Check out the brand new SourceForge HTML5 speed test! Test your internet connection now. Works on all devices. ×
Security

Religious Hacker Defaces 111 Escort Sites (softpedia.com) 120

An anonymous reader shares this article from Softpedia: A religiously-motivated Moroccan hacker has defaced 111 different web sites promoting escort services since last summer as part of an ongoing protest against the industry. "In January, the hacker defaced 79 escort websites," writes Softpedia. "His actions didn't go unnoticed, and on some online forums where escorts and webmasters of these websites met, his name was brought up in discussions and used to drive each other in implementing better Web security. While some webmasters did their job, some didn't. During the past days, the hacker has been busy defacing a new set of escort websites... Most of these websites bare ElSurveillance's defacement message even today... Most of the websites are from the UK."
His newest round of attacks replace the sites with a pro-Palestine message and a quote from the quran, though in January Softpedia reported the attacker was also stealing data from some of the sites about their users' accounts.
Censorship

Google and Facebook May Be Suppressing 'Extremist' Speech With Copyright Scanners (theverge.com) 137

An anonymous reader quotes this article from The Verge: The systems that automatically enforce copyright laws on the internet may be expanding to block unfavorable speech. Reuters reports that Facebook, Google, and other companies are exploring automated removal of extremist content, and could be repurposing copyright takedown methods to identify and suppress it. It's unclear where the lines have been drawn, but the systems are likely targeted at radical messages on social networks from enemies of European powers and the United States. Leaders in the US and Europe have increasingly decried radical extremism on the internet and have attempted to enlist internet companies in a fight to suppress it.

Many of those companies have been receptive to the idea and already have procedures to block violent and hateful content. Neither Facebook and Google would confirm automation of these efforts to Reuters, which relied on two anonymous sources who are "familiar with the process"... The secret identification and automated blocking of extremist speech would raise new, serious questions about the cooperation of private corporations with censorious governmental interests.

Reuters calls it "a major step forward for internet companies that are eager to eradicate violent propaganda from their sites and are under pressure to do so from governments around the world as attacks by extremists proliferate, from Syria to Belgium and the United States." They also report that the move follows pressure from an anti-extremism group "founded by, among others, Frances Townsend, who advised former president George W. Bush on homeland security, and Mark Wallace, who was deputy campaign manager for the Bush 2004 re-election campaign."
Programming

ECMAScript 2016: New Version of JavaScript Language Released (softpedia.com) 136

An anonymous Slashdot reader writes: Ecma International, the organization in charge of managing the ECMAScript standard, has published the most recent version of the JavaScript language. ECMAScript 2016 (ES7 or JavaScript 7th Edition in the old naming scheme) comes with very few new features. The most important is that JavaScript developers will finally get a "raise to the power" operator, which was mysteriously left out of the standard for 20 years. The operator is **...
It will also become much easier to search for data in a JavaScript array with Array.prototype.includes(), but support for async functions (initially announced for ES2016), has been deferred until next year's release. "From now on, expect smaller changelogs from the ECMAScript team," reports Softpedia, "since this was the plan set out last year. Fewer breaking changes means more time to migrate code, instead of having to rewrite entire applications, as developers did when the mammoth ES6 release came out last year."
Crime

Why Are Hackers Increasingly Targeting the Healthcare Industry? (helpnetsecurity.com) 101

Slashdot reader Orome1 shares an article by Bitdefender's senior "e-threat analyst," warning about an increasing number of attacks on healthcare providers: In general, the healthcare industry is proving lucrative for cybercriminals because medical data can be used in multiple ways, for example fraud or identity theft. This personal data often contains information regarding a patient's medical history, which could be used in targeted spear-phishing attacks...and hackers are able to access this data via network-connected medical devices, now standard in high-tech hospitals. This is opening up new possibilities for attackers to breach a hospital or a pharmaceutical company's perimeter defenses.

