The NSA Worked To 'Track Down' Bitcoin Users, Snowden Documents Reveal ( 56

An anonymous reader shares a report: Classified documents provided by the whistleblower Edward Snowden show the National Security Agency worked urgently to target Bitcoin users around the world -- and wielded at least one mysterious source of information to "help track down senders and receivers of Bitcoins," according to a top-secret passage in an internal NSA report dating to March 2013. The data source appears to have leveraged NSA's ability to harvest and analyze raw, global internet traffic while also exploiting an unnamed software program that purported to offer anonymity to users, according to other documents.

Although the agency was interested in surveilling some competing cryptocurrencies, "Bitcoin is #1 priority," a March 15, 2013 internal NSA report stated. The documents indicate that "tracking down" Bitcoin users went well beyond closely examining Bitcoin's public transaction ledger, known as the Blockchain, where users are typically referred to through anonymous identifiers; the tracking may also have involved gathering intimate details of these users' computers. The NSA collected some Bitcoin users' password information, internet activity, and a type of unique device identification number known as a MAC address, a March 29, 2013 NSA memo suggested. In the same document, analysts also discussed tracking internet users' internet addresses, network ports, and timestamps to identify "BITCOIN Targets."


FTC Probing Facebook For Use of Personal Data: Bloomberg ( 75

An anonymous reader shares a report: Facebook is under investigation by a U.S. privacy watchdog over the use of personal data of 50 million users by a data analytics firm to help elect President Donald Trump. The U.S. Federal Trade Commission is probing whether Facebook violated terms of a 2011 consent decree of its handing of user data that was transferred to Cambridge Analytica without their knowledge, according to a person familiar with the matter. Under the 2011 settlement, Facebook agreed to get user consent for certain changes to privacy settings as part of a settlement of federal charges that it deceived consumers and forced them to share more personal information than they intended. That complaint arose after the company changed some user settings without notifying its customers, according to an FTC statement at the time. If the FTC finds Facebook violated terms of the consent decree, it has the power to fine the company thousands of dollars a day per violation.

China Approves Giant Propaganda Machine To Improve Global Image ( 141

China has approved the creation of one of the world's largest propaganda machines as it looks to improve its global image, Bloomberg reported on Tuesday, citing a person familiar with the matter. From the report: The new broadcaster will be called "Voice of China," the person said, mimicking the U.S. government-funded Voice of America that started up during World War II to advance American interests. Bloomberg News had previously reported the new entity would be created through merging China Central Television, China Radio International and China National Radio. The combined group was designed to strengthen the party's ability to shape public opinion and would serve as a key vehicle for China to project its image to the world.

Sierra Leone Government Denies the Role of Blockchain In Its Recent Election ( 19

The National Electoral Commission Sierra Leone is denying the news that theirs was one of the first elections recorded to the blockchain. "While the blockchain voting company Agora claimed to have run the first blockchain-based election, it appears that the company did little more than observe the voting and store some of the results," reports TechCrunch. From the report: "The NEC [National Electoral Commission] has not used and is not using blockchain technology in any part of the electoral process," said NEC head Mohamed Conteh. Why he is adamant about this fact is unclear -- questions I asked went unanswered -- but he and his team have created a set of machine readable election results and posted [a] clarification. "Anonymized votes/ballots are being recorded on Agora's blockchain, which will be publicly available for any interested party to review, count and validate," said Agora's Leonardo Gammar. "This is the first time a government election is using blockchain technology." In Africa the reactions were mixed. "It would be like me showing up to the UK election with my computer and saying, 'let me enter your counting room, let me plug-in and count your results,'" said Morris Marah to RFI. "Agora's results for the two districts they tallied differed considerably from the official results, according to an analysis of the two sets of statistics carried out by RFI," wrote RFI's Daniel Finnan.

