Intel

FSF-Endorsed Libreboot X200 Laptop Comes With Intel's AMT Removed 61

Posted by timothy
from the if-thine-eye-offends-thee dept.
gnujoshua (540710) writes "The Free Software Foundation has announced its endorsement of the Libreboot X200, a refurbished Lenovo ThinkPad X200 sold by Gluglug. The laptop ships with 100% free software and firmware, including the FSF's endorsed Trisquel GNU/Linux and Libreboot. One of the biggest challenges overcome in achieving FSF's Respects Your Freedom certification was the complete removal of Intel's ME and AMT firmware. The AMT is a controversial proprietary backdoor technology that allows remote access to a machine even when it is powered off. Quoting from the press release: "The ME and its extension, AMT, are serious security issues on modern Intel hardware and one of the main obstacles preventing most Intel based systems from being liberated by users. On most systems, it is extremely difficult to remove, and nearly impossible to replace. Libreboot X200 is the first system where it has actually been removed, permanently," said Gluglug Founder and CEO, Francis Rowe."
Privacy

'Anonymized' Credit Card Data Not So Anonymous, MIT Study Shows 34

Posted by timothy
from the why-I-order-from-the-women's-menu dept.
schwit1 writes Scientists showed they can identify you with more than 90 percent accuracy by looking at just four purchases, three if the price is included — and this is after companies "anonymized" the transaction records, saying they wiped away names and other personal details. The study out of MIT, published Thursday in the journal Science, examined three months of credit card records for 1.1 million people. "We are showing that the privacy we are told that we have isn't real," study co-author Alex "Sandy" Pentland of the Massachusetts Institute of Technology, said in an email.
Government

US Air Force Selects Boeing 747-8 To Replace Air Force One 180

Posted by timothy
from the the-privileged-few dept.
Tyketto writes Following up on a previous story about its replacement, the US Air Force has selected the Boeing 747-8 to replace the aging Presidential fleet of two VC-25s, which are converted B747-200s. With the only other suitable aircraft being the Airbus A380, the USAF cited Boeing's 50-year history of building presidential aircraft as their reason to skip competition and opt directly for the aircraft, which due to dwindling sales and prospects, may be the last 747s to be produced.
Government

FCC Officially Approves Change In the Definition of Broadband 313

Posted by timothy
from the seven-with-one-blow dept.
halfEvilTech writes As part of its 2015 Broadband Progress Report, the Federal Communications Commission has voted to change the definition of broadband by raising the minimum download speeds needed from 4Mbps to 25Mbps, and the minimum upload speed from 1Mbps to 3Mbps, which effectively triples the number of US households without broadband access. Currently, 6.3 percent of US households don't have access to broadband under the previous 4Mpbs/1Mbps threshold, while another 13.1 percent don't have access to broadband under the new 25Mbps downstream threshold.
Canada

Canada Upholds Net Neutrality Rules In Wireless TV Case 83

Posted by timothy
from the as-long-as-we-can-spy-on-you-too dept.
An anonymous reader writes Canada's telecom regulator has issued a major new decision with implications for net neutrality, ruling that Bell and Videotron violated the Telecommunications Act by granting their own wireless television services an undue preference by exempting them from data charges. Michael Geist examines the decision, noting that the Commission grounded the decision in net neutrality concerns, stating the Bell and Videotron services "may end up inhibiting the introduction and growth of other mobile TV services accessed over the Internet, which reduces innovation and consumer choice."
Crime

Why ATM Bombs May Be Coming Soon To the United States 320

Posted by samzenpus
from the almost-worth-the-troub;e dept.
HughPickens.com writes Nick Summers has an interesting article at Bloomberg about the epidemic of 90 ATM bombings that has hit Britain since 2013. ATM machines are vulnerable because the strongbox inside an ATM has two essential holes: a small slot in front that spits out bills to customers and a big door in back through which employees load reams of cash in large cassettes. "Criminals have learned to see this simple enclosure as a physics problem," writes Summers. "Gas is pumped in, and when it's detonated, the weakest part—the large hinged door—is forced open. After an ATM blast, thieves force their way into the bank itself, where the now gaping rear of the cash machine is either exposed in the lobby or inside a trivially secured room. Set off with skill, the shock wave leaves the money neatly stacked, sometimes with a whiff of the distinctive acetylene odor of garlic." The rise in gas attacks has created a market opportunity for the companies that construct ATM components. Several manufacturers now make various anti-gas-attack modules: Some absorb shock waves, some detect gas and render it harmless, and some emit sound, fog, or dye to discourage thieves in the act.

