An anonymous reader writes "The NYT is reporting that the Largest DDoS in history reached 300 Gbps. The dispute started when the spam-fighting group Spamhaus added the Dutch company Cyberbunker to its blacklist, which is used by e-mail providers to weed out spam. Millions of ordinary Internet users have experienced delays in services like Netflix or could not reach a particular Web site for a short time. Dutch authorities and the police have made several attempts to enter the bunker by force but failed to do so. The attacks were first mentioned publicly last week by Cloudflare, an Internet security firm in Silicon Valley that was trying to defend against the attacks and as a result became a target."

First time accepted submitter Sodki writes "The Linux Game Tome, one of the most important websites related to video gaming in GNU/Linux, will shut down on the 13th of April, according to a news post published on the website. The decision was made due to the 'lack both the time and the ambition to do what is necessary to keep the site afloat,' which has resulted in 'spam clogging the forums, lack of updates and increasing brokenness of the site.' This might not be the end, though. The maintainers of The Linux Game Tome will make available a dump of the games database, so that anyone interested can cook up a new and updated version of the website, and a worthwhile effort will be considered for a transfer of ownership of the domain. The current source code of the website, which is from 1999, will not be available because 'it is not fit for human consumption.'" It certainly had a good run; I remember poking around the Linux Game Tome as a teenager in the misty past (and it's where I discovered Freeciv, Warzone 2100, and lbreakout2). Are there any alternatives already operating (unfortunately, Freecode doesn't seem popular with game authors)? Or: Which one of you is going to write the Linux Game Tome 3.0?

coondoggie writes "Researchers at DARPA want to take the science of machine learning — teaching computers to automatically understand data, manage results and surmise insights — up a couple notches. Machine learning, DARPA says, is already at the heart of many cutting edge technologies today, like email spam filters, smartphone personal assistants and self-driving cars. 'Unfortunately, even as the demand for these capabilities is accelerating, every new application requires a Herculean effort. Even a team of specially-trained machine learning experts makes only painfully slow progress due to the lack of tools to build these systems,' DARPA says."

New submitter kxra writes "Do you have a federated jabber instant messaging account that never gets responses from Google accounts anymore? Or do you have a Gmail account that a friend has been unable to invite from their 3rd party Jabber account? The Free Software Foundation reports, 'Google users can still send subscription requests to contacts whose accounts are hosted elsewhere. But they cannot accept incoming requests. This change is akin to Google no longer accepting incoming e-mail for @gmail.com addresses from non-Google domains.' This sounds like something Facebook would try in order to gain even tighter control over the network, but they never even federated their Jabber service to begin with. According to a public mailing list conversation, Google is doing this as a lazy way to handle a spam problem."

An anonymous reader writes "Of the 42,000 Internet Service Providers (ISPs) surveyed, just 20 were found to be responsible for nearly half of all the spamming IP addresses — and some ISPs have more than 60% of compromised hosts, mostly in Asia. Phishing Bad Neighborhoods, on the other hand, are mostly in the U.S. Also, there is a silent ticking 'spam' bomb in BRIC countries: if India would have the same Internet penetration rate as the United States while keeping its current ratio of malicious IP addresses, we would observe 200% more spamming IP addresses worldwide. These are just few of the striking results of an extensive study from the University of Twente, in The Netherlands, which scrutinizes the Internet Bad Neighborhoods to develop next-generation algorithms and solutions to better secure networks."

The quote in the title is from www.muckrock.com/about/. And that is exactly what MuckRock is all about: Making FOIA (Freedom of Information Act) requests for you (and investigative reporters) so you don't have to deal with the often-daunting paperwork and runarounds you may run into when you try to pry information out of a recalcitrant government agency. In theory, most government information is public. In practice, many local, state and federal government bodies would just as soon never tell you anything. This is why Tim Lord talked with MuckRock co-founder Michael Morisy, and why we're running this interview in the middle of Sunshine Week, which exists "...to educate the public about the importance of open government and the dangers of excessive and unnecessary secrecy."

rueger writes "One of Canada's biggest cable/Internet providers has their customers in an outrage. '... after an interruption of Shaw's email services Thursday led to millions of emails being deleted ... About 70 per cent of Shaw's email customers were affected when the company was troubleshooting an unrelated email delay problem and an attempted solution caused incoming emails to be deleted ... Emails were deleted for a 10-hour period between 7:45 a.m. and 6:15 p.m. Thursday, although customers did not learn about the problem until Friday, and only then by calling customer service or accessing an online forum for Shaw Internet subscribers.' To top it off, when Shaw did send out notices about this, they looked so much like every day phishing spam that many people deleted them unread."

