The Almighty Buck

Leased LEDs and Energy Service Contracts can Cut Electric Bills (Video) 52 52

I first heard of Consumer Energy Solutions from a non-profit's IT guy who was boasting about how he got them to lease him LED bulbs for their parking lot and the security lights at their equipment lot -- pretty much all their outdoor lighting -- for a lot less than their monthly savings on electricity from replacing most of their Halogen, fluorescent, and other less-efficient lights with LEDs. What made this a big deal to my friend was that no front money was required. It's one thing to tell a town council or non-profit board, "If we spend $180,000 on LEDs we'll save it all back in five years" (or whatever). It's another thing to say, "We can lease LEDs for all our outdoor lighting for $4,000 per month and save $8,000 on electricity right away." That gets officials to prick up their ears in a hurry.Then there are energy service contracts, essentially buying electricity one, two or three years in advance. This business got a bad name from Enron and their energy wholesaling business, but despite that single big blast of negative publicity, it grows a little each year. And the LED lease business? In many areas, governments and utility companies actually subsidize purchases of anything that cuts electricity use. Totally worth checking out.

But why, you might ask, is this on Slashdot? Because some of our readers own stacks of servers (or work for companies that own stacks of servers) and need to know they don't have to pay whatever their local electric utility demands, but can shop for better electricity prices in today's deregulated electricity market. And while this conversation was with one person in this business, we are not pushing his company. As interviewee Patrick Clouden says at the end of the interview, it's a competitive business. So if you want the best deal, you'd better shop around. One more thing: the deregulated utility market, with its multitude of suppliers, peak and off-peak pricing, and (often) minute-by-minute price changes, takes excellent software (possibly written by someone like you) to negotiate, so this business niche might be one an entrepreneurial software developer should explore.
Advertising

Avira Wins Case Upholding Its Right To Block Adware 63 63

Mark Wilson writes: Security firm Avira has won a court case that can not only be chalked up as a win for consumer rights, but could also set something of a precedent. Germany company Freemium.com took Avira to court for warning users about "potentially unwanted applications" that could be bundled along with a number of popular games and applications. Freemium.com downloads included a number of unwanted extras in the form of browser toolbars, free trial applications, adware, and other crapware. Avira's antivirus software warned users installing such applications; Freemium took objection to this and filed a cease and desist letter, claiming anti-competitive practices. But the court ruled in Avira's favor, saying it could continue to flag up and block questionable software.
Security

Emergency Adobe Flash Patch Fixes Zero-Day Under Attack 71 71

msm1267 writes: Adobe has released an emergency patch for a Flash zero-day used in targeted attacks by APT3, the same group behind 2014's Clandestine Fox attacks. Adobe said Flash Player 18.0.0.161 and earlier for Windows and Macintosh systems are affected, as is 11.2.202.466 for Linux 11.x versions.

The current iteration of Clandestine Fox attacks shares many traits with last year's attacks, including generic, almost spam-like phishing emails intent on snaring as many victims as possible that can be analyzed for their value before additional attacks are carried out. The two campaigns also share the same custom backdoor called SHOTPUT, as well as an insistence on using a throwaway command and control infrastructure.
Spam

Ask Slashdot: How Effective Is Your ISP's Spam Filter? 269 269

An anonymous reader writes with the question in the title: does your ISP do a decent job culling spam? The reason I'm asking is that my ISP is Verizon and the Verizon spam filter is next to useless. It only blocks 15% of spam while also blocking 5% of legitimate emails. I've tried calling Verizon support a couple of times and the experience is about as pleasant and productive as banging my head on a wall. At this point I think my best move is to change ISP, but before I go around changing my email address at probably dozens of web sites I'd like to be sure that a new ISP would actually be better.
Spam

86.2 Million Phone Scam Calls Delivered Each Month In the US 193 193

An anonymous reader writes with a report from Help Net Security which assigns some numbers to the lucrative fraud-by-phone business in the U.S. -- and it's not just the most naive who are vulnerable. "Phone fraud continues to threaten enterprises across industries and borders, with the leading financial institutions' call centers exposed to more than $9 million to potential fraud each year," says the article. "Pindrop analyzed several million calls for threats, and found a 30 percent rise in enterprise attacks and more than 86.2 million attacks per month on U.S. consumers. Credit card issuers receive the highest rate of fraud attempts, with one in every 900 calls being fraudulent."

What's been your experience with fraudulent robocalls? I've been getting them on a near-daily basis -- fake credit card alerts, "computer support" malware-install attempts, and more -- for a few years now, which makes whitelisting seem attractive. ("Bridget from account services" has been robo-calling a lot lately, and each time she says it is my final notice.) My biggest worry is that the people behind these scams, like spammers, will hire copywriters who can fool many more people.
Censorship

Anti-TPP Website Being Blacklisted 180 180

so.dan writes: The CTO of Fight for the Future — the non-profit activism group behind Battle for the Net, Blackout Congress, and Stop Fast Track — Jeff Lyon, is seeking advice regarding a problem with facing the website they created — stopfasttrack.com — to fight the secret Trans Pacific Partnership trade deal.

