Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).

×
Privacy

Baltimore Police Used Stingrays For Phone Tracking Over 25,000 Times 28

Posted by Soulskill
from the i-don't-remember-that-episode-of-The-Wire dept.
An anonymous reader writes The Baltimore Police Department is starting to come clean about its use of cell-phone signal interceptors — commonly known as Stingrays — and the numbers are alarming. According to recent court testimony reported by The Baltimore Sun, the city's police have used Stingray devices with a court order more than 25,000 times. It's a massive number, representing an average of nearly nine uses a day for eight years (the BPD acquired the technology in 2007), and it doesn't include any emergency uses of the device, which would have proceeded without a court order.
Businesses

Comcast and TWC Will Negotiate With Officials To Save Their Merger 86

Posted by samzenpus
from the lets-talk-about-this dept.
An anonymous reader writes with news about Comcast and Time Warner Cable's attempt to keep their proposed merger alive. "Comcast Corp. and Time Warner Cable Inc. are slated to sit down for the first time on Wednesday with Justice Department officials to discuss potential remedies in hopes of keeping their $45.2 billion merger on track, according to people familiar with the matter. The parties haven't met face-to-face to hash out possible concessions in the more than 14 months since the deal was announced. Staffers at both the Justice Department and the Federal Communications Commission remain concerned a combined company would wield too much power in the broadband Internet market and give it unfair competitive leverage against TV channel owners and new market entrants that offer video programming online, said people with knowledge of the review."
Cellphones

Does Lack of FM Support On Phones Increase Your Chances of Dying In a Disaster? 338

Posted by timothy
from the well-if-you-put-it-that-way dept.
theodp writes "You may not know it," reports NPR's Emma Bowman, "but most of today's smartphones have FM radios inside of them. But the FM chip is not activated on two-thirds of devices. That's because mobile makers have the FM capability switched off. The National Association of Broadcasters has been asking mobile makers to change this. But the mobile industry, which profits from selling data to smartphone users, says that with the consumer's move toward mobile streaming apps, the demand for radio simply isn't there." But FEMA Administrator Craig Fugate says radio-enabled smartphones could sure come in handy during times of emergency. So, is it irresponsible not to activate the FM chips? And should it's-the-app-way-or-the-highway Apple follow Microsoft's lead and make no-static-at-all FM available on iPhones?
Communications

Norway Will Switch Off FM Radio In 2017 283

Posted by timothy
from the video-sought-by-police-for-questioning dept.
New submitter titten writes The Norwegian Ministry of Culture has announced that the transition to DAB will be completed in 2017. This means that Norway, as the first country in the world to do so, has decided to switch off the FM network. Norway began the transition to DAB in 1995. In recent years two national and several local DAB-networks has been established. 56 per cent of radio listeners use digital radio every day. 55 per cent of households have at least one DAB radio, according to Digitalradio survey by TNS Gallup, continuously measuring the Norwegian`s digital radio habits.
Security

Calling Out a GAO Report That Says In-Flight Wi-Fi Lets Hackers Access Avionics 113

Posted by timothy
from the this-postcard-is-just-an-atom-bomb dept.
An anonymous reader writes A new report from the U.S. Government Accountability Office (GAO) warns that in-flight W-Fi, including wireless entertainment and internet-based cockpit communications, may allow hackers to gain remote access to avionics systems and take over navigation. At the same time, a cyber expert and pilot called the report "deceiving" and said that "To imply that because IP is used for in-flight WiFi and also on the avionics networks means that you can automatically take over the avionics network makes about as much sense as saying you can take over the jet engines because they breathe air like the passengers and there is no air gap between passengers who touch the plane and the engines which are attached to the plane."
Transportation

GAO Warns FAA of Hacking Threat To Airliners 78

Posted by Soulskill
from the not-agile-enough-to-respond dept.
chicksdaddy writes: A report from the Government Accountability Office (GAO) warns that the U.S. Federal Aviation Administration may be failing to address cyber security vulnerabilities that could allow remote attacks on avionics systems needed to keep the plane airborne. In a report issued Tuesday (PDF), the GAO said, "significant security-control weaknesses remain that threaten the agency's ability to ensure the safe and uninterrupted operation of the national airspace system." Among those: a lack of clear certification for aircraft airworthy readiness that encompasses cyber security protections. That lapse could allow planes to fly with remotely exploitable vulnerabilities that could affect aircraft controls and guidance systems.

