Domain: slashdot.org
Stories and comments across the archive that link to slashdot.org.
Stories · 37,380
-
Timberwolf (Firefox) Beta For AmigaOS
An anonymous reader writes "News from the world of AmigaOS that the Beta version of Timberwolf (a.k.a. Firefox) was made available last month." Timberwolf is a port of Firefox to the AmigaOS (the name change is for similar reasons to Debian's use of Iceweasel name) and has been under development for quite some time. The AmigaBounty project page has screenshots and even more info for those interested. There's a video of the browser in action, but beware of the cheesy soundtrack. -
X-37B Space Plane Marks One Year In Space
S810 writes with an excerpt from an article on the X-37B in at Discovery News: "The military won't say what it has been doing with its experimental miniature space shuttle, but the pilotless spaceship, known as the X-37B, has been in orbit for a year now. The 29-foot robotic spacecraft, also known as the Orbital Test Vehicle, or OTV, was launched on March 5, 2011, on a follow-up flight to extend capabilities demonstrated by a sister ship during a 244-day debut mission in 2010. 'We are very pleased with the results of ongoing X-37B experiments,' Tom McIntyre, with the Air Force Rapid Capabilities Office..." -
X-37B Space Plane Marks One Year In Space
S810 writes with an excerpt from an article on the X-37B in at Discovery News: "The military won't say what it has been doing with its experimental miniature space shuttle, but the pilotless spaceship, known as the X-37B, has been in orbit for a year now. The 29-foot robotic spacecraft, also known as the Orbital Test Vehicle, or OTV, was launched on March 5, 2011, on a follow-up flight to extend capabilities demonstrated by a sister ship during a 244-day debut mission in 2010. 'We are very pleased with the results of ongoing X-37B experiments,' Tom McIntyre, with the Air Force Rapid Capabilities Office..." -
Western Digital's Hitachi Storage Takeover Approved With Restrictions
angry tapir writes "Western Digital's plan to buy Hitachi Global Storage has run into U.S. FTC resistance: The U.S. FTC will require Western Digital to sell off assets used to manufacture desktop hard drives to a competitor as a condition of its U.S.$4.5 billion acquisition of rival Hitachi Global Storage Technologies, the agency has announced." It looks like Toshiba is the competitor receiving the manufacturing assets. More from the FTC: "Under the proposed settlement order, Toshiba will receive all of the productive assets needed to replicate Hitachi Global Storage Technologies' position in the desktop hard disk drive market. In addition, the settlement order requires Western Digital to provide Toshiba with access to its employees involved in research and development and the production of desktop hard disk drives, and also requires Western Digital to license all intellectual property needed to make and supply desktop hard disk drives to Toshiba. The settlement order also requires Western Digital to be available to supply Toshiba with certain components Toshiba will need to run the desktop hard disk drive business it acquires, and to contract manufacture hard disk drives for Toshiba until Toshiba is able to manufacture them on its own. The FTC also has appointed a monitor to oversee the sale of the assets to Toshiba and to keep the Commission informed about the status of the required divestiture." -
Gate One Brings Text-mode Surfing To the Web, Quake-Style
Riskable writes "As a follow-up to my previous Slashdot story, Gate One is now out of beta. Packages can be downloaded here. There's also a live demo: press the ESC key on this page to have a terminal running lynx drop into view, Quake-style! I've also posted a video overview and the documentation can be found here. Some pertinent changes since the beta: Added the ability display images inline within terminals, key-based SSH authentication, a WebSockets authentication API (for secure embedding), dramatically improved terminal emulation, an overhauled bookmark manager, support for international keyboard layouts, and a web-based log viewer that lets you export logs to self-contained HTML playback files." -
After Legal Fight, NCI Researchers Publish Study Linking Diesel Exhaust, Cancer
ananyo writes "A landmark study involving U.S. miners that links cancer rates to diesel fume exposure has been published after a seventeen-year legal battle with an industry group. A February 27 Slashdot story had reported that lawyers for the mining industry had sent threatening letters to scientific journals advising them against publishing the study. Initiated in 1998, after the first of many legal delays, the study analyzed exposures in detail for more than 12,000 workers while controlling for smoking and other risk factors. In the end, the scientists found that miners faced a threefold risk of lethal lung cancer, and underground workers who were heavily exposed to diesel fumes faced a fivefold risk. The two concluding papers from the study are available in full." -
AMD Gives Up Its Share In GlobalFoundries
MrSeb writes "Three years ago today, AMD spun off its fab division, in a move the company claimed would allow it to more effectively leverage its assets, inject new capital into the foundry side of the business, and make it more competitive vis-à-vis Chipzilla. Today, that dream is dead. AMD announced today that it would give up its 8.8% equity stake in the company. When AMD created GlobalFoundries in 2009, the company held a 34.2% share in the foundry. The main thing that AMD gains from this deal is manufacturing flexibility. Previously, Sunnyvale had agreed to manufacture 28nm APUs solely with GlobalFoundries. This new agreement voids that arrangement, freeing AMD to work with TSMC and other foundries.. It's not an agreement that came cheap, though — not only is AMD giving up its 8.8% equity share of GF, it's agreed to pay the manufacturer some $425 million by the end of Q1 2013. AMD will take a $703M charge against the transaction. It's unclear how this move will pan out. We know AMD killed Krishna/Wichita due to manufacturing problems, Llano limped along for most of 2011, and GF's problems at 32nm impacted AMD's ability to sell 45nm chips into the channel. From a macroeconomic perspective, AMD is simply transferring its business to a foundry partner that's more able to meet its needs. One could argue that AMD's decision to get out of the foundry business is a logical extension of new-CEO Rory Read's plan to de-emphasize cutting-edge silicon in favor of SoCs. Time will tell." -
DARPA-Funded 'Cheetah' Breaks Speed Record For Legged Robots
Sparrowvsrevolution writes "Boston Dynamics, a Waltham, Massachusetts technology firm and DARPA contractor, announced Monday that it's broken the speed record for running, legged robots. Its new four-legged creation is Cheetah, a robot that can run at 18 miles an hour, far faster than the 13.1 miles per hour record set by MIT in 1989. The video it's released shows Cheetah running on a treadmill, but the company hopes to both increase the robot's speed and take it onto outdoor terrain in the near future. Boston Dynamics rose to fame with its four-legged cargo robot Big Dog which showed an uncanny ability to walk over terrain and recover its footing even when it slips or is kicked. The firm followed up with Petman, a two-legged prototype that applies the same technology to human-style walking." -
DARPA-Funded 'Cheetah' Breaks Speed Record For Legged Robots
Sparrowvsrevolution writes "Boston Dynamics, a Waltham, Massachusetts technology firm and DARPA contractor, announced Monday that it's broken the speed record for running, legged robots. Its new four-legged creation is Cheetah, a robot that can run at 18 miles an hour, far faster than the 13.1 miles per hour record set by MIT in 1989. The video it's released shows Cheetah running on a treadmill, but the company hopes to both increase the robot's speed and take it onto outdoor terrain in the near future. Boston Dynamics rose to fame with its four-legged cargo robot Big Dog which showed an uncanny ability to walk over terrain and recover its footing even when it slips or is kicked. The firm followed up with Petman, a two-legged prototype that applies the same technology to human-style walking." -
Math Textbooks a Textbook Example of Bad Textbooks
theodp writes "Over at Salon, Annie Keeghan does an Upton Sinclair number on the math textbook industry. In recent years, Keeghan explains, math has become the subject du jour due to government initiatives and efforts to raise the rankings of lagging U.S. students. But with state and local budgets constrained, math textbook publishers competing for fewer available dollars are rushing their products to market before their competitors, resulting in product that in many instances is inherently, tragically flawed. Keeghan writes: 'There may be a reason you can't figure out some of those math problems in your son or daughter's math text and it might have nothing at all to do with you. That math homework you're trying to help your child muddle through might include problems with no possible solution. It could be that key information or steps are missing, that the problem involves a concept your child hasn't yet been introduced to, or that the math problem is structurally unsound for a host of other reasons.' The comments on Keeghan's article are also an eye-opener — here's a sample: 'Sales and marketing budgets are astronomical because the expenses pay off more than investments in product. Sadly, most teachers are not curriculum experts and are swayed by the surface pitches. Teachers make the decisions, but are not the users (students) nor are they spending their own money. As a result, products that make their lives easier and that come with free meals and gifts are the most successful.' So, can open source or competitions build better math textbooks?" -
Math Textbooks a Textbook Example of Bad Textbooks