Ajit Pai Celebrates After Court Strikes Down Obama-Era Robocall Rule ( 170

An anonymous reader quotes a report from Ars Technica: Federal judges have struck down an anti-robocall rule, saying that the Federal Communications Commission improperly treated every American who owns a smartphone as a potential robocaller. The FCC won't be appealing the court decision, as Chairman Ajit Pai opposed the rule changes when they were implemented by the commission's then-Democratic majority in 2015. Pai issued a statement praising the judges for the decision Friday, calling the now-vacated rule "yet another example of the prior FCC's disregard for the law and regulatory overreach." The FCC's 2015 decision said that a device meets the Telephone Consumer Protection Act (TCPA) definition of an "autodialer" if it can be modified to make robocalls, even if the smartphone user hasn't actually downloaded an autodialing app. That interpretation treats all smartphones as autodialers because any smartphone has the capability of downloading an autodialing app, judges ruled. Since any call made by an autodialer could violate anti-robocall rules, this led to a troubling conclusion: judges said that an unwanted call from a smartphone could violate anti-robocall rules even if the smartphone user hasn't downloaded an autodialing app.

"The Commission's understanding would appear to subject ordinary calls from any conventional smartphone to the Act's coverage, an unreasonably expansive interpretation of the statute," a three-judge panel of the U.S. Court of Appeals for the District of Columbia Circuit said in a unanimous ruling Friday. The ruling came in a case filed against the FCC by the Association of Credit and Collection Professionals, which says it represents "third-party collection agencies, law firms, asset buying companies, creditors, and vendor affiliates." Judges also invalidated an FCC rule that helped protect consumers from robocalls to reassigned phone numbers.


Trump Bans Venezuela's New National Cryptocurrency ( 162

An anonymous reader quotes a report from CNBC: President Donald Trump issued an executive order Monday banning any transactions within the United States involving any digital currency issued by, for, or on behalf of the Government of Venezuela. The order applies to U.S. citizens as well as anyone within the United States, and includes cryptocurrency issued on or after January 9. President Trump's order is in response to recent attempts by Venezuelan President Nicolas Maduro's regime to "circumvent U.S. sanctions by issuing a digital currency," the White House said in a statement. Venezuela launched its oil-backed cryptocurrency in February to help pull the country out of a continuing economic crisis. President Maduro said each petro token will be backed by one barrel of the state's national petroleum. Maduro also said roughly 100 million tokens would be issued -- estimated to be worth around $6 billion. Bitcoin prices dropped about $200 to around $8,388, according to Coinbase, following the order.
United States

Entrepreneur Andrew Yang, a Big Supporter Of Universal Basic Income, is Running For President ( 434

In a recently published podcast, Andrew Yang, tech entrepreneur and founder of Venture for America, said he is vying for the Democratic party nomination to run for President of the United States. From a report: Yang outlines his radical policy agenda, which focuses on Universal Basic Income and includes a "freedom dividend." He talks about the very real and immediate threat of artificial intelligence, how new technologies are erasing millions of jobs before our eyes, and why we need to put humanity first. He also addresses "the big four" and what he plans to do about Amazon.

During the interview, Yang called out governments inability to address large scale problems and the challenges that technology is creating in modern American society. "I believe that we need to start owning these realities [of automation and artificial intelligence taking away jobs] and these challenges as a people, as a country, and as a society, and start being honest. I'm running for president to solve the big problems and to show that these things are not beyond us," Yang says. Yang's own plan to address the increasing power tech companies are wielding in the world involves something called a "freedom dividend", which would paid for by a value-added tax. The revenue from that tax (levied on "gains from the big four") would be redistributed via the "freedom dividend" to citizens, Yang says.


