Slashdot Mirror

An anonymous reader writes "Here's an update to the earlier Slashdot story about KlearGear.com 'fining' a couple for a bad review left four years earlier on RipoffReport: Not only did KlearGear report this as a bad debt to credit reporting agencies, but KlearGear is hiding behind a DomainsByProxy domain name to making finding their real identities harder. Now Public Citizen is representing the couple and is going after KlearGear for $75,000. The TV station that broke this story, KUTV, now reports that RipoffReport will likely be on the couple's side. The BBB and TRUSTe say their logos were used by KlearGear.com without permission, and credit reporting agency Experian is also investigating."

First time accepted submitter memnock writes "ABC new reports: 'Political organizations can't accept contributions in the form of bitcoins, at least for now, The Federal Election Commission said Thursday. The commission passed on a request by the Conservative Action Fund, a political action committee, to use the digital currency. That group had asked the FEC recently whether it could accept bitcoins, how it could spend them and how donors must report those contributions. It was not immediately clear whether the same ruling would apply to individual political candidates.' Slashdot reported earlier this week that other federal agencies have taken positions that may recognize or regulate the currency."

MarkWhittington writes "Project M was a proposal at NASA's Johnson Spaceflight Center that would have put together a mission to deliver a bipedal robot to the lunar surface within a thousand days. The idea never got out of the conception stage, but two major components, a new type of lunar lander, now called Morpheus, and a robonaut continued on as separate projects. Morpheus is getting ready to conduct a second attempt at free flight tests at the Kennedy Space Center. The first attempt resulted in the destruction of the prototype vehicle. If the second round of tests is successful, NASA will have a spacecraft that could deliver 1,100 pounds of payload to the lunar surface. While a copy of Robonaut 2 is still undergoing tests on board the International Space Station, ABC News reports that a cousin of the mechanical person has been built with legs. It stands eight feet tall and weighs 500 pounds. With two major components of Project M nearing completion, could a robonaut become the next moon walker?"

Hugh Pickens DOT Com writes "AP reports that federal safety regulators are proposing major changes in workplace reporting rules that would require large companies to file injury and illness reports electronically so they can be posted online and made available to the public. 'Public posting of workplace illness and injury information will nudge employers to better identify and eliminate hazards,' says OSHA head David Michaels. OSHA says the change is in line with President Barack Obama's initiative to increase public access to government data. The plan would require companies with more than 250 employees to submit the data electronically on a quarterly basis. That would cover about 38,000 American companies, says Michaels. Under current rules, employers are required to post annual summaries of injury and illness reports in a common area where they can be seen by employees. While the OSHA web site contains raw numbers about incidents at certain workplaces, it doesn't describe what the injury was or how it occurred. OSHA will hold a public meeting on the proposed rule on January 9 in Washington and is accepting public comments for 90 days, until February 6, 2014. Not everyone is enamored of the change. 'Just because you have an injury, it does not mean there was employer fault,' says Marc Freedman, executive director of labor law policy at the U.S. Chamber of Commerce. 'Reporting the injury records does not tell the full story of the company.' Some company safety professionals and researchers say they are concerned that the new proposal might unintentionally create an under-reporting problem. Companies may feel pressure to report lower injury numbers if they know they will be made public."

ABC News reports that "A volcano in western Indonesia erupted again Sunday, unleashing volcanic ash high into the sky and forcing the evacuation of villagers living around its slope. Officials raised Mount Sinabung's alert status to the second-highest level after the 2,600-meter (8,530-foot) -high mountain erupted early Sunday, said National Disaster Mitigation Agency spokesman Sutopo Purwo Nugroho. Authorities were working to evacuate residents from four North Sumatra province villages located within the mountain's three-kilometer (two-mile) danger zone, Nugroho said. About 1,300 villagers have been relocated to safer areas so far. It was the volcano's second big eruption since late last month, with its Oct. 24 explosion prompting the evacuation of more than 3,300 people." This video of Sinabung's 2010 eruption gives some clue about what to expect.

McGruber tips news that today at 9:30AM PST, a man removed an assault rifle from a bag at Los Angeles International Airport and opened fire. The shooter moved into the screening area, and then further into the terminal. One TSA agent was killed; roughly six more people were injured. The gunman was a ticketed passenger. (Early reports suggested he worked for the TSA — this does not seem to be the case.) Police engaged him in gunfire, and he's now in custody. His motive is unknown at this time.

mdsolar sends this news from the Associated Press: "The number of safety violations at U.S. nuclear power plants varies dramatically from region to region, pointing to inconsistent enforcement in an industry now operating mostly beyond its original 40-year licenses, according to a congressional study awaiting release. Nuclear Regulatory Commission figures cited in the Government Accountability Office report show that while the West has the fewest reactors, it had the most lower-level violations from 2000 to 2012 — more than 2½ times the Southeast's rate per reactor. The Southeast, with the most reactors of the NRC's four regions, had the fewest such violations, according to the report, a copy of which was obtained by The Associated Press. The striking variations do not appear to reflect real differences in reactor performance. Instead, the report says, the differences suggest that regulators interpret rules and guidelines differently among regions, perhaps because lower-level violations get limited review."

