Shared posts

21 May 09:27

NSA Planned to Hijack Google App Store to Hack Smartphones

by Ryan Gallagher

The National Security Agency and its closest allies planned to hijack data links to Google and Samsung app stores to infect smartphones with spyware, a top-secret document reveals.

The surveillance project was launched by a joint electronic eavesdropping unit called the Network Tradecraft Advancement Team, which includes spies from each of the countries in the “Five Eyes” alliance — the United States, Canada, the United Kingdom, New Zealand and Australia.

The top-secret document, obtained from NSA whistleblower Edward Snowden, was published Wednesday by CBC News in collaboration with The Intercept. The document outlines a series of tactics that the NSA and its counterparts in the Five Eyes were working on during workshops held in Australia and Canada between November 2011 and February 2012.

The main purpose of the workshops was to find new ways to exploit smartphone technology for surveillance. The agencies used the Internet spying system XKEYSCORE to identify smartphone traffic flowing across Internet cables and then to track down smartphone connections to app marketplace servers operated by Samsung and Google. (Google declined to comment for this story. Samsung said it would not be commenting “at this time.”)

As part of a pilot project codenamed IRRITANT HORN, the agencies were developing a method to hack and hijack phone users’ connections to app stores so that they would be able to send malicious “implants” to targeted devices. The implants could then be used to collect data from the phones without their users noticing.

Previous disclosures from the Snowden files have shown agencies in the Five Eyes alliance designed spyware for iPhones and Android smartphones, enabling them to infect targeted phones and grab emails, texts, web history, call records, videos, photos and other files stored on them. But methods used by the agencies to get the spyware onto phones in the first place have remained unclear.

The newly published document shows how the agencies wanted to “exploit” app store servers – using them to launch so-called “man-in-the-middle” attacks to infect phones with the implants. A man-in-the-middle attack is a technique in which hackers place themselves between computers as they are communicating with each other; it is a tactic sometimes used by criminal hackers to defraud people. In this instance, the method would have allowed the surveillance agencies to modify the content of data packets passing between targeted smartphones and the app servers while an app was being downloaded or updated, inserting spyware that would be covertly sent to the phones.

But the agencies wanted to do more than just use app stores as a launching pad to infect phones with spyware. They were also keen to find ways to hijack them as a way of sending “selective misinformation to the targets’ handsets” as part of so-called “effects” operations that are used to spread propaganda or confuse adversaries. Moreover, the agencies wanted to gain access to companies’ app store servers so they could secretly use them for “harvesting” information about phone users.

The project was motivated in part by concerns about the possibility of “another Arab Spring,” which was sparked in Tunisia in December 2010 and later spread to countries across the Middle East and North Africa. Western governments and intelligence agencies were largely blindsided by those events, and the document detailing IRRITANT HORN suggests the spies wanted to be prepared to launch surveillance operations in the event of more unrest.

The agencies were particularly interested in the African region, focusing on Senegal, Sudan and the Congo. But the app stores targeted were located in a range of countries, including a Google app store server located in France and other companies’ app download servers in Cuba, Morocco, Switzerland, Bahamas, the Netherlands and Russia. (At the time, the Google app store was called the “Android Market”; it is now named Google Play.)

Another major outcome of the secret workshops was the agencies’ discovery of privacy vulnerabilities in UC Browser, a popular app used to browse the Internet across Asia, particularly in China and India. Though UC Browser is not well-known in Western countries, its massive Asian user base, a reported half billion people, means it is one of the most popular mobile Internet browsers in the world.

According to the top-secret document, the agencies discovered that the UC Browser app was leaking a gold mine of identifying information about its users’ phones. Some of the leaking information apparently helped the agencies uncover a communication channel linked to a foreign military unit believed to be plotting “covert activities” in Western countries. The discovery was celebrated by the spies as an “opportunity where potentially none may have existed before.”

Citizen Lab, a human rights and technology research group based at the University of Toronto, analyzed the Android version of the UC Browser app for CBC News and said it identified “major security and privacy issues” in its English and Chinese editions. The Citizen Lab researchers have authored their own detailed technical report outlining the many ways the app has been leaking data, including some users’ search queries, SIM card numbers and unique device IDs that can be used to track people.

Citizen Lab alerted UC Browser to the security gaps in mid-April; the company says it has now fixed them by rolling out an update for the app. A spokesperson for UC Browser’s parent company, Chinese e-commerce giant the Alibaba Group, told CBC News in a statement that it took security “very seriously and we do everything possible to protect our users.” The spokesperson added that the company had found “no evidence that any user information has been taken” — though it is not likely that surveillance of the leaking data would have been detectable.

The case strikes at the heart of a debate about whether spy agencies are putting ordinary people at risk by secretly exploiting security flaws in popular software instead of reporting them so that they can be fixed.

According to Citizen Lab Director Ron Deibert, the UC Browser vulnerability not only exposed millions of the app’s users to surveillance carried out by any number of governments — but it could also have been exploited by criminal hackers to harvest personal data.

“Of course, the security agencies don’t [disclose the information],” Deibert said. “Instead, they harbor the vulnerability. They essentially weaponize it.” Taking advantage of weaknesses in apps like UC Browser “may make sense from a very narrow national security mindset,” Deibert added, “but it’s at the expense of the privacy and security of hundreds of millions of users worldwide.”

The revelations are the latest to highlight tactics adopted by the Five Eyes agencies in their efforts to hack computers and exploit software vulnerabilities for surveillance. Last year, The Intercept reported that the NSA has worked with its partners to dramatically increase the scope of its hacking attacks and use of “implants” to infect computers. In some cases, the agency was shown to have masqueraded as a Facebook server in order to hack into computers.

The Intercept and CBC News contacted each of the Five Eyes agencies for comment on this story, but none would answer questions on record about any of the specific details.

A spokesperson for Canada’s Communications Security Establishment said that the agency was “mandated to collect foreign signals intelligence to protect Canada and Canadians from a variety of threats to our national security, including terrorism,” adding that it “does not direct its foreign signals intelligence activities at Canadians or anywhere in Canada.”

British agency Government Communications Headquarters said that its work was “carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate.”

Australia’s Signals Directorate said it was “long-standing practice” not to discuss intelligence matters and would not comment further.

