Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - New Ransomware offers the decryption keys if you infect your friends (bleepingcomputer.com)

Gumbercules!! writes: Yesterday, a new in-development ransomware was discovered by MalwareHunterTeam called Popcorn Time (unrelated to the streaming service of the same name) that intends to give victim's a very unusual, and criminal, way of getting a free decryption key for their files. With Popcorn Time, not only can a victim pay a ransom to get their files back, but they can also try to infect two other people and have them pay the ransom in order to get a free key. Infected victims are given a "referral code" and if two people are infected by that code and pay up — the original victim is given their decryption key (potentially).

Submission + - SPAM: Non-Secure, Backdoored IoT Devices Could Become Powerful Weapons For Rival Natio

JohnSmith2016 writes: The Institute for Critical Infrastructure Technology (ICIT), a cybersecurity think tank, published a new paper in which it argued that future IoT devices need to be secure-by-design and that there should be some regulation setting minimum security standards, too. Failing that, the group warned that non-secure IoT devices or devices that have backdoors could be transformed into powerful weapons that rival nations could wield against each other. .Mirai, The Beginning Of Massive DDoS Attacks
Link to Original Source

Submission + - Aristotle on Trolling

Max Hyre writes: from the how'd-he-find-out-about-that? dept.

A newly-discovered (and translated) papyrus holds Aristotle's analysis of trolling , and exactly on point it is, too. Though hardly suprising for an expert on excellence.

Abstract That trolling is a shameful thing, and that no one of sense would accept to be called 'troll', all are agreed; but what trolling is, and how many its species are, and whether there is an excellence of the troll, is unclear. [....]

Submission + - SPAM: 1 Patient, 7 Tumors and 100 Billion Cells Equal 1 Striking Recovery

schwit1 writes: The remarkable recovery of a woman with advanced colon cancer, after treatment with cells from her own immune system, may lead to new options for thousands of other patients with colon or pancreatic cancer, researchers are reporting. Her treatment was the first to successfully target a common cancer mutation that scientists have tried to attack for decades. Until now, that mutation has been bulletproof, so resistant to every attempt at treatment that scientists have described it as ‘undruggable.'
Link to Original Source

Submission + - Healthier blueberries, thanks to a blast of purple plasma (sciencemag.org)

sciencehabit writes: Raw blueberries, bursting with vitamins and antioxidants, can also harbor the gut-ravaging human norovirus—a leading cause of foodborne illness from fresh produce. Now, scientists think they have found a way to sterilize blueberries without damaging the delicate fruit’s taste or texture: bathing them in purple plumes of plasma—a gas of ions made from just air and electricity. Plasma has an advantage over other sterilizing technologies like ultraviolet radiation, because the ionized gas can reach every nook in which norovirus might hide on the surface of the berries.

Submission + - The UK's Investigatory Powers Act allows the State to tell lies in court (theregister.co.uk)

Jigsy writes: Blighty's freshly passed Investigatory Powers Act, better known as the Snoopers' Charter, is a dog's dinner of a law. It gives virtually unrestricted powers not only to State spy organisations but also to the police and a host of other government agencies.

The operation of the oversight and accountability mechanisms in the IPA are all kept firmly out of sight – and, so its authors hope, out of mind – of the public. It is up to the State to volunteer the truth to its victims if the State thinks it has abused its secret powers. "Marking your own homework" is a phrase which does not fully capture this.

However, despite the establishment of a parallel system of secret justice, the IPA's tentacles also enshrine parallel construction into law. That is, the practice where prosecutors lie about the origins of evidence to judges and juries – thereby depriving the defendant of a fair trial because he cannot review or question the truth of the evidence against him.

Section 56 of the act as passed sets out a number of matters that are now prohibited from being brought up in court.

Submission + - FBI investigation into GamerGate may have closed

An anonymous reader writes: In early November of 2014, Twitter user @livebeef submitted a Freedom of Information Act (FOIA) request to the FBI concerning its investigation into Gamergate. In December of 2016, he finally received his information. It reveals that the FBI began investigating Gamergate very early on and has since closed the investigation, stating, “To date, all available investigative steps failed to identify any subjects or actionable leads.” The heavily redacted 169-page PDF files contain some of the threatening letters sent to Utah State University. Another event detailed an FBI visit to the home of a man whose name was involved in a threatening email. This is most likely YouTube user MrRepzion. Further on, the report details correspondence with one of the victims of the threats, repeatedly cautioning her against taking matters to the media. "I am attempting to collect the evidence for your case that would be useful in prosecution of any subject (once a subject is identified) and it is very difficult to do this when people know about the FBI involved and their need for use of Thor and other Proxies. [sic]”

Submission + - Court: 'Falsely' Accused 'Movie Pirate' Deserves $17K Compensation

AmiMoJo writes: An Oregon District Court has sided with a wrongfully accused man, who was sued for allegedly downloading a pirated copy of the Adam Sandler movie The Cobbler. According to the court's recommendations, the man is entitled to more than $17,000 in compensation as the result of the filmmakers "overaggressive" and "unreasonable" tactics. The defendant in question, Thomas Gonzales, operates an adult foster care home where several people had access to the Internet. The filmmakers were aware of this and during a hearing their counsel admitted that any guest could have downloaded the film.

