear Bunker Now an 'Airless' Unmanned Data Center 148

An anonymous reader writes A German company has converted a 1960s nuclear bunker 100 miles from network hub Frankfurt into a state-of-the-art underground data center with very few operators and very little oxygen. IT Vision Technology (ITVT) CEO Jochen Klipfel says: 'We developed a solution that reduces the oxygen content in the air, so that even matches go outIt took us two years'. ITVT have the European Air Force among its customers, so security is an even higher priority than in the average DC build; the refurbished bunker has walls 11 feet thick and the central complex is buried twenty feet under the earth.

An Open Letter To Everyone Tricked Into Fearing AI 227

malachiorion writes If you're into robots, AI, you've probably read about the open letter on AI safety. But do you realize how blatantly the media is misinterpreting its purpose, and its message? I spoke to the organization that released letter, and to one of the AI researchers who contributed to it. As is often the case with AI, tech reporters are getting this one wrong on purpose. Here's my analysis for Popular Science. Or, for the TL;DR crowd: "Forget about the risk that machines pose to us in the decades ahead. The more pertinent question, in 2015, is whether anyone is going to protect mankind from its willfully ignorant journalists."
The Military

How the Pentagon's Robots Would Automate War 117

rossgneumann writes: Pentagon officials are worried that the U.S. military is losing its edge compared to competitors like China, and are willing to explore almost anything to stay on top—including creating robots capable of becoming fighting machines. A 72-page document throws detailed light on the far-reaching implications of the Pentagon's plan to monopolize imminent "transformational advances" in biotechnology, robotics and artificial intelligence, information technology, nanotechnology, and energy.

NVIDIA Begins Requiring Signed GPU Firmware Images 192

An anonymous reader writes: In a blow to those working on open-source drivers, soft-mods for enhancing graphics cards, and the Chinese knock-offs of graphics cards, NVIDIA has begun signing and validating GPU firmware images. With the latest-generation Maxwell GPUs, not all engine functionality is being exposed unless the hardware detects the firmware image was signed by NVIDIA. This is a setback to the open-source Nouveau Linux graphics driver but they're working towards a solution where NVIDIA can provide signed, closed-source firmware images to the driver project for redistribution. Initially the lack of a signed firmware image will prevent some thermal-related bits from being programmed but with future hardware the list of requirements is expected to rise.

Google Testing Drone Delivery System: 'Project Wing' 52

rtoz writes: Google's research division, Google X, is developing a fleet of drones to deliver goods. This drone delivery system is called "Project Wing," and Google X has been developing it in secret for the past two years. During a recent test in Australia, drones successfully delivered a first aid kit, candy bars, dog treats, and water to a couple of Australian farmers. The self-flying vehicle uses four electrically-driven propellers to get around, and it has a wingspan of about five feet. It weighs just under 19 pounds and can take off and land without a runway. Google's long-term goal is to develop drones that could be used for disaster relief by delivering aid to isolated areas.

IBM Opens Up Its Watson Supercomputer To Researchers 28

An anonymous reader writes IBM has announced the "Watson Discovery Advisor" a cloud-based tool that will let researchers comb through massive troves of data, looking for insights and connections. The company says it's a major expansion in capabilities for the Watson Group, which IBM seeded with a $1 billion investment. "Scientific discovery takes us to a different level as a learning system," said Steve Gold, vice president of the Watson Group. "Watson can provide insights into the information independent of the question. The ability to connect the dots opens up a new world of possibilities."

Securing the US Electrical Grid 117

An anonymous reader writes The Center for the Study of the Presidency & Congress (CSPC) launched a project to bring together representatives from the Executive Branch, Congress, and the private sector to discuss how to better secure the U.S. electric grid from the threats of cyberattack, physical attack, electromagnetic pulse, and inclement weather. In this interview with Help Net Security, Dan Mahaffee, the Director of Policy at CSPC, discusses critical security challenges.

Slashdot Top Deals

Porsche: there simply is no substitute. -- Risky Business