theodp writes "Over at Salon, Annie Keeghan does an Upton Sinclair number on the math textbook industry. In recent years, Keeghan explains, math has become the subject du jour due to government initiatives and efforts to raise the rankings of lagging U.S. students. But with state and local budgets constrained, math textbook publishers competing for fewer available dollars are rushing their products to market before their competitors, resulting in product that in many instances is inherently, tragically flawed. Keeghan writes: 'There may be a reason you can't figure out some of those math problems in your son or daughter's math text and it might have nothing at all to do with you. That math homework you're trying to help your child muddle through might include problems with no possible solution. It could be that key information or steps are missing, that the problem involves a concept your child hasn't yet been introduced to, or that the math problem is structurally unsound for a host of other reasons.' The comments on Keeghan's article are also an eye-opener — here's a sample: 'Sales and marketing budgets are astronomical because the expenses pay off more than investments in product. Sadly, most teachers are not curriculum experts and are swayed by the surface pitches. Teachers make the decisions, but are not the users (students) nor are they spending their own money. As a result, products that make their lives easier and that come with free meals and gifts are the most successful.' So, can open source or competitions build better math textbooks?" -
Chrome Users Are Best With Numbers, IE Users Worst
New submitter dr_blurb writes "After reading about last year's hoax report 'Intelligence Quotient (IQ) and Browser Usage' I realized I was in fact already running a real live experiment measuring number skills: a site were you can solve Calcudoku number puzzles. I analyzed two years' worth of data, consisting of over 1 million solved puzzles. This included puzzles solved 'against the clock,' of three different sizes. For each size, Chrome users were the fastest solvers, Firefox users came second, and IE users were the slowest. The number of abandoned puzzles (started but never finished) was also significantly higher for IE users. Analysis shows that the differences are statistically significant: in other words, they did not happen by chance. I put up more details and some graphs, and also wrote a paper about it (PDF)." -
Anonymous Supporters Tricked Into Installing Trojan
dsinc sends this quote from a Symantec report: "In 2011, dozens of Anonymous members who participated in distributed denial-of-service (DDoS) attacks in support of Anonymous hacktivism causes were arrested. In these DDoS attacks, supporters using the Low Orbit Ion Cannon denial-of-service (DoS) tool would voluntarily include their computer in a botnet for attacks in support of Anonymous. In the wake Anonymous member arrests this week, it is worth highlighting how Anonymous supporters have been deceived into installing Zeus botnet clients purportedly for the purpose of DoS attacks. The Zeus client does perform DoS attacks, but it doesn’t stop there. It also steals the users' online banking credentials, webmail credentials, and cookies. The deception of Anonymous supporters began on January 20, 2012, the day of the FBI Megaupload raid." -
GPL, Copyleft On the Rise
paxcoder writes "Contrary to earlier analyses that predicted a decline of copyleft software share to as little as 50% this year, John Sullivan, the executive director of the Free Software Foundation, claims the opposite has happened: In his talk at FOSDEM 2012 titled 'Is Copyleft Being Framed?,' Sullivan presented evidence (PDF) of a consistent increase of usage of copyleft licenses in relation to the usage of permissive licenses in free software projects over the past few years. Using publicly available package information provided by the Debian project, his study showed that the number of packages using the GPL family in that distribution this year reached a share of 93% of all packages with (L)GPLv3 usage rising 400% between the last two Debian versions." -
Virginia High Court Rejects Case Against Climatologist Michael Mann
ananyo writes "The Virgina Supreme Court on Friday tossed out an investigation by the state's conservative attorney general, Ken Cuccinelli, into Michael Mann, the former University of Virginia climatologist whose work on the now-famous hockey-stick graph has become a lightning rod for climate skeptics. 'In a dense and conflicted 26-page ruling (PDF) covering a century and a half of case law — including references to kings as well as modern "functional incongruities" that divided the judges themselves — Virginia’s high court ruled that the university is not a "person" and thus is not subject to Cuccinelli’s demands under the state’s Fraud Against Taxpayers Act.' The 'climategate' scientist has been cleared of wrongdoing by a number of investigations." -
Virginia High Court Rejects Case Against Climatologist Michael Mann
ananyo writes "The Virgina Supreme Court on Friday tossed out an investigation by the state's conservative attorney general, Ken Cuccinelli, into Michael Mann, the former University of Virginia climatologist whose work on the now-famous hockey-stick graph has become a lightning rod for climate skeptics. 'In a dense and conflicted 26-page ruling (PDF) covering a century and a half of case law — including references to kings as well as modern "functional incongruities" that divided the judges themselves — Virginia’s high court ruled that the university is not a "person" and thus is not subject to Cuccinelli’s demands under the state’s Fraud Against Taxpayers Act.' The 'climategate' scientist has been cleared of wrongdoing by a number of investigations." -
Chevy Volt Meets High Resistance, GM Suspends Sales
Hugh Pickens writes "The Hill reports that GM has announced to employees at one of its facilities that it is suspending production of the Chevy Volt for five weeks and temporarily laying off 1,300 employees. Back when GM launched the beleaguered electric car, it boldly targeted sales of 10,000 in 2011 and 60,000 in 2012 but GM only sold 7,671 Volts in 2011 and just 1,626 so far this year. 'We needed to maintain proper inventory and make sure that we continued to meet market demand,' says GM spokesman Chris Lee. 'We see positive trends, but we needed to make this market adjustment.' Although President Obama promised he would buy a Volt 'five years from now, when I'm not president anymore,' the Volt has come under criticism from Republicans in Congress because of reports of its batteries catching on fire during testing. Ironically, the shutdown comes as gas prices are soaring, exactly the time when an electric car should be an easy sell." If it's still true that GM was taking a loss on every Volt sold, perhaps this is a blessing in disguise. -
Chevy Volt Meets High Resistance, GM Suspends Sales
Hugh Pickens writes "The Hill reports that GM has announced to employees at one of its facilities that it is suspending production of the Chevy Volt for five weeks and temporarily laying off 1,300 employees. Back when GM launched the beleaguered electric car, it boldly targeted sales of 10,000 in 2011 and 60,000 in 2012 but GM only sold 7,671 Volts in 2011 and just 1,626 so far this year. 'We needed to maintain proper inventory and make sure that we continued to meet market demand,' says GM spokesman Chris Lee. 'We see positive trends, but we needed to make this market adjustment.' Although President Obama promised he would buy a Volt 'five years from now, when I'm not president anymore,' the Volt has come under criticism from Republicans in Congress because of reports of its batteries catching on fire during testing. Ironically, the shutdown comes as gas prices are soaring, exactly the time when an electric car should be an easy sell." If it's still true that GM was taking a loss on every Volt sold, perhaps this is a blessing in disguise. -
With 8 Cards, Wolfenstein Ray Traced 7.7x Faster
An anonymous reader writes "As Slashdot readers know Intel's research project on ray tracing for games has recently been shown at 1080p, using eight Knights Ferry cards with Intel's 'Many Integrated Core' architecture. Now a white paper goes into more detail, documenting near-linear scaling for the cloud setup with 8 cards, and gives details on the implementation of 'smart anti-aliasing.' It will be interesting to see how many instances of Intel's next MIC iteration — dubbed Knights Corner, with 50+ cores — will be required for the same workload." -
FCC Inquires Into Its Own Authority To Regulate Communication Service Shutdowns
New submitter DnaK writes "The Federal Communications Commission is reviewing whether or when the police and other government officials can intentionally interrupt cellphone and Internet service to protect public safety. A scary proposition which will easily become a First Amendment issue. Does the FCC have the authority to [regulate local or state authorities' decision to] take down cellular networks if they determine there is an imminent threat? The FCC is currently asking for public input (PDF) on this decision." According to the article, "among the issues on which the F.C.C. is seeking comment is whether it even has authority over the issue. The public notice asks for comment on whether the F.C.C. itself has legal authority over shutdowns of wireless service and whether it can pre-empt local, state or federal laws that prohibit or constrain the ability of anyone to interrupt service." Maybe they just don't like being upstaged by BART. -
In Theory And Practice, Why Internet-Based Voting Is a Bad Idea
A few countries, like Estonia, have gone for internet-based voting in national elections in a big way, and many others (like Ireland and Canada) have experimented with it. For Americans, with a presidential election approaching later this year, it's a timely issue: already, some states have come to allow at least certain forms of voting by internet. Proponents say online elections have compelling upsides, chief among them ease of participation. People who might not otherwise vote — in particular military personnel stationed abroad, but many others besides — are more and more reached by internet access. Online voting offers a way to keep the electoral process open to them. With online voting, too, there's no worry about conventional absentee ballots being lost or delayed in the postal system, either before reaching the voter or on the way back to be counted. The downsides, though, are daunting. According to RSA panelists David Jefferson and J. Alex Halderman, in fact, they're overwhelming. Speaking Thursday afternoon, the two laid out their case against e-voting.
