Leap Towards a Career in Ethical Hacking with 60+ Hours of Prep Toward CISM, CISA, & More Certification Exams at 95% off ×
Education

Apple CEO Tim Cook: I'd Require All Children To Start Coding In 4th Grade (thehill.com) 15

This week Apple CEO Tim Cook argued at Startup Fest Europe that coding should be a 'second language' taught to all children. theodp shares two quotes from a YouTube video. "We fundamentally believe that coding is a language and that just like other languages are required in school, coding should be required in school," Cook stated. "I do think coding is as important-- if not more important -- as the second language that most people learn in today's world," Cook later added... "I would go in and make coding a requirement starting at the fourth or fifth grade, and I would build on that year after year after year...I think we're doing our kids a disservice if we're not teaching them and introducing them in that way."
Meanwhile, The Hill reported this week that The Computer Science Education Coalition -- which includes Microsoft, Amazon, Google, Facebook, and dozens of other companies -- hired a fourth "advocacy firm" that specializes in "mobilizing groups of people to influence outcomes...to help convince policymakers to provide money to computer science education for grades K-12," and they're seeking an initial investment of $250 million. I'd be curious to hear what Slashdot readers think about government funding of grade school coding classes.
Privacy

Controversial Surveillance Firm Blue Coat Was Granted a Powerful Encryption Certificate (vice.com) 71

Joseph Cox, reporting for Motherboard (edited for clarity): A controversial surveillance company called Blue Coat Systems -- whose products have been detected in Iran and Sudan -- was recently issued a powerful encryption certificate by Symantec. The certificate, and the authority that comes with it, could allow Blue Coat Systems to more easily snoop on encrypted traffic. But Symantec downplayed concern from the security community. Blue Coat, which sells web-monitoring software, was granted the power in September last year, but it was only widely noticed this week. The company's devices are used by both government and commercial customers for keeping tabs on networks or conducting surveillance. In Syria, the technology has been used to censor web sites and monitor the communications of dissidents, activists and journalists.Blue Coat assures that it is not going to utilize the certificates to snoop on us. The Register reports: We asked Blue Coat how it planned to use its new powers -- and we were assured that its intermediate certificate was only used for internal testing and that the certificate is no longer in use. "Symantec has reviewed the intermediate CA issued to Blue Coat and determined it was used appropriately," the two firms said in a statement. "Consistent with their protocols, Symantec maintained full control of the private key and Blue Coat never had access to it. Blue Coat has confirmed it was used for internal testing and has since been discontinued. Therefore, rumors of misuse are unfounded."
The Military

Department of Homeland Security Still Uses COBOL (softpedia.com) 161

The Department of Defense has promised to finally stop managing the U.S. nuclear arsenal with floppy disks "by the end of 2017". But an anonymous reader shares Softpedia's report about another startling revelation this week from the Government Accountability Office: Another agency that plans to upgrade is the US Department of Veterans Affairs, which uses COBOL, a programming language from the '50s to manage a system for employee time and attendance. Unfortunately for the VA, there were funds only to upgrade that COBOL system, because the agency still uses the antiquated programming language to run another system that tracks claims filed by veterans for benefits, eligibility, and dates of death. This latter system won't be updated this year. Another serious COBOL user is the Department of Homeland Security, who employs it to track hiring operations, alongside a 2008 IBM z10 mainframe and a Web component that uses a Windows 2012 server running Java.
Personnel files are serious business. A 2015 leak of the secret service's confidential personnel files for a Utah Congressman (who was leading a probe into high-profile security breaches and other missteps) led the Department of Homeland Security to discipline 41 secret service agents.
Electronic Frontier Foundation

EFF Warns of Harsher CFAA (eff.org) 38

An anonymous reader writes: The Computer Fraud and Abuse Act is "vague, draconian, and notoriously out of touch with how we use computers today," warns the EFF. But instead of reforming it, two U.S. Senators "are on a mission to make things worse..." The senators' proposed Botnet Prevention Act of 2016 "could make criminals of paid researchers who test access in order to identify, disclose, and fix vulnerabilities," according to the EFF. And the bill would also make it a felony to damage "critical infrastructure," which may include software companies and ISPs (since they're apparently using the Department of Homeland Security's definition).

