Forgot your password?
typodupeerror

Please create an account to participate in the Slashdot moderation system

Government

52 Million Photos In FBI's Face Recognition Database By Next Year 108

Posted by Soulskill
from the you-can-trust-us dept.
Advocatus Diaboli writes "The EFF has been investigating the FBI's Next-Generation Identification (NGI) scheme, an enormous database of biometric information. It's based on the agency's fingerprint database, which already has 100 million records. But according to the documents EFF dug up, the NGI database will include 52 million images of people's faces by 2015. At least 4.3 million images will have been taken outside any sort of criminal context. 'Currently, if you apply for any type of job that requires fingerprinting or a background check, your prints are sent to and stored by the FBI in its civil print database. However, the FBI has never before collected a photograph along with those prints. This is changing with NGI. Now an employer could require you to provide a 'mug shot' photo along with your fingerprints. If that's the case, then the FBI will store both your face print and your fingerprints along with your biographic data.'"
Databases

Ask Slashdot: Which NoSQL Database For New Project? 272

Posted by Soulskill
from the mo-sql-mo-problems dept.
DorianGre writes: "I'm working on a new independent project. It involves iPhones and Android phones talking to PHP (Symfony) or Ruby/Rails. Each incoming call will be a data element POST, and I would like to simply write that into the database for later use. I'll need to be able to pull by date or by a number of key fields, as well as do trend reporting over time on the totals of a few fields. I would like to start with a NoSQL solution for scaling, and ideally it would be dead simple if possible. I've been looking at MongoDB, Couchbase, Cassandra/Hadoop and others. What do you recommend? What problems have you run into with the ones you've tried?"
Book Reviews

Book Review: Mobile HTML5 37

Posted by samzenpus
from the read-all-about-it dept.
Michael Ross (599789) writes "Web designers and developers nowadays are familiar with the critical decision they face each time before building an application intended for mobile devices: whether to target a particular device operating system (e.g., iOS) and create the app using the language dictated by the OS (e.g., Objective-C), or try to build an operating system-agnostic app that runs on any device equipped with a modern web browser (primarily using HTML5, CSS3, and JavaScript), or try to do a combination of both (using a library such as PhoneGap). The second option offers many advantages, and is the approach explored in the book Mobile HTML5, authored by Estelle Weyl, an experienced front-end developer." Keep reading for the rest of Michael's review.
Encryption

NYU Group Says Its Scheme Makes Cracking Individual Passwords Impossible 277

Posted by timothy
from the impossible-is-difficult dept.
An anonymous reader writes "Researchers at New York University have devised a new scheme called PolyPassHash for storing password hash data so that passwords cannot be individually cracked by an attacker. Instead of a password hash being stored directly in the database, the information is used to encode a share in a Shamir Secret Store (technical details PDF). This means that a password cannot be validated without recovering a threshold of shares, thus an attacker must crack groups of passwords together. The solution is fast, easy to implement (with C and Python implementations available), requires no changes to clients, and makes a huge difference in practice. To put the security difference into perspective, three random 6 character passwords that are stored using standard salted secure hashes can be cracked by a laptop in an hour. With a PolyPassHash store, it would take every computer on the planet longer to crack these passwords than the universe is estimated to exist. With this new technique, HoneyWords, and hardware solutions all available, does an organization have any excuse if their password database is disclosed and user passwords are cracked?."
Medicine

Daylight Saving Time Linked To Heart Attacks 240

Posted by samzenpus
from the sleep-or-die dept.
jones_supa (887896) writes "Switching over to daylight saving time, and hence losing one hour of sleep, raised the risk of having a heart attack the following Monday by 25 percent, compared to other Mondays during the year, according to a new U.S. study released on Saturday. By contrast, heart attack risk fell 21 percent later in the year, on the Tuesday after the clock was returned to standard time, and people got the extra hour of sleep. The not-so-subtle impact of moving the clock forward and backward was seen in a comparison of hospital admissions from a database of non-federal Michigan hospitals. It examined admissions before the start of daylight saving time and the Monday immediately after, for four consecutive years. Researchers cited limitations to the study, noting it was restricted to one state and heart attacks that required artery-opening procedures, such as stents."
Government

