China

China Forces Muslim Minority To Install Spyware On Their Phones (bleepingcomputer.com) 225

An anonymous reader quotes a report from Bleeping Computer: Chinese authorities in the province of Xinjiang are forcing locals of the Uyghur Muslim minority to install an app on their phones that will allow the government to scan their device for "terrorist propaganda," local media reports. In reality, the app creates MD5 hashes for the user's files and matches them against a database of known terrorist content. The app also makes copies of the user's Weibo and WeChat databases and uploads it to a government server, along with the user's IMEI, IMSI, and WiFi login information. The app is called Jingwang (Citizen Safety) and was developed by police forces from Urumqi, Xinjiang's capital. Authorities launched the app in April, and also included the ability to report suspicious activity to the police. At the start of July, Xinjiang officials started sending WeChat messages in Uyghur and Chinese to locals, asking them to install the app or face detainment of up to 10 days. Police have also stopped people on the street to check if they installed the app. Several were detained for refusing to install it. Locals are now sharing the locations of checkpoints online, so others can avoid getting arrested.
The Internet

House Panel Wants Google, Facebook, AT&T CEOs To Testify On Internet Rules (reuters.com) 31

The chairman of the U.S. House Energy and Commerce Committee on Tuesday asked the chief executives of Alphabet, Facebook, Amazon.com, AT&T, Verizon Communications and other companies to testify at a Sept. 7 hearing on the future of net neutrality rules. From a report: The U.S. Federal Communications Commission is considering tossing out 2015 Obama administration net neutrality rules that reclassified internet service like a public utility. The rules bar providers from blocking, slowing or offering paid prioritization of websites. Many internet providers want Congress to step in and write permanent rules. Other chief executives asked to testify include the heads of Comcast, Netflix and Charter. Some companies including Facebook said they were reviewing the letter but none immediately said if they will testify.
Earth

World's First Floating Wind Farm Emerges Off Coast of Scotland (bbc.co.uk) 235

AmiMoJo writes: The world's first full-scale floating wind farm has started to take shape off the north-east coast of Scotland. The revolutionary technology will allow wind power to be harvested in waters too deep for the current conventional bottom-standing turbines. The manufacturer hopes to cash in on a boom in the technology, especially in Japan and the west coast of the U.S., where waters are deep. The tower, including the blades, stretches to 175m and weighs 11,500 tons. The price of energy from bottom-standing offshore wind farms has plummeted 32% since 2012, and is now four years ahead of the government's expected target. Another big price drop is expected, taking offshore wind to a much lower price than new nuclear power.
Privacy

Sweden Accidentally Leaks Personal Details of Nearly All Citizens (thehackernews.com) 233

An anonymous reader quotes a report from The Hacker News: Swedish media is reporting of a massive data breach in the Swedish Transport Agency (Transportstyrelsen) after the agency mishandled an outsourcing deal with IBM, which led to the leak of the private data about every vehicle in the country, including those used by both police and military. The data breach exposed the names, photos and home addresses of millions of Swedish citizen, including fighter pilots of Swedish air force, members of the military's most secretive units, police suspects, people under the witness relocation program, the weight capacity of all roads and bridges, and much more. The incident is believed to be one of the worst government information security disasters ever.

In 2015, the Swedish Transport Agency hand over IBM an IT maintenance contract to manage its databases and networks. However, the Swedish Transport Agency uploaded IBM's entire database onto cloud servers, which covered details on every vehicle in the country, including police and military registrations, and individuals on witness protection programs. The transport agency then emailed the entire database in messages to marketers that subscribe to it. And what's terrible is that the messages were sent in clear text. When the error was discovered, the transport agency merely thought of sending a new list in another email, asking the subscribers to delete the old list themselves.

Wireless Networking

Ask Slashdot: How Can You Avoid Routers With Locked Firmware? 314

thejynxed writes: Awhile ago the FCC in the USA implemented a rule that required manufacturers to restrict end-users from tampering with the radio outputs on wi-fi routers. It was predicted that manufacturers would take the lazy way out by locking down the firmware/bootloaders of the routers entirely instead of partitioning off access to the radio transmit power and channel ranges. This has apparently proven to be the case, as even now routers that were previously marketed as "Open Source Ready" or "DD-WRT Compatible" are coming with locked firmware.

