Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
Privacy

Using VPN in UAE Could Cost You $545,000 85

An anonymous reader writes: The President of the United Arab Emirates has issued a series of new federal laws relating to IT crimes, including a regulation that forbids anyone in the UAE from making use of virtual private networks to secure their web traffic from prying eyes. The new law states that anyone who uses a VPN or proxy server can be imprisoned and fined between $136,000-$545,000 if they are found to use VPNs fraudulently. Previously, the law was restricted to prosecuting people who used VPNs as part of an internet crime, but UK-based VPN and privacy advocate Private Internet Access says that the law has now changed to enable police in the UAE to go after anyone who uses VPNs to access blocked services, which is considered to be fraudulent use of an IP address.
Android

Android's New Feature Can Share Your Exact Location In Emergency Situation (thenextweb.com) 106

An anonymous reader shares a report on The Next Web: When the police, fire brigade or ambulances need to respond quickly to an emergency call, accurate information about the caller's location is crucial in helping them arrive in time to be of assistance. With that in mind, Google has introduced a feature in Android that beams your location to emergency services automatically when you call them. It uses your Wi-Fi, GPS and cell tower information to pinpoint exactly where you are and sends the data without allowing it to be accessed by anyone else. The feature is currently available in UK and Estonia, but Google plans to bring it to other regions as well. If your device has Android 2.3 or newer version, it will be able to make use of the feature.
Security

LastPass Accounts Can Be 'Completely Compromised' When Users Visit Sites (theregister.co.uk) 133

Reader mask.of.sanity writes: A dangerous zero-day vulnerability has been found in popular cloud password vault LastPass, which can completely compromise user accounts when users visit malicious websites. The flaw is today being reported to LastPass by established Google Project zero hacker Tavis Ormandy who says he has found other "obvious critical problems". Interestingly, Mathias Karlsson, a security researcher has also independently found flaws in LastPass. In a blog post, he wrote that he was able to trick LastPass into believing he was on the real Twiter website and cough up the users' credentials of a bug in the LastPass password manager's autofill functionality. LastPass has fixed the bug, but Karlsson advises users to disable autofill functionality and use multi-factor authentication. At this point, it's not clear whether Ormandy is also talking about the same vulnerability.
Biotech

'Sister Clones' Of Dolly The Sheep Have Aged Like Any Other Sheep, Study Says (npr.org) 66

An anonymous reader quotes a report from NPR: About four years ago, Kevin Sinclair inherited an army of clones. "Daisy, Debbie, Denise and Diana," says Sinclair, a developmental biologist at the University of Nottingham in England. "'Sister clones' probably best describes them," Sinclair says. "They actually come from the exactly the same batch of cells that Dolly came from." In an article out Tuesday in the journal Nature Communications, Sinclair and his colleagues write that the ewes' age, along with their strapping health, might be a reason for people to start feeling more optimistic about what cloning can do. Dolly's life did not turn out as scientists in the cloning field hoped it would. She died young -- 6 1/2 -- with a nasty lung virus. "That was really just bad luck," Sinclair says, and had "nothing to do" with the fact that Dolly was a clone. It was a daunting concept for those in the cloning field, because, says Sinclair, "If you're going to create these animals, they should be normal in every respect. They should be just as healthy as any other animal that's conceived naturally. If that is not the case, then it raises serious ethical and welfare concerns about creating these animals in the first place." But, the good health of the 13 clones in the Nottingham herd suggest better prospects for the procedure. Sinclair and his colleagues evaluated the animals' blood pressure, metabolism, heart function, muscles and joints, looking for signs of premature aging. They even fattened them up (since obesity is a risk factor for metabolic problems including diabetes) and gave them the standard tests to gauge how their bodies would handle glucose and insulin. The results? Normal, normal, normal. "There is nothing to suggest that these animals were anything other than perfectly normal," says Sinclair. They had slight signs of arthritis (Debbie in particular), but not enough to cause problems. "If I put them in with a bunch of other sheep, you would never be able to identify them," he says.
Businesses