The harsher penalties would ultimately give prosecutors much more leverage for plea deals. But worst of all, the proposed bill even "empowers government officials to obtain court orders to force companies to hack computer users for a wide range of activity completely unrelated to botnets. What's worse is that the bill allows the government to do this without any requirement of notice to non-suspect or innocent customers or companies, including botnet victims... These changes would only increase -- not alleviate -- the CFAA's harshness, overbreadth, and confusion."

The CFAA was originally written in 1986, and was partly inspired by the 1983 movie "WarGames".
Government

Finnish Government Criticizes Microsoft For Job Cuts, 'Broken Promises' (softpedia.com) 135

jones_supa writes: Softpedia reports: "Microsoft has recently announced a new round of job layoffs at its Mobile unit in Finland, as it moves forward with its restructuring and reorganization plan following the acquisition of Nokia's Devices and Services unit. The Finnish government has criticized Microsoft for turning to more job cuts in the country, pointing out that the company has a huge responsibility to help those who are being let go. Microsoft's latest job cut round included 1,850 people, 1,350 of which are said to be working in Finland. 'I am disappointed because of the (initial) promises made by Microsoft,' Finance Minister Alexander Stubb was quoted as saying by Reuters. 'One example is that the data center did not materialize despite the company's promise.'" He refers to Microsoft's promise in 2013 to invest $250 million in a data center located in Finland that was specifically meant to provide services to European customers. All of these worries are not unfounded as the employment situation in Finland is still quite terrible, and the decline of Nokia's former phone business certainly exacerbates the situation.
Businesses

Qualcomm To Manufacture Custom Chips For Chinese Market (thestack.com) 45

An anonymous reader quotes a report from The Stack: Qualcomm president Derek Aberle has suggested that the semiconductor giant is preparing to produce its own custom chips for the Chinese market. [A Wall Street Journal interview with] Aberle revealed that the American company had entered into a joint venture with the local government in Guizhou province to manufacture custom chips starting in the second half of 2016. According to Aberle, the Guizhou government owns 55% of the venture, while Qualcomm owns the remaining 45%. Aberle told the Wall Street Journal that he expects China's server demand to dwarf that of the U.S.. He said of the government-backed venture: "This is really going to be the primary vehicle from which we build our data center business in China. We are actually trying to create the company that is going to be able to win the market here as opposed to just licensing old technology."
Crime

FBI Raids Dental Software Researcher Who Found Patient Records On Public Server (dailydot.com) 119

blottsie writes: Yet another security researcher is facing possible prosecution under the CFAA for accessing data on a publicly accessible server. The FBI on Tuesday raided Texas-based dental software security researcher Justin Shafer, who found the protected health records of 22,000 patients stored on an anonymous FTP. "This is a troubling development. I hope the government doesn't think that accessing unsecured files on a public FTP server counts as an unauthorized access under the CFAA," Orin Kerr, a George Washington University law professor and CFAA scholar told the Daily Dot. "If that turns out to be the government's theory -- which we don't know yet, as we only have the warrant so far -- it will be a significant overreach that raises the same issues as were briefed but not resolved in [Andrew 'weev' Auernheimer's] case. I'll be watching this closely." It was also reported this week via The Intercept that a provision snuck into the still-secret text of the Senate's annual intelligence authorization that would give the FBI the ability to demand individuals' email data and possibly web-surfing history from their service providers using those beloved 'National Security Letters' -- without a warrant and in complete secrecy.
Government

