aggregator

Should The Government Fix Slow Internet Access?

Slashdot - Your Rights Online - N, 2017-07-30 21:28
An anonymous reader quotes a story from Nate Silver's FiveThirtyEight site about "the worst internet in America": FiveThirtyEight analyzed every county's broadband usage using data from researchers at the University of Iowa and Arizona State University and found that Saguache, Colorado was at the bottom. Only 5.6 percent of adults were estimated to have broadband... It has some of the worst internet in the country. That's in part because of the mountains and the isolation they bring... Its population of 6,300 is spread across 3,169 square miles 7,800 feet above sea level, but on land that is mostly flat, so you can almost see the full scope of two mountain ranges as you drive the county's highway... But Saguache isn't alone in lacking broadband. According to the Federal Communications Commission, 39 percent of rural Americans -- 23 million people -- don't have access. In Pew surveys, those who live in rural areas were about twice as likely not to use the internet as urban or suburban Americans. In Saguache County download speeds of 12 Mbps (with an upload speed of 2 Mbps) cost $90 a month, and the article points out that when it comes to providing broadband, "small companies and cooperatives are going it more or less alone, without much help yet from the federal government." But that raises an inevitable question. Should the federal government be subsidizing rural internet access?

Read more of this story at Slashdot.

Honolulu Targets 'Smartphone Zombies' With Crosswalk Ban

Slashdot - Your Rights Online - N, 2017-07-30 17:10
Templer421 shares news from Reuters: A ban on pedestrians looking at mobile phones or texting while crossing the street will take effect in Hawaii's largest city in late October, as Honolulu becomes the first major U.S. city to pass legislation aimed at reducing injuries and deaths from "distracted walking." The ban comes as cities around the world grapple with how to protect phone-obsessed "smartphone zombies" from injuring themselves by stepping into traffic or running into stationary objects. Starting Oct. 25, Honolulu pedestrians can be fined between $15 and $99, depending on the number of times police catch them looking at a phone or tablet device as they cross the street, Mayor Kirk Caldwell told reporters gathered near one of the city's busiest downtown intersections on Thursday... People making calls for emergency services are exempt from the ban... Opponents of the Honolulu law argued it infringes on personal freedom and amounts to government overreach. Meanwhile, the city of London has tried putting pads on their lamp posts "to soften the blow for distracted walkers."

Read more of this story at Slashdot.

Will 'Smart Cities' Violate Our Privacy?

Slashdot - Your Rights Online - N, 2017-07-30 06:54
An anonymous reader quotes Computerworld's article on the implications of New York City's plan to blanket the city with "smart" kiosks offering ultrafast Wi-Fi. The existence of smart-city implementations like Intersection's LinkNYC means that New Yorkers won't actually need mobile contracts anymore. Most who would otherwise pay for them will no doubt continue to do so for the convenience. But those who could not afford a phone contract in the past will have ubiquitous fast connectivity in the future. This strongly erodes the digital divide within smart cities. A 2015 study conducted by New York City found that more than a quarter of city households had no internet connectivity at home, and more than half a million people didn't own their own computer... Over the next 15 years, the city will go through the other two phases, where sensor data will be processed by artificial intelligence to gain unprecedented insights about traffic, environment and human behavior and eventually use it to intelligently re-direct traffic and shape other city functions... And as autonomous cars gradually roll out, New York will be well positioned to be one of the first cities to legalize them, because they'll be safer thanks to 5G, sensors and data from all those kiosks. Intersection, a Google-backed startup, has already installed 1,000 of the kiosks in New York, and is planning to install 7,000 more. The sides of the kiosk have screens which show alerts and other public information -- as well as advertisements, which cover all the costs of the installations and even bring extra money into the city coffers. New York's move "puts pressure on other U.S. cities to follow suit," the article also points out, adding that privacy policies "are negotiated agreements between the company and the city. So if a city wants to use those cameras and sensors for surveillance, it can."

Read more of this story at Slashdot.