New Zealand’s Government Communications Security Bureau said that it has “a foreign intelligence mandate” and that everything it does is “explicitly authorised and subject to independent oversight.”

The NSA had not responded to repeated requests for comment at time of publication.

The post NSA Planned to Hijack Google App Store to Hack Smartphones appeared first on The Intercept.

21 May 13:00

GTA Short Turns Assassination Gone Wrong into Awesome Chase Scene

by Evan Narcisse

GTA Short Turns Assassination Gone Wrong into Awesome Chase Scene

Listen: contract killings can go wrong sometimes, okay? It’s just something that happens. But, in Los Santos, chasing down the guy you’re supposed to kill isn’t always that easy.

Crafted by YouTuber Boris the Blade using the Editor in the PC version of GTA V, The Hit is a stylish action sequence that keeps you guessing just how the two hunters will catch their prey. With a bunch of players performing every action you see, it’s also a great illustration of how games like GTA V can turn their users into virtual stuntmen.

This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at

20 May 12:10

How America became the most powerful country on Earth, in 11 maps

by Max Fisher

Via lbstopher

We take it for granted that the United States is the most powerful country on Earth today, and perhaps in human history. The story of how that came to be is long, fascinating, complex — and often misunderstood. Here, excerpted in part from "70 maps that explain America," are maps that help show some of the key moments and forces that contributed to the US's rise as sole global superpower.


Because of a war that left North America vulnerable to British and America conquest

So much of America's power comes from its size: it is one the largest countries on Earth by population and area, and is rich in natural resources and human capital. It is also in many ways an island nation; because it faces no major threats on its borders, it is freer to project power globally.

There was no reason that North America's borders had to become what they are. A key moment in how that happened came with the French and Indian War, at the time just a sideshow in the larger Seven Years' War in Europe. The war ended with France giving up its vast territory on the continent to Britain and Spain. Napoleon would seize back Louisiana and sell it to the US in 1803, but New France was lost forever. With the Spanish Empire already declining, the continent was left open to conquest from the British Empire and its successor, the United States.

Image credit: University of Maine


By stealing Native Americans' land for an entire century

Of course, North America was not empty when European explorers and settlers arrived — it was filled with diverse, long-established societies. They may well have become sovereign nation-states had the US not sought to purge them from their lands, deny them self-rule, and, once they had been reduced to a tiny minority, forcibly assimilate them and their land. These acts are the foundation upon which American dominance of North America, and thus American global power, was built.

This map begins by showing Native Americans' land in 1794, demarcated by tribe and marked in green. In 1795, the US and Spain signed the Treaty of San Lorenzo, carving up much of the continent between them. What followed was a century of catastrophes for Native Americans as their land was taken piece by piece. By the time the US passed the Dawes Act in 1887, effectively abolishing tribal self-governance and forcing assimilation, there was very little left.

Image credit: Sam B. Hillard/Sunisup


By taking land from Mexico in another war

American expansionism could only go so far. Upon Mexico's independence in 1821, it gained vast but largely unincorporated and uncontrolled Spanish-claimed lands from present-day Texas to Northern California. American settler communities were growing in those areas; by 1829 they outnumbered Spanish speakers in Mexico's Texas territory. A minor uprising by those American settlers in 1835 eventually led to a full-fledged war of independence. The settlers won, establishing the Texas Republic, which they voluntarily merged with the United States in 1845.

But Mexico and the US still disputed the Texas borders, and President James K. Polk wanted even more westward land to expand slavery. He also had designs on Mexico's California territory, already home to a number of American settlers. War began in 1846 over the disputed Texas territory, but quickly expanded to much of Mexico. A hard-line Mexican general took power and fought to the bitter end, culminating in the US invading Mexico City and seizing a third of Mexico's territory, including what is now California, Utah, Nevada, Arizona, New Mexico, and Texas. Had the war gone differently, or had Polk not sought these Mexican lands, the US would today be a much smaller country — and perhaps with no Pacific coast — making it less powerful globally, and particularly in the increasingly important Pacific region.

Image credit: Kaidor/Wikipedia


By choosing to become a European-style imperial power

If there were a single moment when the US became a global power, it was the war with Spain. The Spanish Empire had been crumbling for a century, and there was a ferocious debate within the US over whether America should become an imperial power to replace it. This centered on Cuba: pro-imperialists wanted to purchase or annex it from Spain (pre-1861, the plan was to turn it into a new slave state); anti-imperialists wanted to support Cuban independence.

In 1898, Cuban activists launched a war of independence from Spain, and the US intervened on their side. When the war ended in Spanish defeat, US anti-imperialists blocked the US from annexing Cuba, but pro-imperialists succeeded in placing it under a quasi-imperialist sphere of influence; the US base at Guantanamo Bay is a relic of this arrangement. The war also ended with the US taking three other Spanish possessions: Puerto Rico, Guam, and the Philippines, a massive and populous island nation in the Pacific. The US had become a European-style imperial power. While this experiment in colonialism was short-lived and controversial at home, it began America's role as a major global power.

Image credit: Anand Katakam


Through colonialism in the Pacific — and by stealing Hawaii

America's brief experiment with overt imperialism came late in the game, and mostly focused on one of the last parts of the world carved up by Europe: the Pacific. This began in Hawaii, then an independent nation. American businessmen seized power in an 1893 coup and asked the US to annex it. President Cleveland refused to conquer another nation, but when William McKinley took office he agreed, absorbing Hawaii, the first of several Pacific acquisitions. Japan soon entered the race for the Pacific and seized many European-held islands, culminating in this 1939 map, two years before America joined World War II.

Image credit: Emok


Because World War I devastated Europe — and not the US

For centuries, the world had been divided among several competing global powers. No one country had hope of becoming the sole global superpower in such a system. World War I was the beginning of the end of that era. These six dots represent not just the major participants in the first World War, but the countries that, at the time, were the world's great powers. A seventh great power, the Ottoman Empire, was dismantled outright as a result of the war. (China, perhaps another great power, had been declining for some time.) As you can see, the destruction of the war and the massive war debts absolutely devastated the economies of the great powers — except, that is, for the United States and the still-mighty British Empire.

