By Soulskill from Slashdot's goose-that-lays-the-golden-ovoid department
An anonymous reader writes: When we talk about how the NSA operates, it's typically about the policymakers and what the agency should or should not do. It's worth remembering that the NSA is built upon the backs of world-class mathematicians, whom they aggressively recruit to make all their underlying surveillance technology work. A new piece in Science discusses how the relationship between mathematicians and the NSA has changed following the Snowden leaks (PDF). But as Peter Woit points out, these ethical conundrums are not actually spurring any change. This is perhaps due to the NSA's generous funding of mathematics-related research.
The article talks about the American Mathematical Society, which until recently was led by David Vogan: "...after all was said and done, no action
was taken. Vogan describes a meeting about the matter last year with an AMS governing committee as 'terrible,' revealing little interest among the rest of the society's leadership in making a public statement about
NSA's ethics, let alone cutting ties. Ordinary AMS members, by and large, feel the same way, adds Vogan, who this week is handing over the presidency to Robert Bryant, a mathematician at Duke University in Durham,
North Carolina. For now, U.S. mathematicians aren't willing to disown their shadowy but steadfast benefactor."Read Replies (0)
By Soulskill from Slashdot's talking-to-the-wrist department
An anonymous reader writes: Security researcher Simone Margaritelli has reverse engineered the Bluetooth low-energy communications protocol for his Nike+ FuelBand SE, a wrist-worn activity tracker. He learned some disturbing facts: "The authentication system is vulnerable, anyone could connect to your device. The protocol supports direct reading and writing of the device memory, up to 65K of contents. The protocol supports commands that are not supposed to be implemented in a production release (bootloader mode, device self test, etc)." His post explains in detail how he managed this, and how Nike put effort into creating an authentication system, but then completely undermined it by using a hard-coded token. Margaritelli even provides a command list for the device, which can do things like grab an event log, upload a bitmap for the screen, and even reset it.Read Replies (0)