DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Crime

Debian Developer Imprisoned In Russia Over Alleged Role In Riots (itwire.com) 12

An anonymous reader writes: "Dmitry Bogatov, Debian developer and Tor node admin, is still being held in a Moscow jail," tweeted the EFF Saturday. IT Wire reports that the 25-year-old math teacher was arrested earlier this month "on suspicion of organizing riots," and is expected to be held in custody until June 8. "The panel investigating the protests claims Bogatov posted several incitory messages on the sysadmin.ru forum; for example, one claim said he was asking people to bring 'bottles, fabric, gasoline, turpentine, foam plastic' to Red Square, according to a post at Hacker News. The messages were sent in the name of one Airat Bashirov and happened to be transmitted through the Tor node that Bogatov was running. The Hacker News post said Bogatov's lawyer had produced surveillance video footage to show that he was elsewhere at the time when the messages were posted.
"After Dmitry's arrest," reports the Free Bogatov site, "Airat Bashirov continue to post messages. News outlets 'Open Russia' and 'Mediazona' even got a chance to speak with him."

Earlier this month the Debian GNU/Linux project also posted a message of support, noting Dmitry maintains several packages for command line and system tools, and saying their group "honours his good work and strong dedication to Debian and Free Software... we hope he is back as soon as possible to his endeavours... In the meantime, the Debian Project has taken measures to secure its systems by removing Dmitry's keys in the case that they are compromised."
Data Storage

Developer Shares A Recoverable Container Format That's File System Agnostic (github.com) 85

Long-time Slashdot reader MarcoPon writes: I created a thing: SeqBox. It's an archive/container format (and corresponding suite of tools) with some interesting and unique features. Basically an SBX file is composed of a series of sector-sized blocks with a small header with a recognizable signature, integrity check, info about the file they belong to, and a sequence number. The results of this encoding is the ability to recover an SBX container even if the file system is corrupted, completely lost or just unknown, no matter how much the file is fragmented.
Networking

Russian-Controlled Telecom Hijacks Traffic For Mastercard, Visa, And 22 Other Services (arstechnica.com) 49

An anonymous reader quotes the security editor at Ars Technica: On Wednesday, large chunks of network traffic belonging to MasterCard, Visa, and more than two dozen other financial services companies were briefly routed through a Russian government-controlled telecom under unexplained circumstances that renew lingering questions about the trust and reliability of some of the most sensitive Internet communications.

Anomalies in the border gateway protocol -- which routes large-scale amounts of traffic among Internet backbones, ISPs, and other large networks -- are common and usually the result of human error. While it's possible Wednesday's five- to seven-minute hijack of 36 large network blocks may also have been inadvertent, the high concentration of technology and financial services companies affected made the incident "curious" to engineers at network monitoring service BGPmon. What's more, the way some of the affected networks were redirected indicated their underlying prefixes had been manually inserted into BGP tables, most likely by someone at Rostelecom, the Russian government-controlled telecom that improperly announced ownership of the blocks.

The Military

Some Of The Pentagon's Critical Infrastructure Still Runs Windows 95 And 98 (defenseone.com) 108

SmartAboutThings writes: The Pentagon is set to complete its Windows 10 transition by the end of this year, but nearly 75% of its control system devices still run Windows XP or other older versions, including Windows 95 and 98. A Pentagon official now wants the bug bounty program of the top U.S. defense agency expanded to scan for vulnerabilities in its critical infrastructure.
DefenseOne raises the possibility of "building and electrical systems, HVAC equipment and other critical infrastructure laden with internet-connected sensors," with one military program manager saying "A lot of these systems are still Windows 95 or 98, and that's OK -- if they're not connected to the internet." Windows Report notes that though Microsoft no longer supports Windows XP, "the Defense Department is paying Microsoft to continue providing support for the legacy OS."
Encryption

Encrypted WhatsApp Message Recovered From Westminster Terrorist's Phone (indiatimes.com) 109

Bruce66423 brings word that a terrorist's WhatsApp message has been decrypted "using techniques that 'cannot be disclosed for security reasons', though 'sources said they now have the technical expertise to repeat the process in future.'" The Economic Times reports: U.K. security services have managed to decode the last message sent out by Khalid Masood before he rammed his high-speed car into pedestrians on Westminster Bridge and stabbed to death a police officer at the gates of Parliament on March 22. The access to Masood's message was achieved by what has been described by security sources as a use of "human and technical intelligence"...

The issue of WhatsApp's encrypted service, which is closed to anyone besides the sender and recipient, had come under criticism soon after the attack. "It's completely unacceptable. There should be no place for terrorists to hide. We need to make sure that organisations like WhatsApp, and there are plenty of others like that, don't provide a secret place for terrorists to communicate with each other," U.K. home secretary Amber Rudd had said.

