×

Announcing: Slashdot Deals - Explore geek apps, games, gadgets and more. (what is this?)

Thank you!

We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!

  • New Snowden Docs Show GCHQ Paid Telcos For Cable Taps

    Advocatus Diaboli sends word of a new release of documents made available by Edward Snowden. The documents show British intelligence agency GCHQ had a deep partnership with telecommunications company Cable & Wireless (acquired later by Vodafone). The company allowed GCHQ to tap submarine cables around the world, and was paid millions of British pounds as compensation. The relationship was so extensive that a GCHQ employee was assigned to work full time at Cable & Wireless (referred to by the code name “Gerontic” in NSA documents) to manage cable-tap projects in February of 2009. By July of 2009, Cable & Wireless provided access to 29 out of the 63 cables on the list, accounting for nearly 70 percent of the data capacity available to surveillance programs. ... As of July of 2009, relationships with three telecom companies provided access to 592 10-gigabit-per-second pipes on the cables collectively and 69 10-gbps “egress” pipes through which data could be pulled back. The July 2009 documents included a shopping list for additional cable access—GCHQ sought to more than triple its reach, upping access to 1,693 10-gigabit connections and increasing egress capacity to 390. The documents revealed a much shorter list of "cables we do not currently have good access [to]."

    46 comments | 4 hours ago

  • Revisiting Open Source Social Networking Alternatives

    reifman writes Upstart social networking startup Ello burst on the scene in September with promises of a utopian, post-Facebook platform that respected user's privacy. I was surprised to see so many public figures and media entities jump on board — mainly because of what Ello isn't. It isn't an open source, decentralized social networking technology. It's just another privately held, VC-funded silo. Remember Diaspora? In 2010, it raised $200,641 on Kickstarter to take on Facebook with "an open source personal web server to share all your stuff online." Two years later, they essentially gave up, leaving their code to the open source community to carry forward. In part one of "Revisiting Open Source Social Networking Alternatives," I revisit/review six open source social networking alternatives in search of a path forward beyond Facebook.

    73 comments | yesterday

  • Slack Now Letting Employers Tap Workers' Private Chats

    itwbennett writes: Chat app maker Slack is hoping to make inroads in the enterprise with a new paid plan that will include an optional feature called Compliance Exports that will let administrators access their team's communications, encompassing public and private messages. The tool is far-reaching, potentially including the edit history for workers' messages as well as messages workers have marked for deletion, if the supervisor so desires.

    77 comments | yesterday

  • DHS Set To Destroy "Einstein" Surveillance Records

    schwit1 sends word that The Department of Homeland Security plans on disposing of all the records from a 3-year-long surveillance program without letting the public have access to them. The Department of Homeland Security is poised to ditch all records from a controversial network monitoring system called "Einstein" that are at least three years old, but not for security reasons. DHS reasons the files — which include data about traffic to government websites, agency network intrusions and general vulnerabilities — have no research significance. But some security experts say, to the contrary, DHS would be deleting a treasure chest of historical threat data. And privacy experts, who wish the metadata wasn't collected at all, say destroying it could eliminate evidence that the government wide surveillance system does not perform as intended. The National Archives and Records Administration has tentatively approved the disposal plan, pending a public comment period.

    69 comments | yesterday

  • Judge Unseals 500+ Stingray Records

    An anonymous reader sends this excerpt from Ars Technica: A judge in Charlotte, North Carolina, has unsealed a set of 529 court documents in hundreds of criminal cases detailing the use of a stingray, or cell-site simulator, by local police. This move, which took place earlier this week, marks a rare example of a court opening up a vast trove of applications made by police to a judge, who authorized each use of the powerful and potentially invasive device

    According to the Charlotte Observer, the records seem to suggest that judges likely did not fully understand what they were authorizing. Law enforcement agencies nationwide have taken extraordinary steps to preserve stingray secrecy. As recently as this week, prosecutors in a Baltimore robbery case dropped key evidence that stemmed from stingray use rather than fully disclose how the device was used.

    161 comments | 3 days ago

  • Top NSA Official Raised Alarm About Metadata Program In 2009

    An anonymous reader sends this report from the Associated Press: "Dissenters within the National Security Agency, led by a senior agency executive, warned in 2009 that the program to secretly collect American phone records wasn't providing enough intelligence to justify the backlash it would cause if revealed, current and former intelligence officials say.