Nerval's Lobster writes "Earlier this week, a small helicopter drone tumbled out of the sky over midtown Manhattan, crashing to the sidewalk near Grand Central Station. On the way down it almost hit a businessman, who plucked out the video card from the wreckage and handed it over to a local television-news station. In the video, the drone (a Phantom Quadcopter) lifts off from what looks like an apartment terrace and buzzes its merry way toward some nearby skyscrapers, pausing for a few panoramic surveys of the Manhattan skyline. But the operator is clearly inexperienced, crashing the vehicle against the side of a building, and the flight lasts a mere three minutes before a final collision sends it to the street. Drone enthusiasts and engineers blamed the Quadcopter's poor performance on the pilot's possible reliance on GPS mode; when flying in an area crowded with tall buildings (and they don't get much taller or more crowded than in Manhattan) that block GPS signals, a vehicle can quickly think it's off-target and attempt to correct, leading to crashes. In theory, the FAA forbids the operation of unmanned aerial vehicles over crowded areas such as Manhattan, but that hasn't stopped any number of hobbyists from launching drones. And hobbyists aside, the industry for commercial drones is picking up: over the summer, the FAA approved a pair of small, unmanned aircraft systems for flight, and Airware (which builds autopilot computers for drones) recently accepted funding from Google Ventures. That's led legislators to begin exploring ways to regulate domestic drone use (particularly with regard to use by law enforcement), and it begs the question: should drones be regulated? And if so, how?" A similar incident just happened in Australia, where a small drone operated by an unknown owner crashed into the Sydney Harbor Bridge. Counter-terrorism officials felt they had to investigate, of course.

skade88 writes with a report that "The United States Capitol has been put on lockdown after shots were fired. Reports indicate a policeman was injured." From the story: "The FBI was responding to the unconfirmed reports of shots, and a helicopter landed in front of the Capitol. A message from the Capitol Police ordered anyone in a House office to 'shelter in place.' 'Close, lock and stay away from external doors and windows,' the message said." Doubtless more to come on this; watch this space for updates. Update: 10/03 19:08 GMT by T : ABC News reports that the shots followed an attempt to ram the White House gates; the police subsequently shot and killed the driver. Other than that the driver was a woman, the reports adds little detail. Update: 10/03 19:19 GMT by T : Reuters' U.S. Politics Live feed is currently collating many reports from the scene. Of note: the lockdown itself was brief, and has been lifted.

cold fjord writes with news that the NY Times website was disrupted by hackers Tuesday afternoon. "In an interview, Mr. Frons said the attack was carried out by a group known as 'the Syrian Electronic Army, or someone trying very hard to be them.' The group attacked the company’s domain name registrar, Melbourne IT. The Web site first went down after 3 p.m.; once service was restored, the hackers quickly disrupted the site again." The Times wasn't the only site to be attacked: "Earlier today, a Twitter account allegedly belonging to the Syrian Electronic Army, a pro-Syrian-regime hacker collective, claimed to have taken over The New York Times website, Huffington Post UK's website and Twitter.com, by hacking into each of the site's registry accounts." The group was definitely able to change contact info for Twitter's domain. The Wall Street Journal notes that this is the same group that targeted media organizations a few months back. "When the SEA hacked the Twitter account of the Associated Press earlier this year, it posted a false headline to the account that said the White House had been attacked. The hoax caused U.S. stock markets to briefly lose $200 billion in value."

schwit1 sends this quote from an AP report: "The U.S. Court of Appeals for the District of Columbia ordered the [Nuclear Regulatory Commission] to complete the licensing process and approve or reject the Energy Department's application for a never-completed waste storage site at Nevada's Yucca Mountain. In a sharply worded opinion, the court said the nuclear agency was 'simply flouting the law' when it allowed the Obama administration to continue plans to close the proposed waste site 90 miles northwest of Las Vegas. The action goes against a federal law designating Yucca Mountain as the nation's nuclear waste repository. 'The president may not decline to follow a statutory mandate or prohibition simply because of policy objections,' Judge Brett M. Kavanaugh wrote in a majority opinion (PDF), which was joined Judge A. Raymond Randolph. Chief Judge Merrick B. Garland dissented. The appeals court said the case has important implications for the separation of powers between the executive and legislative branches of government. 'It is no overstatement to say that our constitutional system of separation of powers would be significantly altered if we were to allow executive and independent agencies to disregard federal law in the manner asserted in this case by the Nuclear Regulatory Commission,' Kavanaugh wrote. 'The commission is simply defying a law enacted by Congress ... without any legal basis.'"

An anonymous reader writes with this excerpt from ABC News: "A former student was sentenced to a year in prison for rigging his school elections at California State University-San Marcos so he could become student president, court documents show. Matthew Weaver, 22, was charged in January with wire fraud, access device fraud and unauthorized access to a computer. He pleaded guilty in March, admitting that he had stolen the email passwords of more than 740 students and used them to vote for himself 630 times during the student elections in March 2012... Right before the voting ended, on March 15, 2012, officials noticed 259 votes coming from another IP address. Officials tracked the IP address to a classroom, and found Weaver sitting there. There was only one other student in the lab, according to court documents. A university police officer arrested Weaver and seized his bag, subsequently discovering that he had stashed the keyloggers there."

theodp writes "National Geographic takes a high-level look at the physics behind waterslides. A lot of science goes into providing a safe 60 mph trip down slides like Walt Disney World's 10-story Summit Plummet. 'Safety is our number one concern,' explains Rick Hunter of ProSlide Technology. 'We're thinking about things like, "are you going to stay on the fiberglass tube," it's really easy to do a computer model and look at curves and drops and forecast rider position and speed.'"