If a device is connected to the internet and left vulnerable to attack, an attacker could remotely connect to it and use it as gateways for attacking network security... The majority of healthcare organizations have often been shown to fail basic security practices, such as disabling concurrent login to multiple devices, enforcing strong authentication and even isolating critical devices and medical data storing servers from a direct internet connection.

The article suggests the possibility of attackers tampering with the equipment that dispenses prescription medications, in which case "it is likely that future cyber-attacks could lead to the loss of human life."
Crime

From File-Sharing To Prison: The Story of a Jailed Megaupload Programmer (arstechnica.com) 122

An anonymous reader writes: "I had to be made an example of as a warning to all IT people," says former Megaupload programmer Andrew Nomm, one of seven Megaupload employees arrested in 2012. Friday his recent interview with an Estonian journalist was republished in English by Ars Technica (which notes that at one point the 50 million users on Megaupload's file-sharing site created 4% of the world's internet traffic). The 37-year-old programmer pleaded guilty to felony copyright infringement in exchange for a one-year-and-one-day sentence in a U.S. federal prison, which the U.S. Attorney General's office called "a significant step forward in the largest criminal copyright case in US history."

"It turned out that I was the only defendant in the last 29 years to voluntarily go from the Netherlands to the USA..." Nomm tells the interviewer, adding "I'll never get back the $40,000 that was seized by the USA." He describes his experience in the U.S. prison system after saying good-bye to his wife and 13-year-old son, adding that now "I have less trust in all sorts of state affairs, especially big countries. I saw the dark side of the American dream in all its glory..."

In U.S. court documents Nomm "acknowledged" that the financial harm to copyright holders "exceeded $400 million."
Communications

Snowden Finally Identified As Target of Investigation That Ended Lavabit (washingtontimes.com) 76

An anonymous reader quotes a report from The Washington Times: Three years after a government investigation forced the shuttering of Lavabit, a Texas-based email provider, its CEO revealed Friday that an account belonging to Edward Snowden spurred the probe that put his company out of business. "Ladar Levison shut down his encrypted webmail service in August 2013 amid an FBI investigation focused on one of his company's nearly half-a-million customers," reports The Washington Times. "A gag-order that has just recently been vacated in federal has legally prevented him up until now from confirming the account in question was registered to none other than the NSA contractor attributed with one of the largest intelligence leaks in U.S. history. U.S. District Judge Claude Hilton nullified the mandatory non-disclosure orders in a June 13 court filing that went unnoticed until Lavabit released a statement Friday. Officially, the consent order approved by Judge Hilton in the Eastern District of Virginia earlier this month removes all gag-orders concerning Lavabit and Mr. Levison with regards to a grand jury investigation that led the FBI to Mr. Snowdenâ(TM)s email account. 'While Iâ(TM)m pleased that I can finally speak freely about the target of the investigation, I also know the fight to protect our collective freedom is far from over,' Mr. Levison said in a statement. He said he plans to discuss the case further during the DefCon security conference in Las Vegas this summer."
Medicine

New Apps Let Women Obtain Birth Control Without Visiting a Doctor 275

HughPickens.com writes: With nearly 40 percent of all pregnancies in the United States unintended, birth control is a critical public health issue. For short-term methods, visiting the doctor for a prescription can be time-consuming and sometimes costly and for some, like teenagers, it can be intimidating or embarrassing. Now Pam Belluck reports at the NYT that a growing assortment of new apps and websites now make it possible to get prescription contraceptives without going to the doctor as public health experts hope the new apps will encourage more women to start, or restart, using contraception and help reduce the country's stubbornly high rate of unintended pregnancies, as well as the rate of abortions. At least six digital ventures, by private companies and nonprofits, including Planned Parenthood, now provide prescriptions written by clinicians after women answer questions about their health online or by video. All prescribe birth control pills, and some prescribe patches, rings and morning-after pills and some ship contraceptives directly to women's doors. "At first I didn't believe it," said Susan Hashem, who wanted to restart birth control pills without missing work for a doctor's appointment. Hashem used an app called Lemonaid and paid $15 for a doctor to review her medical information and send a pill prescription to a local pharmacy. "I thought it was just a setup to get money," Hashem said. But after she answered the health questions one evening, "a doctor actually contacted me after office hours," and the next morning, she picked up three months' worth of pills.
Security

