Communications

More Than a Million Pro-Repeal Net Neutrality Comments Were Likely Faked (hackernoon.com) 177

Jeff Kao from Hacker Noon used natural language processing techniques to analyze net neutrality comments submitted to the FCC from April-October 2017 and found that at least 1.3 million pro-repeal net neutrality comments were faked. From the report: NY Attorney General Schneiderman estimated that hundreds of thousands of Americans' identities were stolen and used in spam campaigns that support repealing net neutrality. My research found at least 1.3 million fake pro-repeal comments, with suspicions about many more. In fact, the sum of fake pro-repeal comments in the proceeding may number in the millions. In this post, I will point out one particularly egregious spambot submission, make the case that there are likely many more pro-repeal spambots yet to be confirmed, and estimate the public position on net neutrality in the "organic" public submissions. [The key findings include:]

1. One pro-repeal spam campaign used mail-merge to disguise 1.3 million comments as unique grassroots submissions.
2. There were likely multiple other campaigns aimed at injecting what may total several million pro-repeal comments into the system.
3. It's highly likely that more than 99% of the truly unique comments were in favor of keeping net neutrality.

Security

Data Breach Hits Australia's Department of Social Services Credit Card System (theguardian.com) 32

Paul Karp, reporting for The Guardian: The Department of Social Services has written to 8,500 current and former employees warning them their personal data held by a contractor has been breached. In letters sent in early November the department alerted the employees to "a data compromise relating to staff profiles within the department's credit card management system prior to 2016." Compromised data includes credit card information, employees' names, user names, work phone numbers, work emails, system passwords, Australian government services number, public service classification and organisation unit. The department failed to warn staff how long the data was exposed for but a DSS spokesman told Guardian Australia that the contractor, Business Information Services, had advised that the data was open from June 2016 until October 2017. The data related to the period 2004 to 2015.
Privacy

There's Now a Dark Web Version of Wikipedia (vice.com) 20

An anonymous reader shares a report: In many parts of the world, like North America, using Wikipedia is taken for granted; hell, there are even Twitter accounts to track government employees editing the internet's free encyclopedia while on the clock. But in other places, like Turkey or Syria, using Wikipedia can be difficult, and even dangerous. To make using Wikipedia safer for at-risk users, former Facebook security engineer Alec Muffett has started an experimental dark net Wikipedia service that gives visitors some strong privacy protections. The project is unofficial; for now, Wikipedia isn't involved. So it's a bit janky. The service uses self-signed certificates that may trigger a security warning in Tor, so you have to manually white-list the addresses, which takes a couple minutes.
Bitcoin

There's Some Intense Web Scans Going on for Bitcoin and Ethereum Wallets (bleepingcomputer.com) 34

Catalin Cimpanu, writing for BleepingComputer: With both Bitcoin and Ethereum price hitting all-time highs in the past seven days, cyber-criminals have stepped up efforts to search and steal funds stored in these two cryptocurrencies. These mass Internet scanning campaigns have been recently picked up by various honeypots installed by security researchers across the Internet. The first of these, aimed at Bitcoin owners, was picked up by security researcher Didier Stevens over the weekend, just two days before Bitcoin was about to jump from $7,000 to over $8,000.
EU

EU Lawmakers Back Exports Control on Spying Technology (reuters.com) 35

An anonymous reader shares a report: EU lawmakers overwhelmingly backed plans on Thursday to control exports of devices to intercept mobile phone calls, hack computers or circumvent passwords that could be used by foreign states to suppress political opponents or activists. Members of the European Parliament's trade committee voted by 34 votes to one in favor of a planned update to export controls on "dual use" products or technologies. The EU has had export controls since 2009 on such dual use products including toxins, laser and technology for navigation or nuclear power, which can have a civilian or military applications but also be used to make weapons of mass destruction. The EU has felt that spyware or malware and telecom of Internet surveillance technologies are increasingly threatening security and human rights and proposed a modernization of its export control system to cover cyber-surveillance.

Slashdot Top Deals