Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
Music

The Beatles, Bob Dylan and the 50-Year Copyright Itch 24

Posted by Soulskill
from the they-get-by-with-a-little-help-from-their-lobbyists dept.
HughPickens.com writes: Victoria Shannon reports in the NY Times that fifty years ago was a good year for music, with the Beatles appearing on Billboard's charts for the first time, the Rolling Stones releasing their first album, the Supremes with five No. 1 hits, and Simon and Garfunkel releasing their debut album. The 50-year milestone is significant, because music published within the first half-century of its recording gets another 20 years of copyright protection under changes in European law. So every year since 2012, studios go through their tape vaults to find unpublished music to get it on the market before the deadline.

The first year, Motown released a series of albums packed with outtakes by some of its major acts, and Sony released a limited-edition collection of 1962 outtakes by Bob Dylan, with the surprisingly frank title, "The Copyright Extension Collection, Vol. I." In 2013, Sony released a second Dylan set, devoted to previously unreleased 1963 recordings. Similar recordings by the Beatles and the Beach Boys followed. This year, Sony is releasing a limited-edition nine-LP set of 1964 recordings by Dylan, including a 46-second try at "Mr. Tambourine Man," which he would not complete until 1965. The Beach Boys released two copyright-extension sets of outtakes last week. And while there's no official word on a Beatles release, last year around this time, "The Beatles Bootleg Recordings 1963" turned up unannounced on iTunes.
Security

Hackers Used Nasty "SMB Worm" Attack Toolkit Against Sony 114

Posted by timothy
from the forewarned-is-forearmed dept.
wiredmikey writes Just hours after the FBI and President Obama called out North Korea as being responsible for the destructive cyber attack against Sony Pictures, US-CERT issued an alert describing the primary malware used by the attackers, along with indicators of compromise. While not mentioning Sony by name in its advisory, instead referring to the victim as a "major entertainment company," US-CERT said that the attackers used a Server Message Block (SMB) Worm Tool to conduct the attacks. According to the advisory, the SMB Worm Tool is equipped with five components, including a Listening Implant, Lightweight Backdoor, Proxy Tool, Destructive Hard Drive Tool, and Destructive Target Cleaning Tool. US-CERT also provided a list of the Indicators of Compromise (IOCs), which include C2 IP addresses, Snort signatures for the various components, host based Indicators, potential YARA signatures to detect malware binaries on host machines, and recommended security practices and tactical mitigations.
Sony

Schneier Explains How To Protect Yourself From Sony-Style Attacks (You Can't) 308

Posted by Soulskill
from the just-look-less-hackable-than-the-schmuck-next-to-you dept.
phantomfive writes: Bruce Schneier has an opinion piece discussing the Sony attack. He says, "Your reaction to the massive hacking of such a prominent company will depend on whether you're fluent in information-technology security. If you're not, you're probably wondering how in the world this could happen. If you are, you're aware that this could happen to any company." He continues, "The worst invasion of privacy from the Sony hack didn’t happen to the executives or the stars; it happened to the blameless random employees who were just using their company’s email system. Because of that, they’ve had their most personal conversations—gossip, medical conditions, love lives—exposed. The press may not have divulged this information, but their friends and relatives peeked at it. Hundreds of personal tragedies must be unfolding right now. This could be any of us." Related: the FBI has officially concluded that the North Korean government is behind the attack.
Programming

Hackers' Shutdown of 'The Interview' Confirms Coding Is a Superpower 211

Posted by Soulskill
from the better-figure-out-an-alter-ego-quick dept.
theodp writes: The idea of programming as a superpower was touched upon by CS teacher Alfred Thompson back in 2010, but it became a rallying call of sorts for the Hour of Code after Dropbox CEO Drew Houston described coding as "the closest thing we have to a superpower" in a Code.org video that went viral. And if the kids who learned to code with the President last week were dubious about the power of coding, this week's decision by Sony to scrap the release of the satirical film The Interview after a massive hack attack should put aside any doubts, especially after new revelations that Sony had reached out to the White House for help and screened the film for administration officials back in June. White House press secretary Josh Earnest said Thursday that the Obama Administration is viewing the Sony attack as a "serious national security matter" and is considering a range of possible options as a response, which could turn things into a contest of U.S. Superpower vs. Coding Superpower. In case it wasn't mentioned last week, remember to always use your coding superpower for good, kids!
Censorship