MellowTigger writes "I work at a non-profit organization. I am looking for a site where we can register an account under our group's name, then spawn multiple projects to solicit programmer help for our organization. The current projects that we have in mind are small and probably not of interest to the wider world, although one very large project is possible. I need a site that emphasizes our non-profit as the benefactor rather than the wider world, since most projects are so specific that wider applicability seems slim. We would need help with various technologies including at least Powershell and SQL. At the moment, my available options emphasize individual projects of public interest, so we would have to spawn multiple independent projects, seeming to spam the host with 'pointless' minor tasks. We already have technical people seeking to donate time. We just need a way to coordinate skill matching, document sharing, and code submission out on the web. What do you suggest?"

New submitter Christopher Fritz writes "The Berkeley, CA city council recently met to discuss the closing of their downtown post office, in attempt to find a way to keep it from relocating. This included talk of 'a very tiny tax' to help keep the U.S. Post Office's vital functions going. The suggestion came from Berkeley City Councilman Gordon Wozniak: 'There should be something like a bit tax. I mean a bit tax could be a cent per gigabit and they would still make, probably, billions of dollars a year And there should be, also, a very tiny tax on email.' He says a one-hundredth of a cent per e-mail tax could discourage spam while not impacting the typical Internet user, and a sales tax on Internet transactions could help fund 'vital functions that the post office serves.' We all know an e-mail tax is infeasible, and sales tax for online purchases and for digital purchases are likely unavoidable forever, but here's hoping talk of taxing data usage doesn't work its way to Washington."

rueger writes "Right now there's an election happening in British Columbia. A desperate government is flooding Facebook with "Sponsored Post" spam (example) extolling the wonderful things that they plan to do if re-elected. There's one problem though. Every one of these posts is followed by hundreds of extremely negative comments added by people who either dislike the party in question, or Facebook spam in general. Desperate moderators are trying to control the 'discussion,' but seem to have no hope of doing so. What was thought to be a cool marketing tool has turned into a public relations disaster. Is this the worst use of social media in an election?"

nbauman writes "A New York Times consumer columnist tracked down the people who run a 'This is your second and final notice" robocall operation. The calls came from Account Management Assistance, which promises to negotiate lower credit card rates with banks. One woman paid them $1,000, and all they did was give her a limited-time zero-percent credit card that she could have gotten herself. AMA has a post office box in Orlando, Florida. The Better Business Bureau has a page for Your Financial Ladder, which does business as Account Management Assistance, and as Economic Progress. According to a Florida incorporation filing, Economic Progress is operated by Brenda Helfenstine, with her husband Tony. The Arkansas attorney general has sued Your Financial Ladder for violating the Telemarketing Consumer Fraud and Abuse Prevention Act. The Florida Department of Agriculture and Consumer Services investigated Your Financial Ladder, but the investigator went to 1760 Sundance Drive, St. Cloud, which turned out to be a residence, and gave up. The Times notes that you can type their phone number (855-462-3833) into http://800notes.com/ and get lots of reports on them."

netbuzz writes "Fed up with phishers using Google Forms to commandeer campus email accounts as spam engines, Oxford University recently blocked access to Google Docs for two-and-a-half hours in what it called an 'extreme action' designed to get the attention of both its users and Google. 'Seeing multiple such incidents the other afternoon tipped things over the edge,' Oxford explains in a blog post. 'We considered these to be exceptional circumstances and felt that the impact on legitimate University business by temporarily suspending access to Google Docs was outweighed by the risks to University business by not taking such action.' The move generated widespread complaints from those affected, as well as criticism from outside network professionals."