NASCAR Team Pays Ransomware Fee To Recover Files Worth $2 Million (softpedia.com) 58

An anonymous reader writes: "NASCAR team Circle Sport-Leavine Family Racing (CSLFR) revealed today it faced a ransomware infection this past April when it almost lost access to crucial files worth nearly $2 million, containing car parts lists and custom high-profile simulations that would have taken 1,500 man-hours to replicate," reports Softpedia. "The infection took place on the computer belonging to CSLFR's crew chief. Winston's staff detected the infection when encrypted files from Winston's computer began syncing to their joint Dropbox account." It was later discovered that he was infected with the TeslaCrypt ransomware. Because the team had no backups of the crucial data, they eventually paid the ransom (around $500). This happened before TeslaCrypt's authors decided to shut down their operations and release free decryption keys.
Advertising

You Could Be Paid To Post Snapchat Selfies With Products, Patent Filing Suggests (latimes.com) 22

An anonymous reader writes: According to Snapchat's latest patent filings, the company could begin paying users to post photos and videos. Los Angeles Times reports: "The filings reveal that Snapchat automatically could analyze annotations on an image, including text and digital stickers, to prompt users to place their image in a collective gallery. In other words, people who type some variation of 'Clippers!!!' on top of their photo during a Clippers basketball game would have access to a library of images related to the game. Especially intriguing, the company could use computer vision technology to identify objects in an image -- say, a Coke bottle -- to encourage a user to share the shot in a Coca-Cola-sponsored story. Contributors could walk away with cash through a flat fee or some other deal based on views or sales generated by the story. The idea in the patent filing also would give advertisers an official way to compensate people for creative posts, compared with the usual strategy of paying top users to turn their personal accounts into an ad. Other types of automatically generated galleries mentioned in the patent application include stories based on a time stamp, temperature or movement. People could definite their own categories too. Curation of the galleries could be optional, with object recognition and text analysis as potential ways to filter inappropriate submissions. Users who get into audio timeline could get paid too, the patent filing states."
Microsoft

Surface 3 Stocks Dwindling As Microsoft Plans System's Demise (arstechnica.com) 56

An anonymous reader writes: Microsoft's Surface 3 may be coming to an end. Brad Sams at Thurrott.com reports that many versions of the Surface 3 are listed as being out of stock in Microsoft's online store, with no expected availability. He notes that the only version in stock online is the version with 2GB RAM/64GB storage/LTE. There's more availability in-store, but stock appears to be limited overall. What this generally means is that manufacturing is slowing down or going to stop entirely. In a statement, Microsoft said: "Since launching Surface 3 over a year ago, we have seen strong demand and satisfaction amongst our customers. Inventory is now limited and by the end of December 2016, we will no longer manufacture Surface 3 devices." It's possible a Surface 3 successor is right around the corner, although Ars Technica notes "there hasn't even been the merest hint of a rumor about such a device." The Surface 3 is being powered by a Cherry Trail Atom processor, which hasn't seen a major upgrade or replacement since they were released in the first quarter of 2015. "Without new processors, there's little reason to update the Surface 3 line," writes Ars. Microsoft could equip the Surface 3 successor with a Core M processor, but the implications of that decision would likely cause the device's price to shoot up or cause the device's quality to significantly decrease. Microsoft may simply abandon the segment entirely and focus strictly on the Surface Pro line.
Businesses

Russia Lawmakers Pass Spying Law That Requires Encryption Backdoors, Call Surveillance (dailydot.com) 109

