Slashdot Mirror

Nerval's Lobster writes "Twitter is plunging into the online music game. Twitter Music (or "Twitter #music," in the company's own rendering) uses Twitter activity such as Tweets and engagement "to detect and surface the most popular tracks and emerging artists," according to an April 18 posting on Twitter's official blog. Songs on the app derive from three sources: iTunes, Spotify, or Rdio. And yes, Twitter is big, but its victory is by no means assured: other IT giants have entered the same market only to watch highly-publicized projects wither away, doomed by some combination of audience apathy and implementation issues. Take Apple's Ping, for example: launched in September 2010 as part of an iTunes update, the ambitious social-networking and music-recommendation engine immediately ran into a number of problems, including a lack of Facebook integration (despite Steve Jobs' assurances to the contrary) and widespread reports of spam and fake accounts. Can Twitter's effort stand out, or will it just be lost in all the noise?"

PerformanceDude writes "Bitfloor (a New York-based online exchange for Bitcoin) yesterday made the following announcement on their website: I am sorry to announce that due to circumstances outside of our control BitFloor must cease all trading operations indefinitely. Unfortunately, our US bank account is scheduled to be closed and we can no longer provide the same level of USD deposits and withdrawals as we have in the past. As such, I have made the decision to halt operations and return all funds. Over the next days we will be working with all clients to ensure that everyone receives their funds. Please be patient as we process your request. Roman — bitfloor.com" According to the company's Twitter account, money should be returned to users' bank accounts shortly.

An anonymous reader sent in word that the Obama administration is threatening to veto CISPA in its current form because "The Administration, however, remains concerned that the bill does not require private entities to take reasonable steps to remove irrelevant personal information (PDF) when sending cybersecurity data to the government or other private sector entities. Citizens have a right to know that corporations will be held accountable — and not granted immunity — for failing to safeguard personal information adequately. The Administration is committed to working with all stakeholders to find a workable solution to this challenge." Ars has a few more details, the EFF urges U.S. citizens to oppose the bill, and one of the sponsors tweeted that those opposed to the bill are basement dwelling fourteen-year-olds. Note that the Administration still wants there to be some kind of comprehensive data sharing law in the name of cybersecurity, so this may very well rear its head again in the coming months.

Sez Zero writes "The Federal Aviation Administration said American Airlines requested a halt to hundreds of its U.S. flights on Tuesday as it works to resolve a reservation system problem. American Airlines explained on their Twitter feed they had a problem accessing their reservation system. Bad day to be on the AA ops team."

Reports are coming in that the headquarters at the Boston Marathon have been locked down after two explosions were reported near the finish line. According to reports "dozens of people have been seriously injured." CNN has live coverage. Google has a Person Finder up for Boston.
Update: The Boston Police Dept. says 2 people have died and 23 are injured. News conference scheduled for 4:30 ET.

benrothke writes "When I first heard about the book The Death of the Internet, it had all the trappings of a second-rate book; a histrionic title and the fact that it had nearly 50 contributors. I have seen far too many books that are pasted together by myriad disparate authors, creating a jerry-rigged book with an ISBN, but little value or substance. The only negative thing about the book is the over the top title, which I think detracts from the important message that is pervasive in it. Other than that, the book is a fascinating read. Editor Markus Jakobsson (Principal Scientist for Consumer Security at PayPal) was able to take the collected wisdom from a large cross-section of expert researchers and engineers, from different countries and nationalities, academic and corporate environments, and create an invaluable and unique reference." Read below for the rest of Ben's review. The Death of the Internet author Markus Jakobsson pages 392 publisher Wiley-IEEE Computer Society Press rating 9/10 reviewer benrothke ISBN 978-1118062418 summary Excellent reference on current Internet security threats The premise of the book is that the Internet is a cesspool of inefficient management and vulnerabilities that threaten to undermine its use.

In the preface, Jakobsson asks the obvious question: is the title a joke? He writes that ultimately, if the Internet can't be secured, and that the underlying amount of crime and fraud make the Internet useless and dangerous, then it indeed will lead to the tipping point where the result would be the death of the Internet. Where is that point? Nobody knows.

Chapter 1 observes that if a hostile country or organization wants to hurt us, they may find that the easiest way of doing so is by attacking the Internet, and our very dependence on the Internet invites attacks. We are more vulnerable to these attacks as our dependence on the Internet grows.

Chapter 3 provides an in-depth look at how criminals profit off the Internet and provides an intriguing overview of how click fraud works. While the click fraud rate at one point was as high as 30%, it is still in the range of 20%. The book notes that while the overall click fraud rate has been on the decline, there is the emergence of new schemes and those that focus on display ads. The click fraud schemes are so effective that the fraudsters are operating large scale automated attacks in a way that is difficult for the ad networks to distinguish between fraudulent and real clicks, thus producing high revenue for the fraudsters.

The chapter also provides an interesting look at the malware industry. It notes that malware development and distribution is highly organized and controlled by criminal groups that have formalized and implemented business models to automate cybercrime. The authors detail the interaction between the various components in a typical cybercrime business model, in which individual groups of criminals coordinate their efforts. The outcome is a product known as CaaS – crimeware as a service.

Many have often called the Internet the Wild West. Chapter 4 details the Internet infrastructure and cloud, in which the amorphous cloud images may help fuel the false perception that the Internet is a lawless and unaccountable entity that exists beyond policy. The book notes that what is breaking the Internet is not lack of policy, but lack of enforcement and accountability. Internet criminals appears to exists outside the policy structure when the reality is that they are embedded in it and their livelihood in fact depends on the Internet functioning regularly, quickly and efficiently.

While much of the book is focused on cybercrime and fraud, the book also points fingers at ICANN (Internet Corporation for Assigned Names and Numbers) for in some ways facilitating this Internet crime wave. ICANN is the organization that coordinates the Domain Name System (DNS), Internet Protocol (IP) addresses, space allocation, protocol identifier assignment, generic (gTLD) and country code (ccTLD) Top-Level Domain name system management, and root server system management functions. Their premise is that ICANN is more interested in generating revenue and profits than in security.

Due to systemic failures, cybercriminals often hide behind false WHOIS information held by Registrars who do not perform adequate due diligence or enforcement. This is primarily due to the fact that the more domain names that are sold create more revenue for the Registrars. Chapter 4 notes that this weak oversight by ICANN is also one of the biggest threats to the stability of the Internet. The chapter quotes a Godaddy executive who stated that proactive measures to make Internet registries more accurate would not be affordable or useful.

The book provides an analysis of social spam, which has become more pervasive with the emergence of Web 2.0. People are sharing vast amounts of personal data that opens them to these spam attacks. Since the defining characteristic of Web 2.0 is its social nature, it encourages people to share information, collaborate and form social links. These features of social media have the implication that they create a large network of connections between users and content that is controlled almost entirely by the users. This places great power in the hands of well-intentioned users to engage with others and express themselves. But it also provides an opportunity for spammers to exploit the social web for their own interests. As a result, social web applications have become tempting targets for spam and other forms of Internet pollution.

Another fascinating observation around Web 2.0 is that the authors were able to perform use analysis, in which they were able to identify pieces of information about the users which are not necessarily shared directly by their profiles. Items such as sleeping patterns, daily routines, physical locations, and much more are able to be extracted via metadata and other external analysis.

By the time one gets to chapter 5, they have read 200 pages detailing the problems with security and privacy around the Internet core. Exacerbating this is the role of the end user where the chapter notes that if people are offered the choice of convenience or security, then security will lose. The average Internet user is more lazy than security aware; not at all an encouraging observation.

Chapter 7 details one of the banes that have plagued information security; poor user interfaces. It details the four sins of security application user interfaces: popup assault, security by verbosity, walls of checkboxes and all or nothing switches. The book is worth purchasing just for this section.

The book ends with some thoughts for the future, but there is no magic wand or quick happy endings that Jakobsson and his band of ultra-smart contributors offer. Throughout the book, the contributors do though write how there are ways to secure the Internet, but those take thorough and comprehensive strategies and design. There are countermeasures for most of the threats and vulnerabilities detailed and the book provides an unparalleled view of the current state of Internet security.

Situational awarenessis defined as the perception of environmental elements with respect to time and/or space, the comprehension of their meaning, and the projection of their status after some variable has changed. For those looking for a book to gain situation awareness about the dangers of the Internet, one is hard pressed to find a better title than The Death of the Internet.

Reviewed by Ben Rothke.