An anonymous reader writes "New research out of the University of North Carolina now shows factory farm workers actually carry drug-resistant staph. Europe has long ago banned the use of antibiotics in livestock, but the FDA remains behind the curve with a partial ban. Thanks to large industrial farming operations, we all remain continuously at risk as our last line of antibiotics is wasted on animals."

cold fjord writes "Despite the US cancelling his passport, Edward Snowden continues his travels aided by Wikileaks, and is leaving a trail of strained diplomatic relations in his wake. It appears China gifted the issue to Russia. From Yahoo: 'Lawyer Albert Ho, ... a Hong Kong legislator ... told reporters he was approached by Snowden several days ago, and that the American had sought assurances ... whether he could leave the city freely if he chose to do so... Snowden later told Ho an individual claiming to represent the Hong Kong government had contacted him and indicated he should leave the city, and wouldn't be stopped ... Ho said he believed the middleman was acting on Beijing's orders.' From the NYT: Julian Assange, ...said in an interview ... 'that he had raised Mr. Snowden's case with Ecuador's government and that his group had helped arrange the travel documents.' From WSJ: 'Edward Snowden has generated more than a million posts on one of China's biggest social media platforms... Sina Weibo, a popular Chinese microblogging service, exploded with activity on Sunday as Mr. Snowden left ... Mr. Snowden was hailed as a hero ... last week, but posts on Sunday and Monday were divided... "All crows are black," said a number of users, citing an Chinese old saying, to describe both American and Chinese government's surveillance programs. ... "Snowden has helped China so much. Why did we let him go?" said one ... Some suggested that China should keep Mr. Snowden as a weapon against repeated accusations of China hacking U.S. companies. More extreme users complained that China is "too soft on the U.S." "Russia is a real strong country to accept him," ... Another popular term: "hot potato," reflecting relief that Hong Kong wouldn't have to stand against U.S. efforts to take him into custody. Some users criticized Mr. Snowden for fleeing.' From the Guardian: 'Snowden's escape from Hong Kong infuriated US politicians, while China focused on condemning Washington over his latest disclosures, which suggested the NSA had hacked into Chinese mobile phone companies ... Moscow was also drawn into the controversy after it emerged that Snowden's passport had been revoked before he left Hong Kong and he did not have a visa for Russia. But Russia appeared indifferent to the uproar, with one official saying Snowden was safe from the authorities as long as he remained in the transit lounge at the city's Sheremetyevo airport. Dmitry Peskov, spokesman for the Russian president, Vladimir Putin, said: "I know nothing."' From ABC: Snowden registered for the flight to Havana that leaves Moscow on Monday..."

An anonymous reader writes "Most of us hear the equivalent of 'let me bring up your record' several times a week or month when dealing with businesses and government agencies; sometimes there's a problem, but clerks are accustomed to dealing with changes in street address, phone numbers, company affiliation, and even personal names (after marriage). But what about gender? Transgendered folks are encountering embarrassing moments when they have to explain that their gender has changed from 'M' to 'F' or vice versa. While there are many issues involved in discrimination against transgendered individuals, I have to confess that the first thing that came to my mind was the impact on database design and maintenance."

Kiera Wilmot, the Florida high school student who was expelled from her school after an unauthorized science experiment was misperceived as a weapon (at least for purposes of arrest and charging), won't be going to jail. She will, though, be going to Space Camp, thanks to a crowdfunding campaign started by author and former NASA engineer Homer Hickham. All charges against her have been dropped.

PolygamousRanchKid writes in with news about a U.N. plan to get more bugs in your belly. "The U.N. has new weapons to fight hunger, boost nutrition and reduce pollution, and they might be crawling or flying near you right now: edible insects. The Food and Agriculture Organization on Monday hailed the likes of grasshoppers, ants and other members of the insect world as an underutilized food for people, livestock and pets. Insects are 'extremely efficient' in converting feed into edible meat, the agency said. Most insects are likely to produce fewer environmentally harmful greenhouse gases, and also feed on human and food waste, compost and animal slurry, with the products being used for agricultural feed, the agency said. 'Insects are everywhere and they reproduce quickly,' the agency said, adding they leave a 'low environmental footprint.' The agency noted that its Edible Insect Program is also examining the potential of arachnids, such as spiders and scorpions."

On Friday, we mentioned that Defense Distributed had created a (near-enough-to) fully 3-D printed pistol. Sparrowvsrevolution now writes that "Last week, the Liberator was fired for the first time at a firing range and successfully shot a .380 caliber bullet using a remote firing setup. Over the weekend, Defense Distributed's founder, the anarchist and radical libertarian Cody Wilson, was bold enough to try firing it by hand. The results of that test, witnessed by a reporter, indicate that the era of the 3D-printed firearm may be upon us, for better or for worse." Predictably, certain politicians are — so to speak — up in arms about it.