In my case, having noticed this trend, I purchased three routers from Belkin, Buffalo, and Netgear in Canada, the UK, and Germany respectively, instead of the USA, and the results: All three routers had locked firmware/bootloaders, with no downgrade rights and no way to install Tomato, DD-WRT, OpenWRT, etc. It seems the FCC rule is an example of the wide-reaching effect of US law on the products sold in other nations, etc. So, does anyone know a good source of unlocked routers or other technical information on how to bypass this ridiculous outcome of FCC over-reach and manufacturer laziness?

The FCC later specified that they were not trying to block Open Source firmware modifications -- so leave your best suggestions in the comments. How can you avoid routers with locked firmware?
United States

US Agency Revokes All State Discounts For Kaspersky Products (thebaltimorepost.com) 92

The U.S. General Services Administration has removed Kapersky Lab from its list of approved vendors for federal systems, which also eliminates the discounts it previously offered to state governments. Long-time Slashdot reader Rick Zeman writes: "The agency's statement suggested a vulnerability exists in Kaspersky that could give the Russian government backdoor access to the systems it protects, though they offered no explanation or evidence of it," reports the Washington Post. Kaspersky, of course, denies this, offering their source code up for U.S. Government review... "Three current and former defense contractors told The Post that they knew of no specific warnings circulated about Kaspersky in recent years, but it has become an unwritten rule at the Pentagon not to include Kaspersky as a potential vendor on new projects."
"The lack of information from the GSA underscores a disconnect between local officials and the federal government about cybersecurity," the Post reports, adding that "the GSA's move on July 11 has left state and local governments to speculate about the risks of sticking with the company or abandoning taxpayer-funded contracts, sometimes at great cost."

The Post also quotes a cybersecurity expert at a prominent think tank -- the Center for Strategic and International Studies -- who believes that "it's difficult, if not impossible" for a company like Kaspersky to be headquartered in Moscow "if you don't cooperate with the government and the intelligence services."
United Kingdom

UK To Require Drone Registration And Safety Exams (bloomberg.com) 96

An anonymous reader quotes Bloomberg: Drones will have to be registered and their users required to pass safety tests under new rules to be announced by the U.K.'s Department for Transport... Registration will be mandated for owners of drones 250 grams (8.8 ounces) or larger after research found that drones as small as 400 grams (14 ounces) could damage the windscreens of helicopters. Other security measures like "geo-fencing" -- GPS-based technology programmed into drones to prevent them from flying into sensitive areas such as prisons and airports -- are also under consideration, according to a statement from the department.
The BBC points out that "There is no time frame or firm plans as to how the new rules will be enforced and the Department of Transport admitted that 'the nuts and bolts still have to be ironed out.'"

"The UK government says 22 incidents involving commercial airliners and drones were investigated between January and April of this year," adds TechRadar, "with police unable to trace the owners of the drones -- one of the reasons for the new legislation."
Communications

Ask Slashdot: Someone Else Is Using My Email Address 563

periklisv writes: I daily receive emails from adult dating sites, loan services, government agencies, online retailers etc, all of them either asking me to verify my account, or, even worse, having signed me up to their service (especially dating sites), which makes me really uncomfortable, my being a married man with children... I was one of the early lucky people that registered a gmail address using my lastname@gmail.com. This has proven pretty convenient over the years, as it's simple and short, which makes it easy to communicate over the phone, write down on applications etc. However, over the past six months, some dude in Australia (I live in the EU) who happens to have the same last name as myself is using it to sign up to all sorts of services...

I tried to locate the person on Facebook, Twitter etc and contacted a few that seemed to match, but I never got a response. So the question is, how do you cope with such a case, especially nowadays that sites seem to ignore the email verification for signups?

