×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Preventative Treatment For Heartbleed On Healthcare.gov

timothy posted 4 hours ago | from the welcome-to-centralized-medicine-dot-gov dept.

36

As the San Francisco Chronicle reports, "People who have accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the confounding Heartbleed Internet security flaw." Take note, though; the article goes on to immediately point out this does not mean that the HealthCare.gov site has been compromised: "Senior administration officials said there is no indication that the HealthCare.gov site has been compromised and the action is being taken out of an abundance of caution. The government's Heartbleed review is ongoing, the officials said, and users of other websites may also be told to change their passwords in the coming days, including those with accounts on the popular WhiteHouse.gov petitions page." Also at The Verge

New 'Google' For the Dark Web Makes Buying Dope and Guns Easy

timothy posted 6 hours ago | from the and-you'd-trust-this-because dept.

98

First time accepted submitter turkeydance (1266624) writes "The dark web just got a little less dark with the launch of a new search engine that lets you easily find illicit drugs and other contraband online. Grams, which launched last week and is patterned after Google, is accessible only through the Tor anonymizing browser (the address for Grams is: grams7enufi7jmdl.onion) but fills a niche for anyone seeking quick access to sites selling drugs, guns, stolen credit card numbers, counterfeit cash and fake IDs — sites that previously only could be found by users who knew the exact URL for the site."

How Nest and FitBit Might Spy On You For Cash

Soulskill posted yesterday | from the don't-let-them-take-your-analog-shoelaces dept.

91

Nerval's Lobster writes: "Forbes offers up a comforting little story about how Nest and FitBit are planning on turning user data in a multi-billion-dollar business. 'Smart-thermostat maker Nest Labs (which is being acquired by Google for $3.2 billion) has quietly built a side business managing the energy consumption of a slice of its customers on behalf of electric companies,' reads the article. 'In wearables, health tracker Fitbit is selling companies the tracking bracelets and analytics services to better manage their health care budgets, and its rival Jawbone may be preparing to do the same.' As many a wit has said over the years: If you're not paying, you're the product. But if Forbes is right, wearable-electronics companies may have discovered a sweeter deal: paying customers on one side, and companies paying for those customers' data on the other. Will most consumers actually care, though?"

MediaGoblin and FSF Successfully Raise Funds For Federation, Privacy Features

Soulskill posted yesterday | from the if-you-build-it-they-will-come dept.

22

paroneayea writes: "GNU MediaGoblin and the Free Software Foundation have jointly run a campaign for privacy and federation on the web. The campaign is in its last day but has already passed the first two funding milestones, and is hoping to raise more with the possibility of bringing in multiple dedicated resources to the project. The project has also released a full financial transparency report so donors can know how they can expect their money to be used!"

New Facebook Phone App Lets You Stalk Your Friends

samzenpus posted 2 days ago | from the I-won't-be-ignored dept.

60

Hugh Pickens DOT Com (2995471) writes "Iain Thomson reports that Facebook is adding a new application called 'Nearby Friends' that alerts smartphone users when their friends are nearby. 'If you turn on Nearby Friends, you'll occasionally be notified when friends are nearby, so you can get in touch with them and meet up,' says Facebook in a statement. 'For example, when you're headed to the movies, Nearby Friends will let you know if friends are nearby so you can see the movie together or meet up afterward.' The feature, which is opt-in, allows users to select which friends get a warning that you are in the area, and prepare a subset of people who might like to know when you're near, if they have the Nearby Friends activated as well. According to Josh Constine what makes 'Nearby Friends' different than competitors and could give it an advantage is that it's centered around broadcasting proximity, not location. 'If someone's close, you'll know, and can ping them about their precise location and meeting up. Broadcasting location is creepy so we're less likely to share it, and can cause awkward drop-ins where someone tries to come see you when you didn't want them to.'"

Tor Blacklisting Exit Nodes Vulnerable To Heartbleed

timothy posted 2 days ago | from the all-tor-up dept.

