By EditorDavid from Slashdot's what-if department
Slashdot reader Actually, I do RTFA remains wary of a new "blockchain-powered mobile voting app" being used by the state of West Virginia to collect ballots from overseas absentee voters.
But meanwhile, Slashdot reader chicksdaddy notes an election hacking exercise conducted with city employees and local FBI officers in Boston focused on attempts to disrupt a hypothetical election in "Nolandia" by simply clogging highways and sowing chaos. From Security Ledger:
The day started with snarled traffic and a suspicious outage of the 9-1-1 emergency call center that has put the public and first responders on edge. Already, the city's police force was taxed keeping tabs on protests tied to a meeting of the International Monetary Fund. By afternoon, the federal Emergency Alert System (EAS) was warning Nolandia residents of massive natural gas leaks in neighborhoods in the north and west part of the city, prompting officials to order evacuations of the affected areas.
Later, bomb threats called in to local television stations shut down a bridge linking the northern and southern halves of the city -- a major artery for vehicles. The EAS warning turns out to have been false -- no gas leaks are detected, nor is any bomb found on the bridge. Later in the day, cyber attack s on a smart traffic light deployment in Nolandia snarl traffic further and sow chaos during the evening commute... This is election hacking 2018 style: a highly successful operation in which no voting machines or voting infrastructure were compromised, attacked or even targeted.
The cybersecurity company that created the exercise said they "wanted to expand that scope and demonstrate that the threat landscape is actually much broader...."Read Replies (0)
By EditorDavid from Slashdot's nuclear-options department
An anonymous reader quotes iTWire:
Linux developers who contribute code to the kernel cannot rescind those contributions, according to the software programmer who devised the GNU General Public Licence version 2.0, the licence under which the kernel is released. Richard Stallman, the head of the Free Software Foundation and founder of the GNU Project, told iTWire in response to queries that contributors to a GPLv2-covered program could not ask for their code to be removed. "That's because they are bound by the GPLv2 themselves. I checked this with a lawyer," said Stallman, who started the free software movement in 1984.
There have been claims made by many people, including journalists, that if any kernel developers are penalised under the new code of conduct for the kernel project -- which was put in place when Linux creator Linus Torvalds decided to take a break to fix his behavioural issues -- then they would ask for their code to be removed from the kernel... Stallman asked: "But what if they could? What would they achieve by doing so? They would cause harm to the whole free software community. The anonymous person who suggests that Linux contributors do this is urging them to [use a] set of nuclear weapons in pique over an internal matter of the development team for Linux. What a shame that would be."
Slashdot reader dmoberhaus shared an article from Motherboard with more perspetives from Eric S. Raymond and LWN.net founder Jonathan Corbet, which also traces the origins of the suggestion. "[A]n anonymous user going by the handle 'unconditionedwitness' called for developers who end up getting banned through the Code of Conduct in the future to rescind their contributions to the Linux kernel 'in a bloc' to produce the greatest effect.
"It is worth noting that the email address for unconditionedwitness pointed to redchan.it, a now defunct message board on 8chan that mostly hosted misogynistic memes, many of which were associated with gamergate."Read Replies (0)
By BeauHD from Slashdot's security-taken-seriously department
An anonymous reader quotes a report from The Verge: California Governor Jerry Brown has signed a cybersecurity law covering "smart" devices, making California the first state with such a law. The bill, SB-327, was introduced last year and passed the state senate in late August. Starting on January 1st, 2020, any manufacturer of a device that connects "directly or indirectly" to the internet must equip it with "reasonable" security features, designed to prevent unauthorized access, modification, or information disclosure. If it can be accessed outside a local area network with a password, it needs to either come with a unique password for each device, or force users to set their own password the first time they connect. That means no more generic default credentials for a hacker to guess.Read Replies (0)
By BeauHD from Slashdot's new-way-of-doing-things department
Sophia Chen reporting for Science Magazine: In a small basement laboratory, Harry Levine, a Harvard University graduate student in physics, can assemble a rudimentary computer in a fraction of a second. There isn't a processor chip in sight; his computer is powered by 51 rubidium atoms that reside in a glass cell the size of a matchbox. To create his computer, he lines up the atoms in single file, using a laser split into 51 beams. More lasers -- six beams per atom -- slow the atoms until they are nearly motionless. Then, with yet another set of lasers, he coaxes the atoms to interact with each other, and, in principle, perform calculations.
