DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Crime

Debian Developer Imprisoned In Russia Over Alleged Role In Riots (itwire.com) 76

An anonymous reader writes: "Dmitry Bogatov, Debian developer and Tor node admin, is still being held in a Moscow jail," tweeted the EFF Saturday. IT Wire reports that the 25-year-old math teacher was arrested earlier this month "on suspicion of organizing riots," and is expected to be held in custody until June 8. "The panel investigating the protests claims Bogatov posted several incitory messages on the sysadmin.ru forum; for example, one claim said he was asking people to bring 'bottles, fabric, gasoline, turpentine, foam plastic' to Red Square, according to a post at Hacker News. The messages were sent in the name of one Airat Bashirov and happened to be transmitted through the Tor node that Bogatov was running. The Hacker News post said Bogatov's lawyer had produced surveillance video footage to show that he was elsewhere at the time when the messages were posted.
"After Dmitry's arrest," reports the Free Bogatov site, "Airat Bashirov continue to post messages. News outlets 'Open Russia' and 'Mediazona' even got a chance to speak with him."

Earlier this month the Debian GNU/Linux project also posted a message of support, noting Dmitry maintains several packages for command line and system tools, and saying their group "honours his good work and strong dedication to Debian and Free Software... we hope he is back as soon as possible to his endeavours... In the meantime, the Debian Project has taken measures to secure its systems by removing Dmitry's keys in the case that they are compromised."
Encryption

Encrypted WhatsApp Message Recovered From Westminster Terrorist's Phone (indiatimes.com) 120

Bruce66423 brings word that a terrorist's WhatsApp message has been decrypted "using techniques that 'cannot be disclosed for security reasons', though 'sources said they now have the technical expertise to repeat the process in future.'" The Economic Times reports: U.K. security services have managed to decode the last message sent out by Khalid Masood before he rammed his high-speed car into pedestrians on Westminster Bridge and stabbed to death a police officer at the gates of Parliament on March 22. The access to Masood's message was achieved by what has been described by security sources as a use of "human and technical intelligence"...

The issue of WhatsApp's encrypted service, which is closed to anyone besides the sender and recipient, had come under criticism soon after the attack. "It's completely unacceptable. There should be no place for terrorists to hide. We need to make sure that organisations like WhatsApp, and there are plenty of others like that, don't provide a secret place for terrorists to communicate with each other," U.K. home secretary Amber Rudd had said.

Security sources say the message showed the victim's motive was military action in Muslim countries, while the article adds that though ISIS claimed responsibility for the attack, "no evidence has emerged to back this up."
Censorship

Wikipedia Is Being Blocked In Turkey (turkeyblocks.org) 84

Nine hours ago, Ilgaz wrote: The Turkey Blocks monitoring network has verified restrictions affecting the Wikipedia online encyclopedia in Turkey. A block affecting all language editions of the website [was] detected at 8:00AM local time Saturday 29 April. The loss of availability is consistent with internet filters used to censor content in the country.
stikves added Access to Wikipedia has been blocked in Turkey as a result of "a provisional administrative order" imposed by the Turkish Telecommunications Authority (BTK)... Turkey Blocks said an administrative blocking order is usually expected to precede a full court blocking order in coming days. While the reason for the order was unknown early on Saturday, a statement on the BTK's website said: "After technical analysis and legal consideration based on the Law Nr. 5651, ADMINISTRATION MEASURE has been taken for this website (wikipedia.org) according to Decision Nr. 490.05.01.2017.-182198 dated 29/04/2017 implemented by Information and Communication Technologies Authority."
The BBC adds reports from Turkish media that authorities "had asked Wikipedia to remove content by writers 'supporting terror.'"
Wireless Networking

