Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Crime

US Unveils Charges Against KickassTorrents, Names Two More Defendants (arstechnica.com) 98

A total of three men are said to be operators of file-sharing site KickassTorrents (KAT), according to U.S. prosecutors. Last month, federal authorities arrested the 30-year-old Ukrainian mastermind of KAT, Artem Vaulin, and formally charged him with one count of conspiracy to commit criminal copyright infringement, one count of conspiracy to commit money laundering, and two counts of criminal copyright infringement. Two other Ukrainians were named in the new indictment (PDF): Levgen (Eugene) Kutsenko and Oleksander (Alex) Radostin. While only Vaulin has been arrested, bench warrants have been issue for the arrest of all three men. Ars Technica reports: "Prosecutors say the three men developed and maintained the site together and used it to 'generate millions of dollars from the unlawful distribution of copyright-protected media, including movies, [...] television shows, music, video games, computer software, and electronic books.' They gave out 'Reputation' and 'User Achievement' awards to users who uploaded the most popular files, including a special award for users who had uploaded more than 1,000 torrents. The indictment presents a selection of the evidence that the government intends to use to convict the men, and it isn't just simple downloads of the copyrighted movies. The government combed through Vaulin's e-mails and traced the bitcoins that were given to him via a 'donation' button."
Communications

FCC Proposes 5G Cybersecurity Requirements, Asks For Industry Advice (fedscoop.com) 29

Presto Vivace quotes a report from FedScoop: "Cybersecurity issues must be addressed during the design phase for the entire 5G ecosystem, including devices. This will place a premium on collaboration among all stakeholders," said FCC chairman Tom Wheeler during a National Press Club event on June 20. "We continue to prefer an approach that emphasizes that industry develop cybersecurity standards just as we have done in wired networks." The FCC published a request Wednesday for comment on a new set of proposed 5G rules to the Federal Register focused on adding specific "performance requirements" for developers of example internet-connected devices. If a company hopes to secure a license to access higher-frequency 5G spectrum in the future then they will need to adhere to these specific requirements -- in other words, compliance is non-negotiable. Notably, these FCC "performance requirements" now include the submission of a network security plan. The report adds: "A quick review of the FCC's proposed 5G cybersecurity plan shows a six category split, organized by a companies' security approach, coordination efforts, standards and best practices, participation with standards bodies, other security approaches and plans with information sharing organizations. Security plans must be submitted to the commission at least six months before a 5G-ready product enters the market, according to the notice."
Government

Malware Sold To Governments Helped Them Spy on iPhones (washingtonpost.com) 31

One of the world's most evasive digital arms dealers is believed to have been taking advantage of three security vulnerabilities in popular Apple products in its efforts to spy on dissidents and journalists, reports The New York Times. (Editor's note: the link could be paywalled, here's an alternate source). From the report: Investigators discovered that a company called the NSO Group, an Israeli outfit that sells software that invisibly tracks a target's mobile phone, was responsible for the intrusions. The NSO Group's software can read text messages and emails and track calls and contacts. It can even record sounds, collect passwords and trace the whereabouts of the phone user. In response, Apple on Thursday released a patched version of its mobile software, iOS 9.3.5. Users can get the patch through a normal software update.The Washington Post reports that these "zero-day" flaws were previously used by the governments to take over victims' phones by tricking them into clicking on a link to a text message. Motherboard says that this is the first time anyone has uncovered such an attack in the wild. "Until this month, no one had seen an attempted spyware infection leveraging three unknown bugs, or zero-days, in the iPhone. The tools and technology needed for such an attack, which is essentially a remote jailbreak of the iPhone, can be worth as much as one million dollars."
HP

HP Hit With Age-Discrimination Suit Claiming Old Workers Purged (mercurynews.com) 190

