Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Wired Profiles John Brooks, the Programmer Behind Ricochet

timothy posted yesterday | from the bouncy-bouncy dept.

Encryption 45

wabrandsma writes with this excerpt from Wired: John Brooks, who is just 22 and a self-taught coder who dropped out of school at 13, was always concerned about privacy and civil liberties. Four years ago he began work on a program for encrypted instant messaging that uses Tor hidden services for the protected transmission of communications. The program, which he dubbed Ricochet, began as a hobby. But by the time he finished, he had a full-fledged desktop client that was easy to use, offered anonymity and encryption, and even resolved the issue of metadata—the "to" and "from" headers and IP addresses spy agencies use to identify and track communications—long before the public was aware that the NSA was routinely collecting metadata in bulk for its spy programs. The only problem Brooks had with the program was that few people were interested in using it. Although he'd made Ricochet's code open source, Brooks never had it formally audited for security and did nothing to promote it, so few people even knew about it.

Then the Snowden leaks happened and metadata made headlines. Brooks realized he already had a solution that resolved a problem everyone else was suddenly scrambling to fix. Though ordinary encrypted email and instant messaging protect the contents of communications, metadata allows authorities to map relationships between communicants and subpoena service providers for subscriber information that can help unmask whistleblowers, journalists's sources and others.

Emails Cast Unflattering Light On Internal Politics of Healthcare.gov Rollout

timothy posted yesterday | from the wanna-be-absolutely-clear dept.

Democrats 361

An anonymous reader writes with this report from The Verge linking to and excerpting from a newly released report created for a committee in the U.S. House of Representatives, including portions of eight "damning emails" that offer an unflattering look at the rollout of the Obamacare website. The Government Office of Accountability released a report earlier this week detailing the security flaws in the site, but a report from the House Committee on Oversight and Government Reform released yesterday is even more damning. Titled, "Behind the Curtain of the HealthCare.gov Rollout," the report fingers the Centers for Medicare and Medicaid Services, which oversaw the development of the site, and its parent Department of Health and Human Services. "Officials at CMS and HHS refused to admit to the public that the website was not on track to launch without significant functionality problems and substantial security risks," the report says. "There is also evidence that the Administration, to this day, is continuing its efforts to shield ongoing problems with the website from public view." Writes the submitter: "The evidence includes emails that show Obamacare officials more interested in keeping their problems from leaking to the press than working to fix them. This is both both a coverup and incompetence."

Proposed Law Would Limit US Search Warrants For Data Stored Abroad

timothy posted 2 days ago | from the step-in-the-right-direction dept.

Privacy 110

An anonymous reader writes On Thursday, a bipartisan law was introduced in the Senate that would limit US law enforcement's ability to obtain user data from US companies with servers physically located abroad. Law enforcement would still be able to gain access to those servers with a US warrant, but the warrant would be limited to data belonging to US citizens. This bill, called the LEADS Act (PDF), addresses concerns by the likes of Microsoft and other tech giants that worry about the impact law enforcement over-reach will have on their global businesses. Critics remain skeptical: "we are concerned about how the provision authorizing long-arm warrants for the accounts of US persons would be administered, and whether we could reasonably expect reciprocity from other nations on such an approach."

Netropolitan Is a Facebook For the Affluent, and It's Only $9000 To Join

samzenpus posted 3 days ago | from the paying-the-price dept.

Social Networks 177

MojoKid writes Facebook has become too crowded and too mundane. With around 1.3 billion Facebook users, it's understandable to be overwhelmed by everything and want to get away from it all. However, unlike Facebook which is looking to connect everyone to the internet, there is a new site called Netropolitan that focuses more on exclusivity and privacy. The site was founded by composer and former conductor of the Minnesota Philharmonic Orchestra James Touchi-Peters who wanted to provide a social media site for affluent and accomplished individuals. People wishing to join need only pay a mere $9,000 to join. Of that amount, $6,000 is the initiation fee and the remaining $3,000 is for the annual membership fee which users will continue to pay. So what does the initiation and annual fee get you? For starters, Netropolitan will offer an ad-free experience and will not promote any kind of paid promotions to its members. However, it will allow the creation of groups by businesses in which members can advertise to each other under certain guidelines.

