By EditorDavid from Slashdot's genius-bar department
An anonymous reader quotes this article from a TV station in New York about a "brazen daylight heist" made possible by wearing the right t-shirt:
Two thieves put on Apple store employee T-shirts and headed past the Genius Bar to the repair room, grabbed what they could and walked out with more than $16,000 worth of stolen iPhones... Police said just one hour before, the same thieves may have stolen three iPhones 6's worth $1,900 from the Apple Store on 14th Street and Ninth Avenue in the West Village... Earlier this year, three thieves pulled off two similar, but much more lucrative heists, at the Upper West Side Apple Store at Broadway and 67th Street, a training center for Apple employees. Once again, they dressed as Apple employees and stole a total of $49,000 worth of iPhones.Read Replies (0)
By EditorDavid from Slashdot's we-are-legion department
An anonymous Slashdot reader writes:
Softpedia is reporting that a member of the Anonymous collective "has been hijacking accounts for the most active ISIS supporters, the ones involved in online recruitment, and has been plastering their profiles with naked women and peaceful messages."
Anonymous is also using the hijacked accounts to monitor "protected" tweets from ISIS, and they're reporting hundreds of thousands of other ISIS profiles to Twitter.
But Anonymous is also defacing 161 of the hijacked accounts, saying they're "Adding our own images and basically showing them 'We are in control'... we are creating confusion and distrust..." There are a few things that the Islamic State fear. One is women and the second is Porn."Read Replies (0)
By EditorDavid from Slashdot's hit-the-road,-Jack department
An anonymous reader writes that Uber "has suffered double-losses in Europe, as both France and Germany continue to reject the company's validity in their regions." Meanwhile, a Boston Uber driver filed a federal lawsuit on Thursday accusing Uber of illegally classifying drivers as independent contractors to avoid providing full employee benefits. An Indianapolis driver has filed a similar suit, which also complains that Uber won't let them accept tips, and keeps any tips that customer's pay them through Uber's app. And remember when Uber and Lyft left Austin after losing a local election which would've required all their drivers to be fingerprinted? Now two lawsuits charge the companies were required to give 60 days notice to all their employees, and is demanding back pay and benefits.
But an anonymous reader quotes this column from the Los Angeles Times arguing that a federal judge's ultimate question is just "how sleazy" Uber really is.
We're familiar with the Uber that talked about responding to bad publicity by digging up dirt on reporters following the company. Also the Uber that allegedly stalked passengers using its service, following their travel routes for the amusement of its party-goers... What about the Uber that secretly investigated a lawyer representing an adversary in a lawsuit, and then lied about it? That's the Uber that Federal Judge Jed S. Rakoff of New York wants to hear a lot more about. On Thursday he ordered Uber to turn over to the other side a pile of documents related to the investigation.
Slashdot reader chasm22 points out that the high-powered investigator hired by Uber is apparently a retired senior CIA officer -- a former chief strategy officer, chief of cyberthreat analysis and chief of counterintelligence.Read Replies (0)
By manishs from Slashdot's act-surprised department
The FBI did turn to NSA when it was trying to hack into the San Bernardino shooter's iPhone, according to an NSA official. But to many's surprise, one of the world's most powerful intelligence agencies couldn't hack into that particular iPhone 5c model. "We don't do every phone, every variation of phone," said Richard Ledgett, the NSA's deputy director. "If we don't have a bad guy who's using it, we don't do that." According to Ledgett, apparently the agency has to prioritize its resources and thus it doesn't know how to get into every popular gadget. According to the report, the agency is now looking to exploit Internet of Things, including biomedical devices. The Intercept reports: Biomedical devices could be a new source of information for the NSA's data hoards -- "maybe a niche kind of thing ... a tool in the toolbox," he said, though he added that there are easier ways to keep track of overseas terrorists and foreign intelligence agents. When asked if the entire scope of the Internet of Things -- billions of interconnected devices -- would be "a security nightmare or a signals intelligence bonanza," he replied, "Both."Read Replies (0)
By EditorDavid from Slashdot's gullible-media? department
An anonymous reader writes: "We have investigated reports of Twitter usernames/passwords on the dark web, and we're confident that our systems have not been breached," posted the company's security office, Michael Coates. In a blog post, he wrote that Twitter use HTTPS "everywhere" and secures account credentials with bcrypt, while also watching for suspicious account activity based on location, device type, and login history. Responding to recent reports of 32 million compromised accounts, he blamed malware and also recycled passwords, which mean "a breach of passwords associated with website X could result in compromised accounts at unrelated website Y."
"When so many breaches are announced in a short window of time, it may be natural to assume that any mention of 'another breach' is true and valid. Nefarious individuals leverage this environment in order to either bundle old breached data or repackage accounts from a variety of breaches, and then claim they have login information and passwords for website Z."
A security expert gave the same explanation to InformationWeek. And Brian Krebs recently pointed out that a Tweet claiming 73 million compromised Dropbox accounts was actually just recycling credentials from a 2013 breach at Tumblr. A recent breach of Mark Zuckerberg's Twitter account was attributed to a low-security password.Read Replies (0)
By BeauHD from Slashdot's wealth-of-knowledge department
mi writes from a report via The Daily Beast: Unlike in cases of commercially-held data, where the Third Party doctrine allows police warrantless access, prescription drug monitoring databases are maintained by state-governments. The difference is lost to the Obama Administration, which argues that "since the records have already been submitted to a third party (a state's Prescription Drug Monitoring Program) that patients no longer enjoy an expectation of privacy." The DEA has claimed for years that under federal law it has the authority to access the states' prescription drug databases using only an "administrative subpoena." These are unilaterally issued orders that do not require a showing of probable cause before a court, like what's required to obtain a warrant. Some states, like Oregon, fight it; some, like Wisconsin, do not. "The federal government is eager to see all these databases linked," reports The Daily Beast. "The Department of Justice has developed a software platform to facilitate sharing among all state PDMPs. So far 32 states already share their PDMP data through a National Association of Boards of Pharmacy program. The Comprehensive Addiction and Recovery Act (CARA), which passed Congress in March, calls for expanding sharing of PDMP data."Read Replies (0)