Leave your best answers in the comments. What would you do if someone else started giving out your email address?
Government

Sean Spicer Resigns as White House Press Secretary After Objecting To Scaramucci Hire (cnbc.com) 542

CNBC reports: White House press secretary Sean Spicer abruptly resigned Friday after opposing President Donald Trump's appointment of Anthony Scaramucci as communications director. The president asked Spicer to stay in his role, but Spicer said appointing Scaramucci was a major mistake, The New York Times, citing a person with direct knowledge of the conversation. NBC News confirmed the resignation with two people familiar with the matter. Spicer tweeted later that he will continue to serve through August. White House chief of staff Reince Priebus was said to have advocated naming Spicer as press secretary. The two worked at the Republican National Committee before joining the administration. Following Spicer's resignation, Priebus said he supports Scaramucci "100 percent," according to news reports.
China

Beijing Wants AI To Be Made In China By 2030 (nytimes.com) 170

Reader cdreimer writes: According to a report on The New York Times (may be paywalled, alternative story here): "If Beijing has its way, the future of artificial intelligence will be made in China. The country laid out a development plan on Thursday to become the world leader in A.I. by 2030, aiming to surpass its rivals technologically and build a domestic industry worth almost $150 billion. Released by the State Council, the policy is a statement of intent from the top rungs of China's government: The world's second-largest economy will be investing heavily to ensure its companies, government and military leap to the front of the pack in a technology many think will one day form the basis of computing. The plan comes with China preparing a multibillion-dollar national investment initiative to support "moonshot" projects, start-ups and academic research in A.I., according to two professors who consulted with the government about the effort."
Businesses

FTC Probing Allegations of Amazon's Deceptive Discounting (reuters.com) 104

An anonymous reader quotes a report from Reuters: As part of its review of Amazon's agreement to buy Whole Foods, the Federal Trade Commission is looking into allegations that Amazon misleads customers about its pricing discounts, according to a source close to the probe. The FTC is probing a complaint brought by the advocacy group Consumer Watchdog, which looked at some 1,000 products on Amazon's website in June and found that Amazon put reference prices, or list prices, on about 46 percent of them. An analysis found that in 61 percent of products with reference prices, Amazon's reference prices were higher than it had sold the same product in the previous 90 days, Consumer Watchdog said in a letter to the FTC dated July 6. Amazon said in a statement that Consumer Watchdog's study was "deeply flawed." "The conclusions the Consumer Watchdog group reached are flat out wrong," Amazon said. "We validate the reference prices provided by manufacturers, vendors and sellers against actual prices recently found across Amazon and other retailers."
Communications

AlphaBay Owner Used Email Address For Both AlphaBay and LinkedIn Profile. 146

BarbaraHudson writes: The Register is reporting that Alexandre Cazes, the 25-year-old Canadian running the dark web site AlphaBay, was using a hotmail address easily connected to him via his Linkdin profile to administer the site. From the report: "[A]ccording to U.S. prosecutors, he used his real email address, albeit a Hotmail address -- Pimp_Alex_91@hotmail.com -- as the administrator password for the marketplace software. As a result, every new user received a welcome email from that address when they signed up to the site, and everyone using its password recovery tool also received an email from that address. However, rather than carefully set up and then abandon that email address, it turns out that Alexandre Cazes -- Pimp Alex -- had been using that address for years. Cazes had also used his Pimp Alex Hotmail address as well as an email address from his own business -- EBX Technologies -- to set up online bank accounts and crypto-currency accounts. How did law enforcement know that Cazes was behind EBX Technologies? It was on his LinkedIn profile."

BarbaraHudson adds: "His laptop wasn't encrypted, so expect more arrests as AlphaBay users are tracked down."
The Courts

Judge Rules That Government Can Force Glassdoor To Unmask Anonymous Users Online (arstechnica.com) 130

pogopop77 shares a report from Ars Technica: An appeals court will soon decide whether the U.S. government can unmask anonymous users of Glassdoor -- and the entire proceeding is set to happen in secret. Federal investigators sent a subpoena asking for the identities of more than 100 anonymous users of the business-review site Glassdoor, who apparently posted reviews of a company that's under investigation for potential fraud related to its contracting practices. The government later scaled back its demand to just eight users. Prosecutors believe these eight Glassdoor users are "third-party witnesses to certain business practices relevant to [the] investigation." The name of the company under investigation is redacted from all public briefs. Glassdoor made a compromise proposal to the government: it would notify the users in question about the government's subpoena and then provide identifying information about users who were willing to participate. The government rejected that idea. At that point, Glassdoor lawyered up and headed to court, seeking to have the subpoena thrown out. Lawyers for Glassdoor argued that its users have a First Amendment right to speak anonymously. While the company has "no desire to interfere" with the investigation, if its users were forcibly identified, the investigation "could have a chilling effect on both Glassdoor's reviewers' and readers' willingness to use glassdoor.com," states Glassdoor's motion (PDF). The government opposed the motion, though, and prevailed in district court.
Encryption