The GAO report did not provide details of any specific vulnerability affecting any specific aircraft. Rather, GAO cited FAA personnel and experts, saying that the possibility exists that "unauthorized individuals might access and compromise aircraft avionics systems," in part by moving between Internet-connected in-flight entertainment systems and critical avionics systems in the aircraft cabin.

Security researchers have long warned that hackers could jump from in-flight entertainment systems in the passenger cabin to cockpit avionics systems if airlines did not take proper precautions, such as so-called "air gapping" the networks. At last year's Black Hat Briefings, researcher Ruben Santamarta of IOActive demonstrated a method of hacking the satellite communications equipment on passenger jets through their WiFi and inflight entertainment systems.
The Internet

Republicans Introduce a Bill To Overturn Net Neutrality 441

Posted by Soulskill
from the not-neutrality dept.
New submitter grimmjeeper writes: IDG News reports, "A group of Republican lawmakers has introduced a bill that would invalidate the U.S. Federal Communications Commission's recently passed net neutrality rules. The legislation (PDF), introduced by Representative Doug Collins, a Georgia Republican, is called a resolution of disapproval, a move that allows Congress to review new federal regulations from government agencies, using an expedited legislative process."

This move should come as little surprise to anyone. While the main battle in getting net neutrality has been won, the war is far from over.
The legislation was only proposed now because the FCC's net neutrality rules were just published in the Federal Register today. In addition to the legislation, a new lawsuit was filed in the U.S. Court of Appeals for the District of Columbia Circuit by USTelecom, a trade group representing ISPs.
The Internet

Researchers Developing An Algorithm That Can Detect Internet Trolls 278

Posted by samzenpus
from the don't-forget-the-fire dept.
An anonymous reader writes Researchers at Cornell University claim to be able to identify a forum or comment-thread troll within the first ten posts after the user joins with more than 80% accuracy, leading the way to the possibility of methods to automatically ban persistently anti-social posters. The study observed 10,000 new users at cnn.com, breitbart.com and ign.com, and characterizes an FBU (Future Banned User) as entering a new community with below-average literacy or communications skill, and that the low standard is likely to drop shortly before a permanent ban. It also observes that higher rates of community intolerance are likely to foster the anti-social behavior and speed the ban.
Encryption

U.S. Gov't Grapples With Clash Between Privacy, Security 134

Posted by Soulskill
from the politicians-who-don't-know-which-way-the-wind-is-blowing dept.
schwit1 writes: WaPo: "For months, federal law enforcement agencies and industry have been deadlocked on a highly contentious issue: Should tech companies be obliged to guarantee U.S. government access to encrypted data on smartphones and other digital devices, and is that even possible without compromising the security of law-abiding customers?"

NSA director Adm. Michael S. Rogers wants to require technology companies to create a digital key that could open any smartphone or other locked device to obtain text messages or photos, but divide the key into pieces so that no one person or agency alone could decide to use it. But progress is nonexistent:

"The odds of passing a new law appear slim, given a divided Congress and the increased attention to privacy in the aftermath of leaks by former NSA contractor Edward Snowden. There are bills pending to ban government back doors into communications devices. So far, there is no legislation proposed by the government or lawmakers to require Internet and tech firms to make their services and devices wiretap-ready."
Input Devices

Finding an Optimal Keyboard Layout For Swype 140

Posted by Soulskill
from the designed-for-2015 dept.
New submitter Analog24 writes: The QWERTY keyboard was not designed with modern touchscreen usage in mind, especially when it comes to swype texting. A recent study attempted to optimize the standard keyboard layout to minimize the number of swype errors. The result was a new layout that reduces the rate of swipe interpretation mistakes by 50.1% compared to the QWERTY keyboard.
Communications