"Team America" Gets Post-Hack Yanking At Alamo Drafthouse, Too 225

Posted by timothy
from the meet-your-new-program-director dept.
Slate reports that even old movies are enough to trigger a pretty strong knee jerk: Team America, World Police, selected as a tongue-in-cheek replacement by Dallas's Alamo Drafthouse Theater for the Sony-yanked The Interview after that film drew too much heat following the recent Sony hack, has also been pulled. The theater's tweet, as reprinted by Slate: "due to circumstances beyond our control,” their Dec. 27 Team America screening has also been canceled." If only I had a copy, I'd like to host a viewing party here in Austin for The Interview, which I want to see now more than ever. (And it would be a fitting venue.)
Censorship

Reaction To the Sony Hack Is 'Beyond the Realm of Stupid' 566

Posted by timothy
from the pretty-jaw-dropping dept.
rossgneumann writes North Korea may really be behind the Sony hack, but we're still acting like idiots. Peter W. Singer, one of the nations foremost experts on cybersecurity, says Sony's reaction has been abysmal. "Here, we need to distinguish between threat and capability—the ability to steal gossipy emails from a not-so-great protected computer network is not the same thing as being able to carry out physical, 9/11-style attacks in 18,000 locations simultaneously. I can't believe I'm saying this. I can't believe I have to say this."
Sony

US Links North Korea To Sony Hacking 181

Posted by samzenpus
from the who's-to-blame dept.
schwit1 writes Speaking off the record, senior intelligence officials have told the New York Times, CNN, and other news agencies that North Korea was "centrally involved" in the hack of Sony Pictures Entertainment. It is not known how the US government has determined that North Korea is the culprit, though it is known that the NSA has in the past penetrated North Korean computer systems. Previous analysis of the malware that brought down Sony Pictures' network showed that there were marked similarities to the tools used in last year's cyber-attack on South Korean media companies and the 2012 "Shamoon" attack on Saudi Aramco. While there was speculation that the "DarkSeoul" attack in South Korea was somehow connected to the North Korean regime, a firm link was never published.
Movies

Top Five Theaters Won't Show "The Interview" Sony Cancels Release 579

Posted by samzenpus
from the nothing-to-see-here dept.
tobiasly writes The country's top five theater chains — Regal Entertainment, AMC Entertainment, Cinemark, Carmike Cinemas and Cineplex Entertainment — have decided not to play Sony's The Interview. This comes after the group which carried off a massive breach of its networks threatened to carry out "9/11-style attacks" on theaters that showed the film. Update: Sony has announced that it has cancelled the planned December 25 theatrical release.
Piracy

Sony Leaks Reveal Hollywood Is Trying To Break DNS 378

Posted by Soulskill
from the scorched-net-policy dept.
schwit1 sends this report from The Verge: Most anti-piracy tools take one of two paths: they either target the server that's sharing the files (pulling videos off YouTube or taking down sites like The Pirate Bay) or they make it harder to find (delisting offshore sites that share infringing content). But leaked documents reveal a frightening line of attack that's currently being considered by the MPAA: What if you simply erased any record that the site was there in the first place? To do that, the MPAA's lawyers would target the Domain Name System that directs traffic across the internet.

The tactic was first proposed as part of the Stop Online Piracy Act (SOPA) in 2011, but three years after the law failed in Congress, the MPAA has been looking for legal justification for the practice in existing law and working with ISPs like Comcast to examine how a system might work technically. If a takedown notice could blacklist a site from every available DNS provider, the URL would be effectively erased from the internet. No one's ever tried to issue a takedown notice like that, but this latest memo suggests the MPAA is looking into it as a potentially powerful new tool in the fight against piracy.
The Courts

Apple Wins iTunes DRM Case 188

Posted by Soulskill
from the drm-protected-history-is-written-by-the-victors dept.
An anonymous reader sends word that Apple's iTunes DRM case has already been decided. The 8-person jury took only a few hours to decide that the features introduced in iTunes 7.0 were good for consumers and did not violate antitrust laws. Following the decision, the plaintiff's head attorney Patrick Coughlin said an appeal is already planned. He also expressed frustrations over getting two of the security features — one that checks the iTunes database, and another that checks each song on the iPod itself — lumped together with the other user-facing features in the iTunes 7.0 update, like support for movies and games. "At least we got a chance to get it in front of the jury," he told reporters. ... All along, Apple's made the case that its music store, jukebox software, and hardware was simply an integrated system similar to video game consoles from Sony, Microsoft, and Nintendo. It built all those pieces to work together, and thus it would be unusual to expect any one piece from another company to work without issues, Apple's attorneys said. But more importantly, Apple offered, any the evolution of its DRM that ended up locking out competitors was absolutely necessary given deals it had with the major record companies to patch security holes.
Programming