(Read more for more, and look for a video interview with Halderman soon).
Jefferson and Halderman have impressive credentials as analysts and critics of internet voting. Jefferson, a computer scientist at Lawrence Livermore National Laboratory, is chairman of the board of the Verified Voting Foundation, an NGO focused on promoting election integrity, and coauthor of a report that spurred the Department of Defense to withdraw for further consideration its then-plan for online voting, called SERVE, in 2004. Halderman takes a different, hands-on approach, demonstrating (along with his grad students at the University of Michigan) just how polling-station election machines and online voting system can be compromised. "I've probably hacked into and otherwise found vulnerabilities in more polling places than anyone else," he says.
Jefferson and Halderman are careful to define the key element of elections they're trying to expose as unfixably broken: namely, the delivery of completed ballots over the internet, whether that means a web app, email or some other conduit, without a voter-verified paper audit trail. Some kinds of election technology can move from the voting booth to the online world with less risk to the integrity of the election itself — for instance, distribution of blank ballots, or even online voter registration. "This isn't about keeping score of primaries, or gathering information about candidates, but actually voting," said Jefferson. The risk of hacked elections isn't just the possibility of political rivals trying to out-do each other, he said; ultimately, vulnerable election systems compromise national security and ballot secrecy. Even a few hundred votes may suffice to swing a House or Senate race, and that can have cascading consequences for control of elected bodies themselves. "Wherever there's a concentration of votes sufficient to swing a major election, there's a national security concern."
Why assume that election systems can be manipulated? And since paper ballots are not immune to questionable or downright fraudulent counts, why call out the electronic version in particular? In part, he says, because the structure of an electronic voting system is inherently complex, and because it's difficult if not impossible to roll back results if a compromise is suspected. Unlike paper ballots (and in the absence of a paper audit trail backing an electronic voting system), online vote gathering offers no good way to re-count. Jefferson laid out four major and overlapping areas of likely attacks on internet voting systems, any one of which could taint the results of an election.
First, individual voting jurisdictions are vulnerable to attack. (In the U.S., for federal elections, that essentially means counties, totaling more than 7000.) Even in local races, there can be billions of dollars at stake in high-population counties like Cook County or L.A. County. Vendors, both their networks and their source code, are also at risk. Assuming that even best efforts can keep the source code behind the handful of election-system vendors safe is a sucker's bet, Jefferson says. Even large companies with enormous security resources have been hacked, with source code a prime target, as happened to Google and 25 other firms in 2010 in a breach attributed to Chinese operatives. "Who knows if those [online voting software] vendors have already been penetrated? You wouldn't have any idea," said Jefferson.
Even if both local voting authorities and e-voting software vendors were themselves able to deflect all attacks, voters using an online voting system on their home or office PCs would still be at the mercy of the weakest link of the chain — the security of the machines available to them. Targeted malware could be used to present a different set of on-screen options to a voter than it actually sends back to the election counters. Because one of the protections of a secret ballot is to make available to voters proof that they voted but not how they voted, individuals who intended to selected candidate A would have no reason to know their vote was cast for candidate B instead. Malware could also simply vote without user interaction. It may not be election related, but a large fraction of PCs are already infected with some kind of malware, showing how big a problem this could be.
Finally, pure network attacks (or even errors) could disrupt the integrity of an election; exactly that kind of attack brought much of Estonia's online traffic to a halt in May 2007; lucky for Estonians that was not during an election, because Estonia is one of the few countries that has fully adopted online voting. Perhaps more chilling is the brief re-routing in April 2010 of 15 percent of the world's internet traffic through China.
Insecurity on the internet is itself a long-standing problem, so why the fuss? Unlike financial crime, such as credit card fraud, election fraud is hard to detect, and even harder to correct for, in large part because ballot secrecy is key to fair elections.
Voting is different. "Superficially, you'd think the transactions are very similar [to financial transactions], but underneath, all the issues are completely different. The privacy requirements are completely different, for example," says Jefferson. To prevent coerced voting, or simple vote selling, "You're allowed to tell anyone how you voted all you want, but you're not allowed to have proof of how you voted." Rolling back results to investigate suspected breaches is impossible, Jefferson says, without exposing the actual votes of individuals, at the very least to election officials.
Investigating financial crime online is the opposite; there, figuring out exactly who did what and when is the whole point, and the evidence is easy to find: if banking credentials are stolen, he said, "some account will go to zero." But in the case of elections, it's more likely that "the wrong people take office, and life goes on, and it's just never discovered."
And while no election fraud has yet been attributed to it, the trend is growing to institute the version of online voting that Jefferson calls "the worst idea ever" — voting by email. 33 states have modded their voting systems to accept in some cases PDFs of scanned ballots through ordinary e-mail to be entered by election workers. The numbers may be small (typically, this form of voting is limited to overseas voters, and in some cases voters are asked to acknowledge that their vote cannot be kept secret), but this allowance means that "e-mail voting is very widespread in the United States."
While Jefferson works through Verified Voting to influence policy makers to lay out the case against online voting, J. Alex Halderman, in his role as an assistant professor at the University of Michigan, turns theory into reality: he and his students break election systems (devices as well as software) in the U.S. and abroad to show just how easily a malicious attacker could do the same. He offered as an example of several of the ways electronic voting can fail his successful attack on an internet voting plan (see this earlier Slashdot story) that was to have been implemented in 2010 in the District of Columbia. The District had, with Federal grant money, designed an online voting system and already put it nearly into production, and had mailed PINs and voter ID numbers to voters in anticipation.
To D.C.'s credit, Halderman says, the election officials at least asked first for advice from security experts around the country, and invited them to test it in advance of using the system in an actual election, though mere days before the system was to have gone live. "It's not every day you're invited to hack into government computers without the threat of jail hanging over your head," says Halderman, who was attracted to the challenge of investigating the system itself, as well as curiosity about how the D.C. officials would respond to a system compromise.
Though Halderman says the Ruby on Rails-based system was written in "generally clean code," his team discovered a shell injection vulnerability which gave them access to the D.C. system (see his full paper as a PDF for the details), and immediately set about playing.
Web apps tend to be brittle, says Halderman, and D.C.'s was no exception. "App frameworks are written in ways that allow small mistakes to have big consequences," especially when vulnerabilities are often widely disseminated soon after discovery, and not always by white hat hackers like him.
"The first thing we did was steal all the important stuff," he says — credentials, keys, and more. Simply snooping on the data wasn't enough to fully demonstrate the problems in the system, though; the team replaced the information on all of the ballots as well, replacing the actual candidates with ones of their choice, offering up options like Hall 9000, and Bender for school board, and forced client machines to play the University of Michigan's fight song, before erasing the logs that would have allowed their intrusion to be properly analyzed by the system's administrators.
Their attack also led them to gain full access to a terminal server on the same network, and after they'd hacked into this ("using the default password from the owner's manual," Halderman notes) they noticed there was evidence in the logs of other attacks. In particular, some of the attacks appearing to originate in Iran and in China. While Halderman doubts these represent an attack specifically on the DC system voting system, the evidence of such attacks is "an illustration of how vulnerable things are."
