Crime

Feds Crack Trump Protesters' Phones To Charge Them With Felony Rioting (thedailybeast.com) 197

An anonymous reader quotes a report from The Daily Beast: Officials seized Trump protesters' cell phones, cracked their passwords, and are now attempting to use the contents to convict them of conspiracy to riot at the presidential inauguration. Prosecutors have indicted over 200 people on felony riot charges for protests in Washington, D.C. on January 20 that broke windows and damaged vehicles. Some defendants face up to 75 years in prison, despite little evidence against them. But a new court filing reveals that investigators have been able to crack into at least eight defendants' locked cell phones. Now prosecutors want to use the internet history, communications, and pictures they extracted from the phones as evidence against the defendants in court. [A] July 21 court document shows that investigators were successful in opening the locked phones. The July 21 filing moved to enter evidence from eight seized phones, six of which were "encrypted" and two of which were not encrypted. A Department of Justice representative confirmed that "encrypted" meant additional privacy settings beyond a lock screen. For the six encrypted phones, investigators were able to compile "a short data report which identifies the phone number associated with the cell phone and limited other information about the phone itself," the filing says. But investigators appear to have bypassed the lock on the two remaining phones to access the entirety of their contents.
Communications

AlphaBay Owner Used Email Address For Both AlphaBay and LinkedIn Profile. 146

BarbaraHudson writes: The Register is reporting that Alexandre Cazes, the 25-year-old Canadian running the dark web site AlphaBay, was using a hotmail address easily connected to him via his Linkdin profile to administer the site. From the report: "[A]ccording to U.S. prosecutors, he used his real email address, albeit a Hotmail address -- Pimp_Alex_91@hotmail.com -- as the administrator password for the marketplace software. As a result, every new user received a welcome email from that address when they signed up to the site, and everyone using its password recovery tool also received an email from that address. However, rather than carefully set up and then abandon that email address, it turns out that Alexandre Cazes -- Pimp Alex -- had been using that address for years. Cazes had also used his Pimp Alex Hotmail address as well as an email address from his own business -- EBX Technologies -- to set up online bank accounts and crypto-currency accounts. How did law enforcement know that Cazes was behind EBX Technologies? It was on his LinkedIn profile."

BarbaraHudson adds: "His laptop wasn't encrypted, so expect more arrests as AlphaBay users are tracked down."
Crime

Authorities Take Down Hansa Dark Web Market, Confirm AlphaBay Takedown (bleepingcomputer.com) 40

An anonymous reader writes via Bleeping Computer: Today, in coordinated press releases, the U.S. Department of Justice (DOJ) and Europol announced the takedown of two Dark Web marketplaces -- AlphaBay and Hansa Market. First to fall was the Hansa Market after Dutch officers seized control over their servers located inside one of the country's hosting providers. Dutch Police seized Hansa servers on June 20, but the site was allowed to operate for one more month as officers gathered more evidence about its clientele. The Hansa honeypot received an influx of new users as the FBI shut down AlphaBay on July 5, a day after it took control over servers on July 4. Europol and the FBI say they collected mountains of evidence such as "usernames and passwords of thousands of buyers and sellers of illicit commodities" and "delivery addresses for a large number of orders." FBI Active Director McCabe said AlphaBay was ten times larger than Silk Road, with over 350,000 listings. In opposition, Silk Road, which authorities seized in November 2013, listed a meager 14,000 listings for illicit goods and services at the time authorities took down the service.
Businesses

Insider Trader Arrested After He Googled 'Insider Trading,' Authorities Allege 124

Spy Handler writes: Fei Yan, a research scientist at the Massachusetts Institute of Technology and 31-year-old Chinese citizen, was arrested by federal authorities on Wednesday on insider trading charges. Mr. Yan used Google to search for phrases such as "how sec detect unusual trade" and "insider trading with international account." He also allegedly read an article titled "Want to Commit Insider Trading? Here's How Not to Do It," according to the U.S. attorney prosecuting the case. Further reading: Associated Press, CNBC, USA Today
The Almighty Buck

Ask Slashdot: Why Do So Many of You Think Carrying Cash Is 'Dangerous'? 660

An anonymous reader writes: Recently, I asked Slashdot what you thought about paying for things online using plastic, and the security of using plastic in general; thank you all for your many and varied responses, they're all much appreciated and gave me things to consider.