Stray WiFi Signals Could Let Spies See Inside Closed Rooms (sciencemag.org) 40

sciencehabit quotes a report from Science Magazine: Your wireless router may be giving you away in a manner you never dreamed of. For the first time, physicists have used radio waves from a Wi-Fi transmitter to encode a 3D image of a real object in a hologram similar to the image of Princess Leia projected by R2D2 in the movie Star Wars. In principle, the technique could enable outsiders to "see" the inside of a room using only the Wi-Fi signals leaking out of it, although some researchers say such spying may be easier said than done. Their experiment relies on none of the billions of digital bits of information encoded in Wi-Fi signals, just the fact that the signals are clean, "coherent" waves. However, instead of recording the key interference pattern on a photographic plate, the researchers record it with a Wi-Fi receiver and reconstruct the object in a computer. They placed a Wi-Fi transmitter in a room, 0.9 meters behind the cross. Then they placed a standard Wi-Fi receiver 1.4 meters in front of the cross and moved it slowly back and forth to map out a "virtual screen" that substituted for the photographic plate. Also, instead of having a separate reference beam coming straight to the screen, they placed a second, stationary receiver a few meters away, where it had a direct view of the emitter. For each point on the virtual screen, the researchers compared the signals arriving simultaneously at both receivers, and made a hologram by mapping the delays caused by the aluminum cross. The virtual hologram isn't exactly like a traditional one, as researchers can't recover the image of the object by shining more radio waves on it. Instead, the scientists used the computer to run the radio waves backward in time from the screen to the distance where wave fronts hit the object. The cross then popped out.
Government

EPA Website Removes Climate Science Site From Public View After Two Decades (washingtonpost.com) 143

Last week there were reports that the EPA climate change website was set to be taken down, though later the EPA denied that. On Friday evening, however, the Environmental Protection Agency announced its website would be "undergoing changes" to better represent the new direction the agency is taking, triggering the removal of several agency websites containing detailed climate data and scientific information (paywalled; alternative source). From a report on The Washington Post: One of the websites that appeared to be gone had been cited to challenge statements made by the EPA's new administrator, Scott Pruitt. Another provided detailed information on the previous administration's Clean Power Plan, including fact sheets about greenhouse gas emissions on the state and local levels and how different demographic groups were affected by such emissions. The changes came less than 24 hours before thousands of protesters were set to march in Washington and around the country in support of political action to push back against the Trump administration's rollbacks of former president Barack Obama's climate policies.
Earth

Trump Order Helps Offshore Drilling, Stops Marine Sanctuary Expansion (arstechnica.com) 146

An anonymous reader quotes a report from Ars Technica: In an executive order signed on Friday, President Trump directed his secretary of the interior to review current rules on offshore drilling and exploration. This review is likely to result in a relaxation of the strict protections the previous administration put on offshore oil drilling in the Atlantic and in the Arctic. According to the Washington Post, a review of the rules is likely to "make millions of acres of federal waters eligible for oil and gas leasing." At the same time, Trump's executive order directed the secretary of commerce to cease designating new marine sanctuaries or expanding any that already exist. According to USA Today, Commerce Secretary Wilbur Ross is also "directed to review all designations and expansions of marine monuments or sanctuaries designated under the Antiquities Act within the last 10 years." The Post says this "includes Hawaii's Papahanaumokuakea Marine National Monument, which Obama quadrupled in size last year, and the Northeast Canyons and Seamounts off Massachusetts." Although these reviews could take some time to complete, they put in motion a bid to favor extraction industries like oil and gas mining. "Today, we're unleashing American energy and clearing the way for thousands and thousands of high-paying energy jobs," Trump reportedly told the Associated Press.
Android

Open Ports Create Backdoors In Millions of Smartphones (bleepingcomputer.com) 112

An anonymous reader writes: "Mobile applications that open ports on Android smartphones are opening those devices to remote hacking, claims a team of researchers from the University of Michigan," reports Bleeping Computer. Researchers say they've identified 410 popular mobile apps that open ports on people's smartphones. They claim that an attacker could connect to these ports, which in turn grant access to various phone features, such as photos, contacts, the camera, and more. This access could be leveraged to steal photos, contacts, or execute commands on the target's phone. Researchers recorded various demos to prove their attacks. Of these 410 apps, there were many that had between 10 and 50 million downloads on the official Google Play Store and even an app that came pre-installed on an OEMs smartphones. "Research on the mobile open port problem started after researchers read a Trend Micro report from 2015 about a vulnerability in the Baidu SDK, which opened a port on user devices, providing an attacker with a way to access the phone of a user who installed an app that used the Baidu SDK," reports Bleeping Computer. "That particular vulnerability affected over 100 million smartphones, but Baidu moved quickly to release an update. The paper detailing the team's work is entitled Open Doors for Bob and Mallory: Open Port Usage in Android Apps and Security Implications, and was presented Wednesday, April 26, at the 2nd IEEE European Symposium on Security and Privacy that took place this week in Paris, France."
Government