56

msm1267 (2804139) writes "The Tor Project has published a list of 380 exit relays vulnerable to the Heartbleed OpenSSL vulnerability that it will reject. This comes on the heels of news that researcher Collin Mulliner of Northeastern University in Boston found more than 1,000 nodes vulnerable to Heartbleed where he was able to retrieve plaintext user traffic. Mulliner said he used a random list of 5,000 Tor nodes from the Dan.me.uk website for his research; of the 1,045 vulnerable nodes he discovered, he recovered plaintext traffic that included Tor plaintext announcements, but a significant number of nodes leaked user traffic in the clear."

RCMP Arrest Canadian Teen For Heartbleed Exploit

timothy posted 2 days ago | from the they-got-their-man dept.

103

According to PC Mag, a "19-year-old Canadian was arrested on Tuesday for his alleged role in the breach of the Canada Revenue Agency (CRA) website, the first known arrest for exploiting the Heartbleed bug. Stephen Arthuro Solis-Reyes (pictured) of London, Ontario faces one count of Unauthorized Use of Computer and one count of Mischief in Relation to Data." That exploit led to a deadline extension for some Canadian taxpayers in getting in their returns this year. The Register has the story as well. The Montreal Gazette has some pointed questions about how much the Canadian tax authorities knew about the breach, and when.

FBI Drone Deployment Timeline

samzenpus posted 3 days ago | from the when-and-where dept.

33

An anonymous reader writes "The FBI insists that it uses drone technology to conduct surveillance in 'very limited circumstances.' What those particular circumstances are remain a mystery, particularly since the Bureau refuses to identify instances where agents deployed unmanned aerial vehicles, even as far back as 2006. In a letter to Senator Ron Paul last July, the FBI indicated that it had used drones a total of ten times since late 2006—eight criminal cases and two national security cases—and had authorized drone deployments in three additional cases, but did not actually fly them. The sole specific case where the FBI is willing to confirm using a drone was in February 2013, as surveillance support for a child kidnapping case in Alabama. New documents obtained by MuckRock as part of the Drone Census flesh out the timeline of FBI drone deployments in detail that was previously unavailable. While heavily redacted—censors deemed even basic facts that were already public about the Alabama case to be too sensitive for release, apparently—these flight orders, after action reviews and mission reports contain new details of FBI drone flights."

Student Records Kids Who Bully Him, Then Gets Threatened With Wiretapping Charge

Soulskill posted 3 days ago | from the it-takes-real-effort-to-be-this-wrong dept.

790

An anonymous reader tips news of an incident in a Pennsylvania high school in which a student, Christian Stanfield, was being bullied on a regular basis. He used a tablet to make an audio recording of the bullies for the purpose of showing his mother how bad it was. She was shocked, and she called school officials to tell them what was going on. The officials brought in a police lieutenant — but not to deal with the bullies. Instead, the officer interrogated Stanfield and made him delete the recording. The officer then threatened to charge him with felony wiretapping. The charges were later reduced to disorderly conduct, and Stanfield was forced to testify before a magistrate, who found him guilty. Stanfield's mother said, "Christian's willingness to advocate in a non-violent manner should be championed as a turning point. If Mr. Milburn and the South Fayette school district really want to do the right thing, they would recognized that their zero-tolerance policies and overemphasis on academics and athletics have practically eliminated social and emotional functioning from school culture."

Update: 04/17 04:36 GMT by T : The attention this case has gotten may have something to do with the later-announced decision by the Allegheny County District Attorney's office to withdraw the charges against Stanfield.

52 Million Photos In FBI's Face Recognition Database By Next Year

Soulskill posted 4 days ago | from the you-can-trust-us dept.

108

Advocatus Diaboli writes "The EFF has been investigating the FBI's Next-Generation Identification (NGI) scheme, an enormous database of biometric information. It's based on the agency's fingerprint database, which already has 100 million records. But according to the documents EFF dug up, the NGI database will include 52 million images of people's faces by 2015. At least 4.3 million images will have been taken outside any sort of criminal context. 'Currently, if you apply for any type of job that requires fingerprinting or a background check, your prints are sent to and stored by the FBI in its civil print database. However, the FBI has never before collected a photograph along with those prints. This is changing with NGI. Now an employer could require you to provide a 'mug shot' photo along with your fingerprints. If that's the case, then the FBI will store both your face print and your fingerprints along with your biographic data.'"