Highest-Paid CEOs Run Worst-Performing Companies, Research Finds (independent.co.uk) 174

An anonymous reader writes from a report via The Independent: According to a study carried out by corporate research firm MSCI, CEO's that get paid the most run some of the worst-performing companies. It found that every $100 invested in companies with the highest-paid CEOs would have grown to $265 over 10 years. However, the same amount invested in the companies with the lowest-paid CEOs would have grown to $367 over 10 years. The report, titled "Are CEOs paid for performance? Evaluating the Effectiveness of Equity Incentives," looked at the salaries of 800 CEOs at 429 large and medium-sized U.S. companies between 2005 and 2014 and compared it with the total shareholder return of the companies. Senior corporate governance research at MSCI, Ric Marshall, said in a statement: "The highest paid had the worse performance by a significant margin. It just argues for the equity portion of CEO pay to be more conservative."
Security

Vine's Source Code Was Accidentally Made Public For Five Minutes (theregister.co.uk) 42

An anonymous reader writes from The Register: Vine, the six-second-video-loop app acquired by Twitter in 2012, had its source code made publicly available by a bounty-hunter for everyone to see. The Register reports: "According to this post by @avicoder (Vjex at GitHub), Vine's source code was for a while available on what was supposed to be a private Docker registry. While docker.vineapp.com, hosted at Amazon, wasn't meant to be available, @avicoder found he was able to download images with a simple pull request. After that it's all too easy: the docker pull https://docker.vineapp.com:443/library/vinewww request loaded the code, and he could then open the Docker image and run it. 'I was able to see the entire source code of Vine, its API keys and third party keys and secrets. Even running the image without any parameter, [it] was letting me host a replica of Vine locally.' The code included 'API keys, third party keys and secrets,' he writes. Twitter's bounty program paid out -- $10,080 -- and the problem was fixed in March (within five minutes of him demonstrating the issue)."
Transportation

Amazon Partners With UK Government To Test Drone Deliveries (usatoday.com) 44

An anonymous reader quotes a report from USA Today: [Recent rules from the Federal Aviation Administration mean delivery by drone is years away in the United States, but packages may be winging their way to customers sooner rather than later in the United Kingdom, where Amazon just got permission to begin a new trial of its delivery drones.] The U.K. Civil Aviation Authority gave Amazon permission to test several key drone delivery parameters. They include sending drones beyond the line of sight of their operator in rural and suburban areas, testing sensor performance to make sure the drones can identify and avoid obstacles and allowing a single operator to manage multiple highly-automated drones. U.S. rules are outlined in a 624-page rulebook from the Federal Aviation Administration. They allow commercial drones weighing up to 55 pounds to fly during daylight hours. The aircraft must remain within sight of the operator or an observer who is in communication with the operator. The operators must be pass an aeronautics test every 24 months for a certificate as well as a background check by the Transportation Security Administration. The rules govern commercial flights, such as for aerial photography or utilities inspection. Amazon's goal is to use drones to deliver packages up to 5 pound to customers in 30 minutes or less. Amazon released a statement today detailing its partnership with the UK Government that may one day turn its Prime Air drone delivery service into reality.
China

China Releases Test Footage of Ballistic Missile Defense System (mirror.co.uk) 68

An anonymous reader quotes a report from Mirror.co.uk: China has released footage of its first interception test of a mid-air ballistic missile, destroying a target miles above Earth. Footage of the experiment, which took place in 2010, has never been made public until now. According to Chinese news agency CCTV, Xu Chunguang, an expert working at a military base in northwest China, said: "All of our research is meant to solve problems that may crop up in future actual combats." It reportedly took researchers another three years to develop the core technologies to improve the system. A second successful test was reportedly conducted in January 2013. China's decision to finally release the footage could be seen as a warning shot to the U.S., which was critical of China for not notifying the Pentagon of the tests at the time. In May, China announced it would send submarines armed with nuclear missiles into the Atlantic Ocean, arguing it had little choice if America continued to advance its weapons systems. China has recently denounced South Korea's decision to deploy a U.S. Terminal High Altitude Area Defense (THAAD) anti-missile system to counter threats from North Korea, saying that it harmed the foundation of their mutual trust.
United Kingdom