Image credit: Stephen Broadberry/Mark Harrison


Because World War II devastated Europe and Asia

It is impossible to fully capture the toll of the second world war in any one metric, but this map of military deaths can serve as a telling shorthand. While the war was terribly costly for all involved, the human cost was disproportionately felt by the two primary Axis powers — Germany and Japan — and particularly by the Soviets and Chinese, as well as by other countries in Eastern Europe and East Asia caught in the war machines. These military deaths merely hint at the much larger death toll in both continents from war, famine, and genocide, as well as economic and ecological devastation. While Americans paid dearly, as well — enduring the deaths of 400,000 military personnel — the US came out of the war far more powerful by virtue of everyone else's decline.

Image credit: Tyson Whiting


Because European colonialism collapsed — but not the American or Russian empires

This animated map showing the rise and fall of European (as well as Japanese and Ottoman) imperialism is fascinating all the way through, but things get really interesting from 1914 through the end. In just a few years after World War II, the centuries-long project of European colonialism collapses almost entirely. The reasons for this were many: the rise of independence movements in Latin America, then in Africa and Asia; the collapse of European economies that drew them back home; and, with postwar colonial misadventures like the 1956 Suez Crisis, a sense that the new world order was not going to tolerate colonialism anymore. In any case, the world was left with two enormous land empires that happened to have European roots: the United States and the Soviet Union.

Image credit: Asuros


By dividing up the world in the Cold War

After the world wars and the end of colonialism, the global system went from many competing powers to exactly two: the US and the Soviet Union. Both had competing ideologies, competing interests in Europe and Asia, and deep mutual distrust. While that might have normally led to war, the horrifying power of nuclear weapons kept them from fighting outright. Instead, the US and Soviet Union competed for global influence.

American and Soviet fears of a global struggle became a self-fulfilling prophecy: both launched coups, supported rebellions, backed dictators, and participated in proxy wars in nearly every corner of the world. Both built up systems of alliances, offshore bases, and powerful militaries that allowed each to project power across the globe.

By 1971, the US and the Soviet Union had settled into a stalemate; this map shows the world as it had been utterly divided. In 1979, the Soviets invaded Afghanistan; a year later, Ronald Reagan ran for president, promising to end the détente and defeat the Soviet Union. The Soviet Union, along with many of its trappings of global power, disintegrated — leaving the United States with a vast global architecture of military and diplomatic power that was suddenly unchallenged.

Image credit: Minnesotan Confederacy


Because Europe unified under American-dominated NATO

In 1948, the Soviet Union blockaded Berlin from Western Germany. The next year, the powers of Western Europe joined with the US and Canada in signing a collective defense — the North Atlantic Treaty Organization — meant to deter Soviet aggression and counterbalance the Soviet Union in Europe. It expanded during the Cold War to include virtually every European country west of the Soviet bloc. This may have staved off another war in Europe by pledging that the US would defend any member as it would its own soil. It also left Western Europe, once full of independent powers that jostled against one another and against the United States, unified against a common threat — and led by its most powerful member, the United States.

That dynamic did not really change after the Cold War ended. NATO expanded, acquiring new members in Central and Eastern Europe that still feared Russia. NATO ensures the stability of Europe and the security of its members, but at a cost: Europe's nations are now reliant upon, and thus yoked to, American power. This dynamic has played out in several places across the globe — South Korea and Japan are similarly tied to the US through security agreements and American military bases, for example — but it is most clearly pronounced in Europe.

Image credit: Arz


By outspending the next dozen countries combined on defense

Another way to show America's status as the sole global superpower is its military budget: larger than the next 12 largest military budgets on Earth, combined. That's partly a legacy of the Cold War, but it's also a reflection of the role the US has taken on as the guarantor of global security and the international order. For example, since 1979, the US has made it official military policy to protect oil shipments out of the Persian Gulf — something from which the whole world benefits. At the same time, other powers are rapidly growing their militaries. China and Russia in particular are rapidly modernizing and expanding their armed forces, implicitly challenging global American dominance and the US-led order.

Image credit: International Institute for Strategic Studies/Agence France-Presse


By virtue of America's scientific edge — and its democracy, creativity, and draw for immigrants

The US is so powerful for reasons other than its size, its military might, and its global system of alliances and bases — although those are certainly important. There is also America's tremendous advantage in scientific research, which both furthers and is an expression of its technological and economic lead on much of the rest of the world; it's also an indicator of innovation more broadly. An imperfect but revealing shorthand for that is the US's tremendous lead in Nobel prizes from its 1901 inception through 2013, when I made this map (the US has not lost its Nobel lead since then). The US has won 371 Nobels, mostly in the sciences; the US thus accounts for 4 percent of the world population but 34 percent of its Nobel laureates. This is the result of many factors: wealth, a culture and economy that encourage innovation, education, vast state- and private-funded research programs, and a political culture that has long attracted highly educated migrants. All of those factors contribute to American wealth and thus power in more ways than just Nobel prizes, but the sheer number of US laureates is a sign of the American advantage there.

Image credit: Max Fisher

20 May 21:56

Spaceship launch today: reusable, built by Boeing for NASA, now...

Spaceship launch today: reusable, built by Boeing for NASA, now long operated by the United States Air Force​.

20 May 15:10

TrackingPoint in trouble—smart gun company stops orders, lays off staff [Updated]

by Lee Hutchinson

Just a few months after announcing a 107 percent year-over-year increase in sales and $20 million in revenue for 2014, Pflugerville, Texas-based TrackingPoint appears to be on the verge of shutting down. "Due to financial difficulty TrackingPoint will no longer be accepting orders," reads the banner atop the company’s homepage. "Thank you to our customers and loyal followers for sharing in our vision."

TrackingPoint makes "precision guided firearms"—rifles and carbines fitted with complex computerized scopes that can hit targets at more than a thousand yards out, even when fired by inexperienced shooters. Ars has covered the company’s technology several times since 2013, most recently looking at its "Mile Maker" 1,800-yard prototype weapon at the 2015 Consumer Electronics Show. The company has gone through a number of personnel changes since our coverage began, including a major reshuffling of employees last year.