Submission + - NSA's best are 'leaving in big numbers' (cyberscoop.com)

An anonymous reader writes: Low morale at the National Security Agency is causing some of the agency’s most talented people to leave in favor of private sector jobs, former NSA Director Keith Alexander told a room full of journalism students, professors and cybersecurity executives Tuesday. The retired general and other insiders say a combination of economic and social factors — including negative press coverage — have played a part.

“I do hear that people are increasingly leaving in large numbers and it is a combination of things that start with [morale] and there’s now much more money on the outside,” Alexander said. “I am honestly surprised that some of these people in cyber companies make up to seven figures. That’s five times what the chairman of the Joint Chiefs of Staff makes. Right? And these are people that are 32 years old.”

“Do the math. [The NSA] has great competition,” he said.

The rate at which these cyber-tacticians are exiting public service has increased over the last several years and has gotten considerably worse over the last 12 months, multiple former NSA officials and D.C. area-based cybersecurity employers have told CyberScoop in recent weeks.

“Morale has always been an issue at NSA, with roughly 20 percent of the workforce doing 80 percent of the actual work,” a former official told CyberScoop on the condition of anonymity. “NSA is a place where people retire in place. At some point watching this behavior even for motivated people becomes highly demotivating.”

The concern held by some in the intelligence community is that this attrition will overwhelm ongoing recruitment efforts that are now beginning to hit stride.

The challenges associated with recruiting proficient cybersecurity professionals to the agency has become a consistent talking point for sitting NSA Director Mike Rogers.

During public speaking events, Rogers has often talked about the spy agency’s need to explore creative solutions to counter what is commonly referred to as “brain drain.” One example is the creation of a “tour of duty” program, which Rogers says could help those in the private sector more easily transition into classified work and then return to industry.

“What really bothers me is that the people of NSA, these folks who take paltry government salaries to protect this nation, are made to look like they are doing something wrong,” Alexander said Tuesday. “They are doing exactly what our nation has asked them to do to protect us. They are the heroes. They are the ones that deserve our praise. Not a guy who took this race to Hong Kong and to Moscow.”

Alexander, who is now a cybersecurity executive, was speaking at an event hosted by the University of Maryland’s journalism school. He observed that many Americans have come to fear the spy agency and its employees because of a basic misunderstanding concerning the NSA’s role, responsibilities and value in the scope of national security.

“You see politicians raising their phones saying ‘they’re listening to your phone calls, they’re reading your emails’ what we did is enrage people,” Alexander said. “We gave them that impression based on the way that it was reported across all of the media.”

In large part, Alexander blamed the press for propagating an image of the NSA that causes people to believe they are being spied on at all times by the U.S. government regardless of their independent actions.

“I think it’s a whole combination of things [for poor retention rates], but part of it is the way people see them. [An NSA employee] is not someone to stand up and say what they are doing is good for our nation. You don’t hear that. And if they’re not told that, they go home to their family and friends, and then people say ‘oh, you’re the NSA, are you listening to my phone calls?’”

But sources say that some of the factors causing low morale at the agency may be more complicated than Alexander leads on and has described in past comments including those made at Tuesday’s event. For example, the NSA’s structural reorganization plan known as NSA21 — an objective pioneered by Rogers — has become a growing point of tension between different divisions within the secretive agency, sources tell CyberScoop.

The NSA’s offensive-leaning signals intelligence unit known as Tailored Access Operations, or TAO — a storied group of the government’s best hackers — and the defensive-focused team known as the information assurance directorate, or IAD, are no longer separate entities. Rather, NSA21 has installed policies that work to combine TAO and IAD into a sort of joint workforce.

The recent shift is effectively pushing two groups — those with differing skills and even culture — to work more closely together today than at any point in the NSA’s history, said historian Matthew Aid.

Submission + - Sysadmin Gets Two Years in Prison for Sabotaging ISP (bleepingcomputer.com)

An anonymous reader writes: Dariusz J. Prugar, 32, of Syracuse, New York, will have to spend 2 years in prison for hacking his former employee, Pa Online, an internet service provider (ISP) formerly located in Enola, Pennsylvania. According to authorities, Prugar had used his old credentials to log into the ISP's network and "take back" some of the scripts and software he wrote while as an employee there, after being fired in June 2010.

Seeking to hide his tracks, Prugar used an automated script that deleted various logs. As a side effect of removing some of these files, the ISP's systems crashed, affecting over 500 businesses and over 5,000 residential customers. When the former ISP couldn't fix the issue, they asked Prugar to help. During negotiations, instead of requesting money as payment, Prugar insisted that he'd be paid using the rights to the software and scripts he wrote while at the company, software which was now malfunctioning, a week after he left. This tipped off the company, who detected foul play, contacted the FBI and rebuilt its entire network. The ISP shut down operations in 2015.