You can purchase The Death of the Internet from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "When I first heard about the book The Death of the Internet, it had all the trappings of a second-rate book; a histrionic title and the fact that it had nearly 50 contributors. I have seen far too many books that are pasted together by myriad disparate authors, creating a jerry-rigged book with an ISBN, but little value or substance. The only negative thing about the book is the over the top title, which I think detracts from the important message that is pervasive in it. Other than that, the book is a fascinating read. Editor Markus Jakobsson (Principal Scientist for Consumer Security at PayPal) was able to take the collected wisdom from a large cross-section of expert researchers and engineers, from different countries and nationalities, academic and corporate environments, and create an invaluable and unique reference." Read below for the rest of Ben's review. The Death of the Internet author Markus Jakobsson pages 392 publisher Wiley-IEEE Computer Society Press rating 9/10 reviewer benrothke ISBN 978-1118062418 summary Excellent reference on current Internet security threats The premise of the book is that the Internet is a cesspool of inefficient management and vulnerabilities that threaten to undermine its use.

In the preface, Jakobsson asks the obvious question: is the title a joke? He writes that ultimately, if the Internet can't be secured, and that the underlying amount of crime and fraud make the Internet useless and dangerous, then it indeed will lead to the tipping point where the result would be the death of the Internet. Where is that point? Nobody knows.

Chapter 1 observes that if a hostile country or organization wants to hurt us, they may find that the easiest way of doing so is by attacking the Internet, and our very dependence on the Internet invites attacks. We are more vulnerable to these attacks as our dependence on the Internet grows.

Chapter 3 provides an in-depth look at how criminals profit off the Internet and provides an intriguing overview of how click fraud works. While the click fraud rate at one point was as high as 30%, it is still in the range of 20%. The book notes that while the overall click fraud rate has been on the decline, there is the emergence of new schemes and those that focus on display ads. The click fraud schemes are so effective that the fraudsters are operating large scale automated attacks in a way that is difficult for the ad networks to distinguish between fraudulent and real clicks, thus producing high revenue for the fraudsters.

The chapter also provides an interesting look at the malware industry. It notes that malware development and distribution is highly organized and controlled by criminal groups that have formalized and implemented business models to automate cybercrime. The authors detail the interaction between the various components in a typical cybercrime business model, in which individual groups of criminals coordinate their efforts. The outcome is a product known as CaaS – crimeware as a service.

Many have often called the Internet the Wild West. Chapter 4 details the Internet infrastructure and cloud, in which the amorphous cloud images may help fuel the false perception that the Internet is a lawless and unaccountable entity that exists beyond policy. The book notes that what is breaking the Internet is not lack of policy, but lack of enforcement and accountability. Internet criminals appears to exists outside the policy structure when the reality is that they are embedded in it and their livelihood in fact depends on the Internet functioning regularly, quickly and efficiently.

While much of the book is focused on cybercrime and fraud, the book also points fingers at ICANN (Internet Corporation for Assigned Names and Numbers) for in some ways facilitating this Internet crime wave. ICANN is the organization that coordinates the Domain Name System (DNS), Internet Protocol (IP) addresses, space allocation, protocol identifier assignment, generic (gTLD) and country code (ccTLD) Top-Level Domain name system management, and root server system management functions. Their premise is that ICANN is more interested in generating revenue and profits than in security.

Due to systemic failures, cybercriminals often hide behind false WHOIS information held by Registrars who do not perform adequate due diligence or enforcement. This is primarily due to the fact that the more domain names that are sold create more revenue for the Registrars. Chapter 4 notes that this weak oversight by ICANN is also one of the biggest threats to the stability of the Internet. The chapter quotes a Godaddy executive who stated that proactive measures to make Internet registries more accurate would not be affordable or useful.

The book provides an analysis of social spam, which has become more pervasive with the emergence of Web 2.0. People are sharing vast amounts of personal data that opens them to these spam attacks. Since the defining characteristic of Web 2.0 is its social nature, it encourages people to share information, collaborate and form social links. These features of social media have the implication that they create a large network of connections between users and content that is controlled almost entirely by the users. This places great power in the hands of well-intentioned users to engage with others and express themselves. But it also provides an opportunity for spammers to exploit the social web for their own interests. As a result, social web applications have become tempting targets for spam and other forms of Internet pollution.

Another fascinating observation around Web 2.0 is that the authors were able to perform use analysis, in which they were able to identify pieces of information about the users which are not necessarily shared directly by their profiles. Items such as sleeping patterns, daily routines, physical locations, and much more are able to be extracted via metadata and other external analysis.

By the time one gets to chapter 5, they have read 200 pages detailing the problems with security and privacy around the Internet core. Exacerbating this is the role of the end user where the chapter notes that if people are offered the choice of convenience or security, then security will lose. The average Internet user is more lazy than security aware; not at all an encouraging observation.

Chapter 7 details one of the banes that have plagued information security; poor user interfaces. It details the four sins of security application user interfaces: popup assault, security by verbosity, walls of checkboxes and all or nothing switches. The book is worth purchasing just for this section.

The book ends with some thoughts for the future, but there is no magic wand or quick happy endings that Jakobsson and his band of ultra-smart contributors offer. Throughout the book, the contributors do though write how there are ways to secure the Internet, but those take thorough and comprehensive strategies and design. There are countermeasures for most of the threats and vulnerabilities detailed and the book provides an unparalleled view of the current state of Internet security.

Situational awarenessis defined as the perception of environmental elements with respect to time and/or space, the comprehension of their meaning, and the projection of their status after some variable has changed. For those looking for a book to gain situation awareness about the dangers of the Internet, one is hard pressed to find a better title than The Death of the Internet.

Reviewed by Ben Rothke.

You can purchase The Death of the Internet from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

An anonymous reader writes "The NY Times reports that Twitter will soon launch a new music recommendation system for users of its service. The company teased the new feature and directed queries to announcement that We Are Hunted, a company focused on music recommendation through social media, would be shutting down and joining the Twitter team. 'Recommendations based on social media interactions have become common throughout digital media for things like restaurants and shopping. Many online music services offer these features as well. Spotify, for example, can broadcast its users' playlists through Facebook. Twitter's advantage, in addition to its size, may lie in the devotion of its customers. "Music is one of the most tweeted topics," said Ted Cohen, a former label executive who is now a consultant to digital music companies. "Discovery is critical to the growth of music, and the new gatekeeper is recommendations from trusted sources."' Oddly, those 'trusted sources' seem to be celebrities with Twitter accounts at the moment, as the system is currently invite-only and restricted to 'influencers.'"

tsamsoniw writes "Hoping to strike a blow against sexism in the tech industry , developer and tech evangelist Adria Richards took to Twitter to complain about two male developers swapping purportedly offensive jokes at PyCon. The decision has set into motion a chain of events that illustrate the impact a tweet or two can make in this age of social networking: One the developers and Richards have since lost their jobs, and even the chair of PyCon has been harassed for his minor role in the incident."

In 2010, querying a public AT&T database yielded over 114,000 email address for iPad owners who were subscribed to the carrier. One of the people who found these emails, Andrew 'weev' Auernheimer, sent them to a news site to publicize AT&T's security flaw. He later ended up in court for his actions. Auernheimer was found guilty, and today he was sentenced to 41 months in prison. 'Following his release from prison, Auernheimer will be subject to three years of supervised release. Auernheimer and co-defendant Daniel Spitler were also ordered to pay $73,000 in restitution to AT&T. (Spitler pled guilty in 2011.) The pre-sentencing report prepared by prosecutors recommended four years in federal prison for Auernheimer.' A journalist watching the sentencing said, 'I felt like I was watching a witch trial as prosecutors admitted they didn't understand computers.'

Daniel_Stuckey writes in with an Afghanistan media success story. "I met Orner at South by Southwest, where she was hustling her latest film, The Network. The Network features a brighter side of Afghanistan's brighter side: the story of its television revolution. In Orner's opinion, it's a narrative that runs contrary to our common conceptions of a country that has spent decades in a state of war and instability. She followed Saad Mohseni, a media guru and founder of Afghan media firm Moby Group, who is credited for jump starting the nation's media transformation. Sometimes referred to as the Rupert Murdoch of Afghanistan, Mohseni, an Afghan expat and entrepreneur, explains how he and his siblings returned to Kabul from Australia in 2001, amidst the war shifting into gear. First, they launched a radio station, and by 2004 they'd shifted to television with Tolo TV, quickly turning Moby Group into the largest media conglomerate in the nation."

First time accepted submitter kdogg73 writes "Jens Bergensten and the Mojang team have released the latest version of Minecraft — version 1.5, dubbed 'Redstone.' Changes and updates include an added redstone comparator, redstone block, hoppers and droppers, light and weight sensors, Herobrine removal, and many bug fixes. Videos detailing the changes and new redstone devices already litter YouTube."