Apple Flies Top Privacy Executives Into Australia To Lobby Against Proposed Encryption Laws (patentlyapple.com) 65

An anonymous reader quotes a report from Patently Apple: Last week Patently Apple posted a report titled "Australia proposed new Laws Compelling Companies like Facebook & Apple to Provide Access to Encrypted Messages." Days later, Australia's Prime Minister spoke about the encryption problem with the Australian press as noted in the video in our report. Now we're learning that Apple has flown in top executives to lobby Turnbull government on encryption laws. It sounds like a showdown is on the horizon. This is the second time this month that Apple has flown executives into Australia to lobby the government according to a Sydney publication. Apple executives met with Attorney-General George Brandis and senior staff in Prime Minister Malcolm Turnbull's office on Tuesday to discuss the company's concerns about the legal changes, which could see tech companies compelled to provide access to locked phones and third party messaging applications. Apple has argued in the meetings that as a starting point it does not want the updated laws to block tech companies from using encryption on their devices, nor for companies to have to provide decryption keys to allow access to secure communications. The company has argued that if it is compelled to provide a software "back door" into its phones to help law enforcement agencies catch criminals and terrorists, this would reduce the security for all users. It also says it has provided significant assistance to police agencies engaged in investigations, when asked. UPDATE 07/20/17: Headline has been updated to clarify that Apple is lobbying against the proposed encryption laws in Australia.
Government

FCC Says It Has No Documentation of Cyberattack That It Claims Happened (thehill.com) 54

An anonymous reader quotes a report from The Hill: The Federal Communications Commission (FCC) declined to reveal analysis proving that it was the victim of a cyberattack in May. The agency claimed at the time that its Electronic Comment Filing System (ECFS) did not actually crash because of a large amount of traffic on the site prompted by John Oliver telling viewers to file comments in favor of net neutrality on his HBO show, Last Week Tonight. Instead, the FCC said that the ECFS went down as a result of a DDoS attack. In its response to Gizmodo's FOIA request, the FCC said that the attack "did not result in written documentation." "Based on a review of the logs, we have already provided a detailed description of what happened. We stand by our career IT staff's analysis of the evidence in our possession," an FCC spokesperson said when asked for comment on the matter.
Transportation

Elon Musk Says He Has a Green Light To Build a NY-Philly-Baltimore-DC Hyperloop (theverge.com) 308

An anonymous reader shares a report:Elon Musk just tweeted that his Boring Company tunnel project has just received "verbal [government] approval" to build a hyperloop connecting New York City, Philadelphia, Baltimore, and Washington, DC. While we work to verify his claim, Musk is continuing to tweet more details about the project. The hyperloop, an ultrafast method of travel first developed by Musk in 2013, would only take 29 minutes to travel between New York City and DC, he claims. And it would feature "up to a dozen or more" access points via elevator in each city. Update: Eric Phillips, press secretary for the New York City mayor, tweeted, "This is news to City Hall," adding "The entirety of what we know about this proposal is what's in Mr. Musk's tweet. That is not how we evaluate projects of any scale."
Businesses

Say Goodbye To Spain's Glorious Three-Hour Lunch Break (citylab.com) 160

An anonymous reader shares a report: Is the typical Spanish daily schedule about to change forever? For decades, campaigners in the country have complained that the average Spaniard's habit of keeping extremely late hours and taking delightfully long lunch breaks was making everyday life harder for citizens. This week, change could finally be on the way, as 110 professional bodies in Catalonia have signed up to a plan to change the region's daily timetable by 2025, shortening the classic three-hour lunch break so that employees can finish work earlier in the evening. Such a change would radically reshape ordinary people's lives -- and controversially, it could drive a wedge between Catalonia and the rest of Spain, where the national government supports similar changes (and has adopted a shorter break for public offices) but hasn't yet fixed a timetable for action. You could call the plan an end to national harmony, a blessed release for hard-pressed workers, or an attack on the Spanish way of life. Whatever you do, however, don't call it the end of the siesta. That's because the beloved and much-misunderstood Spanish tradition of the afternoon nap more or less died out decades ago. What remained is a highly distinctive national timetable not found in any other European country, where it has often been read as a peculiarly exotic form of madness. The average Spanish working day is certainly unusual in shape. After starting work between 8 and 9 a.m., hungry workers hold out for a lunch break scheduled as late as 1:30 or 2:30. As if in compensation for this long wait, many then stay off-duty for a break of up to three hours, filling it with a protracted multi-course lunch and maybe a stop at a "nap bar." Most stores and many businesses close down until the late afternoon, before a final burst of office hours between 5:30 and 8 (or sometimes 4 to 7). Spaniards then head home at an hour when most people in other countries are cleaning up their dinner dishes, rarely getting food on the table any earlier than 10 p.m. This pushes bedtime past midnight for many.
United States