Sources familiar with the matter tell Ars that TrackingPoint has laid off more than 60 employees in 2015. says its own sources claim the company laid off "more than 20 people" just this week, which when coupled with other cuts, would reduce the company’s headcount to about a dozen people (down from a bit under 100 at the beginning of the year). The Truth About Guns reports via an anonymous tipster claiming to be a former employee that as of Monday morning, CEO Frank Bruno was allegedly fired by owner John McHale (Bruno was brought on as CEO after the February layoffs and restructuring). The expectation from a number of different sites is that TrackingPoint will soon be filing for bankruptcy.

Read 2 remaining paragraphs | Comments

20 May 17:17

GM: That Car You Bought? We’re Really The Ones Who Own It.

by Kate Cox

Congratulations! You just bought a new Chevy, GMC, or Cadillac. You really like driving it. And it’s purchased, not leased, and all paid off with no liens, so it’s all yours… isn’t it? Well, no, actually: according to GM, it’s still theirs. You just have a license to use it.

At least, that’s what an attorney for GM said at a hearing this week, Autoblog reports. Specifically, attorney Harry Lightsey said, “It is [GM’s] position the software in the vehicle is licensed by the owner of the vehicle.”

GM’s claim is all about copyright and software code, and it’s the same claim John Deere is making about their tractors. The TL;DR version of the argument goes something like this:

  • Cars work because software tells all the parts how to operate
  • The software that tells all the parts to operate is customized code
  • That code is subject to copyright
  • GM owns the copyright on that code and that software
  • A modern car cannot run without that software; it is integral to all systems
  • Therefore, the purchase or use of that car is a licensing agreement
  • And since it is subject to a licensing agreement, GM is the owner and can allow/disallow certain uses or access.

The U.S. Copyright Office is currently holding a series of hearings on whether or not anyone other than the manufacturer of a car has a right to tinker with that car’s copyrighted software. And with the way modern design goes, that basically means with the car, at all.

Folks who like to tinker with their cars, as well as independent (non-dealer) mechanics say they need the copyright exemption in order to be allowed to continue repairing their own cars, or keeping their businesses open. Manufacturers, like GM, say that it’s a safety issue: if people who aren’t authorized mess with any one piece of software, they could make the entire ecosystem of connected code unsafe.

An attorney from the Electrnnic Frontier Foundation also testified at the hearing, telling the Copyright OFfice that restricting access to onboard computers in vehicles drives up costs, hurts competition, and stifles innovation. It also prevents third party researchers from conducting independent safety and security research without becoming lawbreakers.

The first of the two sessions of hearings started yesterday in Los Angeles. The other will take place next week, in Washington, DC. The Copyright Office is expected to issue a ruling in July determining just what you can and can’t do with the things you thought you bought.

General Motors says it owns your car’s software [AutoBlog]

19 May 13:00

The Journey to Becoming a Nintendo World Champion Starts Here (or There)

by Evan Narcisse

I like how the "World" Championships is taking place entirely within the lower 48 United States.

The Journey to Becoming a Nintendo World Champion Starts Here (or There)

You know how Nintendo’s bringing back their old-school World Championship competition? Well, they’ve just announced the eight U.S. locations where players can go to qualify and earn a chance to go to the big showdown at this year’s E3. Get pumped.

Folks who want to try and grab at Nintendo glory will be playing the Championship mode in Ultimate NES Remix and trying to notch high scores in Super Mario Bros., Super Mario Bros. 3 and Dr. Mario. Hopefuls will be able to do so at eight Best Buy locations throughout the country on May 30th:

1717 Harrison St.
San Francisco, CA

3675 Pacific Coast Highway
Torrance, CA

10760 NW 17th St.
Miami, FL

900 E. Golf Road
Schaumburg, IL

12905 Elm Creek Blvd. N
Maple Grove, MN

5001 Northern Blvd.
Long Island City, NY

9378 N. Central Expressway
Dallas, TX

2214 S. 48th St.
Tacoma, WA

The high score winners from each location will get flown out to E3 to play a bunch of other games against eight other mystery opponents. Let’s put money down that at least one of them will be Fred Savage.

Contact the author at

This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at

20 May 00:55

TOM THE DANCING BUG: On Iraq - W.W.J.H.D.? (What Would Jeb Have Done?)

by Ruben Bolling

[unable to retrieve full-text content]

FOLLOW @RubenBolling on Twitter and Facebook.

And, for sure, JOIN the fun to be had in Tom the Dancing Bug's subscription club, the INNER HIVE.

More Tom the Dancing Bug comics on Boing Boing! (more…)

20 May 01:41


20 May 14:05

Doc Brown Comes Back To The Future To Hype LEGO Dimensions

by Mike Fahey

Doc Brown Comes Back To The Future To Hype LEGO Dimensions

Christopher Lloyd is a man who’ll jump at any chance to don a Hawaiian shirt, stand in front of a wind machine and shout “Great Scott!” A new LEGO Dimensions trailer is as good a reason as any.

Good old Doc Brown is getting his own Fun Pack when LEGO Dimensions launches this September, adding $9.99 or so to the large amount of cash LEGO fans need to stockpile for the September release. He’ll join Back to the Future’s Marty McFly as well as characters from Scooby Doo, DC Comics, Portal, Doctor Who, Jurassic World, The Simpsons, The LEGO Movie, Ninjago, Chima, Lord of the Rings and whatever other properties WB and LEGO can scrounge up for their toys-meets-games jam.

Where we’re going we’ll just need our wallets.

This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at

20 May 00:30

Retro Console Promises To Play ALL The Games

by Luke Plunkett

Retro Console Promises To Play ALL The Games

This is the Retro Freak. It’s promising to play games from the Famicom. SNES. Genesis. PC Engine. TurboGrafx-16. Game Boy. Game Boy Advance. Game Boy Color. And even the Supergrafx. Holy shit.

Retro Console Promises To Play ALL The Games

It comes in two parts; there’s the actual console, which is a small box that takes care of all the actual work, then there’s a giant “adapter” which is where you plug all the cartridges in (the console slides in under the adapter). The console has various settings that let you change video (and conversion/upscale) options, as well as built-in cheat support. It also supports USB controllers, so you can plug just about anything in there.

Most interesting, though, is the fact it’ll let you install games from a cartridge onto the console (which looks like it’ll let you use a microSD card).

Retro Console Promises To Play ALL The Games

Retro Console Promises To Play ALL The Games

Currently announced only for Japan, if there is a Video Game God, it is time to pray to him/her/it, and ask for a Western release (or at least a semi-affordable import and some language FAQs).

