realized - Slashdot User

Submission + - Hundreds of Police Agencies distributing spyware and keystroke logger

Submitted by realized on Wednesday October 01, 2014 @09:44AM

realized writes: For years, local law enforcement agencies around the country have told parents that installing ComputerCOP software is the “first step” in protecting their children online.

As official as it looks,ComputerCOP is actually just spyware, generally bought in bulk from a New York company that appears to do nothing but market this software to local government agencies.

The way ComputerCOP works is neither safe nor secure. It isn’t particularly effective either, except for generating positive PR for the law enforcement agencies distributing it. As security software goes, we observed a product with a keystroke-capturing function, also called a “keylogger,” that could place a family’s personal information at extreme risk by transmitting what a user types over the Internet to third-party servers without encryption.

EFF conducted a security review of ComputerCOP while also following the paper trail of public records to see how widely the software has spread. Based on ComputerCOP’s own marketing information, we identified approximately 245 agencies in more than 35 states, plus the U.S. Marshals, that have used public funds (often the proceeds from property seized during criminal investigations) to purchase and distribute ComputerCOP. One sheriff’s department even bought a copy for every family in its county.

Some of the agencies that have used it include U.S. Marshals — Under Director John Clark, Los Angeles County District Attorney's Office gave out the program for "free" to 6,700 foster parents, Riverside County District Attorney's Office, San Diego County District Attorney's Office, Palm Beach County Sheriff's Office,

Complete list of agencies that use the software compiled by the eff click here

Submission + - Use of Encryption Foiled the Cops a Record 9 Times in 2013

Submitted by realized on Thursday July 03, 2014 @12:35PM

realized writes: In nine cases in 2013, state police were unable to break the encryption used by criminal suspects they were investigating, according to an annual report on law enforcement eavesdropping released by the U.S. court system on Wednesday. That’s more than twice as many cases as in 2012, when police said that they’d been stymied by crypto in four cases—and that was the first year they’d ever reported encryption preventing them from successfully surveilling a criminal suspect. Before then, the number stood at zero.

Submission + - Yale University Scientists successfully grow full head of hair on bald man

Submitted by realized on Friday June 20, 2014 @01:08PM

realized writes: The patient had previously been diagnosed with both alopecia universalis, a disease that results in loss of all body hair, and plaque psoriasis, a condition characterized by scaly red areas of skin. The only hair on his body was within the psoriasis plaques on his head. He was referred to Yale Dermatology for treatment of the psoriasis. The alopecia universalis had never been treated.

After two months on tofacitinib at 10 mg daily, the patient’s psoriasis showed some improvement, and the man had grown scalp and facial hair — the first hair he’d grown there in seven years. After three more months of therapy at 15 mg daily, the patient had completely regrown scalp hair and also had clearly visible eyebrows, eyelashes, and facial hair, as well as armpit and other hair, the doctors said.

Submission + - NSA's "QUANTUM" hack's IRC and HTTP-based criminal botnets.

Submitted by realized on Thursday March 13, 2014 @04:25PM

realized writes: From the article:

“Today QUANTUM packs a suite of attack tools, including both DNS injection (upgrading the man-on-the-side to a man-in-the-middle, allowing bogus certificates and similar routines to break SSL) and HTTP injection. That reasonable enough. But it also includes gadgets like a plug-in to inject into MySQL connections, allowing the NSA to quietly mess with the contents of a third-party’s database. (This also surprisingly suggests that unencrypted MySQL on the internet is common enough to attract NSA attention.)”

Submission + - Obama: Sprint overcharged the goverment 21 Million for wiretapping expenses (wired.com)

Submitted by realized on Monday March 03, 2014 @05:32PM

realized writes: Sprint, like all the nation’s carriers, must comply with the Communications Assistance in Law Enforcement Act of 1994, which requires telcos to be capable of providing government-ordered wiretapping services. The act also allows carriers to recoup “reasonable expenses” associated with those services.

Sprint inflated charges approximately 58 percent between 2007 and 2010, according to a lawsuit the administration brought against the carrier today.

“As alleged, Sprint over billed law enforcement agencies for carrying out court-ordered intercepts, causing a significant loss to the government’s limited resources,” said San Francisco U.S. Attorney Melinda Haag.

Submission + - Experian sold social security numbers to ID Theft Service

Submitted by realized on Monday October 21, 2013 @10:28AM

realized writes: Experian — one of the three national US credit bureaus — reportedly sold SSNs through its subsidiary, Court Ventures, to the operators of SuperGet.info who then offered all of the information online for a price. The website would advertise having "99% to 100% of all USA" in their database on websites frequented by carders.

Hieu Minh Ngo, the website owner, has recently been charged with 15-count indictment filed under seal in November 2012, charging him with conspiracy to commit wire fraud, substantive wire fraud, conspiracy to commit identity fraud, substantive identity fraud, aggravated identity theft, conspiracy to commit access device fraud, and substantive access device fraud.

