Jvitak

An anonymous reader shares a report on ZDNet: Security researcher Mike Olsen has warned that some products sold through the Amazon marketplace are harboring a dark secret -- malware. Olsen said in a blog post that while scouring Amazon for a decent set of outdoor surveillance cameras for a friend, he came across a deal for 6 PoE cameras and recording equipment. The seller, Urban Security Group, had generally good reviews and was offering a particular Sony setup on sale. After purchasing the kit, Olsen started setting up the surveillance system, logging into the administrator panel to configure it. [...] Upon investigation, Olsen found that the device was talking to a server with hostname Brenz.pl, which is linked to malware distribution. If the device's firmware links to this domain, malware can be downloaded and installed, potentially leading to unlawful surveillance and data theft.Perhaps the company which made the device didn't realize its source code was compromised. While the aforementioned incident should serve as a reminder to people on why they need to be wary of the product they are purchasing, this isolated occurrence doesn't prove in any way that "plenty" of cameras on Amazon are also infected, as the article and the original blog post are subtly trying to imply.

Read more of this story at Slashdot.

Getting into a car accident might soon mean more than just hospital bills and higher insurance premiums in New York.

Under a new road safety bill being proposed in the New York State legislature, all drivers in the state would automatically consent to having police digitally scan their phones using roadside “textalyzer” tests in the aftermath of a collision.

The bill is being called “Evan's Law” after a 19-year-old college student who was killed by a distracted driver in 2011, and is being advocated by Evan's father Ben Lieberman, who heads the awareness organization Distracted Operators Risk Casualties (DORCs).

The technology is the digital equivalent of the breathalyzer tests used on drunk drivers, proponents say, enabling cops to detect whether drivers were texting or swiping for Tinder dates while driving.

Perhaps unsurprisingly, one of the firms developing the technology in question is Cellebrite, the same digital forensics company that was heavily rumored—despite a suspicious lack of evidence—to be the “outside party” that helped the FBI break into an iPhone used by one of the suspects in the 2015 San Bernardino mass shooting.

"There's a significant number of drivers who continually engage in reckless behavior, such as texting, using apps and browsing the web on their mobile devices while behind the wheel."

Unlike in that high-profile case, a Cellebrite spokesperson confirmed to Motherboard that it is working on the phone-scanning technology described in the New York bill. Cellebrite did not respond to several specific questions about its technology, including what data is collected, how it deals with devices protected by passcode lockscreens or encryption, and which devices and operating systems it will be compatible with.

The bill's advocates insist there are no privacy concerns, claiming in a press release that Cellebrite's technology “completely avoids drivers' personal data” when it scans their devices and does not collect any messages, contacts, emails or other content.

“Certainly distracted driving is a serious problem, but I think there are still many serious questions about this technology,” Mariko Hirose, a senior staff attorney with the New York Civil Liberties Union, told Motherboard. For one, “it's not clear if you'd have to enter your password in order for this to work.”

That's a big deal, because the bill states that any “refusal to submit a mobile telephone or personal electronic device to the field testing will result in the revocation of the driver's license or permit,” effective immediately. Depending on how the testing works, that could also mean surrendering your device's PIN or encryption password to the cops and simply trusting their technology to only extract information relevant to distracted driving.

Another possibility is that Cellebrite or some other company has developed a way to extract certain forms of device activity data without needing a passcode.

But Hirose points out that either case could lead to problems, since it can be difficult to distinguish regular device activity from physical user interactions.

“Even if you finely tune the technology, there could be many cases where the cellphone is actively working but in a way that's consistent with distracted driving laws,” she said. “This allows cops to do this field testing for every fender bender. It's concerning from a policy perspective to give police that power.”

New York was the first state to ban the use of cellphones while driving and has a reputation for pioneering road safety regulations later adopted across the US. According to Governor Andrew Cuomo, motorists have seen an 840 percent increase in tickets for texting while driving since 2011.

“Unfortunately, the problem has now developed beyond hands-free phone calling,” State Assemblyman Felix Ortiz, who is co-sponsoring the bill, said in a press statement. “There's a significant number of drivers who continually engage in reckless behavior, such as texting, using apps and browsing the web on their mobile devices while behind the wheel. These people will continue to put themselves and others at risk unless we come up with preventive ways to successfully stop them."

But privacy advocates say it's still not clear how this technology can help curb that behavior without putting privacy and civil liberties at risk.

“Our perspective is that this is a very serious public safety concern, but this bill is ill-conceived and not tailored to the problem,” Hirose told Motherboard.

