School Pays To Get an Algorithm To Scan Students' Social Media For Threats and Suicide Risks Posts ( 58

When someone visits the buildings of Shawsheen Valley Technical High School in Billerica, as they walk through the secure foyer, they have to get their driver's license or another state-issued ID scanned. But the secure foyer does kind of a high-level national background check, too, explains Superintendent Tim Broadrick. From a report: The "LobbyGuard" scanner is the size of a computer tablet. It scans a driver's license, takes a picture of the school visitor and if all is OK with the person's background check, almost instantly clears the person to enter the school. An employee behind a window then pushes a button and unlocks the door to the school hallway. Amid nationwide concern about school shootings, there's talk at Shawsheen Tech of covering the wall of glass in the lobby with a special film to make it harder for a bullet to pierce. There's also a police officer -- known as a school resource officer -- stationed at the school. He has an office in the lobby. And the school has adopted another security measure to try to protect students from attacks -- one you can't see. It's a computer program designed to detect threats against the school in social media posts. And it runs 24/7.

"It's receiving and filtering and then gives us alerts when certain kinds of public communication are detected," Broadrick explains. Shawsheen Tech buys the social media scanning service from a Vermont-based company called Social Sentinel. It's one of many technology firms doing some form of social media scanning or monitoring. Social Sentinel claims it's the only one with expertise in protecting schools. Shawsheen Tech has about 1,300 students. It pays Social Sentinel approximately $10,000 per year, according to Broadrick.


Firefox In 2018: We'll Tackle Bad Ads, Breach Alerts, Autoplay Video, Says Mozilla ( 62

An anonymous reader quotes a report from ZDNet: Firefox maker Mozilla has outlined its 2018 roadmap to make the web less intrusive and safer for users. First up, Mozilla says it will proceed and implement last year's experiment with a breach alerts service, which will warn users when their credentials have been leaked or stolen in a data breach. Mozilla aims to roll out the service around October. Breach Alerts is based on security consultant Troy Hunt's data breach site Have I Been Pwned. Firefox will also implement a similar block on autoplay video to the one Chrome 66 will introduce next month, and that Safari already has. However, Dotzler says Firefox's implementation will "provide users with a way to block video auto-play that doesn't break websites". This feature is set to arrive in Firefox 62, which is scheduled for release in May.

After Firefox 62 the browser will gain an optional Chrome-like ad filter and several privacy-enhancing features similar to those that Apple's WebKit developers have been working on for Safari's Intelligent Tracking Prevention. By the third quarter of 2018, Firefox should also be blocking ad-retargeting through cross-domain tracking. It's also going to move all key privacy controls into a single location in the browser, and offer more "fine-grained" tracking protection. Dotzler says Mozilla is in the "early stages" of determining what types of ads Firefox should block by default. Also on the roadmap is a feature that arrived in Firefox 59, released earlier this month. A new Global Permissions feature will help users avoid having to deny every site that requests permission for location, camera, microphone and notifications. Beyond security and privacy, Mozilla plans to build on speed-focused Quantum improvements that came in Firefox 57 with smoother page rendering.


US Charges Iranians For Global Cyber Attacks on Behalf of Tehran ( 34

The United States on Friday charged nine Iranians and an Iranian company with attempting to hack into hundreds of U.S. and international universities, dozens of companies and parts of the U.S. government on behalf of the Tehran government. From a report: The cyber attack pilfered more than 31 terabytes of academic data and intellectual property from 144 U.S. universities and 176 universities in 21 foreign countries, the U.S. Department of Justice said in a statement. The U.S. Treasury Department said on its website that it was placing sanctions on those accused and the Mabna Institute, a company described by U.S. prosecutors as designed to help Iranian research organizations steal information.