Daniel_Stuckey writes "In politics, health, and academia, there are plenty of detractors that say daylight saving might not be worth saving. One vocal opponent is Missouri State Representative Delus Johnson, who wants to end the watch and clock switchery altogether. In short, he says we should spring forward this one last time, without ever falling back. He wants Missouri – and other states willing to join a pact – to permanently adopt daylight saving time and call it Standard Time. He's sure that it'll increase economic development in the later part of the year; giving people a little more daylight to do their Black Friday shopping. Matthew J. Kotchen and Laura E. Grant at the National Bureau of Economic Research have argued that DST has had adverse effects on energy spending. They calculate some extra $10-16 million spent by Indiana due to time changes. Their research concluded it's probably a much bigger loss in other states. A year ago, Motherboard's Kelly Bourdet reported on a health study that concluded DST might actually kill you. Chances of heart-attack were stated to increase by 10 percent on the days following the spring change, and to decrease by 10% after gaining the hour in the fall." There's even a We The People petition about it.

Sabbetus writes "Bitcoin tops its previous all-time high of $31.91 and in doing so it proves to be quite a resilient virtual currency. To the supporters of Bitcoin this does not come as a surprise, since we have seen the likes of WordPress, Reddit and Mega embrace it. Recently Namecheap also confirmed that they will start accepting bitcoins. The new record price was reached on the same day that Mt. Gox, the world's largest Bitcoin exchange, reached an agreement with CoinLab to manage the exchange's operations in the U.S. and Canada." A far cry from the end of 2011.

New submitter jollyrgr3 writes "If William Shatner gets his wish, one of Pluto's two new moons will be named Vulcan. The two small moons were discovered recently, and the SETI Institute launched an online poll to let people choose names. Captain Kirk himself suggested the names Vulcan and Romulus. Vulcan was accepted as a candidate, and Shatner exhorted his Twitter followers to vote. Vulcan ended up winning by a landslide, taking 174,000 of the 450,000 total responses. The next highest was Cerberus at just shy of 100,000. The names still have to be approved by the International Astronomical Union, as they have the final say. Leonard Nimoy approves."

New submitter jollyrgr3 writes "If William Shatner gets his wish, one of Pluto's two new moons will be named Vulcan. The two small moons were discovered recently, and the SETI Institute launched an online poll to let people choose names. Captain Kirk himself suggested the names Vulcan and Romulus. Vulcan was accepted as a candidate, and Shatner exhorted his Twitter followers to vote. Vulcan ended up winning by a landslide, taking 174,000 of the 450,000 total responses. The next highest was Cerberus at just shy of 100,000. The names still have to be approved by the International Astronomical Union, as they have the final say. Leonard Nimoy approves."

New submitter jollyrgr3 writes "If William Shatner gets his wish, one of Pluto's two new moons will be named Vulcan. The two small moons were discovered recently, and the SETI Institute launched an online poll to let people choose names. Captain Kirk himself suggested the names Vulcan and Romulus. Vulcan was accepted as a candidate, and Shatner exhorted his Twitter followers to vote. Vulcan ended up winning by a landslide, taking 174,000 of the 450,000 total responses. The next highest was Cerberus at just shy of 100,000. The names still have to be approved by the International Astronomical Union, as they have the final say. Leonard Nimoy approves."

An anonymous reader writes "Stanford researcher Jonathan Mayer has contributed a Firefox patch that will block third-party cookies by default. It's now on track to land in version 22. Kudos to Mozilla for protecting their users and being so open to community submissions. The initial response from the online advertising industry is unsurprisingly hostile and blustering, calling the move 'a nuclear first strike.'"

Z80xxc! writes "The White House Office of Science and Technology Policy announced a "policy memorandum" today requiring any federal agency with over $100 million in R&D expenditures each year to develop plans for making all research funded by that agency freely available to the public within one year of publication in any peer-reviewed scholarly journal. The full memorandum is available on the White House website. It appears that this policy would not only apply to federal agencies conducting research, but also to any university, private corporation, or other entity conducting research that arises from federal funding. For those in academia and the public at large, this is a huge step towards free open access to publicly funded research." Edward Tufte calls the move timid and unimaginative, linking to a Verge article that explains that it's not quite as sweeping as the summary above sounds.

snydeq writes "Apple was recently attacked by hackers who infected the Macintosh computers of some employees, the company said on Tuesday in an unprecedented disclosure that described the widest known cyber attacks against Apple-made computers to date, Reuters reports. 'The same software, which infected Macs by exploiting a flaw in a version of Oracle Corp's Java software used as a plug-in on Web browsers, was used to launch attacks against Facebook, which the social network disclosed on Friday. ... A person briefed on the investigation into the attacks said that hundreds of companies, including defense contractors, had been infected with the same malicious software, or malware. The attacks mark the highest-profile cyber attacks to date on businesses running Mac computers.'"

Update: 02/19 20:49 GMT by S : The story below has been retracted upon further examination of the research. There has been no detection of radioactivity.
gbrumfiel writes "A global network of sensors has picked up faint traces of radioactive gas that probably seeped from last week's underground nuclear test by North Korea. The detection of xenon-133 in Japan and Russia provides further evidence of the nuclear nature of the test, but offers no hint as to the type of weapon used. Atmospheric modelling by the Central Institute for Meteorology and Geodynamics in Vienna shows that the gas likely seeped from North Korea's test site on 15 February, three days after the original test. That indicates that the test was well sealed deep underground."

hypnosec writes "Kevin Mitnick, who was one of the most wanted computer hacker in the US at one time, is now heading a security consultancy firm – Mitnick Security Consulting, and is entrusted with the task of securing Sunday's presidential elections in Ecuador. Mitnick tweeted, '18 years ago I was busted for hacking. I do the same thing today but with full authorization. How cool is that?' His company will focus on protecting the Net Lock computer system tasked with tabulating Ecuador's elections."

An anonymous reader writes "Kim Dotcom knows how to stir up a storm on Twitter. On Saturday, he announced Bitcoin support for his cloud storage service and also sent out a slew of tweets suggesting Mega is going to become much more than just the successor to Megaupload."

snydeq writes "Microsoft's release of Office 2013 represents the latest in a series of makeover moves, this time aimed at shifting use of its bedrock productivity suite to the cloud. Early hands-on testing suggests Office 2013 is the 'best Office yet,' bringing excellent cloud features and pay-as-you-go pricing to Office. But Microsoft's new vision for remaining nimble in the cloud era comes with some questions, such as what happens when your subscription expires, not to mention some gray areas around inevitable employee use of Office 2013 Home Premium in business settings." Zordak points to coverage of the new Office model at CNN Money, and says "More interesting than the article itself is the comments. The article closes by asking 'Will you [pay up]?' The consensus in the comments is a resounding 'NO,' with frequent mentions of the suitability of OpenOffice for home productivity." Also at SlashCloud.

Nerval's Lobster writes "All your Tweets are belong to us... with a court order. Twitter's second transparency report reinforces what many already know: governments want online user data, and to yank select content from the Internet. Twitter's first two transparency reports cover the entirety of 2012, so there's not a deep historical record to mine for insight. Nonetheless, that year's worth of data shows all types of government inquiry—information requests, removal requests, and copyright notices—either on the increase or holding relatively steady. Governments requested user information from Twitter some 1,009 times in the second half of 2012, up slightly from 849 requests in the first half of that year. Content-removal requests spiked from 6 in the first half of 2012 to 42 in the second. Meanwhile, copyright notices declined a bit, from 3378 in the first half of 2012 to 3268 in the second."

benrothke writes "In its first week, Going Clear: Scientology, Hollywood, and the Prison of Belief was #3 on the New York Times Best Sellers list and will likely be #1 soon. The fact that the book is in print is somewhat miraculous given the voracious appetite Scientology has for litigation. It is the first time that such an expose could have been written and found such wide-scale reading. An interesting analysis of this fact is found in Why the Media Is No Longer Afraid of Scientology by Kim Masters. But as mesmerizing an expose as the book is, I doubt that this will be more than a speed bump to Scientology's growth and fund raising." Keep reading to be clear about what Ben has to say. Going Clear: Scientology, Hollywood, and the Prison of Belief author Lawrence Wright pages 448 publisher Knopf rating 10/10 reviewer Ben Rothke ISBN 978-0307700667 summary Compelling and engrossing book, thoroughly researched and extensively fact checked Scientology has long called anyone who has written against them as having a vendetta. It calls former adherents heretics with a vendetta. But after such hyperbole, it is illogical and questionable that Pulitzer Prize winning author Lawrence Wright would risk a distinguished career to write an expose simply based on those with a vendetta. But to cover all bases, including those of litigation, the books nearly 50 pages of notes puts Wright and his publisher in a strongly defensible position in case the church decided to litigate.