REUTERS/Scott Audette (L), Javier Galeano (R)

Most American voters say "meh" — at best — about the 2016 field of presidential candidates in both parties.

That's according to a new Associated Press-GfK poll, which shows that a majority of Americans believe none of the remaining candidates for president represents their opinions at least somewhat well.

At least half of Americans say they would be disappointed or even angry if either of the front-runners — Donald Trump for the Republicans or Hillary Clinton for the Democrats — are nominated, the survey shows. And a quarter said they would be disappointed or angry if both win nominations. Still another quarter would feel at best neutral if both are nominated.

Among all registered voters, 63 percent say they wouldn't consider voting for Trump and half say the same about Clinton.

About one-fifth of those surveyed say they'd either probably or definitely vote for a third-party candidate if Trump and Clinton are the nominees.

Roland Bauer, 64, a retiree from Winter Springs, Fla., plans not to vote if Clinton and Trump are nominated. "I don't trust politicians," he says. "Everybody is on the take."

Bruce Bertsch, a libertarian and retired human resources director from San Diego, says the public's lukewarm reaction to the major-party hopefuls doesn't come from disinterest or apathy — quite the opposite. Here's how his friends and family see the candidates:

REUTERS/Scott Audette (L), Javier Galeano (R)"Hillary Clinton is a liar. Donald Trump is an idiot. And Bernie (Sanders)? He's an old fool," Bertsch, 78, said in a telephone interview Monday. To Bertsch, the Republican and Democratic competitors look like this: "The Democrats want to spend my money. The Republicans want to tell me how to live my life — and then spend my money."

The AP-GfK poll suggests the general election, after the parties name nominees, will be less about emotional appeals and inspiration and more about getting actual voters to cast votes before the end of Election Day. It's what insiders call the "ground game." And much of it is played over the airwaves at enormous expense.

"In the general election, it's an air war," said former Republican strategist Rich Galen, author of a political blog. "The goal is to get not only your people out to vote, but to get these people who are maybe sitting on the sidelines excited enough to come out and join the game."

Even within their own parties, neither Trump nor Clinton generates much enthusiasm. Only 26 percent of Democratic voters say they'd be excited about Clinton being their nominee, and 27 percent say they'd be satisfied. Another 23 percent would feel neutral, 19 percent would be disappointed and 5 percent would be angry, the poll found.

Trump fares even worse among Republican voters, with 19 percent saying they'd be enthusiastic, 19 percent satisfied, 20 percent neutral, 25 percent disappointed and 16 percent angry.

Less than half of Americans say any of the remaining candidates, including Sanders, Ted Cruz or John Kasich, comes close to representing their opinions on the issues.

And in a year dominated by Trump-generated theatrics and his so-far scant policy details, substance matters, most voters say. Nearly 9 in 10 Americans call a candidate's positions on the issues extremely or very important to them.

REUTERS/Scott Audette (L), Javier Galeano (R)Among all the remaining candidates, only Sanders, Clinton's Democratic rival, generates significantly more positive than negative ratings from Americans, with 48 percent saying they have a favorable opinion of him and 39 percent unfavorable. He's also the only candidate described by a majority of Americans as at least somewhat likable, civil, honest and compassionate.

Nearly 7 in 10 Americans have an unfavorable view of Trump, nearly 6-in-10 have an unfavorable view of Cruz and a majority — 55 percent — have an unfavorable view of Clinton, according to the poll.

Americans are fairly evenly divided on Kasich, with 34 percent expressing a favorable view and 31 percent an unfavorable one. Another 34 percent still don't know enough about him to say.

The AP-GfK Poll of 1,076 adults used a sample drawn from GfK's probability-based KnowledgePanel, which is designed to be representative of the U.S. population. The margin of sampling error for all respondents is plus or minus 3.3 percentage points.

Respondents were first selected randomly using telephone or mail survey methods and later interviewed online. People selected for KnowledgePanel who didn't otherwise have access to the Internet were provided access at no cost to them.

 

 When terrorists attacked and killed 14 people in San Bernardino, an iPhone 5c was recovered. The phone was said to contain pertinent information that the FBI really wanted their mitts on, and the Washington Post today reports that it was able to, with the help of professional hackers using a security flaw in the iPhone that was previously unknown. Read More

More about National Park Service, National Park Week, National Parks, Destinations, and Travel

Read 2 remaining paragraphs | Comments

More about Viral Videos and Watercooler

Tesla Motors

Tesla has taken in well over 300,000 preorders since it unveiled the mass-market Model 3 vehicle just about a week ago.

