Communications

Questioning the Dispute Over Key Escrow 82 82

Nicola Hahn writes: The topic of key escrow encryption has once again taken center stage as former Secretary of Homeland Security Michael Chertoff has spoken out against key escrow both at this year's Aspen Security Forum and in an op-ed published recently by the Washington Post. However, the debate over cryptographic back doors has a glaring blind spot. As the trove of leaks from Hacking Team highlights, most back doors are implemented using zero-day exploits. Keep in mind that the Snowden documents reveal cooperation across the tech industry, on behalf of the NSA, to make products that were "exploitable." Hence, there are people who suggest the whole discussion over key escrow includes an element of theater. Is it, among other things, a public relations gambit, in the wake of the PRISM scandal, intended to cast Silicon Valley companies as defenders of privacy?
Piracy

Interviews: Kim Dotcom Answers Your Questions 88 88

Kim Dotcom was the founder of Megaupload, its successor Mega, and New Zealand's Internet Party. A while ago you had a chance to ask him about those things as well as the U.S. government charging him with criminal copyright violation and racketeering. Below you'll find his answers to your questions.
GNU is Not Unix

Interviews: Ask Richard Stallman a Question 348 348

RMS founded the GNU Project, the Free Software Foundation, and remains one of the most important and outspoken advocates for software freedom. He now spends much of his time fighting excessive extension of copyright laws, digital restrictions management, and software patents. RMS has agreed to answer your questions about GNU/Linux, how GNU relates to Linux the kernel, free software, why he disagrees with the idea of open source, and other issues of public concern. As usual, ask as many as you'd like, but please, one question per post.
Windows

Windows 10 Launches 317 317

An anonymous reader writes: Today Microsoft officially released Windows 10 in 190 countries as a free upgrade for anyone with Windows 7 or later. Major features include Continuum (which brings back the start menu and lets you switch between a keyboard/mouse UI and a touch UI without forcing you into one or the other), the Cortana digital assistant, the Edge browser, virtual desktops, DirectX 12 support, universal apps, an Xbox app, and security improvements. Reviews of the operating system generally consider it an improvement over Windows 8.1, despite launch-day bugs. Peter Bright writes, "Windows 8 felt unfinished, but it was an unfinished thought. ... Windows 10 feels unfinished, but in a different way. The concept of the operating system is a great deal better than its predecessor. It's better in fact than all of its predecessors. ... For all my gripes, it's the right idea, and it's implemented in more or less the right way. But I think it's also buggier than Windows 8.1, 8, 7, or Vista were on their respective launch days." Tom Warren draws similar conclusions: "During my testing on a variety of hardware, I've run into a lot of bugs and issues — even with the version that will be released to consumers on launch day. ... Everything about Windows 10 feels like a new approach for Microsoft, and I'm confident these early bugs and issues will be addressed fairly quickly."
Security

Hacker Set To Demonstrate 60 Second Brinks Safe Hack At DEFCON 147 147

darthcamaro writes: Ok so we know that Chrysler cars will be hacked at Black Hat, Android will be hacked at DEFCON with Stagefright, and now word has come out that a pair of security researchers plan on bringing a Brinks safe onstage at DEFCON to demonstrate how it can be digitally hacked. No this isn't some kind of lockpick, but rather a digital hack, abusing the safe's exposed USB port. And oh yeah, it doesn't hurt that the new safe is running Windows XP either.
Bitcoin

Winklevoss Twins Get Closer To Launching Their Bitcoin Exchange 93 93

An anonymous reader writes: Reuters has an update on the Winklevoss twins plan to launch a regulated Bitcoin exchange called Gemini. The two have filed a New York trust application necessary for them to launch their Gemini bitcoin exchange. If approved, the exchange would be able to accept deposits, and issue loans. The twins say they want to make digital currency mainstream in the United States.
EU

EU May Become a Single Digital Market of 500 Million People 132 132

RockDoctor writes: The Guardian is reporting that the EU is becoming increasingly vociferous in its opposition to "geo-blocking" — the practice of making media services available in some areas but not in others: "European consumers want to watch the pay-TV channel of their choice regardless of where they live or travel in the EU." That adds up to a block of nearly 500 million first-world media consumers. They don't necessarily all speak the same language, but English is probably the most commonly understood single language. And the important thing for American media companies to remember is that they're not American in thought, taste or outlook.
Communications