Wright is aware of the dangers of writing against the church, as he details the story of Paulette Cooper. Cooper, whose 1971 book The Scandal of Scientology, was sued nearly 20 times by the church and harassed for years due to its contents. The book details that an FBI raid a few years later found a Scientology file about Operation Freakout, which had the purpose of getting Cooper in a mental institution or jail.

The book places Church President David Miscavige is a negative light (over 20 people in the book accuse him of abuse, including being kicked, punched, slapped, choked and more). Karin Pouw, a Scientology spokeswoman states that details about Miscavige are false and defamatory.

The church created a web site for what it believes are errors in the book. While Wright is short on drama, the web site hyperbolically states that the book is "so ludicrous it belongs in a supermarket tabloid". The web site states that British publishers have chosen not to print it "which speaks volumes about their confidence in its factual accuracy". The truth is that British libel laws are so onerous and archaic, that publishers are reticent to publish such a work. While it might not be published in the UK, it is easily available via the Amazon UK web site.

In Going Clear, Wright has created a fair and balanced overview (if such a thing is actually possible) about Scientology. The book has interview material and facts from over 200 current and former members of the Church of Scientology, and takes a historical look of its history, and that of its founder L. Ron Hubbard and successor, current President David Miscavige.

In the introduction, Wright notes that he was drawn to write the book by the questions that many people have about Scientology; such as: what is it that make the religion so alluring? What do its adherents get out of it? Why do popular personalities associate themselves with a faith that is likely to create a kind of public relations martyrdom? He notes that these questions are not unique to Scientology, but that they certainly underscore its story.

As 372 pages covering 3 parts and 11 chapters, Wright is a mesmerizing author that creates a non-fiction spellbinding page-turner. The 4 main characters of the book are Hubbard, Miscavige and actors Tom Cruise and John Travolta.

In chapter 2, the book details the many discrepancies between the legend of L. Ron Hubbard and fact. While Scientologist's may think that Wright has a vengeance against the group, he writes that it is a fact that Hubbard was genuinely a fascinating man. He writes that Hubbard was an explorer, best-selling author and the founder of a worldwide religious movement. At the same time, Wright's research found that the truth is counter to some of the postulated facts about Hubbard's naval career, his miraculous recovery from wartime injuries and overall naval accomplishments.

As to the manipulation of facts, in the final pages of the book, Wrights notes some of Hubbard's medical records do not corroborate his version of the actual events. Some of the naval medals that Hubbard supposedly won were not created until after Hubbard left active service. The supposed Purple Heart medal for being wounded while serving on duty that Hubbard claimed to receive was also different from the Purple Heart medals given out at the time.

In Dianetics: The Modern Science of Mental Health, Hubbard specifically names psychotherapy as being dangerous and impractical. Hubbard felt that other methods of mental science are based on principles that are opposed to the principles of Scientology, and Hubbard had an anathema of psychiatry and psychology until his dying day.

Wright observes that Dianetics arrived at a moment when the aftershocks of World War 2 were still being felt. And that behind the exhilarations of victory, there was immense trauma for millions of Americans. With Dianetics, Hubbard offered a do-it-yourself manual to that claimed to demystify the secrets of the human mind and produce guaranteed results, for free, and that was bound to attract a large audience.

Wright notes that given Hubbard's biography, it would be easy to dismiss Hubbard as a fraud. But that would fail to explain his total absorption in his project. Hubbard would spend the rest of his life elaborating his theory and obsessively construct the intricate bureaucracy design to spread and enshrine his understanding of human behavior.

Wright notes that for all of Hubbard's enormous wealth, he spent much of his time in his ship cabin alone, auditing himself with an E-Meter (the electronic device used Scientology auditing sessions) and developing his spiritual technology. Wright rhetorically notes that while Hubbard may have been grandiose and delusional, if Hubbard was a fraud and a con, why would he bother creating such a system?

As objective as Wright is, he takes no quarter when he details Scientology's approach to children. Hubbard viewed children as adults in small bodies. While they were physically small, Hubbard felt that they were responsible for their own behavior. Young children would be sentenced to virtual prisons for weeks, for minor infractions such as messing up an incoming telex.

In Scientology parlance, such an individual was a suppressive person. One young girl, who was deaf and mute was placed in a locker for a week because Hubbard thought it might cure her deafness.

A large part of the book deals with celebrities and how Scientology sees celebrities as a boon to the church. Wrights notes that Scientology orients itself toward celebrities and by doing so, the church awards famousness a spiritual value. People who seek fame in the entertainment industry will gravitate to Hollywood, where the Scientology Celebrity Center is waiting for them, validating their ambitions and promising a recruits a way in. The church has long pursued a marketing strategy that relies on celebrity endorsements to promote the religion.

Some celebrities prominent in the book are Paul Haggis, Travolta, Nancy Cartwright (famous for being the voice of Bart Simpson) and Tom Cruise. Haggis is an ex-Scientologist, recently leaving the church after nearly 40 years, who is interviewed in the book.

Wright is highly critical of Cruise, who he notes that probably no member of the church derives as much material benefit as Cruise does. Cruise then consequently bears a moral responsibility for the myriad indignities (which the book points out in great detail) inflicted on members of the Sea Organization (a unit of the Church, encompassing its most dedicated members), sometimes directly because of his membership.

Wright concludes with the notion that Scientology wants to be understood as a scientific approach to spiritual enlightenment, but has no grounding in science at all. Serious academic study of the church has to date been constrained by the church's vindictive and litigious reputation. Researchers and academics are terrified by Scientology and reluctant to direct their research into the church. The book observes that compared with other religions, the published literature on Scientology is improvised and clouded by bogus assertions.

In Going Clear: Scientology, Hollywood, and the Prison of Belief, Wright has composed a bombshell of an expose. This is a compelling and engrossing book, thoroughly researched and extensively fact checked. The book is a perfect read for a long flight as it is riveting and fascinating. Wright has a unique ability to keep the narrative flowing and interesting.

But with all that, it is not a Silent Spring, which 50 years ago helped launch the environmental movement. Had the book come out 20 years ago, it is likely that lawsuits from the church would have prevented its release until today. Yet the passive public has a short memory and Scientology has believers that sign billion year contracts with the church. As salacious as every page of this book is, one is hard-pressed to envision the church of Scientology contracting or being hurt in any way by this book.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Going Clear: Scientology, Hollywood, and the Prison of Belief from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

benrothke writes "In its first week, Going Clear: Scientology, Hollywood, and the Prison of Belief was #3 on the New York Times Best Sellers list and will likely be #1 soon. The fact that the book is in print is somewhat miraculous given the voracious appetite Scientology has for litigation. It is the first time that such an expose could have been written and found such wide-scale reading. An interesting analysis of this fact is found in Why the Media Is No Longer Afraid of Scientology by Kim Masters. But as mesmerizing an expose as the book is, I doubt that this will be more than a speed bump to Scientology's growth and fund raising." Keep reading to be clear about what Ben has to say. Going Clear: Scientology, Hollywood, and the Prison of Belief author Lawrence Wright pages 448 publisher Knopf rating 10/10 reviewer Ben Rothke ISBN 978-0307700667 summary Compelling and engrossing book, thoroughly researched and extensively fact checked Scientology has long called anyone who has written against them as having a vendetta. It calls former adherents heretics with a vendetta. But after such hyperbole, it is illogical and questionable that Pulitzer Prize winning author Lawrence Wright would risk a distinguished career to write an expose simply based on those with a vendetta. But to cover all bases, including those of litigation, the books nearly 50 pages of notes puts Wright and his publisher in a strongly defensible position in case the church decided to litigate.

Wright is aware of the dangers of writing against the church, as he details the story of Paulette Cooper. Cooper, whose 1971 book The Scandal of Scientology, was sued nearly 20 times by the church and harassed for years due to its contents. The book details that an FBI raid a few years later found a Scientology file about Operation Freakout, which had the purpose of getting Cooper in a mental institution or jail.

The book places Church President David Miscavige is a negative light (over 20 people in the book accuse him of abuse, including being kicked, punched, slapped, choked and more). Karin Pouw, a Scientology spokeswoman states that details about Miscavige are false and defamatory.

The church created a web site for what it believes are errors in the book. While Wright is short on drama, the web site hyperbolically states that the book is "so ludicrous it belongs in a supermarket tabloid". The web site states that British publishers have chosen not to print it "which speaks volumes about their confidence in its factual accuracy". The truth is that British libel laws are so onerous and archaic, that publishers are reticent to publish such a work. While it might not be published in the UK, it is easily available via the Amazon UK web site.

In Going Clear, Wright has created a fair and balanced overview (if such a thing is actually possible) about Scientology. The book has interview material and facts from over 200 current and former members of the Church of Scientology, and takes a historical look of its history, and that of its founder L. Ron Hubbard and successor, current President David Miscavige.