US Ends Controversial Laptop Ban On Flights From Middle East (theguardian.com) 79

The United States has ended a four-month ban on passengers carrying laptops onboard US-bound flights from certain airports in the Middle East and North Africa, bringing to an end one of the controversial travel restrictions imposed by President Donald Trump's administration. From a report: Riyadh's King Khalid international airport was the last of 10 airports to be exempted from the ban, the US department of homeland security (DHS) confirmed in a tweet late on Wednesday local time. Middle East carriers have blamed Trump's travel restrictions, which include banning citizens of some Muslim-majority countries from visiting the United States, for a downturn in demand on US routes. In March, the United States banned large electronics in cabins on flights from 10 airports in the Middle East and North Africa over concerns that explosives could be concealed in the devices taken onboard aircraft. The ban has been lifted on the nine airlines affected -- Emirates, Etihad Airways, Qatar Airways, Turkish Airlines, Saudi Arabian Airlines, Royal Jordanian , Kuwait Airways, EgyptAir and Royal Air Maroc -- which are the only carriers to fly direct to the US from the region. A ban on citizens of six Muslim-majority countries -- Iran, Libya, Somalia, Sudan, Syria, and Yemen, -- remains in place, though has been limited after several US court hearings challenged the restrictions.
Government

US House Panel Approves Broad Proposal On Self-Driving Cars (reuters.com) 191

An anonymous reader quotes a report from Reuters: A U.S. House panel on Wednesday approved a sweeping proposal by voice vote to allow automakers to deploy up to 100,000 self-driving vehicles without meeting existing auto safety standards and bar states from imposing driverless car rules. Representative Robert Latta, a Republican who heads the Energy and Commerce Committee subcommittee overseeing consumer protection, said he would continue to consider changes before the full committee votes on the measure, expected next week. The full U.S. House of Representatives will not take up the bill until it reconvenes in September after the summer recess. The measure, which would be the first significant federal legislation aimed at speeding self-driving cars to market, would require automakers to submit safety assessment reports to U.S. regulators, but would not require pre-market approval of advanced vehicle technologies. Automakers would have to show self-driving cars "function as intended and contain fail safe features" to get exemptions from safety standards but the Transportation Department could not "condition deployment or testing of highly automated vehicles on review of safety assessment certifications," the draft measure unveiled late Monday said.
Government

Russia Is Investigating Fidget Spinners After Reports Claim They 'Zombify' Youth (theverge.com) 200

An anonymous reader quotes a report from The Verge: In a recent report, Russia-24, a state-owned news channel, suggests that fidget spinners are being used by Russian opposition parties in order to recruit young people. As reported by The New York Times, the reporters in Russia-24's initial story say, "It is a mystery why it has become so popular in Russia right now. Who is promoting this to the masses so actively?" The video segment says the toys were being distributed at a rally for opposition leader Alexei Navalny and in online ads that direct viewers to YouTube channels that promote opposition politicians. The reporters said that while the toy's popularity was declining in the West, fidget spinners are more popular than ever in Russia. "As you can see here there is only writing in English, on the other side there is not a word in Russian," says one of the show's anchors during the report, presenting a new spinner in its packaging to the camera. According to Newsweek, a second report on Russia-24 also aired on July 12th, directly saying fidget spinners were an "object for zombifying" and a form of "hypnosis." The program featured a report from psychologist Svetlana Filatova, claiming that the spinners could help dexterity in children but otherwise "dulls" people's minds. The reports spurred Russia's consumer protection agency, Rospotrebnadzor, into action, saying on Tuesday they would launch an investigation into the toy.

Slashdot Top Deals