Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Government

California Launches Mandatory Data Collection For Police Use-of-Force (seattletimes.com) 46

An anonymous Slashdot reader quotes the AP: All 800 police departments in California must begin using a new online tool launched Thursday to report and help track every time officers use force that causes serious injuries... The tool, named URSUS for the bear on California's flag, includes fields for the race of those injured and the officers involved, how their interaction began and why force was deemed necessary.

"It's sort of like TurboTax for use-of-force incidents," said Justin Erlich, a special assistant attorney general overseeing the data collection and analysis. Departments must report the data under a new state law passed last November. Though some departments already tracked such data on their own, many did not... "As a country, we must engage in an honest, transparent, and data-driven conversation about police use of force," California Attorney General Kamala Harris said in a news release.

It's an open source tool developed by Bayes Impact, and California plans to share the code with other interested law enforcement agencies across the country. Only three other states currently require their police departments to track data about use-of-force incidents, "but their systems aren't digital, and in Colorado's case, only capture shootings."
Security

Hacker Who Aided ISIS Gets 20 Years In Prison (softpedia.com) 124

An anonymous reader quotes a report from Softpedia: Ardit Ferizi, aka Th3Dir3ctorY, 20, a citizen of Kosovo, will spend 20 years in a U.S. prison for providing material support to ISIS hackers by handing over data for 1,351 U.S. government employees. Ferizi obtained the data by hacking into a U.S. retail company on June 13, 2015. The hacker then filtered the stolen information and put aside records related to government officials, which he later handed over to Junaid Hussain, the then leader of the Islamic State Hacking Division (ISHD). Hussain then uploaded this information online, asking fellow ISIS members to seek out these individuals and execute lone wolf attacks. Because of this leak, the U.S. Army targeted and killed Hussain in a drone strike in Syria in August 2015. Before helping ISIS, Ferizi had a prodigious hacking career as the leader of Kosova Hacker's Security (KHS) hacking crew. He was arrested on October 6, 2015, at the international airport in Kuala Lumpur, Malaysia, while trying to catch a flight back to Kosovo. Ferizi was in Kuala Lumpur studying computer science.
Crime

Cops Are Raiding Homes of Innocent People Based Only On IP Addresses (fusion.net) 237

Kashmir Hill has a fascinating story today on what can go wrong when you solely rely on IP address in a crime investigation -- also highlighting how often police resort to IP addresses. In the story she follows a crime investigation that led police to raid a couple's house at 6am in the morning, because their IP address had been associated with the publication of child porn on notorious 4chan porn. The problem was, Hill writes: the couple -- David Robinson and Jan Bultmann -- weren't the ones who had uploaded the child porn. All they did was voluntarily use one of their old laptops as a Tor exit relay, a software used by activists, dissidents, privacy enthusiasts as well as criminals, so that people who want to stay anonymous when surfing the web could do so. Hill writes: Robinson and Bultmann had [...] specifically operated the riskiest node in the chain: the exit relay which provides the IP address ultimately associated with a user's activity. In this case, someone used Tor to make the porn post, and his or her traffic had been routed through the computer in Robinson and Bultmann's house. The couple wasn't pleased to have helped someone post child porn to the internet, but that's the thing about privacy-protective tools: They're going to be used for good and bad purposes, and to support one, you might have to support the other.Robinson added that he was a little let down because police didn't bother to look at the public list which details the IP addresses associated with Tor exit relays. Hill adds: The police asked Robinson to unlock one MacBook Air, and then seemed satisfied these weren't the criminals they were looking for and left. But months later, the case remains open with Robinson and Bultmann's names on police documents linking them to child pornography. "I haven't run an exit relay since. The police told me they'd be back if it happened again," Robinson said; he's still running a Tor node, just not the end point anymore. "I have to take the threat seriously because I don't want my wife or I to wake up with guns in our faces."Technologist Seth Schoen, and EFF Executive Director Cindy Cohn in a white paper aimed at courts and cops. "For many reasons, connecting an individual to a crime linked to an IP address, without any additional investigation, is irresponsible and threatens the civil liberties of innocent people."
China

Uber's Terrifying 'Ghost Drivers' Are Freaking Out Passengers in China (qz.com) 80