GCHQ and NSA Targeted World Leaders, Private German Companies 145

Posted by Soulskill
from the caught-with-your-hand-in-the-cookie-jar dept.
Advocatus Diaboli sends this news from Der Spiegel: "Documents show that Britain's GCHQ intelligence service infiltrated German Internet firms and America's NSA obtained a court order to spy on Germany and collected information about the chancellor in a special database. Is it time for the country to open a formal espionage investigation? ... A secret NSA document dealing with high-ranking targets has provided further indications that Merkel was a target. The document is a presentation from the NSA's Center for Content Extraction, whose multiple tasks include the automated analysis of all types of text data. The lists appear to contain 122 country leaders. Twelve names are listed as an example, including Merkel's."
Crime

TSA Missed Boston Bomber Because His Name Was Misspelled In a Database 275

Posted by Soulskill
from the let's-blame-technology dept.
schwit1 sends this news from The Verge: "Tamerlan Tsarnaev, the primary conspirator in the Boston Marathon bombing that killed three people, slipped through airport security because his name was misspelled in a database, according to a new Congressional report. The Russian intelligence agency warned U.S. authorities twice that Tsarnaev was a radical Islamist and potentially dangerous. As a result, Tsarnaev was entered into two U.S. government databases: the Terrorist Identities Datamart Environment and the Treasury Enforcement Communications System (TECS), an interagency border inspection database.

A special note was added to TECS in October of 2011 requiring a mandatory search and detention of Tsarnaev if he left the country. 'Detain isolated and immediately call the lookout duty officer,' the note reportedly said. 'Call is mandatory whether or not the officer believes there is an exact match.' 'Detain isolated and immediately call the lookout duty officer.' Unfortunately, Tsarnaev's name was not an exact match: it was misspelled by one letter. Whoever entered it in the database spelled it as 'Tsarnayev.' When Tsarnaev flew to Russia in January of 2012 on his way to terrorist training, the system was alerted but the mandatory detention was not triggered. Because officers did not realize Tsarnaev was a high-priority target, he was allowed to travel without questioning."
Transportation

French, Chinese Satellite Images May Show Malaysian Jet Debris 103

Posted by timothy
from the lot-of-ocean-out-there dept.
Bloomberg News reports that "French satellite scans provided fresh indications of objects adrift in part of the Indian Ocean that's being scoured for the missing Malaysian airliner, backing up Chinese evidence as more planes and ships join the hunt. ... The developments rekindled prospects for a breakthrough in the mystery of Malaysian Air (MAS) Flight 370 after radar and visual scans failed to find objects spotted in earlier images taken from space. Searchers, bolstered by a growing fleet of international vessels, also want to locate a wooden pallet seen from the air to check if it could have come from the jet's hold." And if you have your own database of recent photos to trawl through, the article says "The Chinese photo, taken March 18, is focused 90 degrees east and almost 45 degrees south, versus almost 91 degrees east and 44 degrees south for similar items on a March 16 satellite image, putting the object 120 kilometers southwest of that sighting."
The Military

Navy Database Tracks Civilians' Parking Tickets, Fender-Benders 96

Posted by timothy
from the great-now-you're-on-the-paranoid-list dept.
schwit1 (797399) writes with this excerpt from the Washington Examiner: "A parking ticket, traffic citation or involvement in a minor fender-bender are enough to get a person's name and other personal information logged into a massive, obscure federal database run by the U.S. military. The Law Enforcement Information Exchange, or LinX, has already amassed 506.3 million law enforcement records ranging from criminal histories and arrest reports to field information cards filled out by cops on the beat even when no crime has occurred."
IT