It's a quantum computer, which manipulates "qubits" that can encode zeroes and ones simultaneously in what's called a superposition state. If scaled up, it might vastly outperform conventional computers at certain tasks. But in the world of quantum computing, Levine's device is somewhat unusual. In the race to build a practical quantum device, investment has largely gone to qubits that can be built on silicon, such as tiny circuits of superconducting wire and small semiconductors structures known as quantum dots. Now, two recent studies have demonstrated the promise of the qubits Levine works with: neutral atoms. In one study, a group including Levine showed a quantum logic gate made of two neutral atoms could work with far fewer errors than ever before. And in another, researchers built 3D structures of carefully arranged atoms, showing that more qubits can be packed into a small space by taking advantage of the third dimension. Chen goes on report on the startups -- ColdQuanta and Atom Computing -- that are working to build fully programmable quantum computers. ColdQuanta has received $6.75 million in venture funding while Atom Computer has raised $5 million.Read Replies (0)
By BeauHD from Slashdot's first-of-its-kind department
Motherboard's Lorenzo Franceschi-Bicchierai spoke with Patrick Wardle, the ex-NSA hacker who's organizing a security conference exclusively dedicated to Macs. Despite what Apple has famously promoted in the mid 2000s that Macs don't get "PC viruses," Mac computers do in fact have bugs, vulnerabilities, and even malware targeted at them. From the report: "People are peeking behind the curtain and realizing that the facade of Mac security is not always what it's cracked to be," Wardle told Motherboard in a phone interview. "Any company that designs software is going to have issues -- but Apple has perfected the art of a flawless public facade that masks many security issues." Wardle would know. After hacking primarily Windows computers at Fort Meade, for the last few years Wardle been finding several issues in MacOS, so many that he considers himself a "thorn" on Apple's side. But his conference is not an exercise in shaming or finger pointing, Wardle said he hopes to educate and teach people about Mac security, especially now that so many companies are using Macs as their corporate computers.
The conference is called Objective By the Sea, a wordplay on Objective-See, the name of Wardle's suite of free Mac security products (which is itself a wordplay on Apple's main programming language called Objective-C.) It will be held in Maui, Hawaii on November 3 and 4. The conference will be free for residents of Hawaii, and for patrons of Objective-See. That's why Wardle said he can't afford to pay for all speakers to attend, but he had no trouble finding people who wanted to participate. One group that doesn't want to come to Maui, at least for now, is Apple. Wardle said he reached out to the company, essentially offering it carte blanche to talk about whatever it wanted. But the company, so far, has not responded, according to him.Read Replies (0)
By BeauHD from Slashdot's still-developing department
Sources have shared some new details with CNBC relating to the recent SEC charges against Tesla CEO Elon Musk. Yesterday, U.S. securities regulators sued Musk for allegedly making false statements related to his abandoned efforts to take Tesla Motors private. Now, according to CNBC, Tesla and the SEC were close to a no-guilt settlement but Elon Musk pulled out at the last minute. From the report: Under the deal, Musk and Tesla would have had to pay a nominal fine, and the CEO would not have had to admit any guilt, the sources said. However, the settlement would have barred Musk as chairman for two years and would require Tesla to appoint two new independent directors, CNBC's David Faber, citing sources. Musk refused to sign the deal because he felt that by settling he would not be truthful to himself, and he wouldn't have been able to live with the idea that he agreed to accept a settlement and any blemish associated with that, the sources said. Musk called the SEC's allegations "unjustified" and that he acted in the best interests of investors. "Tesla and the board of directors are fully confident in Elon, his integrity, and his leadership of the company, which has resulted in the most successful U.S. auto company in over a century. Our focus remains on the continued ramp of Model 3 production and delivering for our customers, shareholders and employees," said Tesla's board of directors in a statement.Read Replies (0)
By BeauHD from Slashdot's cause-and-effect department
Follow the revelations this morning that a hacker exploited a security flaw in a popular feature of Facebook to steal account credentials of as many as 50 million users, a class-action lawsuit has been filed on behalf of one California resident, Carla Echavarria, and one Virginia resident, Derick Walker. "Both allege that Facebook's lack of proper security has exposed them and additional potential class members to a significantly increased chance of identity theft as a result of the breach," reports The Verge. From the report: The lawsuit was filed today in U.S. District Court for the Northern District of California. The complaint alleges Facebook is guilty of unlawful business practices, deceit by concealment, negligence, and violations of California's Customer Records Act. The plaintiffs want statutory damages and penalties awarded to them and other class members, as well as the providing of credit monitoring services, punitive damages, and the coverage of attorneys' fees and expenses. Although Facebook says it has fixed the issue that resulted in the breach, it still has little to no information to provide on who is behind the attack or when the attack even occurred.