Airbnb Gives In To Regulator's Demand To Test For Racial Discrimination By Hosts (theguardian.com) 220

As part of an agreement with California regulators, Airbnb will allow the government to test for racial discrimination by hosts. The Guardian reports: The California Department of Fair Employment and Housing (DFEH) announced Thursday that it had resolved a complaint it filed against Airbnb with an agreement that forces the company to permit the state to conduct "fair housing testing" of certain hosts. That means that for the first time the San Francisco-based company is giving a regulatory body permission to conduct the kind of racial discrimination audits that officials have long used to enforce fair housing laws against traditional landlords. The DFEH's original complaint -- which had not previously been disclosed -- was based on research and a growing number of reports suggesting that hosts regularly refuse to rent to guests due to their race, a problem exposed last year under the hashtag #AirbnbWhileBlack.
Transportation

Apple, Tesla Ask California To Change Its Proposed Policies On Self-Driving Car Testing (reuters.com) 29

Tesla and Apple have asked the state of California to change its proposed policies on self-driving cars to allow companies to test vehicles without traditional steering wheels and controls or human back-up drivers, among other things. Reuters reports: In a letter made public Friday, Apple made a series of suggested changes to the policy that is under development and said it looks forward to working with California and others "so that rapid technology development may be realized while ensuring the safety of the traveling public." Waymo, the self-driving car unit of Google parent company Alphabet Inc, Ford Motor Co, Uber Technologies Inc, Toyota Motor Corp, Tesla Motors Inc and others also filed comments suggesting changes. Apple said California should revise how companies report self-driving system "disengagements." California currently requires companies to report how many times the self-driving system was deactivated and control handed back to humans because of a system failure or a traffic, weather or road situation that required human intervention. Apple said California's rules for development vehicles used only in testing could "restrict both the design and equipment that can be used in test vehicles." Tesla said California should not bar testing of autonomous vehicles that are 10,000 pounds (4,535 kg) or more. Tesla also said California should not prohibit the sale of non-self-driving vehicles previously used for autonomous vehicle testing.
Privacy

WikiLeaks Reveals the 'Snowden Stopper': CIA Tool To Track Whistleblowers (zerohedge.com) 89

schwit1 quotes a report from Zero Hedge: As the latest installment of it's "Vault 7" series, WikiLeaks has just dropped a user manual describing a CIA project known as "Scribbles" (a.k.a. the "Snowden Stopper"), a piece of software purportedly designed to allow the embedding of "web beacon" tags into documents "likely to be stolen." The web beacon tags are apparently able to collect information about an end user of a document and relay that information back to the beacon's creator without being detected. Per WikiLeaks' press release. But, the "Scribbles" user guide notes there is just one small problem with the program: it only works with Microsoft Office products. So, if end users use other programs such as OpenOffice of LibreOffice then the CIA's watermarks become visible to the end user and their cover is blown.
Security

A Database of Thousands of Credit Cards Was Left Exposed on the Open Internet (zdnet.com) 35

A US online pet store has exposed the details of more than 110,400 credit cards used to make purchases through its website, researchers have found. From a report on ZDNet: In a stunning show of poor security, the Austin, TX-based company FuturePets.com exposed its entire customer database, including names, postal and email addresses, phone numbers, credit card information, and plain-text passwords. Several customers that we reached out to confirmed some of their information when it was provided by ZDNet, but did not want to be named. The database was exposed because of the company's own insecure server and use of "rsync," a common protocol used for synchronizing copies of files between two different computers, which wasn't protected with a username or password.
Government

NSA Halts Collection of Americans' Emails About Foreign Targets (nytimes.com) 48

The NSA is stopping one of the most disputed forms of its warrantless surveillance program (alternative source), one in which it collects Americans' emails and texts to and from people overseas and that mention a foreigner under surveillance, NYTimes reports on Friday citing officials familiar with the matter. From the report: National security officials have argued that such surveillance is lawful and helpful in identifying people who might have links to terrorism, espionage or otherwise are targeted for intelligence-gathering. The fact that the sender of such a message would know an email address or phone number associated with a surveillance target is grounds for suspicion, these officials argued. [...] The N.S.A. made the change to resolve problems it was having complying with special rules imposed by the Foreign Intelligence Surveillance Court in 2011 to protect Americans' privacy. For technical reasons, the agency ended up collecting messages sent and received domestically as a byproduct of such surveillance, the officials said.
Network