More Evidence Ties Alleged DNC Hacker Guccifer 2.0 To Russian Intelligence ( 180

An anonymous reader shares a report: It may be a while since you've heard the handle "Guccifer 2.0," the hacker who took responsibility for the infamous DNC hack of 2016. Reports from the intelligence community at the time, as well as common sense, pegged Guccifer 2.0 not as the Romanian activist he claimed to be, but a Russian operative. Evidence has been scarce, but one slip-up may have given the game away. An anonymous source close to the U.S. government investigation of the hacker told the Daily Beast that on one single occasion, Guccifer 2.0 failed to log into the usual VPN that disguised their traffic. As a result, they left one honest IP trace at an unnamed social media site.

That IP address, "identified Guccifer 2.0 as a particular GRU officer working out of the agency's headquarters on Grizodubovoy Street in Moscow," the Daily Beast reported. (The GRU is one of the Russia's security and intelligence organs.) Previous work by security researchers had suggested this, but it's the first I've heard of evidence this direct. Assuming it's genuine, it's a sobering reminder of how fragile anonymity is on the internet -- one click and the whole thing comes crashing down.


New R2D2 Technique Protects Files Against Wiper Malware, Secure Delete Apps ( 46

An anonymous reader writes: Purdue University scientists have developed a data protection technique called Reactive Redundancy for Data Destruction (R2D2) that can safeguard data sitting inside a virtual machine from modern data-wiping malware and even some secure file deletion methods. The technique was developed to protect enterprise systems, which are often running inside VMs.

Researchers say the new technique was successful in preventing wiper malware such as Shamoon (v1 and v2), StoneDrill, and Destover from deleting data during their experiments, but it was able to prevent data deletion attempted with legitimate "secure delete" applications. When such operations are detected, R2D2 runs each one through a series of policies that evaluate the operation for known destructive patterns. If the scan triggers a warning, the VM creates a temporary checkpoint that a human operator can use as a system restore point.


Atlanta City Government Systems Down Due To Ransomware Attack ( 63

An anonymous reader quotes a report from Ars Technica: The city of Atlanta government has apparently become the victim of a ransomware attack. The city's official Twitter account announced that the city government "is currently experiencing outages on various customer facing applications, including some that customers may use to pay bills or access court-related information." According to a report from Atlanta NBC affiliate WXIA, a city employee sent the station a screen shot of a ransomware message demanding a payment of $6,800 to unlock each computer or $51,000 to provide all the keys for affected systems. Employees received emails from the city's information technology department instructing them to unplug their computers if they noticed anything suspicious. An internal email shared with WXIA said that the internal systems affected include the city's payroll application. "At this time, our Atlanta Information Management team is working diligently with support from Microsoft to resolve the issue," a city spokesperson told Ars. "We are confident that our team of technology professionals will be able to restore applications soon." The city's primary website remains online, and the city government will continue to post updates there, the spokesperson added.
United States

US Spending Bill Contains CLOUD Act, a Win For Tech and Law Enforcement ( 116

The 2,232 page spending bill released Wednesday by House and Senate leaders includes the Clarifying Lawful Overseas Use of Data [CLOUD] Act, which provides a legal framework for law enforcement to request data from overseas servers. The CLOUD Act currently sits high atop the wish list of tech firms, law enforcement and even foreign nations. Axios reports: The Supreme Court is currently mulling a case determining whether the Department of Justice had the right to force Microsoft to produce client emails stored on a server in Ireland without permission from Ireland's government. Microsoft fears the DOJ will force it to violate the laws of Ireland. The DOJ hopes to avoid the often years long process of abiding by treaties dealing with evidence. But both have publicly urged lawmakers to render the pending decision moot by passing the CLOUD act, a way to streamline the treaty process for requesting digital data.

The CLOUD Act provides a framework for reciprocal treaties for nations to request data from computers located within each other's borders. It also provides a mechanism for a Microsoft to take a law enforcement demand to court if it would force them to violate another country's rules. But when neither apply, law enforcement will be able to demand files in accordance with U.S. law.