JimboFBX writes "Interesting piece of baseball history happened on Friday. Jean Segura of the Milwaukee Brewers stole second, tried to steal third too early, but made it back to second before being tagged. The problem was that teammate Ryan Braun already made it to second on the steal attempt. After tags were applied to both baserunners, Segura started trotting to the dugout before realizing that he wasn't out, Braun was, and his only option was to make it back to first. He then of course proceeded to try to steal second base again. The software for keeping the box score? Doesn't (yet) support someone running backwards on the bases. Looks like that will have to change." Here is video of the sequence.

Police have captured believed Boston Marathon bomber Dzhokhar Tsarnaev, who was "pinned down" in a boat stored behind a house in Watertown, Massachusetts. You can listen to the live police feed here.

First time accepted submitter murkwood7 writes with news about states looking for an alternative to GED tests because of cost constraints. "Several dozen states are looking for an alternative to the GED high school equivalency test because of concerns that a new version coming out next year is more costly and will no longer be offered in a pencil and paper format. The responsibility for issuing high school equivalency certificates or diplomas rests with states, and they've relied on the General Education Development exam since soon after the test was created to help returning World War II veterans. But now 40 states and the District of Columbia are participating in a working group that's considering what's available besides the GED, and two test makers are hawking new exams."

yl-roller writes "IDC says Windows 8 is partly to blame for PC sales suffering the largest percentage drop ever. 'As if that news wasn't' troubling enough, it appears that a pivotal makeover of Microsoft's ubiquitous Windows operating system seems to have done more harm than good since the software was released last October.' According to a ZDNet article, IDC originally expected a drop, but only half the size."

SchrodingerZ writes "The Blue Angels squadron, known for their intricate and death-defying aerial demonstrations, has canceled all scheduled air shows for the rest of the year. The United States Navy, which controls the Blue Angels, has reported that the grounding comes from the massive rollbacks in spending, due to the 85 billion dollar sequestration given by the federal government. In a statement from the office of the Commander Naval Air Forces in San Diego, the Navy said, 'Recognizing budget realities, current Defense policy states that outreach events can only be supported with local assets at no cost to the governmen.' Currently, the cost of an air show is above $100,000. This story came just a week after the announcement by the Air Force that their Thunderbird shows will also be canceled."

We've mentioned a few times the "gentleman's agreements" which some of the biggest names in Silicon Valley used to reduce the risk of employee poaching. walterbyrd writes "This comes from the same judge who awarded Apple $1 billion from Samsung. 'A federal judge on Friday struck down an effort to form a class action lawsuit to go after Apple, Google and five other technology companies for allegedly forming an illegal cartel to tamp down workers' wages and prevent the loss of their best engineers during a multiyear conspiracy broken up by government regulators.'" The lawsuit itself is ongoing (thanks to a ruling last year by the same judge); it's just that the plaintiff's claims cannot be combined.

theodp writes "Taking a page from HP's playbook, Harvard University administrators secretly searched the emails of 16 deans last fall, looking for a leak to reporters about a case of cheating. The deans were not warned about the email access and only one was told of the search afterward. Dean and CS prof Michael Smith said in an email Sunday that Harvard will not comment on personnel matters or provide additional information about the board cases that were concluded during the fall term. Smith's office and the Harvard general counsel's office authorized the search, according to a Boston Globe report. Smith's Harvard bio notes that his entrepreneurial experience included co-founding and selling Liquid Machines, where Smith coincidentally invented a software technique designed to keep unauthorized people from reading electronic documents."

An anonymous reader writes "MIT has posted a letter to campus newspaper The Tech providing a timeline of last weekend's 'gunman' hoax. On Saturday morning, Cambridge, MA police were contacted via Internet relay by a tipster who claimed that a someone wearing armor and carrying a 'really big gun' was in Building 7 at MIT (the Massachusetts Ave. entrance to the Infinite Corridor) and was heading towards the office of MIT President Rafael Reif. The call continued for 18 minutes, with the caller eventually claiming that the gunman was seeking to avenge the suicide of Aaron Swartz, who was being prosecuting for alleged illegal downloads of millions of journal articles using MIT's computer network. The caller also identified the gunman as an MIT staff member, who has since been questioned by police and cleared. MIT has been criticized for waiting 1.5 hours before sending a campus-wide alert after the call was received."

An anonymous reader writes "Days after the killing of leftist blogger Thaba Baba, mosques throughout Bangladesh called for a popular uprising to demand the killing of other bloggers who had held a rally calling for the death of Jama'at-e-Islami leaders convicted of war crimes. This happens in an atmosphere of ongoing tension between Left and Right, with the leftist government threatening to outlaw rightist parties while the right uses violence to quiet selected enemies."

judgecorp writes "The Chinese government has been accused of backing the APT1 hacking group, which appears to be part of the Chinese People's Liberation Army (PLA), according to the security firm which worked with the New York Times when it fell victim to an attack. The firm, Mandiant, says that APT1 is government sponsored, and seems to operate from the same location as PLA Unit 61398." Unsurprisingly, this claim is denied by Chinese officials. You can read the report itself online (PDF), or skim the highlights.