Halderman acknowledges that voting in person, especially by electronic means, is far from foolproof, but he joins Jefferson in saying that online voting is categorically worse, and suggests that everyone who takes an interest in security or the mechanics of democratic elections raise the issues of privacy and security. His conclusion and advice for election officials in the U.S.: Voting online is a bad idea, and it simply can't be fixed in the foreseeable future. All the security problems of e-voting machines at polling stations apply directly to internet voting, too, which means that anyone on Earth can attack an online election.
"If my vote is insecure, everyone else who lives under that same government is harmed by that." -
In Theory And Practice, Why Internet-Based Voting Is a Bad Idea
A few countries, like Estonia, have gone for internet-based voting in national elections in a big way, and many others (like Ireland and Canada) have experimented with it. For Americans, with a presidential election approaching later this year, it's a timely issue: already, some states have come to allow at least certain forms of voting by internet. Proponents say online elections have compelling upsides, chief among them ease of participation. People who might not otherwise vote — in particular military personnel stationed abroad, but many others besides — are more and more reached by internet access. Online voting offers a way to keep the electoral process open to them. With online voting, too, there's no worry about conventional absentee ballots being lost or delayed in the postal system, either before reaching the voter or on the way back to be counted. The downsides, though, are daunting. According to RSA panelists David Jefferson and J. Alex Halderman, in fact, they're overwhelming. Speaking Thursday afternoon, the two laid out their case against e-voting.
(Read more for more, and look for a video interview with Halderman soon).
Jefferson and Halderman have impressive credentials as analysts and critics of internet voting. Jefferson, a computer scientist at Lawrence Livermore National Laboratory, is chairman of the board of the Verified Voting Foundation, an NGO focused on promoting election integrity, and coauthor of a report that spurred the Department of Defense to withdraw for further consideration its then-plan for online voting, called SERVE, in 2004. Halderman takes a different, hands-on approach, demonstrating (along with his grad students at the University of Michigan) just how polling-station election machines and online voting system can be compromised. "I've probably hacked into and otherwise found vulnerabilities in more polling places than anyone else," he says.
Jefferson and Halderman are careful to define the key element of elections they're trying to expose as unfixably broken: namely, the delivery of completed ballots over the internet, whether that means a web app, email or some other conduit, without a voter-verified paper audit trail. Some kinds of election technology can move from the voting booth to the online world with less risk to the integrity of the election itself — for instance, distribution of blank ballots, or even online voter registration. "This isn't about keeping score of primaries, or gathering information about candidates, but actually voting," said Jefferson. The risk of hacked elections isn't just the possibility of political rivals trying to out-do each other, he said; ultimately, vulnerable election systems compromise national security and ballot secrecy. Even a few hundred votes may suffice to swing a House or Senate race, and that can have cascading consequences for control of elected bodies themselves. "Wherever there's a concentration of votes sufficient to swing a major election, there's a national security concern."
Why assume that election systems can be manipulated? And since paper ballots are not immune to questionable or downright fraudulent counts, why call out the electronic version in particular? In part, he says, because the structure of an electronic voting system is inherently complex, and because it's difficult if not impossible to roll back results if a compromise is suspected. Unlike paper ballots (and in the absence of a paper audit trail backing an electronic voting system), online vote gathering offers no good way to re-count. Jefferson laid out four major and overlapping areas of likely attacks on internet voting systems, any one of which could taint the results of an election.
First, individual voting jurisdictions are vulnerable to attack. (In the U.S., for federal elections, that essentially means counties, totaling more than 7000.) Even in local races, there can be billions of dollars at stake in high-population counties like Cook County or L.A. County. Vendors, both their networks and their source code, are also at risk. Assuming that even best efforts can keep the source code behind the handful of election-system vendors safe is a sucker's bet, Jefferson says. Even large companies with enormous security resources have been hacked, with source code a prime target, as happened to Google and 25 other firms in 2010 in a breach attributed to Chinese operatives. "Who knows if those [online voting software] vendors have already been penetrated? You wouldn't have any idea," said Jefferson.
Even if both local voting authorities and e-voting software vendors were themselves able to deflect all attacks, voters using an online voting system on their home or office PCs would still be at the mercy of the weakest link of the chain — the security of the machines available to them. Targeted malware could be used to present a different set of on-screen options to a voter than it actually sends back to the election counters. Because one of the protections of a secret ballot is to make available to voters proof that they voted but not how they voted, individuals who intended to selected candidate A would have no reason to know their vote was cast for candidate B instead. Malware could also simply vote without user interaction. It may not be election related, but a large fraction of PCs are already infected with some kind of malware, showing how big a problem this could be.
Finally, pure network attacks (or even errors) could disrupt the integrity of an election; exactly that kind of attack brought much of Estonia's online traffic to a halt in May 2007; lucky for Estonians that was not during an election, because Estonia is one of the few countries that has fully adopted online voting. Perhaps more chilling is the brief re-routing in April 2010 of 15 percent of the world's internet traffic through China.
Insecurity on the internet is itself a long-standing problem, so why the fuss? Unlike financial crime, such as credit card fraud, election fraud is hard to detect, and even harder to correct for, in large part because ballot secrecy is key to fair elections.
Voting is different. "Superficially, you'd think the transactions are very similar [to financial transactions], but underneath, all the issues are completely different. The privacy requirements are completely different, for example," says Jefferson. To prevent coerced voting, or simple vote selling, "You're allowed to tell anyone how you voted all you want, but you're not allowed to have proof of how you voted." Rolling back results to investigate suspected breaches is impossible, Jefferson says, without exposing the actual votes of individuals, at the very least to election officials.
Investigating financial crime online is the opposite; there, figuring out exactly who did what and when is the whole point, and the evidence is easy to find: if banking credentials are stolen, he said, "some account will go to zero." But in the case of elections, it's more likely that "the wrong people take office, and life goes on, and it's just never discovered."
And while no election fraud has yet been attributed to it, the trend is growing to institute the version of online voting that Jefferson calls "the worst idea ever" — voting by email. 33 states have modded their voting systems to accept in some cases PDFs of scanned ballots through ordinary e-mail to be entered by election workers. The numbers may be small (typically, this form of voting is limited to overseas voters, and in some cases voters are asked to acknowledge that their vote cannot be kept secret), but this allowance means that "e-mail voting is very widespread in the United States."
While Jefferson works through Verified Voting to influence policy makers to lay out the case against online voting, J. Alex Halderman, in his role as an assistant professor at the University of Michigan, turns theory into reality: he and his students break election systems (devices as well as software) in the U.S. and abroad to show just how easily a malicious attacker could do the same. He offered as an example of several of the ways electronic voting can fail his successful attack on an internet voting plan (see this earlier Slashdot story) that was to have been implemented in 2010 in the District of Columbia. The District had, with Federal grant money, designed an online voting system and already put it nearly into production, and had mailed PINs and voter ID numbers to voters in anticipation.
To D.C.'s credit, Halderman says, the election officials at least asked first for advice from security experts around the country, and invited them to test it in advance of using the system in an actual election, though mere days before the system was to have gone live. "It's not every day you're invited to hack into government computers without the threat of jail hanging over your head," says Halderman, who was attracted to the challenge of investigating the system itself, as well as curiosity about how the D.C. officials would respond to a system compromise.
Though Halderman says the Ruby on Rails-based system was written in "generally clean code," his team discovered a shell injection vulnerability which gave them access to the D.C. system (see his full paper as a PDF for the details), and immediately set about playing.
Web apps tend to be brittle, says Halderman, and D.C.'s was no exception. "App frameworks are written in ways that allow small mistakes to have big consequences," especially when vulnerabilities are often widely disseminated soon after discovery, and not always by white hat hackers like him.
"The first thing we did was steal all the important stuff," he says — credentials, keys, and more. Simply snooping on the data wasn't enough to fully demonstrate the problems in the system, though; the team replaced the information on all of the ballots as well, replacing the actual candidates with ones of their choice, offering up options like Hall 9000, and Bender for school board, and forced client machines to play the University of Michigan's fight song, before erasing the logs that would have allowed their intrusion to be properly analyzed by the system's administrators.
Their attack also led them to gain full access to a terminal server on the same network, and after they'd hacked into this ("using the default password from the owner's manual," Halderman notes) they noticed there was evidence in the logs of other attacks. In particular, some of the attacks appearing to originate in Iran and in China. While Halderman doubts these represent an attack specifically on the DC system voting system, the evidence of such attacks is "an illustration of how vulnerable things are."