Several Chinese publications are reporting that "ghost drivers" are frightening Uber passengers into paying for trips they didn't take. Passengers in Tianjin, Qingdao, Chengdu, Beijing, Shanghai and Suzhou have been canceling Uber rides after seeing creepy driver profile pictures pop up in the app. Quartz reports: Passengers using the ride-hailing app in several Chinese cities have reported seeing their requests picked up by drivers with creepy profile photos of zombie faces. According to Chinese news site Sixth Tone, the point of these ghostly profiles is to scare passengers into canceling the trip, so they are fined for a few yuan (less than a dollar), which goes to the driver. Other passengers have reported seeing their rides accepted, but then their trips were "started" by the driver on the app before they even get to the car. These "ghost rides" last less than a minute, with the driver charging customers between 8 and 15 yuan (about 1 to 2 dollars) for a ride that never happened. Calls to the drivers in these cases are never picked up, according to The Paper, a state-owned media. Passengers can however eventually be reimbursed by Uber China if they lodge a complaint.
Bitcoin

Federal Judge Rules Bitcoin Is Money In Case Tied To JPMorgan Hack (reuters.com) 87

Roughly two months ago, a Miami-Dade judge ruled that bitcoin does not actually qualify as money. Now, it appears that bitcoin does indeed qualify as money, according to U.S. District Judge Alison Nathan in Manhattan. "Bitcoins are funds within the plain meaning of that term," Nathan wrote. "Bitcoins can be accepted as a payment for goods and services or bought directly from an exchange with a bank account. They therefore function as pecuniary resources and are used as a medium of exchange and a means of payment." Reuters provides some backstory in its report: Bitcoin qualifies as money, a federal judge ruled on Monday, in a decision linked to a criminal case over hacking attacks against JPMorgan Chase and Co and other companies. U.S. District Judge Alison Nathan in Manhattan rejected a bid by Anthony Murgio to dismiss two charges related to his alleged operation of Coin.mx, which prosecutors have called an unlicensed bitcoin exchange. Murgio had argued that bitcoin did not qualify as "funds" under the federal law prohibiting the operation of unlicensed money transmitting businesses. But the judge, like her colleague Jed Rakoff in an unrelated 2014 case, said the virtual currency met that definition. Authorities have said Coin.mx was owned by Gery Shalon, an Israeli man who, along with two others, was charged with running a sprawling computer hacking and fraud scheme targeting a dozen companies, including JPMorgan, and exposing personal data of more than 100 million people. That alleged scheme generated hundreds of millions of dollars of profit through pumping up stock prices, online casinos, money laundering and other illegal activity, prosecutors have said.
Games

Valve Bans Developer From Steam After It Sues Customers Over Bad Reviews (arstechnica.com) 194

From an ArsTechnica report: A game developer has been banned from Steam after users claimed that it had attempted to sue 100 users of the platform for $18 million -- for the crime of leaving bad reviews. Digital Homicide, which has released dozens of small games mostly available for a couple of quid each, had its titles removed from Valve's popular digital distribution platform on Friday night. Its boss, James Romine, was granted a subpoena by a court in Arizona apparently allowing him to demand the release of "identification and associated data" of anonymous Steam users. The lawsuit listed in turn the misdemeanours of dozens of John/Jane Does, which include counts of "harassment," "stalking," and "cyber-bullying." In a brief e-mail sent to Vice's Motherboard at the end of last week, Valve's marketing veep Doug Lombardi confirmed that "Valve has stopped doing business with Digital Homicide for being hostile to Steam customers."
Transportation

Uber Accused of Cashing In On Bomb Explosion By Jacking Rates (thesun.co.uk) 428

After a bomb exploded in Manhattan, leaving 29 injured, people leaving the scene discovered Uber had doubled their fares. An anonymous Slashdot reader quotes The Sun: Traumatized families caught up in the New York bomb blast have accused Uber of cashing in on the tragedy by charging almost double to take them home. Furious passengers have taken to social media to slam the taxi firm in the wake of the blast... Uber reportedly charged between 1.4 and 3 times the standard fare with one city worker saying he had to pay twice as much as usual. Mortgage broker Nick Lalli said: "Just trying to get home from the city and Uber f****** doubled the surge price."
"Demand is off the charts!" the app informed its users, adding "Fares have increased to get more Ubers on the road." Uber soon tweeted that they'd deactivated their surge pricing algorithm for the affected area in Chelsea, "but passengers in other areas of Manhattan said they were still being charged higher than normal fares." One of the affected passengers was Michael Cohen, who is Donald Trump's lawyer, who tweeted that Uber was "taking total advantage of chaos and surcharging passengers 1.4 to 1.8 times." And another Uber user tweeted "I'm disgusted. People are trying to get home safe. Shame on you #DeleteApp."
Robotics

Robot Snatches Rifle From Barricaded Suspect, Ends Standoff (latimes.com) 129

Slashdot reader schwit1 quotes the L.A. Times: An hours-long standoff in the darkness of the high desert came to a novel end when Los Angeles County sheriff's deputies used a robot to stealthily snatch a rifle from an attempted murder suspect, authorities said Thursday. Officials said the use of the robot to disarm a violent suspect was unprecedented for the Sheriff's Department, and comes as law enforcement agencies increasingly rely on military-grade technology to reduce the risk of injury during confrontations with civilians.