As far as anyone knows, there has never been a gas attack on an American ATM. The leading theory points to the country's primitive ATM cards. Along with Mongolia, Papua New Guinea, and not many other countries, the U.S. doesn't require its plastic to contain an encryption chip, so stealing cards remains an effective, nonviolent way to get at the cash in an ATM. Encryption chip requirements are coming to the U.S. later this year, though. And given the gas raid's many advantages, it may be only a matter of time until the back of an American ATM comes rocketing off.
Government

Drone Maker Enforces No-Fly Zone Over DC, Hijacking Malware Demonstrated 156

Posted by samzenpus
from the fly-that-anywhere dept.
An anonymous reader writes A recent incident at the White House showed that small aerial vehicles (drones) present a specific security problem. Rahul Sasi, a security engineer at Citrix R&D, created MalDrone, the first backdoor malware for the AR drone ARM Linux system to target Parrot AR Drones, but says it can be modified to target others as well. The malware can be silently installed on a drone, and be used to control the drone remotely and to conduct remote surveillance. Meanwhile, the Chinese company that created the drone that crashed on the White House grounds has announced a software update for its "Phantom" series that will prohibit flight within 25 kilometers of the capital.
Privacy

Snowden Documents: CSE Tracks Millions of Downloads Daily 100

Posted by samzenpus
from the keeping-an-eye-on-things dept.
Advocatus Diaboli writes Canada's electronic spy agency sifts through millions of videos and documents downloaded online every day by people around the world, as part of a sweeping bid to find extremist plots and suspects, CBC News has learned. Details of the Communications Security Establishment project dubbed 'Levitation' are revealed in a document obtained by U.S. whistleblower Edward Snowden and recently released to CBC News. Under Levitation, analysts with the electronic eavesdropping service can access information on about 10 to 15 million uploads and downloads of files from free websites each day, the document says.
Programming

Anonymous No More: Your Coding Style Can Give You Away 216

Posted by samzenpus
from the leaving-your-mark dept.
itwbennett writes Researchers from Drexel University, the University of Maryland, the University of Goettingen, and Princeton have developed a "code stylometry" that uses natural language processing and machine learning to determine the authors of source code based on coding style. To test how well their code stylometry works, the researchers gathered publicly available data from Google's Code Jam, an annual programming competition that attracts a wide range of programmers, from students to professionals to hobbyists. Looking at data from 250 coders over multiple years, averaging 630 lines of code per author their code stylometry achieved 95% accuracy in identifying the author of anonymous code. Using a dataset with fewer programmers (30) but more lines of code per person (1,900), the identification accuracy rate reached 97%.
Encryption

Justice Department: Default Encryption Has Created a 'Zone of Lawlessness' 413

Posted by Soulskill
from the what-would-you-call-this-zone-that's-allegedly-associated-with-danger? dept.
Jason Koebler writes: Leslie Caldwell, an assistant attorney general at the Justice Department, said Tuesday that the department is "very concerned" by the Google's and Apple's decision to automatically encrypt all data on Android and iOS devices.

"We understand the value of encryption and the importance of security," she said. "But we're very concerned they not lead to the creation of what I would call a 'zone of lawlessness,' where there's evidence that we could have lawful access through a court order that we're prohibited from getting because of a company's technological choices.
Censorship

Facebook Censoring Images of the Prophet Muhammad In Turkey 226

Posted by Soulskill
from the a-picture-is-worth-a-thousand-complaints dept.
An anonymous reader writes: Immediately following the Charlie Hebdo attack, Mark Zuckerberg said, "... this is what we all need to reject — a group of extremists trying to silence the voices and opinions of everyone else around the world. I won't let that happen on Facebook. I'm committed to building a service where you can speak freely without fear of violence." Now, Facebook has begun censoring images of the prophet Muhammad in Turkey. According to the Washington post, "It's an illustration, perhaps, of how extremely complicated and nuanced issues of online speech really are. It's also conclusive proof of what many tech critics said of Zuckerberg's free-speech declaration at the time: Sweeping promises are all well and good, but Facebook's record doesn't entirely back it up." To be fair to Zuckerberg and Facebook, the company must obey the law of any country in which it operates. But it stands in stark contrast to the principles espoused by its founder.
Businesses