Godot Engine Reaches 1.0, First Stable Release 54

Posted by timothy
from the waiting-for-godot-two-oh dept.
goruka writes "Godot, the most advanced open source (MIT licensed) game engine, which was open-sourced back in February, has reached 1.0 (stable). It sports an impressive number of features, and it's the only game engine with visual tools (code editor, scripting, debugger, 3D engine, 2D engine, physics, multi-platform deploy, etc) on a scale comparable to commercial offerings. As a plus, the user interface runs natively on Linux. Godot has amassed a healthy user community (through forums, Facebook and IRC) since it went public, and was used to publish commercial games in the Latin American and European markets such as Ultimo Carnaval with publisher Square Enix, and The Mystery Team by Sony Computer Entertainment Europe.
Sony

Sony Demands Press Destroy Leaked Documents 249

Posted by samzenpus
from the do-not-share dept.
SydShamino writes In an effort that may run afoul of the first amendment, Sony, through their lawyer David Boies (of SCO infamy), has sent a letter to major news organizations demanding that they refrain from downloading any leaked documents, and destroy those already possessed. Sony threatens legal action to news organizations that do not comply, saying that "Sony Pictures Entertainment will have no choice but to hold you responsible for any damage or loss arising from such use or dissemination by you."
Businesses

Sony Pictures Leak Reveals Quashed Plan To Upload Phony Torrents 130

Posted by timothy
from the trial-balloon dept.
retroworks writes Motherboard.vice offers an interesting scoop from the hacked Sony Pictures email trove. A plan championed by Polish marketing employee Magda Mastalerz was to upload false versions of highly-pirated Sony programming, effectively polluting torrent sites with false positives. For example, a "Hannibal"-themed anti-piracy ad to popular torrent sites disguised as the first episode. Sony Pictures legal department quashed the idea, saying that if pirate sites were illegal, it would also be illegal for Sony Pictures to upload onto them. There were plans in WW2 to drop phony counterfeit currency to disrupt markets, and I wonder why flooding underground markets with phony products isn't widespread. Why don't credit card companies manufacture fake lists of stolen credit card numbers, or phony social security numbers, for illegal trading sites? For that matter, would fake ivory, fake illegal porn, and other "false positives" discourage buyers? Or create alibis?
Google

Hollywood's Secret War With Google 176

Posted by Soulskill
from the a-war-they'll-fight-aggressively-to-lose dept.
cpt kangarooski writes: Information has come to light (thanks to the recent Sony hack) that the MPAA and six major studios are pondering the legal actions available to them to compel an entity referred to as 'Goliath,' most likely Google, into taking aggressive anti-piracy action on behalf of the entertainment industry. The MPAA and member studios Universal, Sony, Fox, Paramount, Warner Bros., and Disney have had lengthy email discussions concerning how to block pirate sites at the ISP level, and how to take action at the state level to work around the failure of SOPA in 2012. Emails also indicate that they are working with Comcast (which owns Universal) on some form of traffic inspection to find copyright infringements as they happen.
Sony

Sony Reportedly Is Using Cyber-Attacks To Keep Leaked Files From Spreading 190

Posted by samzenpus
from the fight-fire-with-fire dept.
HughPickens.com writes Lily Hay Newman reports at Slate that Sony is counterhacking to keep its leaked files from spreading across torrent sites. According to Recode, Sony is using hundreds of computers in Asia to execute a denial of service attack on sites where its pilfered data is available, according to two people with direct knowledge of the matter. Sony used a similar approach in the early 2000s working with an anti-piracy firm called MediaDefender, when illegal file sharing exploded. The firm populated file-sharing networks with decoy files labeled with the names of such popular movies as "Spider-Man," to entice users to spend hours downloading an empty file. "Using counterattacks to contain leaks and deal with malicious hackers has been gaining legitimacy," writes Newman. "Some cybersecurity experts even feel that the Second Amendment can be interpreted as applying to 'cyber arms'."
Security