The site been blacklisted by Twitter, Facebook, and major email providers as malicious/spam. Over the last week, nobody has been able to post the website on social networks, or send any emails with their URL. Lyon has posted a summary of the relevant details on Reddit in the hope of obtaining useful feedback regarding what the cause might be. However, none of the answers there right now seem particularly useful, so I'm hoping the Slashdot community can help him out by posting here.

Lyon indicates that the blackout has occurred at a particularly crucial point in the campaign to kill the TPP, as most members of the House of Representatives would likely vote against it were it brought to a vote now, and as pro-TPP interests have started to escalate their lobbying efforts on the House to counteract what would otherwise be a no vote.
Spam

Attackers Use Email Spam To Infect Point-of-Sale Terminals 85 85

jfruh writes: Point-of-sale software has meant that in many cases where once you'd have seen a cash register, you now see a general-purpose PC running point-of-sale (PoS) software. Unfortunately, those PCs have all the usual vulnerabilities, and when you run software on it that processes credit card payments, they become a tempting target for hackers. One of the latest attacks on PoS software comes in the form of malicious Word macros downloaded from spam emails.
Security

Adult Dating Site Hack Reveals Users' Sexual Preference, Extramarital Affairs 173 173

An anonymous reader notes this report from Channel 4 News that Adult FriendFinder, one of the largest dating sites in the world, has suffered a database breach that revealed personal information for 3.9 million of its users. The leaked data includes email addresses, IP addresses, birth dates, postal codes, sexual preferences, and information indicating which of them are seeking extramarital affairs. There even seems to be data from accounts that were supposedly deleted. Channel 4 saw evidence that there were plans for a spam campaign against these users, and others are worried that a blackmail campaign will follow. "Where you've got names, dates of birth, ZIP codes, then that provides an opportunity to actually target specific individuals whether they be in government or healthcare for example, so you can profile that person and send more targeted blackmail-type emails," said cybercrime specialist Charlie McMurdy.
Facebook

Top Publishers To Post News Stories Directly To Facebook Timelines 50 50

An anonymous reader writes: The BBC, BuzzFeed, NBC, The New York Times and National Geographic are among some of the publishers which will post news items directly to a Facebook user's timeline thanks to a new feature called Instant Articles. Chris Cox, Facebook’s chief product officer, says the program will allow publishers to “deliver fast, interactive articles while maintaining control of their content and business models.” Under the terms of the plan, publishers can sell and embed ads in the articles and keep the revenue, or allow Facebook to sell ads. Publishers will also be allowed to track data and traffic with their own analytics tools.
Security

Unnoticed For Years, Malware Turned Linux Servers Into Spamming Machines 180 180

An anonymous reader writes: For over 5 years, and perhaps even longer, servers around the world running Linux and FreeBSD operating systems have been targeted by an individual or group that compromised them via a backdoor Trojan, then made them send out spam, ESET researchers have found. What's more, it seems that the spammers are connected with a software company called Yellsoft, which sells DirectMailer, a "system for automated e-mail distribution" that allows users to send out anonymous email in bulk. Here's the white paper in which the researchers explain the exploit.
Spam

Want 30 Job Offers a Month? It's Not As Great As You Think 227 227

An anonymous reader writes: Software engineers suffer from a problem that most other industries wish they had: too much demand. There's a great story at the Atlantic entitled Imagine Getting 30 Job Offers a Month (It Isn't as Awesome as You Might Think). This is a problem that many engineers deal with: place your resume on a job board and proceed to be spammed multiple times per day for jobs in places that you would never go to (URGENT REQUIREMENT IN DETROIT!!!!!, etc). Google "recruiter spam" and there are many tales of engineers being overwhelmed by this. One engineer, fed up by a lack of a recruiting spam blackhole, set up NoRecruitingSpam.com with directions on how to stop this modern tech scourge. Have you been the victim of recruiting spam?
Spam

Whoah, Small Spender! Steam Sets Limits For Users Who Spend Less Than $5 229 229

As GameSpot reports, Valve has implemented a policy that reduces the privileges of Steam users unless those users have spent $5 through the service. Along the same lines as suggestions to limit spam by imposing a small fee on emails, the move is intended to reduce resource abuse as a business model. From the article: "Malicious users often operate in the community on accounts which have not spent any money, reducing the individual risk of performing the actions they do," Valve said. "One of the best pieces of information we can compare between regular users and malicious users are their spending habits as typically the accounts being used have no investment in their longevity. Due to this being a common scenario we have decided to restrict certain community features until an account has met or exceeded $5.00 USD in Steam." Restricted actions include sending invites, opening group chats, and taking part in the Steam marketplace.
Communications