US Voting Machines Cracked In 90 Minutes At DEFCON

Slashdot - Your Rights Online - N, 2017-07-30 03:50
An anonymous reader quotes The Hill: Hackers at at a competition in Las Vegas were able to successfully breach the software of U.S. voting machines in just 90 minutes on Friday, illuminating glaring security deficiencies in America's election infrastructure. Tech minds at the annual "DEF CON" in Las Vegas were given physical voting machines and remote access, with the instructions of gaining access to the software. According to a Register report, within minutes, hackers exposed glaring physical and software vulnerabilities across multiple U.S. voting machine companies' products. Some devices were found to have physical ports that could be used to attach devices containing malicious software. Others had insecure Wi-Fi connections, or were running outdated software with security vulnerabilities like Windows XP. Though some of the machines were out of date, they were all from "major U.S. voting machine companies" like Diebold Nixorf, Sequoia Voting Systems, and WinVote -- and were purchased on eBay or at government auctions. One of the machines apparently still had voter registration data stored in plain text in an SQLite database from a 2008 election, according to event's official Twitter feed. By Saturday night they were tweeting video of a WinVote machine playing Rick Astley's "Never Gonna Give You Up."

Read more of this story at Slashdot.

Apple Pulls Anti-Censorship Apps from China's App Store

Slashdot - Your Rights Online - N, 2017-07-30 01:46
An anonymous reader quotes Fortune:Services helping Chinese users circumvent the "Great Firewall of China" have been pulled from Apple's Chinese App Store en masse. On Saturday morning, at least some software makers affected by the sweep received notification from Apple that their tools were removed for violating Chinese law. Internet censorship in China restricts communications about topics including democracy, Tibetan freedom, and the 1989 Tienanmen Square protests. The culling primarily seems to have affected virtual private networks, or VPNs, which mask users' Internet activity and data from outside monitoring. According to a report by the New York Times, many of the most popular such apps are now missing from the Chinese App Store.

Read more of this story at Slashdot.

Do Kill Switches Deter Cellphone Theft?

Slashdot - Your Rights Online - So, 2017-07-29 23:38
evolutionary shares an article from Ars Technica: San Francisco's district attorney says that a California state law mandating "theft-deterring technological solutions" for smartphones has resulted in a precipitous drop in such robberies. Those measures primarily include a remote kill switch after a phone has been stolen that would allow a phone to be disabled, withstanding even a hard reset. Such a kill switch has become standard in all iPhones ("Activation Lock") and Android phones ("Device Protection") since 2015... When measured from the peak in 2013, "overall robberies involving smartphones have declined an astonishing 50 percent... Because of this hard-fought legislation, stealing a smartphone is no longer worth the trouble, and that means the devices we use every day no longer make us targets for violent crime."

Read more of this story at Slashdot.

Stealthy Google Play Apps Recorded Calls and Stole Emails

Slashdot - Your Rights Online - So, 2017-07-29 21:34
An anonymous reader quotes Ars Technica: Google has expelled 20 Android apps from its Play marketplace after finding they contained code for monitoring and extracting users' e-mail, text messages, locations, voice calls, and other sensitive data. The apps, which made their way onto about 100 phones, exploited known vulnerabilities to root devices running older versions of Android.... As a result, the apps were capable of surreptitiously accessing sensitive data stored, sent, or received by at least a dozen other apps, including Gmail, Hangouts, LinkedIn, and Messenger. The now-ejected apps also collected messages sent and received by Whatsapp, Telegram, and Viber, which all encrypt data in an attempt to make it harder for attackers to intercept messages while in transit... To conceal their surveillance capabilities, the apps posed as utilities for cleaning unwanted files or backing up data. Google reports that the malicious apps also had these functions: Call recordingVOIP recordingRecording from the device microphoneLocation monitoringTaking screenshotsTaking photos with the device camera(s)Fetching device information and filesFetching user information (contacts, call logs, SMS, application-specific data) 12 hours later an antivirus provider reported two more Google Play apps could surreptitiously steal text messages by downloading a malicious plugin -- and that the apps had already been downloaded at least 100,000 times.

Read more of this story at Slashdot.

The US Congress Is Investigating Government Use Of Kaspersky Software

Slashdot - Your Rights Online - So, 2017-07-29 20:34
An anonymous reader quotes Reuters: A U.S. congressional panel this week asked 22 government agencies to share documents on Moscow-based cyber firm Kaspersky Lab, saying its products could be used to carry out "nefarious activities against the United States," according to letters seen by Reuters. The requests made on Thursday by the U.S. House of Representatives Committee on Science, Space and Technology are the latest blow to the antivirus company, which has been countering accusations by U.S. officials that it may be vulnerable to Russian government influence... The committee "is concerned that Kaspersky Lab is susceptible to manipulation by the Russian government, and that its products could be used as a tool for espionage, sabotage, or other nefarious activities against the United States," wrote the panel's Republican chairman, Lamar Smith, in the letters... A committee aide told Reuters the survey was a "first step" designed to canvas the U.S. government and that more action may follow depending on the results. Agencies contacted include both the Deparatment of Homeland Security and NASA. The committee wants to see internal risk assessments, plus a list of all systems using Kaspersky products and the names of government contractors using the software.

