Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
United States

America Uses Stealthy Submarines To Hack Other Countries' Systems (washingtonpost.com) 60

When the Republican presidential nominee Donald Trump asked Russia -- wittingly or otherwise -- to launch hack attacks to find Hillary Clinton's missing emails, it caused a stir of commotion. Russia is allegedly behind DNC's leaked emails. But The Washington Post is reminding us that U.S.'s efforts in the cyber-security world aren't much different. (could be paywalled; same article syndicated elsewhere From the report: The U.S. approach to this digital battleground is pretty advanced. For example: Did you know that the military uses its submarines as underwater hacking platforms? In fact, subs represent an important component of America's cyber strategy. They act defensively to protect themselves and the country from digital attack, but -- more interestingly -- they also have a role to play in carrying out cyberattacks, according to two U.S. Navy officials at a recent Washington conference. "There is a -- an offensive capability that we are, that we prize very highly," said Rear Adm. Michael Jabaley, the U.S. Navy's program executive officer for submarines. "And this is where I really can't talk about much, but suffice to say we have submarines out there on the front lines that are very involved, at the highest technical level, doing exactly the kind of things that you would want them to do."

The so-called "silent service" has a long history of using information technology to gain an edge on America's rivals. In the 1970s, the U.S. government instructed its submarines to tap undersea communications cables off the Russian coast, recording the messages being relayed back and forth between Soviet forces. (The National Security Agency has continued that tradition, monitoring underwater fiber cables as part of its globe-spanning intelligence-gathering apparatus. In some cases, the government has struck closed-door deals with the cable operators ensuring that U.S. spies can gain secure access to the information traveling over those pipes.) These days, some U.S. subs come equipped with sophisticated antennas that can be used to intercept and manipulate other people's communications traffic, particularly on weak or unencrypted networks. "We've gone where our targets have gone" -- that is to say, online, said Stewart Baker, the National Security Agency's former general counsel, in an interview. "Only the most security-conscious now are completely cut off from the Internet." Cyberattacks are also much easier to carry out than to defend against, he said.

The Military

Russian Government Gets 'Hacked Back', Attacks Possibly Launched By The NSA (bbc.com) 121

An anonymous reader write: Russian government bodies have been hit by a "professional" cyber attack, according to the country's intelligence service, which said the attack targeted state organizations and defense companies, as well as Russia's "critically important infrastructures". The agency told the BBC that the powerful malware "allowed those responsible to switch on cameras and microphones within the computer, take screenshots and track what was being typed by monitoring keyboard strokes."
ABC News reports that the NSA "is likely 'hacking back' Russia's government-linked cyber-espionage teams "to see once and for all if they're responsible for the massive breach at the Democratic National Committee, according to three former senior intelligence officials... Robert Joyce, chief of the NSA's shadowy Tailored Access Operations, declined to comment on the DNC hack specifically, but said in general that the NSA has technical capabilities and legal authorities that allow the agency to 'hack back' suspected hacking groups, infiltrating their systems to gather intelligence about their operations in the wake of a cyber attack... In some past unrelated cases...NSA hackers have been able to watch from the inside as malicious actors conduct their operations in real time."
The Military

Russia's Rise To Cyberwar Superpower (dailydot.com) 74

"The Russians are top notch," says Chris Finan, an ex-director at DARPA for cyberwar research, now a CEO at security firm Manifold Technology, and a former director of cybersecurity legislation in the Obama administration. "They are some of the best in the world... " Slashdot reader blottsie quotes an article which argues the DNC hack "may simply be the icing on the cyberwar cake": In a flurry of action over the last decade, Russia has established itself as one of the world's great and most active cyber powers. The focus this week is on the leak of nearly 20,000 emails from the Democratic National Committee... The evidence -- plainly not definitive but clearly substantial -- has found support among a wide range of security professionals. The Russian link is further supported by U.S. intelligence officials, who reportedly have "high confidence" that Russia is behind the attack...

Beyond the forensic evidence that points to Russia, however, is the specter of President Vladimir Putin. Feeling encircled by the West and its expanding NATO alliance, the Kremlin's expected modus operandi is to strike across borders with cyberwar and other means to send strong messages to other nations that are a real or perceived threat.