That's epic, and the frenzy to get in on the latest Tesla — at $1,000 a pop, and with a potential wait of several years before your car can be delivered — has led to some hyperventilating about what the electric-car maker has accomplished.

Yes, 325,000 deposits on an as-yet-constructed automobile is unprecedented in the auto industry. It might be unprecedented in any industry. (The only thing I can think of that comes close would be that time Led Zeppelin broke the internet when the band staged a one-off reunion in 2007, and seemingly every music fan on earth wanted a ticket.)

Tesla has every right to celebrate, and possibly panic. The carmaker so far has built 50,000 cars in a year. In 2016 it is aiming for between 80,000 and 90,000, but it isn't off to a good start. And those 325,000 Model 3 preorders, and counting, represent about 200,000 more Teslas than are on the road globally.

But there's a bigger problem than not being able to build the Model 3. Tesla may have repeated a mistake it made before, just on a much larger scale.

Fooled you once

When the Model S sedan launched in 2012, it had been under development for quite a while, and it had been designed and engineered in a world that had seen SUVs fall out of favor. The hangover of gas at $4 a gallon in the US was still fresh. It wasn't clear then that SUVs would stage a comeback.

Tesla Motors

But stage a comeback they did, persuading many buyers to return to these most American of vehicles. Tesla had always planned to create a vehicle with more utility, having unveiled the Model X in 2012 (but not launching it until 2015). However, for three years, as SUV sales bounced back robustly, and it started to become obvious that the family sedan might be in terminal decline, Tesla wasn't selling a ute.

All-wheel-drive was added to the Model S in October of 2014, but that was mainly to make the sedan more appealing to customers in the US Northeast and northern Europe.

With the Model 3, Tesla has indicated that the vehicle is actually a platform, a base on which other types of cars and trucks can be constructed.

But the 3 unveiling mirrors Tesla's past: The original two-seat Roadster was followed by a large four-door sedan, and that sedan has been followed by a smaller version.

Given the state of the US market especially — and for now, the US is largely where Tesla's sales are concentrated — it might have made more sense to skip the midsize sedan version of the 3 and roll out a compact SUV as the mass-market product.

In theory, if Tesla's platforming strategy works, it shouldn't make that much of a difference: An SUV or crossover could be built of the same underpinnings as the Model 3 sedan.

But the optics aren't quite right, and it makes matters worse that Tesla just launched the Model X, whose birth was difficult but whose arrival shows that Tesla can create a spectacular vehicle. That's a tough act to follow.

Tesla Motors

The problems keep coming

There's another problem: The Model 3 preorder customers won't be able to configure their vehicle for some time. It makes sense that Tesla will have between now and 2017 or 2018 to develop a Model 3 crossover, and many customers may choose the truck over the car.

But Tesla may only be able to execute on a passenger-car design. Model S production, for a $100,000 luxury sedan, has come along nicely; Model S made up the bulk of the nearly 15,000 vehicles than Tesla delivered in the first quarter of 2016.

Model X is another story. Production is seriously lagging behind with this vehicle, as Tesla works through what it rather melodramatically described as its "hubris" in making the X overly complicated.

Tesla should be able to build just about any type of vehicle at this point. It has abundant excess production capacity at its plant in California; electric cars are simpler to assemble than gas-powered ones; and this isn't exactly experimental particle physics we're talking about here. Traditional automakers build everything from luxury sedans to big pickup trucks without breaking a sweat.

I knew we were going to see a sedan version of the Model 3 first, but I cringed slightly when it actually appeared. Not because it looked bad — it's actually very cool-looking — but because I just knew it was the wrong vehicle for the market.

It gets worse

The situation could be worse in 2017, when the first Model 3s are supposed to hit the streets. Fiat Chrysler Automobiles CEO Sergio Marchionne has argued that sedans are finished and the market has made a permanent structural shift to SUVs and crossovers.

Tesla could wind up delivering the Model 3 sedan to a limited market of buyers who want Teslas, while the larger market wants crossovers and won't want to wait for Tesla to figure out how to build one that it can sell for $35,000 (the Model X, for what it's worth, arrived with a price tag well north of $100,000).

Tesla Motors

I'm not sure this is something Tesla can easily correct. First impressions are important, and though the Model 3 could become a family of vehicles, the first editions — the ones that drove the massive preorders — were preproduction sedans. The company may have no choice but to follow through, and the challenge there will be to make sure that a small SUV is in the mix. Which could be tricky if Tesla's production problems continue.