Comcast Pays Overdue Fees, Offers Freebies For TWC Merger Approval 77

Posted by Soulskill
from the bought-and-paid-for dept.
WheezyJoe writes: In seeking more support for its mega-merger with Time-Warner Cable, Comcast has been going across the country giving local governments a chance to ask for favors in exchange for approving a franchise transfer. In Minneapolis, this turned up an unpaid bill of $40,000 in overdue franchise fees, so Comcast will have to pay the city money it already owed in order to get the franchise transfer. Comcast will also throw in $50,000 worth of free service and equipment.

"Thirty Minneapolis city buildings will get free basic cable for the next seven years as part of a package of concessions (PDF) the city wrung out of Comcast in exchange for blessing its proposed merger with fellow cable giant Time Warner," Minnesota Public Radio reported. The article notes that getting any kind of refund out of a cable company is not easy.

Part of the deal with Minneapolis involves the spinoff of a new cable company called GreatLand Connections that will serve 2.5 million customers in the Midwest and Southeast, including Minnesota. After the deal, Comcast's franchises in those areas would be transferred to GreatLand. Such goodwill concessions may seem impressive as Comcast seeks to foster goodwill, but one wonders how Comcast/Time Warner will behave after the merger.
Wireless Networking

FCC Prohibits Blocking of Personal Wi-Fi Hotspots 126

Posted by Soulskill
from the don't-be-a-jerk-marriott dept.
alphadogg writes: The FCC on Tuesday warned that it will no longer tolerate hotels, convention centers or others intentionally interfering with personal Wi-Fi hotspots. This issue grabbed headlines last fall when Marriott International was fined $600,000 for blocking customer Wi-Fi hotspots, presumably to encourage the guests to pay for pricey Internet access from the hotel.
Communications

FCC Fines Verizon For Failing To Investigate Rural Phone Problems 94

Posted by timothy
from the shrugging-it-off dept.
WheezyJoe writes Verizon agreed to a $5 million settlement after admitting that it failed to investigate whether its rural customers were able to receive long distance and wireless phone calls. The settlement is related to the FCC's efforts to address what is known as the rural call completion problem. Over an eight-month period during 2013, low call answer rates in 39 rural areas should have triggered an investigation, the FCC said. The FCC asked Verizon what steps it took, and Verizon said in April 2014 that it investigated or fixed problems in 13 of the 39 areas, but did nothing in the other 26.

"Rural call completion problems have significant and immediate public interest ramifications," the FCC said in its order on the Verizon settlement today. "They cause rural businesses to lose customers, impede medical professionals from reaching patients in rural areas, cut families off from their relatives, and create the potential for dangerous delays in public safety communications." Verizon has been accused of letting its copper landline network decay while it shifts its focus to fiber and cellular service. The FCC is working a plan to protect customers as old copper networks are retired.
The Almighty Buck

Valve's Economist Yanis Varoufakis Appointed Greece's Finance Minister 323

Posted by timothy
from the finger-on-all-the-buttons dept.
eldavojohn writes A turnover in the Greek government resulted from recent snap elections placing SYRIZA (Coalition of the Radical Left) in power — just shy of an outright majority by two seats. Atheist, and youngest Prime Minister in Greek history since 1865, Alexis Tsipras has been appointed the new prime minister and begun taking immediate drastic steps against the recent austerity laws put in place by prior administrations. One such step has been to appoint Valve's economist Yanis Varoufakis to position of Finance Minister of Greece. For the past three years Varoufakis has been working at Steam to analyze and improve the Steam Market but now has the opportunity to improve one of the most troubled economies in the world.
Earth

"Mammoth Snow Storm" Underwhelms 394

Posted by timothy
from the blame-uber dept.
mi (197448) writes You heard the scare-mongering, you heard the governors and mayors closing public transit and declaring driving on public roads a crime. But it turned out to have been a mistake. Boston may have been hit somewhat, but further South — NYC and Philadelphia — the snowfall was rather underwhelming. Promised "2-3 feet" of snow, NYC got only a few inches. Is this an example of "better safe than sorry," or is government's overreach justified by questionable weather models exceeding the threshold of an honest mistake?
United States