Secret Text In Senate Bill Would Give FBI Warrantless Access To Email Records (theintercept.com) 157

mi quotes a report from The Intercept: A provision snuck into the still-secret text of the Senate's annual intelligence authorization would give the FBI the ability to demand individuals' email data and possibly web-surfing history from their service providers using those beloved 'National Security Letters' -- without a warrant and in complete secrecy. [The spy bill passed the Senate Intelligence Committee on Tuesday, with the provision in it. The lone no vote came from Sen. Ron Wyden, D-Ore., who wrote in a statement that one of the bill's provisions "would allow any FBI field office to demand email records without a court order, a major expansion of federal surveillance powers." If passed, the change would expand the reach of the FBI's already highly controversial national security letters. The FBI is currently allowed to get certain types of information with NSLs -- most commonly, information about the name, address, and call data associated with a phone number or details about a bank account. The FBI's power to issue NSLs is actually derived from the Electronic Communications Privacy Act -- a 1986 law that Congress is currently working to update to incorporate more protections for electronic communications -- not fewer. The House unanimously passed the Email Privacy Act in late April, while the Senate is due to vote on its version this week. "NSLs have a sordid history. They've been abused in a number of ways, including targeting of journalists and use to collect an essentially unbounded amount of information," Andrew Crocker, staff attorney for the Electronic Frontier Foundation, wrote. One thing that makes them particularly easy to abuse is that recipients of NSLs are subject to a gag order that forbids them from revealing the letters' existence to anyone, much less the public.]
Businesses

Apple Not Allowed To Open Stores In India (reuters.com) 230

ffkom writes: Reuters reports: "India has said Apple Inc must meet a rule obliging foreign retailers to sell at least 30 percent locally-sourced goods if it wishes to open stores in the country, a senior government official told Reuters. A change in legislation last year exempted foreign retailers selling high-tech goods from the rule, which states 30 percent of the value of goods sold in the store should be made in India. However, Apple's products were not considered to be in this category, said the official, who has direct knowledge of the matter." Now just imagine what Apple stores in the U.S. would look like if 30% of their offerings had to be made in the US... "They did ask for a waiver but didn't provide any material on record to justify it. The decision was taken only after a thorough examination of their application," the source said. Apple planned to open at least three stores in India by the end of 2017. Separate sources said Apple talked with the Indian government about a relaxation of the rule before it filed an application to open stores in the country in January. In a report from The Wall Street Journal (Warning: source may be paywalled), one of India's government officials said, "We are sticking to the old policy. We want local sourcing for job creation. You can't have a situation where people view India only as a market. Let them start doing some manufacturing here." Currently, Apple sells its products "through a network of Indian-owned distribution companies and retailers."
Democrats

State Dept. IT Staff Told To Keep Quiet About Clinton's Server (computerworld.com) 363

dcblogs writes this report from Computerworld: Former U.S. Secretary of State Hillary Clinton's decision to use a private email server ran afoul of the government's IT security and record retention requirements, according to a report by the department's inspector general released today. This use of a private email server did not go unnoticed within the Department of State's IT department. Two IT staff members who raised concerns about Clinton's use of a private server were told not to speak of it. Clinton was secretary of state from 2009 to 2013 and during that period she used a private email server in her New York home. This report by the Department of State's Inspector General about Clinton's use of a private server makes clear that rules and regulations were not followed. It says that Clinton would not have received approval for this server had she sought it. According to the current CIO, the report said, "Secretary Clinton had an obligation to discuss using her personal email account to conduct official business with their offices, who in turn would have attempted to provide her with approved and secured means that met her business needs." However, the report notes, according to these officials, The Bureau of Diplomatic Security and IRM (Bureau of Information Resource Management) "did not -- and would not -- approve her exclusive reliance on a personal email account to conduct Department business, because of the restrictions in the FAM [Foreign Affairs Manual] and the security risks in doing so."
Robotics

Foxconn Cuts 60,000 Jobs, Replaces With Robots (thestack.com) 414

An anonymous reader writes: In a bid to accelerate growth and reduce labor costs, Apple supplier Foxconn cut 60,000 jobs at a single factory, work that is now being completed by robots. As many as 600 companies in the Chinese manufacturing hub of Kunshan may have similar plans to automate their workforce, according to a government survey. Foxconn spokesperson Xu Yulian said, "The Foxconn factory has reduced its employee strength from 110,000 to 50,000, thanks to the introduction of robots. It has tasted success in reduction of labor costs." He added, "More companies are likely to follow suit."