First time accepted submitter trellz writes "My sister and brother-in-law are self employed, and run a small business with a storefront. It was broken into about a year ago, and since then they have reinforced physical security; bars on the doors and windows, better locks, etc. Unfortunately, their store was broken into and vandalized again last week, in spite of the added security measures. Being technically savvy, I'm trying to come up with inexpensive ways to add deterrence, monitoring, and alerting to their business. They run an extremely lean lifestyle and profit margin, so the solution needs to be almost free. They do have an internet connection at the store, so motion detection, web cameras, Arduino devices, and the like are certainly an option. Ideally I would like a rock-solid alerting method. Something like an email or text to a laptop at home, or a dedicated prepaid phone, but without the pitfalls of such a solution (i.e. random wrong numbers, solicitors, email spam, etc). I'd also prefer not to poke holes in their firewall at the shop if at all possible. I was considering an email with some sort of long code or hash in the body, and then could white list that on the receiving end to key off of. The goal is to never have a false alarm based on the transmission/reception method." What advice, beyond ZoneMinder?

Yvonne Lee, Community Manager at Dice.com writes, "Not using standard job titles, not tying your work to real business results and not using the right keywords can mean never getting called for an interview, even if you have the right skills to do the job. I once heard advice to use the exact wording found in the ad when placing your keywords. I think you're even more unlikely to get a job if you do some of the things on this list."

Yvonne Lee, Community Manager at Dice.com, writes "Because EMC has expanded through more than 70 acquisitions in eight years — it was hiring even during the recession — and because many of the acquired companies were startups, it is trying to leverage the more dynamic cultures it's inherited and make itself more nimble and innovative. People it hired 'need to be able to move fast and run,' Thus, a key to getting the company's attention is to prove you can do what you say you can. In other words, when Murray asks if you can work fast, you can't just say yes. You'll have to use your previous achievements to prove that you can."

First time accepted submitter Bitsy Boffin writes "Xtra, the largest ISP in New Zealand, which outsources email provision to Yahoo, has in the last two days been subject to a widespread email compromise, causing potentially thousands of accounts to send spam messages to every address in their webmail address books. Discussion at Geekzone centers around this potentially being a continuation of the Yahoo XSS exploit. While Telecom NZ, the owners of Xtra internet service provider indicate that the problem was "resolved", reports of spam from its members continue unabated. Telecom NZ are advising those affected to change their passwords."

Frequent contributor Bennett Haselton is still thinking about prediction markets, and giving away money. He writes: "In an article last December I described a problem with prediction markets, where even markets with cap on betting limits could be manipulated by a single trader willing to spend a lot of money to distort the marketplace odds. So I offered a $100 cash prize to be split between readers who collectively came up with the best solution to the problem. Here's an idea that I think would work." Read on for the rest.

An anonymous reader writes "Our organization had had a decent SPF record of our own for a long time. Recently, we decided to try using SPF for filtering inbound mail. On the up side, a lot of bad mail was being caught. On the down side, it seems like there is always a 'very important' message being caught in the filter because the sender has failed to consider all mail sources in writing their record. At first, I tried to assist sending parties with correcting their records out of hope that it was isolated. This quickly started to consume far too much time. I'm learning that many have set up inaccurate but syntactically valid SPF records and forgotten about them, which is probably the worst outcome for SPF as a standard. Are you using SPF? How are you handling false positives caused by inaccurate SPF records?"

coondoggie writes "The Federal Trade Commission today said the submission period for its Robocall Challenge had ended and it got 744 new ideas for ways to shut down the annoying automated callers. The FTC noted that the vast majority of telephone calls that deliver a prerecorded message trying to sell something to the recipient are illegal. The FTC regulates these calls under the Telemarketing Sales Rule and the Challenge was issued to developing technical or functional solutions and proofs of concepts that can block illegal robocalls which, despite the agency's best efforts, seem to be increasing."

Orome1 writes "Barracuda Networks has released firmware updates that remove SSH backdoors in a number of their products and resolve a vulnerability in Barracuda SSL VPN that allows attackers to bypass access restrictions to download potentially insecure files, set new admins passwords, or even shut down the device. The backdoor accounts are present on in all available versions of Barracuda Spam and Virus Firewall, Web Filter, Message Archiver, Web Application Firewall, Link Balancer, Load Balancer, and SSL VPN appliances." Here's Barracuda's tech note about the exploitable holes.