dstates writes with news from NASA about the state of available water in the Middle East. From the NASA article: "'GRACE data show an alarming rate of decrease in total water storage in the Tigris and Euphrates river basins, which currently have the second fastest rate of groundwater storage loss on Earth, after India,' said Jay Famiglietti, principal investigator of the study and a hydrologist and professor at UC Irvine. 'The rate was especially striking after the 2007 drought. Meanwhile, demand for freshwater continues to rise, and the region does not coordinate its water management because of different interpretations of international laws.'" dstates adds: "Water is a huge global security issue. To understand the middle east, you need to understand that the Golan Heights provides a significant amount of the water used in Israel. Focusing on conflicts and politics means that huge volumes of valuable water are being wasted in the Middle East, and this will only exacerbate future conflicts. Water is a serious issue between India and China. And then there is Africa. U.S. food exports are in effect exporting irrigation water drawn from the Ogallala aquifer. Fracking trades water for energy, and lack of water limits fracking in many parts of th world. Think about it."

adeelarshad82 writes "With the BlackBerry 10 launch just around the corner, there is a lot of pressure on RIM's CEO to provide a 'Steve Jobs Moment.' However, given BlackBerry's 1.1% percent market share compared to the combined 92% share between rivals Android and iOS, it's a long road back. To add to the struggle, no other first-generation smartphone leader has been able to pull off this kind of rebirth. Palm and Symbian are dead and Microsoft is struggling. But, as one mobile analyst explains, RIM has a chance to carve out its own market with tomorrow's launch of BlackBerry 10 given that they get a few things right. They need to heavily promote their devices to CEOs, heavily promote the top apps to users, and most of all, they need to be able to explain why people should give it a look."

Okian Warrior writes with word that, as of Monday evening, multiple police agencies and the military were "conducting training exercises over Miami and elsewhere in the county. The exercise includes military helicopters firing machine-gun blanks while flying over highways and buildings. This YouTube video shows helicopters strafing highways with blank rounds near the Adrian Arts center. There are reports of similar actions in Houston From the Houston article: 'if you see the helicopters or hear gunfire, it's only a drill.'" Note: this time, it's not in The Onion.

An anonymous reader writes "A speedbump on the road to a cash-free economy will go into effect Sunday in the U.S., as retailers in 40 states will have the option of passing along a surcharge to customers who pay with credit cards. The so-called swipe fees arose from the settlement of a seven-year lawsuit filed by retailers against Visa, Mastercard, and big banks, who collect an electronic processing fee averaging 1.5 to 3 percent on transactions involving credit cards. The banks naturally have opposed the consumer surcharges, preferring that the extra costs to be passed along in the form of higher prices. Consumers in ten states (California, Colorado, Connecticut, Florida, Kansas, Maine, Massachusetts, New York, Oklahoma, Texas) won't be affected, since laws in those states forbid the practice (it seems that gasoline station owners here in Massachusetts got a different memo, though). Also, the surcharges won't be collected for debit or prepaid cards."

Frequent contributor Bennett Haselton writes with some strong cautions on a Facebook "feature" that lets you search for random phone numbers and find the accounts of users who have registered that number on their Facebook profile. This has privacy implications that are more serious than searching by email address. Especially in light of the expanding emphasis that Facebook is putting both on search qua search and on serving as a VoIP intermediary (not to mention the stream of robocalls that the FCC is unable to stop), this might make you think twice about where your phone number ends up. Read on for Bennett's description of the problem and some possible solutions.

A few weeks ago a friend of mine said she was getting harassing text messages from a particular phone number, which she didn't recognize and which didn't appear in any of her own records. On a whim, I suggested entering the number into the Facebook search box, whereupon we found the guy's profile (even though he had no friends in common with the account we were logged in under), realized who he was, and ratted the thirty-something out to his Mom.

Then I thought: Is it really a good idea, for this to be possible? I tried entering consecutive phone numbers (starting with a random valid number, and varying the last 2 digits from 00 to 99) into Facebook's search box, and 13 of them came up with valid matches. None of those matches had any friends in common with the account we were searching from; as far as I can tell, anybody could enter any phone number into Facebook's search box and find the account associated with it, if there is one.

I think this has non-trivial privacy implications. (I repeatedly contacted Facebook explaining why I think this is a problem, but they haven't responded.) I'm not talking about the ability to find the account associated with a particular phone number — I think relatively few people have a legitimate need to send text messages from a truly anonymous phone number, and if they do, it's their own fault if they're dumb enough to put that number on their Facebook profile. And it wouldn't be a practical way to unmask the phone number associated with a particular account, either — even if you knew the person's area code, and narrowed down the list of possible exchange numbers following the area code, you'd still have to try tens of thousands of possibilities.

Rather, the problem is that you could use this technique to build up a database of phone numbers and associated accounts without targeting any specific phone number or account. Not only would you know the names associated with each of the numbers, you could associate the phone number with anything else that was discoverable from the person's Facebook profile &mdash which usually includes their location, their interests, and the names of their other friends. (By default, all such information is visible on your Facebook profile — even to users who aren't your Facebook friends and have no friends in common with you — but your contact information is supposed to be hidden from other users unless you've confirmed them as friends.)