A bill that was proposed recently in the Russian Duma to make cryptographic backdoors mandatory in all messaging apps, has passed. Patrick Howell O'Neill, reports for DailyDot:A massive surveillance bill is now on its way to becoming law in Russia. The "anti-terrorism" legislation includes a vast data-eavesdropping and -retention program so that telecom and internet companies have to record and store all customer communications for six months, potentially at a multitrillion-dollar cost. Additionally, all internet firms have to provide mandatory backdoor access into encrypted communications for the FSB, the Russian intelligence agency and successor to the KGB. The bill, with support from the ruling United Russia party, passed Friday in the Duma, Russia's lower legislative house, with 277 votes for, 148 against, and one abstaining. It now moves to Russia's Federal Council and the Kremlin, where it's expected to pass into law.
AT&T

Net Neutrality Advocates To FCC: Put the Kibosh On Internet Freebies (cnet.com) 160

An anonymous reader cites a CNET report:Net neutrality advocates demand action. Representatives from Fight the Future, the Center for Media Justice and Free Press on Friday hand-delivered a 6-foot tall package containing 100,000 letters of complaint to the Federal Communications Commission. They ask the agency to take action against AT&T, Comcast, T-Mobile and Verizon for violating the agency's Open Internet order by offering so-called zero-rating service plans. While the practice offers some benefits to customers, critics say it violates the agency's Net neutrality principles, which requires all services on the internet be treated the same. They claim it puts smaller competitors at a disadvantage and highlights the fact that data caps are unnecessary. Carriers say they are simply experimenting with new business models that will make their service more affordable for consumers.
Businesses

Comcast Admits It Incorrectly Debited $1,775 From Account, Tells Customer To Sort It Out With Bank (consumerist.com) 172

An anonymous reader writes from a report via The Consumerist: Consumerist reader Robert is fighting with Comcast over a $1,775 early termination fee that should not have been assessed after he tried to cancel his business-tier service with the company. Comcast itself has even admitted that the money should not have been debited from Robert's bank account, but now says it's his responsibility to sort the mess out with his bank. The Consumerist reports: "In an effort to save money in 2014, Robert called to have their service level downgraded to a more affordable rate. Shortly thereafter, correctly believing that he was out of contract, he cancelled his Comcast service. That should have been the end of the story, but only weeks after closing the Comcast account, the boys from Kabletown decided that Robert was not out of contract, debiting $1,775.44 from the checking account tied to the Comcast service. Skip forward to Jan. 2015 -- two months after being told he'd get made whole; still no check. Robert says that when he called Comcast, 'the rep actually laughed when I told her I didn't get a check yet. She said it would take three months.'" Two calls later, one in June 2015 and one in Jan. 2016, Robert still didn't receive the check even after being reassured it was coming. More recently, he received an email from someone at Comcast "Executive Customer Relations," saying: "I understand you're claiming that someone advised you Comcast would send a refund check for the last payment that was debited but this is generally not the way we handle these situations. [...] For your situation, you would have to dispute the payment with your bank." Good news: The Consumerist reached out to Comcast HQ and a Comcast rep wrote back. "More information just came in," reads the email, which explains that an ETF credit was applied to his account in Dec. 2014, but "through some error the refund check never generated." Comcast is reportedly sending the check for real this time.
Democrats

Clinton's Private Email Was Blocked By Spam Filters, So State IT Turned Them Off (arstechnica.com) 240