    The NSA took the concerns seriously, and many senior officials shared them. But after an internal debate that has not been previously reported, NSA leaders, White House officials and key lawmakers opted to continue the collection and storage of American calling records, a domestic surveillance program without parallel in the agency's recent history.

    110 comments | 4 days ago

  • Greenwald Advises Market-Based Solution To Mass Surveillance

    Nicola Hahn writes In his latest Intercept piece Glenn Greenwald considers the recent defeat of the Senate's USA Freedom Act. He remarks that governments "don't walk around trying to figure out how to limit their own power." Instead of appealing to an allegedly irrelevant Congress Greenwald advocates utilizing the power of consumer demand to address the failings of cyber security. Specifically he argues that companies care about their bottom line and that the trend of customers refusing to tolerate insecure products will force companies to protect user privacy, implement encryption, etc. All told Greenwald's argument is very telling: that society can rely on corporate interests for protection. Is it true that representative government is a lost cause and that lawmakers would never knowingly yield authority? There are people who think that advising citizens to devolve into consumers is a dubious proposition.

    156 comments | 5 days ago

  • Amnesty International Releases Tool To Combat Government Spyware

    New submitter Gordon_Shure_DOT_com writes Human rights charity Amnesty International has released Detekt, a tool that finds and removes known government spyware programs. Describing the free software as the first of its kind, Amnesty commissioned the tool from prominent German computer security researcher and open source advocate Claudio Guarnieri, aka 'nex'. While acknowledging that the only sure way to prevent government surveillance of huge dragnets of individuals is legislation, Marek Marczynski of Amnesty nevertheless called the tool (downloadable here) a useful countermeasure versus spooks. According to the app's instructions, it operates similarly to popular malware or virus removal suites, though systems must be disconnected from the Internet prior to it scanning.

    94 comments | 5 days ago

  • WhatsApp To Offer End-to-End Encryption

    L-One-L-One (173461) writes In a surprise move, nine months after being bought by Facebook, WhatsApp has begun rolling out end-to-end encryption for its users. With true end-to-end encryption data becomes unaccessible to admins of WhatsApp or law enforcement authorities. This new feature first proposed on Android only has been developed in cooperation with Open Whisper Systems, based on TextSecure. With hundreds of million users, WhatsApp becomes by far the largest secure messaging application. FBI Director James Comey might not be pleased. Do you have a current favorite for encrypted online chat?

    93 comments | 5 days ago

  • Republicans Block Latest Attempt At Curbing NSA Power

    Robotron23 writes: The latest attempt at NSA reform has been prevented from passage in the Senate by a margin of 58 to 42. Introduced as a means to stop the NSA collecting bulk phone and e-mail records on a daily basis, the USA Freedom Act has been considered a practical route to curtailment of perceived overreach by security services, 18 months since Edward Snowden went public. Opponents to the bill said it was needless, as Wall Street Journal raised the possibility of terrorists such as ISIS running amok on U.S. soil. Supporting the bill meanwhile were the technology giants Google and Microsoft. Prior to this vote, the bill had already been stripped of privacy protections in aid of gaining White House support. A provision to extend the controversial USA Patriot Act to 2017 was also appended by the House of Representatives.

    437 comments | about a week ago

  • NYT: Privacy Concerns For ClassDojo, Other Tracking Apps For Schoolchildren

    theodp writes: The NY Times' Natasha Singer files a report on popular and controversial behavior tracking app ClassDojo, which teachers use to keep a running tally of each student's score, award virtual badges for obedience, and to communicate with parents about their child's progress. "I like it because you get rewarded for your good behavior — like a dog does when it gets a treat," was one third grader's testimonial. Some parents, teachers and privacy law scholars say ClassDojo (investors) — along with other unproven technologies that record sensitive information about students — is being adopted without sufficiently considering the ramifications for data privacy and fairness. "ClassDojo," writes Singer, "does not seek explicit parental consent for teachers to log detailed information about a child's conduct. Although the app's terms of service state that teachers who sign up guarantee that their schools have authorized them to do so, many teachers can download ClassDojo, and other free apps, without vetting by school supervisors. Neither the New York City nor Los Angeles school districts, for example, keep track of teachers independently using apps."