An attacker could do this with email addresses too, of course, if they had a long list of email addresses known to be valid, by searching to see which ones were associated with Facebook accounts. Or they could supplement it with a list of automatically generated email addresses like john001@hotmail.com, john002@hotmail.com, similar to what spammers use in a dictionary harvest attack, and hope that some of those would map to valid accounts as well. The difference is that because the space of possible email addresses is effectively infinite, and because many people use email addresses on Facebook that aren't on any publicly circulating databases, an email search would probably not hit more than a small portion of Facebook accounts that were searchable by email address. On the other hand, since the space of possible phone numbers is finite, with enough patience you could uncover every Facebook account that had an associated phone number. As my short experiment above showed (13 out of 100 random numbers mapping to accounts), you could start building up a list of valid hits pretty quickly.

Similarly, it's already trivially possible for an attacker to build up a long list of other users' Facebook accounts - start with one person's account, go through their friends list, then visit the profile of each of those users and index their friends list, etc., like a search engine recursively spidering the Web. However, you'd be left with a large list of Facebook accounts but no way to contact them — you wouldn't have their email addresses or phone numbers, and if you send a message to a non-friend on Facebook, it goes into a subfolder of their Inbox marked "Other", which most users never check. The phone number dictionary attack described above, is the only loophole I can think of that lets you harvest a large list of Facebook users and a means to contact them in a way that they will actually see.

What could somebody do with such a database? Well, even if you only had a small list of a few thousand people, you could try spamming or scamming the numbers via text message. SMS scams are nothing new, of course, but they would probably be more effective if supplemented with the details you could get from a person's Facebook profile. (For straight-up spam, you can target it based on the interests listed in a person's profile. For scams, remember that you can use names taken from a person's friends list: "Hi, this is Jessica Smith. I have to pay off a parking ticket online or my car will get towed; can I borrow your credit card number and then I'll pay you tomorrow?")

Or if you spidered so many accounts that you built up a database which included a significant portion of all Facebook users with phone numbers on their profile, you could even launch your own publicly searchable website, splattered with grey-market pop-up advertisements: "Look up any Facebook user's phone number! If they've got their number on their Facebook profile, we have it here!" (While this would certainly raise awareness of the problem, I think it's more likely that the data harvester would decide they could make more money trading the data on the black market.)

I haven't seen this issue raised anywhere else, but lest you accuse me of "giving the bad guys ideas", I do think it's sufficiently obvious that some people on the dark side have probably discovered it, or would have, even if I hadn't brought it up. And even if any of these outcomes is unlikely, it would only have to be done once, to put the users' data permanently in the hands of the attackers, with Facebook unable to put the cat back into the bag. (Although they could at least rectify the problem for new users going forward.)

Balanced against this, what is the upside of being able to search for someone's profile on Facebook using their phone number? In my Facebook-using days, I never did it, since it was always easier to find someone using their email address, or by searching for their name, or by finding them in the friends list of one of our mutual friends. But even in a case where all you had was the person's phone number, is it too much to text them and ask for their first and last name, or their email address, so you can add them on Facebook?

Although Facebook did not respond to my inquiries, it's true that the existing behavior doesn't technically look like a violation of their Privacy Policy ("To make it easier for your friends to find you, we allow anyone with your contact information (such as email address or telephone number) to find you through the Facebook search bar..."). And I verified with a new test account that by default, in your privacy settings, under "How You Connect", the setting "Who can look you up using the email address or phone number you provided?" is set to "Everyone." The problem is that this setting casually lumps the two together, and users — as well as Facebook itself — might not realize that the implications of being findable by your phone number, are different from being findable by your email address.

Facebook should probably just go ahead and block searches by phone number — or, at least, make you fill out a CAPTCHA every time you do a phone number search, to make it harder to harvest them in bulk. There's no way to know if scammers are trying this already, but at least we can prevent it going forward. That would require a small edit to Facebook's privacy policy, but luckily for them, they can now do that without even calling a vote.

- - - - - - - - - - - - - - - - - - - - - - - - - - Do you have a feature idea for Slashdot? Contact us at feedback@slashdot.org, and give us a heads-up!

New submitter mallyn points out that the state of New York has become the first state to pass a new gun control law since the school shooting at Sandy Hook Elementary last month. "Called the New York Safe Act, the law includes a tougher assault weapons ban that broadens the definition of what constitutes an assault weapon, and limits the capacity of magazines to seven bullets, down from 10. The law also requires background checks of ammunition and gun buyers, even in private sales, imposes tougher penalties for illegal gun use, a one-state check on all firearms purchases, and programs to cut gun violence in high-crime neighborhoods. ... New York's law also aims to keep guns out of the hands of those will mental illness. The law gives judges the power to require those who pose a threat to themselves or others get outpatient care. The law also requires that when a mental health professional determines a gun owner is likely to do harm, the risk must be reported and the gun removed by law enforcement." Meanwhile, the Obama Administration is expected to propose a new federal assault weapons ban later today.

McGruber writes "ABC News/ESPN broke the story that a team of scientists from the National Institutes of Health (NIH) analyzed the brain tissue of renowned NFL linebacker Junior Seau and have concluded that the football player suffered a debilitating brain disease likely caused by two decades worth of hits to the head. From the article: 'In May 2012, Seau, 43 — football's monster in the middle, a perennial all-star and defensive icon in the 1990s whose passionate hits made him a dominant figure in the NFL — shot himself in the chest at his home in Oceanside, Calif., leaving behind four children and many unanswered questions.' As Slashdot earlier reported, more than 30 NFL players have in recent years been diagnosed with chronic traumatic encephalopathy (CTE), a condition once known as 'punch drunk' because it affected boxers who had taken multiple blows to the head."