Halderman acknowledges that voting in person, especially by electronic means, is far from foolproof, but he joins Jefferson in saying that online voting is categorically worse, and suggests that everyone who takes an interest in security or the mechanics of democratic elections raise the issues of privacy and security. His conclusion and advice for election officials in the U.S.: Voting online is a bad idea, and it simply can't be fixed in the foreseeable future. All the security problems of e-voting machines at polling stations apply directly to internet voting, too, which means that anyone on Earth can attack an online election.
"If my vote is insecure, everyone else who lives under that same government is harmed by that." -
In Theory And Practice, Why Internet-Based Voting Is a Bad Idea
A few countries, like Estonia, have gone for internet-based voting in national elections in a big way, and many others (like Ireland and Canada) have experimented with it. For Americans, with a presidential election approaching later this year, it's a timely issue: already, some states have come to allow at least certain forms of voting by internet. Proponents say online elections have compelling upsides, chief among them ease of participation. People who might not otherwise vote — in particular military personnel stationed abroad, but many others besides — are more and more reached by internet access. Online voting offers a way to keep the electoral process open to them. With online voting, too, there's no worry about conventional absentee ballots being lost or delayed in the postal system, either before reaching the voter or on the way back to be counted. The downsides, though, are daunting. According to RSA panelists David Jefferson and J. Alex Halderman, in fact, they're overwhelming. Speaking Thursday afternoon, the two laid out their case against e-voting.
(Read more for more, and look for a video interview with Halderman soon).
Jefferson and Halderman have impressive credentials as analysts and critics of internet voting. Jefferson, a computer scientist at Lawrence Livermore National Laboratory, is chairman of the board of the Verified Voting Foundation, an NGO focused on promoting election integrity, and coauthor of a report that spurred the Department of Defense to withdraw for further consideration its then-plan for online voting, called SERVE, in 2004. Halderman takes a different, hands-on approach, demonstrating (along with his grad students at the University of Michigan) just how polling-station election machines and online voting system can be compromised. "I've probably hacked into and otherwise found vulnerabilities in more polling places than anyone else," he says.
Jefferson and Halderman are careful to define the key element of elections they're trying to expose as unfixably broken: namely, the delivery of completed ballots over the internet, whether that means a web app, email or some other conduit, without a voter-verified paper audit trail. Some kinds of election technology can move from the voting booth to the online world with less risk to the integrity of the election itself — for instance, distribution of blank ballots, or even online voter registration. "This isn't about keeping score of primaries, or gathering information about candidates, but actually voting," said Jefferson. The risk of hacked elections isn't just the possibility of political rivals trying to out-do each other, he said; ultimately, vulnerable election systems compromise national security and ballot secrecy. Even a few hundred votes may suffice to swing a House or Senate race, and that can have cascading consequences for control of elected bodies themselves. "Wherever there's a concentration of votes sufficient to swing a major election, there's a national security concern."
Why assume that election systems can be manipulated? And since paper ballots are not immune to questionable or downright fraudulent counts, why call out the electronic version in particular? In part, he says, because the structure of an electronic voting system is inherently complex, and because it's difficult if not impossible to roll back results if a compromise is suspected. Unlike paper ballots (and in the absence of a paper audit trail backing an electronic voting system), online vote gathering offers no good way to re-count. Jefferson laid out four major and overlapping areas of likely attacks on internet voting systems, any one of which could taint the results of an election.
First, individual voting jurisdictions are vulnerable to attack. (In the U.S., for federal elections, that essentially means counties, totaling more than 7000.) Even in local races, there can be billions of dollars at stake in high-population counties like Cook County or L.A. County. Vendors, both their networks and their source code, are also at risk. Assuming that even best efforts can keep the source code behind the handful of election-system vendors safe is a sucker's bet, Jefferson says. Even large companies with enormous security resources have been hacked, with source code a prime target, as happened to Google and 25 other firms in 2010 in a breach attributed to Chinese operatives. "Who knows if those [online voting software] vendors have already been penetrated? You wouldn't have any idea," said Jefferson.
Even if both local voting authorities and e-voting software vendors were themselves able to deflect all attacks, voters using an online voting system on their home or office PCs would still be at the mercy of the weakest link of the chain — the security of the machines available to them. Targeted malware could be used to present a different set of on-screen options to a voter than it actually sends back to the election counters. Because one of the protections of a secret ballot is to make available to voters proof that they voted but not how they voted, individuals who intended to selected candidate A would have no reason to know their vote was cast for candidate B instead. Malware could also simply vote without user interaction. It may not be election related, but a large fraction of PCs are already infected with some kind of malware, showing how big a problem this could be.
Finally, pure network attacks (or even errors) could disrupt the integrity of an election; exactly that kind of attack brought much of Estonia's online traffic to a halt in May 2007; lucky for Estonians that was not during an election, because Estonia is one of the few countries that has fully adopted online voting. Perhaps more chilling is the brief re-routing in April 2010 of 15 percent of the world's internet traffic through China.
Insecurity on the internet is itself a long-standing problem, so why the fuss? Unlike financial crime, such as credit card fraud, election fraud is hard to detect, and even harder to correct for, in large part because ballot secrecy is key to fair elections.
Voting is different. "Superficially, you'd think the transactions are very similar [to financial transactions], but underneath, all the issues are completely different. The privacy requirements are completely different, for example," says Jefferson. To prevent coerced voting, or simple vote selling, "You're allowed to tell anyone how you voted all you want, but you're not allowed to have proof of how you voted." Rolling back results to investigate suspected breaches is impossible, Jefferson says, without exposing the actual votes of individuals, at the very least to election officials.
Investigating financial crime online is the opposite; there, figuring out exactly who did what and when is the whole point, and the evidence is easy to find: if banking credentials are stolen, he said, "some account will go to zero." But in the case of elections, it's more likely that "the wrong people take office, and life goes on, and it's just never discovered."
And while no election fraud has yet been attributed to it, the trend is growing to institute the version of online voting that Jefferson calls "the worst idea ever" — voting by email. 33 states have modded their voting systems to accept in some cases PDFs of scanned ballots through ordinary e-mail to be entered by election workers. The numbers may be small (typically, this form of voting is limited to overseas voters, and in some cases voters are asked to acknowledge that their vote cannot be kept secret), but this allowance means that "e-mail voting is very widespread in the United States."
While Jefferson works through Verified Voting to influence policy makers to lay out the case against online voting, J. Alex Halderman, in his role as an assistant professor at the University of Michigan, turns theory into reality: he and his students break election systems (devices as well as software) in the U.S. and abroad to show just how easily a malicious attacker could do the same. He offered as an example of several of the ways electronic voting can fail his successful attack on an internet voting plan (see this earlier Slashdot story) that was to have been implemented in 2010 in the District of Columbia. The District had, with Federal grant money, designed an online voting system and already put it nearly into production, and had mailed PINs and voter ID numbers to voters in anticipation.
To D.C.'s credit, Halderman says, the election officials at least asked first for advice from security experts around the country, and invited them to test it in advance of using the system in an actual election, though mere days before the system was to have gone live. "It's not every day you're invited to hack into government computers without the threat of jail hanging over your head," says Halderman, who was attracted to the challenge of investigating the system itself, as well as curiosity about how the D.C. officials would respond to a system compromise.
Though Halderman says the Ruby on Rails-based system was written in "generally clean code," his team discovered a shell injection vulnerability which gave them access to the D.C. system (see his full paper as a PDF for the details), and immediately set about playing.
Web apps tend to be brittle, says Halderman, and D.C.'s was no exception. "App frameworks are written in ways that allow small mistakes to have big consequences," especially when vulnerabilities are often widely disseminated soon after discovery, and not always by white hat hackers like him.
"The first thing we did was steal all the important stuff," he says — credentials, keys, and more. Simply snooping on the data wasn't enough to fully demonstrate the problems in the system, though; the team replaced the information on all of the ballots as well, replacing the actual candidates with ones of their choice, offering up options like Hall 9000, and Bender for school board, and forced client machines to play the University of Michigan's fight song, before erasing the logs that would have allowed their intrusion to be properly analyzed by the system's administrators.