FTC Announces $50k In Prizes For Robocaller Trap Software 79 79

crazyhorse44 that the Federal Trade Commission announced this week that it is launching two new robocall contests challenging the public to develop a crowd-source honeypot and better analyze data from an existing honeypot. A honeypot is an information system that may be used by government, private and academic partners to lure and analyze robocalls. The challenges are part of the FTC's long-term multi-pronged effort to combat illegal robocallers and contestants of one of the challenges will compete for $25,000 in a top prize. As part of Robocalls: Humanity Strikes Back, the FTC is asking contestants to create a technical solution for consumers that will identify unwanted robocalls received on landlines or mobile phones, and block and forward those calls to a honeypot. A qualifying phase [launched Wednesday] and runs through June 15, 2015 at 10:00 p.m. ET; and a second and final phase concludes at DEF CON 23 on Aug. 9, 2015.
Canada

CRTC Issues $1.1 Million Penalty To Compu-Finder For Spamming Canadians 54 54

zentigger writes Canadians rejoice! It looks like the new anti-spam regulations might actually have some teeth! Today, the CRTC issued a $1.1 million fine to Compu-Finder for violating Canada's anti-spam legislation by sending commercial emails without consent, as well as messages in which the unsubscribe mechanisms did not function properly. Furthermore, an analysis of the complaints made to the Spam Reporting Centre of this industry sector shows that Compu-Finder accounts for 26% of all complaints submitted.
Security

Pharming Attack Targets Home Router DNS Settings 39 39

msm1267 (2804139) writes Pharming attacks are generally network-based intrusions where the ultimate goal is to redirect a victim's web traffic to a hacker-controlled webserver, usually through a malicious modification of DNS settings. Some of these attacks, however, are starting to move to the web and have their beginnings with a spam or phishing email. Proofpoint reported on the latest iteration of this attack, based in Brazil. The campaign was carried out during a five-week period starting in December when Proofpoint spotted phishing messages, fewer than 100, sent to customers of one of the country's largest telecommunications companies.
Communications

How One Small Company Blocked 15.1 Million Robocalls Last Year 145 145

TechCurmudgeon sends this excerpt from an article at Wired: Aaron Foss won a $25,000 cash prize from the Federal Trade Commission for figuring out how eliminate all those annoying robocalls that dial into your phone from a world of sleazy marketers. ... Using a little telephone hackery, Foss found a way of blocking spammers while still allowing the emergency alert service and other legitimate entities to call in bulk. Basically, he re-routed all calls through a service that would check them against a whitelist of legitimate operations and a blacklist of spammers, and this little trick was so effective, he soon parlayed it into a modest business. Last year, his service, called Nomorobo, blocked 15.1 million robocalls.
Crime

Fujitsu Psychology Tool Profiles Users At Risk of Cyberattacks 30 30

itwbennett writes Fujitsu Laboratories is developing an enterprise tool that can identify and advise people who are more vulnerable to cyberattacks, based on certain traits. For example, the researchers found that users who are more comfortable taking risks are also more susceptible to virus infections, while those who are confident of their computer knowledge were at greater risk for data leaks. Rather than being like an antivirus program, the software is more like "an action log analysis than looks into the potential risks of a user," said a spokesman for the lab. "It judges risk based on human behavior and then assigns a security countermeasure for a given user."
Programming

Interviews: Alexander Stepanov and Daniel E. Rose Answer Your Questions 42 42

samzenpus (5) writes "Alexander Stepanov is an award winning programmer who designed the C++ Standard Template Library. Daniel E. Rose is a programmer, research scientist, and is the Chief Scientist for Search at A9.com. In addition to working together, the duo have recently written a new book titled, From Mathematics to Generic Programming. Earlier this month you had a chance to ask the pair about their book, their work, or programming in general. Below you'll find the answers to those questions."
Communications

FCC May Permit Robocalls To Cell Phones -- If They Are Calling a Wrong Number 217 217

An anonymous reader writes There have been plenty of false rumors about cell phones being opened up to telemarketers, but now the FCC is actually considering it. From the article: "Consumers have long had the support of government to try to control these calls, chiefly through the Telephone Consumer Protection Act, which actually allows consumers to file lawsuits and collect penalties from companies that pepper them with robocalls or text messages they didn't agree to receive. But now the Federal Communications Commission is considering relaxing a key rule and allowing businesses to call or text your cellphones without authorization if they say they called a wrong number. The banking industry and collections industry are pushing for the change." In one case recently, AT&T called one person 53 times after he told them they had a wrong number...and ended up paying $45 million to settle the case. Around 40 million phone numbers are "recycled" each year in the U.S. Twice, I've had to dump a number and get a new one because I was getting so many debt collection calls looking for someone else. Apparently the FCC commissioners may not be aware of the magnitude of the "wrong number" debt collection calls and aren't aware that lots of people still have per-minute phone plans. Anyone can file comments on this proposal with the FCC.