An Interview With Hacking Team's CEO 80 80

Alastair Stevenson writes: I talked to the leader of the world's most hated surveillance company about its path to recovery and morals, following a massive attack on its systems. CEO David Vincenzetti, as you might expect, thinks that his company "deserves the protection of law and order," and disclaims (also as you'd expect) responsibility for what its clients do with the privacy-unraveling software it provides: Law enforcement must have a way to do what it has always done, that is to track criminals and prevent or prosecute crime. With the development of global terrorism and especially the ‘lone wolf’ terrorist, this requirement is even more important. Hacking Team has helped fight crime by providing a surveillance tool to law enforcement. The company believes this is a small step toward a more secure world for all who wish to used the Internet and digital tools lawfully.
Security

Remote Control of a Car, With No Phone Or Network Connection Required 158 158

Albanach writes: Following on from this week's Wired report showing the remote control of a Jeep using a cell phone, security researchers claim to have achieved a similar result using just the car radio. Using off the shelf components to create a fake radio station, the researchers sent signals using the DAB digital radio standard used in Europe and the Asia Pacific region. After taking control of the car's entertainment system it was possible to gain control of vital car systems such as the brakes. In the wild, such an exploit could allow widespread simultaneous deployment of a hack affecting huge numbers of vehicles.
EU

Europe's Top Court To Decide If Uber Is Tech Firm Or Taxi Company 193 193

An anonymous reader writes: A Spanish judge has requested that the European Court of Justice determine whether or not Uber is a generic "digital service," as it claims, or a "mere transport activity." If the court rules that Uber is a transportation firm the company may have to follow the same licensing and safety rules as taxis and other hired vehicles. "Today's news means that the European Court of Justice will now determine if the national rules currently being applied to digital services like Uber are legal and appropriate under European law," said Mark MacGann, Uber's Head of Public Policy for EMEA, on a conference call with journalists.
The Internet

Internet Dating Scams Target Older American Women 176 176

HughPickens.com writes: The NYT reports: "Janet N. Cook, a church secretary in Virginia, had been a widow for a decade when she joined an Internet dating site and was quickly overcome by a rush of emails, phone calls and plans for a face-to-face visit. "I'm not stupid, but I was totally naïve," says Cook, now 76, who was swept off her feet by a man who called himself Kelvin Wells and described himself as a middle-aged German businessman looking for someone "confident" and "outspoken" to travel with him to places like Italy, his "dream destination." But very soon he began describing various troubles, including being hospitalized in Ghana, where he had gone on business, and asked Cook to bail him out. In all, she sent him nearly $300,000, as he apparently followed a well-honed script that online criminals use to bilk members of dating sites out of tens of millions of dollars a year."

According to the Times internet scammers are targeting women in their 50s and 60s, often retired and living alone, who say that the email and phone wooing forms a bond that may not be physical but that is intense and enveloping. Between July 1 and Dec. 31, 2014, nearly 6,000 people registered complaints of such confidence fraud with losses of $82.3 million, according to the federal Internet Crime Complaint Center. Older people are ideal targets because they often have accumulated savings over a lifetime, own their homes and are susceptible to being deceived by someone intent on fraud. The digital version of the romance con is now sufficiently widespread that AARP's Fraud Watch Network has urged online dating sites to institute more safeguards to protect against such fraud. The AARP network recommends that dating site members use Google's "search by image" to see if the suitor's picture appears on other sites with different names. If an email from "a potential suitor seems suspicious, cut and paste it into Google and see if the words pop up on any romance scam sites," the network advised. The website romancescams.org lists red flags to look for to identify such predators, who urgently appeal to victims for money to cover financial setbacks like unexpected fines, money lost to robbery or unpaid wages. Most victims say they are embarrassed to admit what happened, and they fear that revealing it will bring derision from their family and friends, who will question their judgment and even their ability to handle their own financial affairs."It makes me sound so stupid, but he would be calling me in the evening and at night. It felt so real. We had plans to go to the Bahamas and to Bermuda together," says Louise Brown. "When I found out it was a scam, I felt so betrayed. I kept it secret from my family for two years, but it's an awful thing to carry around. But later I sent him a message and said I forgave him."
Government

