Please create an account to participate in the Slashdot moderation system

 



Forgot your password?
typodupeerror
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×

Submission + - Transport employees were secretly paid by the DEA to search travelers bags (economist.com)

schwit1 writes: THERE are many reasons why you might have been stopped at an American transport hub and your bag searched by officials. You might have be chosen at random. Perhaps you matched a profile. Or you could have been flagged by an airline, railroad or security employee who was being secretly paid by the government as a confidential informant to uncover evidence of drug smuggling.

A committee of Congress heard remarkable testimony last week about a long-running programme by the Drug Enforcement Administration. For years, officials from the Department of Justice testified, the DEA has paid millions of dollars to a variety of confidential sources to provide tips on travellers who may be transporting drugs or large sums of money. Those sources include staff at airlines, Amtrak, parcel services and even the Transportation Safety Administration.

The testimony follows a report by the Justice Department that uncovered the DEA programme and detailed its many potential violations. According to that report, airline employees and other informers had an incentive to search more travellers' bags, since they received payment whenever their actions resulted in DEA seizures of cash or contraband. The best-compensated of these appears to have been a parcel company employee who received more than $1m from the DEA over five years. One airline worker, meanwhile, received $617,676 from 2012 to 2015 for tips that led to confiscations. But the DEA itself profited much more from the programme. That well-paid informant got only about 12% of the amount the agency seized as a result of the his tips.

Comment As someone who tests phone apps for a living... (Score 1) 95

I am not surprised in the slightest that apps crash more frequently on iOS than Android devices. It is an order of magnitude more difficult to automate app testing on iOS than Android. You cannot emulate an iOS device like you can an Android device (no, the Simulator doesn't count - if it requires a special build, it doesn't count), and Apple's OS updates frequently break test automation. You also cannot simply programmatically control actions and read screen state on iOS without extra signing steps in iOS 10, which is why most third-party testing services don't offer iOS 10 devices in their testing labs.

Developers and testers simply test iOS less (even though they almost certainly spend more time on it).

Comment Re:You can't (Score 1) 237

Simply put, there is no such thing as a truly secure phonecall.

Any "easy" solution coming out of or running through the USA needs to be "insecure" thanks to CALEA - Communications Assistance for Law Enforcement Act - but even if this were not an issue, the endpoints can still be bugged and systems hacked.

You may be able to get a fair part of the way there by setting up your own infrastructure (ie something which runs over a VPN and/or ZRTP) - Maybe look at Silent Circle for an ?easy? partial solution to your woes.

Truth. The thing most people forget is that the NSA and similar organizations use brute-force decryption as a last resort. As the FBI has demonstrated very publicly several times over the last year that hacking the endpoint is the preferred method of intercept (after CALEA) because it's so much easier.

Windows Phone, iOS, and Android (yes, including Black Phone) all have so much surface area and so many insecure third-party dependencies that it's all but impossible to lock them down. So if someone really wants in, you're going to get hacked no matter which phone or app you're using.

Comment Re:As a C programmer (Score 1) 315

Hell no. :-) C is by far the most portable language. Really, my main point was just a warning that there aren't many libraries that were written with absolute, architecture-independent portability in mind, and the key take-away from that should be: add third-party dependencies very cautiously, and test the shit out of your code.

Comment Re:As a C programmer (Score 3, Informative) 315

Also worth mentioning that not only does C run on the most different processors, C is the most portable between languages.....that is, if you write a library in C, it can be used in basically every other language.

There can actually be surprising gotchas regarding portability. Good examples:

  • - dereferencing pointers to multi-byte values can cause errors on some processors when the pointer address isn't word-aligned, but will work just fine on others
  • - you can't make any assumptions around native word sizes without risking portability issues. This means being very explicit with your types (including <stdint.h> and being super careful about explicitly casting while bit shifting
  • - ... you get the point

That's definitely not to say that you *can't* write portable code, just that C libraries may not be as plug-and-play as you'd like, often in surprising and dangerous ways.

Comment Re: As a C programmer (Score 4, Insightful) 315

Personally, I like Ruby.

In all seriousness, arguments along the lines of "very few people are competent C programmers" in my experience can be generalized to "very few people are competent <insert any programming language here> programmers". Yes, C is a more challenging language because it requires very strict discipline to do well, but 8+ years in the industry has shown me that good coders are the exception.

Comment They'll soo lose a few more in my neighborhood... (Score 1) 68

My condo association just signed papers to get Fiber access in each unit before the end of the year. While I can't speak for the rest of the community, Comcast will definitely lose me as a customer, and almost certainly a few others as well.

Fiber would have to cost a LOT more than Comcast before I'd consider NOT switching.

Comment GMO (Score 1) 199

I know genetic engineering is still a little green, but this situation appears ripe for genetic experimentation. Call me a fruit basket, but I think it's time we peel back the shroud around genetic engineering and produce new varieties of disease-resistant bananas and diversify that genetic tree.

Slashdot Top Deals

Multics is security spelled sideways.

Working...