Catch up on stories from the past week (and beyond) at the Slashdot story archive
hessian writes in with a story about the arbitrary and often outdated online decency standards being imposed by companies."A bastion of openness and counterculture, Silicon Valley imagines itself as the un-Chick-fil-A. But its hyper-tolerant facade often masks deeply conservative, outdated norms that digital culture discreetly imposes on billions of technology users worldwide. What is the vehicle for this new prudishness? Dour, one-dimensional algorithms, the mathematical constructs that automatically determine the limits of what is culturally acceptable. Consider just a few recent kerfuffles. In early September, The New Yorker found its Facebook page blocked for violating the site’s nudity and sex standards. Its offense: a cartoon of Adam and Eve in the Garden of Eden. Eve’s bared nipples failed Facebook’s decency test."
symbolset writes "As reported on The Verge, many people are experiencing freezing, rebooting and battery problems on their new Windows Phone 8 devices. This WP8Central thread shows many of the issues. Affected devices include Lumia 920 and HTC 8X." Every phone and every OS has its problems, and happy users probably aren't as vocal; it would be good to know how Windows Phone users who are also iOS and Android users compare them for reliability.
Freddybear writes "If your computer has been cracked and subverted for use by a botnet or other remote-access attack, is it legal for you to hack back into the system from which the attack originated? Over the last couple of years three legal scholars and bloggers have debated the question on The Volokh Conspiracy weblog. The linked webpage collects that debate into a coherent document. 'The debaters are:
- Stewart Baker, a former official at the National Security Agency and the Department of Homeland Security, a partner at Steptoe & Johnson with a large cybersecurity practice. Stewart Baker makes the policy case for counterhacking and challenges the traditional view of what remedies are authorized by the language of the CFAA.
- Orin Kerr, Fred C. Stevenson Research Professor of Law at George Washington School of Law, a former computer crimes prosecutor, and one of the most respected computer crime scholars. Orin Kerr defends the traditional view of the Act against both Stewart Baker and Eugene Volokh.
- Eugene Volokh, Gary T. Schwartz Professor of Law at UCLA School of Law, founder of the Volokh Conspiracy, and a sophisticated technology lawyer, presents a challenge grounded in common law understandings of trespass and tort.'"
An anonymous reader writes "Windows 8 may block most malware out of the box, but there is still malware out there that thwarts Microsoft's latest and greatest. A new Trojan variant, detected as Backdoor.Makadocs and spread via RTF and Microsoft Word document marked as Trojan.Dropper, has been discovered that not only adds a clause to target Windows 8 and Windows Server 2012, but also uses Google Docs as a proxy server to phone home to its Command & Control (C&C) server."
An anonymous reader writes "On Thursday, Anonymous reported that it took down close to 40 Israeli government and security establishment websites, although the single website that they presented as having been attacked belonged to a security and cleaning services company. The report came after Likud MK Danny Danon announced earlier in the week that his website had been taken down by a group calling itself TeaM KuWaiT HaCkErS. Danon's website had been hosting an online petition calling for the Israeli government to cut off the supply of electricity going from Israel to Gaza. " A report at Russia Today puts the number at "hundreds" of sites, instead.
An anonymous reader writes "Following recent compromises of the Linux kernel.org and Sourceforge, the FreeBSD Project is now reporting that several machines have been broken into. After a brief outage, ftp.FreeBSD.org and other services appear to be back. The project announcement states that some deprecated services (e.g., cvsup) may be removed rather than restored. Users are advised to check for packages downloaded between certain dates and replace them, although not because known trojans have been found, but rather because the project has not yet been able to confirm that they could not exist. Apparently initial access was via a stolen SSH key, but fortunately the project's clusters were partitioned so that the effects were limited. The announcement contains more detailed information — and we are left wondering, would proprietary companies that get broken into so forthcoming? Should they be?"
McGruber writes "The Associated Press is reporting that the U.S. Justice Department is suing eBay for allegedly agreeing with Intuit not to hire each other's employees. According to the article, 'eBay's agreement with Intuit hurt employees by lowering the salaries and benefits they might have received and deprived them of better job opportunities at the other company,' said acting Assistant Attorney General Joseph Wayland, who is in charge of the Justice Department's antitrust division. The division 'has consistently taken the position that these kinds of agreements are per se (on their face) unlawful under antitrust laws.'"
MojoKid writes "iOS 6, by all appearances, has a streaming problem. This is separate from the network issues that led Verizon to state that it wouldn't bill people for overages that were caused by spotty Wi-Fi connectivity. The issue has been detailed at PRX.org with information on how the team saw a huge spike in bandwidth usage after the release of iOS 6, and then carefully tested the behavior of devices and its own app to narrow the possible cause. In one case, the playback of a single 30MB episode caused the transfer of over 100MB of data. It is believed that the issue was solved with the release of iOS 6.0.1, but anecdotal evidence from readers points to continued incidents of high data usage, even after updating. If you own an iPhone 5 or upgraded to iOS 6 on an older device, it is strongly recommend to check your usage over the past two months, update to iOS 6.0.1, and plan for a lengthy discussion with your carrier if it turns out your data use went through the roof."