The article notes the massive denial of service attack against Estonia in 2007 and the "historic and precedent-setting" cyberattacks during the Russian-Georgian War. "Hackers took out Georgian news and government websites exactly in locales where the Russian military attacked, cutting out a key communication mode between the Georgian state and citizens directly in the path of the fight."
Stats

Uber Doesn't Decrease Drunk Driving, Finds New Study (washingtonpost.com) 67

"A new study casts doubt on Uber's claim that ride-sharing has reduced drunken driving," reports the Washington Post. An anonymous Slashdot reader quotes their report: Researchers at Oxford University and the University of Southern California who examined county-level data in the United States before and after the arrival of Uber and its competitors in those markets found that ride-sharing had no effect on drinking-related or holiday- and weekend-related fatalities. One reason could be that, despite the soaring popularity of Uber and other ride-sharing services, there still may not be enough ride-share drivers available yet to make a dent on drunken driving, the authors said.

They also suggest that the tipsy riders who now call Uber are the ones who formerly would have called a taxi. For others, the odds of getting a DUI are still so low that many would prefer to gamble rather than lay out money for a ride-sharing service. Drunks, after all, are just not rational.

One reason for the low number of Uber drivers may be that the 10-year study only examined data through 2014. While other studies have found a decrease in drunk driving arrests associated with Uber -- for example, in California -- the Post's article suggests that ridesharing drivers may just be a drop in the bucket. "Although approximately 450,000 people now drive for Uber, there are 210 million licensed drivers in the United States -- and an estimated 4.2 million adults who drive impaired, the study says."
Earth

World's Largest Solar Power Plant Planned For Chernobyl Nuclear Wasteland (electrek.co) 128

An anonymous reader writes from a report via Electrek: Chernobyl, the world's most famous and hazardous nuclear meltdown, is being considered for the world's largest solar power plant. Even though nearly 1,600 square miles of land around Chernobyl has radiation levels too high for human health, Ukraine's ecology minister has said in a recent interview that two U.S. investment firms and four Canadian energy companies have expressed interest in Chernobyl's solar potential. Electrek reports: "According to PVTech, the Ukrainian government is pushing for a 6 month construction cycle. Deploying this amount of solar power within such a time frame would involve significant resources being deployed. The proposed 1GW solar plant, if built today, would be the world's largest. There are several plans for 1GW solar plants in development (Egypt, India, UAE, China, etc) -- but none of them have been completed yet. One financial benefit of the site is that transmission lines for Chernobyl's 4GW nuclear reactor are still in place. The European Bank for Reconstruction and Development has stated they would be interested in participating in the project, 'so long as there are viable investment proposals and all other environmental matters and risks can be addressed to the bank's satisfaction.'"
Communications

Snowden Questions WikiLeaks' Methods of Releasing Leaks (pcworld.com) 160

An anonymous reader quotes a report from PCWorld: Former U.S. National Security Agency contractor, Edward Snowden, has censured WikiLeaks' release of information without proper curation. On Thursday, Snowden, who has embarrassed the U.S. government with revelations of widespread NSA surveillance, said that WikiLeaks was mistaken in not at least modestly curating the information it releases. "Democratizing information has never been more vital, and @Wikileaks has helped. But their hostility to even modest curation is a mistake," Snowden said in a tweet. WikiLeaks shot back at Snowden that "opportunism won't earn you a pardon from Clinton [and] curation is not censorship of ruling party cash flows." The whistleblowing site appeared to defend itself earlier on Thursday while referring to its "accuracy policy." In a Twitter message it said that it does "not tamper with the evidentiary value of important historical archives." WikiLeaks released nearly 20,000 previously unseen DNC emails last week, which suggest that committee officials had favored Clinton over her rival Senator Bernie Sanders. The most recent leak consists of 29 voicemails from DNC officials.
Microsoft

