By Unknown Lamer from Slashdot's insecurity-through-idiocy department
New submitter janoc (699997)
writes about a backdoor that was fixed only not "Eloi Vanderbeken from Synacktiv has identified an intentional backdoor in a module by Sercomm used by major router manufacturers (Cisco, Linksys, Netgear, etc.). The backdoor was ostensibly fixed — by obfuscating it and making it harder to access. The original report (PDF). And yeah, there is an exploit available ..."
Rather than actually closing the backdoor, they just altered it so that the service was not enabled until you knocked the portal with a specially crafted Ethernet packet. Quoting Ars Technica: "The nature of the change, which leverages the same code as was used in the old firmware to provide administrative access over the concealed port, suggests that the backdoor is an intentional feature of the firmware ... Because of the format of the packets—raw Ethernet packets, not Internet Protocol packets—they would need to be sent from within the local wireless LAN, or from the Internet service provider’s equipment. But they could be sent out from an ISP as a broadcast, essentially re-opening the backdoor on any customer’s router that had been patched."Read Replies (0)
By Unknown Lamer from Slashdot's wait'll-it's-drone-enabled department
:Advocatus Diaboli (1627651)
writes with some concerning news from the Atlantic
. From the article: "In a secret test of mass surveillance technology, the Los Angeles County Sheriff's Department sent a civilian aircraft over Compton, California, capturing high-resolution video of everything that happened inside that 10-square-mile municipality. Compton residents weren't told about the spying, which happened in 2012. 'We literally watched all of Compton during the times that we were flying, so we could zoom in anywhere within the city of Compton and follow cars and see people,' Ross McNutt of Persistence Surveillance Systems told the Center for Investigative Reporting, which unearthed and did the first reporting on this important story. The technology he's trying to sell to police departments all over America can stay aloft for up to six hours. Like Google Earth, it enables police to zoom in on certain areas. And like TiVo, it permits them to rewind, so that they can look back and see what happened anywhere they weren't watching in real time."Read Replies (0)
By samzenpus from Slashdot's what-do-the-number-say? department
An anonymous reader writes "In his new book, Social Physics, MIT data scientist Alex 'Sandy' Pentland argues that by analyzing data from smartphones, social media, and credit-card systems, we'll soon be able to have a mathematical understanding of 'the basic mechanisms of social interactions.' Social scientists will be able to understand and predict the interactions of people the way physicists understand and predict the interactions of objects. That will, in turn, enable governments and businesses to create incentive systems to 'tune' people's behavior, making society more productive and creative. In a review of Pentland's book in Technology Review, Nicholas Carr argues that such data-based social engineering 'will tend to perpetuate existing social structures and dynamics' and 'encourage us to optimize the status quo rather than challenge it.' Carr writes, 'Defining social relations as a pattern of stimulus and response makes the math easier, but it ignores the deep, structural sources of social ills. Pentland may be right that our behavior is determined largely by social norms and the influences of our peers, but what he fails to see is that those norms and influences are themselves shaped by history, politics, and economics, not to mention power and prejudice.'"Read Replies (0)
By timothy from Slashdot's withdrawing-the-earlier-dept-line department
The Guardian carries Edward Snowden's detailed rebuttal to critics
who say that his recent live-TV interaction with Vladimir Putin, in which Snowden asked whether the Russian government was engaged in spying on Russian citizens' communications, was a scripted moment intended to curry or maintain favor with Putin. After all, Snowden is currently living in Russia, where he has been granted only temporary harbor, goes this argument, so he is at the mercy of the Russian government, and has just gamely thrown Putin a softball. (Slashdot reader Rambo Tribble said the exchange had a "canned quality,"
a sentiment widely echoed.) Snowden writes that, far from being a whitewash of actual policies by the Russian government, his question ("Does [your country] intercept, analyse or store millions of individuals' communications?") "was intended to mirror the now infamous exchange in US Senate intelligence committee hearings between senator Ron Wyden and the director of national intelligence, James Clapper, about whether the NSA collected records on millions of Americans, and to invite either an important concession or a clear evasion"; he decribes Putin's answer as a combination of inconsistent denial and evasion. Snowden writes:
< article continued at Slashdot
>Read Replies (0)