(via Tiny Cartridge)

This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at

20 May 01:00

Kid Arrested For DDOSing Entire School District

by Luke Plunkett

They should hire this kid (or the person he hired) to secure the school's system. There is nothing in the article that assures me that someone launching the same type of attack won't do the same or more damage.

Kid Arrested For DDOSing Entire School District

An unnamed 17 year-old kid has been arrested, and may face felony charges, after being caught organising a DDOS attack against the West Ada School District in Idaho, which has 52 schools and 32,000 students.

The attacks took place earlier this month, reports KTVB (via Daily Dot), and resulted in the schools being unable to reliably access the internet for over a week. The attacks took place while students were taking their Idaho Standard Achievement tests; a District spokesperson says kids “lost all their work, and some had to take the tests multiple times this week.”

Multiple times? Sheesh.

The absurd thing is he didn’t even do the job himself; the accused paid someone else to do it, which didn’t stop police from being able to track him down regardless.

If the boy is charged with a felony (for computer crime), he’s looking at up to 180 days in juvenile detention. And his parents will be handed the bill “for any financial restitution suffered by the school district.”

This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at

19 May 16:41

Raiders of the Lost Ark's Hovitos fertility idol

by Jason Weisberger

Wow, the Hovitos Fertility Idol + Staff of Ra headpiece, AND the Holy Grail, can all be had for $199. What a bargain!

Replica Hovitos fertility idol

This Hovitos fertility idol is a replica, it does not belong in a museum.

I will be keeping it next to my replica headpiece to the replica staff of Ra... and I don't even need to speak Hovitos!

This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at

19 May 20:12

Watch: Excellent animation about Net Neutrality

by David Pescovitz

[unable to retrieve full-text content]

From the team behind Kurz Gesagt (In a Nutshell), this terrific animation about Net Neutrality that premiered at last night's Webby Awards in New York City.

17 May 23:00

Hot lava flows in a parking lot—in upstate NY

by Scott K. Johnson

Banana for scale.

Scott K. Johnson

The steel pipe is a stand-in for a lava tube— the conduits that form within large lava flows as the outer skin solidifies. The banana is a stand-in for a banana.

47 more images in gallery

Back in 2012, we pointed you to an awesome project at Syracuse University that creates artificial lava flows for science, art, and outreach. They don’t use some mild, room-temperature stand-in for lava, they do it the artisanal way:  melting small batches of basalt in a serious furnace and pouring out the incandescent results. I’ve been hoping to see it for myself ever since, and recently I got the chance to tag along with a group of volcanology students from Colgate University, who were designing and running their own lava experiments for class.

The furnace is surprisingly well-insulated, disguising the fact that it holds molten rock heated to over 1,200 degrees Celsius. It does emit a low, ominous roar, however, as it consumes natural gas to feed its fire. Once poured out, the lava quickly loses heat—it solidifies in just a minute or so, though it still remains incredibly hot long after. Because it solidifies so quickly, it forms amber-black volcanic glass riddled with bubbles of gas that were unable to escape.

The lava pours are as mesmerizing and beautiful as they are geologically exciting. And they’ve probably shocked many a bus rider staring dully out the window while passing the art building.

Read 1 remaining paragraphs | Comments

15 May 19:38


05 May 17:23

Texas trooper’s viral photo with Snoop Dogg draws reprimand, lawsuit

by David Kravets

A Texas state trooper on the job for nearly 20 years is being reprimanded for posing in a photo with Snoop Dogg that went viral on the rapper's Instagram account in March.

Billy Spears, the trooper, is suing (PDF) the Texas Department of Public Safety (DPS) who dinged him for being in "a photo with a public figure who has a well-known criminal background including numerous drug charges. The public figure posted the photo on social media and it reflects poorly on the Agency," according to the reprimand.

"They kinda made this up on the fly," the trooper's attorney, Ty Clevenger, told Ars in a Tuesday telephone interview. "They could not point to any policy, rule, order, or law."

Read 10 remaining paragraphs | Comments

18 May 18:36

Supreme Court Says Convicted Felons Have A Right To Sell Their Guns

by Chris Morran

Plenty of Americans legally own firearms. If any of them are later convicted of a felony (that isn’t related to the weapons) and can no longer own a gun, should they have the right to have some input on where their former firearms go? According to the U.S. Supreme Court, yes.

The matter before the court in Henderson v U.S. involved a U.S. Border Patrol agent who was arrested on marijuana distribution charges. As a condition of his bail, the FBI took possession of his firearms. He later entered a guilty plea to a felony charge.

Under 18 U.S.C. §922(g), convicted felons are prohibited from possessing a firearm. So the man requested that the FBI transfer ownership of his guns to a friend. However, the FBI refused.

A federal court denied his request saying that the transfer of the weapons to a friend could effectively allow him to retain possession of the guns through the friend. An appeals court affirmed this decision.

In arguing before the Supreme Court, the government had maintained that the law prevents all transfer of convicted felons’ weapons to third parties, even in cases where a court approves the recipient, except to licensed firearms dealers who will sell them on the open market.

But in today’s SCOTUS ruling [PDF], Justice Elena Kagan explains that this is too oversimplified a view of the law.

She writes that the government is conflating the right to possess an item with the right to “sell or otherwise dispose of that item.”

Taking away a felon’s right to own a gun does not necessarily mean the felon gives up all his rights to decide where that gun ends up. Likewise, giving the felon the ability to determine the disposition of his guns doesn’t put him in possession of the weapons.

Kagan notes that in the Henderson example, where the felon turned over his guns to the FBI before he was even convicted, “The felon has nothing to do with his guns before, during, or after the transaction in question, except to nominate their recipient.”

So if the felon nominates a recipient, a judge approves that recipient, and law enforcement handles the transfer, Kagan writes that this is just doing exactly what the law is supposed to — getting the weapons out of the hands of a convicted felon.

“Such a felon exercises not a possessory interest (whether directly or through another), but instead a naked right of alienation—the capacity to sell or transfer his guns, unaccompanied by any control over them,” she explains.

The appeals court had held that Henderson had no standing on which to request equitable relief for his weapons being held by the FBI because of “unclean hands.” But in a footnote to the SCOTUS ruling, Kagan dismisses this line of thought, pointing out that the while the “unclean hands doctrine proscribes equitable relief,” that is only in instances where the felon’s misconduct has “immediate and necessary relation to the equity that he seeks.”