There is a silver lining. The Model X arrived late and was beset with glitches, from the exotic falcon-wing doors to the sculptural back seats. CEO Elon Musk admits that Tesla probably shouldn't have built it. But in the flesh, it's a fantastic car — a game-changing crossover.

The same could be true of a Model 3 SUV. But I'd genuinely like to see Tesla put a design in front of us. And they might. Musk has hinted that the Model 3 unveiling will be a two-part event. Part one is history. Now we can look forward to part two — and avoiding mistakes of the past.

NOW WATCH: Everything Elon Musk just revealed about the Tesla Model 3

Kelly Jackson Higgins, reporting for Dark Reading: A new study reveals that none of the top 10 U.S. university computer science and engineering program degrees requires students take a cybersecurity course. There's the cybersecurity skills gap, but a new study shows there's also a major cybersecurity education gap -- in the top U.S. undergraduate computer science and engineering programs. An analysis of the top 121 US university computer science and engineering programs by CloudPassage found that none of the top 10 requires students take a cybersecurity class for their degree in computer science, and three of the top 10 don't offer any cybersecurity courses at all. The alarming study also reveals that only one (University of Alabama) out of the 121 schools required three or more cybersecurity classes to graduate. "With more than 200,000 open cybersecurity jobs in 2015 in the U.S. alone and the number of threat surfaces exponentially increasing, there's a growing skills gap between the bad actors and the good guys," Robert Thomas, CEO of CloudPassage, told SCMagazine.com.

Read more of this story at Slashdot.

totalcaos writes: Attackers who control the [browser on the] PC of a user consuming Google services (Gmail, Google+ etc) can surreptitiously push and activate apps on the user's mobile device, bypassing SMS-based two-factor authentication (2FA) via the phone. How Anywhere Computing Just Killed Your Phone-Based Two-Factor Authentication is a paper that explains the wider issues of phone-based 2FA. Herbert Boss, professor of systems and security at Vrije Unversiteit Amsterdam, who co-authored the mobile security paper with the two PhD students, disclosed the vulnerability to Google but they "still [refuse] to fix it."

Read more of this story at Slashdot.

AP Photo/Julie Jacobson

Donald Trump called the CIA director's stance against waterboarding "ridiculous" on Monday, arguing that the US should allow it because terrorists in the Middle East are chopping off heads.

CIA Director John Brennan said in a Sunday interview with NBC News that his agency would ignore waterboarding orders from any future president.

"I will not agree to carry out some of these tactics and techniques I've heard bandied about because this institution needs to endure," Brennan said.

Trump, the Republican presidential frontrunner, told "Fox & Friends" on Monday that Brennan's comments were "ridiculous."

The real-estate mogul has repeatedly advocated for using waterboarding, an interrogation technique that the US used until President Barack Obama banned the practice in 2009, and is widely regarded as torture. But Trump argues that the US won't be able to beat terrorist groups like ISIS (also known as the Islamic State, ISIL, or Daesh) without using "strong tactics."

"They chop off heads and they drown people in cages with 50 in a cage and big, steel, heavy cages. Drop them right into the water, drown people, and we can't waterboard and we can't do anything and we're playing on different fields," Trump said Monday.

He continued:

We have a huge problem with ISIS, which we can't beat, and the reason we can't beat them is we won't use strong tactics, whether it's this or other things. So I think his comments are ridiculous.

Trump then imagined what ISIS terrorists would think about the US refusing to use waterboarding against them.

"Can you imagine these ISIS people sitting around eating and talking about this country won't allow waterboarding and they just chopped off 50 heads?" he said.

Watch Trump's waterboarding comments below:

RAW Embed

 

NOW WATCH: CIA DIRECTOR: I would refuse to enact Trump and Cruz’s proposal to bring back waterboarding

The Department of Justice has charged at least 137 people in the US with child pornography related crimes, after the FBI used a hacking tool to identify visitors of a large site on the so-called dark web. Many of those people are facing years in prison.

One person caught has avoided any serious jail time altogether though: Brian Haller, a former cybersecurity employee at Booz Allen Hamilton who himself has ties to the government. Haller was sentenced on Friday to time served—two days and one night, according to court documents and local media reports.

Haller pleaded guilty to one count of possession of child pornography, court documents state. Haller was also sentenced to 10 years of supervised release, in which his computer will undergo constant monitoring (except devices that are used as part of his employment), and he was ordered to pay a fine of $1,000.

“We see a lot of […] good people who've done bad things,” Judge Robert Byran said from the bench, according to a local report.