However, I got quite a few responses that puzzled me: People claiming that paying for things with cash, and carrying any amount of cash around at all, was somehow dangerous, that I'd be "robbed," and that I shouldn't carry cash at all, only plastic. I'm Gen-Y; I've walked around my entire life, in all sorts of places, and have never been approached or robbed by anyone, so I'm more than a little puzzled by that.

So now I ask you, Slashdotters: Why do you think carrying cash is so dangerous? Where do you live/spend your time that you worry so much about being robbed? Have you been robbed before, and that's why you feel this way? I'm not going to stop carrying cash in my wallet but I'd like to understand why it is so many of you feel this way -- so please be thorough in your explanations.
Verizon

Millions of Verizon Customer Records Exposed in Security Lapse (zdnet.com) 44

Zack Whittaker, reporting for ZDNet: An Israeli technology company has exposed millions of Verizon customer records, ZDNet has learned. As many as 14 million records of subscribers who called the phone giant's customer services in the past six months were found on an unprotected Amazon S3 storage server controlled by an employee of Nice Systems, a Ra'anana, Israel-based company. The data was downloadable by anyone with the easy-to-guess web address. Nice, which counts 85 of the Fortune 100 as customers, plays in two main enterprise software markets: customer engagement and financial crime and compliance including tools that prevent fraud and money laundering. Nice's 2016 revenue was $1.01 billion, up from $926.9 million in the previous year. The financial services sector is Nice's biggest industry in terms of customers, with telecom companies such as Verizon a key vertical. The company has more than 25,000 customers in about 150 countries.
Microsoft

Microsoft's Default Font Is at the Center Of a Government Corruption Case (thenextweb.com) 186

Calibri, a font that was created in 2004 and made default option on PowerPoint, Excel, Outlook, and WordPad by Microsoft in 2007, is currently sitting at the center of a corruption investigation involving Pakistan's Prime Minister, Nawaz Sharif. From a report: Accused of illegally profiting from his position since the 1990s, Sharif is now under investigation by the Joint Investigative Team -- a collective of Pakistani police, military, and financial regulators -- after a treasure trove of evidence surfaced with 2016's release of The Panama Papers. In a report obtained by Al Jazeera, investigators recommended a case be filed in the National Accountability Court after concluding there were "significant gap[s]" in Sharif's ability to account for his familial assets. [...] Sharif contends that neither he, nor his family, profited from his position of power, a denial that came under scrutiny today after his daughter and political heir apparent, Maryam Nawaz, produced documents from 2006 that prove her father's innocence. Unfortunately for the Nawaz family, type experts today confirmed the documents were written in Calibri, a font that wasn't available until 2007.
Crime

State Prison Officials Blame An Escape On Drones And Cellphones (usatoday.com) 223

An anonymous reader quotes USA Today: A fugitive South Carolina inmate recaptured in Texas this week had chopped his way through a prison fence using wire cutters apparently dropped by a drone, prison officials said Friday. Jimmy Causey, 46, fled the Lieber Correctional Institution in Ridgeville, S.C., on the evening of July 4th after leaving a paper mache doll in his bed to fool guards into thinking he was asleep. He was not discovered missing until Wednesday afternoon. Causey was captured early Friday 1,200 miles away in a motel in Austin by Texas Rangers acting on a tip, WLTX-TV reported... "We believe a drone was used to fly in the tools that allow(ed) him to escape," South Carolina Corrections Director Bryan Stirling said...

Stirling said prison officials are investigating the performance by prison guards that night but pointed to cellphones and drones as the main problem. The director said he and other officials have sought federal help for years to combat the use of drones to drop contraband into prison. "It's a simple fix," Stirling said. "Allow us to block the signal... They are physically incarcerated, but they are not virtually incarcerated."