Apple's "Warrant Canary" Has Died

samzenpus posted 3 days ago | from the get-out-of-the-mine dept.

Privacy 231

HughPickens.com writes When Apple published its first Transparency Report on government activity in late 2013, the document contained an important footnote that stated: "Apple has never received an order under Section 215 of the USA Patriot Act. We would expect to challenge such an order if served on us." Now Jeff John Roberts writes at Gigaom that Apple's warrant canary has disappeared. A review of the company's last two Transparency Reports, covering the second half of 2013 and the first six months of 2014, shows that the "canary" language is no longer there suggesting that Apple is now part of FISA or PRISM proceedings.

Warrant canaries are a tool used by companies and publishers to signify to their users that, so far, they have not been subject to a given type of law enforcement request such as a secret subpoena. If the canary disappears, then it is likely the situation has changed — and the company has been subject to such request. This may also give some insight into Apple's recent decision to rework its latest encryption in a way that makes it almost impossible for the company to turn over data from most iPhones or iPads to police.

Next Android To Enable Local Encryption By Default Too, Says Google

timothy posted 3 days ago | from the keep-it-to-yourself-bub dept.

Encryption 126

An anonymous reader writes The same day that Apple announced that iOS 8 will encrypt device data with a local code that is not shared with Apple, Google has pointed out that Android already offers the same feature as a user option and that the next version will enable it by default. The announcements by both major cell phone [operating system makers] underscores a new emphasis on privacy in the wake of recent government surveillance revelations in the U.S. At the same time, it leaves unresolved the tension between security and convenience when both companies' devices are configured to upload user content to iCloud and Google+ servers for backup and synchronization across devices, servers and content to which Apple and Google do have access.

Once Vehicles Are Connected To the Internet of Things, Who Guards Your Privacy?

timothy posted 3 days ago | from the I-hope-it's-rob-ford dept.

Networking 130

Lucas123 (935744) writes Carmakers already remotely collect data from their vehicles, unbeknownst to most drivers, but once connected via in-car routers or mobile devices to the Internet, and to roadway infrastructure and other vehicles around them, that information would be accessible by the government or other undesired entities. Location data, which is routinely collected by GPS providers and makers of telematics systems, is among the most sensitive pieces of information that can be collected, according to Nate Cardozo, an attorney with the Electronic Frontier Foundation. "Not having knowledge that a third party is collecting that data on us and with whom they are sharing that data with is extremely troubling," Cardozo said. in-vehicle diagnostics data could also be used by government agencies to track driver behavior. Nightmare scenarios could include traffic violations being issued without law enforcement officers on the scene or federal agencies having the ability to track your every move in a car. That there could be useful data in all that personally identifiable bits made me think of Peter Wayner's "Translucent Databases."

Apple Will No Longer Unlock Most iPhones, iPads For Police

timothy posted 3 days ago | from the just-what-they-want-you-to-think-part-827398 dept.

Encryption 502

SternisheFan writes with this selection from a story at the Washington Post: Apple said Wednesday night that it is making it impossible for the company to turn over data from most iPhones or iPads to police — even when they have a search warrant — taking a hard new line as tech companies attempt to blunt allegations that they have too readily participated in government efforts to collect user data. The move, announced with the publication of a new privacy policy tied to the release of Apple's latest mobile operating system, iOS 8, amounts to an engineering solution to a legal dilemma: Rather than comply with binding court orders, Apple has reworked its latest encryption in a way that makes it almost impossible for the company – or anyone else but the device's owner – to gain access to the vast troves of user data typically stored on smartphones or tablet computers. The key is the encryption that Apple mobile devices automatically put in place when a user selects a passcode, making it difficult for anyone who lacks that passcode to access the information within, including photos, e-mails, recordings or other documents. Apple once kept possession of encryption keys that unlocked devices for legally binding police requests, but will no longer do so for iOS8, it said in a new guide for law enforcement. "Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data," Apple said on its Web site. "So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8."