Court Ruling Shows The Internet Does Have Borders After All (csoonline.com) 47

itwbennett writes: Microsoft's recent victory in court, when it was ruled that the physical location of the company's servers in Ireland were out of reach of the U.S. government, was described on Slashdot as being "perceived as a major victory for privacy." But J. Trevor Hughes, president and CEO of the International Association of Privacy Professionals (IAPP) has a different view of the implications of the ruling that speaks to John Perry Barlow's vision of an independent cyberspace: "By recognizing the jurisdictional boundaries of Ireland, it is possible that the Second Circuit Court created an incentive for other jurisdictions to require data to be held within their national boundaries. We have seen similar laws emerge in Russia -- they fall under a policy trend towards 'data localization' that has many cloud service and global organizations deeply concerned. Which leads to a tough question: what happens if every country tries to assert jurisdictional control over the web? Might we end up with a fractured web, a 'splinternet,' of lessening utility?"
Australia

Australia Has Moved 1.5 Metres, So It's Updating Its Location For Self-Driving Cars (cnet.com) 128

An anonymous reader shares a CNET report: Australia is changing from "down under" to "down under and across a bit". The country is shifting its longitude and latitude to fix a discrepancy with global satellite navigation systems. Government body Geoscience Australia is updating the Geocentric Datum of Australia, the country's national coordinate system, to bring it in line with international data. The reason Australia is slightly out of whack with global systems is that the country moves about 7 centimetres (2.75 inches) per year due to the shifting of tectonic plates. Since 1994, when the data was last recorded, that's added up to a misalignment of about a metre and a half. While that might not seem like much, various new technology requires location data to be pinpoint accurate. Self-driving cars, for example, must have infinitesimally precise location data to avoid accidents. Drones used for package delivery and driverless farming vehicles also require spot-on information.ABC has more details.
Government

British Spy Agency GCHQ Used URL Shortener To Honeypot Arab Spring Activists (vice.com) 40

The British spy agency GCHQ used a custom URL shortener and Twitter sockpuppets to influence and infiltrate activists during the Iran revolution of 2009 and the Arab Spring of 2011, reports Motherboard, citing leaked documents by Edward Snowden. From the article: The GCHQ's special unit, known as the Joint Threat Research Intelligence Group or JTRIG, was first revealed in 2014, when leaked top secret documents showed it tried to infiltrate and manipulate -- using "dirty trick" tactics such as honeypots -- online communities including those of Anonymous hacktivists, among others. The group's tactics against hacktivists have been previously reported, but its influence campaign in the Middle East has never been reported before. I was able to uncover it because I was myself targeted in the past, and was aware of a key detail, a URL shortening service, that was actually redacted in Snowden documents published in 2014. A now-defunct free URL shortening service -- lurl.me -- was set up by GCHQ that enabled social media signals intelligence. Lurl.me was used on Twitter and other social media platforms for the dissemination of pro-revolution messages in the Middle East.
Government

Stiglitz Calls Apple's Profit Reporting In Ireland 'a Fraud' (bloomberg.com) 181

Jeanna Smialek, and Alex Webb, reporting for Bloomberg: Nobel economist Joseph Stiglitz said U.S. tax law that allows Apple to hold a large amount of cash abroad is "obviously deficient" and called the company's attribution of significant earnings to a comparatively small overseas unit a "fraud." "Our current tax system encourages companies to keep their money abroad, opens up a vast loophole through what is called the transfer-pricing system that allows them not only to keep their money abroad but, effectively, to escape taxation," Stiglitz, who advises Hillary Clinton's presidential campaign, said. Stiglitz was speaking in response to a question about whether policy makers like Clinton and Senator Elizabeth Warren, a Democrat from Massachusetts, could develop a plan to encourage companies like Apple to bring their accumulated foreign earnings back to the U.S. About $215 billion of Apple's total $232 billion in cash is held outside of the country, third-quarter earnings results showed this week.
Communications

AT&T Violated Rule Requiring Low Prices For Schools, FCC Says (arstechnica.com) 57