An anonymous reader quotes a report from Ars Technica: Documents recently obtained by the conservative advocacy group Judicial Watch show that in December 2010, then-U.S. Secretary of State Hillary Clinton and her staff were having difficulty communicating with State Department officials by e-mail because spam filters were blocking their messages. To fix the problem, State Department IT turned the filters off -- potentially exposing State's employees to phishing attacks and other malicious e-mails. The mail problems prompted Clinton Chief of Staff Huma Abedin to suggest to Clinton (PDF), "We should talk about putting you on State e-mail or releasing your e-mail address to the department so you are not going to spam." Clinton replied, "Let's get [a] separate address or device but I don't want any risk of the personal [e-mail] being accessible." The mail filter system -- Trend Micro's ScanMail for Exchange 8 -- was apparently causing some messages from Clinton's private server (Clintonemail.com) to not be delivered (PDF). Some were "bounced;" others were accepted by the server but were quarantined and never delivered to the recipient. According to the e-mail thread published yesterday by Judicial Watch, State's IT team turned off both spam and antivirus filters on two "bridgehead" mail relay servers while waiting for a fix from Trend Micro. There was some doubt about whether Trend Micro would address the issue before State performed an upgrade to the latest version of the mail filtering software. A State Department contractor support tech confirmed that two filters needed to be shut off in order to temporarily fix the problem -- a measure that State's IT team took with some trepidation, because the filters had "blocked malicious content in the recent past." It's not clear from the thread that the issue was ever satisfactorily resolved, either with SMEX 8 or SMEX 10.
Advertising

HTML5 Ads Aren't That Safe Compared To Flash, Experts Say (softpedia.com) 103

An anonymous reader writes: [Softpedia reports:] "A study from GeoEdge (PDF), an ad scanning vendor, reveals that Flash has been wrongly accused as the root cause of today's malvertising campaigns, but in reality, switching to HTML5 ads won't safeguard users from attacks because the vulnerabilities are in the ad platforms and advertising standards themselves. The company argues that for video ads, the primary root of malvertising is the VAST and VPAID advertising standards. VAST and VPAID are the rules of the game when it comes to online video advertising, defining the road an ad needs to take from the ad's creator to the user's browser. Even if the ad is Flash or HTML5, there are critical points in this ad delivery path where ad creators can alter the ad via JavaScript injections. These same critical points are also there so advertisers or ad networks can feed JavaScript code that fingerprints and tracks users." The real culprit is the ability to send JavaScript code at runtime, and not if the ad is a Flash object, an image or a block of HTML(5) code.
Security

Internet Trolls Hack Popular YouTube Channel WatchMojo (csoonline.com) 32

An anonymous reader writes: WatchMojo, one of the most popular channels of YouTube with over 12 million subscribers, has been hacked. Subscribers of one of YouTube's most popular channels, WatchMojo, were greeted with an unusual surprise on Wednesday evening, as a couple of hackers, known only as Obnoxious and Pein, hacked the lineup of the channel's videos. The two hackers then proceeded to rename almost all of WatchMojo's videos with the title "HACKED BY OBNOXIOUS AND PEIN twitter.com/poodlecorp." Since the channel was compromised, the hackers have uploaded two new videos, "Top 5 Facts About the Yakuza," and a video about Neanderthal myths. Apart from these, however, the hackers have not touched anything else on the channel. Though, most of WatchMojo's videos still remain hacked as of writing. The popular channel announced that it is fully aware of the hack. WatchMojo further stated that it has already contacted YouTube about the incident and that it is already starting to fix the changes to its videos.
Medicine

Crispr Wins Key Approval to Fight Cancer in Human Trials (bloomberg.com) 70

Tom Randall, reporting for Bloomberg Technology:An experimental cancer treatment that alters the DNA of patients has won a key approval to proceed with its first human tests using the controversial gene-altering tool known as Crispr. Scientists from the University of Pennsylvania want to edit the immune systems of 18 patients to target cancer cells more effectively. The experiment, backed by internet billionaire Sean Parker, won approval from the Recombinant DNA Advisory Committee (RAC), a federal ethics panel set up at the National Institutes of Health 40 years ago to review controversial experiments that change the human genome. The trial still needs final approval from the U.S. Food and Drug Administration. The experiment targets difficult-to-treat cases of multiple myeloma, sarcoma, and melanoma. The scientists will remove blood samples from patients and alter their T-cells -- central to human immune response -- to more effectively target and pursue cancer. The T cells will then be infused back into patients and studied for the safety and effectiveness of the technique.STAT News has an article in which it discusses the probable consequences of altering the DNA of a cancer patient.
Security