"Start thinking about getting your tinfoil hat radiation hardened," writes an anonymous reader, and excerpts thus from ABC News: "Southern Co. in Georgia and SCANA Corp. in South Carolina are the first to prepare new workers to run a recently approved reactor design never before built in the United States. Training like it will be repeated over the decades-long lifetime of those plants and at other new ones that may share the technology in years to come. Both power companies are building pairs of Westinghouse Electric Corp. AP1000 reactors at Plant Vogtle near Augusta and SCANA Corp.'s Summer Nuclear Station northwest of Columbia, S.C. While the nuclear industry had earlier proposed a larger building campaign, low natural gas prices coupled with uncertainty after last year's disaster at a Japanese nuclear plant have scaled back those ambitions." Getting a new nuclear plant approved is a long haul.

Reuters reports that John McAfee's troubles in Central America seem to be coming to an end. After a Guatemalan judge ordered McAfee's release yesterday, the country's immigration authorities have now deported him, putting him on a plane to Miami this afternoon. McAfee told ABC News, "They took me out of my cell and put me on a freaking airplane. I had no choice in the matter." Which is not to say he's unhappy with the outcome: "It was the most gracious expulsion I've ever experienced. Compared to my past two wives that expelled me this isn't a terrible trip."

First time accepted submitter iggymanz writes "More precise modeling has changed some long term climate predictions: sea levels to rise almost a meter more than present over the next century, but past dire warnings of stronger storms or more frequent droughts won't pan out. Instead there will be less strong storms, but peak winds in the tropics might be slightly higher. Temperature rise of global average will be about 3 degree C total, including the 1 degree C rise over the 20th century. In places where precipitation is frequent, it will become even more frequent; in arid areas, the tendency will be to become even drier. Some new arid areas are expected to appear in the south of N. America, South Africa and Mediterranean countries. Overall, hardly a doomsday scenario."

New submitter kc67 sends this report from ABC: "Five years after the iPhone originally launched in 2007, T-Mobile will finally start carrying it. It might not be as buzz-worthy as when Verizon finally got the iPhone back in 2011, but it's going to be a pretty big deal for T-Mobile subscribers next year, when the carrier starts selling Apple products. ... T-Mobile USA CEO John Legere said while speaking at the Deutsche Telekom conference Thursday that it will carry the iPhone and will offer it in a different way. 'What was missing? A certain number of customers wouldn't come to the store if we didn't have the iPhone,' Legere said. 'We worked very, very hard for a deal that made sense for us.'"

An anonymous reader writes with this snippet from ABC News: "Software millionaire John McAfee has been taken to a Guatemala City hospital via ambulance after suffering a possible heart attack at the detention center where he is being held. McAfee, 67 — who may soon be deported back to Belize, where authorities want to question him about the shooting death of his neighbor — was reportedly prostrate on the floor of his cell and unresponsive. He was wheeled into the hospital on a gurney, but when nurses began removing his suit, he became responsive and said, 'Please, not in front of the press.' Earlier today, McAfee had complained of chest pains."

SternisheFan sends this excerpt from ABC: "On the heels of the latest NFL suicide, researchers announced today that 34 NFL players whose brains were studied suffered from CTE, a degenerative brain disease brought on by repeated hits to the head that results in confusion, depression and, eventually, dementia. The study was released just days after the murder-suicide of Kansas City Chiefs linebacker Jovan Belcher. It's not yet known what triggered Belcher's action, but they mirror other NFL players who have committed suicide. Researchers at Boston University's Center for the Study of Traumatic Encephalopathy published the largest case series study of CTE to date (abstract), according to the center. Of the 85 brains donated by the families of deceased veterans and athletes with histories of repeated head trauma, they found CTE in 68 of them. Of those, 34 were professional football players, nine others played college football and six played only high school football. Of the 35 professional football players' brains donated, only one had no evidence of the disease, according to the study." It's a good thing we protect our youth from conditions like this.

SternisheFan sends this excerpt from ABC: "On the heels of the latest NFL suicide, researchers announced today that 34 NFL players whose brains were studied suffered from CTE, a degenerative brain disease brought on by repeated hits to the head that results in confusion, depression and, eventually, dementia. The study was released just days after the murder-suicide of Kansas City Chiefs linebacker Jovan Belcher. It's not yet known what triggered Belcher's action, but they mirror other NFL players who have committed suicide. Researchers at Boston University's Center for the Study of Traumatic Encephalopathy published the largest case series study of CTE to date (abstract), according to the center. Of the 85 brains donated by the families of deceased veterans and athletes with histories of repeated head trauma, they found CTE in 68 of them. Of those, 34 were professional football players, nine others played college football and six played only high school football. Of the 35 professional football players' brains donated, only one had no evidence of the disease, according to the study." It's a good thing we protect our youth from conditions like this.

theodp writes "Two decades before Moneyball hit the Big Screen, Coach David Arseneault of tiny Grinnell College came up with a unique style of run-and-gun basketball that he called The System, the principles of which were subjected to statistical analysis in Keys to Success in a Run-and-Gun Basketball System, a paper for the 2011 Joint Statistical Meetings. Well, as they say, sometimes The System works. On Tuesday, biochem major Jack Taylor, just three games into his career as a Grinnell College basketball player, made national news when he poured in 138 points — yes, 138 points — in a 179-104 victory over Faith Baptist Bible College. Even LeBron and Kobe were impressed. The old NCAA Division III record of 89 was set last year by Taylor's Grinnell teammate, Griffin Lentsch. Taylor's feat also bested what was deemed to be the unbeatable overall NCAA scoring record of 113 points, set by NCAA Division II performer Clarence 'Bevo' Francis of Rio Grande in 1954."