In the introduction, Wright notes that he was drawn to write the book by the questions that many people have about Scientology; such as: what is it that make the religion so alluring? What do its adherents get out of it? Why do popular personalities associate themselves with a faith that is likely to create a kind of public relations martyrdom? He notes that these questions are not unique to Scientology, but that they certainly underscore its story.

As 372 pages covering 3 parts and 11 chapters, Wright is a mesmerizing author that creates a non-fiction spellbinding page-turner. The 4 main characters of the book are Hubbard, Miscavige and actors Tom Cruise and John Travolta.

In chapter 2, the book details the many discrepancies between the legend of L. Ron Hubbard and fact. While Scientologist's may think that Wright has a vengeance against the group, he writes that it is a fact that Hubbard was genuinely a fascinating man. He writes that Hubbard was an explorer, best-selling author and the founder of a worldwide religious movement. At the same time, Wright's research found that the truth is counter to some of the postulated facts about Hubbard's naval career, his miraculous recovery from wartime injuries and overall naval accomplishments.

As to the manipulation of facts, in the final pages of the book, Wrights notes some of Hubbard's medical records do not corroborate his version of the actual events. Some of the naval medals that Hubbard supposedly won were not created until after Hubbard left active service. The supposed Purple Heart medal for being wounded while serving on duty that Hubbard claimed to receive was also different from the Purple Heart medals given out at the time.

In Dianetics: The Modern Science of Mental Health, Hubbard specifically names psychotherapy as being dangerous and impractical. Hubbard felt that other methods of mental science are based on principles that are opposed to the principles of Scientology, and Hubbard had an anathema of psychiatry and psychology until his dying day.

Wright observes that Dianetics arrived at a moment when the aftershocks of World War 2 were still being felt. And that behind the exhilarations of victory, there was immense trauma for millions of Americans. With Dianetics, Hubbard offered a do-it-yourself manual to that claimed to demystify the secrets of the human mind and produce guaranteed results, for free, and that was bound to attract a large audience.

Wright notes that given Hubbard's biography, it would be easy to dismiss Hubbard as a fraud. But that would fail to explain his total absorption in his project. Hubbard would spend the rest of his life elaborating his theory and obsessively construct the intricate bureaucracy design to spread and enshrine his understanding of human behavior.

Wright notes that for all of Hubbard's enormous wealth, he spent much of his time in his ship cabin alone, auditing himself with an E-Meter (the electronic device used Scientology auditing sessions) and developing his spiritual technology. Wright rhetorically notes that while Hubbard may have been grandiose and delusional, if Hubbard was a fraud and a con, why would he bother creating such a system?

As objective as Wright is, he takes no quarter when he details Scientology's approach to children. Hubbard viewed children as adults in small bodies. While they were physically small, Hubbard felt that they were responsible for their own behavior. Young children would be sentenced to virtual prisons for weeks, for minor infractions such as messing up an incoming telex.

In Scientology parlance, such an individual was a suppressive person. One young girl, who was deaf and mute was placed in a locker for a week because Hubbard thought it might cure her deafness.

A large part of the book deals with celebrities and how Scientology sees celebrities as a boon to the church. Wrights notes that Scientology orients itself toward celebrities and by doing so, the church awards famousness a spiritual value. People who seek fame in the entertainment industry will gravitate to Hollywood, where the Scientology Celebrity Center is waiting for them, validating their ambitions and promising a recruits a way in. The church has long pursued a marketing strategy that relies on celebrity endorsements to promote the religion.

Some celebrities prominent in the book are Paul Haggis, Travolta, Nancy Cartwright (famous for being the voice of Bart Simpson) and Tom Cruise. Haggis is an ex-Scientologist, recently leaving the church after nearly 40 years, who is interviewed in the book.

Wright is highly critical of Cruise, who he notes that probably no member of the church derives as much material benefit as Cruise does. Cruise then consequently bears a moral responsibility for the myriad indignities (which the book points out in great detail) inflicted on members of the Sea Organization (a unit of the Church, encompassing its most dedicated members), sometimes directly because of his membership.

Wright concludes with the notion that Scientology wants to be understood as a scientific approach to spiritual enlightenment, but has no grounding in science at all. Serious academic study of the church has to date been constrained by the church's vindictive and litigious reputation. Researchers and academics are terrified by Scientology and reluctant to direct their research into the church. The book observes that compared with other religions, the published literature on Scientology is improvised and clouded by bogus assertions.

In Going Clear: Scientology, Hollywood, and the Prison of Belief, Wright has composed a bombshell of an expose. This is a compelling and engrossing book, thoroughly researched and extensively fact checked. The book is a perfect read for a long flight as it is riveting and fascinating. Wright has a unique ability to keep the narrative flowing and interesting.

But with all that, it is not a Silent Spring, which 50 years ago helped launch the environmental movement. Had the book come out 20 years ago, it is likely that lawsuits from the church would have prevented its release until today. Yet the passive public has a short memory and Scientology has believers that sign billion year contracts with the church. As salacious as every page of this book is, one is hard-pressed to envision the church of Scientology contracting or being hurt in any way by this book.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Going Clear: Scientology, Hollywood, and the Prison of Belief from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

mask.of.sanity writes "Github has killed its search function to safeguard users who were caught out storing keys and passwords in public repositories. 'Users found that quite a large number of users who had added private keys to their repositories and then pushed the files up to GitHub. Searching on id_rsa, a file which contains the private key for SSH logins, returned over 600 results. Projects had live configuration files from cloud services such as Amazon Web Services and Azure with the encryption keys still included. Configuration and private key files are intended to be kept secret, since if it falls into wrong hands, that person can impersonate the user (or at least, the user's machine) and easily connect to that remote machine.' Search links popped up throughout Twitter pointing to stored keys, including what was reportedly account credentials for the Google Chrome source code repository. The keys can still be found using search engines, so check your repos."

benrothke writes "In the 4th edition of A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology, author Sara Baase takes a broad look at the social, legal and ethical issues around technology and their implications. Baase notes that her primary goal in writing the book is for computer professionals to understand the implications of what they create and how it fits into society. The book is an interesting analysis of a broad set of topics. Combined with Baase's superb writing skills, the book is both an excellent reference and a fascinating read." Read below for the rest of Ben's review. A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology (4th Edition) author Sara Baase pages 496 publisher Prentice Hall rating 9/10 reviewer Ben Rothke ISBN 978-0132492676 summary Superb reference on social and other issues in computing The books gets it title from the mythical tale of Prometheus, who stole heavenly fire and gave it to the human race, which then used it to empower civilization. Someone commented to the author that perhaps Pandora's Boxmay be a better metaphor to use, as Pandora's Box held all of the ills of mankind.

While Baase wrote the book to be used in her computer science course, the book is not an indigestible academic tome; rather a very topical reference. Its 9 densely packed chapters covering nearly 450 pages provide a comprehensive locus.

While legal themes are pervasive throughout the book, Baase writes that she is a computer scientist and not a lawyer and that appropriate legal counsel should be obtained before drawing any legal conclusions.

Chapter 1 opens with an overview of how change and unexpected developments effect IT projects and information technology. And that is the overall theme of the book, of how new things often have unexpected problems and results. Anyone familiar with the Risks Digestedited by Peter Neumann will be at home with these topics.

The chapter details the notion of a kill switchand details some of the potential uses and risks involved, and how that more often than not, theses kill switches are improperly designed and deployed.

The chapter concludes with the important thought that there are no simple answers (contrary to popular media belief) and that we can't solve ethical problems by simply applying a formula, algorithm or deploying a piece of software. This is due to the complexity of human nature and that ethical theories don't always provide clear and incontrovertible positions on all issues.

The chapter closes, like all of the chapters in the book with a series of review exercises, general exercises, assignments (remember this is a textbook), a list of books and articles for further reading, and an extremely detailed set of endnotes. Each chapter has a long set of endnotes due to Baase's attention to details and excellent research. This assignments and exercises for the class the book is used for can be downloaded here. Baase also has a web site with other supplementary information and resources.

Chapter 2 details various issues around data and personal privacy. An interesting fact detailed is that Maricopa Country in Arizona was one of the first municipalities to put complete public records on the web. Little did county official know that such an action would eventually lead the county to have the highest rate of identity theft in the USA.

The chapter also compares US privacy regulations with that of the European Union (EU). Baase notes that the perception is that US privacy policy is far behind that of the EU. But what many people don't realize is that the US and EU have very different cultures and traditions, which manifest itself in how each regulates privacy.

Baase writes that the EU tends to put more emphasis on regulation and centralization; whereas the US puts more emphasis on contracts, consumer pressure, flexibility and freedom of the market. The US also has higher penalties for abuse of personal information via deceptive and unfair business practices.

