By BeauHD from Slashdot's trail-of-evidence department
An anonymous reader writes from an article published on TorrentFreak: [A] criminal complaint details the FBI's suspicions that 25-year-old Preston McWaters had conveyed "false or misleading information regarding an explosive device." The FBI started digging and in February 2016 two search warrants against Twitter and Facebook required them to turn over information on several accounts. Both did and the criminal complaint makes it clear that the FBI believes that McWaters was behind the accounts and the threats. With McWaters apparently leaving incriminating evidence all over the place (including CCTV at Walmart where he allegedly purchased a pre-paid Tracfone after arriving in his own car), the FBI turned to IP address evidence available elsewhere. "During the course of the investigation, subpoenas and search warrants have been directed to various companies in an attempt to identify the internet protocol (IP) address from where the email messages are being sent," the complaint reads. "All the responses from [email provider] 1&1, Facebook, Twitter, and Tracfone have been traced by IP address back to a company named London Trust Media [doing business as] PrivateInternetAccess.com. A subpoena was sent to London Trust Media and the only information they could provide is that the cluster of IP addresses being used was from the east coast of the United States," the FBI's complain reads. "However, London Trust did provide that they accept payment for their services through credit card with a vendor company of Stripe and/or Amazon. They also accept forms of payment online through PayPal, Bitpay, Bit Coin, Cash You, Ripple, Ok Pay, and Pay Garden." While McWaters is yet to be found guilty, it's a sad fact that some people will use anonymizing services such as VPNs, pre-paid phones and anonymous email providers to harass others. And thankfully, as this case shows, they'll need to hide a lot more than their IP address to get away with that level of crime.Read Replies (0)
By manishs from Slashdot's fixing-the-education-system department
An anonymous reader writes: E-commerce giant Amazon is planning to launch a new education platform which would enable educators to upload, manage, share, and discover open education resources. Earlier this month, the company quietly opened an Amazon Education Wait List to allow educators to be alerted about the availability of the platform. The website currently reads, "The future of education is open. Someday soon, educators everywhere will have free and unlimited access to first-class course materials from a revolutionary platform. Get on the wait list to be notified when the platform is available for all schools and classrooms!" The webpage, do note, could be related to some other project. This isn't the first time Amazon has shown interest in the education sector. In 2013, it acquired TenMarks, a company that offers mathematics learning materials. Amazon, which lets you purchase or rent books for Kindle, is also a major name in the publishing world. Over the years, Apple, Google, and Microsoft have also become increasingly interested in seeing their hardware and software in classrooms.Read Replies (0)
By BeauHD from Slashdot's insecure-home-automation-deployment department
jones_supa writes: The hotel in which Matthew Garrett was staying at, had decided that light switches are unfashionable and replaced them with a series of Android tablets. In his tour to the system, one was quickly met with a glitch message "UK_bathroom isn't responding." Anyway, two of the tablets had convenient-looking ethernet cables plugged into the wall, so MacGyver began hacking. He managed to borrow a couple of USB ethernet adapters, set up a transparent bridge and then stick his laptop between the tablet and the wall. Tcpdump showed traffic, and Wireshark revealed that it was Modbus over TCP. Modbus is a pretty trivial protocol, and does not implement authentication. The Pymodbus tool could be used to control lights, turn the TV on/off, and even close and open the curtains. Then he noticed something. His room number was 714. The IP address he was communicating with was 172.16.207.14. They wouldn't, would they? Indeed, he could access the control systems on every floor and query other rooms to figure out whether the lights were on or not, which strongly implies that he could control them as well.Read Replies (0)
By manishs from Slashdot's government-vs-open-source department
An anonymous reader points to an official announcement made by TP-Link, which confirms a report from last month that it is blocking open source firmware: The FCC requires all manufacturers to prevent users from having any direct ability to change RF parameters (frequency limits, output power, country codes, etc.) In order to keep our products compliant with these implemented regulations, TP-LINK is distributing devices that feature country-specific firmware. Devices sold in the United States will have firmware and wireless settings that ensure compliance with local laws and regulations related to transmission power. As a result of these necessary changes, users are not able to flash the current generation of open-source, third-party firmware. We are excited to see the creative ways members of the open-source community update the new firmware to meet their needs. However, TP-LINK does not offer any guarantees or technical support for customers attempting to flash any third-party firmware to their devices.