Yahoo Ordered to Show How It Recovered 'Deleted' Emails (pcmag.com) 80

An anonymous reader quotes a report from PC Magazine: Just what kind of email retentions powers does Yahoo have? According to a policy guide from the company, Yahoo cannot recover emails that have been deleted from a user's account -- simple as that. If the email is in a user's account, it's fair game, and Yahoo can even give law enforcement the IP address of whatever computer is being used to send said email.

Or, at least, that's what Yahoo has said. A magistrate judge from the Northern District of California has ordered Yahoo to produce documents, as well as a witness for deposition, related to the company's ability to recover seemingly deleted emails in a UK drug case... a UK defendant was convicted -- and is currently serving an extra 20-year prison sentence -- as part of a conspiracy to import drugs into the United Kingdom. He's currently appealing the conviction, in part because the means by which Yahoo recovered the emails in question allegedly violate British law.

The drug smugglers apparently communicated by creating a draft of an email, which was then available to others who logged into that same account.
Mars

Laser-Armed Martian Robot Now Vaporizing Targets of Its Own Free Will (dailymail.co.uk) 73

Slashdot reader Rei writes: NASA -- having already populated the Red Planet with robots and armed a car-sized nuclear juggernaut with a laser -- have now decided to grant fire control of that laser over to a new AI system operating on the rover itself. Intended to increase the scientific data-gathering throughput on the sometimes glitching rover's journey, the improved AEGIS system eliminates the need for a series of back-and-forth communication sessions to select targets and aim the laser.
Rei's original submission included a longer riff on The War of the Worlds, ending with a reminder to any future AI overlords that "I have a medical condition that renders me unfit to toil in any hypothetical subterranean lithium mines..."
United Kingdom

UK Cybersecurity Executives Plead Guilty To Hacking A Rival Firm (zdnet.com) 14

An anonymous reader writes: "Five employees from cybersecurity firm Quadsys have admitted to hacking into a rival company's servers to allegedly steal customer data and pricing information," ZDNet is reporting. After a series of hearings, five top-ranking employees "admitted to obtaining unauthorised access to computer materials to facilitate the commission of an offence," including the company's owner, managing director, and account manager. Now they're facing 12 months in prison or fines, as well as additional charges, at their sentencing hearing in September. The headline at ZDNet gloats, "Not only did the Quadsys staff reportedly break into servers, they were caught doing it."
Republicans

Avast Suckers GOP Delegates Into Connecting To Insecure Wi-Fi Hotspots (theregister.co.uk) 109

Avast conned more than 1,200 people into connecting to fake wi-fi hotspots set up near the Republican convention and the Cleveland airport, using common network names like "Google Starbucks" and "Xfinitywifi" as well as "I vote Trump! free Internet". An anonymous reader quotes this report from The Register: With mobile devices often set to connect to known SSIDs automatically, users can overlook the networks to which they are connecting... Some 68.3 percent of users' identities were exposed when they connected, and 44.5 per cent of Wi-Fi users checked their emails or chatted via messenger apps... In its day-long experiment Avast saw more than 1.6Gbps transferred from more than 1,200 users.
Avast didn't store the data they collected, but they did report statistics on which sites were accessed most frequently. "5.1 percent played Pokemon Go, while 0.7 percent used dating apps like Tinder, Grindr, OKCupid, Match and Meetup, and 0.24 percent visited pornography sites like Pornhub."
Security

Microsoft Rewrites Wassenaar Arms Control Pact To Protect The Infosec Industry (theregister.co.uk) 20