Security sources say the message showed the victim's motive was military action in Muslim countries, while the article adds that though ISIS claimed responsibility for the attack, "no evidence has emerged to back this up."
The Almighty Buck

Italian Police Say Amazon Has Evaded $142 Million of Taxes (reuters.com) 82

An anonymous reader quotes a report from Reuters: Milan tax police have told Amazon they believe the world's largest online retailer has evaded around 130 million euros ($142 million) of taxes in Italy, a source close to the matter said on Friday. The allegedly unpaid taxes refer to the period between 2011 and 2015, when Amazon made revenues of around 2.5 billion euros in Italy, the source said. The tax police's findings have been handed to Milan prosecutors, the source added. Amazon issued a statement denying it had evaded any taxes, and said its profits in Italy, on which taxes are paid, had been low due to its considerable investments in the country.
Government

EPA Website Removes Climate Science Site From Public View After Two Decades (washingtonpost.com) 139

Last week there were reports that the EPA climate change website was set to be taken down, though later the EPA denied that. On Friday evening, however, the Environmental Protection Agency announced its website would be "undergoing changes" to better represent the new direction the agency is taking, triggering the removal of several agency websites containing detailed climate data and scientific information (paywalled; alternative source). From a report on The Washington Post: One of the websites that appeared to be gone had been cited to challenge statements made by the EPA's new administrator, Scott Pruitt. Another provided detailed information on the previous administration's Clean Power Plan, including fact sheets about greenhouse gas emissions on the state and local levels and how different demographic groups were affected by such emissions. The changes came less than 24 hours before thousands of protesters were set to march in Washington and around the country in support of political action to push back against the Trump administration's rollbacks of former president Barack Obama's climate policies.
Earth

Trump Order Helps Offshore Drilling, Stops Marine Sanctuary Expansion (arstechnica.com) 143

An anonymous reader quotes a report from Ars Technica: In an executive order signed on Friday, President Trump directed his secretary of the interior to review current rules on offshore drilling and exploration. This review is likely to result in a relaxation of the strict protections the previous administration put on offshore oil drilling in the Atlantic and in the Arctic. According to the Washington Post, a review of the rules is likely to "make millions of acres of federal waters eligible for oil and gas leasing." At the same time, Trump's executive order directed the secretary of commerce to cease designating new marine sanctuaries or expanding any that already exist. According to USA Today, Commerce Secretary Wilbur Ross is also "directed to review all designations and expansions of marine monuments or sanctuaries designated under the Antiquities Act within the last 10 years." The Post says this "includes Hawaii's Papahanaumokuakea Marine National Monument, which Obama quadrupled in size last year, and the Northeast Canyons and Seamounts off Massachusetts." Although these reviews could take some time to complete, they put in motion a bid to favor extraction industries like oil and gas mining. "Today, we're unleashing American energy and clearing the way for thousands and thousands of high-paying energy jobs," Trump reportedly told the Associated Press.
Government

NSA Halts Collection of Americans' Emails About Foreign Targets (nytimes.com) 48

The NSA is stopping one of the most disputed forms of its warrantless surveillance program (alternative source), one in which it collects Americans' emails and texts to and from people overseas and that mention a foreigner under surveillance, NYTimes reports on Friday citing officials familiar with the matter. From the report: National security officials have argued that such surveillance is lawful and helpful in identifying people who might have links to terrorism, espionage or otherwise are targeted for intelligence-gathering. The fact that the sender of such a message would know an email address or phone number associated with a surveillance target is grounds for suspicion, these officials argued. [...] The N.S.A. made the change to resolve problems it was having complying with special rules imposed by the Foreign Intelligence Surveillance Court in 2011 to protect Americans' privacy. For technical reasons, the agency ended up collecting messages sent and received domestically as a byproduct of such surveillance, the officials said.
Businesses

Qualcomm Says Apple To Stop Paying Royalties (reuters.com) 57

Apple has decided to withhold royalty payments to its contract manufacturers that are owed to Qualcomm, until a legal dispute between the companies is resolved, the chipmaker said on Friday. From a report: Qualcomm, the largest maker of chips used in smartphones, said it will not receive royalties from Apple's contract manufacturers for sales made during the quarter ended March 31. San Diego, California-based Qualcomm also slashed its profit and revenue forecasts for the current quarter, to account for the lost royalty revenue.
The Almighty Buck

Slashdot Asks: Should an Employee Be Fired For Working On Personal Side Projects During Office Hours? (quora.com) 382

An anonymous reader writes: I found this article that talks about whether an engineer should be fired if s/he is working on a side project. Several people who have commented in the thread say that the employer should first talk to the person and understand why they are working on personal projects during the office hours. One reason, as many suggested, could be that the employee might not have been fairly compensated despite being exceptionally good at the job. In which case, the problem resides somewhere in the management who has failed to live up to the expectations. What do you folks think? Let's not just focus on engineers, per se. It could be an IT guy (who might have a lot of free time in hand), or a programmer.
Businesses