Hewlett-Packard started laying off workers in 2012, before it separated into HP Inc. and HP Enterprise last year. The company has continued to cut thousands of jobs since. As a result of the "restructuring," an age discrimination lawsuit has been filed by four former employees of HP alleging they were ousted amid a purge of older workers. The Mercury News reports: "The goal 'was to make the company younger,' said the complain filed Aug. 18 in U.S. District Court in San Jose. 'In order to get younger, HP intentionally discriminated against its older employees by targeting them for termination [...] and then systematically replacing them with younger employees. HP has hired a disproportionately large number of new employees under the age of 40 to replace employees aged 40 and older who were terminated.' Arun Vatturi, a 15-year Palo Alto employee at HP who was a director in process improvement until he was laid off in January at age 52, and Sidney Staton, in sales at HP in Palo Alto for 16 months until his layoff in April 2015 at age 54, have joined in the lawsuit with a former employee from Washington, removed at age 62, and one from Texas, out at age 63. The group is seeking class-action status for the court action and claims HP broke state and federal laws against age discrimination." The lawsuit also alleges that written guidelines issued by HP's human resources department mandated that 75 percent of all hires outside of the company be fresh from school or "early career" applicants.
The Internet

Singapore To Cut Off Public Servants From the Internet (theguardian.com) 57

Singapore is planning to cut off web access for public servants as a defence against potential cyber attack, Reuters reports. The local government's move has already been criticized by many, who say that it marks a retreat for a technologically advanced city-state that has trademarked the term "smart nation". From an article on The Guardian: Some security experts say the policy, due to be in place by May, risks damaging productivity among civil servants and those working at more than four dozen statutory boards, and cutting them off from the people they serve. It may only raise slightly the defensive walls against cyber attack, they say. Ben Desjardins, director of security solutions at network security firm Radware, called it "one of the more extreme measures I can recall by a large public organisation to combat cyber security risks." Stephen Dane, a Hong Kong-based managing director at networking company Cisco Systems, said it was "a most unusual situation" and Ramki Thurimella, chair of the computer science department at the University of Denver, called it both "unprecedented" and "a little excessive".
Government

FBI Investigating Russian Hack Of New York Times Reporters, Others (cnn.com) 61

Hackers thought to be working for Russian intelligence have carried out a series of cyber breaches targeting reporters at the New York Times and other U.S. news organizations, reports CNN, citing US officials briefed on the matter. From the report: The intrusions, detected in recent months, are under investigation by the FBI and other US security agencies. Investigators so far believe that Russian intelligence is likely behind the attacks and that Russian hackers are targeting news organizations as part of a broader series of hacks that also have focused on Democratic Party organizations, the officials said. "Like most news organizations we are vigilant about guarding against attempts to hack into our systems," said New York Times Co. spokeswoman Eileen Murphy. "There are a variety of approaches we take up to and including working with outside investigators and law enforcement. We won't comment on any specific attempt to gain unauthorized access to The Times." The breaches targeting reporters and news organizations are part of an apparent surge in cyber attacks in the past year against entities beyond US government agencies.
Electronic Frontier Foundation

US Customs and Border Protection Wants To Know Who You Are On Twitter (eff.org) 347

An anonymous reader quotes a report from Electronic Frontier Foundation: U.S. border control agents want to gather Facebook and Twitter identities from visitors from around the world. But this flawed plan would violate travelers' privacy, and would have a wide-ranging impact on freedom of expression -- all while doing little or nothing to protect Americans from terrorism. A proposal has been issued by U.S. Customs and Border Protection to collect social media handles from visitors to the United States from visa waiver countries. The Electronic Frontier Foundation opposes the proposal and has commented on it individually and as part of a larger coalition. "CBP specifically seeks 'information associated with your online presence -- Provider/Platform -- Social media identifier' in order to provider DHS 'greater clarity and visibility to possible nefarious activity and connections' for 'vetting purposes,'" reports EFF. "In our comments, we argue that would-be terrorists are unlikely to disclose social media identifiers that reveal publicly available posts expressing support for terrorism." They say this plan "would unfairly violate the privacy of innocent travelers," would cause "innocent travelers" to "engage in self-censorship, cutting back on their online activity out of fear of being wrongly judged by the U.S. government," and would lead to a "slippery slope, where CBP would require U.S. citizens and residents returning home to disclose their social media handles, or subject both foreign visitors and U.S. persons to invasive device searches at ports of entry with the intent of easily accessing any and all cloud data."
Crime

Turkish Journalist Jailed For Terrorism Was Framed, Forensic Report Shows (vice.com) 96