Submission + - How to View the SpaceX Falcon 9 Return to Flight at Vandenberg Air Force Base (perens.com)

Bruce Perens writes: Silicon Valley folks should, sometime, take the opportunity to view a launch at Vandenberg Air Force Base. Lompoc is 4-5 hours from the Bay, 2.5 hours from LA if there's ever no traffic. An upcoming SpaceX launch is notable because it's their return to flight, months after their last attempt blew up on the pad during a pre-launch test. Read how to view the launch.

Submission + - Chinese Scientist Found Breakthrough Vaccine/Cures for All Viral Infections (scmp.com)

hackingbear writes: Chinese scientists may have found the key to creating effective vaccines for the world’s deadly viruses including bird flu, SARS, Ebola, and HIV. An experiment by a research team at Beijing University was hailed as “revolutionary” in the field in a paper published in the latest issue of Science magazine on Friday. The live virus used in the vaccine used by the researchers had its genetic code tweaked to disable the viral strains’ self-replication mechanism. But it was kept fully infectious to allow the host animal cells to generate immunity. Using live viruses in their fully infectious form was considered taboo, as viruses spread rapidly. Vaccines sold and used widely today generally contain either dead or weakened forms of viruses. The animals infected with virus were cured after receiving the injection, according to the paper. This breakthrough promises to simplify the process of producing vaccines, which may help scientists develop effective vaccines or even cures for various viruses – such bird flu, SARS, Ebola and HIV – within weeks of an outbreak.

Submission + - Virginia spent over half a million on cell surveillance that mostly doesn't work (muckrock.com)

v3rgEz writes: In 2014, the Virginia State Police spent $585,265 on a specially modified Suburban outfitted with the latest and greatest in cell phone surveillance: The DRT 1183C, affectionately known as the DRTbox. But according to logs uncovered by public records website MuckRock, the pricey ride was only used 12 times — and only worked 7 of those times. Read the full DRTbox documents at MuckRock.

Submission + - The Lack of Women in Cybersecurity is a Problem and a Threat (securityledger.com) 1

chicksdaddy writes: The devaluation of traditionally “soft” skills like empathy, communication and collaboration in the information security space may be hampering the ability of IT security teams to respond to human-focused threats and attacks, according to this article at The Security Ledger. (https://securityledger.com/2016/12/cybers-lack-of-women-a-problem-and-threat/)

Failing to prioritize skills like empathy, communication, and collaboration and the people who have them (regardless of their gender) and focusing on "hard skills" (technical expertise) "limits our conceptions of security solutions and increases risks to our systems and users."

The problem goes beyond phishing attacks and social engineering, too. “Studies have shown that projects that embrace diversity are more successful. It’s a simple truth that people with different life backgrounds and life experiences bring unique perspectives to problem-solving,” says Amie Stepanovich, the U.S. policy manager at Access Now.

In short: "when we keep hiring technologists to solve problems, we get keep getting technical solutions." Too often, such technical fixes fail to account for the human environment in which they will be deployed. “It’s prioritizing a ‘tech first’—not a ‘human first’ or ‘empathy first’—perspective,” says Dr. Sara “Scout” Sinclair Brody, the executive director of Simply Secure.

This isn’t the first article to raise a red flag over the technology sector's glaring shortage of empathy. (http://www.newyorker.com/business/currency/silicon-valley-has-an-empathy-vacuum).

And while instilling empathy and compassion in adults who lack it might seem like a tall order, the piece argues that it isn't an unsolvable problem: there are entire fields—like user experience and human-centered design—dedicated to improving the way humans and technology interact. “Shockingly little of that,” says Brody, “has made it into the security domain.”

Submission + - President Obama's $4.2B CS for All K-12 Initiative Pronounced Dead 1

theodp writes: In a late Friday blog post entitled An Update on Computer Science Education and Federal Funding, tech-backed Code.org explains that Congress's passage of a 'continuing resolution' extending the current budget into 2017 spelled the death knell for President Obama's proposed $4B Computer Science For All initiative, which enjoyed support from the likes of Microsoft, Facebook, and Google. So, wait'll next year? Perhaps not. "We don’t have any direct feedback yet about the next administration’s support for K-12 CS," wrote CEO Hadi Partovi and Govt. Affairs VP Cameron Wilson, "other than a promise to expand 'vocational and technical education' as part of Trump’s 100-day plan which was published in late October. I am hopeful that this language may translate into support for funding K-12 computer science at a federal level. However, we should assume that it will not." The nonprofit may have ruffled the new administration's feathers — among the recent WikiLeaks disclosures was correspondence from Code.org's founders advising the Clinton campaign that the issue of K-12 CS education could be used to win Hillary the election.

Slashdot Top Deals

Enzymes are things invented by biologists that explain things which otherwise require harder thinking. -- Jerome Lettvin

Working...