    A high school teacher interviewed for the article confessed to having not read ClassDojo's policies on handling student data, saying: "I'm one of those people who, when the terms of service are 18 pages, I just click agree." And, if all this doesn't make you parents just a tad nervous, check out this response to the "Has anyone ran a data analysis on their CD data?" question posed to the Class Dojo Community: "I needed to analyze data in regards to a student being placed on ADHD medicine to see whether or not he made any improvements. I have also used it to determine any behavioral changes depending on if a student was with mom/dad for a custody review. I use dojo consistently, so I LOVE getting to use the data to evaluate and share with parents, or even administrators."

    66 comments | about a week ago

  • Tor Eyes Crowdfunding Campaign To Upgrade Its Hidden Services

    apexcp writes The web's biggest anonymity network is considering a crowdfunding campaign to overhaul its hidden services. From the article: "In the last 15 months, several of the biggest anonymous websites on the Tor network have been identified and seized by police. In most cases, no one is quite sure how it happened. The details of such a campaign have yet to be revealed. With enough funding, Tor could have developers focusing their work entirely on hidden services, a change in developer priorities that many Tor users have been hoping for in recent years."

    106 comments | about a week ago

  • Can the US Actually Cultivate Local Competition in Broadband?

    New submitter riskkeyesq writes with a link to a blog post from Dane Jasper, CEO of Sonic.net, about what Jasper sees as the deepest problem in the U.S. broadband market and the Internet in general: "There are a number of threats to the Internet as a system for innovation, commerce and education today. They include net neutrality, the price of Internet access in America, performance, rural availability and privacy. But none of these are the root issue, they're just symptoms. The root cause of all of these symptoms is a disease: a lack of competition for consumer Internet access." Soft landings for former legislators, lobbyists disguised as regulators, hundreds of thousands of miles of fiber sitting unused, the sham that is the internet provider free market is keeping the US in a telecommunications third-world. What, exactly, can American citizens do about it? One upshot, in Jasper's opinion (hardly disinterested, is his role at CEO at an ISP that draws praise from the EFF for its privacy policies) is this: "Today’s FCC should return to the roots of the Telecom Act, and reinforce the unbundling requirements, assuring that they are again technology neutral. This will create an investment ladder to facilities for competitive carriers, opening access to build out and serve areas that are beyond our reach today."

    135 comments | about two weeks ago

  • For Some Would-Be Google Glass Buyers and Devs, Delays May Mean Giving Up

    ErnieKey writes with a Reuters story that says Google's Glass, not yet out for general purchase, has been wearing on the patience of both developers and would-be customers: "After an initial burst of enthusiasm, signs that consumers are giving up on Glass have been building.' Is it true that Google Goggles are simply not attractive to wear? Or perhaps it's the invasion of privacy that is deterring people from wearing them. Regardless, Google needs to change something quickly before they lose all their potential customers. From the article: Of 16 Glass app makers contacted, nine said that they had stopped work on their projects or abandoned them, mostly because of the lack of customers or limitations of the device. Three more have switched to developing for business, leaving behind consumer projects. Plenty of larger developers remain with Glass. The nearly 100 apps on the official website include Facebook and OpenTable, although one major player recently defected: Twitter. "If there was 200 million Google Glasses sold, it would be a different perspective. There's no market at this point," said Tom Frencel, the chief executive of Little Guy Games, which put development of a Glass game on hold this year and is looking at other platforms, including the Facebook-owned virtual-reality goggles Oculus Rift. Several key Google employees instrumental to developing Glass have left the company in the last six months, including lead developer Babak Parviz, electrical engineering chief Adrian Wong, and Ossama Alami, director of developer relations.

    154 comments | about two weeks ago

  • AT&T Stops Using 'Super Cookies' To Track Cellphone Data

    jriding (1076733) writes AT&T Mobility, the nation's second-largest cellular provider, says it's no longer attaching hidden Internet tracking codes to data transmitted from its users' smartphones. The practice made it nearly impossible to shield its subscribers' identities online. Would be nice to hear something similar from Verizon.