An anonymous reader quotes a report from Motherboard: Turkish investigative journalist Baris Pehlivan spent 19 months in jail, accused of terrorism based on documents found on his work computer. But when digital forensics experts examined his PC, they discovered that those files were put there by someone who removed the hard drive from the case, copied the documents, and then reinstalled the hard drive. The attackers also attempted to control the journalist's machine remotely, trying to infect it using malicious email attachments and thumb drives. Among the viruses detected in his computer was an extremely rare trojan called Ahtapot, in one of the only times it's been seen in the wild. Pehlivan went to jail in February of 2011, along with six of his colleagues, after electronic evidence seized during a police raid in 2011 appeared to connect all of them to Ergenekon, an alleged armed group accused of terrorism in Turkey. A paper recently published by computer expert Mark Spencer in Digital Forensics Magazine sheds light into the case after several other reports have acknowledged the presence of malware. Spencer said no other forensics expert noticed the Ahtapot trojan in the OdaTV case, nor has determined accurately how those documents showed up on the journalist's computer. However, almost all the reports have concluded that the incriminating files were planted. "We are not guilty," Baris Pehlivan told Andrada Fiscutean via Motherboard. "The files were put into our computers by a virus and by [attackers] entering the OdaTV office secretly. None of us has seen those documents before the prosecutor showed them to us." (OdaTV is the website Pehlivan works for and "has been critical of the government and the Gulen Movement, which was accused by Turkish president Recep Tayyip Erdogan of orchestrating the recent attempted coup.") In regard to the report, senior security consultant at F-Secure, Taneli Kaivola, says, "Yes, [the report] takes an impressive level of conviction to locally attack a computer four times, and remotely attack it seven times [between January 1, 2011, and February 11, 2011], as well as a certain level of technical skill to set up the infrastructure for those attacks, which included document forgery and date and time manipulation."
Government

Nuclear Waste Accident 2 Years Ago May Cost More Than $2 Billion To Clean Up (arstechnica.com) 20

An anonymous reader writes: The Los Angeles Times is estimating that an explosion that occurred at a New Mexico nuclear waste dumping facility in 2014 could cost upwards of $2 billion to clean up. Construction began on the Waste Isolation Pilot Plant (WIPP) in New Mexico's Carlsbad desert in the 1980s. The site was built to handle transuranic waste from the US' nuclear weapons program. The WIPP had been eyed to receive nuclear waste from commercial power-generating plants as well. According to the LA Times, the 2014 explosion at the WIPP was downplayed by the federal government, with the Department of Energy (DoE) putting out statements indicating that cleanup was progressing quickly. Indeed, a 2015 Recovery Plan insisted that "limited waste disposal operations" would resume in the first quarter of 2016. Instead, two years have passed since the incident without any indication that smaller nuclear waste cleanup programs around the US will be able to deliver their waste to the New Mexico facility any time soon. The 2014 explosion apparently occurred when engineers at the Los Alamos National Laboratory were preparing a drum of plutonium and americium waste -- usually packed with kitty litter (yes, kitty litter) -- and decided to "substitute an organic material for a mineral one."
Businesses

Massachusetts Will Tax Ride-Sharing Companies To Subsidize Taxis (reuters.com) 445

Massachusetts will tax ride-sharing services -- 20 cents for each ride -- with 25% of the money raised going into a special fund for the taxi industry (according to an article shared by schwit1 ). Reuters reports: Ride services are not enthusiastic about the fee. "I don't think we should be in the business of subsidizing potential competitors," said Kirill Evdakov, the chief executive of Fasten, a ride service that launched in Boston last year and also operates in Austin, Texas. Some taxi owners wanted the law to go further, perhaps banning the start-up competitors unless they meet the requirements taxis do, such as regular vehicle inspection by the police...

The fee may raise millions of dollars a year because Lyft and Uber alone have a combined 2.5 million rides per month in Massachusetts... The 5-cent fee will be collected through the end of 2021. Then the taxi subsidy will disappear and the 20 cents will be split by localities and the state for five years. The whole fee will go away at the end of 2026.

