Communications

NSA-Reform Bill Fails In US Senate 29

Posted by timothy
from the couldn't-have-happened-to-a-nicer-bill dept.
New submitter Steven King writes with a link to The Daily Dot's report that the U.S. Senate has rejected a controversial bill, thus "all but guaranteeing that key provisions of the USA Patriot Act will expire"; had it passed, the bill would have allowed continued use of some mass data-collection practices, but with the addition of stronger oversight. From the article: The Senate failed to reach agreement on passage of the USA Freedom Act, a bill to reauthorize and reform Section 215 of the USA Patriot Act, which the government has used to conduct bulk surveillance of Americans' phone records. The House of Representatives passed the bill last week by an overwhelming bipartisan majority, but Senate Democrats, who unified behind the bill, did not get enough Republican votes to assure passage. The linked piece also mentions that the EFF shifted its position on this bill, after a panel of Federal judges ruled that the Feds at the NSA had overstepped their bounds in collecting a seemingly unlimited trove of metadata relating to American citizen's phone calls.
Windows

25 Years Today - Windows 3.0 185

Posted by timothy
from the hindsight-is-warm-and-fuzzy dept.
An anonymous reader writes: Windows 3.0 was launched on 22 May 1990 — I know, 'coz I was there as a SDE on the team. I still have, um, several of the shrink-wrapped boxes of the product — with either 3.5 inch and 5.25 floppies rattling around inside them — complete with their distinctive 'I witnessed the event' sticker!

It was a big deal for me, and I still consider Win 3 as *the* most significant Windows' release, and I wonder what other Slashdotters think, looking back on Win 3?
Graphics

Epic's VR Demo Scene For the GTX 980 Now Runs On Morpheus PS4 Headset At 60 FPS 27

Posted by timothy
from the blit-blit-bloop-bleep dept.
An anonymous reader writes: Originally created as a Unreal Engine 4 demo scene to push the limits of VR-capable graphics on the Oculus Rift 'Crescent Bay' prototype VR headset, Showdown is now running flawlessly at 60 FPS on Morpheus, Sony's PS4 VR headset. The demo was previously only able to run at Oculus' 90 FPS target VR framerate on the Nvidia GTX 980, a GPU which costs nearly $200 more than the PS4 itself. To the delight of UE4 developers, the performance improvement comes from general optimizations to UE4 on PS4, rather than specific optimizations to Showdown.
Cellphones

Ask Slashdot: What's the Best Dumb Phone? 254

Posted by timothy
from the how-about-a-dumberer-phone? dept.
An anonymous reader writes: For those of us who don't need or want a smartphone, what would be the best dumb phone around? Do you have a preference over flip or candy bar ones? What about ones that have FM radio? Do any of you still use dumb phones in this smart phone era? Related question: What smart phones out now are (or can be reasonably outfitted to be) closest to a dumb phone, considering reliability, simplicity, and battery life? I don't especially want to give up a swiping keyboard, a decent camera, or podcast playback, but I do miss being able to go 5 or more days on a single charge.
Chrome

Chrome For Android Is Now Almost Entirely Open Source 48

Posted by Soulskill
from the strong-work dept.
jones_supa writes: After lots of work by Chrome for Android team and a huge change, Chrome for Android is now almost entirely open source, a Google engineer announced in Reddit. Over 100,000 lines of code, including Chrome's entire user interface layer, has been made public, allowing anyone with the inclination to do so to look at, modify, and build the browser from source. Licensing restrictions prevent certain media codecs, plugins and Google service features form being included, hence the "almost." This is on par with the open source Chromium browser that is available on the desktop.
Government

The Body Cam Hacker Who Schooled the Police 142

Posted by Soulskill
from the watching-the-watchers dept.
New submitter Cuillere writes: In the fall of 2014, a hacker demanded the Seattle Police Department release all of their body and dash cam video footage, prompting chaos within the institution. Although it was a legal request per Washington state's disclosure laws, Seattle's PD wasn't prepared to handle the repercussions of divulging such sensitive material — and so much of it. The request involved 360 TB of data spread across 1.6 million recordings over 6 years. All recordings had to be manually reviewed and redacted to cut out "children, medical or mental health incidents, confidential informants, or victims or bystanders who did not want to be recorded," so fulfilling the request was simply not within the department's capabilities. Thus, they took a different strategy: they hired the hacker and put him to work on developing an automated redaction system. "Their vision is of an officer simply docking her body cam at the end of a shift. The footage would then be automatically uploaded to storage, either locally or in the cloud, over-redacted for privacy and posted online for everyone to see within a day."
Security