NSA Director Says Agency Is Still Trying To Figure Out Cyber Operations

Soulskill posted 5 days ago | from the i-don't-think-the-mr-magoo-routine-is-going-to-work dept.

Government 103

Trailrunner7 writes: In a keynote speech at a security conference in Washington on Tuesday, new NSA Director Mike Rogers emphasized a need to establish behavioral norms for cyber war. "We're still trying to work our way through distinguishing the difference between criminal hacking and an act of war," said Rogers. "If this was easy, we would have figured it out years ago. We have a broad consensus about what constitutes an act of war, what's an act of defense." Rogers went on to explain that we need to better establish standardized terminology and standardized norms like those that exist in the realm of nuclear deterrence. Unfortunately, unlike in traditional national defense, we can not assume that the government will be able to completely protect us against cyber-threats because the threat ecosystem is just too broad.

FBI Completes New Face Recognition System

Soulskill posted 5 days ago | from the they-know-what-you-did-last-summer dept.

Privacy 129

Advocatus Diaboli writes: According to a report from Gizmodo, "After six years and over one billion dollars in development, the FBI has just announced that its new biometric facial recognition software system is finally complete. Meaning that, starting soon, photos of tens of millions of U.S. citizen's faces will be captured by the national system on a daily basis. The Next Generation Identification (NGI) program will logs all of those faces, and will reference them against its growing database in the event of a crime. It's not just faces, though. Thanks to the shared database dubbed the Interstate Photo System (IPS), everything from tattoos to scars to a person's irises could be enough to secure an ID. What's more, the FBI is estimating that NGI will include as many as 52 million individual faces by next year, collecting identified faces from mug shots and some job applications." Techdirt points out that an assessment of how this system affects privacy was supposed to have preceded the actual rollout. Unfortunately, that assessment is nowhere to be found.

Two recent news items are related. First, at a music festival in Boston last year, face recognition software was tested on festival-goers. Boston police denied involvement, but were seen using the software, and much of the data was carelessly made available online. Second, both Ford and GM are working on bringing face recognition software to cars. It's intended for safety and security — it can act as authentication and to make sure the driver is paying attention to the road.

Tim Cook Says Apple Can't Read Users' Emails, That iCloud Wasn't Hacked

timothy posted 5 days ago | from the our-cooperation-was-strictly-reluctant dept.

Cloud 191

Apple CEO Tim Cook insists that Apple doesn't read -- in fact, says Cook, cannot read -- user's emails, and that the company's iCloud service wasn't hacked. ZDNet presents highlights from Cook's lengthy, two-part interview with Charlie Rose. One selection of particular interest: Apple previously said that even it can't access iMessage and FaceTime communications, stating that such messages and calls are not held in an "identifiable form." [Cook] claimed if the government "laid a subpoena," then Apple "can't provide it." He said, bluntly: "We don't have a key... the door is closed." He reiterated previous comments, whereby Apple has said it is not in the business of collecting people's data. He said: "When we design a new service, we try not to collect data. We're not reading your email." Cook went on to talk about PRISM in more detail, following the lead from every other technology company implicated by those now-infamous PowerPoint slides.

Quickflix Wants Netflix To Drop Australian VPN Users

timothy posted 5 days ago | from the all-we-want-is-a-captive-audience dept.