White House Drone Incident Exposes Key Security Gap 234

Posted by timothy
from the if-you-can-breathe-there's-a-security-gap dept.
HughPickens.com writes The Washington Post reports that the intrusion by a recreational drone onto the White House lawn has exposed a security gap at the compound that the Secret Service has spent years studying but has so far been unable to fix. Commercial technology is available that can use a combination of sensitive radar and acoustic trackers to detect small drones, though coming up with an effective way to stop them has been more elusive. "To do something about the problem, you have to find it, you have to track it, you have to identify it and you have to decide what to do with it," says Frederick F. Roggero. "But especially in an urban environment, it would be tough to detect and tough to defeat kinetically without shooting it down and causing collateral damage." Most recreational drones, like the one that crashed Monday, weigh only a few pounds and lack the power to do much harm. Larger models that can carry payloads of up to 30 pounds are available on the market and are expected to become more common. The FAA imposes strict safety regulations on drones flown by government agencies or anyone who operates them for commercial purposes. In contrast, hardly any rules apply to people who fly drones as a hobby, other than FAA guidelines that advise them to keep the aircraft below 400 feet and five miles from an airport. "With the discovery of an unauthorized drone on the White House lawn, the eagle has crash-landed in Washington," says Senator Charles Schumer. "There is no stronger sign that clear FAA guidelines for drones are needed."
United States

Researchers Tie Regin Malware To NSA, Five Eyes Intel Agencies 94

Posted by timothy
from the which-wolves-and-which-sheep dept.
Trailrunner7 writes Researchers at Kaspersky Lab have discovered shared code and functionality between the Regin malware platform and a similar platform described in a newly disclosed set of Edward Snowden documents 10 days ago by Germany's Der Spiegel. The link, found in a keylogger called QWERTY allegedly used by the so-called Five Eyes, leads them to conclude that the developers of each platform are either the same, or work closely together. "Considering the extreme complexity of the Regin platform and little chance that it can be duplicated by somebody without having access to its source codes, we conclude the QWERTY malware developers and the Regin developers are the same or working together," wrote Kaspersky Lab researchers Costin Raiu and Igor Soumenkov today in a published report. (Here is the Spiegel article.)
Privacy

DEA Cameras Tracking Hundreds of Millions of Car Journeys Across the US 152

Posted by Soulskill
from the you-can-trust-us dept.
itwbennett writes: A U.S. Drug Enforcement Administration program set up in 2008 to keep tabs on cars close to the U.S.-Mexican border has been gradually expanded nationwide and is regularly used by other law enforcement agencies in their hunt for suspects. The extent of the system, which is said to contain hundreds of millions of records on motorists and their journeys, was disclosed in documents obtained by the American Civil Liberties Union as part of a Freedom of Information Act request.
Electronic Frontier Foundation

EFF Unveils Plan For Ending Mass Surveillance 279

Posted by Soulskill
from the hopeful-but-doubtful dept.
An anonymous reader writes: The Electronic Frontier Foundation has published a detailed, global strategy for ridding ourselves of mass surveillance. They stress that this must be an international effort — while citizens of many countries can vote against politicians who support surveillance, there are also many countries where the citizens have to resort to other methods. The central part of the EFF's plan is: encryption, encryption, encryption. They say we need to build new secure communications tools, pressure existing tech companies to make their products secure against everyone, and get ordinary internet-goers to recognize that encryption is a fundamental part of communication in the surveillance age.

They also advocate fighting for transparency and against overreach on a national level. "[T]he more people worldwide understand the threat and the more they understand how to protect themselves—and just as importantly, what they should expect in the way of support from companies and governments—the more we can agitate for the changes we need online to fend off the dragnet collection of data." The EFF references a document created to apply the principles of human rights to communications surveillance, which they say are "our way of making sure that the global norm for human rights in the context of communication surveillance isn't the warped viewpoint of NSA and its four closest allies, but that of 50 years of human rights standards showing mass surveillance to be unnecessary and disproportionate."