    60 comments | about two weeks ago

  • 81% of Tor Users Can Be De-anonymized By Analysing Router Information

    An anonymous reader writes A former researcher at Columbia University's Network Security Lab has conducted research since 2008 indicating that traffic flow software included in network routers, notably Cisco's 'Netflow' package, can be exploited to deanonymize 81.4% of Tor clients. Professor Sambuddho Chakravarty, currently researching Network Anonymity and Privacy at the Indraprastha Institute of Information Technology, uses a technique which injects a repeating traffic pattern into the TCP connection associated with an exit node, and then compares subsequent aberrations in network timing with the traffic flow records generated by Netflow (or equivalent packages from other router manufacturers) to individuate the 'victim' client. In laboratory conditions the success rate of this traffic analysis attack is 100%, with network noise and variations reducing efficiency to 81% in a live Tor environment. Chakravarty says: 'it is not even essential to be a global adversary to launch such traffic analysis attacks. A powerful, yet non- global adversary could use traffic analysis methods [] to determine the various relays participating in a Tor circuit and directly monitor the traffic entering the entry node of the victim connection.'

    136 comments | about two weeks ago

  • Carmakers Promise Not To Abuse Drivers' Privacy

    schwit1 provides this excerpt from an Associated Press report: "Nineteen automakers accounting for most of the passenger cars and trucks sold in the U.S. have signed onto a set of principles they say will protect motorists' privacy in an era when computerized cars pass along more information about their drivers than many motorists realize. The principles were delivered in a letter Wednesday to the Federal Trade Commission, which has the authority to force corporations to live up to their promises to consumers. Industry officials say they want to assure their customers that the information that their cars stream back to automakers or that is downloaded from the vehicle's computers won't be handed over to authorities without a court order, sold to insurance companies or used to bombard them with ads for pizza parlors, gas stations or other businesses they drive past, without their permission. The principles also commit automakers to 'implement reasonable measures' to protect personal information from unauthorized access." Also at the Detroit News. Adds schwit1: "It's a meaningless gesture without being codified into law. A greedy car manufacturer or NSL trumps any 'set of principles'." The letter itself (PDF) isn't riveting, but it's more readable than some such documents, and all the promises it makes are a good reminder of just how much data modern cars can collect, and all the ways that it can be passed on.

    98 comments | about two weeks ago

  • Senate May Vote On NSA Reform As Soon As Next Week

    apexcp writes Senate Majority Leader (for now) Harry Reid announced he will be taking the USA FREEDOM Act to a floor vote in the Senate as early as next week. While the bill, if passed, would be the first significant legislative reform of the NSA since 9/11, many of the act's initial supporters have since disavowed it, claiming that changes to its language mean it won't do enough to curb the abuses of the American surveillance state

    127 comments | about two weeks ago

  • European Parliament Considers Sharing Passenger Information By Default

    An anonymous reader writes The EU Passenger Name Record (PNR) proposal which was defeated in April of last year has returned to consideration in the European Parliament today. The law would require that airlines provide extensive personal details of anyone flying into or out of Europe. The information would include name, address, phone numbers, credit card information and travel itinerary. Director of Europol Rob Wainwright says that PNR is within the bounds of "reasonable measures" in the struggle against terrorism, and that possible threats against Europe have increased in the more than 12 months since the law was last rejected. Dutch MEP Sophie In't Veld is arguing that the Data Protection Directive should be put into place before any such systematized disclosure be ratified. "They want unlimited powers," she said. "they don't want to be bound by rules or data protection authorities and that's the reality."

    58 comments | about two weeks ago

  • Hacker Builds a Dark Net Version of the FBI Tip Form

    Daniel_Stuckey writes A London-based programmer has set up a new hidden service for anyone using Tor to submit anonymous tips to the FBI. With the new .onion hidden service link, which accesses the FBI's tips page through a reverse proxy, Mustafa Al-Bassam told me in an IRC chat that he's engineered a "proof-of-concept," demonstrating how the bureau might go about setting up a more secure system for receiving crime tips.

    41 comments | about two weeks ago

Slashdot Login

Need an Account?

Forgot your password?