Best Buy Stops Selling Huawei Smartphones ( 86

Best Buy, the nation's largest electronics big box retailer, has ceased ordering new smartphones from Huawei and will stop selling its products over the next few weeks. Best Buy didn't provide any details as to why it has severed ties with Huawei, but it may have to do with security concerns involving the Chinese government. CNET reports: The move is a critical blow to Huawei, which is the world's third-largest smartphone vendor behind Apple and Samsung but has struggled to establish any presence in the U.S. Best Buy was one of Huawei's biggest retail partners, and one of the rare places where you could physically see its phones. Huawei phones aren't sold by any U.S. carriers, where a majority of Americans typically buy their phones. Security concerns have long dogged Huawei in the U.S. In 2012, the House Intelligence Committee released a report accusing Huawei and fellow Chinese vendor ZTE of making telecommunications equipment that posed national security threats, and banned U.S. companies from buying the gear. At the time, the committee stressed that the report didn't refer to its smartphones. But that's changed over the last several months. The directors of the FBI, CIA and NSA all expressed their concerns about the risks posed by Huawei and ZTE.

A 15-Year-Old Hacked the Secure Ledger Crypto Wallet ( 66

An anonymous reader quotes a report from TechCrunch: A 15-year-old programmer named Saleem Rashid discovered a flaw in the popular Ledger hardware wallet that allowed hackers to grab secret PINs before or after the device was shipped. The holes, which Rashid described on his blog, allowed for both a "supply chain attack" -- meaning a hack that could compromise the device before it was shipped to the customer -- and another attack that could allow a hacker to steal private keys after the device was initialized. The Ledger team described the vulnerabilities dangerous but avoidable. For the "supply chain attack," they wrote: "by having physical access to the device before generation of the seed, an attacker could fool the device by injecting his seed instead of generating a new one. The most likely scenario would be a scam operation from a shady reseller." "If you bought your device from a different channel, if this is a second hand device, or if you are unsure, then you could be victim of an elaborate scam. However, as no demonstration of the attack in the real has been shown, it is very unlikely. In both cases, a successful firmware update is the proof that your device has never been compromised," wrote the team.

Further, the post-purchase hack "can be achieved only by having physical access to the device, knowing your PIN code and installing a rogue unsigned application. This rogue app could break isolation between apps and access sensitive data managed by specific apps such as GPG, U2F or Neo." Ledger CEO Eric Larcheveque claimed that there were no reports of the vulnerability effecting any active devices. "No one was compromised that we know of," he said. "We have no knowledge that any device was affected." Rashid, for his part, was disappointed with the speed Ledger responded to his claims.


Kaspersky Lab Plans Swiss Data Center To Combat Spying Allegations, Report Says ( 47

An anonymous reader shares a report: Moscow-based Kaspersky Lab plans to open a data center in Switzerland to address Western government concerns that Russia exploits its anti-virus software to spy on customers, according to internal documents seen by Reuters. Kaspersky is setting up the center in response to actions in the United States, Britain and Lithuania last year to stop using the company's products, according to the documents, which were confirmed by a person with direct knowledge of the matter. The action is the latest effort by Kaspersky, a global leader in anti-virus software, to parry accusations by the U.S. government and others that the company spies on customers at the behest of Russian intelligence.

AMD Says Patches Coming Soon For Chip Vulnerabilities ( 84

wiredmikey writes: After investigating recent claims from a security firm that its processors are affected by more than a dozen serious vulnerabilities, chipmaker Advanced Micro Devices (AMD) says patches are coming to address several security flaws in its chips. In its first public update after the surprise disclosure of the vulnerabilities by Israeli-based security firm CTS Labs, AMD said the issues are associated with the firmware managing the embedded security control processor in some of its products (AMD Secure Processor) and the chipset used in some socket AM4 and socket TR4 desktop platforms supporting AMD processors.

AMD said that patches will be released through BIOS updates to address the flaws, which have been dubbed MASTERKEY, RYZENFALL, FALLOUT and CHIMERA. The company said that no performance impact is expected for any of the forthcoming mitigations.