Hugh Pickens writes "For years lawmakers had heard warnings about holes in corporate and government systems that imperil U.S. economic and national security. Now Ward Carroll writes that in the face of what most experts label as a potential 'Cyber Pearl Harbor' threat, Republicans have stalled the Cybersecurity Act of 2012 with a Senate vote of 51–47 against the legislation. This drew a quick response from the staff of Secretary of Defense Leon Panetta: 'The U.S. defense strategy calls for greater investments in cybersecurity measures, and we will continue to explore ways to defend the nation against cyber threats,' says DoD spokesman George Little. 'If the Congress neglects to address this security problem urgently, the consequences could be devastating.' Many Senate Republicans took their cues from the U.S. Chamber of Commerce and businesses that framed the debate not as a matter of national security, but rather as a battle between free enterprise and an overreaching government. They wanted to let companies determine whether it would be more cost effective — absent liability laws around cyber attacks — to invest in the hardware, software, and manpower required to effectively prevent cyber attacks, or to simply weather attacks and fix what breaks afterwards. 'Until someone can argue both the national security and the economic parts of it, you're going to have these dividing forces,' says Melissa Hathaway, a White House cyber official in the Bush and Obama administrations. 'Most likely, big industry is going to win because at the end of the day our economy is still in trouble.'"
Dupple writes in with a story about the uncertain future of a proposed bio lab in the heart of cattle country. "Plans to build one of the world's most secure laboratories in the heart of rural America have run into difficulties. The National Bio and Agro defense facility (NBAF) would be the first US lab able to research diseases like foot and mouth in large animals. But reviews have raised worries about virus escapes in the middle of cattle country. For over fifty years the United States has carried out research on dangerous animal diseases at Plum Island, just off the coast of New York. However after 9/11 the Department of Homeland Security raised concerns about the suitability of the location and its vulnerability to terrorist attack."
OverTheGeicoE writes "The Homeland Security Subcommittee on Transportation Security held a hearing on TSA's recent decision to move X-ray body scanners from major airports to smaller ones, which the subcommittee refers to as a 'Scanner Shuffle.' John Sanders, TSA's assistant administrator for security capabilities, testified that 91 scanners recently removed from major airports were now in storage due to 'privacy concerns.' Although TSA originally planned to relocate the scanners to smaller airports, those plans have been shelved because smaller airports don't have room for them. The subcommitteee is also investigating allegations that the machines' manufacturer, Rapiscan, 'may have falsified tests of software intended to stop the machines from recording graphic images of travelers' (VIDEO). Coincidentally, shares of Rapiscan's parent company, OSI Systems Inc., dropped in value almost 25% today, its biggest intraday decline in about 12 years. If wrongdoing is proven, Rapiscan could face fines, prison terms and a ban on government contracting, according to a former head of federal procurement."
pev writes "After losing another laptop containing personal information, NASA wants to have all of its laptops encrypted within a month's time with an intermediate ban on laptops containing sensitive information leaving its facilities. Between April 2009 and April 2011 it lost or had stolen 48 'mobile computing devices.' I wonder how long it will be before other large organizations start following suit as a sensible precaution?"
jfruh writes "Nationwide pizza chain Papa John's is finding itself on the receiving end of a $250 million text spam lawsuit. From the article: 'Seattle law firm Heyrich Kalish McGuigan, representing three Papa John's customers, alleged that the pizza delivery service has sent 500,000 unwanted text messages to customers. If the court finds that Papa John's violated the U.S. Telephone Consumer Protection Act, the pizza maker could have to pay damages of $500 per text message, or US$250 million, one of the largest damage awards under the 1991 law, the law firm said. "Many customers complained to Papa John's that they wanted the text messages to stop, and yet thousands of spam text messages were sent week after week," Donald Heyrich, attorney for the plaintiffs said in a statement. "This should be a wake-up call to advertisers. Consumers do not want spam on their cell phones."'
angry tapir writes "The U.S. Air Force has decided to scrap a major ERP (enterprise resource planning) software project after spending $1 billion, concluding that finishing it would cost far too much more money for too little gain. Dubbed the Expeditionary Combat Support System (ECSS), the project has racked up $1.03 billion in costs since 2005, 'and has not yielded any significant military capability,' an Air Force spokesman said in a statement. 'We estimate it would require an additional $1.1B for about a quarter of the original scope to continue and fielding would not be until 2020. The Air Force has concluded the ECSS program is no longer a viable option for meeting the FY17 Financial Improvement and Audit Readiness (FIAR) statutory requirement. Therefore, we are canceling the program and moving forward with other options in order to meet both requirements.'"
CowboyRobot writes "Adobe today confirmed that one of its databases has been breached by a hacker and that it had temporarily taken offline the affected Connectusers.com website. The hacker, who also goes by Adam Hima, told Dark Reading that the server he attacked was the Connectusers.com Web server, and that he exploited a SQL injection flaw to execute the attack. 'It was an SQL Injection vulnerability, somehow I was able to dump the database in less requests than normal people do,' he says. Users passwords for the Adobe Connectusers site were stored and hashed with MD5, he says, which made them 'easy to crack' with freely available tools. And Adobe wasn't using WAFs on the servers, he notes. Tal Beery, a security researcher at Imperva, analyzed the data dump in the Connectusers Pastebin post and found that the list appears to be valid and that the hacked database was relatively old."