Their attack also led them to gain full access to a terminal server on the same network, and after they'd hacked into this ("using the default password from the owner's manual," Halderman notes) they noticed there was evidence in the logs of other attacks. In particular, some of the attacks appearing to originate in Iran and in China. While Halderman doubts these represent an attack specifically on the DC system voting system, the evidence of such attacks is "an illustration of how vulnerable things are."
Halderman acknowledges that voting in person, especially by electronic means, is far from foolproof, but he joins Jefferson in saying that online voting is categorically worse, and suggests that everyone who takes an interest in security or the mechanics of democratic elections raise the issues of privacy and security. His conclusion and advice for election officials in the U.S.: Voting online is a bad idea, and it simply can't be fixed in the foreseeable future. All the security problems of e-voting machines at polling stations apply directly to internet voting, too, which means that anyone on Earth can attack an online election.
"If my vote is insecure, everyone else who lives under that same government is harmed by that." -
In Theory And Practice, Why Internet-Based Voting Is a Bad Idea
A few countries, like Estonia, have gone for internet-based voting in national elections in a big way, and many others (like Ireland and Canada) have experimented with it. For Americans, with a presidential election approaching later this year, it's a timely issue: already, some states have come to allow at least certain forms of voting by internet. Proponents say online elections have compelling upsides, chief among them ease of participation. People who might not otherwise vote — in particular military personnel stationed abroad, but many others besides — are more and more reached by internet access. Online voting offers a way to keep the electoral process open to them. With online voting, too, there's no worry about conventional absentee ballots being lost or delayed in the postal system, either before reaching the voter or on the way back to be counted. The downsides, though, are daunting. According to RSA panelists David Jefferson and J. Alex Halderman, in fact, they're overwhelming. Speaking Thursday afternoon, the two laid out their case against e-voting.
(Read more for more, and look for a video interview with Halderman soon).
Jefferson and Halderman have impressive credentials as analysts and critics of internet voting. Jefferson, a computer scientist at Lawrence Livermore National Laboratory, is chairman of the board of the Verified Voting Foundation, an NGO focused on promoting election integrity, and coauthor of a report that spurred the Department of Defense to withdraw for further consideration its then-plan for online voting, called SERVE, in 2004. Halderman takes a different, hands-on approach, demonstrating (along with his grad students at the University of Michigan) just how polling-station election machines and online voting system can be compromised. "I've probably hacked into and otherwise found vulnerabilities in more polling places than anyone else," he says.
Jefferson and Halderman are careful to define the key element of elections they're trying to expose as unfixably broken: namely, the delivery of completed ballots over the internet, whether that means a web app, email or some other conduit, without a voter-verified paper audit trail. Some kinds of election technology can move from the voting booth to the online world with less risk to the integrity of the election itself — for instance, distribution of blank ballots, or even online voter registration. "This isn't about keeping score of primaries, or gathering information about candidates, but actually voting," said Jefferson. The risk of hacked elections isn't just the possibility of political rivals trying to out-do each other, he said; ultimately, vulnerable election systems compromise national security and ballot secrecy. Even a few hundred votes may suffice to swing a House or Senate race, and that can have cascading consequences for control of elected bodies themselves. "Wherever there's a concentration of votes sufficient to swing a major election, there's a national security concern."
Why assume that election systems can be manipulated? And since paper ballots are not immune to questionable or downright fraudulent counts, why call out the electronic version in particular? In part, he says, because the structure of an electronic voting system is inherently complex, and because it's difficult if not impossible to roll back results if a compromise is suspected. Unlike paper ballots (and in the absence of a paper audit trail backing an electronic voting system), online vote gathering offers no good way to re-count. Jefferson laid out four major and overlapping areas of likely attacks on internet voting systems, any one of which could taint the results of an election.
First, individual voting jurisdictions are vulnerable to attack. (In the U.S., for federal elections, that essentially means counties, totaling more than 7000.) Even in local races, there can be billions of dollars at stake in high-population counties like Cook County or L.A. County. Vendors, both their networks and their source code, are also at risk. Assuming that even best efforts can keep the source code behind the handful of election-system vendors safe is a sucker's bet, Jefferson says. Even large companies with enormous security resources have been hacked, with source code a prime target, as happened to Google and 25 other firms in 2010 in a breach attributed to Chinese operatives. "Who knows if those [online voting software] vendors have already been penetrated? You wouldn't have any idea," said Jefferson.
Even if both local voting authorities and e-voting software vendors were themselves able to deflect all attacks, voters using an online voting system on their home or office PCs would still be at the mercy of the weakest link of the chain — the security of the machines available to them. Targeted malware could be used to present a different set of on-screen options to a voter than it actually sends back to the election counters. Because one of the protections of a secret ballot is to make available to voters proof that they voted but not how they voted, individuals who intended to selected candidate A would have no reason to know their vote was cast for candidate B instead. Malware could also simply vote without user interaction. It may not be election related, but a large fraction of PCs are already infected with some kind of malware, showing how big a problem this could be.
Finally, pure network attacks (or even errors) could disrupt the integrity of an election; exactly that kind of attack brought much of Estonia's online traffic to a halt in May 2007; lucky for Estonians that was not during an election, because Estonia is one of the few countries that has fully adopted online voting. Perhaps more chilling is the brief re-routing in April 2010 of 15 percent of the world's internet traffic through China.
Insecurity on the internet is itself a long-standing problem, so why the fuss? Unlike financial crime, such as credit card fraud, election fraud is hard to detect, and even harder to correct for, in large part because ballot secrecy is key to fair elections.
Voting is different. "Superficially, you'd think the transactions are very similar [to financial transactions], but underneath, all the issues are completely different. The privacy requirements are completely different, for example," says Jefferson. To prevent coerced voting, or simple vote selling, "You're allowed to tell anyone how you voted all you want, but you're not allowed to have proof of how you voted." Rolling back results to investigate suspected breaches is impossible, Jefferson says, without exposing the actual votes of individuals, at the very least to election officials.
Investigating financial crime online is the opposite; there, figuring out exactly who did what and when is the whole point, and the evidence is easy to find: if banking credentials are stolen, he said, "some account will go to zero." But in the case of elections, it's more likely that "the wrong people take office, and life goes on, and it's just never discovered."
And while no election fraud has yet been attributed to it, the trend is growing to institute the version of online voting that Jefferson calls "the worst idea ever" — voting by email. 33 states have modded their voting systems to accept in some cases PDFs of scanned ballots through ordinary e-mail to be entered by election workers. The numbers may be small (typically, this form of voting is limited to overseas voters, and in some cases voters are asked to acknowledge that their vote cannot be kept secret), but this allowance means that "e-mail voting is very widespread in the United States."
While Jefferson works through Verified Voting to influence policy makers to lay out the case against online voting, J. Alex Halderman, in his role as an assistant professor at the University of Michigan, turns theory into reality: he and his students break election systems (devices as well as software) in the U.S. and abroad to show just how easily a malicious attacker could do the same. He offered as an example of several of the ways electronic voting can fail his successful attack on an internet voting plan (see this earlier Slashdot story) that was to have been implemented in 2010 in the District of Columbia. The District had, with Federal grant money, designed an online voting system and already put it nearly into production, and had mailed PINs and voter ID numbers to voters in anticipation.
To D.C.'s credit, Halderman says, the election officials at least asked first for advice from security experts around the country, and invited them to test it in advance of using the system in an actual election, though mere days before the system was to have gone live. "It's not every day you're invited to hack into government computers without the threat of jail hanging over your head," says Halderman, who was attracted to the challenge of investigating the system itself, as well as curiosity about how the D.C. officials would respond to a system compromise.
Though Halderman says the Ruby on Rails-based system was written in "generally clean code," his team discovered a shell injection vulnerability which gave them access to the D.C. system (see his full paper as a PDF for the details), and immediately set about playing.
Web apps tend to be brittle, says Halderman, and D.C.'s was no exception. "App frameworks are written in ways that allow small mistakes to have big consequences," especially when vulnerabilities are often widely disseminated soon after discovery, and not always by white hat hackers like him.