Facebook Under Pressure as EU, US Urge Probes of Data Practices ( 67

Facebook CEO Mark Zuckerberg faced calls on Monday from U.S. and European lawmakers to explain how a consultancy that worked on President Donald Trump's election campaign gained access to data on 50 million Facebook users. From a report: Facebook's shares fell more than 7 percent, wiping around $40 billion off its market value, set for their biggest drop since September 2012, as investors worried that new legislation could damage the company's lucrative advertising business. "The lid is being opened on the black box of Facebook's data practices, and the picture is not pretty," said Frank Pasquale, a University of Maryland law professor who has written about Silicon Valley's use of data. Lawmakers in the United States, Britain and Europe have called for investigations into media reports that political analytics firm Cambridge Analytica had harvested the private data on more than 50 million Facebook users to support Trump's 2016 presidential election campaign. Further reading: An undercover investigation by Channel 4 News reveals how Cambridge Analytica secretly campaigns in elections across the world. Bosses were filmed talking about using bribes, ex-spies, fake IDs and sex workers.

Once Written Off for Dead, the Aral Sea Is Now Full of Life ( 50

Years ago, the Aral Sea was the world's fourth-largest freshwater lake with an area of some 26,000 square miles. But in the 1950s, it became the victim of the Soviet Union's agricultural policies. Water from its two river sources -- the Amu Darya and Syr Darya -- was intentionally diverted for cotton cultivation. The Aral Sea began to disappear and nearly completely vanished. But things have changed for good. From a report: This rapid collapse over less than three decades -- which environmental scientists say is one of the planet's worst ecological disasters -- is marked today by the sea's reduced size. Its total area of water, straddling Kazakhstan and Uzbekistan, is now a tenth of its original size. What's left has broken into two distinct bodies: the North and South Aral Seas. In Uzbekistan, the entire eastern basin of the South Aral Sea is completely desiccated, leaving merely a single strip of water in the west.

But Kazakhstan's North Aral Sea has seen a happier outcome, thanks to a nearly $86 million project financed in large part by the World Bank. Along with repairs to existing dikes around the basin to prevent spillage, an eight-mile dam was constructed just south of the Syr Darya River. Completed in the summer of 2005, this dam, named Kokaral, surpassed all expectations. It led to an 11-foot increase in water levels after just seven months -- a goal that scientists initially expected would take three years. This turnaround in the North Aral Sea's fate has meant that the fish stocks have returned to its waters, injecting new life into the local communities. Just as government policies had doomed the Aral Sea, careful planning and research helped revive at least part of it.


YouTube Kids Has Videos on How Reptilians Rule the World, Moon Landing Was Fake ( 253

An anonymous reader shares a report: YouTube Kids, the supposedly child-friendly version of YouTube that's been shown to often play host to troves of slop content and disturbing videos, apparently was showing videos from British conspiracy theorist David Icke, a guy who believes reptilian aliens secretly control the world and are responsible for the Holocaust. According to a Saturday report in Business Insider, searching for the term "UFO" on YouTube kids turned up a video purporting "to show a UFO shooting at a chemtrail." The suggested followups for that video featured a number of Icke's clips, including a nearly five-hour lecture on how aliens built the pyramids and secretly run the planet through a ruling class extraterrestrial-human hybrids. The video also delves into a number of other conspiracy theories, including claims Freemasons indulge in human sacrifice and President John F. Kennedy was assassinated by his own government.

According to Business Insider, "Two other conspiracy theory videos by Icke appeared in the related videos, meaning it was easy for children to quickly go from watching relatively innocent videos about toys to conspiracy content." Searching for the term "moon landing" also resulted in a number of conspiratorial videos emerging, including one making the claim that CERN's Large Hadron Collider had opened a portal to another world that an unfortunate employee then vanished in.


1 in 3 Michigan Workers Tested Opened A Password-Phishing Email ( 113

An anonymous reader quotes the AP: Michigan auditors who conducted a fake "phishing" attack on 5,000 randomly selected state employees said Friday that nearly one-third opened the email, a quarter clicked on the link and almost one-fifth entered their user ID and password. The covert operation was done as part of an audit that uncovered weaknesses in the state government's computer network, including that not all workers are required to participate in cybersecurity awareness training... Auditors made 14 findings, including five that are "material" -- the most serious. They range from inadequate management of firewalls to insufficient processes to confirm if only authorized devices are connected to the network. "Unauthorized devices may not meet the state's requirements, increasing the risk of compromise or infection of the network," the audit said.