Comodo Attempting to Register 'Let's Encrypt' Trademarks, And That's Not Right (letsencrypt.org) 120

Let's Encrypt is a nonprofit aimed at encrypting the entire web. It provides free certificates, and its service is backed by EFF, Mozilla, Cisco, Akamai and others. Despite it being around for years, security firm Comodo, which as of 2015, was the largest issuer of SSL certificates with a 33.6% market share on 6.6% of all web domains, last year in October filed for the trademark Let's Encrypt. The team at Let's Encrypt wrote in a blog post today that they have asked Comodo to abandon its "Let's Encrypt" applications, directly but it has refused to do so. The blog post adds: We've forged relationships with millions of websites and users under the name Let's Encrypt, furthering our mission to make encryption free, easy, and accessible to everyone. We've also worked hard to build our unique identity within the community and to make that identity a reliable indicator of quality. We take it very seriously when we see the potential for our users to be confused, or worse, the potential for a third party to damage the trust our users have placed in us by intentionally creating such confusion. By attempting to register trademarks for our name, Comodo is actively attempting to do just that. Update: 06/23 22:25 GMT by M :Comodo CEO has addressed the issue on company's forum (screenshot).
Businesses

Google Fiber To Acquire Gigabit Internet Provider Webpass (techcrunch.com) 59

An anonymous reader writes: Google Fiber has announced a deal to acquire high-speed internet service provider Webpass. Webpass is a 13-year-old company that provides high-speed internet, including gigabit service, for businesses and residential customers across parts of the U.S.. Webpass is most widely known in California, with service running in San Fransisco, Oakland, Emeryville, Berkeley and San Diego. It also has service in Miami, Miami Beach, Coral Gables, Chicago, and Boston. The President of Webpass, Charles Barr, said in a blog post: "Joining Google Fiber will be a great development for our users because the companies share the same vision of the future and commitment to the customer," he said. "Google Fiber's resources will enable Webpass to grow faster and reach many more customers than we could as a standalone company." The acquisition should help Google Fiber with its plans to grow to more than 20 U.S. cities in the near future, helping connect to business and residential markets.
Canada

Why Drones Could Save Door-To-Door Mail Delivery (vice.com) 156

An anonymous reader writes: Online shopping aside, people don't have as many physical items to mail as they used to, which is largely the reason why Canada Post announced it would be phasing out door-to-door mail delivery. Motherboard reports: "The corporation is exploring future use of drone technology to make deliveries, according to a report from the Canadian Press. At this point, Canada Post is engaging in a 'proper exercise,' a spokesperson told the Canadian Press, adding that the project is in its earliest, experimental stages. According to Graham Scott, the deputy editor of Canadian Business, even if mail-delivering drones remain a theoretical concept for now, it's inevitable they'll be considered as a way to drive costs down. There are many good reasons why mail delivery drones may never get off the ground. For one thing, current technology limits them to delivering one item of post at a time, which is tremendously impractical. But, as we've seen with the rolling out of community mailboxes -- a program that was put on hold earlier this year when the review was launched -- the invisible hand of the market is always looking to drive costs down. So don't count out flying robot deliveries for good. From a manager's perspective at least, drones have their advantages. They don't suffer from dog bites, and they (ideally) don't deviate from their routes. 'Drones don't twist their ankle, they don't get tired, and they don't form a union.' said Scott." In 2013, Amazon CEO Jeff Bezos revealed during a CBS 60 Minutes interview that the company is working on a service called "Prime Air" to deliver packages by autonomous octocopter drones within 30 minutes of hitting the "buy" button. The Guardian reported last year that Amazon has been testing its drone delivery service at a secret site in Canada, following repeated warnings by the e-commerce giant that it would go outside the U.S. to bypass what it sees as the U.S. federal government's lethargic approach to the new technology.

Slashdot Top Deals