Up until his arrest in July 2015, Haller was the President of the Washington chapter of InfraGard, “the FBI's public-private partnership dedicated to critical infrastructure protection,” reads Haller's LinkedIn profile. As part of this, Haller had access to a “secure FBI online platform and email system,” reports Seattle Pi.

Haller had also worked at Booz Allen Hamilton as a senior consultant and an associate, as well as cybersecurity company NCC Group.

Haller isn't the only one caught by the FBI's mass hack with links to government. David Tippens reportedly served as a combat engineer in the US Army, and Richard Armendariz, a former Homeland Security analyst was also allegedly identified by the FBI's hacking tool.

These cases all stem from the takeover of child pornography site Playpen. For 13 days, the FBI ran Playpen from a government facility in Virginia, and deployed a network investigative technique (NIT). This NIT, after circumventing the protections offered by the Tor Browser, grabbed Playpen visitors' IP and MAC address, as well as other technical information.

Read 15 remaining paragraphs | Comments

More about Panama Papers, Vladimir Putin, Russia, Moscow, and U.S. World

Read 5 remaining paragraphs | Comments

What do you look like as you get increasingly buzzed from alcohol? Many of Marcos Alberti's friends now have photographic evidence.

"There is a saying about wine that I really like and it's something like this: 'The first glass of wine is all about the food, the second glass is about love and the third glass is about mayhem,' " the Brazilian photographer tells AdFreak. "I really wanted to see it for myself if that affirmation was, in fact, true."

Alberti started inviting friends to his studio and photographing them before having any wine—and then after one, two and three glasses. The results are, let's say, amusing.

"The first picture is taken right away when our guest has just arrived at the studio in order to capture the stress and the fatigue after working all day long, and from also facing rush hour traffic to get here," Alberti says. "Only then can fun time and my project begin. At the end of every glass of wine, a snapshot. Nothing fancy—a face and a wall, three times."

Check out loads of the pics from the series below. 

Bob Strong/Reuters

I've written a great deal in praise of Swedish culture, from the mandatory paid paternity leave to the high level of innovation, but I've never visited the country.

So you can imagine my excitement when I learned the Swedish Tourist Association, in honor of the 250th anniversary of the country abolishing censorship, recently created a phone number that lets people from anywhere in the world instantly connect with a Swede.

This was my shot to hang out with the locals from six time zones over.

"You are calling Sweden," said an automated voice as I got patched through. "You will soon be connected to a random Swede somewhere in Sweden."

After a few rings, I heard the line open. Quickly I realized I had no good reason to be calling this person at 10 p.m. on a Tuesday night. Oh well. The damage was done.

Daniel was the first to pick up. He's 19 and studying natural sciences in high school. I learned all this after some awkward introductions. 

But we quickly got to chatting. I asked him several questions about Sweden that probably seemed about as culturally savvy as asking an American if everyone loves apple pie. Yes, Daniel likes Ikea. Everyone loves Ikea. No, he doesn't go there just for the food. He goes to actual restaurants that are closer to his house.

Daniel tells me I was the fourth person to call him that day. The other three were a Dutch person, a Turkish person, and a Trump supporter from New Jersey who allegedly opened the conversation by asking Daniel how he felt about a made-up sexual assault statistic. 

Not wanting to take up too much of his time, I wished him luck on the Swedish SAT he was taking this weekend and apologized for the Trump supporter one more time. Then I ended the call.

Youtube Embed:
http://www.youtube.com/embed/mtb3f_NAmK0
Width: 560px
Height: 315px

But one Swede does not a country make. So I dialed again.

"You are calling Sweden," a familiar voice told me. "You will soon be connected to a random Swede somewhere in Sweden."

This time an older, more grizzly voice popped up on the other line. Still feeling good from the call with Daniel, I went in with a much more confident introduction, thinking I'd get an equally warm response. Instead I was met with three seconds of silence.

"Oh, I see," the voice said. "You're from that ... fuck ... I didn't think this thing would work ... So what do you want?"

I learned from Mike — who is 30, a truck driver, and introduced himself as "Heisenberg," even after I asked him twice what his real name was — that I'd interrupted him playing Sky Rim.  He said his friend downloaded the app, but that he never expected anyone to call. I was the first.

Mike spent a great deal of time venting his frustration that people outside Sweden seem obsessed with the concept of "fika," or the coffee breaks Swedes take several times a day. 

"It's like, you have a cup of coffee, you know, it's not a big deal," he says. "I don't know why it's a big deal in other countries — the word fika, like what the fuck?"