It's the second time the same convict escaped from South Carolina's maximum security prison -- albeit the first time he's (allegedly) used a drone. The state's Law Enforcement Division Chief also complains that the federal government still prohibits state corrections officials from blocking cellphones, and "as long as cellphones continue to be utilized by inmates in prisons we're going to have things like this -- we're going to have very well-planned escapes..."
Crime

Google Home Ends A Domestic Dispute By Calling The Police (gizmodo.com) 256

An anonymous reader quotes Gizmodo: According to ABC News, officers were called to a home outside Albuquerque, New Mexico this week when a Google Home called 911 and the operator heard a confrontation in the background. Police say that Eduardo Barros was house-sitting at the residence with his girlfriend and their daughter. Barros allegedly pulled a gun on his girlfriend when they got into an argument and asked her: "Did you call the sheriffs?" Google Home apparently heard "call the sheriffs," and proceeded to call the sheriffs. A SWAT team arrived at the home and after negotiating for hours, they were able to take Barros into custody... "The unexpected use of this new technology to contact emergency services has possibly helped save a life," Bernalillo County Sheriff Manuel Gonzales III said in a statement.
"It's easy to imagine police getting tired of being called to citizen's homes every time they watch the latest episode of Law and Order," quips Gizmodo. But they also call the incident "a clear reminder that smart home devices are always listening."
The Media

Google Funds A Team Of Robot Journalists (theguardian.com) 43

Darren Sharp brings news about the arrival of robot journalists. The Guardian reports: Robots will help a national news agency to create up to 30,000 local news stories a month, with the help of human journalists and funded by a Google grant. The Press Association has won a €706,000 ($800,779 or £621,000) grant to run a news service with computers writing localised news stories. The national news agency, which supplies copy to news outlets in the U.K. and Ireland, has teamed up with data-driven news start-up Urbs Media for the project, which aims to create "a stream of compelling local stories for hundreds of media outlets"... PA's editor-in-chief, Peter Clifton, said journalists will still be involved in spotting and creating stories and will use artificial intelligence to increase the amount of content. He said: "Skilled human journalists will still be vital in the process, but Radar [the Reporters And Data And Robots project] allows us to harness artificial intelligence to scale up to a volume of local stories that would be impossible to provide manually." Journalists will create "detailed story templates" for articles about crime, health, and employment, for example, then use natural language software to create multiple versions to "scale up the mass localization."
Crime

Police Use Lyft As 'Trojan Horse' To Capture Suspect In Murder of Tech CEO (myajc.com) 64

McGruber writes: On Friday, June 23, 2017, three men broke into the home of Albert Eugene DeMagnus, the CEO of Computer Management Services. The men stabbed DeMangus, who was pronounced dead after he had been taken to a hospital. Police officers chased two of the suspects as they fled in DeMangus' gray Lexus. The Lexus crashed and the two men ran away into the woods. Police then set up a perimeter with road checkpoints. Soon, a Lyft driver approached a checkpoint and told police she was picking up a passenger nearby. "This may be one of our suspects trying to leave the scene," Fayette County, Georgia Sheriff Barry Babb thought of the person being picked up. So Babb and three officers got into his car, which happened to be identical to the Lyft driver's. They got the location of the suspect from the Lyft driver and simply drove to the suspect, posing as his ride. "The subject walked all the way up, was about to open the door and get in our vehicle, when we exited and identified ourself," said Sheriff Babb. The suspect fled and got about 100 yards into the woods before being taken into custody. "That was something that was unique for us," Babb said, "a first time for us."
Security

Judge Sentences Man To One Year In Prison For Hacking Smart Water Readers In Five US Cities (bleepingcomputer.com) 60

An anonymous reader writes: A Pennsylvania man was sentenced to one year and one day in prison for hacking and disabling base stations belonging to water utility providers in five cities across the U.S. East Coast. Called TGB, these devices collect data from smart meters installed at people's homes and relay the information to the water provider's main systems, where it is logged, monitored for incidents, and processed for billing. Before he was fired by the unnamed TGB manufacturing company, Flanagan's role was to set up these devices. After he was fired, Flanagan used former root account passwords to log onto the devices and disable their ability to communicate with their respective water utility providers' upstream equipment. He wasn't that careful, as the FBI was able to trace back the attacks to his home. Apparently, the guy wasn't that silent, leaving behind a lot of clues. Flanagan's attacks resulted in water utility providers not being able to collect user equipment readings remotely. This incurred damage to the utility providers, who had to send out employees at customer premises to collect monthly readings. He was arrested in Nov 2014, and later pleaded guilty.
Crime

