Subscribe: Slashdot: Your Rights OnlineSearch Slashdot
http://yro.slashdot.org/yro.rss
Added By: Feedage Forager Feedage Grade A rated
Language: English
Tags:
comic  company  fcc  internet  munchee  net neutrality  neutrality  read story  read  san diego  slashdot  story slashdot  story 
Rate this Feed
Rate this feedRate this feedRate this feedRate this feedRate this feed
Rate this feed 1 starRate this feed 2 starRate this feed 3 starRate this feed 4 starRate this feed 5 star

Comments (0)

Feed Details and Statistics Feed Statistics
Preview: Slashdot: Your Rights OnlineSearch Slashdot

Slashdot: Your Rights OnlineSearch Slashdot



News for nerds, stuff that mattersSearch Slashdot stories



Published: 2017-12-13T05:51:10+00:00

 



Trump Signs Law Forcing Drone Users To Register With Government

2017-12-13T01:25:00+00:00

President Trump signed a sweeping defense policy bill into law on Tuesday that will allow the government to require recreational drone users to register their model aircraft. This comes after a federal court ruled in May that Americans no longer have to register non-commercial drones with the Federal Aviation Administration (FAA) "because Congress had said in a previous law that the FAA can't regulate model aircraft," reports The Hill. From the report: In December 2015, the FAA issued an interim rule requiring drone hobbyists to register their recreational aircraft with the agency. The rule -- which had not been formally finalized -- requires model aircraft owners to provide their name, email address and physical address; pay a $5 registration fee; and display a unique drone ID number at all times. Those who fail to comply could face civil and criminal penalties. While Congress directed the FAA to safely integrate drones into the national airspace in a 2012 aviation law, lawmakers also included a special exemption to prevent model aircraft from being regulated. A D.C.-based appeals court cited the 2012 law in its ruling striking down the FAA drone registry, arguing that recreational drones count as model aircraft and that the registry counts as a rule or regulation.

Read more of this story at Slashdot.

(image)



Searchable Database of 1.4 Billion Stolen Credentials Found On Dark Web

2017-12-12T22:00:00+00:00

YVRGeek shares a report from IT World Canada: A security vendor has discovered a huge list of easily searchable stolen credentials in cleartext on the dark web, which it fears could lead to a new wave of cyber attacks. Julio Casal, co-founder of identity threat intelligence provider 4iQ, which has offices in California and Spain, said in a Dec. 8 blog his firm found the database of 1.4 billion username and password pairs while scanning the dark web for stolen, leaked or lost data. He said the company has verified at least a group of credentials are legitimate. What is alarming is the file is what he calls "an aggregated, interactive database that allows for fast (one second response) searches and new breach imports." For example, searching for "admin," "administrator" and "root" returned 226,631 passwords of admin users in a few seconds. As a result, the database can help attackers automate account hijacking or account takeover. The dump file was 41GB in size and was found on December 5th in an underground community forum. The total amount of credentials is 1,400,553,869.

Read more of this story at Slashdot.

(image)



SEC Shuts Down Munchee ICO

2017-12-12T21:20:00+00:00

The Securities and Exchange Commission has shut down Munchee, a company that built a $15 million token sale. According to TechCrunch, "The Munchee ICO aimed to fund the MUN coin, a payment system for restaurant reviews." However, the company "received a cease and desist from the SEC on December 11" because it constituted the offer and sale of unregistered securities. From the report: Within the SECs findings they noted that Munchee touted itself as a "utility" token which means that the company believed the MUN token would be primarily used within the Munchee ecosystem and not be used to fund operations. However, thanks to an application of the Howey Test (a Supreme Court finding that essentially states that any instrument with the expectation of return is an investment vehicle), the SEC found the Munchee was actually releasing a security masquerading as a utility. "Munchee offered MUN tokens in order to raise capital to build a profitable enterprise," read the SEC notice. "Munchee said that it would use the offering proceeds to run its business, including hiring people to develop its product, promoting the Munchee App, and ensuring 'the smooth operation of the MUN token ecosystem.'" The stickiest part? Munchee claimed that its coins would increase in value thanks to a convoluted process of growth. In short, Munchee was undone by two things: depending on the token sale as a vehicle to raise cash for operations and using the typically spammy and scammy marketing efforts most ICO floggers use now, tactics taken directly from affiliate marketing handbooks. Fortunately, Munchee was able to return all $15 million to the 40 investors that dumped their coins into scheme.