BitTorrent is Shutting Down Its Live TV Streaming Service (variety.com) 17

Janko Roettgers, reporting for Variety: San Francisco-based BitTorrent Inc. is set to shut down its P2P-powered live TV streaming service BitTorrent Live in the coming weeks, Variety has learned. Most of the 10-person team behind the live streaming service is expected to leave the company by the end of this week. The closure of Live comes after BitTorrent unsuccessfully tried to raise money to spin out the service into a separate company. It's also just the latest twist in a long corporate drama. Last year, two outside investors took control of BitTorrent, spent millions of dollars on an expensive expansion into the media space and promptly got themselves fired. BitTorrent has since rehired its former COO Rogelio Choy as its new CEO, and is now looking to focus on its core products. As part of that realignment, the company was looking to turn Live into a separate, venture-funded entity, but raising money for it proved challenging.
Privacy

Lawsuit: Fox News Group Hacked, Surveilled, and Stalked Ex-Host Andrea Tantaros (arstechnica.com) 99

An anonymous reader quotes a report from Ars Technica: Comparing their actions to the plot this season on the Showtime series Homeland, an attorney for former Fox News host Andrea Tantaros has filed a complaint in federal court against Fox News, current and former Fox executives, Peter Snyder and his financial firm Disruptor Inc., and 50 "John Doe" defendants. The suit alleges that collective participated in a hacking and surveillance campaign against her. Tantaros filed a sexual harassment suit against Roger Ailes and Fox News in August of 2016, after filing internal complaints with the company about harassment dating back to February of 2015. She was fired by the network in April of 2016, as Tantaros continued to press complaints against Fox News' then-Chairman and CEO Roger Ailes, Bill O'Reilly, and others. Tantaros had informed Fox that she would be filing a lawsuit over the alleged sexual harassment. Tantaros claims that as early as February of 2015, a group run out of a "black room" at Fox News engaged in surveillance and electronic harassment of her, including the use of "sock puppet" social media accounts to electronically stalk her. Tantaros' suit identifies Peter Snyder and Disruptor Inc. as the operators of a social influence operation using "sock puppet" accounts on Twitter and other social media.
Businesses

Kill Net Neutrality and You'll Kill Us, Say 800 US Startups (google.com) 295

A group of more than 800 startups has sent a letter to the FCC chairman Ajit Pai saying they are "deeply concerned" about his decision to kill net neutrality -- reversing the Title II classification of internet service providers. The group, which includes Y Combinator, Etsy, Foursquare, GitHub, Imgur, Nextdoor, and Warby Parker, added that the decision could end up shutting their businesses. They add, via an article on The Verge: "The success of America's startup ecosystem depends on more than improved broadband speeds. We also depend on an open Internet -- including enforceable net neutrality rules that ensure big cable companies can't discriminate against people like us. We're deeply concerned with your intention to undo the existing legal framework. Without net neutrality, the incumbents who provide access to the Internet would be able to pick winners or losers in the market. They could impede traffic from our services in order to favor their own services or established competitors. Or they could impose new tolls on us, inhibiting consumer choice. [...] Our companies should be able to compete with incumbents on the quality of our products and services, not our capacity to pay tolls to Internet access providers."
The Courts

University of California IT Workers Replaced By Offshore Outsourcing Firm To File Discrimination Lawsuit (computerworld.com) 303

The IT workers from the University of California's San Francisco campus who were replaced by an offshore outsourcing firm late last year intend to file a lawsuit challenging their dismissal. "It will allege that the tech workers at the university's San Francisco campus were victims of age and national origin discrimination," reports Computerworld. From the report: The IT employees lost their jobs in February after the university hired India-based IT services firm HCL. Approximately 50 full-time university employees lost their jobs, but another 30 contractor positions were cut as well. "To take a workforce that is overwhelmingly over the age of 40 and replace them with folks who are mainly in their 20s -- early 20s, in fact -- we think is age discrimination," said the IT employees' attorney, Randall Strauss, of Gwilliam Ivary Chiosso Cavalli & Brewer. The national origin discrimination claim is the result of taking a workforce "that reflects the diversity of California" and is summarily let go and is "replaced with people who come from one particular part of the world," said Strauss. The lawsuit will be filed in Alameda County Superior Court.
Books

Ask Slashdot: What Are Your Favorite Books On Entrepreneurship? 86

An anonymous reader writes: There are excellent well-known books like Steve Jobs by Walter Isaacson and Shoe Dog by Phil Knight, but I find some of the lesser-known books about tech entrepreneurship very interesting, like A Triumph of Genius about Edwin Land of Polaroid or Riding the Runaway Horse about An Wang of Wang Laboratories. Also, there's Fast Forward by Lardner about VHS/Betamax. What books regarding entrepreneurship would Slashdotters recommend?
Bitcoin