Did Cambridge Analytica Harvest 50 Million Facebook Profiles? ( 130

Slashdot reader umafuckit shared this article from The Guardian: The data analytics firm that worked with Donald Trump's election team and the winning Brexit campaign harvested millions of Facebook profiles of U.S. voters, in one of the tech giant's biggest ever data breaches, and used them to build a powerful software program to predict and influence choices at the ballot box... Christopher Wylie, who worked with a Cambridge University academic to obtain the data, told the Observer: "We exploited Facebook to harvest millions of people's profiles. And built models to exploit what we knew about them and target their inner demons. That was the basis the entire company was built on."

Documents seen by the Observer, and confirmed by a Facebook statement, show that by late 2015 the company had found out that information had been harvested on an unprecedented scale. However, at the time it failed to alert users and took only limited steps to recover and secure the private information of more than 50 million individuals... On Friday, four days after the Observer sought comment for this story, but more than two years after the data breach was first reported, Facebook announced that it was suspending Cambridge Analytica and Kogan from the platform, pending further information over misuse of data. Separately, Facebook's external lawyers warned the Observer on Friday it was making "false and defamatory" allegations, and reserved Facebook's legal position...

The evidence Wylie supplied to U.K. and U.S. authorities includes a letter from Facebook's own lawyers sent to him in August 2016, asking him to destroy any data he held that had been collected by GSR, the company set up by Kogan to harvest the profiles... Facebook did not pursue a response when the letter initially went unanswered for weeks because Wylie was travelling, nor did it follow up with forensic checks on his computers or storage, he said. "That to me was the most astonishing thing. They waited two years and did absolutely nothing to check that the data was deleted. All they asked me to do was tick a box on a form and post it back."

Wylie worked with Aleksandr Kogan, the creator of the "thisisyourdigitallife" app, "who has previously unreported links to a Russian university and took Russian grants for research," according to the article. Kogan "had a licence from Facebook to collect profile data, but it was for research purposes only. So when he hoovered up information for the commercial venture, he was violating the company's terms...

"At the time, more than 50 million profiles represented around a third of active North American Facebook users, and nearly a quarter of potential U.S. voters."
Open Source

How An Open Source Plugin Tamed a Chaotic Comments Section With A Simple Quiz ( 152

Long-time Slashdot reader jebrick quotes an article from Ars Technica about how Norway's government-owned public broadcasting company "employs open source tactics to fight trolling": The five-person team behind a simple WordPress plugin, which took three hours to code, never expected to receive worldwide attention as a result. But NRKbeta, the tech-testing group at Norway's largest national media organization, tapped into a meaty vein with the unveiling of last February's Know2Comment, an open source plugin that can attach to any WordPress site's comment section. "It was a basic idea," NRKbeta developer Stale Grut told a South By Southwest crowd on Tuesday. "Readers had to prove they read a story before they were able to comment on it"... He and fellow staffers spent three hours building the plugin, which Grut reminded the crowd is wholly open source... "[W]e realized not every article is in need of this. We are a tech site; we don't have a lot of controversy, so there's not a big need for it. We use it now on stories where we anticipate there'll be uninformed debate to add this speed bump."
What do you think? And would a quiz-for-commenting-privileges be a good addition to Slashdot?
Electronic Frontier Foundation

North Carolina Police Obtained Warrants Demanding All Google Users Near Four Crime Scenes ( 209

An anonymous reader quotes the public records reporter from North Carolina TV station WRAL: In at least four investigations last year -- cases of murder, sexual battery and even possible arson at the massive downtown fire in March 2017 -- Raleigh police used search warrants to demand Google accounts not of specific suspects, but from any mobile devices that veered too close to the scene of a crime, according to a WRAL News review of court records... The demands Raleigh police issued for Google data [in two homicide cases] described a 17-acre area that included both homes and businesses... The account IDs aren't limited to electronics running Android. The warrant includes any device running location-enabled Google apps, according to Raleigh Police Department spokeswoman Laura Hourigan...