Read more of this story at Slashdot.

(image)



Why Google and Amazon Are Hypocrites

2017-12-12T15:22:00+00:00

Amazon earlier this month responded to Google's decision to remove YouTube from all Fire TV products and the Echo Show. Google says it's taking this extreme step because of Amazon's recent delisting of new Nest products (like Nest Secure and the E Thermostat) and the company's long-running refusal to sell Chromecast or support Google Cast in any capacity. Veteran journalist Om Malik writes: This smacks of so much hypocrisy that I don't even know where to start. The two public proponents of network neutrality and anything but neutral about each other's services on each other's platforms. They can complain about the cable companies from blocking their content and charging for fast lanes. The irony isn't lost on me even a wee bit. They are locked in a battle to collect as much data about us -- what we shop, what we see, what we do online and they do so under the guise of offering us services that are amazing and wonderful. They don't talk about what they won't do with our data, instead, they bicker and distract. So to think that these purveyors of hyper-capitalism will fight for interests of consumers is not only childish, it is foolish. We as end customers need to figure out who is speaking on our behalf when it comes to the rules of the Internet.

Read more of this story at Slashdot.

(image)



129 Million Americans Can Only Get Internet Service From Companies That Have Violated Net Neutrality

2017-12-12T13:00:00+00:00

An anonymous reader quotes a report from Motherboard: Based on the Federal Communications Commission's own data, the Institute for Local Self Reliance found that 129 million Americans only have one option for broadband internet service in their area, which equals about 40 percent of the country. Of those who only have one option, roughly 50 million are limited to a company that has violated net neutrality in some way. Of Americans who do have more than one option, 50 million of them are left choosing between two companies that have both got shady behavior on their records, from blocking certain access to actively campaigning against net neutrality. Aside from being a non-ideal situation for consumers like me, this lack of competition is another dock against the FCC's plan to repeal net neutrality rules later this week. In arguing against net neutrality rules, FCC Chairman Ajit Pai has repeatedly cited a free market as just as capable of ensuring internet freedom as government regulations. "All we are simply doing is putting engineers and entrepreneurs, instead of bureaucrats and lawyers, back in charge of the internet," Pai said on Fox News's "Fox & Friends," in November. "What we wanted to do is return to the free market consensus that started in the Clinton administration and that served the internet economy in America very well for many years." But how can market competition regulate an industry when more than a third of the market has no competition at all, and even those that do have to choose between options that don't uphold net neutrality?

Read more of this story at Slashdot.

(image)



France To Ban Mobile Phones In Schools

2017-12-12T10:00:00+00:00

The French government is planning to ban students from using mobile phones in the country's primary, junior and middle schools. While children will be permitted to bring their phones to school, they will not be allowed to get them out at any time until they leave, even during breaks. The Guardian reports: Jean-Michel Blanquer, the French education minister, said the measure would come into effect from the start of the next school year in September 2018. It will apply to all pupils from the time they start school at age of six -- up to about 15 when they start secondary school. Blanquer said some education establishments already prohibited pupils from using their mobiles. "Sometimes you need a mobile for teaching reasons [...] for urgent situations, but their use has to be somehow controlled," he told RTL radio. The minister said the ban was also a "public health message to families," adding: "It's good that children are not too often, or even at all, in front of a screen before the age of seven." The French headteachers' union was skeptical that the ban could be enforced.

Read more of this story at Slashdot.