Mike also told me he was a Trump supporter (was he the guy from New Jersey who called Daniel?) because the Donald is the anti-politician people have wanted for so long. Mike described him as a "breath of fresh air" and said he was a real human, and not a robot. I told him many Americans would disagree.

By the end of my two phone calls, a lot of what I thought Swedes held sacred — the coffee breaks, Ikea's meatballs, the eminent pop producer Max Martin — didn't seem like they were such a big deal. (Neither one of the guys I spoke with had even heard of Martin, despite his legendary status in the music world.)

And despite The Swedish Number professing that "the chances that you are connected to the same Swede twice are small," the third person I called ended up being Daniel again.

Small world.

NOW WATCH: This incredible treehouse hotel in Sweden gives you a breathtaking view of the Northern Lights

(Image: The Pizza Review/Flickr)

Being a responsible, friendly hacker means you don’t get to take advantage of the bugs and holes you find, even if those could’ve let you get free pizza.

Paul Price, a security consultant from the UK, found a bug in the British version of the Domino’s Pizza app that let him do exactly that. Price found that the app’s API wasn’t processing payments correctly, allowing users with enough technical know-how to meddle with it and trick the app into accepting invalid payments, essentially allowing them to order pizza for free.

“Errr, what? It looks like my order was placed without a valid payment,” Price wrote in a blog post recounting the time he ordered pizza without paying for it. “Surely this is an oversight/edge case and Dominos's will have back office checks in place before physically starting to prepare my order...right?”

Wrong. Price wasn’t sure it actually worked, so he called the store to double check, and surely enough, they told him his pizza was being prepared, according to his blog post.

“My first thought: awesome. My second thought: shit.”

“My first thought: awesome. My second thought: shit,” he wrote.

So the pizza actually showed up at his door, according to Price, but at that point, he admitted the payment didn’t go through and paid in cash. Domino’s has since fixed the bug.

“We take security extremely seriously and discovered this issue last year during one of our frequent reviews. We are pleased to say it was resolved very quickly,” Rod Brooks, Domino's head of IT, told Motherboard in a statement.

But the moral of the story is that there are plenty of apps out there with faulty APIs.

Buggy APIs were partly responsible for the massive hack of the toy company VTech, which left the personal data of millions of parents and their children exposed. And just a few weeks ago, security researchers Troy Hunt and Scott Helme showed that hackers could mess with Nissan electric cars from all over the world, turning on the AC and draining the car's battery. The company had to disable the app to fix the bug.

In what’s perhaps the most enthralling episode of the hacker drama Mr. Robot, one of F-Society’s hackers drops a bunch of USB sticks in the parking lot of a prison in the hopes somebody will pick one up and plug it into their work computer, giving the hackers a foothold in the network. Of course, eventually, one of the prison employees takes the bait.

Using booby-trapped USB flash drives is a classic hacker technique. But how effective is it really? A group of researchers at the University of Illinois decided to find out, dropping 297 USB sticks on the school’s Urbana-Champaign campus last year.

As it turns out, it really works. In a new study, the researchers estimate that at least 48 percent of people will pick up a random USB stick, plug it into their computers, and open files contained in them. Moreover, practically all of the drives (98 percent) were picked up or moved from their original drop location.

Very few people said they were concerned about their security. Sixty-eight percent of people said they took no precautions, according to the study.

“It's easy to laugh at these attacks, but the scary thing is that they work.“

“I trust my macbook to be a good defense against viruses,” one participant is quoted as saying, while another one seemed aware of the risks, but didn’t care, saying: “I sacrificed a university computer.”

Some 135 people actually opened some files in the drives, according to the study. The researchers didn’t put any malware on the sticks, but had left an HTML file that contained an image allowing the researchers to detect when a file was opened. The HTML file also contained a survey, which had the goal of informing unbeknownst students and faculty that they had become part of an experiment, and trying to figure out why they had picked up the drive and opened files inside.

“It's easy to laugh at these attacks, but the scary thing is that they work—and that's something that needs to be addressed,” the leading researcher on the study, Matt Tischer, told me in an email.

(Some of the USB drives the researchers dropped around campus. Image: University of Illinois)

In the study, the researchers concluded that “the anecdote that users will pick up and plug in flash drives they find is true.”

Based on the participants’ survey answers, the researchers concluded that most people did it with “altruistic intentions.” In fact, 68 percent people said they did it to find the owners, while 18 percent admitted it was just out of curiosity. However, considering their actions, it seems some overestimated their good intentions. Despite the fact that some USB drives contained a resume file, almost half the users didn’t open that file, and, instead browsed vacation photos first, “overtaken by curiosity,” as the researchers put it.