Telegram Loses Supreme Court Appeal In Russia, Must Hand Over Encryption Keys ( 216

Telegram has lost a bid before Russia's Supreme Court to block security services from getting access to users' data, giving President Vladimir Putin a victory in his effort to keep tabs on electronic communications. Bloomberg reports: Supreme Court Judge Alla Nazarova on Tuesday rejected Telegram's appeal against the Federal Security Service, the successor to the KGB spy agency which last year asked the company to share its encryption keys. Telegram declined to comply and was hit with a fine of $14,000. Communications regulator Roskomnadzor said Telegram now has 15 days to provide the encryption keys. Telegram, which is in the middle of an initial coin offering of as much as $2.55 billion, plans to appeal the ruling in a process that may last into the summer, according to the company's lawyer, Ramil Akhmetgaliev. Any decision to block the service would require a separate court ruling, the lawyer said.

Putin signed laws in 2016 on fighting terrorism, which included a requirement for messaging services to provide the authorities with means to decrypt user correspondence. Telegram challenged an auxiliary order by the Federal Security Service, claiming that the procedure doesn't involve a court order and breaches constitutional rights for privacy, according to documents. The security agency, known as the FSB, argued in court that obtaining the encryption keys doesn't violate users' privacy because the keys by themselves aren't considered information of restricted access. Collecting data on particular suspects using the encryption would still require a court order, the agency said.


Orbitz Says Legacy Travel Site Likely Hacked, Affecting 880,000 Credit Cards ( 29

hyperclocker shares a report from U.S. News & World Report: Orbitz says a legacy travel booking platform may have been hacked, possibly exposing the personal information of people that made certain purchases between January 1, 2016 and December 22, 2017. Orbitz said Tuesday about 880,000 payment cards were impacted. Data that was likely exposed includes name, payment card information, date of birth, phone number, email address, physical and/or billing address and gender. The company said evidence suggests an attacker may have accessed information stored on the platform -- which was for both consumers and business partners -- between Oct. 1, 2017 and Dec. 22, 2017. "Orbitz said it worked with a forensic investigation firm, cybersecurity experts, and law enforcement once the breach was discovered in order to 'eliminate and prevent unauthorized access to the platform,'" reports The Verge. "The company also notes that its current site,, wasn't affected. It is notifying customers who may have been impacted and is offering a year of free credit monitoring."

Hackathons Are Dystopian Events That Dupe People Into Working For Free, Say Sociologists ( 155

An anonymous reader writes: That's the conclusion that two sociologists came to after observing seven hackathons over the period of one year, reports Wired. In "Hackathons As Co-optation Ritual: Socializing Workers and Institutionalizing Innovation in the 'New' Economy," sociologists Sharon Zukin and Max Papadantonakis argue that companies use the allure of hackathons to get people to work for free. They says sponsors fuel the "romance of digital innovation by appealing to the hackers' aspiration to be multi-dimensional agents of change" when in fact the hackathons are just a means of labor control.

Facebook Security Chief Said To Leave After Clashes Over Disinformation ( 45

Facebook's chief information security officer, Alex Stamos, will leave the company after internal disagreements over how the social network should deal with its role in spreading disinformation. The New York Times reports (Warning: source may be paywalled; alternative source): Mr. Stamos had been a strong advocate inside the company for investigating and disclosing Russian activity on Facebook, often to the consternation of other top executives, including Sheryl Sandberg, the social network's chief operating officer, according to the current and former employees, who asked not to be identified discussing internal matters. After his day-to-day responsibilities were reassigned to others in December, Mr. Stamos said he would leave the company. He was persuaded to stay through August to oversee the transition of his duties because executives thought his departure would look bad, the current and former employees said. He has been overseeing the transfer of his security team to Facebook's product and infrastructure divisions. His group, which once had 120 people, now has three, the current and former employees said. Mr. Stamos would be the first high-ranking employee to leave Facebook since controversy erupted over disinformation on its site. His departure is a sign of heightened leadership tensions at the company.

Slashdot Top Deals