Read more of this story at Slashdot.

Crooks Reused Passwords On the Dark Web So Dutch Police Took Over Their Accounts

Slashdot - Your Rights Online - So, 2017-07-29 12:15
An anonymous reader writes: Dutch Police is aggressively going after Dark Web vendors using data they collected from the recently seized Hansa Market. According to reports, police is using the Hansa login credentials to authenticate on other Dark Web portals, such as Dream. If vendors reused passwords, police take over the accounts and set up traps or map the sales of illegal products. Other crooks noticed the account hijacks because Dutch Police changed the PGP key for the hijacked accounts with their own, which was accidentally signed with the name "Dutch Police." The second method of operation spotted by the Dark Web community involves so-called "locktime" files that were downloaded from the Hansa Market before Dutch authorities shut it down on July 20. Under normal circumstances a locktime file is a simple log of a vendor's market transaction, containing details about the sold product, the buyer, the time of the sale, the price, and Hansa's signature. The files are used as authentication by vendors to request the release of Bitcoin funds after a sale's conclusion, or if the market was down due to technical reasons. Before the market went down, these locktime files were replaced with Excel files that contained a hidden image that would beacon back to police servers, exposing the vendor's real location. Dutch Police was able to do this because they took over Hansa servers on June 20 and operated the market for one more month, collecting data on vendors.

Read more of this story at Slashdot.

Bad News If You Make $150,000 to $300,000: Higher Taxes for Many

Slashdot - Your Rights Online - So, 2017-07-29 10:00
From a WSJ report: If President Donald Trump sticks to what he has said, Americans earning between $149,400 and $307,900 are most likely to see an increase in their taxes as a result of tax reform (Editor's note: the link could be paywalled). Those figures come from a recent study by the Tax Policy Center, a nonpartisan group in Washington, and are based on Mr. Trump's statements and proposals. The study concludes that nearly one-third of about 19 million households in that income range could see tax increases averaging from $3,000 to $4,000 a year. By contrast, less than 10% of households earning the least or the most -- below $25,000 or above $733,000 -- would owe more after a tax overhaul. Over all, the study found that about 20% of taxpayers would owe more after tax reform than before it. The issue of tax reform's winners and losers has resurfaced after top congressional Republicans and the Trump administration released a set of broad principles for tax policy on Thursday containing few details.

Read more of this story at Slashdot.

Apple Paid Nokia $2 Billion To Escape Fight Over Old Patents

Slashdot - Your Rights Online - So, 2017-07-29 05:11
An anonymous reader shares a report: Apple's latest patent spat with Nokia resulted in a $2 billion up-front payment from the iPhone maker, a colossal sum that seems to indicate Apple was eager to avoid a protracted and ugly dispute that could rival the one it had with Samsung. The new details of the settlement, which was first announced back in May without the disclosure of a financial amount or the new licensing terms, were spotted in Nokia's second quarter earnings release. "We got a substantial upfront cash payment of $2 billion from Apple, strengthening further our cash position. As said earlier, our plans is to provide more details on the intended use of cash in conjunction with our Q3 earnings," reads the official transcript of Nokia's quarterly earnings call with investors yesterday. Neither Nokia nor Apple have disclosed the terms of the new licensing deal, including whether it involves recurring payments or how many years it will be in place.

Read more of this story at Slashdot.

Roomba Is No Spy: CEO Says iRobot Will Never Sell Your Data

Slashdot - Your Rights Online - So, 2017-07-29 04:05
It's been a challenging week for iRobot, the company behind the popular Roomba robotic vacuums. From a report: It started with an interview in Reuters, in which the company's chief executive Colin Angle gave the clear impression that iRobot was selling consumers' home mapping data (Editor's note: the chief executive said the company intended to explore the opportunity). Last night, Angle and iRobot got back to me on this issue. They provided the following response to the concerns I and others shared. "First things first, iRobot will never sell your data. Our mission is to help you keep a cleaner home and, in time, to help the smart home and the devices in it work better. There's no doubt that a robot can help your home be smarter. It's the data it collects to do its job, and the trusted relationship between you, your robot and iRobot, that is critical for that to happen. Information that is shared needs to be controlled by the customer and not as a data asset of a corporation to exploit. That is how data is handled by iRobot today. Customers have control over sharing it. I want to make very clear that this is how data will be handled in the future."