Chapter 7 deals with how to evaluate and control technology and is the most insightful chapter in the book. Baase writes of the inherent conflict between a democracy and open Internet, while dealing with the plethora of incorrect, foolish and biased information. She makes note of some totalitarian regimes that prohibit anti-government use of social media. She illustrates cases where these countries (China and Syria are just two of them) that create bogus dissident sites, find out which people are sympathetic to the cause, and then arrests these people.

Baase details and defends against many neo-Luddite views of computers, technology and quality of life. Baase provides numerous anecdotes of environmental and other anti-technology groups that rail against technology, but use computers and the web. She writes of the editor who considers himself a neo-Luddite, a person who sees technology as inherently evil; yet disseminates his views via email, computers and laser printers. Compare this with members of various anti-vaccination movements, who are obvious to the millions of lives saved by vaccinations.

The chapter also details some of the duplicitous views of Kirkpatrick Sale, another neo-Luddite who rages against the computer machine, while simultaneously benefiting significantly from it, and using it.

Baase defends technology in writing that those who are critical of modern technology point out their weaknesses, but often ignore the weakness of the alternatives. An example she gives is the millions of acres once needs to grow feed for horses and the hundreds of tons of horse manure dropped on the streets of cities, as recent as a century ago. Candles, gas lamps and kerosene filled homes with fumes and soot; doesn't that make electricity a valuable commodity?

Baase gives many other examples of the problems and controversial issues surrounding technology. But more importantly, notes, and celebrates the enormous benefits that computer technology and the Internet has brought us.

The only significant negative of the book is its price tag. While it is officially a textbook, it is manifest in its suggested retail price of $102.00. Note though the book is available on Amazon for much cheaper, in addition to used copies which are even less.

Social media, computers and other aspect of technology have brought massive changes to society. Many of these changes are highly beneficial, others not. There are myriad questions that need to be asked, and ideas that need to be understood, and the books covers and answers those in details.

For those looking for an across-the-board superb reference on social and other issues in computing, A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology is a terrific resource and an invaluable reference guide.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase A Gift of Fire: Social, Legal, and Ethical Issues for Computing Technology (4th Edition) from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

An anonymous reader writes "Kim Dotcom on Thursday used Twitter to reveal some interesting new tidbits in regards to his upcoming Mega service, which will be hosted at the New Zealand-based domain Mega.co.nz. Two days before the service is to go live, Doctom says he plans to offer 50GB of free storage to all members and is also working on bringing over users' Megaupload files and data, but has so far run into legal issues." To say that Kim Dotcom has "run into legal issues" is like saying that Julian Assange is having a sleepover at the Ecuadorian embassy.

gbrumfiel writes "Experts believe that the many thousands who fled from the Fukushima nuclear disaster received very low doses of radiation. But that doesn't mean there won't be health consequences. Nature magazine traveled to Fukushima prefecture and found evidence of an enormous mental strain from the accident. Levels of anxiety and PTSD-like symptoms are high among evacuees. Researchers fear that, in the long run, the mental problems could lead to depression and substance abuse among those who lost their homes. In other words, even if no one develops cancer as a direct result of radiation, the health effects could still be very real."

CWmike writes "It's starting to look like the BlackBerry store will be well stocked with apps when Research In Motion launches BlackBerry 10 (see YouTube preview) at the end of this month. The company held an event over the weekend where it offered app developers incentives to port their programs to the BlackBerry 10 platform and managed to attract 15,000 app submissions. 'Well there you have it. 37.5 hours in, we hit 15,000 apps for this portathon. Feel like I've run a marathon. Thanks to all the devs!' wrote Alec Saunders, vice president of developer relations at RIM, in a Twitter message. The 'port-a-thon' event was held in two parts: One aimed at Android developers and the other at apps written in other platforms, including Appcelerator, Maramalade, Sencha, jQuery, PhoneGap and Qt. RIM was offering $100 for each app ported and subsequently approved for sale in the BlackBerry 10 app store, up to certain limits. Developers could also win BlackBerry 10 development handsets and a trip to RIM's BlackBerry Jam Europe developer event." It's hard to believe that many current iOS or Android users are leaping toward Blackberry, though. If you're in one of those camps, is that so crazy?

snydeq writes "Simon Phipps sheds light on a fight for control over Vert.x, an open source project for scalable Web development that 'seems immunized to corporate control.' 'Vert.x is an asynchronous, event-driven open source framework running on the JVM. It supports the most popular Web programming languages, including Java, JavaScript, Groovy, Ruby, and Python. It's getting lots of attention, though not necessarily for the right reasons. A developer by the name of Tim Fox, who worked at VMware until recently, led the Vert.x project — before VMware's lawyers forced him to hand over the Vert.x domain, blog, and Google Group. Ironically, the publicity around this action has helped introduce a great technology with an important future to the world. The dustup also illustrates how corporate politics works in the age of open source: As corporate giants grasp for control, community foresight ensures the open development of innovative technology carries on.'"

snydeq writes "Tech giants Apple, Google, and Microsoft were no-shows at CES this week in Las Vegas, which worked out just fine for Chinese vendors looking to establish a name for themselves with U.S. consumers. 'Telecom suppliers Huawei and ZTE, in particular, have set their sights on breaking into the U.S. market for smartphones and tablets. ... Whether these Chinese imports can take on the likes of Apple and Samsung remains to be seen, but as Wired quotes Jeff Lotman, the CEO of Global Icons, an agency that helps companies build and license their brands: "The thing that's amazing is these are huge companies, and they have a lot of power, but in the United States nobody has heard of them and they're having trouble gaining traction, but it's not impossible. Samsung was once known for making crappy, low-end phones and cheap TVs. Now they're seen as a top TV and smartphone brand."'"

McGruber writes "Travel writer Christopher Elliott touches down with the news that the U.S. Transportation Security Administration was spotted standing around outside a recent American football game between the Minnesota Vikings and the Green Bay Packers (picture). According to Mr. Elliott, the 'TSA goes to NFL games and political conventions and all kinds of places that have little or nothing to do with ... travel. It even has a special division called VIPR — an unfortunate acronym for Visible Intermodal Prevention and Response team — that conducts these searches.' He continues, 'As far as I can tell, TSA is just asking questions at this point. "Data and results collected through the Highway BASE program will inform TSA's policy and program initiatives and allow TSA to provide focused resources and tools to enhance the overall security posture within the surface transportation community," it says in the filing. But they wouldn't be wasting our money asking such questions unless they planned to aggressively expand VIPR at some point in the near future. And that means TSA agents at NFL games, in subways and at the port won't be the exception anymore — they will be the rule.'"

New submitter earlzdotnet writes "A new patent troll is in town, this time targeting the users of technology, rather than the creators. They appear to hold a process patent for 'scanning a document and then emailing it.' They are targeting small businesses in a variety of locations and usually want somewhere between $900 to $1200 per employee for 'infringement' of their patent. As with most patent trolls, they go by a number of shell companies, but the original company name appears to be Project Paperless LLC. Joel Spolsky said in a tweet that 'This is organized crime, plain and simple...' I tend to agree with him. When will something be done about this legal mafia?"

An anonymous reader writes "EFnet member Fionn 'Fudge' Kelleher reported several vulnerabilities in the IRC daemons charybdis, ircd-ratbox, and other derivative IRCds. The vulnerability was subsequently used to bring down large portions of the EFnet IRC network." By crafting a particular message, you can cause the IRC daemon to call strlen(NULL) and game over, core dumped.

benrothke writes "When the IBM PC first came out 31 years ago, it supported a maximum of 256KB RAM. You can buy an equivalent computer today with substantially more CPU power at a fraction of the price. But in those 31 years, the information security functionality in which the PC operates has not progressed accordingly. In Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents, author Jean-François Blanchette observes that the move to a paperless society means that paper-based evidence needs to be recreated in the digital world. It also requires an underlying security functionality to flow seamlessly across organizations, government agencies and the like. While the computing power is there, the ability to create a seamless cryptographic culture is much slower in coming." Keep reading for the rest of Ben's review. Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents author Jean-François Blanchette pages 288 publisher MIT Press rating 9/10 reviewer Ben Rothke ISBN 978-0262017510 summary Excellent overview and history of using cryptography to build a trust framework The so called Year of the PKI has been waiting for over a decade, and after reading Burdens of Proof, it is evident why a large-scale PKI will be a long time in coming. More than that, getting the infrastructure in place in a complex environment that exists in the USA with myriad jurisdictions and technologies may prove ultimately to be impossibility.

The irony is that an effective mechanism for digital authentication would seem to be an indispensable part of the digital age. The lack of such an authentication infrastructure may be the very reason that fraud, malware, identity theft and much more, are so pervasive on the Internet.