(image)



President Trump Is Sending NASA Back To The Moon

2017-12-11T21:20:00+00:00

President Trump has formally told NASA to send U.S. astronauts back to the moon. From a report: "The directive I'm signing today will refocus America's space program on human exploration and discovery," he said. Standing at the president's side as he signed "Space Policy Directive 1" on Monday was Apollo 17 astronaut Harrison Schmitt, one of the last two humans to ever walk on the moon, in a mission that took place 45 years ago this week. Since that time, no human has ventured out beyond low-Earth orbit. NASA doesn't even have its own space vehicle, having retired the space shuttles in 2011. Americans currently ride up to the international space station in Russian capsules, though private space taxis are expected to start ferrying them up as soon as next year.

Read more of this story at Slashdot.

(image)



How Email Open Tracking Quietly Took Over the Web

2017-12-11T19:20:00+00:00

Brian Merchant, writing for Wired: There are some 269 billion emails sent and received daily. That's roughly 35 emails for every person on the planet, every day. Over 40 percent of those emails are tracked, according to a study published last June by OMC, an "email intelligence" company that also builds anti-tracking tools. The tech is pretty simple. Tracking clients embed a line of code in the body of an email -- usually in a 1x1 pixel image, so tiny it's invisible, but also in elements like hyperlinks and custom fonts. When a recipient opens the email, the tracking client recognizes that pixel has been downloaded, as well as where and on what device. Newsletter services, marketers, and advertisers have used the technique for years, to collect data about their open rates; major tech companies like Facebook and Twitter followed suit in their ongoing quest to profile and predict our behavior online. But lately, a surprising -- and growing -- number of tracked emails are being sent not from corporations, but acquaintances. "We have been in touch with users that were tracked by their spouses, business partners, competitors," says Florian Seroussi, the founder of OMC. "It's the wild, wild west out there." According to OMC's data, a full 19 percent of all "conversational" email is now tracked. That's one in five of the emails you get from your friends. And you probably never noticed.

Read more of this story at Slashdot.

(image)



German Intelligence Warns of Increased Chinese Cyberspying

2017-12-11T15:20:00+00:00

The head of Germany's domestic intelligence agency has warned that China allegedly is using social networks to try to cultivate lawmakers and other officials as sources. From a report: Hans-Georg Maassen said his agency, known by its German acronym BfV, believes more than 10,000 Germans have been targeted by Chinese intelligence agents posing as consultants, headhunters or researchers, primarily on the social networking site LinkedIn. "This is a broad-based attempt to infiltrate in particular parliaments, ministries and government agencies," Maassen said.

Read more of this story at Slashdot.

(image)



HP Laptops Found To Have Hidden Keylogger

2017-12-11T14:00:00+00:00

Hidden software that can record every letter typed on a computer keyboard has been discovered pre-installed on hundreds of HP laptop models, BBC reported on Monday citing the findings of a security researcher. From the report: Security researcher Michael Myng found the keylogging code in software drivers preinstalled on HP laptops to make the keyboard work. HP said more than 460 models of laptop were affected by the "potential security vulnerability." It has issued a software patch for its customers to remove the keylogger. The issue affects laptops in the EliteBook, ProBook, Pavilion and Envy ranges, among others. HP has issued a full list of affected devices, dating back to 2012. Mr Myng discovered the keylogger while inspecting Synaptics Touchpad software, to figure out how to control the keyboard backlight on an HP laptop. He said the keylogger was disabled by default, but an attacker with access to the computer could have enabled it to record what a user was typing. According to HP, it was originally built into the Synaptics software to help debug errors. It acknowledged that could lead to "loss of confidentiality" but it said neither Synaptics nor HP had access to customer data as a result of the flaw.

Read more of this story at Slashdot.