Australia 172

ashshy writes 200,000 Australian residents reportedly use Netflix today, tunneling their video traffic to the US, UK, and other Netflix markets via VPN connections. A proper Netflix Down Under service isn't expected to launch until 2015. Last week, Aussie video streaming company Quickflix told Netflix to stop this practice, so Australian viewers can return to Quickflix and other local alternatives. But Quickflix CEO Stephen Langsford didn't explain how Netflix could restrict Australian VPN users, beyond the IP geolocating and credit card billing address checks it already runs. Today, ZDNet's Josh Taylor ripped into the absurdity of Quickflix's demands. From the article: "If Netflix cuts those people off, they're going to know that it was at the behest of Foxtel and Quickflix, and would likely boycott those services instead of flocking to them. If nothing else, it would encourage those who have tried to do the right thing by subscribing and paying for content on Netflix to return to copyright infringement."

NSW Police Named as FinFisher Spyware Users

samzenpus posted about a week ago | from the oh-watching-the-places-you'll-go dept.

Australia 73

Bismillah writes Wikileaks' latest release of documents shows that the Australian New South Wales police force has spent millions on licenses for the FinFisher set of law enforcement spy- and malware tools — and still has active licenses. What it uses FinFisher, which has been deployed against dissidents by oppressive regimes, for is yet to be revealed. NSW Police spokesperson John Thompson said it would not be appropriate to comment "given this technology relates to operational capability".

Comcast Allegedly Asking Customers to Stop Using Tor

samzenpus posted about a week ago | from the no-tor-for-you dept.

Businesses 418

An anonymous reader writes Comcast agents have reportedly contacted customers who use Tor and said their service can get terminated if they don't stop using Tor. According to Deep.Dot.Web, one of those calls included a Comcast customer service agent who allegedly called Tor an “illegal service.” The Comcast agent told the customer that such activity is against usage policies. The Comcast agent then allegedly told the customer: "Users who try to use anonymity, or cover themselves up on the internet, are usually doing things that aren’t so-to-speak legal. We have the right to terminate, fine, or suspend your account at anytime due to you violating the rules. Do you have any other questions? Thank you for contacting Comcast, have a great day." Update: 09/15 18:38 GMT by S : Comcast has responded, saying they have no policy against Tor and don't care if people use it.

New Details About NSA's Exhaustive Search of Edward Snowden's Emails

samzenpus posted about a week ago | from the taking-a-good-look dept.

Government 200

An anonymous reader points out this Vice story with new information about the NSA's search of Edward Snowden's emails. Last year, the National Security Agency (NSA) reviewed all of Edward Snowden's available emails in addition to interviewing NSA employees and contractors in order to determine if he had ever raised concerns internally about the agency's vast surveillance programs. According to court documents the government filed in federal court September 12, NSA officials were unable to find any evidence Snowden ever had.

In a sworn declaration, David Sherman, the NSA's associate director for policy and records, said the agency launched a "comprehensive" investigation after journalists began to write about top-secret NSA spy programs upon obtaining documents Snowden leaked to them. The investigation included searches of any records where emails Snowden sent raising concerns about NSA programs "would be expected to be found within the agency." Sherman, who has worked for the NSA since 1985, is a "original classification authority," which means he can classify documents as "top-secret" and process, review, and redact records the agency releases in response to Freedom of Information Act (FOIA) requests.

In his declaration, Sherman detailed steps he said agency officials took to track down any emails Snowden wrote that contained evidence he'd raised concerns inside the agency. Sherman said the NSA searched sent, received, deleted emails from Snowden's account and emails "obtained by restoring back-up tapes." He noted that NSA officials reviewed written reports and notes from interviews with "NSA affiliates" with whom the agency spoke during its investigation.

Treasure Map: NSA, GCHQ Work On Real-Time "Google Earth" Internet Observation

samzenpus posted about a week ago | from the lets-see-what-you're-doing dept.