Jon Brodkin, reporting for Ars Technica: AT&T overcharged two Florida school districts for phone service and should have to pay about $170,000 to the U.S. government to settle the allegations, the Federal Communications Commission said yesterday. AT&T disputes the charges and will contest the decision. The FCC issued a Notice of Apparently Liability (NAL) to AT&T, an initial step toward enforcing the proposed punishment. The alleged overcharges relate to the FCC's E-Rate program, which funds telecommunications for schools and libraries and is paid for by Americans through surcharges on phone bills. The FCC said AT&T should have to repay $63,760 it improperly received from the FCC in subsidies for phone service provided to Orange and Dixie Counties and pay an additional fine of $106,425. AT&T prices charged to the districts were almost 400 percent higher than they should have been, according to the FCC. AT&T violated the FCC's "lowest corresponding price rule" designed to ensure that schools and libraries "get the best rates available by prohibiting E-Rate service providers from charging them more than the lowest price paid by other similarly situated customers for similar telecommunications services," the FCC said. Instead of charging the lowest available price, "AT&T charged the school districts prices for telephone service that were magnitudes higher than many other customers in Florida," the FCC said. Between 2012 and 2015, the school districts paid "some of the highest prices in the state... for basic telephone services."
Democrats

Tech Takes Its K-12 CS Education and Immigration Crisis To the DNC (cnet.com) 118

theodp writes: In early 2013, Code.org and FWD.us coincidentally emerged after Microsoft suggested tech's agenda could be furthered by creating a crisis linking U.S. kids' lack of computer science savvy to tech's need for tech worker visas. Three years later, CNET's Marguerite Reardon reports that tech took its K-12 computer science and immigration crisis to the Democratic National Convention on Wednesday, where representatives from Microsoft, Facebook, and Amazon called for the federal government to invest in more STEM education and reform immigration policies -- recurring themes the industry hopes to influence in the run-up to the 2016 presidential election. "We believe in the importance of high-skilled immigration coupled with investments in education," said Microsoft President Brad Smith, repeating the Microsoft National Talent Strategy. The mini-tech conference also received some coverage in the New Republic, where David Dayen argues that the DNC is one big corporate bride.
Security

Rio Olympics Will Be First Sporting Event Watched By 'Eye In The Sky' Drone Cameras (fastcompany.com) 33

tedlistens quotes a report from Fast Company: When the Olympic Games begin next month in Rio de Janeiro, billions of people are expected to watch athletes from countries around the world compete. But also watching over the Olympic and Paralympic events will be a set of futuristic, balloon-mounted surveillance camera systems capable of monitoring a wide swath of the city in high resolution and in real-time. Initially developed for use by U.S. forces in Iraq and Afghanistan by Fairfax, Virginia-based Logos Technologies, the technology is sold under the name Simera, and offers live aerial views of a large area, or what the company calls 'wide-area motion imagery,' captured from a balloon tethered some 200 meters above the ground. The system's 13 cameras make it possible for operators to record detailed, 120-megapixel imagery of the movement of vehicles and pedestrians below in an area up to 40 square kilometers, depending on how high the balloon is deployed, and for up to three days at a time. The Rio Olympics marks the "first time [Simera] will be deployed by a non-U.S. government at a large-scale event," according to the company. Simera is being compared to a live city-wide Google Maps combined with TiVo, as it can let law enforcement view ground-level activities in real time in addition to letting them rewind through saved images. Doug Rombough, Logo's vice president of business development, says the image clarity is not good enough to make out individual faces or license plate numbers, though it is clear enough to follow individual people and vehicles around the city. "However, a higher resolution video camera attached to the same balloon, which captures images at 60 times that of full HD resolution, or 15 times 4K, at three frames per second, will allow operators to get a closer look at anything or anyone that looks suspicious," reports Fast Company.
Privacy

Trump Calls For Russia To Cyber-Invade the United States To Find Clinton's 'Missing' Emails (gawker.com) 1006

Republican presidential nominee Donald Trump publicly called on the Russian hackers allegedly responsible for the recent leak of DNC emails to launch another cyber-attack on the United States, this time to hack emails from Hillary Clinton's tenure as secretary of State, according to reporters who attended the press conference Wednesday. (Alternate source: NYTimes, Quartz, and MotherJones) "Russia, if you're listening, I hope you're able to find the 30,000 emails that are missing," Trump said. "I think you will probably be rewarded mightily by our press."