Adult Dating Site Hack Reveals Users' Sexual Preference, Extramarital Affairs 167

Posted by Soulskill
from the another-day,-another-breach dept.
An anonymous reader notes this report from Channel 4 News that Adult FriendFinder, one of the largest dating sites in the world, has suffered a database breach that revealed personal information for 3.9 million of its users. The leaked data includes email addresses, IP addresses, birth dates, postal codes, sexual preferences, and information indicating which of them are seeking extramarital affairs. There even seems to be data from accounts that were supposedly deleted. Channel 4 saw evidence that there were plans for a spam campaign against these users, and others are worried that a blackmail campaign will follow. "Where you've got names, dates of birth, ZIP codes, then that provides an opportunity to actually target specific individuals whether they be in government or healthcare for example, so you can profile that person and send more targeted blackmail-type emails," said cybercrime specialist Charlie McMurdy.
Firefox

Ads Based On Browsing History Are Coming To All Firefox Users 478

Posted by Soulskill
from the just-what-you-wanted dept.
An anonymous reader writes: Mozilla has announced plans to launch a feature called "Suggested Tiles," which will provide sponsored recommendations to visit certain websites when other websites show up in the user's new tab page. The tiles will begin to show up for beta channel users next week, and the company is asking for feedback. For testing purposes, users will only see Suggested Tiles "promoting Firefox for Android, Firefox Marketplace, and other Mozilla causes." It's not yet known what websites will show up on the tiles when the feature launches later this summer. The company says, "With Suggested Tiles, we want to show the world that it is possible to do relevant advertising and content recommendations while still respecting users’ privacy and giving them control over their data."
Google

NSA Planned To Hijack Google App Store To Hack Smartphones 87

Posted by samzenpus
from the all-the-better-to-see-you-with dept.
Advocatus Diaboli writes: A newly released top secret document reveals that the NSA planned to hijack Google and Samsung app stores to plant spying software on smartphones. The report on the surveillance project, dubbed "IRRITANT HORN," shows the U.S. and its "Five Eyes" alliance: Canada, the United Kingdom, New Zealand and Australia, were looking at ways to hack smartphones and spy on users. According to The Intercept: "The top-secret document, obtained from NSA whistleblower Edward Snowden, was published Wednesday by CBC News in collaboration with The Intercept. The document outlines a series of tactics that the NSA and its counterparts in the Five Eyes were working on during workshops held in Australia and Canada between November 2011 and February 2012."
Security

Netgear and ZyXEL Confirm NetUSB Flaw, Are Working On Fixes 34

Posted by samzenpus
from the protect-ya-neck dept.
itwbennett writes: In follow-up to a story that appeared on Slashdot yesterday about a critical vulnerability in the NetUSB service, networking device manufacturers ZyXEL Communications and Netgear have confirmed that some of their routers are affected and said they are working on fixes. ZyXEL will begin issuing firmware updates in June, while Netgear plans to start releasing patches in the third quarter of the year.
Businesses

Security Researchers Wary of Wassenaar Rules 34

Posted by samzenpus
from the rules-of-the-game dept.
msm1267 writes: The Commerce Department's Bureau of Industry and Security today made public its proposal to implement the controversial Wassenaar Arrangement, and computer security specialists are wary of its language and vagaries. For starters, its definition of "intrusion software" that originally was meant to stem the effect of spying software such as FinFisher and Hacking Team, has also apparently snared many penetration testing tools. Also, despite the Commerce Department's insistence that vulnerability research does not fall under Wassenaar, researchers say that's up for interpretation.
Communications

Academics Build a New Tor Client Designed To Beat the NSA 60

Posted by timothy
from the non-spy-vs-spy dept.
An anonymous reader writes: In response to a slew of new research about network-level attacks against Tor, academics from the U.S. and Israel built a new Tor client called Astoria designed to beat adversaries like the NSA, GCHQ, or Chinese intelligence who can monitor a user's Tor traffic from entry to exit. Astoria differs most significantly from Tor's default client in how it selects the circuits that connect a user to the network and then to the outside Internet. The tool is an algorithm designed to more accurately predict attacks and then securely select relays that mitigate timing attack opportunities for top-tier adversaries.
Transportation

GM's Exec. Chief Engineer For Electric Vehicles Pam Fletcher Answers Your Question 106

Posted by samzenpus
from the read-all-about-it dept.
Pam Fletcher was propulsion system chief engineer on the first Chevrolet Volt plug-in hybrid and is now executive chief engineer for electrified vehicles at GM, overseeing electrified vehicles company-wide. A while ago you had a chance to ask about her work and the future of electric cars. Below you'll find her answers to your questions.
Government