"The first thing we did was steal all the important stuff," he says — credentials, keys, and more. Simply snooping on the data wasn't enough to fully demonstrate the problems in the system, though; the team replaced the information on all of the ballots as well, replacing the actual candidates with ones of their choice, offering up options like Hall 9000, and Bender for school board, and forced client machines to play the University of Michigan's fight song, before erasing the logs that would have allowed their intrusion to be properly analyzed by the system's administrators.
Their attack also led them to gain full access to a terminal server on the same network, and after they'd hacked into this ("using the default password from the owner's manual," Halderman notes) they noticed there was evidence in the logs of other attacks. In particular, some of the attacks appearing to originate in Iran and in China. While Halderman doubts these represent an attack specifically on the DC system voting system, the evidence of such attacks is "an illustration of how vulnerable things are."
Halderman acknowledges that voting in person, especially by electronic means, is far from foolproof, but he joins Jefferson in saying that online voting is categorically worse, and suggests that everyone who takes an interest in security or the mechanics of democratic elections raise the issues of privacy and security. His conclusion and advice for election officials in the U.S.: Voting online is a bad idea, and it simply can't be fixed in the foreseeable future. All the security problems of e-voting machines at polling stations apply directly to internet voting, too, which means that anyone on Earth can attack an online election.
"If my vote is insecure, everyone else who lives under that same government is harmed by that." -
After Complaints, AT&T Solidifies, Increases Data Limit
New submitter rullywowr writes "After many users expressed anger, AT&T has moved the slowdown throttling bottleneck from 3GB of data to 5GB of data for users of 4G LTE smart phones. 'Previously, AT&T slowed speeds for subscribers who reached the top 5% of data users for that billing cycle and geographic location. Customers were outraged, arguing that the percentage method meant they had no way to know what the limit was — until AT&T informed them via text message that they were in danger of exceeding it.' AT&T still maintains the position that less than 5% of its users exceed the 3GB threshold each month." -
NSA Publishes Blueprint For Top Secret Android Phone
mask.of.sanity writes "The National Security Agency has designed a super-secure Android phone from commercial parts, and released the blueprints(Pdf) to the public. The doubly-encrypted phone, dubbed Fishbowl, was designed to be secure enough to handle top secret phone calls yet be as easy to use and cheap to build as commercial handsets. One hundred US government staff are using the phones under a pilot which is part of a wider project to redesign communication platforms used in classified conversations." -
Is Stratfor a "Joke"?
daveschroeder writes with an opinion piece that seems to differ from the usual thinking on the Wikileaks release of Stratfor emails: "Max Fisher writes in The Atlantic: 'The corporate research firm has branded itself as a CIA-like "global intelligence" firm, but only Julian Assange and some over-paying clients are fooled. [...] The group's reputation among foreign policy writers, analysts, and practitioners is poor; they are considered a punchline more often than a source of valuable information or insight. [...] So why do Wikileaks and their hacker source Anonymous seem to consider Stratfor, which appears to do little more than combine banal corporate research with media-style freelance researcher arrangements, to be a cross between CIA and Illuminati? The answer is probably a combination of naivete and desperation.'" -
Controversial Bioethicist Resigns From Celltex
ananyo writes "Bioethicist Glenn McGee has resigned his position as president of ethics and strategic initiatives at the stem-cell firm Celltex Therapeutics in Houston, Texas. Yesterday, Slashdot posted a story that suggested Celltex may have administered unproven treatments to several patients. The move comes at the end of a turbulent three months, which has seen McGee blasted by other bioethicists for working at the controversial stem-cell company while also holding the post of editor-in-chief of the American Journal of Bioethics, the most cited bioethics journal in the world. McGee announced that he had resigned, effective 28 February, on Twitter last night — the move came just two weeks after the 13 February press release by Celltex announcing that he would take the position." -
Photographing Police: Deletion Is Not Forever
Geoffrey.landis writes "The courts have now ruled that the public has the right to videotape the police in the performance of their duties. Of course, that doesn't stop the police from harassing people who do so — even journalists, who sometimes have their cameras confiscated. As it turns out, though, they're not always very knowledgeable about how deletion works. I would say that erasing, or attempting to erase, a video of police arresting somebody illegally (How can a journalist be charged with 'resisting arrest' when he was not being arrested for anything other than resisting arrest?) is a clear case of destruction of evidence by the officers. Destroying evidence is obstruction of justice. That's illegal. Why haven't these police officers been arrested?" -
Sony Ditching Cell Architecture For Next PlayStation?
RogueyWon writes "According to reports in Kotaku and Forbes, Sony is planning to ditch the Cell processor that powered the PlayStation 3 and may be planning to power the console's successor using a more conventional PC-like architecture provided by AMD. In the PS3's early years, Sony was keen to promote the benefits of its Cell processor, but the console's complicated architecture led to many studios complaining that it was difficult to develop for." -
Khan Academy Chooses JavaScript As Intro Language
jfruh writes "Slashdotters (many of whom cut their teeth on much-maligned BASIC) have long debated what language kids should learn programming in. Khan Academy, the wildly popular producer of educational videos, has come up with an unorthodox choice: JavaScript, not least because of its ability to keep kids' attention with something fun and graphical." -
Khan Academy Chooses JavaScript As Intro Language
jfruh writes "Slashdotters (many of whom cut their teeth on much-maligned BASIC) have long debated what language kids should learn programming in. Khan Academy, the wildly popular producer of educational videos, has come up with an unorthodox choice: JavaScript, not least because of its ability to keep kids' attention with something fun and graphical." -
Azure Failure Was a Leap Year Glitch
judgecorp writes "Microsoft's Windows Azure cloud service was down much of yesterday, and the cause was a leap year bug as the service failed to handle the 29th day of February. Faults propagated making this a severe outage for many customers, including the UK Government's recently launched G-cloud service." -
"Irish SOPA" Signed Into Law Despite Resistance
First time accepted submitter cupantae writes "Despite the protests of over 80,000 Irish people, Junior Minister Seán Sherlock has confirmed that the controversial statutory instrument that reinforces online copyright laws in Ireland has been signed into law. The statutory instrument will make it possible for copyright holders to seek court injunctions against companies such as internet service providers or social networks whose systems are hosting copyright-infringing material. This comes in the wake of the music industry bullying the Irish government." -
LightSquared CEO Resigns Amid Appearance of Bribery
New submitter msauve writes "LightSquared, the company who's request to use make use of spectrum in a way likely to interfere with GPS was recently denied, has suffered another setback. CEO Sanjiv Ahuja has now resigned, only a week after a report detailing political contributions and the personal financial interests of Obama and officials in his administration in SkyTerra, the precursor company to LightSquared. Ahuja's one and only contribution to the Democratic Party occurred on the same day he tried to arrange a meeting with Obama administration officials, apparently as part of LightSquared's desire to fast track FCC approval of a change beneficial to the company." -
LightSquared CEO Resigns Amid Appearance of Bribery
New submitter msauve writes "LightSquared, the company who's request to use make use of spectrum in a way likely to interfere with GPS was recently denied, has suffered another setback. CEO Sanjiv Ahuja has now resigned, only a week after a report detailing political contributions and the personal financial interests of Obama and officials in his administration in SkyTerra, the precursor company to LightSquared. Ahuja's one and only contribution to the Democratic Party occurred on the same day he tried to arrange a meeting with Obama administration officials, apparently as part of LightSquared's desire to fast track FCC approval of a change beneficial to the company." -
Microsoft's Azure Cloud Suffers Major Downtime
New submitter dcraid writes with a quote from El Reg: "Microsoft's cloudy platform, Windows Azure, is experiencing a major outage: at the time of writing, its service management system had been down for about seven hours worldwide. A customer described the problem to The Register as an 'admin nightmare' and said they couldn't understand how such an important system could go down. 'This should never happen,' said our source. 'The system should be redundant and outages should be confined to some data centres only.'" The Azure service dashboard has regular updates on the situation. According to their update feed the situation should have been resolved a few hours ago but has instead gotten worse: "We continue to work through the issues that are blocking the restoration of service management for some customers in North Central US, South Central US and North Europe sub-regions. Further updates will be published to keep you apprised of the situation. We apologize for any inconvenience this causes our customers." To be fair, other cloud providers have had similar issues before. -