Clinton came under investigation for her use of a personal email address while serving as secretary of state. After turning over to the FBI all correspondence about government business during her years in the State Department, Clinton revealed at a press conference last year that she had deleted about half of her emails that pertained to personal matters, like her daughter's wedding. Attorney General Loretta Lynch ultimately decided not to pursue criminal charges against Clinton. Update: Here's a video of Trump saying that.
Bitcoin

EU Plans To Create Database of Bitcoin Users With Identities and Wallet Addresses (softpedia.com) 130

An anonymous reader writes from a report via Softpedia: "The European Commission is proposing the creation of a database that will hold information on users of virtual currencies," reports Softpedia. "The database will record data on the user's real world identity, along with all associated wallet addresses." The database will be made available to financial investigation agencies in order to track down users behind suspicious operations. The creation of this database is part of a regulatory push that the EU got rolling after the Paris November 2015 terror attacks, and which it officially put forward in February 2016, and later approved at the start of July 2016. Legally, this is an attempt to reform the Anti-Money Laundering Directive (AMLD). The current draft is available here. The current AMLD draft reads: "The report shall be accompanied, if necessary, by appropriate proposals, including, where appropriate, with respect to virtual currencies, empowerments to set-up and maintain a central database registering users' identities and wallet addresses accessible to FIUs, as well as self-declaration forms for the use of virtual currency users."
Government

Obama Creates a Color-Coded Cyber Threat 'Schema' After the DNC Hack (vice.com) 133

The White House on Tuesday issued new instructions on how government agencies should respond to major cyber security attacks, in an attempt to combat perceptions that the Obama administration has been sluggish in addressing threats from sophisticated hacking adversaries, Reuters reports. The announcement comes amid reports that hackers working for Russia may have engineered the leak of emails stolen from the Democratic National Committee in an attempt to influence the outcome of the upcoming presidential election. Motherboard adds: George W. Bush's Homeland Security Advisory System -- the color-coded terrorism "threat level" indicator that became a symbol of post-9/11 fear mongering -- is getting its spiritual successor for hacking: the "Cyber Incident Severity Schema." President Obama announced a new policy directive Tuesday that will codify how the federal government will respond to hacking incidents against both the government and private American companies. [...] The Cyber Incident Severity Schema ranges from white (an "unsubstantiated or inconsequential event") to black (a hack that "poses an imminent threat to the provision of wide-scale critical infrastructure services, national government stability, or to the lives of U.S. persons") , with green, yellow, orange, and red falling in between. Any hack or threat of a hack rated at orange or above is a "significant cyber incident" that will trigger what the Obama administration is calling a "coordinated" response from government agencies. As you might expect, there are many unanswered questions here, and the federal government has announced so many cyber programs in the last few years that it's hard to know which, if any of them, will actually make the US government or its companies any safer from hackers.
Security

'DNC Hacker' Unmasked: He Really Works for Russia, Researchers Say (thedailybeast.com) 694

The hacker who claimed to compromise the DNC swore he was Romanian, but new investigation shows he worked directly for Russia President Vladimir Putin's government in Moscow. The Daily Beast reports: The hacker who claims to have stolen emails from the Democratic National Committee and provided them to WikiLeaks is actually an agent of the Russian government and part of an orchestrated attempt to influence U.S. media coverage surrounding the presidential election, a security research group concluded on Tuesday. The researchers, at Arlington, Va.-based ThreatConnect, traced the self-described Romanian hacker Guccifer 2.0 back to an Internet server in Russia and to a digital address that has been linked in the past to Russian online scams. Far from being a single, sophisticated hacker, Guccifer 2.0 is more likely a collection of people from the propaganda arm of the Russian government meant to deflect attention away from Moscow as the force behind the DNC hacks and leaks of emails, the researchers found. ThreatConnect is the first known group of experts to link the self-proclaimed hacker to a Russian operation, amidst an ongoing FBI investigation and a presidential campaign rocked by the release of DNC emails that have embarrassed senior party leaders and inflamed intraparty tensions turning the Democratic National Convention. The emails revealed that party insiders plotted ways to undermine Sen. Bernie Sanders' presidential bid. The researchers at the aforementioned security firm are basing their conclusion on three signals: the hacker used Russian computers to edit PDF files, he also used Russian VPN -- and other internet infrastructure from the country, and that he was unable to speak Romanian.
Earth