"The robot was a game changer here," said Capt. Jack Ewell, a tactical expert with the Sheriff's Department -- the largest sheriff's department in the nation. "We didn't have to risk a deputy's life to disarm a very violent man."

It was only later when the robot came back to also pull down a wire barricade that the 51-year-old suspect realized his gun was gone.
Government

FBI Agent Posing As Journalist To Deliver Malware To Suspect Was Fine, Says DOJ (vice.com) 74

An anonymous reader quotes a report from Motherboard: In 2007, an FBI agent impersonated an Associated Press journalist in order to deliver malware to a criminal suspect and find out his location. According to a newly published report from the Department of Justice, the operation was in line with the FBI's undercover policies at the time. Journalistic organizations had expressed concern that the tactic could undermine reporters' and media institutions' credibility. The case concerned a Seattle teenager suspected of sending bomb threats against a local school. FBI Special Agent Mason Grant got in touch with the teen over email, pretending to be an AP journalist. After some back and forth, Grant sent the suspect a fake article which, when clicked, grabbed his real IP address. Armed with this information, the FBI identified and arrested the suspect. The Associated Press, the Reporters Committee for Freedom of the Press, and other journalistic organizations condemned the move. They pointed out that an FBI agent posing as a reporter could create distrust between legitimate journalists and sources, and also raised issues with the way the malware was distributed through a fake news story. The new Department of Justice report noted that, today, this activity would require greater authorization, under an interim policy on impersonating members of the media that was adopted by the FBI this June. Now, for the agency to pretend to be a journalist as part of an undercover operation, an application must be made by the head of an FBI field office to the agency's main headquarters, reviewed by the Undercover Review Committee, and then approved by the deputy director, after discussion with the deputy attorney general.
Crime

Alibaba Engineers Fired for Mooncake Hacking (wsj.com) 85

On the eve of Mid-Autumn Festival, some people will go to great lengths to get mooncakes, the traditional gift for family, friends and colleagues. At Alibaba Group Holding Ltd., four engineers tried to rig the distribution system of the e-commerce giant's mooncake selloff -- and were fired for their effort (Editor's note: the link could be paywalled; alternate source), reports WSJ. From the report: Alibaba confirmed it fired the four this week, after they hacked into the internal website that allows employees to purchase the company's signature mooncakes, with an orange fluffy Alibaba mascot inside. The Hangzhou-based company allocates one free box to each employee for the holiday, and sells extras on the site at cost -- 59 yuan (about $9) for a box of four.
EU

10 Years in Prison For Online Pirates a Step Closer in the UK (torrentfreak.com) 136

The UK Government's Digital Economy Bill has moved a step closer to becoming law after its second reading in Parliament. With unanimous support, the current two-year maximum custodial sentence for online piracy is almost certain to increase to a decade, TorrentFreak reports. From the article: Due to UK copyright law allowing for custodial sentences of 'just' two years for online offenses, anti-piracy groups such as the Federation Against Copyright Theft have chosen to pursue their own private prosecutions. These have largely taken place under legislation designed for those who have committed fraud, rather than the more appropriate offense of copyright infringement. Physical pirates (CDs, DVDs) can be jailed for up to 10 years under current legislation. During the past few years, there have been lobbying efforts for this punishment to apply both on and offline. That resulted in a UK Government announcement last year indicating that it would move to increase the maximum prison sentence for online copyright infringement to ten years. They also urge Google to do something about growing incidents of piracy.
Security

Alleged Proprietors of 'DDOS For Hire' Service vDOS Arrested (krebsonsecurity.com) 63

Long-time Slashdot reader pdclarry writes: Brian Krebs reports that the two youthful (18-year-old) alleged proprietors of vDOS, the DDOS service have been arrested in Israel on a complaint from the FBI. They have been released on $10,000 bond each, their passports lifted, and they have been placed under house arrest, and banned from using the Internet for 30 days. They were probably identified through a massive hack of the vDOS database recently [reported Friday morning on Slashdot].