Because Henderson’s conviction had nothing to do with firearms, this doctrine doesn’t apply, explains Kagan.

SCOTUS believes that courts have the authority to review firearm transfer requests from felons. The trial court “may properly seek certain assurances: for example, it may ask the proposed transferee to promise to keep the guns away from the felon.” If the court doesn’t believe that this transfer or sale will prevent the felon from exercising possession, it can deny the request.

Today’s ruling could have farther reaching implications for convicted felons who have been denied requests to transfer or sell property that was seized but unrelated to the crime for which they were committed.


17 May 18:52

WATCH: The Louis C.K. SNL monologue that has everyone asking, “too far?”

by Xeni Jardin

I'm not a fan to begin with, his humor just tends to grate on me.

Last night’s Saturday Night Live season finale featured comedian Louis C.K., who joked that this could be his last time hosting the show. His opening stand-up set showed why.


He opened with a bit about how growing up in the 1970s means he suffers from “mild racism,” then joked about how his two daughters fight like Israel and Palestine, then examined how child molesters must love raping children as much as he enjoys eating Mounds bars, because why else would they take the risk.

Too far? Or just right?

[via Mediaite]

This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at

13 May 23:36

Conservative GOP Congressman Credits Snowden For Changing His Position on Patriot Act

by Lee Fang

(This post is from our new blog: Unofficial Sources.)

Rep. Michael Burgess, R-Tex., campaigned on a pledge to support the War on Terror and voted to reauthorize the Patriot Act in 2011.

But the conservative lawmaker changed his opinion due to Edward Snowden’s leak of government documents on surveillance. Explaining his about-face Tuesday evening during the House Rules Committee hearing on the USA Freedom Act, Burgess said that he remembered being told by intelligence officials that Section 215 of the Patriot Act would only be used to collect data on terrorists calling other terrorists in a foreign country.

“With the Snowden revelations,” Burgess said, he found out that Section 215 had been expanded by the NSA to include “every call everyone makes in this country,” a change that was only shared with congressional leadership, not rank-and-file members like himself.

Watch a clip of the congressman’s remarks below:

As The Intercept has reported, lawmakers have had extreme difficulty in receiving answers to simple questions about intelligence programs they have been asked to vote to approve.

Burgess noted that the Snowden documents caused a “visceral reaction” in his district. Today he voted against approval of the USA Freedom Act, a law that reauthorizes and modifies the Patriot Act. Critics say the bill does not go far enough in reining in NSA surveillance powers.

Photo: Oliver Douliery/Getty 

The post Conservative GOP Congressman Credits Snowden For Changing His Position on Patriot Act appeared first on The Intercept.

17 May 14:20

UK government quietly rewrites hacking laws to give GCHQ immunity

by Sebastian Anthony

The UK government has quietly passed new legislation that exempts GCHQ, police, and other intelligence officers from prosecution for hacking into computers and mobile phones.

While major or controversial legislative changes usually go through normal parliamentary process (i.e. democratic debate) before being passed into law, in this case an amendment to the Computer Misuse Act was snuck in under the radar as secondary legislation. According to Privacy International, "It appears no regulators, commissioners responsible for overseeing the intelligence agencies, the Information Commissioner's Office, industry, NGOs or the public were notified or consulted about the proposed legislative changes... There was no public debate."

Privacy International also suggests that the change to the law was in direct response to a complaint that it filed last year. In May 2014, Privacy International and seven communications providers filed a complaint with the UK Investigatory Powers Tribunal (IPT), asserting that GCHQ's hacking activities were unlawful under the Computer Misuse Act.

Read 3 remaining paragraphs | Comments

15 May 16:45

This is the PC hardware you’ll need to run the Oculus Rift

by Kyle Orland

Thanks, Occulus, for making me feel bad about getting a GTX 960 in my new gaming rig.

Through years of dev kits, prototypes, and trade show demos of the Oculus Rift, we've been stuck guessing at just how much hardware power the eventual consumer version of the device would require. Now, with that consumer launch officially slated for early 2016, Oculus has announced what PC hardware it recommends for a quality VR experience.

According to Oculus, those recommended hardware specs are:

  • NVIDIA GTX 970 / AMD 290 equivalent or greater
  • Intel i5-4590 equivalent or greater
  • 8GB+ RAM
  • Compatible HDMI 1.3 video output
  • 2x USB 3.0 ports
  • Windows 7 SP1 or newer

That's a relatively beefy system, all things considered. A quick price check on Newegg suggests that the listed CPU, RAM, and video card would add up to just over $600. Add in a barebones tower, motherboard, and 250GB solid state hard drive, and you're looking at a nearly $900 system to run the Rift, all told. That's before you account for the (still unannounced) price of the headset itself. Upgrading from an existing gaming rig will obviously be cheaper, and component costs will come down by the Rift's early 2016 launch, but a lot of potential VR users are still going to be staring down some significant upgrade costs.

Read 4 remaining paragraphs | Comments

15 May 17:03

Researcher turns tables, discloses unpatched bugs in Google cloud platform

by Dan Goodin

Vulnerabilities in the Google App Engine cloud platform make it possible for attackers to break out of a first-level security sandbox and execute malicious code in restricted areas of Google servers, a security researcher said Friday.

Adam Gowdiak, CEO of Poland-based Security Explorations, said there are seven separate vulnerabilities in the Google service, most of which he privately reported to Google three weeks ago. So far, he said, the flaws have gone unfixed, and he has yet to receive confirmation from Google officials. To exploit the flaws, attackers could use the freely available cloud platform to run a malicious Java application. That malicious Java app would then break out of the first sandboxing layer and execute code in the highly restricted native environment.