Backdoor Could Allow Company To Shut Down 70% of All Bitcoin Mining Operations (bleepingcomputer.com) 101

An anonymous reader writes: "An anonymous security researcher has published details on a vulnerability named "Antbleed," which the author claims is a remote backdoor affecting Bitcoin mining equipment sold by Bitmain, the largest vendor of crypto-currency mining hardware on the market," reports Bleeping Computer. The backdoor code works by reporting mining equipment details to Bitmain servers, who can reply by instructing the customer's equipment to shut down. Supposedly introduced as a crude DRM to control illegal equipment, the company forgot to tell anyone about it, and even ignored a user who reported it last fall. One of the Bitcoin Core developers claims that if such command would ever be sent, it could potentially brick the customer's device for good. Bitmain is today's most popular seller of Bitcoin mining hardware, and its products account for 70% of the entire Bitcoin mining market. If someone hijack's the domain where this backdoor reports, he could be in the position to shut down Bitcoin mining operations all over the world, which are nothing more than the computations that verify Bitcoin transactions, effectively shutting down the entire Bitcoin ecosystem. Fortunately, there's a way to mitigate the backdoor's actions using local hosts files.
Businesses

Should Banks Let Ancient Programming Language COBOL Die? (thenextweb.com) 371

COBOL is a programming language invented by Hopper from 1959 to 1961, and while it is several decades old, it's still largely used by the financial sector, major corporations and part of the federal government. Mar Masson Maack from The Next Web interviews Daniel Doderlein, CEO of Auka, who explains why banks don't have to actively kill COBOL and how they can modernize and "minimize the new platforms' connections to the old systems so that COBOL can be switched out in a safe and cheap manner." From the report: According to [Doderlein], COBOL-based systems still function properly but they're faced with a more human problem: "This extremely critical part of the economic infrastructure of the planet is run on a very old piece of technology -- which in itself is fine -- if it weren't for the fact that the people servicing that technology are a dying race." And Doderlein literally means dying. Despite the fact that three trillion dollars run through COBOL systems every single day they are mostly maintained by retired programming veterans. There are almost no new COBOL programmers available so as retirees start passing away, then so does the maintenance for software written in the ancient programming language. Doderlein says that banks have three options when it comes to deciding how to deal with this emerging crisis. First off, they can simply ignore the problem and hope for the best. Software written in COBOL is still good for some functions, but ignoring the problem won't fix how impractical it is for making new consumer-centric products. Option number two is replacing everything, creating completely new core banking platforms written in more recent programming languages. The downside is that it can cost hundreds of millions and it's highly risky changing the entire system all at once. The third option, however, is the cheapest and probably easiest. Instead of trying to completely revamp the entire system, Doderlein suggests that banks take a closer look at the current consumer problems. Basically, Doderlein suggests making light-weight add-ons in more current programming languages that only rely on COBOL for the core feature of the old systems.
The Almighty Buck

Apple Is In Talks To Launch Its Own Venmo (recode.net) 48

An anonymous reader quotes a report from Recode: The company has recently held discussions with payments industry partners about introducing its own Venmo competitor, according to multiple sources familiar with the talks. The service would allow iPhone owners to send money digitally to other iPhone owners, these people said. One source familiar with the plans told Recode they expect the company to announce the new service later this year. Another cautioned that an announcement and launch date may not yet be set. The new Apple product would compete with offerings from big U.S. banks as well as PayPal, its millennial-popular subsidiary Venmo, as well as Square Cash in the increasingly competitive world of digital money-transfers. Apple has also recently held discussions with Visa about creating its own pre-paid cards that would run on the Visa debit network and which would be tied to the new peer-to-peer service, sources told Recode. People would be able to use the Apple cards to spend money sent to them through the new service, without having to wait for it to clear to their bank account.
China

US Space Firms Tell Washington: China Will Take Over the Moon if You're Not Careful (yahoo.com) 157

The US space industry is prodding the US government into refreshing its outdated laws on commercial activity beyond earth: scare it with talk of Chinese galactic domination. A report adds: At a Senate hearing on the space industry this week, companies that build rockets and space habitats and manufacture electronic goods in space spoke about a standard laundry list of complaints, from regulatory burdens to fears of subsidized competitors. But their message was wrapped in patriotic concerns about China's growing capacity for space action. These companies are eager for the US government to allow and invest in commercial activities in orbit and around the moon. Many think the laws governing action in space, and particularly the UN Space Treaty, need refreshing for an age when private companies are close to matching the space capacity of sovereign nations. The last major change was a law on asteroid mining passed in 2015.

Slashdot Top Deals