Krebs also reports that vDOS's DNS addresses were hijacked by the firm BackConnect Security to get out from under a sustained DDOS attack, and that his site, krebsonsecurity.com has been under a sustained DDOS attack since his last article was published, with the packets containing the string "godiefaggot". Those attacks continue, but, as he has been the target of many DDOS attacks in the past, he's covered by a DDOS protection firm.
The two teenagers coordinated more than 150,000 denial-of-service attacks over the last two years, according to Krebs, using at least four servers in Bulgaria.
Crime

Arrests Made After Group Hacks CIA Director's AOL Account (washingtonpost.com) 107

Slashdot reader FullBandwidth writes: U.S. authorities have arrested two North Carolina men accused of hacking into the private email accounts of high-ranking U.S. intelligence officials. [The men] will be extradited next week to Alexandria, where federal prosecutors for the Eastern District of Virginia have spent months building a case against a group that calls itself Crackas With Attitude... Authorities say the group included three teenage boys being investigated in the United Kingdom.
The group used social engineering to access the email accounts of John Brennan, the director of the CIA, as well as the Director of National Intelligence, and former FBI deputy director Mark Giuliano, according to the article. One exploit involved "posing as a Verizon technician and tricking the company's tech-support unit into revealing the CIA director's account number, password and other details." An FBI affidavit alleges that a British teenager named "Cracka" also began forwarding the calls of a former FBI deputy director "to a number associated with the Free Palestine Movement," while "D3F4ULT" paid for a campaign of harassing phone calls. In addition, "According to the affidavit, Cracka appears to have gotten into the law enforcement database simply by calling an FBI help desk and asking for Giuliano's password to be reset..."

"One member told CNN [In a video interview] that he smoked marijuana 'all day every day' and was 'probably' high when gaining access to high-level accounts."
Government

Senator Urges Colleagues to Prevent Expansion of Government Hacking (onthewire.io) 41

Thursday Sen. Ron Wyden urged the Senate to block a pending change to federal Rule 41, which starting in December will allow judges to authorize remote access to an unlimited number of computers. An anonymous Slashdot reader quotes On The Wire's update on the "Stopping Mass Hacking" Act: In May, Wyden introduced a one-sentence bill that would prevent the change. The Senate has taken no action on the bill thus far and Wyden on Thursday warned that continued inaction on the issue would be dangerous. "If the Senate does nothing, if the Senate fails to act, what's ahead for Americans is a massive expansion of government hacking and surveillance powers..."

Wyden asked the Senate to pass his bill by unanimous consent, but Sen. John Cornyn (R-Texas) objected, saying that the change to Rule 41 was a simple one that would help law enforcement agencies know which venue is the correct one to ask for a warrant... Cornyn cited recent reports about hacks of the election systems in some states, possibly by foreign governments, as evidence of the need for the change. "This isn't a time to retreat and allow cyberspace to be run amok by cybercriminals. This is a very sensible tool of venue."

Google, PayPal, and the Tor Project are all opposing the pending rule change, along with the EFF, which is gathering signatures online for a petition arguing that vaguer warrants "could impact any person using a computer with Internet access anywhere in the world."
Crime

Researcher Gets 20 Days In Prison For Hacking State Websites As Political Stunt (softpedia.com) 85

An anonymous reader writes from a report via Softpedia: David Levin, 31, of Estero, Florida will spend 20 days in prison after hacking two websites belonging to the Florida state elections department. Levin, a security researcher, tested the security of two Florida state election websites without permission, and then recorded a video and posted on YouTube. The problem is that the man appearing in the video next to Levin was a candidate for the role of state election supervisor, running for the same position against the incumbent Supervisor of Elections, Sharon Harrington. Harrington reported the video to authorities, who didn't appreciate the media stunt pulled by the two, and charged the security researcher with three counts of hacking-related charges. The researcher turned himself in in May and pleaded guilty to all charges. This week, he received a 20-day prison sentence and two years of probation. In court he admitted to the whole incident being a political stunt.
Crime

Meet URL, the USB Porn-Sniffing Dog (cnn.com) 299

HughPickens.com writes: CNN reports that URL, the porn-sniffing dog, is the newest crime-fighting tool at the Weber County Sheriff's office with a nose that could help put away some of the country's most predatory and dangerous criminals. URL (pronounced Earl) sniffs out electronic storage media. Still just a pup, the 18-month-old K-9 is one of fewer than two dozen such dogs in the United States that hunt the unique chemical compounds emitted from flash drives, memory cards, cell phones, iPads and other similar devices. While dogs like URL can't tell detectives if a device has electronic evidence on it, they are able to find devices that humans might otherwise miss. Detective Cameron Hartman points to the high-profile case of former Subway spokesman Jared Fogle, who was convicted on child pornography and other charges last year. A K-9 named Bear, who was trained by the same man who trained URL, led investigators to hidden thumb drives inside Fogle's home. The U.S. Attorney's office for Southern Indiana confirmed those devices contained evidence against Fogle. URL has found evidence relating to pornography during the execution of search warrants for the task force in several investigations of child sex crimes and child trafficking. "He actually found a USB that was in this jar that was closed, and the jar was in a box, and the box had stuff in it. The jar itself had stuff in it."
Transportation