Microsoft's Azure Cloud Suffers Major Downtime
New submitter dcraid writes with a quote from El Reg: "Microsoft's cloudy platform, Windows Azure, is experiencing a major outage: at the time of writing, its service management system had been down for about seven hours worldwide. A customer described the problem to The Register as an 'admin nightmare' and said they couldn't understand how such an important system could go down. 'This should never happen,' said our source. 'The system should be redundant and outages should be confined to some data centres only.'" The Azure service dashboard has regular updates on the situation. According to their update feed the situation should have been resolved a few hours ago but has instead gotten worse: "We continue to work through the issues that are blocking the restoration of service management for some customers in North Central US, South Central US and North Europe sub-regions. Further updates will be published to keep you apprised of the situation. We apologize for any inconvenience this causes our customers." To be fair, other cloud providers have had similar issues before. -
What The DHS Is Looking For In Your Posts
New submitter lister king of smeg writes "As we all know The Department of Homeland Security monitors social networks,in an attempt to expose 'Items Of Interest.' As it turns out many terms including seemingly benign words such as flu, agent, response, cops drill, etc are on the list of words that set off warning bells for the government spooks. Many of the terms make sense ..., but there are some real stupid ones on the list to like 'social network' ... [according to a] list of key words provided to a DHS contractor that were released by EPIC." -
HP Cuts Staff As WebOS Transitions To Opensource
alphadogg writes "Hewlett-Packard has cut 275 jobs in its webOS group, as part of its strategy to turn the operating system over to the open-source community, according to IDG News Service. HP said last year that it would stop making devices that use the operating system which was developed by Palm for phones and tablets, and later decided to release the software under the Apache License 2.0. As webOS continues the transition to open-source software, HP no longer needs many of the engineering and other related positions that it required before, the company said in a statement. 'This creates a smaller and more nimble team that is well-equipped to deliver an open source webOS and sustain HP's commitment to the software over the long term,' it added." -
Raspberry Pi Now Has Distributors -- and Will Soon Have Boards for All (Video)
In an exclusive Transatlantic Skype conversation with Slashdot editor Timothy Lord recorded on Feb. 22, Raspberry Pi project leader Eben Upton talks about the state of Raspberry Pi, and tells us that yes -- finally -- they now have distributors in the U.S. and other countries instead trying to ship every unit from the U.K. Even better, instead of buying a batch of boards, selling them, and only then ordering another batch, the new distribution agreements mean they can keep a steady flow of orders coming in and going out. One slight downer is that people who have donated to the project may not get their Pi(s) right away; the distributors have spoken for all of the current order. Eben talks about this, and about how Raspberry Pi is going to take care of contributors, starting at about 4:15 in the video. You can also look at an in-person interview Tim did with Eben in January -- or wait until the end of today's video for a list of other Raspberry Pi videos. -
Mars Mission Back In the Cards After Budget Cuts
ananyo writes "NASA has said it will re-design its Mars exploration program, and that the new architecture would include input — and money — from the human program as well as the space technology division. Orlando Figueroa, the former deputy director for space and technology at Goddard Space Flight Center in Greenbelt, Maryland, is to head up a seven or eight person committee, and to start developing mission concepts in the next month. One of those concepts would be a possible $700 million mission launching in 2018. The news offers a grain of comfort to a community still reeling from massive cuts to the Mars program." -
Asus Transformer Drops Quad-core In Favor of Dual-core
MrSeb writes with this news from Extreme Tech: "In a move that will shock and disgust bleeding-edge technophiles everywhere, Asus has announced at Mobile World Congress 2012 that its new Transformer Pads — the high-end Infinity Series — will use the recently-announced dual-core Qualcomm S4 SoC. The critically acclaimed Transformer Prime, the Infinity Series' predecessor which was released at the end of 2011, used the quad-core Nvidia Tegra 3. Why the sudden about-face? Well, the fact that quad-core processors don't really have a use case in mobile devices is one reason — but it doesn't hurt that the Krait cores in the S4 are significantly faster than the four Cortex-A9 cores in the Tegra 3, too. The S4 is also the first 28nm SoC, while Tegra 3 is still on 40nm, which means a smaller and cheaper package, and lower power consumption to boot. The S4 is also the first SoC with built-in LTE, which was probably a rather nice sweetener for Asus." The Snapdragon S4 "Krait" CPU is still a bit shrouded in mystery as far as hard specs (Qualcomm has never been one to release docs), but it appears to be similar to the Cortex-A15 in performance; how they stand up to Intel's new Medfield designs remains to be seen. -
Spanish Company Tests 'Right To Be Forgotten' Against Google
suraj.sun writes with an excerpt from an article over at Ars Technica: "Los Alfaques, a bucolic campground near the Spanish town of Tarragona, isn't happy with Google. That's because searches for 'camping Alfaques' bring up horrific images of charred human flesh — not good for business when you're trying to sell people on the idea of relaxation. The campground believes it has the right to demand that Google stop showing 'negative' links, even though the links aren't mistakes at all. Are such lawsuits an aberration, or the future of Europe's Internet experience in the wake of its new 'right to be forgotten' proposals? Legal scholars like Jeffrey Rosen remain skeptical that such a right won't lead to all sorts of problems for free expression. But in Spain, the debate continues. Last week, Los Alfaques lost its case — but only because it needed to sue (U.S.-based) Google directly. Mario Gianni, the owner of Los Alfaques, is currently deciding whether such a suit is worth pursuing." -
Publisher Pulls Supports; 'Research Works Act' Killed
crabel writes "It appears the dreaded Research Works Act is dead. The bill would have prevented agencies of the federal government from requiring public access to federally subsidized research. After Elsevier pulled its support, it was decided that no legislative action will be taken on the bill." A glimmer of hope as well: "Meanwhile, attention has shifted to another proposed bill: the reintroduced Federal Research Public Access Act, which would require public access." Elsevier has vowed to battle it, however. -
Police Find Apple Branded Stoves In China
An anonymous reader writes "Just when you thought the Apple knockoff trade in China couldn't get any more ridiculous, Chinese Police recently seized 681 "Apple iPhone" branded gas stoves in the city of Wuhan. Yep, that's right, some folks are peddling gas grills and are trying to made the product more appealing by stamping an Apple logo alongside the 'iPhone' moniker on the front." -
RapidShare Fighting Piracy By Slowing Download Speeds
An anonymous reader writes "File hosting sites have been under increased pressure since the shutdown of Megaupload — both from law enforcement and from the sudden influx of new users. RapidShare, already dealing with a reputation as a facilitator of piracy, has now instituted a policy they hope will drive pirates away: download speed caps for its free service. According to TorrentFreak, 'RapidShare says that there is a direct link between free users of file-hosting services and copyright infringement. Those who like to pirate prefer not to pay, the company believes, not least because they want to avoid connecting their personal payment details to a copyright-infringing cyberlocker account. Now, there will be those who say that however RapidShare dress it up, the company will be aware that the restrictions will drive users to their premium services to get better speeds. But interestingly RapidShare is now offering ways for users to get faster download speeds without paying a dime — providing those uploading the original files they’re trying to access do some work.'" -
EFF Wins Protection For Time Zone Database
First time accepted submitter TempestRose writes "The trials and tribulations of the time zone database sued by an astrology software company are finally over. From the article: 'The Electronic Frontier Foundation (EFF) is pleased to announce that a copyright lawsuit threatening an important database of time zone information has been dismissed. The astrology software company that filed the lawsuit, Astrolabe, has also apologized and agreed to a 'covenant not to sue' going forward, which will help protect the database from future baseless legal actions and disruptions.'" -
Gates Foundation Makes Progress On Reinvented Toilets
Julie188 writes "Last summer the Bill and Melinda Gates Foundation pledged to spend millions to reinvent the toilet. That investment has born fruit with teams from around the world coming up with many different ways to turn human waste into energy." -
Faulty Cable To Blame For Superluminal Neutrino Results
smolloy writes "It would appear that the hotly debated faster-than-light neutrino observation at CERN is the result of a fault in the connection between a GPS unit and a computer. This connection was used to correct for time delays in the neutrino flight, and after fixing the correction the researchers have found that the time discrepancy appears to have vanished."