As it stands, in addition to this new lawsuit, Facebook is facing pressure from the New York State Attorney General Barbara Underwood, who announced on Twitter this afternoon that, "We're looking into Facebook's massive data breach. New Yorkers deserve to know that their information will be protected." Federal Trade Commissioner Rohit Chopra had a terse public reaction, releasing a simple three-line tweet reading, "I want answers." In addition to Underwood and Chopra, Sen. Mark R. Warner (D-VA) released a statement describing the hack is "deeply concerning" and calling for a full investigation.Read Replies (0)
By BeauHD from Slashdot's dreams-do-come-true department
An anonymous reader quotes a report from Electrek: Electrek has learned that Tesla already achieved the goal for a new record production with two days still to go before the end of the quarter. As we reported last week, Tesla achieved a new record day of Model 3 production, but it was cutting it close for the quarterly goal. The automaker had been guiding a production of 50,000 to 55,000 Model 3 vehicles for the third quarter. According to a reliable source familiar with Tesla's production, the automaker had a strong week of production and managed to bring the total number Model 3 produced to over 51,000 vehicles. For the first time in months, Tesla was able to produce about 5,000 Model 3 vehicles over seven days. The total production for the week was at around 6,700 vehicles -- bringing the total for the quarter to about 77,400 vehicles. Tesla was able to maintain production of about 1,100 cars per day over four days this week and about 800 Model 3's per day over three of those days. It's one of the highest levels of production that Tesla was ever able to maintain.Read Replies (0)
By msmash from Slashdot's up-next department
Google CEO Sundar Pichai has agreed to testify before the House Judiciary Committee in November, following the midterm elections. He met with House Majority Leader Kevin McCarthy and other senior Republicans Friday to discuss accusations that Google is biased against conservatives (a charge the company has denied). From a report: "I think we've really shown that there is bias, which is human nature, but you have to have transparency and fairness," McCarthy said. "As big tech's business grows, we have not had enough transparency and that has led to an erosion of trust and, perhaps worse, harm to consumers." Alphabet's Google unit has repeatedly denied accusations of bias against conservatives. Pichai left the meeting without comment. Pichai wrote in an internal email last week that suggestions that Google would interfere in search results for political reasons were "absolutely false. We do not bias our products to favor any political agenda." [...] Asked if Republicans will push to break up Google, McCarthy said: "I don"t see that." He said the hearing will look at privacy, bias issues, China and other matters.Read Replies (0)
By msmash from Slashdot's ummmmmmm department
BitTorrent and Tron, following the acquisition, hope to successfully integrate blockchain technology with the popular file-sharing protocol. From a report: Both companies were built around decentralization, which makes for a good match. However, it doesn't stop there. BitTorrent and Tron plan to integrate blockchain technology into future releases of their torrent clients. In short, they want to make it possible for users to 'earn' tokens by seeding. At the same time, others can 'bid' tokens to speed up their downloads. The new plan is dubbed "Project Atlas" and BitTorrent currently has seven people working on it full-time. In theory, the incentives will increase total seeding capacity, improving the health of the torrent ecosystem. "By adding tokens we'll make it so that you can effectively earn per seeding and create incentives for users not only to seed longer but to dedicate more of their bandwidth and storage overall," Project Atlas lead Justin Knoll says. The idea to merge the blockchain with file-sharing technology isn't new. Joystream, previously implemented a similar idea and Upfiring is also working on incentivized sharing. BitTorrent itself also considered it before Tron came into the picture. "Even before the Tron acquisition, our R&D team was looking at ways to add blockchain based incentives to the protocol. Now with the addition of Tron's expertise, we can accelerate that effort," Knoll says. BitTorrent says it will start implementing the technology in its desktop clients, such as uTorrent. After that, it intends to bring it to mobile. The company is additionally encouraging developers of other BitTorrent clients to follow suit. "We'll release the details of our implementation and encourage third-party clients and the whole ecosystem to implement this," Knoll was quoted as saying.Read Replies (0)
By msmash from Slashdot's closer-look department
After breaking into the top three most popular programming languages for the first time this month, behind C and Java, Python has also won the hearts of hackers and web nasties, according to attack statistics published this week by web security biz Imperva. From a report: The company says more than a third of daily attacks against sites the company protects come from a malicious or legitimate tool coded in Python. Imperva says that around 77 percent of all the sites the company protects, have been attacked by at least one Python-based tool. Furthermore, when the company looked at the list of tools that hackers used for their attacks, more than a quarter were coded in Python, by far the attackers' favorite tool. "Hackers, like developers, enjoy Python's advantages which makes it a popular hacking tool," the Imperva team says.Read Replies (0)
By msmash from Slashdot's stranger-things department
There's something mysterious coming up from the frozen ground in Antarctica, and it could break physics as we know it. From a report: Physicists don't know what it is exactly. But they do know it's some sort of cosmic ray -- a high-energy particle that's blasted its way through space, into the Earth, and back out again. But the particles physicists know about -- the collection of particles that make up what scientists call the Standard Model (SM) of particle physics -- shouldn't be able to do that. Sure, there are low-energy neutrinos that can pierce through miles upon miles of rock unaffected. But high-energy neutrinos, as well as other high-energy particles, have "large cross-sections." That means that they'll almost always crash into something soon after zipping into the Earth and never make it out the other side. And yet, since March 2016, researchers have been puzzling over two events in Antarctica where cosmic rays did burst out from the Earth, and were detected by NASA's Antarctic Impulsive Transient Antenna (ANITA) -- a balloon-borne antenna drifting over the southern continent. ANITA is designed to hunt cosmic rays from outer space, so the high-energy neutrino community was buzzing with excitement when the instrument detected particles that seemed to be blasting up from Earth instead of zooming down from space. Because cosmic rays shouldn't do that, scientists began to wonder whether these mysterious beams are made of particles never seen before. Since then, physicists have proposed all sorts of explanations for these "upward going" cosmic rays, from sterile neutrinos (neutrinos that rarely ever bang into matter) to "atypical dark matter distributions inside the Earth," referencing the mysterious form of matter that doesn't interact with light.Read Replies (0)