Read more of this story at Slashdot.

Congress Asks US Agencies For Kaspersky Lab Cyber Documents

Slashdot - Your Rights Online - Pt, 2017-07-28 23:00
Reuters reports: A U.S. congressional panel this week asked 22 government agencies to share documents on Moscow-based cyber firm Kaspersky Lab, saying its products could be used to carry out "nefarious activities against the United States," according to letters seen by Reuters. The requests made on Thursday by the U.S. House of Representatives Committee on Science, Space and Technology are the latest blow to the antivirus company, which has been countering accusations by U.S. officials that it may be vulnerable to Russian government influence. The committee asked the agencies for all documents and communications about Kaspersky Lab products dating back to Jan. 1, 2013, including any internal risk assessments. It also requested lists of any systems that use Kaspersky products and the names of any U.S. government contractors or subcontractors that do so. Kaspersky has repeatedly denied that it has ties to any government and said it would not help any government with cyber espionage. It said there is no evidence for the accusations made by U.S. officials. The committee "is concerned that Kaspersky Lab is susceptible to manipulation by the Russian government, and that its products could be used as a tool for espionage, sabotage, or other nefarious activities against the United States," wrote the panel's Republican chairman, Lamar Smith, in the letters.

Read more of this story at Slashdot.

Hacker Cracks Smart Gun Security To Shoot It Without Approval

Slashdot - Your Rights Online - Pt, 2017-07-28 20:40
An anonymous reader shares a CNN report:Smart guns are supposed to be safer than traditional weapons. They're designed to only fire when paired with a second piece of technology that identifies the shooter, like an electronic chip or a fingerprint. Supporters say they could stop accidental shootings or misfires. And they've been lauded by law enforcement to prevent criminals from using stolen or misplaced guns. However, like any technology, they're not unhackable. A hacker known by the pseudonym Plore doesn't want to put a stop to smart guns, but he wants the firearm industry that's increasingly manufacturing these devices to know that they can be hacked. The model Plore hacked is called the Armatix IPI. It pairs electronically with a smart watch so that only the person wearing the watch can fire it. The devices authenticate users via radio signals, electronically talking to each other within a small range. Plore broke the security features in three different ways, including jamming radio signals in the weapon and watch so the gun couldn't be fired, and shooting the gun with no watch nearby by placing strong magnets next to the weapon.

Read more of this story at Slashdot.

Hackers Vandalize Vegas Pool Party Club in 'All Out War'

Slashdot - Your Rights Online - Pt, 2017-07-28 18:40
From a CNET report: Next to DJ Tiesto's loud image on Wet Republic's website sits a photo of a bikini model with a beard and an eye patch, with a simple message: "It's all out war." Not exactly the type of message you'd expect from a spot that advertises itself as a dance club that doubles as a pool party, but when hackers are in town for Defcon, everything seems to be fair game. The hacker convention, which is in its 25th year in Las Vegas, typically has hotels on alert for its three days of Sin City talk, demos and mischief. Guests are encouraged not to pick up any flash drives lying around, and employees are trained to be wary of social engineering -- that is, bad guys pretending to be someone innocent and in need of just a little help. Small acts of vandalism pop up around town. At Caesars Palace, where Defcon is happening, the casino's UPS store told guests it was not accepting any print requests from USB drives or links, and only printing from email attachments. Hackers who saw this laughed, considering that emails are hardly immune from malware. But the message is clear: During these next few days, hackers are going to have their fun, whether it's through a compromised Wi-Fi network or an open-to-mischief website. Wet Republic's site had two images vandalized, both for the "Hot 100" party with DJ Shift. The digital graffiti popped up early Friday morning, less than 24 hours after Defcon kicked off.

Read more of this story at Slashdot.

An End To Phone Pranking

Slashdot - Your Rights Online - Pt, 2017-07-28 17:20
An anonymous reader shares a report: A researcher at Carnegie Mellon University has developed an intelligent system that is helping the U.S. Coast Guard to distinguish and weed out prank mayday calls that cost it up to millions of dollars a year when it flies or motors out on pointless rescue missions, per Govtech.com. The program, created by Carnegie Mellon's Rita Singh, creates a barcode of a person's voice, deciphering whether the caller really is on a boat or actually in a house somewhere. It can unmask repeat pranksters since it can pick up telltale markers and match them up.

Read more of this story at Slashdot.