Republican Governor Charlie Baker signed the law, which specifically bans ride-sharing services from passing those costs on to their drivers or riders. And the article notes that Taiwan has also hit Uber with a $6.4 million tax bill, while Seattle has passed a new law allowing ride-sharing drivers to unionize.
Education

Four Code Bootcamps Are Now Eligible For Government Financial Aid (hackeducation.com) 85

Long-time Slashdot reader theodp notes a pilot program for improving computer science education which includes financial aid for students at four code bootcamps: In this week's Hack Education Weekly News, Audrey Watters writes, "The US Department of Education has selected eight higher ed institutions and eight 'non-traditional providers' that will work as partners to pilot the DoE's new EQUIP experiment, meaning that students will be able to receive federal financial aid for coding bootcamps, MOOCs, and the like...

"Good thing there haven't been any problems with for-profit higher ed and exploitation of financial aid, otherwise this would all seem like a terrible idea."

The original submission has more details on the participants (including the four code bootcamps). Ultimately the program involves pairing "non-traditional" providers with higher education institutions -- and then monitoring their results with a third-party "quality assurance entity" -- to improve the ways we measure a school's performance, but also testing new ways to fund training for computer careers. (I'm curious how Slashdot's readers feel about government loans for attendees at code bootcamps...)
Government

Group Wants To Shut Down Tor For a Day On September 1 (softpedia.com) 228

An anonymous reader writes: An internal group at the Tor Project is calling for a full 24-hour shutdown of the Tor network to protest the way the Tor Project dealt with the Jake Applebaum sexual misconduct accusations, and because of recent rumors it might be letting former government agents in its ranks. Two Tor members, also node operators, have shut down their servers as well, because of the same reason. They explained their motivations here and here.
"The protesters have made 16 demands," according to the article, six related to related to supposed infiltration of Tor by government agents, and 10 regarding the Appelbaum ruling and investigation -- including "asking all Tor employees that participated in this investigation to leave" and "the persons behind the JacobAppelbaum.net and the @JakeMustDie and @VictimsOfJake Twitter accounts to come forward and their identities made public."
Security

German Minister Wants Facial Recognition Software At Airports and Train Stations (www.rte.ie) 111

An anonymous Slashdot reader quotes a surprising report from Ireland's National Public Service Broadcaster (based on a report in the German newspaper Bild am Sonntag): Germany's Interior Minister wants to introduce facial recognition software at train stations and airports to help identify terror suspects following two Islamist attacks in the country last month... "Then, if a suspect appears and is recognised, it will show up in the system," he told the paper. He said a similar system was already being tested for unattended luggage, which the camera reports after a certain number of minutes. The article reports that other countries are also considering the technology.
Piracy

India Threatens 3-Year Jail Sentences For Viewing Blocked Torrents (intoday.in) 95

"It is official now. The punishment for rape is actually less..." writes an anonymous Slashdot reader, who adds that "Some users think that this is all the fault of Bollywood/Hollywood movie studios. They are abusing power, court and money..." India Today reports: The Indian government, with the help of internet service providers, and presumably under directives of court, has banned thousands of websites and URLs in the last five odd years. But until now if you somehow visited these "blocked URLs" all was fine. However, now if you try to visit such URLs and view the information, you may get a three-year jail sentence as well as invite a fine...

This is just for viewing a torrent file, or downloading a file from a host that may have been banned in India, or even for viewing an image on a file host like Imagebam. You don't have to download a torrent file, and then the actual videos or other files, which might have copyright. Just accessing information under a blocked URL will land you in jail and leave your bank account poorer.

While it's not clear how this will be enforced, visiting a blocked URL in India now leads to a warning that "Viewing, downloading, exhibiting or duplicating an illicit copy of the contents under this URL is punishable as an offence under the laws of India, including but not limited to under Sections 63, 63-A, 65 and 65-A of the Copyright Act, 1957 which prescribe imprisonment for 3 years and also fine of up to Rs. 3,00,000..."
Security

Has WikiLeaks Morphed Into A Malware Hub? (backchannel.com) 125

Slashdot reader mirandakatz writes: In releasing an unredacted database of emails from the Turkish party AKP, WikiLeaks exposed the public to a collection of malware -- and even after a Bulgarian security expert pointed this out publicly, the organization only removed the select pieces of malware that he identified, leaving well over a thousand malicious files on the site.