The Internet-of-Things is Maturing (axios.com) 33

An anonymous reader shares a report: The "Internet of Things" (IoT) category is starting to mature in terms of startup investments, according to a new report from Silicon Valley venture capital firm Wing. Like any other trendy area of tech, IoT is in the midst of its own hype cycle, so it's important to get a more detailed picture of how the money is flowing.
Businesses

Qualcomm Says Apple To Stop Paying Royalties (reuters.com) 57

Apple has decided to withhold royalty payments to its contract manufacturers that are owed to Qualcomm, until a legal dispute between the companies is resolved, the chipmaker said on Friday. From a report: Qualcomm, the largest maker of chips used in smartphones, said it will not receive royalties from Apple's contract manufacturers for sales made during the quarter ended March 31. San Diego, California-based Qualcomm also slashed its profit and revenue forecasts for the current quarter, to account for the lost royalty revenue.
Privacy

Lawsuit: Fox News Group Hacked, Surveilled, and Stalked Ex-Host Andrea Tantaros (arstechnica.com) 99

An anonymous reader quotes a report from Ars Technica: Comparing their actions to the plot this season on the Showtime series Homeland, an attorney for former Fox News host Andrea Tantaros has filed a complaint in federal court against Fox News, current and former Fox executives, Peter Snyder and his financial firm Disruptor Inc., and 50 "John Doe" defendants. The suit alleges that collective participated in a hacking and surveillance campaign against her. Tantaros filed a sexual harassment suit against Roger Ailes and Fox News in August of 2016, after filing internal complaints with the company about harassment dating back to February of 2015. She was fired by the network in April of 2016, as Tantaros continued to press complaints against Fox News' then-Chairman and CEO Roger Ailes, Bill O'Reilly, and others. Tantaros had informed Fox that she would be filing a lawsuit over the alleged sexual harassment. Tantaros claims that as early as February of 2015, a group run out of a "black room" at Fox News engaged in surveillance and electronic harassment of her, including the use of "sock puppet" social media accounts to electronically stalk her. Tantaros' suit identifies Peter Snyder and Disruptor Inc. as the operators of a social influence operation using "sock puppet" accounts on Twitter and other social media.
Patents

Apple Patent Hints At Wirelessly Charging Your iPhone Via Wi-Fi Routers (appleinsider.com) 137

According to AppleInsider, "Apple is experimenting with medium- to long-distance wireless charging technologies that could one day allow users to charge up their iPhones with nothing more than a Wi-Fi router." From the report: Detailed in Apple's patent application for "Wireless Charging and Communications Systems With Dual-Frequency Patch Antennas" is a method for transferring power to electronic devices over frequencies normally dedicated to data communications. In its various embodiments, the invention notes power transfer capabilities over any suitable wireless communications link, including cellular between 700 MHz and 2700 MHz, and Wi-Fi operating at 2.4 GHz and 5 GHz. More specifically, the document's claims apply to millimeter wave 802.11ad spectrum channels currently in use by the WiGig standard, which operates over the 60 GHz frequency band. Theoretically, the proposal opens the door to wire-free charging from in-home Wi-Fi routers to cellular nodes and even satellite signals. Of course, amplitude in a wireless system is normally a function of distance. Like conventional wireless charging techniques, Apple's design requires two devices -- a transmitter and receiver -- to function. Each device contains one or more antennas coupled to wireless circuitry capable of making phase and magnitude adjustments to transmitted and received signals. Such hardware can be employed in dynamic beam steering operations.
NASA

NASA Delays First Flight of New SLS Rocket Until 2019 (arstechnica.com) 107

schwit1 writes: Despite spending almost $19 billion and more than thirteen years of development, NASA today admitted that it will have to delay the first test flight of the SLS rocket from late 2018 to sometime in 2019. "We agree with the GAO that maintaining a November 2018 launch readiness date is not in the best interest of the program, and we are in the process of establishing a new target in 2019," wrote William Gerstenmaier, chief of NASA's human spaceflight program. "Caution should be used in referencing the report on the specific technical issues, but the overall conclusions are valid." The competition between the big government SLS/Orion program and private commercial space is downright embarrassing to the government. While SLS continues to be delayed, even after more than a decade of work and billions of wasted dollars, SpaceX is gearing up for the first flight of Falcon Heavy this year. And they will be doing it despite the fact that Congress took money from the commercial private space effort, delaying its progress, in order to throw more money at SLS/Orion.
Businesses