The premise of this fascinating book is that the slow decline from the use of paper from a legal and evidentiary perspective has significant consequences. For the last few hundred years, paper has been ubiquitous in modern life; from legal and health records, school, employment and everything in between.

The book details the many challenges that businesses and governments face in moving from a paper-based record society and the underlying trust mechanisms that go along with it, to a new digital-based record system, and how a new framework is needed for such a method. The book details part of that new framework.

The book opens with an observation on the authenticity of President Obama's birth certificate. While Blanchette is not a birther, he does note that if the moral authority of paper records has diminished, then the electronic documents replacing them, which are what the Obama administration provided, appear to be even more malleable. And that is precisely the issue that he addresses.

Blanchette details a compelling story and writes it as an insider. He was a member of a task force appointed in 1999 by the French Ministry of Justice to provide guidance on the reform of the rules governing the admissibility of written evidence in French courts, into a digital format.

The first few chapters provide an excellent overview of the history of cryptography. Chapter 3 – On the Brink of a Revolution– gives an excellent summary of cryptography from 1976 on, starting with seminal research that was done by Diffie and Hellman, and Rivest, Shamir and Adleman (RSA).

In chapter 5, Blanchette details his narrative about how France embraced and moved to a more digital governmental framework. He notes that the challenge was that France was the country that gave bureaucracy its name, and is a place where citizens must carry at all times their papers d'identite and is a society enmeshed in paper. Blanchette writes of the many French bureaucracies that had to let go of their protectionist stances as they moved down the path to letting electronic documents have legal validity.

Blanchette writes that in France, one of the biggest impediments to moving to a digital framework were the French civil-law notaries or notaire. French notaries are much more powerful than a notary public in the US, and are closer to being what a paralegal does in the US.

The French notaire are a wealthy and powerful monopoly when it comes to issues of purchases, sales, exchanges, co-ownerships, land plots, leases, mortgages and the like. A notaire can form a corporation prepare commercial business leases and much more. The entire French notary profession had been dependent on its monopoly to grant authenticity, and no definition of electronic authenticity could emerge and succeed if it did not meet its criteria.

While paper trust may be intuitive now, Blanchette writes that it wasn't always the case. When documents were first created (whenever that may have been), they did not immediately inspire trust. As with other innovations, there was a long and complex period of evolution needed to gain accepted levels of trust.

In chapter 6, the books notes that many people assumed cryptography would be the mechanism that would inspire trust in the digital world. Blanchette writes that the mistake cryptographers made and sometimes continue to make; is that they often assumed that the properties of cryptographic objects will translate transparently into the complex social and institutional setting in which they are deployed in.

This was incisively noted in Why Johnny Can't Encrypt, which was a usability evaluation of PGP by Whitten and Tygar. The author's observed that user errors cause or contribute to most computer security failures, yet user interfaces for security still tend to be clumsy, confusing, or near-nonexistent. While the paper was written in 1999, most of its findings are still relevant.

Chapter 6 provides 3 fascinating case studies that show have different approach to security technology and cryptographic deployments are imperative in ensuring that they work.

In just under 200 pages, the books 7 chapters provide both a fascinating overview of the history of cryptography, in addition to showing how cryptography can be effectively used to authenticate digital documents. The book also has a high-level framework (a comprehensive framework would require at least 5 times as many pages) for an effective cryptographic framework for digital trust.

As Blanchette notes many times in the book, the challenge with getting digital signatures to work is not with the technology; rather it is with the underlying societal infrastructure in which to make it work. France was brought kicking and screaming into the age of electronic authentication, and is one of the few countries that have had such widespread success.

The book is a fascinating read that details how frustrating difficult it has been to create a comprehensive mechanism for digital authentication. The book raises many beguiling questions, and Blanchette is smart enough to notes that there are no simply answers to these multifaceted problems.

Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents is both a fascinating overview of the history of paper and electronic authentication, in addition to providing a synopsis of what it will take to make create a cryptographic culture, where digital evidence will be as accepted in the courtroom, as its antique paper cousin.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Burdens of Proof: Cryptographic Culture and Evidence Law in the Age of Electronic Documents from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

An anonymous reader sends this excerpt from Develop: "Games developed for the next-generation of consoles will still target a performance of 30 frames per second, claims id Software co-founder John Carmack. Taking to Twitter, the industry veteran said he could 'pretty much guarantee' developers would target the standard, rather than aiming for anything as high as 60 fps. id Software games, such as Rage, and the Call of Duty series both hit up to 60 fps, but many titles in the current generation fall short such as the likes of Battlefield 3, which runs at 30 fps on consoles. 'Unfortunately, I can pretty much guarantee that a lot of next gen games will still target 30 fps,' said Carmack."

theodp writes "Vic Gundotra, formerly Sr. VP of Social (and now, of Engineering) at Google, and head of the company's social networking service Google+, hasn't posted anything on his Twitter account since July 2011. Why? Responding to a question about his own social networking behavior at SMX 2012, Gundotra explained that he was asked by Google CEO Larry Page not to tweet anymore. 'I was asked not to tweet again.' Gundotra said (video). 'I was asked not to do that by my boss [Page]. I tweeted a tweet about two companies [Microsoft, Nokia] that went viral, went very very viral and made a lot of headline news.' So, what does it say when the Google CEO who reportedly tied all Googlers' bonuses to social networking apparently finds it too dangerous to permit the head of Google+ to participate in social networking?"

An anonymous reader writes "Cox Communications appears to be injecting JavaScript and HTML into subscribers' traffic, as part of their effort to announce an email service outage. Pictures showing the popup."

An anonymous reader writes "Cox Communications appears to be injecting JavaScript and HTML into subscribers' traffic, as part of their effort to announce an email service outage. Pictures showing the popup."

New submitter mrvan writes "Guido van Rossum, the proclaimed Python Benevolent Dictator For Life, has left Google to work for Dropbox. In their announcement, Dropbox says they relied heavily on Python from the beginning, citing a mix of simplicity, flexibility, and elegance, and are excited to have GvR on the team. While this is, without a doubt, good news for Dropbox, the big question is what this will mean for Python (and for Google)."

benrothke writes "It is well known that the password, while the most widespread information security mechanism, is also one of the most insecure. It comes down to the fact that the average person can't create and maintain secure passwords. When it comes to physical locks, the average lock on your home and in your office is equally insecure. How insecure it in? In two fascinating books on the topic, Deviant Ollam writes in Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide and Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks that it is really not that difficult. When it comes to information security penetration tests done on the client site, the testers will most often have permission to be inside the facility. On rare occasions, the testers need to find alternative means to gain entrance. Sometimes that means picking the locks." Keep reading to learn if you'll be picking locks soon. Practical Lock Picking, 2nd ed. / Keys to the Kingdom author Deviant Ollam pages 296 / 256 publisher Syngress rating 9/10 reviewer Ben Rothke ISBN 978-1597499897 / 978-1597499835 summary Two excellent books on the fundamentals of lockpicking All of the information in the books is long known to professional locksmiths. For those whose responsibilities include physical security, it is hoped that they are at least at the level of the locksmiths, and have designed their physical security plant accordingly.

Ollam is a member of The Open Organization Of Lockpickers (TOOOL), a group whose goal is to advance the general public knowledge about locks and lock picking. TOOL'S mantra is that the more that people know about lock technology, the better they are capable of understanding how and where certain weaknesses are present. This makes them well-equipped to participate in sport picking endeavors and also helps them simply be better consumers in the marketplace, making decisions based on sound fact and research. In these books, Ollam stays true to that mantra.

The two books have some overlap. Practical Lock Picking is meant as a beginners guide to lock picking, and is intended to be a hands-on guide with hundreds of pictures and diagrams.

Ollam writes in a clear-cut and systematic manner, describing all of the details needed. Nearly every page includes pictures and diagrams to illustrate the point. In 6 easily readable chapters, Ollam covers the core areas needed to gain a comprehensive understanding of the topic of lock picking. By the end of the book, you won't be a locksmith or even close. But for those that have locksmithing in their blood, or want to get greater insights, the book will be a great resource that will help them get there.

Chapter 1 starts the book on the fundamentals of pin tumbler and wafer locks; which are two of the most common types of locks in use. Ollam notes that while there are a multitude of lock designs on the market today produced by many different manufactures, the bulk of these locks are not in widespread use. With that, he notes that if the reader can understand the basics of just a few styles of locks, he is confident that the reader should be open top open with great east at least 75% of the locks they are likely to encounter, and even more as you become more skilled with them.