That AKP leak also included the addresses and other personal details of millions of Turkish women, not unlike the recent DNC leak, which included the personal data of many private individuals. WikiLeaks says this is all in the name of its "accuracy policy," but the organization seems to be increasingly putting the public at risk.

The article opens with the question, "What the hell happened to WikiLeaks?" then argues that "Once an inspiring effort at transparency, WikiLeaks now seems more driven by personal grudges and reckless releases of information..."
The Military

Japan Plans To Build Unmanned Fighter Jets (reuters.com) 117

Slashdot reader It's the tripnaut! quotes an article from Reuters: Japan aims to develop a prototype drone fighter jet in two decades with private sector help in a technology strategy that focuses on weapons communications and lasers, according to a document seen by Reuters... The military technology plan calls for first developing an unmanned surveillance aircraft in the next decade and then an unmanned fighter jet 10 years later, the document showed...

The ministry will also allocate budget funds to acquire an upgraded version of the F-35 stealth fighter, made by U.S. company Lockheed Martin Corp...as tension rises in the East China Sea and North Korea steps up its missile threat, government officials with direct knowledge of the matter said.

AT&T

AT&T, Apple, Google To Work On 'Robocall' Crackdown (reuters.com) 110

Last month the FCC had pressed major U.S. phone companies to take immediate steps to develop technology that blocks unwanted automated calls available to consumers at no charge. It had demanded the concerned companies to come up with a "concrete, actionable" plan within 30 days. Well, the companies have complied. On Friday, 30 major technology companies announced they are joining the U.S. government to crack down on automated, pre-recorded telephone calls that regulators have labeled as "scourge." Reuters adds: AT&T, Alphabet, Apple, Verizon Communications and Comcast are among the members of the "Robocall Strike Force," which will work with the U.S. Federal Communications Commission. The strike force will report to the commission by Oct. 19 on "concrete plans to accelerate the development and adoption of new tools and solutions," said AT&T Chief Executive Officer Randall Stephenson, who is chairing the group. The group hopes to put in place Caller ID verification standards that would help block calls from spoofed phone numbers and to consider a "Do Not Originate" list that would block spoofers from impersonating specific phone numbers from governments, banks or others.
Government

The NSA Leak Is Real, Snowden Documents Confirm (theintercept.com) 146

Sam Biddle, reporting for The Intercept: On Monday, A hacking group calling itself the "ShadowBrokers" announced an auction for what it claimed were "cyber weapons" made by the NSA. Based on never-before-published documents provided by the whistleblower Edward Snowden, The Intercept can confirm that the arsenal contains authentic NSA software, part of a powerful constellation of tools used to covertly infect computers worldwide. The provenance of the code has been a matter of heated debate this week among cybersecurity experts, and while it remains unclear how the software leaked, one thing is now beyond speculation: The malware is covered with the NSA's virtual fingerprints and clearly originates from the agency. The evidence that ties the ShadowBrokers dump to the NSA comes in an agency manual for implanting malware, classified top secret, provided by Snowden, and not previously available to the public. The draft manual instructs NSA operators to track their use of one malware program using a specific 16-character string, "ace02468bdf13579." That exact same string appears throughout the ShadowBrokers leak in code associated with the same program, SECONDDATE. SECONDDATE plays a specialized role inside a complex global system built by the U.S. government to infect and monitor what one document estimated to be millions of computers around the world. Its release by ShadowBrokers, alongside dozens of other malicious tools, marks the first time any full copies of the NSA's offensive software have been available to the public, providing a glimpse at how an elaborate system outlined in the Snowden documents looks when deployed in the real world, as well as concrete evidence that NSA hackers don't always have the last word when it comes to computer exploitation.
Bitcoin