90 Cities Install A Covert Technology That Listens For Gunshots (businessinsider.com) 292

An anonymous reader quotes Business Insider: In more than 90 cities across the US, including New York, microphones placed strategically around high-crime areas pick up the sounds of gunfire and alert police to the shooting's location via dots on a city map... ShotSpotter also sends alerts to apps on cops' phones. "We've gone to the dot and found the casings 11 feet from where the dot was, according to the GPS coordinates," Capt. David Salazar of the Milwaukee Police Dept. told Business Insider. "So it's incredibly helpful. We've saved a lot of people's lives."

When three microphones pick up a gunshot, ShotSpotter figures out where the sound comes from. Human analysts in the Newark, California, headquarters confirm the noise came from a gun (not a firecracker or some other source). The police can then locate the gunshot on a map and investigate the scene. The whole process happens "much faster" than dialing 911, Salazar said, though he wouldn't disclose the exact time.

The company's CEO argues their technology deters crime by demonstrating to bad neighborhoods that police will respond quickly to gunshots. (Although last year Forbes discovered that in 30% to 70% of cases, "police found no evidence of a gunshot when they arrived.") And in a neighborhood where ShotSpotter is installed, one 60-year-old man is already complaining, "I don't like Big Brother being in all my business."
Government

Victims Aren't Reporting Ransomware Attacks, FBI Report Concludes (bleepingcomputer.com) 87

Catalin Cimpanu, writing for BleepingComputer: Despite being an expanding threat, ransomware infections are rarely reported to law enforcement agencies, according to conclusions from the 2016 Internet Crime Report (PDF), released yesterday by the FBI's Internet Crime Complaint Center (IC3). During 2016, FBI IC3 officials said they received only 2,673 complaints regarding ransomware incidents, which ranked ransomware as the 22nd most reported cyber-crime in the US, having caused just over $2.4 million in damages (ranked 25th). The numbers are ridiculously small compared to what happens in the real world, where ransomware is one of today's most prevalent cyber-threats, according to multiple reports from cyber-security companies.
Social Networks

Supreme Court Rules Sex Offenders Can't Be Barred From Social Media (gizmodo.com) 114

An anonymous reader quotes a report from Gizmodo: In a unanimous decision today, the Supreme Court struck down a North Carolina law that prevents sex offenders from posting on social media where children might be present, saying it "impermissibly restricts lawful speech." In doing so, the Supreme Court asserted what we all know to be true: Posting is essential to the survival of the republic. The court ruled that to "foreclose access to social media altogether is to prevent the user from engaging in the legitimate exercise of First Amendment rights." The court correctly noted that "one of the most important places to exchange views is cyberspace." The North Carolina law was ruled to be overly broad, barring "access to what for many are the principal sources for knowing current events, checking ads for employment, speaking and listening in the modern public square, and otherwise exploring the vast realms of human thought and knowledge."
The Almighty Buck

Is Coinbase Closing Accounts For Paying Ransoms With Bitcoins? (coindesk.com) 202

Even as some comparnies are stockpiling bitcoins so they can quickly pay ransom demands, security firms that try paying those ransoms may face losing their accounts on Coinbase. Slashdot reader Mosquito Bites quotes a report from CoinDesk: Less than a year ago, Vinny Troia, CEO and principal security consultant of Night Lion Security and a certified white hat hacker, was sent a compliance form by US bitcoin exchange Coinbase, where he had an account. Coinbase wanted to know how Troia was using bitcoin and his account. "I told them I run a security firm. I pay for ransoms and buy documents on the dark web when clients request it," Troia told CoinDesk. The ransoms Troia helps his clients pay are those stemming from ransomware attacks, which have surged in number over the past few years. Many, like the well-publicized WannaCry attack, are asking for bitcoin.