Comment sorry guys, should say 2 BILLION not MILLION (Score 1) 1

by realized on Thursday October 17, 2013 @01:47PM (#45155721) Attached to: Obama: thank you Mitch McConnell - here is $2million for your hometown DAM

sorry guys, should say 2 BILLION not MILLION

Submission + - 35,000 vbulletin sites have already been hacked via exploit released last week

Submitted by realized on Tuesday October 15, 2013 @12:00PM

realized writes: Last week slashdot covered the Dangerous VBulletin Exploit In the Wild. Apparently hackers have been busy since then because according to security firm Imperva, more than 35,000 sites were recently hacked via this vulnerability. The sad part about this is that it could have all been avoided if the administrator of the websites just removed the “/install” and/or “/core/install” folders – something that you would think the installer should do on its own.

Submission + - Irish government close Apple's tax loophole (ibtimes.co.uk)

Submitted by DavidGilbert99 on Tuesday October 15, 2013 @10:22AM

DavidGilbert99 writes: Ireland and particularly its tax system came under some extreme scrutiny earlier this year when it was revealed that Apple funnelled billions of dollars of revenue though three subsidiaries based on the island. Thanks to a loophole none of these subsidiaries were tax-resident in Ireland, meaning they didn't even have to pay Ireland's relatively low 12.5% corporation tax rate. Worryingly for Apple, Ireland's finance minister has just shut this loophole.

Submission + - Lavabit Briefly Allowing Users To Recover Their Data (itworld.com)

Submitted by itwbennett on Tuesday October 15, 2013 @10:00AM

itwbennett writes: Former users of the Lavabit encrypted email service that was shut down in August have 72 hours (starting yesterday at 7 p.m. U.S. Central Time) to change their passwords and start recovering their data. 'Following the 72 hour period, Thursday, October 17th, the website will then allow users to access email archives and their personal account data so that it may be preserved by the user,' said Lavabit's founder and owner Ladar Levison.

Submission + - British Police Foil Kenyan Mall Massacre Copycat Plot (washingtonpost.com)

Submitted by Anonymous Coward on Tuesday October 15, 2013 @09:41AM

An anonymous reader writes: The Washington Post reports, "British law enforcement agencies averted a plot to orchestrate a large-scale terror attack similar to the assault on Kenya’s Westgate mall, an official said Monday. Police were questioning four men in their 20s on suspicion of terrorism after they were detained Sunday in pre-planned, intelligence-led raids. A British security official said the men were planning a shooting spree akin to the Westgate attack in Nairobi, in which at least 67 people died. ... in a series of statements, the force said the men were all British nationals between the ages of 25 and 29, with roots in Turkey, Pakistan, Algeria and Azerbaijan. ... the London police firearms unit took part in the arrests. British police rarely carry weapons and their involvement suggested concern that men might have been armed." — The Sydney Morning Herald has video. Prime Minister Cameron recently expressed concern regarding such a possibility.

Submission + - Obamacare's Healthcare.gov hidden terms says user has absolutely no privacy (weeklystandard.com)

Submitted by realized on Tuesday October 15, 2013 @02:51AM

realized writes: The ObamaCare website, Healthcare.gov has a hidden terms of service that is not shown to people when the sign up. The hidden terms, only viewable if you “view source” on the site says that the user has “no reasonable expectation of privacy regarding any communication or data transiting or stored on this information system”. Sadly, the $634 million dollar website still does not work for most people so its hard to confirm – though when its fixed in 2 months, we should finally be able to see it.

Comment MSU study finds that drinking mineralized water... (Score 1) 3

by realized on Monday July 09, 2012 @04:09PM (#40596399) Attached to: Ask Slashdot: Alkaline water – the real deal or snake oil?

still this doesn't say anything helpful =( http://www.montana.edu/cpa/news/nwview.php?article=10053

Comment Re:Available Now! (Score 1) 377

by realized on Tuesday February 28, 2012 @04:58PM (#39190083) Attached to: US Wants Natural Gas As Major Auto Fuel Option

the honda civic CNG is a bit pricey compared to a normal civic and still more expensive then a hybrid (which gets like double the miles) - on normal gas, so you dont have to worry about finding a fueling station on long trips etc.

Submission + - Facebook Has 25 People Dedicated to Handling Gov Info Requests (forbes.com)

Submitted by nonprofiteer on Friday February 24, 2012 @01:32PM

nonprofiteer writes: A profile of Facebook's CSO reveals that his 70-person security team includes 25 people dedicated solely to handling information requests from law enforcement. They get thousands of calls and e-mails from authorities each week, though Facebook requires police to get a warrant for anything beyond a subscriber's name, email and IP address. CSO Joe Sullivan says that some gov agency tried to push Facebook to start collecting more information about their users for the benefit of authorities:

"Recently a government agency wanted us to start logging information we don’t log. We told them we wouldn’t start logging that piece of data because we don’t need it to provide a good product. We talked to our general counsel. The law is not black-and-white. That agency thinks they can compel us to. We told them to go to court. They haven’t done that yet.”

Slashdot Top Deals