Inside NSA's Efforts To Hunt Sysadmins 147

Posted by Soulskill
from the most-sedentary-sport dept.
An anonymous reader writes "The Snowden revelations continue, with The Intercept releasing an NSA document titled 'I hunt sys admins' (PDF on Cryptome). The document details NSA plans to break into systems administrators' computers in order to gain access to the networks they control. The Intercept has a detailed analysis of the leaked document. Quoting: 'The classified posts reveal how the NSA official aspired to create a database that would function as an international hit list of sys admins to potentially target. Yet the document makes clear that the admins are not suspected of any criminal activity – they are targeted only because they control access to networks the agency wants to infiltrate. "Who better to target than the person that already has the ‘keys to the kingdom’?" one of the posts says.'"
Stats

Working with Real-Time Analytics as a Service (Video) 15

Posted by Roblimo
from the knowledge-you-might-need-someday-even-if-you-don't-need-it-now dept.
This is wide-ranging interview with Dev Patel and Poulomi Damany of BitYota, an Analytics as a Service startup that works specifically with MongoDB. Open Source? Not yet. But hopefully soon, they say. And why should an IT person or programmer care about marketing-oriented analytics? Because the more you know about functions in your company besides IT (such as finance, investor relations, and -- yes -- marketing), the more valuable you are as an employee. Dev also mentions the two main things he looks for when recruiting for BitYota: "One is intellect, and the other is attitude." He points out that this is not true merely of BitYota, but of any strong startup. This is all good information for any job-seeker hoping to land a spot with a startup -- and for anyone who is happy with where he or she works but hopes to earn promotions and raises, too.
Security

Kaspersky: Mt. Gox Data Archive Contains Bitcoin-Stealing Malware 169

Posted by Unknown Lamer
from the trusting-random-zip-files-considered-harmful dept.
itwbennett writes "An archive containing transaction records from Mt. Gox that was released on the Internet last week also contains bitcoin-stealing malware for Windows and Mac, say researchers at Kaspersky Lab who have analyzed the 620MB file called MtGox2014Leak.zip. The files masquerade as Windows and Mac versions of a custom, back-office application for accessing the transaction database of Mt. Gox. However, they are actually malware programs designed to search and steal Bitcoin wallet files from computers, Kaspersky security researcher Sergey Lozhkin said Friday in a blog post."
United States

A Look at the NSA's Most Powerful Internet Attack Tool 154

Posted by samzenpus
from the big-gun dept.
realized writes in with a closer look at the NSA's QUANTUM system. "Today QUANTUM packs a suite of attack tools, including both DNS injection (upgrading the man-on-the-side to a man-in-the-middle, allowing bogus certificates and similar routines to break SSL) and HTTP injection. That reasonable enough. But it also includes gadgets like a plug-in to inject into MySQL connections, allowing the NSA to quietly mess with the contents of a third-party's database. (This also surprisingly suggests that unencrypted MySQL on the internet is common enough to attract NSA attention.) And it allows the NSA to hijack both IRC and HTTP-based criminal botnets, and also includes routines which use packet-injection to create phantom servers, and even attempting (poorly) to use this for defense."
Education

Is the New "Common Core SAT" Bill Gates' Doing? 273

Posted by timothy
from the secret-machinations dept.
theodp writes "'I want to explain why Common Core is among the most important education ideas in years,' wrote Bill Gates in a USA Today op-ed last month that challenged the "dangerous misconceptions" of those who oppose the initiative (pretty confident for a guy who conceded there wasn't much to show for his earlier $5B education reform effort!). 'The Gates Foundation helped fund this process,' acknowledged Gates in quite an understatement of his influence. Receiving $6.5M in Gates Grants was Student Achievement Partners, whose founder David Coleman was dubbed the 'Architect of the Common Core.' So it's not too surprising that at last week's SXSWedu, Coleman — now President and CEO of The College Board (no stranger to Gates money itself) — announced a dramatic overhaul of the SAT that includes a new emphasis on evidence-based reading and writing and evidence analysis, which the AJC's Maureen Downey calls 'reflective of the approach of the Common Core State Standards.'" (Read more, below.)
Transportation