And the documents? Troia said, "We do breach investigations a lot of times. If a fraudster is saying they're selling my client's stolen documents, the only way to make sure they have what they say they have is to buy those documents." According to Troia, Coinbase "did not like that at all." Coinbase then asked the IT expert whether he had a letter from the Department of Justice giving him permission to do those things. No, Troia said. Upon further research, Troia has not found that any such permission exists. But, "I have my clients authorizing me to do this," he said. Coinbase sent Troia back an email explaining that those actions were against the exchange's rules and shut down his account... "My entire family is blocked from Coinbase," he said.

United States

Louisville's Fiber Internet Expansion Opposed By Koch Brothers Group (usatoday.com) 230

Slashdot reader simkel shared an article from the Courier-Journal: A group affiliated with the Koch brothers' powerful political network is leading an online campaign against Mayor Greg Fischer's $5.4 million proposal to expand Louisville's ultra-fast internet access... Critics argue that building roughly 96 miles of fiber optic cabling is an unnecessary taxpayer giveaway to internet service providers, such as Google Fiber, which recently announced plans to begin building its high-speed network in the city. "Fundamentally, we don't believe that taxpayers should be funding broadband or internet systems," said David Williams, president of the taxpayers alliance, which is part of industrialists Charles and David Koch's political donor network... The group says $5.4 million is a misuse of taxpayer funds when the city has other needs, such as infrastructure and public safety.
To shore up public support, the mayor has begun arguing that high-speed connectivity would make it cheaper to install crime-monitoring cameras in violent neighborhoods.
Facebook

Facebook Exposes Employee Data To Terrorists (theguardian.com) 50

An anonymous reader writes: The Guardian is reporting that Facebook accidentally exposed the personal information of the moderators that remove terrorist content to the groups that posted that very content. From the article it looks like 6 of them actually had their profiles viewed. From the article, "The security lapse affected more than 1,000 workers across 22 departments at Facebook who used the company's moderation software to review and remove inappropriate content from the platform, including sexual material, hate speech and terrorist propaganda."

What are Facebook's responsibilities here?


Piracy

HBO, Netflix, Other Hollywood Companies Join Forces To Fight Piracy (theverge.com) 195

New submitter stikves writes: It looks like media and technology companies are forming a group to "fight piracy." The Verge reports: "A group of 30 entertainment companies, including power players like Netflix, HBO, and NBCUniversal, have joined forces today in an effort to fight online piracy. The new group is called the Alliance for Creativity and Entertainment (ACE), and the partnership, while somewhat thin on specifics, will allow the content creators involved to pool resources to conduct research and work closely with law enforcement to find and stop pirates from stealing movies and TV shows. The first-of-its-kind alliance is composed of digital media players, networks, and Hollywood outfits, and all recognize how the internet has paved the way to an explosion in quality online content. However, piracy has boomed as a result: ACE says that last year saw 5.4 billion downloads of pirated films and TV shows." I'm not sure how these statistics hold against real revenue loss (or the imaginary one), however this might be a development to watch for.
The Almighty Buck

Kim Dotcom Loses Latest Battle To Recover Seized Assets (cnet.com) 58

The Justice Department wants to keep Kim Dotcom's millions of dollars worth of seized assets, citing the Megaupload founder's fugitive status. The department filed a brief on Friday, which cited his fugitive status as well as a lack of evidence supporting claims that poor health was preventing him from entering the U.S. CNET reports: Dotcom has been in the news since 2012, when the FBI and the US Department of Justice shut down file-sharing site Megaupload and charged the site's operators with the piracy-related offenses. The U.S. government also seized $42 million in assets. Dotcom, alongside Mathias Ortmann, Bram van der Kolk and Finn Batato, are wanted for trial in the U.S. on 13 counts, including copyright infringement, conspiracy to commit racketeering, money laundering and wire fraud. In February, the New Zealand High Court found that Dotcom, a New Zealand resident, and his co-accused were eligible for extradition to the United States.

Slashdot Top Deals