On March 16, 2017, a five-alarm fire ripped through the unfinished Metropolitan apartment building on West Jones Street... About two months later, Raleigh police obtained a search warrant for Google account IDs that showed up near the block of the Metropolitan between 7:30 and 10 p.m. the night of the fire... In addition to anonymized numerical identifiers, the warrant calls on Google to release time stamped location coordinates for every device that passed through the area. Detectives wrote that they'd narrow down that list and send it back to the company, demanding "contextual data points with points of travel outside of the geographical area" during an expanded timeframe. Another review would further cull the list, which police would use to request user names, birth dates and other identifying information of the phones' owners.

"Do people understand that in sharing that information with Google, they're also potentially sharing it with law enforcement?" asks a former Durham prosecutor who directs the North Carolina Open Government Coalition at Elon University. And Stephanie Lacambra, criminal defense staff attorney at the Electronic Frontier Foundation, also criticized the procedure. "To just say, 'Criminals commit crimes, and we know that most people have cell phones,' that should not be enough to get the geo-location on anyone that happened to be in the vicinity of a particular incident during a particular time." She believes that without probable cause the police department is "trying to use technology as a hack for their job... It does not have to be that we have to give up our privacy rights in order to participate in the digital revolution."

Nathan Freed Wessler, staff attorney with the ACLU's Speech, Privacy and Technology Project, put it succinctly. "At the end of the day, this tactic unavoidably risks getting information about totally innocent people."
The Courts

Entire Broadband Industry Will Help FCC Defend Net Neutrality Repeal ( 87

The biggest lobby groups representing broadband providers will help the FCC defend the repeal of net neutrality rules in court. Ars Technica reports: Yesterday, three trade groups that collectively represent every major home Internet and mobile broadband provider in the U.S. filed motions to intervene in the case on behalf of the FCC. The motions for leave to intervene were filed by NCTA--The Internet & Television Association, CTIA--The Wireless Association, and USTelecom--The Broadband Association. NCTA represents cable companies such as Comcast, Charter, Cox, and Altice. CTIA represents the biggest mobile carriers, such as AT&T, Verizon Wireless, T-Mobile, and Sprint. USTelecom represents wireline telcos with copper and fiber networks, such as AT&T and Verizon. All three groups also represent a range of smaller ISPs.

As intervenors in the case, the groups will file briefs in support of the net neutrality repeal order and may play a role in oral arguments. NCTA's motion noted that its members would once again be subject to "common-carriage regulation under Title II of the Communications Act" if the FCC were to lose the case. CTIA said that its members "would be adversely affected if the [net neutrality] Order were set aside and the prior Title II Order classification and rules were reinstated."


Sierra Leone Records World's First Blockchain-Powered Election ( 70

The citizens of Sierra Leone went to the polls on March 7 but this time something was different: the country recorded votes at 70% of the polling to the blockchain using a technology that is the first of its kind in actual practice. The tech, created by Leonardo Gammar of Agora, anonymously stored votes in an immutable ledger, thereby offering instant access to the election results. TechCrunch reports: "Anonymized votes/ballots are being recorded on Agora's blockchain, which will be publicly available for any interested party to review, count and validate," said Gammar. "This is the first time a government election is using blockchain technology." "Sierra Leone wishes to create an environment of trust with the voters in a contentious election, especially looking at how the election will be publicly viewed post-election. By using blockchain as a means to immutably record ballots and results, the country hopes to create legitimacy around the election and reduce fall-out from opposition parties," he said.

Why is this interesting? While this is little more than a proof of concept -- it is not a complete voting record but instead captured a seemingly acceptable plurality of votes -- it's fascinating to see the technology be implemented in Sierra Leone, a country of about 7.4 million people. The goal ultimately is to reduce voting costs by cutting out paper ballots as well as reducing corruption in the voting process.