After the introduction, chapter 2 gets into the basics of lock picking and how to exploit weaknesses that most locks have. Many of these weaknesses are due to errors in the manufacturing process, which the book details. Information security guru has observed that "security is a tax on the honest majority". He writes that security often does not keep that bad guys out. Similarly, insecure physical locks will do little to keep the bad guys out, which Ollam so persuasively writes about.

In chapter 5, Ollam details what he terms quick-entry tricks, which is done via shimming, bumping and bypassing. Lock bumping has gotten a lot of media exposure in the last few years, but has been around for nearly 100 years. Specifically, it is a pin tumbler lock picking technique using a special bump key. Not that there is a universal bump key that can open all locks. Rather the bump key must correspond to the lock in question. Ollam shows that if one has such a key, many of these locks can quickly be compromised.

The book closes with an appendix that provides a list to the types of tools and toolkits necessary to pick locks.

After completing Practical Lock Picking, one should check out Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks, which is a great follow-on reference.

The main difference between the two is that the latter provides a lot of details on impressioning, which is a covert technique to create a usable key for a lock without picking the lock or taking it apart, in addition to some other types of more sophisticated attacks.

Chapter 2 of the book is on soft medium attacks and is particularly fascinating. Ollam writes of mold-and-cast attacks, which is a technique of opening a lock by covertly copying a legitimate key by making a cast of it in a soft material, then using it to imprint and fabricate a working key. Such a technique was used in real-life and detailed in the 1979 movie The First Great Train Robbery. Ollam writes how the movie was very true to the methods and technology available at that time, when the train robbery occurred in the 1850's.

The chapter walks the reader through the Quick-Key duplication kit method, in which most common key forms can be replicated with the kits molding and casting forms. The kit Ollam references is for the serious student of the craft, as it costs over $700- and can only be purchased from a firm in Germany.

Chapter 3 on master-keyed systems is particularly interesting as Ollam shows how a master key privilege escalation attack can often be easily done. Master-key systems make the logistics of granting access easier. But with that ease of use, comes the potential for abuse, as that single key will now have global access to the physical site.

Ollam writes that dedicated attackers who have the ability to spend a bit of time will often have the ability to compromise the code for the top master key (the one with the most access privileges) in nearly all master-keyed systems, even with only a small amount of preliminary information and a small number of blank keys.

In the same way that passwords often provide very little network security, Keys to the Kingdom shows that much of the security provided by physical locks is an illusion, given the ease at which these keys can be manipulated and copied.

Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide is a great introduction to the topic of lock picking, while Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks takes that base knowledge and builds upon.

For those who perform physical penetration testing, these two books will prove to be invaluable. For those that simply want to understand what their locks are and aren't doing, they will find these to be a fascinating read.

Ben Rothke is the author of Computer Security: 20 Things Every Employee Should Know.

You can purchase Practical Lock Picking, Second Edition: A Physical Penetration Testers Training Guide and Keys to the Kingdom: Impressioning, Privilege Escalation, Bumping, and Other Key-Based Attacks Against Physical Locks from amazon.com. Slashdot welcomes readers' book reviews -- to see your own review here, read the book review guidelines, then visit the submission page.

theodp writes "Illinois Governor Pat Quinn has launched a website and gone social on Facebook, Twitter, and YouTube to educate taxpayers on why they must make good on pension promises to state workers. And, in addition to Squeezy the Pension Python, Gov. Quinn is enlisting the help of Khan Academy, the tax-exempt, future-of-education organization funded by tax-free millions from Google, Bill Gates, and others, to help convince taxpayers that a state-pension-promise is a promise. In the Khan Academy video commissioned by the Governor, Illinois Pension Obligations, Sal Khan concedes that the annual annuity payouts for IL state employee retirees do look 'pretty reasonable' — e.g., $43,591 for the average teacher, $117,558 for a judge — but goes on to argue that 'in all fairness, this was promised to these people,' who he speculates 'probably took lower compensation while they were working,' 'probably stayed in the jobs longer,' and 'probably sacrificed other things' to get these 'great benefits.' 'We're delighted to have his [Khan's] help in enlightening Illinois citizens about how the pension problem came to be,' said the Governor. Of course, not everything can be explained in one video — perhaps other contributing factors like 'pension spiking', lobbyists' maneuvers, sweetheart deals, creative job reclassification, golden parachutes, bruising investment losses, and other wacky pension games will be taught in Illinois Pension Obligations II!"

Nerval's Lobster writes "A massive outage knocked Syria's Internet offline Nov. 29 — with the exception of five servers implicated in serving malware earlier this year. But the next day, those five servers went dark as well. Internet analytics firm Renesys suggested late Nov. 29 that those five servers were likely offshore. 'Now, there are a few Syrian networks that are still connected to the Internet, still reachable by traceroutes, and indeed still hosting Syrian content,' the company wrote in a blog post. 'These are five networks that use Syrian-registered IP space, but the originator of the routes is actually Tata Communications. These are potentially offshore, rather than domestic, and perhaps not subject to whatever killswitch was thrown today within Syria.' By the morning of Nov. 30, those five servers went offline. 'The last 5 networks belonging to Syria, a set of smaller netblocks previously advertised by Tata Communications, have been torn down and are no longer routed,' Renesys wrote." CloudFlare has a blog post confirming that the Syrian government was responsible for flipping the switch, contrary to their claims. Meanwhile, Anonymous has started targeting the Syrian government's remaining websites and helping to get communications channels flowing out of Syria. Google is reminding people of its Speak2Tweet service, which lets people post to Twitter through voicemail over still-functioning phone lines.

Nerval's Lobster writes "Microsoft's Surface Pro boasts one feature that could rapidly become an Achilles Heel, especially if Microsoft intends for the device to compete against Apple's iPad and a host of lightweight Google Android touch-screens. In a Nov. 29 Tweet to a customer, the official Surface Twitter feed claimed: 'We expect it [Surface Pro] to have approx. half the battery life of Surface with Windows RT.' That means Surface Pro will have roughly four hours of battery life. That's roughly half the battery life (if not less) of Apple's various iPads, the Samsung Galaxy Tab 10.1, Research In Motion's PlayBook, Hewlett-Packard's now-cancelled TouchPad, and Motorola's all-but-forgotten Xoom. In other words, pretty much every tablet currently on the market. Nor can the Surface Pro compete with other tablets on price. The 64GB version of the device will retail for $899, with the 128GB version coming in a little higher at $999."

hypnosec writes "Amidst the ongoing civil war, Syria has gone off the Internet as of a few hours ago, with all the 84 IP block within the country unreachable from the outside. Renesys, a research firm keeping tabs on the health of the Internet, reported at about 5:25 ET that Syria's Internet connectivity has been shut down. The internet traffic from outside to Syrian IP addresses is going undelivered, and anything coming from within the country is not reaching the Internet. Akamai has tweeted that its traffic data supports what Renesys has observed." Reader trickstyhobbit adds a report from Slate that the connection "appear[s] to have been knocked off line by heavy fighting earlier this morning. They are also reporting that the shutdown may have been intentional to aid in a government operation."

theodp writes "President Obama and his daughters headed to an indie bookstore last Saturday to promote shopping local. The White House did not disclose which books were bought, but author Lauren Oliver tweeted her delight after a White House photo showed her books Delirium and Pandemonium were among the 15 children's books purchased by the Obama family for Christmas gift-giving. While it made for a nice Small Business Saturday photo op, do you suppose the President paid much more for the books at the small indie bookshop than he might have at an online retailer like Amazon, where the hardcopy edition of Pandemonium is $10.15 (44% off the $17.99 list price) and the hardcopy edition of Delirium can be had for $10.47 (42% off the $17.99 list price)? Kindle Editions of the books are also available for $7.99. And with both titles eligible for free Amazon Prime shipping, the President could've saved on gasoline and Secret Service costs, too! So, will you be following the President's lead and shop local this holiday season, or is the siren song of online shopping convenience and savings too hard to resist?"

theodp writes "President Obama and his daughters headed to an indie bookstore last Saturday to promote shopping local. The White House did not disclose which books were bought, but author Lauren Oliver tweeted her delight after a White House photo showed her books Delirium and Pandemonium were among the 15 children's books purchased by the Obama family for Christmas gift-giving. While it made for a nice Small Business Saturday photo op, do you suppose the President paid much more for the books at the small indie bookshop than he might have at an online retailer like Amazon, where the hardcopy edition of Pandemonium is $10.15 (44% off the $17.99 list price) and the hardcopy edition of Delirium can be had for $10.47 (42% off the $17.99 list price)? Kindle Editions of the books are also available for $7.99. And with both titles eligible for free Amazon Prime shipping, the President could've saved on gasoline and Secret Service costs, too! So, will you be following the President's lead and shop local this holiday season, or is the siren song of online shopping convenience and savings too hard to resist?"