Eleven Reasons To Be Excited About The Future of Technology (medium.com) 282

Chris Dixon, an American internet entrepreneur and investor in a range of tech and media companies including Kickstarter and Foursquare has written an essay on Medium highlighting some of the reasons why we should be excited about the future of technology. The reasons he has listed are as follows: 1. Self-Driving Cars: Self-driving cars exist today that are safer than human-driven cars in most driving conditions. Over the next 3-5 years they'll get even safer, and will begin to go mainstream.
2. Clean Energy: Attempts to fight climate change by reducing the demand for energy haven't worked. Fortunately, scientists, engineers, and entrepreneurs have been working hard on the supply side to make clean energy convenient and cost-effective.
3. Virtual and Augmented Reality: Computer processors only recently became fast enough to power comfortable and convincing virtual and augmented reality experiences. Companies like Facebook, Google, Apple, and Microsoft are investing billions of dollars to make VR and AR more immersive, comfortable, and affordable.
4. Drones and Flying Cars: GPS started out as a military technology but is now used to hail taxis, get mapping directions, and hunt Pokemon. Likewise, drones started out as a military technology, but are increasingly being used for a wide range of consumer and commercial applications.
5. Artificial Intelligence: Artificial intelligence has made rapid advances in the last decade, due to new algorithms and massive increases in data collection and computing power.
6. Pocket Supercomputers for Everyone: By 2020, 80% of adults on earth will have an internet-connected smartphone. An iPhone 6 has about 2 billion transistors, roughly 625 times more transistors than a 1995 Intel Pentium computer. Today's smartphones are what used to be considered supercomputers.
7. Cryptocurrencies and Blockchains: Protocols are the plumbing of the internet. Most of the protocols we use today were developed decades ago by academia and government. Since then, protocol development mostly stopped as energy shifted to developing proprietary systems like social networks and messaging apps. Cryptocurrency and blockchain technologies are changing this by providing a new business model for internet protocols. This year alone, hundreds of millions of dollars were raised for a broad range of innovative blockchain-based protocols.
8. High-Quality Online Education: While college tuition skyrockets, anyone with a smartphone can study almost any topic online, accessing educational content that is mostly free and increasingly high-quality.
9. Better Food through Science: Earth is running out of farmable land and fresh water. This is partly because our food production systems are incredibly inefficient. It takes an astounding 1799 gallons of water to produce 1 pound of beef. Fortunately, a variety of new technologies are being developed to improve our food system.
10. Computerized Medicine: Until recently, computers have only been at the periphery of medicine, used primarily for research and record keeping. Today, the combination of computer science and medicine is leading to a variety of breakthroughs.
11. A New Space Age: Since the beginning of the space age in the 1950s, the vast majority of space funding has come from governments. But that funding has been in decline: for example, NASA's budget dropped from about 4.5% of the federal budget in the 1960s to about 0.5% of the federal budget today.

Government

How The US Will Likely Respond To Shadow Brokers Leak (dailydot.com) 110

blottsie writes: The NSA and FBI are both expected to investigate the leak of NSA-linked cyberweapons this week by an entity calling itself the Shadow Brokers, experts with knowledge of the process tell the Daily Dot. However, multiple experts say any retaliation by the U.S. will likely remain secret to keep the tactical advantage. Meanwhile, Motherboard reports that some former NSA staffers believe the leak is the work of a "rogue NSA insider." "First, the incident will be investigated by the National Security Agency as it tracks down exactly what went so wrong that top-secret offensive code and exploits ended up stolen and published for the world to see," reports Daily Dot. "An FBI counterintelligence investigation will likely follow, according to experts with knowledge of the process. [...] Following the investigation, the NSA and other entities within the United States government will have to decide on a response." The response will depend on a lot of things, such as whether or not an insider at the NSA is responsible for the breach -- a theory that is backed by a former NSA staffer and other experts. "The process is called an IGL: Intelligence Gain/Loss," reports Daily Dot. "Authorities suss out a pro and con list for various reactions, including directly and publicly blaming another country. [Chris Finan, a former director of cybersecurity legislation in the Obama administration and now CEO of the security firm Manifold Technology, said:] 'Some people think about responding in kind: A U.S. cyberattack. Doing that gives up the asymmetric response advantage you have in cyberspace.' Finan urged authorities to look at all tools, including economic sanctions against individuals, companies, groups, governments, or diplomatic constraints, to send a message through money rather than possibly burning a cyberwar advantage. Exactly if and how the U.S. responds to the Shadow Brokers incident will depend on the source of the attack. Attribution in cyberwar is tricky or even impossible much of the time. It quickly becomes a highly politicized process ripe with anonymous sources and little solid fact."

Slashdot Top Deals