Despite Triage, US Federal Cybersecurity Still Lags Behind 36 36

An anonymous reader writes: According to the NY Times, U.S. government officials will soon announce all the improvements their IT security teams have made to federal systems in response to the OPM breach. Unfortunately, says the Times, these updates only just scratch the surface, and are more to show that the government is "doing something" than to fix the long-standing problems with how it handles security. "After neglect that has been documented in dozens of audits for nearly two decades, the federal government is still far behind its adversaries. And it is still struggling to procure the latest technological defenses or attract the kind of digital security expertise necessary to secure its networks."

It seems each agency has to be hit by a cyberattack, causing it to go into panic-mode independently, before learning to properly safeguard its systems. Officials say far too much money is wasted on figuring out who and what to blame, rather than on ameliorating the problem. "At the Internal Revenue Service, auditors identified 69 vulnerabilities in the agency's networks last year, but when officials there told Government Accountability Office auditors this year that they had fixed 24 of those problems, investigators found only 14 had been resolved."
Google

Google To Provide Free Internet For Public Housing Residents To All Fiber Markets 84 84

VentureBeat, an anonymous reader notes, reports that Google has announced it will expand on an earlier move to provide free internet service to poor Austin residents. Now, rather than for 4300 residents of housing provided by the Housing Authority of Austin, the company "has promised to expand that offering to every other current and future Google Fiber market. The move is part of U.S. President Obama's ConnectHome program, launched by the White House and the Department of Housing and Urban Development (HUD) with the goal of bringing Internet connectivity to more school-aged children and families living in HUD-assisted housing in 27 communities across the country. ... Google promises the program will extend to all its Google Fiber cities."
Crime

Technology and the End of Lying 339 339

HughPickens.com writes: The Washington Post reports that lying may soon become a lost art as our digital, data-hoarding culture means that more and more evidence is piling up to undermine our lies. "The research shows the way lies are really uncovered is by comparing what someone is saying to the evidence," says Tim Levine,"and with all these news analytics that can be done, it's going to enable lie detection in a way that was previously impossible." For example in Pennsylvania, police are prosecuting a woman who claimed she was sexually assaulted earlier this year after data from her Fitbit didn't match up with her story, Just like you can Google a fact to end an argument, instant messaging programs that archive digital conversations make it easy to look back and see exactly who said what — and if it matches up with what a person is saying now. "Lying online can be very dangerous," says Jeff Hancock. "Not only are you leaving a record for yourself on your machine, but you're leaving a record on the person that you were lying to."

Even more alarming for liars is the incorporation of lie detector technology into the facial recognition technology. Researchers claim video-analysis software can analyze eye movement successfully to identify whether or not a subject is fibbing 82.5 percent of the time. The new technology heightens surveillance capabilities—from monitoring actions to assessing emotions—in ways that make an individual ever more vulnerable to government authorities, marketers, employers, and to any and every person with whom we interact. "We must understand that—at the individual level and with regard to interpersonal relations—too much truth and transparency can be harmful," says Norberto Andrade. "The permanent confrontation with a verifiable truth will turn us into overly cautious, calculating, and suspicious people."
Privacy

ICANN's Plan To End Commercial Website Anonymity Creates Real Problems 202 202

An anonymous reader notes that ICANN is closing the comment period for its plan to prevent owners of commercial websites from keeping their personal details out of a site's public-facing registration information. Digital rights groups are taking the opportunity to explain how real harm can result from this decision. The Online Abuse Prevention Initiative posted an open letter to ICANN pointing out the rise of doxing and swatting: "Our concern about doxing is not hypothetical. Randi Harper, a technologist, anti-harassment activist, and founder of the Online Abuse Prevention Initiative, was swatted based on information obtained from the Whois record for her domain. The only reason law enforcement did not draw their weapons and break down Harper’s door was that she had previously warned her local police department about swatting."