(image)



FCC Refuses Records For Investigation Into Fake Net Neutrality Comments

2017-12-10T18:04:00+00:00

"FCC general counsel Tom Johnson has told the New York State attorney general that the FCC is not providing information for his investigation into fake net-neutrality comments, saying those comments did not affect the review, and challenging the state's ability to investigate the feds." Variety has more: The FCC's general counsel, in a letter to New York Attorney General Eric Schneiderman, also dismissed his concerns that the volume of fake comments or those made with stolen identities have "corrupted" the rule-making process... He added that Schneiderman's request for logs of IP addresses would be "unduly burdensome" to the commission, and would "raise significant personal privacy concerns." Amy Spitalnick, Schneiderman's press secretary, said in a statement that the FCC "made clear that it will continue to obstruct a law enforcement investigation. It's easy for the FCC to claim that there's no problem with the process, when they're hiding the very information that would allow us to determine if there was a problem. To be clear, impersonation is a violation of New York law," she said... "The only privacy jeopardized by the FCC's continued obstruction of this investigation is that of the perpetrators who impersonated real Americans." One of the FCC's Democratic commissioners claimed that this response "shows the FCC's sheer contempt for public input and unreasonable failure to support integrity in its process... Moreover, the FCC refuses to look into how nearly half a million comments came from Russian sources."

Read more of this story at Slashdot.

(image)



Touting Government/Industry 'Partnership' on Security Practices, NIST Drafts Cybersecurity Framework Update

2017-12-10T14:49:00+00:00

Remember NIST, the non-regulatory agency of the U.S. Department of Commerce? Their mission expanded over the years to protecting businesses from cyberthreats, including a "Cybersecurty Framework" first published in 2014. "The original goal was to develop a voluntary framework to help organizations manage cybersecurity risk in the nation's critical infrastructure, such as bridges and the electric power grid," NIST wrote in January, "but the framework has been widely adopted by many types of organizations across the country and around the world." Now SC Media reports: The second draft of the update to the National Institute of Standards and Technology's cybersecurity framework, NIST 1.1, is meant "to clarify, refine, and enhance the Cybersecurity Framework, amplifying its value and making it easier to use," according to NIST. Specifically, it brings clarity to cybersecurity measurement language and tackles improving security of the supply chain. Calling the initial NIST CSF "a landmark effort" that delivered "important benefits, such as providing common language for different models" of standards and best practices already in use, Larry Clinton, president and CEO of the Internet Security Alliance, said "it fell short of some of the most critical demands of Presidential Executive Order 13636, which generated its development... "To begin with, the new draft makes it clear that our goal is not some undefined metric for use of the Framework, but for effective use of the Framework. Moreover, this use-metric needs to be tied not to some generic standard, but to be calibrated to the unique threat picture, risk appetite and business objective of a particular organization"... Clinton praised the process used by NIST as "a model 'use case' for how government needs to engage with its industry partners to address the cybersecurity issue." The internet's inherent interconnectedness makes it impossible for sustainable security to be achieved through anything other than true partnership, he contended. Slashdot reader Presto Vivace reminds you that public comments on the draft Framework and Roadmap are due to NIST by 11:59 p.m. EST on January 19, 2018. "If you have an opinion about this, NOW is the time to express it."

Read more of this story at Slashdot.

(image)



San Diego Comic-Con Wins Trademark Suit Against 'Salt Lake Comic Con'

2017-12-10T02:34:00+00:00

The Deseret News reports: A jury has found that Salt Lake Comic Con founders Dan Farr and Bryan Brandenburg, along with their company, violated a trademark when they named their fan convention a "comic con." However, the jury decided that the trademark was not willfully violated, and only awarded $20,000 of the $12 million that San Diego Comic-Con had asked for in damages. The decision came at the end of an eight-day jury trial and three years of legal maneuvering... And with an estimated 140 other fan conventions across the country calling themselves comic cons, the impact of the decision could be felt nationwide... The Salt Lake group also has an ongoing action with the U.S. Patent and Trademark Office seeking to invalidate San Diego's "comic-con" trademark... San Diego Comic-Con, which has been holding events since 1970, has a trademark on "comic-con" with a hyphen, but was unsuccessful in its 1995 bid to trademark "comic con," with a space. The unhyphenated name "Comic Con International," as well as the event's iconic "eye logo," are also protected by trademark. The event maintains that its trademarks cover the term "comic con" in all its forms... San Diego Comic-Con wanted more than $12 million in damages from Salt Lake, including over $9 million for a three-month "corrective advertising campaign" to dispel confusion... In his closing arguments, Michael Katz, an attorney for Salt Lake Comic Con, questioned the amount San Diego was seeking, noting that San Diego authorities said during trial the organization generally spends between $20,000 and $30,000 for a month of advertising. Slashdot reader AlanBDee writes: When I attended the Salt Lake City Comic Con I did assume it was the same organization that put on San Diego Comic-Con... But now I have to wonder how that will affect other Comic Cons around the nation? What should these comic based fan conventions be called if not Comic Con?