Black Parrot writes "Several news sites are reporting that the 1962 replica of the HMS bounty was lost at sea due to hurricane Sandy, about 90 miles off North Carolina. The latest news I find says 14 of 16 crew rescued, one drowned, and the Captain still missing." And on land, the combination of wind and water surges knocked off Gawker sites and the Huffington Post for a time, and forced the evacuation of NYU's Langone Medical Center. Did it affect you?

Tonight marks the third and final U.S. Presidential debate in the lead-up to the election on November 6th. It starts at 9PM ET (6PM PT, 0100 UTC), and it's taking place at Lynn University in Florida. The topic this time around is foreign policy, including discussions of Afghanistan and Pakistan, Israel and Iran, America's role in the world, "The Changing Middle East and the New Face of Terrorism," and China's rise as a superpower. You can livestream it from the usual suspects: (C-SPAN, ABC, PBS, CNN). Politifact has posted an article fact-checking statements the candidates have made about foreign policy. Both they and Factcheck.org will be using Twitter to verify statements in real time. This presidential debate again excludes the smaller U.S. political parties. If you're interested in hearing other voices, you'll be able to see candidates from the Libertarian, Green, Constitution, and Justice parties in a debate tomorrow with Larry King moderating. As before, we're doing a separate post for the debate in the hopes that political talk won't clutter other stories tonight. Tell us what you think as the debate unfolds. For live conversation, remember: context helps. And, as reader Ryanator2209 keeps pointing out, you can entertain yourself by playing Logical Fallacy Bingo while you watch.

The second U.S. Presidential debate kicks off in about a half-hour (9PM ET, 6PM PT, 0100 UTC) from Hofstra University in Hempstead, New York. Incumbent Barack Obama and challenger Mitt Romney will take questions from an audience of allegedly undecided voters. A live stream of the event will be available from a number of sources (C-SPAN, CNN, ABC, and PBS), and it will be broadcast nationally on the major networks. The flash-less and television-less can use rtmpdump to catch the debate from C-SPAN. It won't preempt the more important telecasts, like playoff baseball. Candidates from smaller parties again went uninvited (e.g. Gary Johnson from the Libertarians, Jill Stein from the Greens, Virgil Goode from the Constitution Party, and Rocky Anderson from the Justice Party). In fact, Jill Stein was arrested for attempting to enter without credentials (her side of the story). Assuming she's out of jail by Thursday, she and Gary Johnson will be participating in an online debate hosted by IVN.us. While tonight's debate is in progress, Politifact will be fact-checking the candidates in real-time (while CNN has demonstrated their journalistic capabilities with a debate drinking game). Feel free to weigh in with your commentary on the debate below — it would be helpful to provide timestamps or other context when referring to particular statements. As before, we're posting this here in a vain attempt to keep the political discussion out of other story threads tonight. If either of the candidates spontaneously concedes the election or catches fire, we'll do our best to update you.

An anonymous reader writes "Despite billions of dollars in advanced electronics, radar, and sonar it seems the Navy needs to install backup cameras on their boats. 'The Pentagon said late Saturday that it is investigating why a Navy submarine collided with an Aegis cruiser during routine operations at an undisclosed location.' According to ABC, 'the two ships were participating in a “group sail” along with another vessel. The three ships were participating in an anti-submarine exercise in preparation for an upcoming deployment as part of the strike group for the aircraft carrier USS Harry S Truman."

Penurious Penguin writes "On October 2, City Commissioners of Delray Beach finalized a policy which prohibits agencies from hiring employees who use tobacco products. Delray Beach isn't alone though; other Florida cities such as Hollywood and Hallandale Beach, require prospective employees to sign affidavits declaring themselves tobacco-free for 12 months prior to the date of application. Throughout the states, both government and businesses are moving to ban tobacco-use beyond working hours. Many medical facilities, e.g. hospitals, have implemented or intend to implement similar policies. In some more-aggressive environments referred to as nicotine-free, employee urine-samples can be taken and tested for any presence of nicotine, not excluding that from gum or patches. Employees testing positive can be terminated. Times do change, and adaptation is often a necessary burden. But have they changed so much that we'd now postpone the Manhattan project for 12 months because Oppenheimer had toked his pipe? Would we confine our vision to the Milky Way or snub the 1373 Cincinnati because Hubble smoked his? Would we shun relativity, or shelve the works of Tolkien because he and C. S. Lewis had done the same? If so, then where will it stop?"

First time accepted submitter bmxeroh writes "Remember the tragic maple syrup heist? Police have seized more than 600 barrels of maple syrup they say are related to the missing syrup. It was transported back to Quebec via a 16 tractor trailer, heavily guarded (and presumably heavily armed) convoy Wednesday."