Kill Net Neutrality and You'll Kill Us, Say 800 US Startups (google.com) 296

A group of more than 800 startups has sent a letter to the FCC chairman Ajit Pai saying they are "deeply concerned" about his decision to kill net neutrality -- reversing the Title II classification of internet service providers. The group, which includes Y Combinator, Etsy, Foursquare, GitHub, Imgur, Nextdoor, and Warby Parker, added that the decision could end up shutting their businesses. They add, via an article on The Verge: "The success of America's startup ecosystem depends on more than improved broadband speeds. We also depend on an open Internet -- including enforceable net neutrality rules that ensure big cable companies can't discriminate against people like us. We're deeply concerned with your intention to undo the existing legal framework. Without net neutrality, the incumbents who provide access to the Internet would be able to pick winners or losers in the market. They could impede traffic from our services in order to favor their own services or established competitors. Or they could impose new tolls on us, inhibiting consumer choice. [...] Our companies should be able to compete with incumbents on the quality of our products and services, not our capacity to pay tolls to Internet access providers."
The Courts

University of California IT Workers Replaced By Offshore Outsourcing Firm To File Discrimination Lawsuit (computerworld.com) 303

The IT workers from the University of California's San Francisco campus who were replaced by an offshore outsourcing firm late last year intend to file a lawsuit challenging their dismissal. "It will allege that the tech workers at the university's San Francisco campus were victims of age and national origin discrimination," reports Computerworld. From the report: The IT employees lost their jobs in February after the university hired India-based IT services firm HCL. Approximately 50 full-time university employees lost their jobs, but another 30 contractor positions were cut as well. "To take a workforce that is overwhelmingly over the age of 40 and replace them with folks who are mainly in their 20s -- early 20s, in fact -- we think is age discrimination," said the IT employees' attorney, Randall Strauss, of Gwilliam Ivary Chiosso Cavalli & Brewer. The national origin discrimination claim is the result of taking a workforce "that reflects the diversity of California" and is summarily let go and is "replaced with people who come from one particular part of the world," said Strauss. The lawsuit will be filed in Alameda County Superior Court.
Businesses

Should Banks Let Ancient Programming Language COBOL Die? (thenextweb.com) 371

COBOL is a programming language invented by Hopper from 1959 to 1961, and while it is several decades old, it's still largely used by the financial sector, major corporations and part of the federal government. Mar Masson Maack from The Next Web interviews Daniel Doderlein, CEO of Auka, who explains why banks don't have to actively kill COBOL and how they can modernize and "minimize the new platforms' connections to the old systems so that COBOL can be switched out in a safe and cheap manner." From the report: According to [Doderlein], COBOL-based systems still function properly but they're faced with a more human problem: "This extremely critical part of the economic infrastructure of the planet is run on a very old piece of technology -- which in itself is fine -- if it weren't for the fact that the people servicing that technology are a dying race." And Doderlein literally means dying. Despite the fact that three trillion dollars run through COBOL systems every single day they are mostly maintained by retired programming veterans. There are almost no new COBOL programmers available so as retirees start passing away, then so does the maintenance for software written in the ancient programming language. Doderlein says that banks have three options when it comes to deciding how to deal with this emerging crisis. First off, they can simply ignore the problem and hope for the best. Software written in COBOL is still good for some functions, but ignoring the problem won't fix how impractical it is for making new consumer-centric products. Option number two is replacing everything, creating completely new core banking platforms written in more recent programming languages. The downside is that it can cost hundreds of millions and it's highly risky changing the entire system all at once. The third option, however, is the cheapest and probably easiest. Instead of trying to completely revamp the entire system, Doderlein suggests that banks take a closer look at the current consumer problems. Basically, Doderlein suggests making light-weight add-ons in more current programming languages that only rely on COBOL for the core feature of the old systems.

Slashdot Top Deals