China To Bar People With Bad 'Social Credit' From Planes, Trains ( 170

China says it will begin applying its so-called social credit system to flights and trains and stop people who have committed misdeeds from taking such transport for up to a year. From a report: People who would be put on the restricted lists included those found to have committed acts like spreading false information about terrorism and causing trouble on flights, as well as those who used expired tickets or smoked on trains, according to two statements issued on the National Development and Reform Commission's website on Friday. Those found to have committed financial wrongdoings, such as employers who failed to pay social insurance or people who have failed to pay fines, would also face these restrictions, said the statements which were dated March 2. It added that the rules would come into effect on May 1.
United States

Chinese Hackers Hit US Firms Linked To South China Sea Dispute ( 52

Chinese hackers have launched a wave of attacks on mainly U.S. engineering and defense companies linked to the disputed South China Sea, the cybersecurity firm FireEye Inc. said. From a report: The suspected Chinese cyber-espionage group dubbed TEMP.Periscope appeared to be seeking information that would benefit the Chinese government, said FireEye, a U.S.-based provider network protection systems. The hackers have focused on U.S. maritime entities that were either linked to -- or have clients operating in -- the South China Sea, said Fred Plan, senior analyst at FireEye in Los Angeles.

"They are going after data that can be used strategically, so it is line with state espionage," said Plan, whose firm has tracked the group since 2013. "A private entity probably wouldn't benefit from the sort of data that is being stolen." The TEMP.Periscope hackers were seeking information in areas like radar range or how precisely a system in development could detect activity at sea, Plan said. The surge in attacks picked up pace last month and was ongoing.

United States

US Says Russia Hacked Energy Grid, Punishes 19 for Meddling ( 223

Associated Press: Pushing back harder on Russia, the Trump administration accused Moscow on Thursday of a concerted hacking operation targeting the U.S. energy grid, aviation systems and other infrastructure, and also imposed sanctions on Russians for alleged interference in the 2016 election. It was the strongest action to date against Russia by the administration, which has long been accused of being too soft on the Kremlin, and the first punishments for election meddling since President Donald Trump took office. The sanctions list included the 13 Russians indicted last month by special counsel Robert Mueller, whose Russia investigation the president has repeatedly sought to discredit. U.S. national security officials said the FBI, Department of Homeland Security and intelligence agencies had determined that Russian intelligence and others were behind a broad range of cyberattacks beginning a year ago that have infiltrated the energy, nuclear, commercial, water, aviation and manufacturing sectors. Further reading: Russian Government Cyber Activity Targeting Energy and Other Critical Infrastructure Sectors (US-Cert); U.S. blames Russia for cyber attacks on energy grid, other sectors (Reuters); U.S. says Russian hackers targeted American energy grid (Politico); Trump administration finally announces Russia sanctions over election meddling (CNN); U.S. sanctions on Russia cite 2016 election interference -- but remain largely symbolic (USA Today); U.S. Sanctions Russians Charged by Mueller for Election Meddling (Bloomberg); and Trump Administration Sanctions Russians for Election Meddling and Cyberattacks (The New York Times).

Encrypted Email Service ProtonMail is Being Blocked in Turkey ( 35

ProtonMail: We have confirmed that Internet service providers in Turkey have been blocking ProtonMail this week. Our support team first became aware of connectivity problems for Turkish ProtonMail users starting on Tuesday. After further investigation, we determined that was unreachable for both Vodafone Turkey mobile and fixed line users. Since then, we have also received some sporadic reports from users of other Turkish ISPs. At one point, the issue was prevalent in every single major city in Turkey. After investigating the issue along with members of the ProtonMail community in Turkey, we have confirmed this is a government-ordered block rather than a technical glitch. Internet censorship in Turkey tends to be fluid so the situation is constantly evolving. Sometimes ProtonMail is accessible, and sometimes it is unreachable. For the first time ever though, we have confirmed that ProtonMail was subject to a block, and could face further issues in the future. In the post, ProtonMail has also outlined ways to bypass the block.

Slashdot Top Deals