The Wassenaar Arrangement "is threatening to choke the cyber-security industry, according to a consortium of cyber-security companies...supported by Microsoft among others," reports SC Magazine. "'Because the regulation is so overly broad, it would require cyber responders and security researchers to obtain an export license prior to exchanging essential information to remediate a newly identified network vulnerability, even when that vulnerability is capable of being exploited for purposes of surveillance,' wrote Alan Cohn from the CRC on a Microsoft blog." Reporter Darren Pauli contacted Slashdot with this report: If the Wassenaar Arrangement carries through under its current state, it will force Microsoft to submit some 3800 applications for arms export every year, company assistant general counsel Cristin Goodwin says... The Wassenaar Arrangement caught all corners of the security industry off guard, but its full potentially-devastating effects will only be realised in coming months and years... Goodwin and [Symantec director of government affairs] Fletcher are calling on the industry to lobby their agencies to overhaul the dual-use software definition of the Arrangement ahead of a closed-door meeting in September where changes can be proposed.
Science

Scientists' Biggest Search For Dark Matter To Date Just Turned Up Nothing (sciencealert.com) 158

Peter Dockrill, reporting for ScienceAlert: For something that's hypothesised to make up more than 80 percent of the mass of the entire universe, it's no easy thing to detect the existence of dark matter. That's the conclusion the world is coming to today, after scientists announced that a massive $10 million experiment to find traces of elusive dark matter particles had failed after an exhaustive 20-month search. "We've probed previously unexplored regions of parameter space with the aim of making the first definitive discovery of dark matter," said physicist Cham Ghag from University College London in the UK, one of the scientists who took part in the Large Underground Xenon (LUX) project based in South Dakota. "Though a positive signal would have been welcome, nature was not so kind! Nonetheless, a null result is significant as it changes the landscape of the field by constraining models for what dark matter could be beyond anything that existed previously."Ars Technica has more details.
Businesses

MasterCard Is Buying the Core of the British Payments Infrastructure (fortune.com) 27

Mastercard has agreed to purchase a controlling stake in VocalLink, the payments processor that handles most payroll and household bill processing in the UK. The American payment giant will be paying up to $1.14 billion. Fortune reports: According to MasterCard MA, the deal would create "the first true combination of the traditional person-to-merchant cards business with a clearing business." That is, of course, presuming it clears regulatory scrutiny. VocaLink runs Link, the network that provides interoperability between British ATMs, as well as BACS, the clearing house for payments between bank accounts, and Faster Payments, the inter-bank transfer system for Internet and telephone-based payments.FastCompany explains what this could mean for MasterCard users.
Blackberry

BlackBerry CEO 'Disturbed' By Apple's Hard Line On Encryption (theinquirer.net) 202

An anonymous reader writes: BlackBerry CEO John Chen said he is "disturbed" by Apple's tough approach to encryption and user privacy, warning that the firm's attitude is harmful to society. Earlier this year, Chen said in response to Apple resisting the government's demands to unlock an iPhone belonging to one of the San Bernardino shooters: "We are indeed in a dark place when companies put their reputations above the greater good." During BlackBerry's Security Summit in New York this week, Chen made several more comments about Apple's stance on encryption. "One of our competitors, we call it 'the other fruit company,' has an attitude that it doesn't matter how much it might hurt society, they're not going to help," he said. "I found that disturbing as a citizen. I think BlackBerry, like any company, should have a basic civil responsibility. If the world is in danger, we should be able to help out." He did say there was a lot of "nonsense" being reported about BlackBerry and its approach to how it handles user information. "Of course, there need to be clear guidelines. The guidelines we've adopted require legal assets. A subpoena for certain data. But if you have the data, you should give it to them," he said. "There's some complete nonsense about what we can and can't do. People are mad at us that we let the government have the data. It's absolute garbage. We can't do that." Chen also warned that mandatory back doors aren't a good idea either, hinting at the impending Investigatory Powers Bill. "There's proposed legislation in the U.S., and I'm sure it will come to the EU, that every vendor needs to provide some form of a back door. That is not going to fly at all. It just isn't," he said.
Piracy

US Navy Faces $600M Lawsuit For Allegedly Pirating 3D VR Software (hothardware.com) 115