Don't lose all your hopes yet. Developer Sebastian Gottschall, who works on DD-WRT Linux-based firmware, believes that TP-Link hasn't blocked third-party firmware. He adds, "Just the firmware header has been a little bit changed and a region code has been added. This has been introduced in September 2015. DD-WRT for instance does still provide compatible images... in fact it's no lock." Furthermore, Cisco insists that FCC's existing or proposed rules doesn't limit or eliminate the ability of a developer to use open source software.Read Replies (0)
By BeauHD from Slashdot's violent-expectations department
dcblogs writes: About 300 Hertz IT employees, most located in Oklahoma City, are being impacted [by] a decision to expand its outsourcing to IBM. About 75 will be hired by IBM and those workers [are expected] to receive offers this week while others are facing layoffs. The news was a shock for IT employees. There was "anger, resentment," especially by employees who "sacrificed that work/life balance to keep things going here," said one employee. Hertz took precautions. On the day that IT employees learned that their work was shifting to IBM, employees noticed Oklahoma sheriff patrol vehicles in the building's parking lot. They believed plainclothes officers were inside the building.
"We consider the safety and security of our people whenever there are circumstances or events that could increase the risk of a disturbance or some form of workplace violence," said Bill Masterson, a Hertz spokesman. "Knowing that this was a difficult announcement, we had additional security on hand," said Masterson. "Going forward, Hertz IT resources will be focused on development of future products and services for customers," he said. The majority of services will be cloud-based. According to the Computerworld article, along with severance pay, benefits also include three months of outplacement assistance. IT employees can receive up to $4,000 toward retraining or skill certification, said Masterson. IBM India Private Limited, a IBM subsidiary, has filed paper for H-1B visa workers for Hertz Technology offices.Read Replies (0)
By BeauHD from Slashdot's new-and-improved department
An anonymous reader writes: Apparently, during the past months it has started coming to the surface the fact that most top-tier Android malware was actually related, coming from a common malware variant called GM Bot, and sold for only $5,000 on underground hacking forums. Taking advantage of his new found glory, the coder behind that malware has now released a second version, three times the price of the first, complete with 3 exploits that can guarantee root access on older versions of Android (which are plenty thanks to [ignorant] OEMs and carriers). Some of the malware that originated from GM Bot includes: SimpleLocker (first crypto-ransomware for Android), AceCard (considered the most sophisticated Android malware to date), Bankosy and SlemBunk (banking trojan and backdoor), and Mazar Bot (banking trojan, backdoor and ransomware). To make things worse, GM Bot v1's source code also got leaked online, making it available to any halfwit developer that wants a crack at a cybercrime career.Read Replies (0)
By timothy from Slashdot's or-is-that-have-been-released department
Burz writes: Invisible Things Labs has released Qubes OS 3.1. Some of the features recently introduced into this secure concept, single-user desktop OS are Salt management, the Odyssey abstraction layer, and UEFI boot support. The 3.x series also lays the groundwork for distributed verifiable builds, Whonix VMs for Tor isolation, split-GPG key management, USB sandboxing, and a host of others.
Qubes has recently gained a following among privacy advocates, notable among them journalist J.M. Porup, Micah Lee at The Intercept and Edward Snowden.
Embodying a shift away from complex kernel-based security and towards bare metal hypervisors and IOMMUs for strict isolation of hardware components, Qubes seals off the usual channels for 'VM breakout' and DMA attacks. It isolates NICs and USB hardware within unprivileged VMs which are themselves are a re-working of the usual concept, each booting from read-only OS 'templates' which can be shared. Graphics are also virtualized behind a simple, hardened interface. Some of the more interesting attacks mitigated by Qubes are Evil Maid, BadBIOS, BadUSB and Mousejack.Read Replies (0)
By BeauHD from Slashdot's gelatinous-binge-watching-humans department
mmoorebz writes: Netflix is known as a place to binge watch television, but behind the scenes, there's a lot that goes on before everyone's favorite show can be streamed. The first step to deploying an application or service is building. Netflix created Nebula, a set of plugins for the Gradle build system, that "help with the heavy-lifting around building applications," said the engineers. Once the code has been built and tested locally using Nebula, the team pushes the updated source code to a Git repository. Every deployment at Neflix begins with the creation of an Amazon Machine Image, and to generate them from source, Netflix created what it calls "the Bakery." It exposes an API that facilitates the creation of AMIs globally, according to the blog. When it comes time to deploy and after the "baking" is complete, teams will use Spinnaker to manage multi-region deployments, canary releases, and red/black deployments. Netflix is continuing to look at the developer experience and determine how it can improve.Read Replies (0)