Malicious hackers could use the restricted environment as a beachhead to attack lower-level assets and to retrieve sensitive information from Google servers and from the Java runtime environment. Technical details about the bugs, noted as issues 35 through 41, are available here, here, here, and here. In an e-mail to Ars, Gowdiak wrote:

Read 4 remaining paragraphs | Comments

16 May 03:45

FBI: Security researcher claimed to hack, control plane in flight

by Richard Lawler

Via Cooper Griggs

United Airlines Boeing 737-824 takes off from Los Angeles Airport on January 28, 2013

Remember the security researcher who was pulled from a United flight and had his equipment taken (before its frequent flier miles-paying bug hunt) for tweeting about hacking into the plane via its entertainment system? In an application for a search warrant, FBI agents said he previously told them he's gone further than that. APTN National News obtained the document, which contains claims that Chris Roberts told them he connected his laptop to a plane via an Ethernet cable, hacked into a thrust management computer and briefly controlled one of the engines, causing the plane to change course. As reported previously by Wired, he has warned of vulnerabilities in planes for years -- manufacturers deny they exist -- and the conversations were apparently intended to get these problems fixed.

Find myself on a 737/800, lets see Box-IFE-ICE-SATCOM, ? Shall we start playing with EICAS messages? "PASS OXYGEN ON" Anyone ? :)

- Chris Roberts (@Sidragon1) April 15, 2015

Irony: for FBI to make its case against Chris Roberts, they're going to have to seriously harm confidence in the aviation industry.

- Matthew Green (@matthew_d_green) May 16, 2015

If you tell FBI agents you can control an airplane's engines with your laptop, you're gonna have a bad time.

- Christopher Soghoian (@csoghoian) May 16, 2015

According to the application, Roberts traveled from Denver to Chicago via United flight 1474 on April 15th, and when agents checked it, they found damage and evidence of tampering to the electronic system under his seat. On Twitter, Roberts has since claimed that no systems were harmed during the trip, and more recently, that discussion is "out of context." He told Wired in an interview that he had only ever tapped in to watch data traffic on airplanes, and while he believed such hacks were possible, he has only done them in a simulated environment.

Last month's arrest spurred warnings from the TSA and FBI to watch out for passengers trying to access internal networks. Now, while law enforcement sorts out the difference between theoretical and actual hacking, it may be a good idea to tuck in any loose network cables while going through security.

[Image credit: Nicholas Burningham / Alamy]

Filed under: Transportation


Source: APTN

10 Mar 19:25

Sponsor The Old Reader!


So, I'm posting this here, since the blog post is tangentially related.

This morning I found that my list of feeds was missing it's bottom 1/4, due to a new, unexplained white box. I immediately turned to NoScript, being the most likely culprit to break a website.

The only thing I found different was that there was a new site trying to run a script:

So, I gave temporary permissions to it, just to see if it would fix the problem, or maybe give me a button to minimize this unwelcome intrusion. No such luck. Instead, it allowed another website to be seen by NoScript, apparently trying to run it's advertising script through Forgive me for assuming these were ads, it's just that is a bit of a givaway.

One would think that allowing their sketchy ads would allow me to at least see what they are peddling, and maybe close or minimize, if I'm very lucky.

GAH! FOILED AGAIN! This time, it's fusion ads. At this point, I'm feeling grateful that I'm not seeing more than one, and decide to roll the dice again. After all, ToR isn't a malicious website is it? So, let's allow *shudder*

and I'm met with "App Marketing for Web Marketers."Are they offering counseling? Isn't the job of a web marketer to market stuff on the web? Why would such a person need help marketing apps? Refresh? "From the unusual to the extraordinary, your website stands out with Squarespace."

Oh, God.

This isn't why I use my RSS Reader.

Please, someone tell me I can make this go away.

We’re going to be rolling out an exciting new program in The Old Reader over the next few weeks.  As you know, The Old Reader has been entirely Ad free since it’s inception and we’ve been vocal about doing our best to protect our users from excessive online advertising.  Our Premium accounts have been very successful, but we’re frankly still not where we need to be in terms of revenues in order to fund planned development and continue innovating this service.  We have a small, dedicated, and talented team but our vision for The Old Reader is ambitious.

So we’re taking a cue from some publishers that we really admire (such as Daring Fireball) and introducing Sponsored Content.  Premium users will never see sponsored content, but all other users will see up to 1 sponsored post per week in their RSS feeds.  That’s it.  It’s an exclusive program and we believe we’ll be able to make the program beneficial to both users and sponsors.

We’re also adding weekly site sponsors that would get a banner placement on the web interface.  It’ll be an exclusive program and we’ll only accept sponsors that we believe are relevant and inoffensive.  We will under no circumstances use any techniques such as tracking cookies or harvesting user data to advertise to our users.  And again, premium users will never see any sponsored content.

We know some of you might have concerns and we’re happy to field any questions that you might have.  If you are interested in signing up for the sponsor program, please visit out sponsorship page.

15 May 15:01

This Toddler Doesn't Like Monkeys

by Don

A 2-year-old boy really doesn’t like seeing monkeys on top of his parent’s car.

15 May 04:10

URGENT: Senate backtracks on TPP fasttrack -- call Congress to oppose the Trans Pacific Partnership

by Cory Doctorow

Just days after the Senate rejected the Obama administration's bid to fast-track the secretive Trans-Pacific Partnership, they've backtracked, and now they're getting ready to rush fast-track through.

TPP is a treaty negotiated under extraordinary secrecy -- Members of Congress were threatened with jail for discussing its contents -- and virtually everything we know about it comes from leaks. One thing we do know is that it contains a provision to let multinational corporations sue governments for passing environmental and labor laws that undermine their profits (similar provisions in other treaties have been used by tobacco companies to sue the Australian government over a law mandating plain packaging for cigarettes). We also know that TPP hardens the worst elements of US copyright, trumping Congress's right to review the term of copyright and the scope of the anti-circumvention provisions of the DMCA (these are the rules that allowed John Deere to claim that farmers don't own their tractors, because of the copyrights in the software in their engines).

The Electronic Frontier Foundation needs your help to contact your Congresscritter to block this. TPP is a fragile monster, and it can really only pass if the Congress abdicates its legislative authority and lets the President make up laws and legal obligations without Congressional input. The Republican Congress -- and many Democrats -- is vulnerable to messages from voters opposing the extension of these powers to the President.

There is a better chance that Fast Track can be stopped in the House, where proportionally more lawmakers have expressed their opposition to the bill than in the Senate. But much of the representatives' resistance is based on labor, environment, and currency manipulation concerns, and not on the provisions that would impact users' rights. The White House and other proponents of TPP may be willing to make some weak compromises on those non-tech issues, but they will likely do nothing to address the restrictive digital regulations that will come with these trade deals, nor even fix the secrecy that have led to these bad terms.