Long TSA Delays Force Airports To Hire Private Security Contractors (popsci.com) 260

An anonymous Slashdot reader writes: TSA checkpoints caused 6,800 American Airlines passengers to miss their flights in just one week this spring, and the problem isn't improving. "Two years ago the Transportation Security Administration (TSA) offered $15,000 to anybody -- literally anybody -- who could come up with an idea to speed up airport security..." writes Popular Science. "They wouldn't say who won or for which idea, but since we're here two years later with longer wait times than ever, it's fair to say it hasn't lived up to the groundbreaking ideals of that call to action... Now in summer 2016, the TSA recommends arriving three hours early instead of a mere two."

So this spring the Seattle-Tacoma airport replaced many of the TSA staff with private screeners, although "Private security operates under strict direction from the TSA, and even those airports that heavily utilize private contractors still have a lot of TSA personnel in the back rooms..." according to the article. "The ability to do exactly what the TSA does, only faster and cheaper, seems to be the major draw." Now 22 U.S. airports are using private screeners, although the Seattle and San Francisco airports are the only ones with significant traffic.

The article also cites a Homeland Security report which discovered that investigators were able to smuggle a test bomb past security checkpoints in 67 out of 70 tests.
Crime

Fugitive Arrested After Using 'Wanted' Poster As His Facebook Profile Pic (ibtimes.co.uk) 89

An anonymous Slashdot reader writes: "A fugitive in Florida has been arrested by police after he used a wanted poster adorned with his mug shot for his Facebook profile picture," writes the International Business Times. After investigating reports of a disturbance, police discovered the 41-year-old's Facebook profile, which revealed the man was already wanted for six months for violating his parole after two counts of battery.

"Police say that as they arrested Yearwood a bag of marijuana fell out of his pocket. They charged him with possession of cannabis under 20 grams and are continuing to investigate the battery complaint."

One Twitter user jokingly suggested that the suspect should also be charged with copyright infringement -- for using the police department's photo without their permission.
Crime

Florida Man Arrested For Hacking Linux Kernel Organization In 2011 (softpedia.com) 37

An anonymous reader writes: The FBI seems to have solved the mysterious case of the 2011 kernel.org hack, when an unknown attacker breached kernel.org servers and attempted to install a rootkit in the kernel code. As years went by, the Linux Kernel Organization kept avoiding releasing an incident response surrounding the event, irking their community accustomed to more open communications from their leaders. The mystery seems to have been solved when yesterday a Florida man was arrested and charged with "hacking the Linux Kernel Organization" and installing a "rootkit and trojan software," just like in the 2011 kernel.org server breach. Donald Ryan Austin is his name. He was arrested during a routine traffic stop last Sunday, on August 28, 2016, and faces a maximum sentence of ten years in prison, a fine of $250,000, and any other restitution.
Crime

Romanian Hacker 'Guccifer' Sentenced To 52 Months In US Prison (reuters.com) 117

Romanian hacker "Guccifer" who targeted high-profile US politicians has been sentenced for 52 months in prison. Guccifer, whose real name is Marcel Lazar, pleaded guilty in May on charges of aggravated identity theft and unauthorized access of a computer. Lazar targeted former Secretary of State Colin Powell and the Bush family and was arrested on hacking charges in Romania in 2014 and was sentenced four years. He was extradited to the U.S. to face charges in March 2016. Reuters adds: Lazar has said in interviews he breached Clinton's private server at her home in Chappaqua, New York, but law enforcement and national security officials say that claim is meritless. Lazar is believed to have hacked into email accounts of about 100 victims between 2012 and 2014. They include prominent political figures such as former Secretary of State Colin Powell, a relative of former President George W. Bush and Sidney Blumenthal, a former Clinton White House aide and an unofficial adviser to Clinton. Clinton is now the Democratic nominee for president. Lazar leaked online memos Blumenthal sent Clinton that were addressed to her private email account, which was used during her time as secretary of state to conduct both personal and work business in lieu of a government account.

Slashdot Top Deals