Microsoft: Feds Are 'Rewriting' the Law To Obtain Emails Overseas 100

Posted by Soulskill
from the get-out-of-my-inbox dept.
An anonymous reader writes: The Electronic Communications Privacy Act was written in 1986. It's incredibly outdated, yet it still governs many internet-related rights for U.S. citizens. Microsoft has now challenged Congress to update the legislation for how online communications work in 2015. The company is currently embroiled in a legal battle with the government over a court order to release emails stored in a foreign country to U.S. authorities. In a new legal brief (PDF), Microsoft says, "For an argument that purports to rest on the 'explicit text of the statute,' the Government rewrites an awful lot of it. Congress never intended to reach, nor even anticipated, private communications stored in a foreign country when it enacted [the ECPA]." In an accompanying blog post, Microsoft general counsel Brad Smith wrote, "Until U.S. law is rewritten, we believe that the court in our case should honor well-established precedents that limit the government's reach from extending beyond U.S. borders. ... To the contrary, it is clear Congress's intent was to ensure that your digital information is afforded the same legal protections as your physical documents and correspondence, a principle we at Microsoft believe should be preserved."
Crime

AT&T Call Centers Sold Mobile Customer Information To Criminals 92

Posted by samzenpus
from the was-that-wrong? dept.
itwbennett writes Employees at three call centers in Mexico, Colombia and the Philippines sold hundreds of thousands of AT&T customer records, including names and Social Security numbers, to criminals who attempted to use the customer information to unlock stolen mobile phones, the U.S. Federal Communications Commission said. AT&T has agreed to pay a $25 million civil penalty, which is the largest related to a data breach and customer privacy in the FCC's history.
Communications

Ask Slashdot: What Would a Constructed Language Have To Be To Replace English? 624

Posted by Soulskill
from the good-source-control-and-versioning dept.
Loren Chorley writes: The idea of constructing a language capable of replacing English has fascinated me for a long time. I'd like to start a project with some of my own ideas and anyone who's interested, but I'd really like to hear what the Slashdot community thinks on the topic first. Taking for granted that actually replacing English is highly unlikely, what characteristics would the new language need? More specifically: How could the language be made as easy as possible to learn coming from any linguistic background? How could interest in the language be fostered in as many people as possible? What sort of grammar would you choose and why? How would you build words and how would you select meanings for them, and why? What sounds and letters (and script(s)) would you choose? How important is simplicity and brevity? How important are aesthetics (and what makes a language aesthetic)? What other factors could be important to consider, and what other things would you like to see in such a language?
Security

Anonabox Recalls Hundreds of Insecure 'Privacy' Routers 50

Posted by Soulskill
from the less-anona-and-more-box dept.
Sparrowvsrevolution writes: It turns out all those critics of the controversial Tor router project Anonabox might have been on to something. Late last month, Anonabox began contacting the first round of customers who bought its tiny, $100 privacy gadget to warn them of serious security flaws in the device, and to offer to ship them a more secure replacement free of charge. While the miniature routers do direct all of a user's Internet traffic over Tor as promised, the company says that its first batch lacked basic password protection, with no way to keep out unwanted users in Wi-Fi range. And worse yet, the faulty Anonaboxes use the hardcoded root password 'admin,' which allows any of those Wi-Fi intruders to completely hijack the device, snooping on or recording all of a user's traffic.

Anonabox's parent company, Sochutel, says that only 350 of the devices lacked that password protection, and that it's fixed the gaping security oversights in newer version of the router.

The initial security criticisms of Anonabox helped to convince Kickstarter to freeze the proejct's $600,000 crowdfunding campaign in October. But Anonabox relaunched on Indiegogo and was later acquired by the tech firm Sochutel. Sochutel claims that the security flaws in the routers developed prior to its acquisition of Anonabox were out of its control, and that it's now hiring outside auditors to check its products' security.
Security

Research Finds Shoddy Security On Connected Home Gateways 88

Posted by timothy
from the junction-box-is-open dept.
chicksdaddy writes Connected home products are the new rage. But how do you connect your Nest thermostat, your DropCam surveillance device and your Chamberlin MyQ 'smart' garage door opener? An IoT hub, of course. But not so fast: a report from the firm Veracode may make you think twice about deploying one of these IoT gateways in your home. As The Security Ledger reports, Veracode researchers found significant security vulnerabilities in each of six IoT gateways they tested, suggesting that manufacturers are giving short shrift to security considerations during design and testing. The flaws discovered ranged from weak authentication schemes (pretty common) to improper validation of TLS and SSL certificates, to gateways that shipped with exposed debugging interfaces that would allow an attacker on the same wireless network as the device to upload and run malicious code. Many of the worst lapses seem to be evidence of insecure design and lax testing of devices before they were released to the public, Brandon Creighton, Veracode's research architect, told The Security Ledger. This isn't the first report to raise alarms about IoT hubs. In October, the firm Xipiter published a blog post describing research into a similar hub by the firm VeraLite. Xipiter discovered that, among other things, the VeraLite device shipped with embedded SSH private keys stored in immutable areas of the firmware used on all devices.
The Almighty Buck