Calibri Font Plays Its Role: Pakistan Now Sans Sharif as Prime Minister is Disqualified

Slashdot - Your Rights Online - Pt, 2017-07-28 16:40
Usama Jawad, writing for Neowin: A few weeks ago, we reported that Microsoft's Calibri font has been used as evidence against Prime Minister Nawaz Sharif and his family in a corruption case. Today, Sharif has been disqualified from his position as a part of the court's final verdict of the case. The case concerns the "Panama Papers", which is a collection of 11.5 million documents detailing information related to over 200,000 offshore accounts. Ever since the Panama Papers were anonymously leaked back in 2015, there has been a major shift in the political situation in many countries. One such country is Pakistan, where the names of numerous members of the Prime Minister Nawaz Sharif's family were spotted in the papers. If you aren't aware of the Calibri controversy, it is as follows: Nawaz Sharif's daughter Maryam Nawaz submitted photocopies of several documents in order to deny any corruption, but it appears that the documents contained Microsoft's Calibri font, even though they were dated February 6, 2006. It is important to note that the font wasn't commercially available until much later. Despite being created in 2004, the font did not reach the general public until January 30, 2007.

Read more of this story at Slashdot.

Intelligence Chairman Accuses Obama Aids of Hundreds of Unmasking Requests

Slashdot - Your Rights Online - Pt, 2017-07-28 15:00
mi writes: When American spies capture our communications with foreigners, the identities of Americans on the other side of the conversation are generally protected -- if not by bona-fide laws, then certainly by rules and regulations. A transcript of the conversation should have their name replaced with labels like "U.S. person 1". The citizen involved can only be "unmasked" with a good reason. In 2011, Obama relaxed these rules, making it much simpler even for officials without any intelligence role to obtain the identities. Predictably, certain top officials of the Obama Administration abused their access to get this information: "The [House Intelligence] committee has learned that one official, whose position had no apparent intelligence related function, made hundreds of unmasking requests during the final year of the Obama administration," [Intelligence Chairman Devin] Nunes wrote. "Of those requests, only one offered a justification that was not boilerplate."

Read more of this story at Slashdot.

US Indicts Suspected Russian 'Mastermind' of $4 Billion Bitcoin Laundering Scheme

Slashdot - Your Rights Online - Pt, 2017-07-28 02:05
schwit1 shares a report from Reuters: A U.S. jury indicted a Russian man on Wednesday as the operator of a digital currency exchange he allegedly used to launder more than $4 billion for people involved in crimes ranging from computer hacking to drug trafficking. Alexander Vinnik was arrested in a small beachside village in northern Greece on Tuesday, according to local authorities, following an investigation led by the U.S. Justice Department along with several other federal agencies and task forces. U.S. officials described Vinnik in a Justice Department statement as the operator of BTC-e, an exchange used to trade the digital currency bitcoin since 2011. They alleged Vinnik and his firm "received" more than $4 billion in bitcoin and did substantial business in the United States without following appropriate protocols to protect against money laundering and other crimes. U.S. authorities also linked him to the failure of Mt. Gox, a Japan-based bitcoin exchange that collapsed in 2014 after being hacked. Vinnik "obtained" funds from the hack of Mt. Gox and laundered them through BTC-e and Tradehill, another San Francisco-based exchange he owned, they said in the statement.

Read more of this story at Slashdot.

German Court Rules Bosses Can't Use Keyboard-Tracking Software To Spy On Workers

Slashdot - Your Rights Online - Cz, 2017-07-27 23:20
An anonymous reader quotes a report from The Local: The Federal Labour Court ruled on Thursday that evidence collected by a company through keystroke-tracking software could not be used to fire an employee, explaining that such surveillance violates workers' personal rights. The complainant had been working as a web developer at a media agency in North Rhine-Westphalia since 2011 when the company sent an email out in April 2015 explaining that employees' complete "internet traffic" and use of the company computer systems would be logged and permanently saved. Company policy forbade private use of the computers. The firm then installed keylogger software on company PCs to monitor keyboard strokes and regularly take screenshots. Less than a month later, the complainant was called in to speak with his boss about what the company had discovered through the spying software. Based on their findings, they accused him of working for another company while at work, and of developing a computer game for them. [...] So the programmer took his case to court, arguing that the evidence used against him had been collected illegally. The Federal Labour Court agreed with this argument, stating in the ruling that the keylogger software was an unlawful way to control employees. The judges added that using such software could be legitimate if there was a concrete suspicion beforehand of a criminal offense or serious breach of work duties.

Read more of this story at Slashdot.