These changes are spurred in part by a desire to reduce labor costs, but have also been made in response to an explosion at a Kunshan factory in 2014 that killed 146 people. The explosion was attributed to unsafe working conditions in the Taiwanese-owned metal polishing factory, which were recognized and documented. After the explosion, the local government pledged 2 billion yuan per year in subsidies to support companies that install industrial robots on their production lines.

Google

Google France Being Raided For Unpaid Taxes (reuters.com) 184

jones_supa writes: Investigators in France have raided Google's Paris headquarters amid a probe over the company's tax payments, Reuters reports. The French Finance Ministry is investigating $1.8 billion in back taxes. According to a report in French daily Le Parisien, at least 100 investigators are part of the raid at Google's offices. A source close to the finance ministry said that the raid at Google's offices has been ongoing on Tuesday since 03:00 GMT. In February, a source at the French Finance Ministry told Reuters that the government was seeking the $1.8 billion from Google. At the time, official spokespeople for Google France and the Finance Ministry refused to comment on the situation. Google could face up to a $11.14 million fine if it is found guilty, or a fine of half of the value of the laundered amount involved. In April, the EU revealed plans to force multinationals such as Google, Amazon and Facebook to disclose exactly where and how much tax they pay across the continent. A new clause was added since the Panama Papers leak requiring the companies to report how much money they make in so-called "tax havens."
Government

FBI Wants Biometric Database Hidden From Privacy Act (onthewire.io) 81

Trailrunner7 quotes a report from onthewire.io: The FBI is working to keep information contained in a key biometric database private and unavailable, even to people whose information is contained in the records. The database is known as the Next Generation Identification System (NGIS), and it is an amalgamation of biometric records accumulated from people who have been through one of a number of biometric collection processes. That could include convicted criminals, anyone who has submitted records to employers, and many other people. The NGIS also has information from agencies outside of the FBI, including foreign law enforcement agencies and governments. Because of the nature of the records, the FBI is asking the federal government to exempt the database from the Privacy Act, making the records inaccessible through information requests. From the report: "The bureau says in a proposal to exempt the database from disclosure that the NGIS should be exempt from the Privacy Act for a number of reasons, including the possibility that providing access 'could compromise sensitive law enforcement information, disclose information which would constitute an unwarranted invasion of another's personal privacy; reveal a sensitive investigative technique; could provide information that would allow a subject to avoid detection or apprehension; or constitute a potential danger to the health or safety of law enforcement personnel, confidential sources, and witnesses.'" RT released a similar report on the matter.
China

Xiaomi Revenues Were Flat in 2015 (fortune.com) 55

Scott Cendrowski, reporting for Fortune: Xiaomi, the Chinese smartphone maker and second highest-valued startup in the world at $45 billion, barely grew sales at all last year. Revenue for 2015 reached 78 billion yuan ($12.5 billion), a 5% rise from 2014's 74.3 billion yuan. Taking into account the falling value of the Chinese currency, the yuan, sales rose 3% in U.S. dollar terms. Xiaomi has been mum about the 2015 sales total since founder Lei Jun gave a revenue target of 100 billion yuan ($16 billion at the time) at a government meeting in March last year. Flat sales growth represents a dramatic change of fortune for Xiaomi, which until recently appeared to be enjoying the momentum befitting China's hottest startup. It was coming off sales growth of 135% in 2014, and in early 2015 founder Lei Jun said at a press conference that Xiaomi's new smartphone was even better than Apple's iPhone. However the phone, the Mi Note, amassed early user complaints about hot temperatures and didn't become the mega-seller the company might have hoped.CNBC's Jay Yarrow said "The Apple-killer is dying." For the uninitiated, Xiaomi rose to fame in 2013-14 when the company took the world by storm with its cheap-priced handsets, TVs, speakers, power banks, and cameras. These devices offered top-of-the-line specifications for their respective echelon. The company has been called out before for allegedly copying Apple's iOS design in its MIUI Android-based operating system. In the past two years, Xiaomi has expanded its business to several Asian regions, and intends to sell a number of gadgets in the United States and Europe among other regions starting later this year. The company has also expanded its product portfolio, making weighing scale, rice cooker, suitcase and a range of other items.
Bitcoin