Rep. Nancy Pelosi remains one of our main targets of action. As Minority Leader, she needs to come out strong against the secrecy of trade negotiations and call on others in the House to follow her lead. And as the member of Congress representing San Francisco (which itself voted to come out against Fast Track), she needs to defend the rights of users and Internet-based companies against the extreme copyright and trade secrets provisions in the TPP. She continues to stop short of coming out against Fast Track entirely, so it's time for her to step up and lead this campaign in the House and speak out against these undemocratic, anti-user deals.

Senate Reverses Course and Advances TPP Fast Track Bill [Maira Sutton/EFF]

This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at

14 May 19:20

United Offers “Bug Bounty” Of Up To 1 Million Miles For Hackers Who Find Vulnerabilities In Website, Mobile App

by Ashlee Kieler

While big companies are known to quietly seek out the services of white-hat hackers to test for weaknesses in their networks and websites, it’s not every day that a major airline publicly offers a “bounty” to people who can diagnose vulnerabilities in its systems.

United’s Bug Bounty program rewards independent researchers with airline miles for discovering and reporting issues that affect United’s websites, mobile apps and online portals in a way that could put customer data at risk, Wired reports.

United said in an announcement on Thursday that the new program is an extension of its commitment to protecting customers’ privacy and the personal data they share with the airline.

“We believe that this program will further bolster our security and allow us to continue to provide excellent service,” the company said.

The airline offers three bounties (or mileage amounts awarded) depending on the type and severity of bug found.

High severity bugs, such as a vulnerability that would allow a hacker to execute code on a United property, result in a pay out of as many as 1 million miles.

Medium severity flaws, which the airline says includes the ability to identify information of customers or bypassing login requirements, can result in a reward of up to 250,000 miles.

Smaller vulnerabilities, like third-party issues that affect United, come with a bounty of up to 50,000 miles.

Of course the airline put in several stipulations and restrictions to the program.

For one, it’s first-come-first-serve, meaning only new discoveries qualify for rewards.

Bugs that only affect legacy or unsupported browsers, plugins and operating systems and bugs on the internal sites for United employees and agents are not eligible for submission. Additionally, employees and those living in their households are not permitted to take part in the program.

While the program is centered on finding vulnerabilities in United’s systems, it doesn’t cover all areas of the airline, such as an aircraft’s network.

In fact, participants are prohibited from testing on aircraft or aircraft systems such as inflight entertainment or inflight Wi-Fi.

According to the program’s rules, anyone who attempts to breach those systems will be permanently disqualified and could face criminal or legal action.

The susceptibility of those networks came to light back in April when the Government Accountability Office released a report that identified security weaknesses within the airline industry including the possibility that newer airplanes with interconnected WiFi systems could be hacked.

The Federal Bureau of Investigation and Transportation Security Administration quickly followed up the report by issuing an alert warning airlines to be vigilant about monitoring for such threats.

United Will Reward People Who Flag Security Flaws—Sort Of [Wired]

14 May 10:39

Akilah Hughes explains that when it comes to being an ally: “It’s Not About You”

by Caroline Siede

"Would you go to a toddler’s birthday party and kick over their cake to announce that you, too, have birthdays? The answer should be 'no.'"

Vlogger and comedian Akilah Hughes joined forces with teen-positive Rookie Magazine to pen an incredibly insightful article about activism and allyship. Hughes frames her piece around #BlackOutDay—a cool social media project that encouraged black people to share selfies as a way to challenge the ubiquity of European beauty standards and celebrate black beauty. As is the case with the #BlackLivesMatter movement, some white people took offense and tried to argue #BlackOutDay was exclusionary.

Hughes argues, however, that not every movement has to support everyone:

Blackout Day did not claim that non-black people are immune to body image issues, or that others don’t face societal pressures. But, without fail, any time a historically oppressed group asserts their equality by boldly denying any inferiority to someone outside their group, some member of the un-oppressed majority takes it personally. Well, when oppressed groups take the initiative to lift themselves up, it is not an invitation to victimize yourself. Would you go to a toddler’s birthday party and kick over their cake to announce that you, too, have birthdays? The answer should be “no.”

Hughes also readily admits that she is sometimes on the flip side of this conversation too. Although she’s an ally to the LGBT community, she was initially taken aback when she saw a post jokingly mocking straight relationships. But she eventually came to a big realization with the help of a friend who is a lesbian:

My friend was smart and patient. She simply asked, “Did you lose anything when they lifted themselves up?” and I thought really hard about it. The world hadn’t changed. I wasn’t somehow disadvantaged because queer people asserted their right to exist. I didn’t lose my right to marry, or suddenly have slurs hurled at me about my sexual orientation.

Realizing that their gay pride didn’t take away from or negate my lived experience helped me grow up so much in that moment. I saw the other side of the argument and they were right. And while I don’t condone making fun of anyone, I certainly do not think it makes much sense to equate my personal situation with the centuries-long history of oppression that anyone who isn’t heterosexual carries on their shoulders.

It. Wasn’t. About. Me.

Since that conversation, I’ve learned to listen before I follow my knee-jerk reaction and take offense at movements about which I’m not educated. It isn’t always easy to stop the instinct to be defensive, but it is necessary if things are ever going to get better. After really hearing the other side, ask yourself if anyone loses rights or status when that group gains theirs. John F. Kennedy said, “A rising tide lifts all boats.” It’s important to remember that sweeping progress benefits us all, so let others do what they must to finally achieve equality.

Read the full article over on Rookie.

This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at

13 May 23:37

Butterflies instead of herbicides to kill cocaine crops?

by David Pescovitz

Would be nice if people could figure out the difference between moths and butterflies, but neat!


With Colombia's president Juan Manuel Santos banning use of controversial herbicides to eradicate coca crops, the president of the Quindio Botanical Garden proposed that an army of Cocaine Tussock Moths (Eloria noyesi) could be enlisted to destroy the coca by eating it.

"Cocaine-eating butterflies proposed to replace herbicides in Colombia" (AP)

More in this 2005 article.

This entry passed through the Full-Text RSS service - if this is your content and you're reading it on someone else's site, please read the FAQ at