Tischer said that it’s hard to prevent something like this from happening.

“There are no easy solutions to these problems, but they will certainly extend beyond simply the technical to include a deeper understanding of the social, behavioral, and economic factors that affect human behavior,” he said in an email. “There is a difference between warning users that a particular action is dangerous and convincing them to actually avoid it. We need to close that gap.”

Matthew DeBord/Business Insider

You never forget your first Tesla.

In 2010, right after the company had survived a near-death experience, I was offered the chance to sample what was then the carmaker's only vehicle: the original Roadster.

It's hard to overestimate the importance of this car, which sold for over $100,000, turned in blistering acceleration, and could top 200 miles on a single charge.

The Roadster changed our minds forever about what an electric car could be and launched Tesla on a road to its current $30 billion market cap and a portfolio of, by 2017, three vehicles: the Model S sedan, the Model X SUV, and the Model 3 car for the masses.

Last year, I reminisced about my first time with a Tesla to one of the company's staffers. This led to a question: Do we even have a Roadster around to check out anymore?

It found one, and I was reunited with my old friend in Los Angeles, on the eve of the Model 3 unveiling.

Something poetic and romantic about that, I think. Read on to see what it was like.

We were so much younger then ... That's me in early 2010, after a spin in the Roadster Sport version 2.0.

Screenshot via YouTube

I made a video about the fun.

Since then, I've driven every other Tesla, starting with the base Model S sedan.

Steve Jurvetson

See the rest of the story at Business Insider

Oriole Park at Camden Yards opened in 1992 and began an era in baseball in which teams moved to beautiful, intimate ballparks with a bit of a throwback feel. But now Camden Yards is in its 25th season, and finds itself as one of the oldest in baseball with an entire generation of baseball fans who don't know what life was like before its construction.

Of the other 29 ballparks in Major League Baseball, only nine are older than Camden Yards. Three of those parks (Fenway Park, Wrigley Field, Dodger Stadium) are iconic symbols of the sport and won't be replaced anytime soon, and two others (Kauffman Stadium, Angel Stadium) have undergone major renovations in the last 20 years.

That leaves Oakland Coliseum, Rogers Centre, Tropicana Field, and US Cellular Field as the only non-iconic, non-renovated ballparks older than Camden Yards. Two of those, Oakland Coliseum and Tropicana Field, are considered blights on the sport and their teams are actively seeking new stadiums.

Here is a look at the ages of every big league ballpark...

Cork Gaines/Business Insider

NOW WATCH: This video will change the way you watch the WWE

Google Maps

NEWARK, N.J. (AP) — The University of Northern New Jersey fielded no sports teams, held no graduation ceremonies and had no instructors, classes or degree programs. It did have a very attractive website that promised an "exceptional" education for foreign students wishing to study in the U.S.

The school was a sham from beginning to end — and it was created by federal authorities, who used it to arrest 21 people on charges they conspired to help more than 1,000 foreigners fraudulently keep or obtain student or work visas over the past 2½ years.

The defendants whose arrests were announced Tuesday knew the school was bogus, as did the foreigners, who pretended to be students there in order to stay in the U.S., authorities said. But they didn't know it was set up as part of a sting by undercover agents from U.S. Immigration and Customs Enforcement.

Most of the foreigners who benefited from the scam were from China and India and were already in the U.S. on student visas, federal prosecutors said. Officials said they have been identified and will be dealt with by immigration authorities — meaning they could face deportation — but won't be prosecuted.

The 21 people arrested were described as brokers, recruiters and employers. They were charged with conspiracy to commit visa fraud and to harbor aliens for profit. The second charge carries up to 10 years in prison. The defendants awaited court appearances in Newark on Tuesday.

Most of the defendants are in the U.S. legally and live in New York, New Jersey and California. One lives in Illinois, and one in Georgia.

The University of Northern New Jersey's elaborate website promised "a high quality American education to students from around the world." The site contained links to academic programs; a message from the "president," a Dr. Steven Brunetti, Ph.D.; and photos of attractive young people sitting around a library table or consulting with a faculty member.

The site, which was taken offline Tuesday afternoon, even had a school seal that appeared to have been modeled on Princeton University's, except that the fake institution's colors were bluish-purple and green instead of orange and black. The university listed as its address a real building in Cranford, about 15 miles outside New York City.