New Clues About Why Mt. Gox Failed (thedailybeast.com) 50

An anonymous reader writes: The Daily Beast is investigating internal emails, contracts, and new information provided by a former accounting employee at Mt. Gox for clues about how and why the world's largest bitcoin exchange failed in 2014. They conclude that CEO Mark Karpeles "bought a company already missing tens of thousands of bitcoins" in 2011, leading to an email exchange a few months later where the previous owner suggested ways to make up the $800,000 shortfall. Unfortunately, Karpeles "had signed a non-disclosure agreement that left him unable to discuss the loss," and after a second larger hack, he moved the majority of bitcoins offline into "cold storage," leaving only enough online to complete transactions.

According to the article, former Mt. Gox employees "claim rogue U.S. government agents seized $5 million of Mt. Gox funds in summer 2013 in retaliation for Karpeles's refusal to cooperate with them. This seizure supposedly cut into the firm's operating reserves, which may have been the beginning of the end, at least according to the former Mt. Gox accountant."

While $450 million eventually disappeared, Thursday ZDNet reported that a class-action lawsuit brought against the bitcoin exchange by investors "has been dismissed."
China

Microsoft Finds Legal Path To Launch Minecraft In China (arstechnica.com) 91

An anonymous reader quotes a report from Ars Technica: Minecraft's PC and smartphone versions are finally coming to China. On Friday, Microsoft and Mojang announced the beginning of a "five-year exclusive partnership" with Chinese software publisher NetEase, Inc to roll the game out onto Chinese computer and smartphone marketplaces. Microsoft was able to publish the game on Xbox One consoles late last year, but those consoles have yet to penetrate the Chinese market to the extent that PCs and smartphones have, and the fact that even Microsoft had to license the game to someone else as opposed to launching it from its own Shanghai campus is a stern reminder of what roadblocks stand in the way of Western software developers. "The most challenging aspect of doing business in China by far is dealing with the government," former PopCap executive James Gwertzman said at the 2010 Game Developers Conference. Game publishers must acquire a combined six permits to launch a game in China, and most of those permits cannot be acquired by foreign-operated companies. Microsoft is presumably in the exact same regulatory boat, and its choice of partner is telling; NetEase already has a major Western-gaming reputation thanks to its partnership with megawatt game makers Blizzard. Gwertzman guessed that Minecraft will probably avoid such undue attention with its upcoming launch. "Minecraft is on the good side as it encourages teamwork and learning," he said. "I see Minecraft as the perfect example of a game that will receive public support [in China]." Meanwhile, American technology companies like Apple and Microsoft are undergoing security reviews in the communist country.
Education

Judge Orders 'Intentionally Deceptive' DOJ Lawyers To Take Remedial Ethics Class (zerohedge.com) 185

According to the Daily Caller, "The judge overseeing the challenge by 26 states to President Obama's executive action in immigration has ordered all lawyers 'employed at the Justice Department in Washington, D.C. who appears, or seeks to appear, in a court (state or federal) in any of the 26 Plaintiff States annually attend a legal ethics course.'"

An anonymous reader quotes a report from Zero Hedge: In writing the ruling, Hanen quoted from the scene in "Miracle on 34th Street" when the boy is called to testify to Santa's existence and saying that everyone knows not to tell a lie to the court. Hanen went on to say that that the Justice Department lawyers have an even stricter duty: Tell the truth, don't mislead the court, and don't allow it to be mislead by others. "The Government's lawyers failed on all three fronts. The actions of the DHS should have been brought as early as December 19, 2014. The failure of counsel to do that constituted more than mere inadvertent omissions -- it was intentionally deceptive." Judge Hanen wrote in his ruling. Hanen ordered that the classes must be "taught by at least one recognized ethics expert who is unaffiliated with the Justice Department." I wonder if the judge could order the lawyers to jail for contempt of court?
China