US Proposes Tighter Export Rules For Computer Security Tools 124

Posted by timothy
from the we'd-like-to-inspect-that-package dept.
itwbennett writes: The U.S. Commerce Department has proposed tighter export rules for computer security tools and could prohibit the export of penetration testing tools without a license. The proposal would modify rules added to the Wassenaar Arrangement in 2013 that limit the export of technologies related to intrusion and traffic inspection. The definition of intrusion software would also encompass 'proprietary research on the vulnerabilities and exploitation of computers and network-capable devices,' the proposal said.
Security

Telstra Says Newly Acquired Pacnet Hacked, Customer Data Exposed 15

Posted by samzenpus
from the getting-to-know-all-about-you dept.
An anonymous reader writes: Telstra’s Asian-based data center and undersea cable operator Pacnet has been hacked exposing many of the telco’s customers to a massive security breach. The company said it could not determine whether personal details of customers had been stolen, but it acknowledged the possibility. The Stack reports: "Telstra said that an unauthorized third party had been able to gain access to the Pacnet business management systems through a malicious software installed via a vulnerability on an SQL server. The hack had taken place just weeks before Telstra acquired the Asian internet service provider for $550mn on 16 April this year. The telecom company confirmed that it had not been aware of the hack when it signed the deal in December 2014."
Linux

Rate These 53 Sub-$200 Hacker SBCs, Win 1 of 20 45

Posted by samzenpus
from the pick-your-favorite dept.
DeviceGuru writes: LinuxGizmos and Linux.com have just launched their annual 2-minute survey asking folks to rate their favorite hacker SBCs from a list of 53 single board computers that are priced below $200, supported by open documentation and Linux or Android OSes, and will ship before July. As usual, the survey's data will be made available publicly, but one big change this year is that participants can register for a random drawing that will give away 20 hacker SBCs, split equally among the BeagleBone Black, Imagination Creator CI20, Intel Edison Kit for Arduino, and Qualcomm DragonBoard 410c. (Emails submitted will only be used for selecting and notifying SBC drawing winners, say the sites.)
Privacy

Simple Flaw Exposed Data On Millions of Charter Internet Customers 29

Posted by samzenpus
from the protect-ya-neck dept.
Daniel_Stuckey writes: A security flaw discovered in the website of Charter Communications, a cable and Internet provider active in 28 states, may have exposed the personal account details of millions of its customers. Security researcher Eric Taylor discovered the internet service provider's vulnerability as part of his research, and demonstrated how a simple header modification performed with a browser plug-in could reveal details of Charter subscriber accounts. After Fast Company notified Charter of the issue, the company said it had installed a fix within hours.
Power

Hydrogen-Powered Drone Can Fly For 4 Hours at a Time 115

Posted by samzenpus
from the different-way-to-fly dept.
stowie writes: The Hycopter uses its frame to store energy in the form of hydrogen instead of air. With less lift power required, its fuel cell turns the hydrogen in its frame into electricity to power its rotors. The drone can fly for four hours at a time and 2.5 hours when carrying a 2.2-pound payload. “By removing the design silos that typically separate the energy storage component from UAV frame development - we opened up a whole new category in the drone market, in-between battery and combustion engine systems,” says CEO Taras Wankewycz.
Chrome

New Chrome Extension Uses Sound To Share URLs Between Devices 75

Posted by samzenpus
from the sound-of-malware dept.
itwbennett writes: Google Tone is an experimental feature that could be used to easily and instantly share browser pages, search results, videos and other pages among devices, according to Google Research. "The initial prototype used an efficient audio transmission scheme that sounded terrible, so we played it beyond the range of human hearing," researcher Alex Kauffmann and software engineer Boris Smus wrote in a post on the Google Research blog.
China

Huawei's LiteOS Internet of Things Operating System Is a Minuscule 10KB 161

Posted by samzenpus
from the in-the-future dept.
Mark Wilson writes: Chinese firm Huawei today announces its IoT OS at an event in Beijing. The company predicts that within a decade there will be 100 billion connected devices and it is keen for its ultra-lightweight operating system to be at the heart of the infrastructure. Based on Linux, LiteOS weighs in at a mere 10KB — smaller than a Word document — but manages to pack in support for zero configuration, auto-discovery, and auto-networking. The operating system will be open for developers to tinker with, and is destined for use in smart homes, wearables, and connected vehicles. LiteOS will run on Huawei's newly announced Agile Network 3.0 Architecture and the company hopes that by promoting a standard infrastructure, it will be able to push the development of internet and IoT applications