How Comcast Bankrolls Organizations That Support TWC Merger 59

Posted by Soulskill
from the money-talks-when-nobody-else-will dept.
An anonymous reader writes: When Comcast announced it was pursuing a takeover of Time Warner Cable, many activists and internet users immediately submitted objections to the deal. Support came more slowly, but steadily, from organizations like the International Center for Law and Economics, and from politicians like Governor Phil Bryant (R-MS). Now, a NY Times report reveals that much of this support for the merger came in exchange for money from Comcast. Fortunately, even after spreading money around so liberally, Comcast is still struggling to find a coherent, believable message for regulators, and the deal is far from assured.

From the article: "Letters detailing the benefits of the Comcast deal were submitted to the Federal Communications Commission by staff members from Americans for Tax Reform, the American Enterprise Institute, the Institute for Policy Innovation, Competitive Enterprise Institute, the Free State Foundation and the Center for Individual Freedom, as well as by a professor at a technology program at the University of Pennsylvania, all of which received support from Comcast or its trade association, tax documents and other disclosures reviewed by The New York Times show. A similar pattern is evident with charities like the Urban League and more than 80 other community groups that supported the media company and that also accepted collectively millions of dollars in donations from the Comcast Foundation over the last five years, documents reviewed by The Times show."
Encryption

The Problem With Using End-to-End Web Crypto as a Cure-All 89

Posted by Soulskill
from the nobody-reads-the-not-so-fine-print dept.
fsterman writes: Since the Snowden revelations, end-to-end web encryption has become trendy. There are browser add-ons that bolt a PGP client onto webmail and both Yahoo and Google are planning to support PGP directly. They attempt to prevent UI spoofing with icons similar to the site-authentication banks use to combat phishing.

The problem is that a decade of research shows that users habituate to these icons and come to ignore them. An attacker can pull off UI spoofing with a 90%+ success rate.
Transportation

Uber's Hiring Plans Show Outlines of Self-Driving Car Project 45

Posted by samzenpus
from the joining-the-club dept.
itwbennett writes The most interesting people that Uber is now hiring aren't drivers: they're engineers. The mobile ride-hailing app has listed a slew of jobs at its new Advanced Technologies Center in Pittsburgh. In particular, Uber is looking for engineers in the areas of robotics, machine learning, communications, traffic simulation, vehicle testing, and software and hardware development.
The Internet

Why Is the Internet Association Rewarding a Pro-NSA Net-Neutrality Opponent? 157

Posted by samzenpus
from the keep-your-enemies-closer dept.
First time accepted submitter erier2003 writes The decision to give a major award to House Majority Leader Kevin McCarthy is curious given McCarthy's many questionable stances on Internet-freedom issues. For one thing, the California congressman is an avowed opponent of net neutrality. In May 2014, as the Federal Communications Commission debated new net neutrality rules, McCarthy—then the House Majority Whip, the chamber's third-highest-ranking member—signed a House GOP letter to the FCC warning that Title II regulation represented "a counterproductive effort to even further regulate the Internet."
Google

Google In Talks To Create International Roaming Network 25

Posted by timothy
from the hello-operator dept.
jones_supa writes Google is in talks towards a deal with Hutchison Whampoa, the owner of the mobile operator Three, that will allow United States customers to use their phones abroad at no extra cost. The two giants are discussing a wholesale access agreement that would become an important part of Google's planned attempt to shake up the US mobile market with its own network. It is understood that Google aims to create a global network that will cost the same to use for calls, texts and data no matter where a customer is located. By linking up with Hutchison, it could gain wholesale access to mobile service in the UK, Ireland, Italy and several more countries where the Hong Kong conglomerate owns mobile networks.