China Fakes 488 Million Social Media Posts a Year To Deceive Its Citizens (bloomberg.com) 120

In an attempt to keep its citizens from seeing bad news and getting involved in sensitive political debates, China's government fabricates about 488 million social media comments a year, reports Bloomberg citing a study (PDF). The propaganda workers who post comments are known as Fifty Cent Party because they are believed to be paid 50 Chinese cents by the Chinese government for every comment they post. From the report: Although those who post comments are often rumored to be ordinary citizens, the researchers were surprised to find that nearly all the posts were written by workers at government agencies including tax and human resource departments, and at courts. The researchers said they found no evidence that people were paid for the posts, adding the work was probably part of the employees' job responsibilities. Fifty Cent Party is a derogatory term since it implies people are bought off cheaply. About half of the positive messages appear on government websites, and the rest are injected into the 80 billion social media posts that enter China's Internet. That means one of every 178 social media posts on China's micro blogs is made up by the government, the researchers said. The sites affected include those run by Tencent Holdings Ltd., Sina Corp. and Baidu Inc.
Government

New Surveillance System May Let Cops Use All Of The Cameras (engadget.com) 117

An anonymous reader quotes a report from Wired: [Computer scientists have created a way of letting law enforcement tap any camera that isn't password protected so they can determine where to send help or how to respond to a crime.] The system, which is just a proof of concept, alarms privacy advocates who worry that prudent surveillance could easily lead to government overreach, or worse, unauthorized use. It relies upon two tools developed independently at Purdue. The Visual Analytics Law Enforcement Toolkit superimposes the rate and location of crimes and the location of police surveillance cameras. CAM2 reveals the location and orientation of public network cameras, like the one outside your apartment. You could do the same thing with a search engine like Shodan, but CAM2 makes the job far easier, which is the scary part. Aggregating all these individual feeds makes it potentially much more invasive. [Purdue limits access to registered users, and the terms of service for CAM2 state "you agree not to use the platform to determine the identity of any specific individuals contained in any video or video stream." A reasonable step to ensure privacy, but difficult to enforce (though the team promises the system will have strict security if it ever goes online). Beyond the specter of universal government surveillance lies the risk of someone hacking the system.] EFF discovered that anyone could access more than 100 "secure" automated license plate readers last year.
Medicine

Why Don't Scientists Kill The 'Demon In The Freezer'? 287

HughPickens.com writes: Smallpox was one of the most devastating diseases humanity has ever faced, killing more than 300 million people in the 20th century alone. But thanks to the most successful global vaccination campaign in history, the disease was completely eradicated by 1980. By surrounding the last places on earth where smallpox was still occurring -- small villages in Asia and Africa -- and inoculating everyone in a wide circle around them, D. A. Henderson and the World Health Organization were able to starve the virus of hosts. Smallpox is highly contagious, but it is not spread by insects or animals. When it is gone from the human population, it is gone for good. But Errol Moris writes in the NYT that Henderson didn't really eliminate smallpox. In a handful of laboratories around the world, there are still stocks of smallpox, tucked away in one freezer or another. In 2014 the CDC announced that vials containing the deadly virus had been discovered in a cardboard box in a refrigerator located on the National Institutes of Health (NIH) campus in Bethesda, Maryland. How can you say it's eliminated when it's still out there, somewhere? The demon in the freezer.

Some scientists say that these residual stocks of smallpox should not be destroyed because some ruthless super-criminal or rogue government might be working on a new smallpox, even more virulent than existing strains of the virus. We may need existing stocks to produce new vaccines to counteract the new viruses. Meanwhile, opponents of retention argue that there's neither need nor practical reason for keeping the virus around. In a letter to Science Magazine published in 1994, the Nobel laureate David Baltimore wrote, "I doubt that we so desperately need to study smallpox that it would be worth the risk inherent in the experimentation." It all comes down to the question of how best to protect ourselves against ourselves. Is the greater threat to humanity our propensity for error and stupidity, or for dastardly ingenuity?

Slashdot Top Deals