New Destover Malware Signed By Stolen Sony Certificate 80

Posted by Soulskill
from the everything-but-the-kitchen-sink dept.
Trailrunner7 writes: Researchers have discovered a new version of the Destover malware that was used in the recent Sony Pictures Entertainment breaches, and in an ironic twist, the sample is signed by a legitimate certificate stolen from Sony. The new sample is essentially identical to an earlier version of Destover that was not signed. Destover has been used in a variety of attacks in recent years and it's representative of the genre of malware that doesn't just compromise machines and steal data, but can destroy information as well. The attackers who have claimed credit for the attack on Sony have spent the last couple of weeks gradually releasing large amounts of information stolen in the breach, including unreleased movies, personal data of Sony employees and sensitive security information such as digital certificates and passwords. The new, signed version of Destover appears to have been compiled in July and was signed on Dec. 5, the day after Kaspersky Lab published an analysis of the known samples of the malware.
Security

Sony Hacks Continue: PlayStation Hit By Lizard Squad Attack 170

Posted by samzenpus
from the hits-keep-coming dept.
An anonymous reader writes Hacker group Lizard Squad has claimed responsibility for shutting down the PlayStation Network, the second large scale cyber-attack on the Sony system in recent weeks. Although apparently unrelated, the outage comes just weeks after the much larger cyber-attack to the tech giant's film studios, Sony Pictures, which leaked confidential corporate information and unreleased movies.The group claiming to have taken down PSN today, Lizard Squad, first appeared earlier this year with another high-profile distributed denial of service attack on Xbox Live and World of Warcraft in August. The hacker collective claimed that this attack was just a 'small dose' of what was to come over the Christmas period.
Security

North Korea Denies Involvement In "Righteous" Sony Hack 85

Posted by samzenpus
from the wasn't-us dept.
angry tapir writes North Korea's government has denied any involvement in the attack on Sony Pictures, but in a statement indicated that it's not necessarily unhappy that it happened. In a statement, the country's powerful National Defence Commission, which controls North Korea's armed forces, said it had no knowledge of the attack. The latest reports indicate that the hackers worked from a hotel in Thailand.
Sony

Sony Employees Receive Email Threat From Hackers: 'Your Family Will Be In Danger 184

Posted by Soulskill
from the going-out-of-their-way dept.
MojoKid writes: Things are going from bad to worse when it comes to the recent Sony Pictures Entertainment breach. Not only has sensitive financial information been released — including the salaries of high-ranking Sony executives — but more damaging personal information including 47,000 Social Security numbers of employees and actors have been leaked to the internet. We're now learning some even more disturbing details, unfortunately. Guardians of Peace (GOP), the hackers claiming responsibility for infiltrating Sony's computer network, are now threatening to harm the families of Sony employees. GOP reportedly sent Sony employees an email, which just so happened to be riddled with spelling and grammatical errors, that read in part, "your family will be in danger."
The Military

In North Korea, Hackers Are a Handpicked, Pampered Elite 102

Posted by Soulskill
from the nobody-believes-you're-going-to-move-to-north-korea dept.
HughPickens.com writes: Ju-Min Park and James Pearson report at Reuters that despite its poverty and isolation, North Korea has poured resources into a sophisticated cyber-warfare cell called Bureau 121, staffed by some of the most talented, and rewarded, people in North Korea, handpicked and trained from as young as 17. "They are handpicked," says Kim Heung-kwang, a former computer science professor in North Korea who defected to the South in 2004. "It is a great honor for them. It is a white-collar job there and people have fantasies about it." The hackers in Bureau 121 were among the 100 students who graduate from the University of Automation each year after five years of study. Over 2,500 apply for places at the university, which has a campus in Pyongyang, behind barbed wire.

According to Jang Se-yul, who studied with them at North Korea's military college for computer science, the Bureau 121 unit comprises about 1,800 cyber-warriors, and is considered the elite of the military. As well as having salaries far above the country's average, they are often gifted with good food, luxuries and even apartments. According to John Griasafi, this kind of treatment could be expected for those working in the elite Bureau. "You'd have to be pretty special and well trusted to even be allowed on email in North Korea so I have no doubt that they are treated well too." Pyongyang has active cyber-warfare capabilities, military and software security experts have said. In 2013, tens of thousands of computers were made to malfunction, disrupting work at banks and television broadcasters in South Korea. "In North Korea, it's called the Secret War," says Jang.

Physician: One upon whom we set our hopes when ill and our dogs when well. -- Ambrose Bierce

Working...