Snowden Used the Linux Distro Designed For Internet Anonymity

Soulskill posted 4 days ago | from the NSA-can't-make-heads-or-something-of-it dept.

170

Hugh Pickens DOT Com writes: "When Edward Snowden first emailed Glenn Greenwald, he insisted on using email encryption software called PGP for all communications. Now Klint Finley reports that Snowden also used The Amnesic Incognito Live System (Tails) to keep his communications out of the NSA's prying eyes. Tails is a kind of computer-in-a-box using a version of the Linux operating system optimized for anonymity that you install on a DVD or USB drive, boot your computer from and you're pretty close to anonymous on the internet. 'Snowden, Greenwald and their collaborator, documentary film maker Laura Poitras, used it because, by design, Tails doesn't store any data locally,' writes Finley. 'This makes it virtually immune to malicious software, and prevents someone from performing effective forensics on the computer after the fact. That protects both the journalists, and often more importantly, their sources.'

The developers of Tails are, appropriately, anonymous. They're protecting their identities, in part, to help protect the code from government interference. 'The NSA has been pressuring free software projects and developers in various ways,' the group says. But since we don't know who wrote Tails, how do we know it isn't some government plot designed to snare activists or criminals? A couple of ways, actually. One of the Snowden leaks show the NSA complaining about Tails in a Power Point Slide; if it's bad for the NSA, it's safe to say it's good for privacy. And all of the Tails code is open source, so it can be inspected by anyone worried about foul play. 'With Tails,' say the distro developers, 'we provide a tongue and a pen protected by state-of-the-art cryptography to guarantee basic human rights and allow journalists worldwide to work and communicate freely and without fear of reprisal.'"

Guardian and WaPo Receive Pulitzers For Snowden Coverage

Unknown Lamer posted 4 days ago | from the pulitzer-prize-board-added-to-terrorist-organization-list dept.

78

Late Yesterday, the Pulitzer Prize board announced (PDF) the 2014 Pulitzer Prize winners. The public service prize was awarded to the Guardian and the Washington Post. The Washington Post was given the award for its role in revealing widespread surveillance by the NSA, "...marked by authoritative and insightful reports that helped the public understand how the disclosures fit into the larger framework of national security," and the Guardian for sparking "...a debate about the relationship between the government and the public over issues of security and privacy." Snowden released a statement praising the Pulitzer board: "Today's decision is a vindication for everyone who believes that the public has a role in government. We owe it to the efforts of the brave reporters and their colleagues who kept working in the face of extraordinary intimidation, including the forced destruction of journalistic materials, the inappropriate use of terrorism laws, and so many other means of pressure to get them to stop what the world now recognizes was work of vital public importance. This decision reminds us that what no individual conscience can change, a free press can. "

Google Buys Drone Maker Titan Aerospace

samzenpus posted 5 days ago | from the welcome-to-the-google dept.

41

garymortimer (1882326) writes "Google has acquired drone maker Titan Aerospace. Titan is a New Mexico-based company that makes high-flying solar powered drones. There's no word on the price Google paid, but Facebook had been in talks to acquire the company earlier this year for a reported $60 million. Presumably, Google paid more than that to keep it away from Facebook. 'Google had just recently demonstrated how its Loon prototype balloons could traverse the globe in a remarkably short period of time, but the use of drones could conceivably make a network of Internet-providing automotons even better at globe-trotting, with a higher degree of control and ability to react to changing conditions. Some kind of hybrid system might also be in the pipeline that marries both technologies.'"

Anyone Can Buy Google Glass April 15

samzenpus posted about a week ago | from the all-the-better-to-see-you-with dept.

167

An anonymous reader writes "Starting at 9 a.m. ET on April 15 anyone in the US will be able to buy Google Glass for one day. From the article: 'This is the first time the device has been available to the general public. So far, the face-mounted computers have been sold only to Google "Explorers," the company's name for early adopters. At first only developers could buy Glass, but Google slowly expanded the program to include regular people. Some were hand-picked, others applied to be Explorers through Google contests by sharing what cool projects they would do if they had Glass.'"