An anonymous reader quotes a report from HotHardware: The U.S. Navy has been accused of pirating 3D software after first testing a software package offered by Germany company Bitmanagement Software GmbH. The company is suing the United States of America for nearly $600 million. HotHardware reports: "According to the court filing, Bitmanagement licensed its BS Contact Geo software for use on 38 Navy computers from 2011 to 2012. This limited rollout was 'for the purposes of testing, trial runs, and integration into Navy systems.' While this test period was underway, the Navy reportedly began negotiating to license the software for use on thousands of additional computers. However, even as the negotiations were ongoing, the Navy decided to go ahead and initiate its full-scale rollout without actually paying for the software. In total, the initial 38 computers allegedly swelled to 104,922 computers by October 2013. As of today, BS Contact GEO is claimed to be installed on 558,466 Navy computers, although 'likely this unauthorized copying has taken place on an even larger scale' according to the filing. As if the unauthorized installation of software onto hundreds of thousands of computers wasn't enough, Bitmanagement is alleging that the Navy during 2014 began disabling the Flexwrap software that is tasked with tracking the use of BS Contact Geo and helping to prevent it from being duplicated. When this software piracy was taking place, the retail price of a single BS Contact Geo license was $1067.76. With nearly 600,000 computers now in play, Bitmanagement is seeking a whopping $596,308,103 in damages. The lawsuit, which alleges willful copyright infringement was filed on July 15th."
The Internet

BT Internet Outage Was Our Fault, Says Equinix (theregister.co.uk) 61

Kat Hall, reporting for The Register: Telecity's owner, Equinix, has 'fessed up to a "brief outage" which subsequently knocked 10 per cent of BT internet users offline this morning as well as a number of other providers. A spokesman from the group, which slurped up Telecity for 2.3bn euro last year, confirmed that the outage occurred at its LD8 site in the Docklands. The company has nine London sites which service more than 600 businesses.The outage occurred due to power failure, which lasted for around 75 minutes. ( Update: Some readers note that the outage lasted for as long as three hours. ) BT wasn't the only ISP that suffered an outage earlier this morning. All services have been restored, according to Ars Technica. Update: 07/20 14:57 GMT: It was apparently a faulty UPS that caused the outage.
EU

UK 'Emergency' Bulk Data Slurp Permissible In Pursuit Of 'Serious Crime' (theregister.co.uk) 48

An anonymous reader writes: Bulk collection of data from phone calls and emails by carriers acting under government orders could be permissible in the pursuit of 'serious crime'. That's the preliminary ruling in a case brought by Brexit chief minister David Davis against PM Theresa May before the European Union's highest court. The ruling suggests bulk collection and retention of customer data might not be in breach of the EU Charter of Fundamental Rights -- if it's done legally and with safeguards. Davis with Labour Party deputy leader Tom Watson and others brought their case to the European Court of Justice in February.
Security

Hacking Group 'OurMine' Claims Credit For Attack On Pokemon Go Servers (independent.co.uk) 48

An anonymous reader writes: A group of hackers known as OurMine have attacked Pokemon Go's login servers, making it all but impossible for players to get online. The group says they hacked the game in an effort for the game to be more stable. They want to show the developers behind Pokemon Go that the app can and should be made more secure. Prior to the hack, the servers have been shaky as interest in the game has spiked. But over the weekend, users faced the most extreme connectivity issues yet. "No one will be able to play this game till Pokemon Go contact us on our website to teach them how to protect it!" the group wrote on its website. A different hacking group, which claimed to be part of OurMine, said that the latest attack had been launched after the huge outage caused by a group called Poodlecorp, on Saturday. "The group makes money from charging for vulnerability assessment, where hackers attempt to break into corporate networks to check how safe they are," reports The Independent. A representative said via Twitter that the group wasn't requesting money from those behind Pokemon Go, and that OurMine "just don't want other hackers [to] attack their servers." It should come as no surprise to see that the servers have been having trouble keeping up with demand as Pokemon Go has become the biggest mobile game in U.S. history after launching just about two weeks ago.

Slashdot Top Deals