Feds To Deploy Anti-Drone Software Near Wildfires (thehill.com) 170

An anonymous reader quotes a report from The Hill: Federal officials are launching a new "geofencing" program to alert drone pilots when they're flying too close to wildfire prevention operations. The Department of Interior said Monday it would deploy software warnings to pilots when their drones pose a risk to the aircraft used by emergency responders fighting wildfires. The agency said there have been 15 instances of drones interfering with firefighter operations this year, including several leading to grounded aircraft. Drone-related incidents doubled between 2014 and 2015, the agency said. Officials built the new warning system with the drone industry, and the agency said manufacturers could eventually use it to build drones that automatically steer away from wildfire locations. The program is in its pilot phase, the agency said; officials hope to have a full public release in time for next year's wildfire season. "No responsible drone operator wants to endanger the lives of the men and women who work to protect them and we believe this program, which uses the global positioning system to create a virtual barrier, will move us one step closer to eliminating this problem for wildfire managers," Mark Bathrick, the director of the Interior Department's Office of Aviation Service, said in a statement.
Transportation

Amazon Partners With UK Government To Test Drone Deliveries (usatoday.com) 44

An anonymous reader quotes a report from USA Today: [Recent rules from the Federal Aviation Administration mean delivery by drone is years away in the United States, but packages may be winging their way to customers sooner rather than later in the United Kingdom, where Amazon just got permission to begin a new trial of its delivery drones.] The U.K. Civil Aviation Authority gave Amazon permission to test several key drone delivery parameters. They include sending drones beyond the line of sight of their operator in rural and suburban areas, testing sensor performance to make sure the drones can identify and avoid obstacles and allowing a single operator to manage multiple highly-automated drones. U.S. rules are outlined in a 624-page rulebook from the Federal Aviation Administration. They allow commercial drones weighing up to 55 pounds to fly during daylight hours. The aircraft must remain within sight of the operator or an observer who is in communication with the operator. The operators must be pass an aeronautics test every 24 months for a certificate as well as a background check by the Transportation Security Administration. The rules govern commercial flights, such as for aerial photography or utilities inspection. Amazon's goal is to use drones to deliver packages up to 5 pound to customers in 30 minutes or less. Amazon released a statement today detailing its partnership with the UK Government that may one day turn its Prime Air drone delivery service into reality.
Bitcoin

Bitcoin Not Money, Rules Miami Judge In Dismissing Laundering Charges (miamiherald.com) 150

An anonymous reader quotes a report from Miami Herald: Bitcoin does not actually qualify as money, a Miami-Dade judge ruled Monday in throwing out criminal charges against a Miami Beach man charged with illegally selling the virtual currency. The defendant, Michell Espinoza, was charged with illegally selling and laundering $1,500 worth of Bitcoins to undercover detectives who told him they wanted to use the money to buy stolen credit-card numbers. But Miami-Dade Circuit Judge Teresa Mary Pooler ruled that Bitcoin was not backed by any government or bank, and was not "tangible wealth" and "cannot be hidden under a mattress like cash and gold bars." "The court is not an expert in economics, however, it is very clear, even to someone with limited knowledge in the area, the Bitcoin has a long way to go before it the equivalent of money," Pooler wrote in an eight-page order. The judge also wrote that Florida law -- which says someone can be charged with money laundering if they engage in a financial transaction that will "promote" illegal activity -- is way too vague to apply to Bitcoin. "This court is unwilling to punish a man for selling his property to another, when his actions fall under a statute that is so vaguely written that even legal professionals have difficulty finding a singular meaning," she wrote. Espinoza's case is believed to be the first money-laundering prosecution involving Bitcoin.

Slashdot Top Deals