Cathy Gellis at Popehat refers to the situation surrounding Charles Carreon, the man who antagonized The Oatmeal (Matthew Inman's webcomic) and issued legal threats to those who called him out. "In that case the critic had selected a domain incorporating Carreon's name in order to best get his point about Carreon's thuggery across, which the First Amendment and federal trademark law allowed him to do. ... Unfortunately, the registrar immediately caved to Carreon's pressure and disclosed the critic's identifying information, thereby eviscerating the privacy protection the critic expected to have, and depended on, for his commentary."
Education

BBC Reveals Its New Microcomputer Design 97 97

The BBC has revealed the final design for its Micro Bit computer, a programmable board the size of a credit card they hope will inspire the same love of technology that the BBC Micro did in 1981. The Micro Bit includes an array of LEDs, buttons, and a motion sensor. It can be powered via USB, or by an addon pack with AA batteries. It's not intended as a competitor to devices like the Raspberry Pi or the Arduino — it is intended to complement them while remaining simple for educational purposes. In October, the BBC will begin distributing the Micro Bit to students in grade 7. They expect to give away about a million of them. Afterward, the device will go on sale, and its specs will be open sourced.
Crime

The Mob's IT Department 104 104

An anonymous reader writes: An article at Bloomberg relates the story of two IT professionals who reluctantly teamed up with an organized criminal network in building a sophisticated drug smuggling operation. "[The criminals were] clever, recruiting Van De Moere and Maertens the way a spymaster develops a double agent. By the time they understood what they were involved in, they were already implicated." The pair were threatened, and afraid to go to the police. They were asked to help with deploying malware and building "pwnies" — small computers capable of intercepting network traffic that could be disguised as power strips and routers. In 2012, authorities lucked into some evidence that led them to investigate the operation. "Technicians found a bunch of surveillance devices on [the network of large shipping company MSC]. There were two pwnies and a number of Wi-Fi keyloggers—small devices installed in USB ports of computers to record keystrokes—that the hackers were using as backups to the pwnies. MSC hired a private investigator, who called PricewaterhouseCoopers' digital forensics team, which learned that computer hackers were intercepting network traffic to steal PIN codes and hijack MSC's containers."
United States

Proposed Regulation Could Keep 3D-printed Gun Blueprints Offline For Good 423 423

SonicSpike sends a report on a proposed update to the International Traffic in Arms (ITAR) regulations which could shut down the sharing of files for 3D printed gun parts over the internet. "Hidden within the proposal, which restricts what gear, technology, and info can and cannot be exported out of the U.S., is a ban on posting schematics for 3D printed gun parts online." This follows a lawsuit from Cody Wilson and Defense Distributed back in May fighting the federal government's command to remove blueprints for the "Liberator" 3D-printed gun from their website. A senior official at the U.S. State Department said, "By putting up a digital file, that constitutes an export of the data. If it's an executable digital file, any foreign interests can get a hold of it."
Operating Systems

Ask Slashdot: If You Could Assemble a "FrankenOS" What Parts Would You Use? 484 484

rnws writes: While commenting about log-structured file systems in relation to flash SSDs, I referenced Digital's Spiralog [pdf], released for OpenVMS in 1996. This got me thinking about how VMS to this day has some of, if not the best storage clustering (still) in use today. Many operating systems have come and gone over the years, particularly from the minicomputer era, and each usually had something unique it did really well. If you could stitch together your ideal OS, then which "body parts" would you use from today and reanimate from the past? I'd probably start with VMS's storage system, MPE's print handling, OS/2's Workplace Shell, AS/400's hardware abstraction and GNU's Bash shell. What would you choose?
Crime

Trolls No Longer Welcome In New Zealand 270 270

An anonymous reader writes: Legislation designed to prevent cyber-bullying has passed its final hurdle in the New Zealand Parliament, making it a crime to send harmful messages or put damaging images online. The Harmful Digital Communications Bill passed 116 to 5. The Register reports: "The bill creates a regime under which digital communications causing 'serious emotional distress' are subject to an escalating regime that starts as 'negotiation, mediation or persuasion' but reaches up to creating the offenses of not complying with an order, and 'causing harm by posting digital communication.' The bill covers posts that are racist, sexist, or show religious intolerance, along with hassling people over disability or sexual orientation. There's also a new offense of incitement to suicide (three years' jail).