United States 266

wabrandsma) writes with the latest accusations about NSA spying activity in Germany. According to top-secret documents from the NSA and the British agency GCHQ, the intelligence agencies are seeking to map the entire Internet.
Furthermore, every single end device that is connected to the Internet somewhere in the world — every smartphone, tablet and computer — is to be made visible. Such a map doesn't just reveal one treasure. There are millions of them. The breathtaking mission is described in a Treasure Map presentation from the documents of the former intelligence service employee Edward Snowden which SPIEGEL has seen. It instructs analysts to "map the entire Internet — Any device, anywhere, all the time." Treasure Map allows for the creation of an "interactive map of the global Internet" in "near real-time," the document notes. Employees of the so-called "FiveEyes" intelligence agencies from Great Britain, Canada, Australia and New Zealand, which cooperate closely with the American agency NSA, can install and use the program on their own computers. One can imagine it as a kind of Google Earth for global data traffic, a bird's eye view of the planet's digital arteries.

School Installs Biometric Fingerprint System For Cafeteria

samzenpus posted about a week ago | from the paying-with-one-finger dept.

United Kingdom 230

An anonymous reader writes with news about a school in England that has introduced a cashless cafeteria system that is raising some privacy concerns among some. Stourbridge students will soon be able to pay for their lunch without searching their pockets for change. Redhill School has spent £20,000 updating its dining facilities and introducing a cashless catering system. The system will allow parents to deposit funds into students catering accounts, to be debited by the pupil's biometric fingerprint scan at the point of sale. Headteacher Stephen Dunster said: "The benefits are that pupils are less likely to lose cash, parents know their children are using their dinner money to buy nutritious food and there will also be a system to alert staff if students are purchasing food that they may be allergic to."

NSA Metadata Collection Gets 90-Day Extension

Soulskill posted about a week ago | from the you-can-trust-us-for-90-more-days dept.

Government 73

schwit1 sends word that the Foreign Intelligence Surveillance Court has authorized a 90-day extension to the NSA's ability to collect bulk metadata about U.S. citizens' phone calls. In April, the House of Representatives passed a bill to limit the NSA's collection of metadata, but the Senate has been working on their version of the bill since then without yet voting on it. Because of this, and the alleged importance of continuing intelligence operations, the government sought a 90-day reauthorization of the current program. The court agreed. Senator Patrick Leahy said this clearly demonstrates the need to get this legislation passed. "We cannot wait any longer, and we cannot defer action on this important issue until the next Congress. This announcement underscores, once again, that it is time for Congress to enact meaningful reforms to protect individual privacy.

Justice Sotomayor Warns Against Tech-Enabled "Orwellian" World

Soulskill posted about a week ago | from the trading-privacy-for-convenience dept.

Privacy 166

An anonymous reader writes: U.S. Supreme Court Justice Sonia Sotomayor spoke on Thursday to faculty and students at the University of Oklahoma City about the privacy perils brought on by modern technology. She warned that the march of technological progress comes with a need to enact privacy protections if we want to avoid living in an "Orwellian world" of constant surveillance. She said, "There are drones flying over the air randomly that are recording everything that's happening on what we consider our private property. That type of technology has to stimulate us to think about what is it that we cherish in privacy and how far we want to protect it and from whom. Because people think that it should be protected just against government intrusion, but I don't like the fact that someone I don't know can pick up, if they're a private citizen, one of these drones and fly it over my property."

The Challenges and Threats of Automated Lip Reading

Soulskill posted about a week ago | from the surgical-masks-become-high-fashion-in-2018 dept.

AI 120

An anonymous reader writes: Speech recognition has gotten pretty good over the past several years. it's reliable enough to be ubiquitous in our mobile devices. But now we have an interesting, related dilemma: should we develop algorithms that can lip read? It's a more challenging problem, to be sure. Sounds can be translated directly into words, but deriving meaning out of the movement of a person's face is much more complex. "During speech, the mouth forms between 10 and 14 different shapes, known as visemes. By contrast, speech contains around 50 individual sounds known as phonemes. So a single viseme can represent several different phonemes. And therein lies the problem. A sequence of visemes cannot usually be associated with a unique word or sequence of words. Instead, a sequence of visemes can have several different solutions." Beyond the computational aspect, we also need to decide, as a society, if this is a technology that should exist. The privacy implications extend beyond that of simple voice recognition.

Slashdot Login

Need an Account?

Forgot your password?

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>