Read more of this story at Slashdot.

(image)



Autocratic Governments Can Now 'Buy Their Own NSA'

2017-12-10T00:34:00+00:00

Citizen Lab has been studying information controls since 2001, and this week their director -- a Toronto political science professor -- revealed how governments (including Ethiopia's) are using powerful commercial spyware. Slashdot reader mspohr shared their report: We monitored the command and control servers used in the campaign and in doing so discovered a public log file that the operators mistakenly left open... We were also able to identify the IP addresses of those who were targeted and successfully infected: a group that includes journalists, a lawyer, activists, and academics... Many of the countries in which the targets live -- the United States, Canada, and Germany, among others -- have strict wiretapping laws that make it illegal to eavesdrop without a warrant... Our team reverse-engineered the malware used in this instance, and over time this allowed us to positively identify the company whose spyware was being employed by Ethiopia: Cyberbit Solutions, a subsidiary of the Israel-based homeland security company Elbit Systems. Notably, Cyberbit is the fourth company we have identified, alongside Hacking Team, Finfisher, and NSO Group, whose products and services have been abused by autocratic regimes to target dissidents, journalists, and others... Remarkably, by analyzing the command and control servers of the cyber espionage campaign, we were also able to monitor Cyberbit employees as they traveled the world with infected laptops that checked in to those servers, apparently demonstrating Cyberbit's products to prospective clients. Those clients include the Royal Thai Army, Uzbekistan's National Security Service, Zambia's Financial Intelligence Centre, and the Philippine president's Malacañang Palace. Outlining the human rights abuses associated with those government entities would fill volumes.... Governments like Ethiopia no longer depend on their own in-country advanced computer science, engineering, and mathematical capacity in order to build a globe-spanning cyber espionage operation. They can simply buy it off the shelf from a company like Cyberbit. Thanks to companies like these, an autocrat whose country has poor national infrastructure but whose regime has billions of dollars, can order up their own NSA. To wit: Elbit Systems, the parent company of Cyberbit, says it has a backlog of orders valuing $7 billion. Reached for comment, Cyberbit said they were not responsible with what others do with their software, arguing that "governmental authorities and law enforcement agencies are responsible to ensure that they are legally authorized to use the products in their jurisdictions." Read more of this story at Slashdot.[...]



"The FCC Still Doesn't Know How the Internet Works"

2017-12-09T19:34:00+00:00

An anonymous reader writes: The EFF describes the FCC's official plan to kill net neutrality as "riddled with technical errors and factual inaccuracies," including, for example, a false distinction between "Internet access service" and "a distinct transmission service" which the EFF calls "utterly ridiculous and completely ungrounded from reality." "Besides not understanding how Internet access works, the FCC also has a troublingly limited knowledge of how the Domain Name System (DNS) works -- even though hundreds of engineers tried to explain it to them this past summer... As the FCC would have it, an Internet user actively expects their ISP to provide DNS to them." And in addition, "Like DNS, it treats caching as if it were some specialized service rather than an implementation detail and general-purpose computing technique." "There are at least two possible explanations for all of these misunderstandings and technical errors. One is that, as we've suggested, the FCC doesn't understand how the Internet works. The second is that it doesn't care, because its real goal is simply to cobble together some technical justification for its plan to kill net neutrality. A linchpin of that plan is to reclassify broadband as an 'information service,' (rather than a 'telecommunications service,' or common carrier) and the FCC needs to offer some basis for it. So, we fear, it's making one up, and hoping no one will notice." "We noticed," their editorial ends, urging Americans "to tell your lawmakers: Don't let the FCC sell the Internet out."

Read more of this story at Slashdot.

(image)