Vast Surveillance Network Powered By Repo Men 352

Posted by Soulskill
from the crowdsourced-eyes-and-ears dept.
v3rgEz writes "Even as some police departments curtail their use of license plate scanning technology over privacy concerns, private companies have been amassing a much larger, almost completely unregulated database that pulls in billions of scans a year, marking the exact time and location of millions of vehicles across America. The database, which is often offered to law enforcement for free, is collected by repo and towing companies eager to tap easy revenue, while the database companies then resell that data, often for as little as $25 for a plate's complete recorded history."
Security

Paraguayan ccTLD Hacked, Google.com.py Redirected, Internal Database Leaked 44

Posted by Unknown Lamer
from the security-audits-who-needs-em dept.
MrJones writes "Last February 20th, hackers supposedly from Iran accessed and modified (English) the www.NIC.py database, redirecting www.google.com.py to another site. The hackers posted the whole NIC.py database containing full names, national ID numbers, street addresses, phone numbers, and more of registrants. This is not the first time (English) that NIC.py, managed by the 2 most respectful Computer Science Universities of Paraguay, was hacked. Since the entire database was released, local white hat hackers were able to calculate how much money NIC.py was making annually (English) by charging $44 US per .py domain. The local CS community are urging the NIC.py administrators to do all whats possible to protect the .py domain names since the hack was done by exploiting a simple remote code execution vulnerability. If they can modify google.com.py, just imagine what they can do to banks and financial institutions. Maybe Google can helps us."
United States

ICE License-Plate Tracking Plan Withdrawn Amid Outcry About Privacy 152

Posted by samzenpus
from the on-second-thought dept.
An anonymous reader writes "Homeland security officials on Wednesday abruptly shelved a proposal to build a national database of license-plate scans after criticism from privacy advocates. The proposal, which had been posted online last week by the office of Immigration and Customs Enforcement, sought a contractor who could establish a searchable database of license plates, with the times and locations where they were spotted by traffic cameras and other sources. But in a statement late Wednesday, the department announced a reversal. 'The solicitation, which was posted without the awareness of ICE leadership, has been canceled,' said spokeswoman Gillian Christensen. 'While we continue to support a range of technologies to help meet our law enforcement mission, this solicitation will be reviewed to ensure the path forward appropriately meets our operational needs.'"
Programming

Can Reactive Programming Handle Complexity? 149

Posted by Soulskill
from the 8,000-nested-if-statements dept.
Nerval's Lobster writes "A recent article on Reactive Programming, which suggested that five lines of Reactive could solve a problem that required 500 lines using Java or 200 lines using triggers, led many readers to question (passionately) whether Reactive enables you to address not just typical problems, but complex ones as well. In a follow-up column, Espresso Logic CTO Val Huber argues that, while it certainly can't solve all use cases, Reactive Programming is very capable of addressing many complex problems, and can address all other scenarios via a transparent integration with procedural languages. He shows how Reactive can handle complexity using two different scenarios: a classically complicated database application (a bill of materials price rollup) and procedural integration (to address external systems such as email and transactions not limited by a database update). Take a look at his work; do you agree?"
Space

Online Database Allows Scientists To Recreate Early Telescopes 52

Posted by samzenpus
from the back-in-the-day dept.
sciencehabit writes "When Galileo Galilei shook up the scientific community with evidence of a heliocentric world, he had a little tube fitted with two pieces of glass to thank. But just how this gadget evolved in the nascent days of astronomy is poorly known. That uncertainty has inspired a group of researchers to compile the most extensive database of early refracting telescopes to date. Now, the scientists plan to use modern optics to recreate what Galileo — and the naysaying observers of his time — experienced when they first peered through these tubes at the rings of Saturn, the moons of Jupiter, and the phases of Venus."

Someone is unenthusiastic about your work.

Working...