Commenters To Dropbox CEO: Houston, We Have a Problem

timothy posted about a week ago | from the don't-worry-we'll-only-look-at-the-secrets dept.

447

theodp (442580) writes "On Friday, Dropbox CEO Drew Houston sought to quell the uproar over the appointment of former Secretary of State Condoleezza Rice to the company's board of directors, promising in a blog post that Rice's appointment won't change its stance on privacy. More interesting than Houston's brief blog post on the method-behind-its-Condi-madness (which Dave Winer perhaps better explained a day earlier) is the firestorm in the ever-growing hundreds of comments that follow. So will Dropbox be swayed by the anti-Condi crowd ("If you do not eliminate Rice from your board you lose my business") or stand its ground, heartened by pro-Condi comments ("Good on ya, DB. You have my continued business and even greater admiration")? One imagines that Bush White House experience has left Condi pretty thick-skinned, and IPO riches are presumably on the horizon, but is falling on her "resignation sword" — a la Brendan Eich — out of the question for Condi?"

Canada Introduces Privacy Reforms That Encourage Warrantless Disclosure of Info

samzenpus posted about a week ago | from the what-do-you-want-to-know? dept.

99

An anonymous reader writes "Earlier this week, the government introduced the Digital Privacy Act (Bill S-4), the latest attempt to update Canada's private sector privacy law. Michael Geist reports that the bill includes a provision that could massively expand warrantless disclosure of personal information. Organizations will be permitted to disclose personal information without consent (and without a court order) to any organization that is investigating a contractual breach or possible violation of any law. This applies both past breaches or violations as well as potential future violations. Moreover, the disclosure occurs in secret without the knowledge of the affected person (who therefore cannot challenge the disclosure since they are not aware it is happening). Consider it a gift to copyright trolls, who won't need the courts to obtain information on thousands of Internet users."

Google Chrome Flaw Sets Your PC's Mic Live

timothy posted about two weeks ago | from the lives-of-others dept.

152

First time accepted submitter AllTheTinfoilHats (3612007) writes "A security flaw in Google Chrome allows any website you visit with the browser to listen in on nearby conversations. It doesn't allow sites to access your microphone's audio, but provides them with a transcript of the browser's speech-to-text transcriptions of anything in range. It was found by a programmer in Israel, who says Google issued a low-priority label to the bug when he reported it, until he wrote about it on his blog and the post started picking up steam on social media. The website has to keep you clicking for eight seconds to keep the microphone on, and Google says it has no timeline for a fix." However, as discoverer Guy Aharonovsky is quoted, "It seems like they started to look for a way to quickly mitigate this flaw."

London's Public Bike Data Can Tell Everyone Where You've Been

timothy posted about two weeks ago | from the away-from-flat-call-in-the-burglary-lorry dept.

41

An anonymous reader writes "I recently posted this article with a few vizualizations and a bit of analysis about the risks associated with open data sets. Thought it might be of interest of Slashdot readers: 'This article is about a publicly available dataset of bicycle journey data that contains enough information to track the movements of individual cyclists across London, for a six month period just over a year ago.'"

Double Take: Condoleezza Rice As Dropbox's Newest Board Member

timothy posted about two weeks ago | from the describe-your-conversation-with-the-inquisition dept.

313

Condoleezza Rice, Secretary of State under George W. Bush, and defender of Bush-era (and onward) policies about surveillance by wiretapping and other means, has landed at an interesting place: she's just become a part of the small board at Dropbox. TechDirt calls the appointment "tone deaf," and writes "At a time when people around the globe are increasingly worried about American tech firms having too close a connection to the intelligence community, a move like this seems like a huge public relations disaster. While Rice may be perfectly qualified to hold the role and to help Dropbox with the issues it needs help with, it's hard not to believe that there would be others with less baggage who could handle the job just as well." Some people are doing more than looking for an alternative for themselves, too, as a result.

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...