The middlemen under arrest paid the undercover agents running the school thousands of dollars to produce paperwork that made it look as if the foreigners were enrolled at UNNJ, federal prosecutors said. That enabled the "students" to maintain their visa status without having to go to class.

"This was just another stop on the 'pay-to-stay' tour," U.S. Attorney Paul Fishman said.

Immigration officials have investigated hundreds of suspected fake schools, or "visa mills," in recent years. Some have led to charges: Officials at two schools in California and one in Georgia received prison sentences, including one who got 16 years for visa fraud and other charges.

In this case, though, federal authorities set up their own bogus institution. And Fishman said that once word got out about the place, the middlemen descended.

___

This story has been corrected to show that the fake university did not have classes or instructors.

NOW WATCH: This mind-melting thought experiment of Einstein's reveals how to manipulate time

 How would you feel if a robot asked you to touch its butt? Maybe it sounds like a silly question (actually, there’s no maybe about it), but as robots proliferate and anthropomorphize, it’s actually something that needs to be considered. So scientists at Stanford considered it. Read More

Senators Richard Burr and Dianne Feinstein. Photo: Tom Williams/CQ Roll Call

Today, the popular messaging service WhatsApp turned on end-to-end encryption for all of its 1 billion users, a massive achievement which effectively blocks any third party—including WhatsApp itself—from reading users' chats.

The security facelift means that WhatsApp and its parent company Facebook will no longer be technically capable of handing over users' chat logs, even when presented with a court order or wiretap warrant. Users will also be able to fully verify each other’s identities, to make sure their conversations aren’t being read or modified by a man-in-the-middle. And it's all thanks to the same Edward Snowden-approved encryption system developed by Open Whisper Systems, the makers of another popular messaging app, Signal.

"There is nothing in the draft language of the [encryption] bill that calls for weaker encryption and support of these two bills is not contradictory."

The big news comes just weeks after the anti-climactic conclusion of Apple's high-profile fight with the FBI over the iPhone used by a San Bernardino terrorism suspect. But while the Department of Justice has vowed to continue its fight to provide backdoors for law enforcement, other parts of the US government have actively funded the development of these very encryption systems—including some of the same members of Congress currently pushing for legislation to weaken them.

Senators Dianne Feinstein (D-CA) and Richard Burr (R-NC), for example, are two of the most prominent proponents of encryption backdoors on the Hill. They're currently working to introduce legislation that would force companies to comply with orders to access communications—even if it means building new software or capabilities, much like Apple was being ordered to do in the San Bernardino case.

“Criminals in the U.S. have been using this technology for years to cover their tracks,” Burr told The Hill last December when work-in-progress encryption bill was first announced. “The time has come for Congress and technology companies to discuss how encryption—encoding messages to protect their content—is enabling murderers, pedophiles, drug dealers and, increasingly, terrorists.”

But Feinstein and Burr have supported encryption in the past, whether they realized it or not.

Both senators voted for appropriations bills in 2008 and 2010 which, among other things, set aside $45 million for the Open Technology Fund (OTF), a State Department-funded program which seeded the very encryption tools they're now struggling against.

Altogether, the OTF has given Open Whisper Systems $2.25 million to develop its easy-to-use and now widespread encryption software since 2013; ACLU principal technologist Chris Soghoian calls it “an amazing return on our investment” as American taxpayers.

The OTF is a product of the US State Department's “internet freedom” agenda, an effort championed by former Secretary of State and now-Democratic presidential frontrunner Hillary Clinton. The idea, inspired by the Arab Spring and other foreign popular uprisings around the globe, was to fund the development of easy-to-use software tools that could be used by activists living under repressive regimes to circumvent state surveillance and censorship.

Clinton, ironically, is also now pushing Silicon Valley companies to help law enforcement access encrypted communications enabled by those tools, a move which security experts have repeatedly warned wouldn’t stop criminals and would have dire consequences on internet security and the US economy.

"There is nothing in the draft language of the [encryption] bill that calls for weaker encryption and support of these two bills is not contradictory,” said Burr in a statement sent to Motherboard. “I support encryption. I believe it is a priority to keep Americans' information safe and I also believe that private entities are also subject to U.S. law. When a judge issues an order, we are all required to follow the law."

A spokesperson from Feinstein’s office told Motherboard that the Senator “won’t have a statement until the bill is made public.”

While the WhatsApp news gives privacy enthusiasts plenty of reason to celebrate, the new encryption does have one key flaw. Unlike competitor Signal, WhatsApp prompts users to backup their chats to the cloud. That means that if even one member of a conversation has enabled this option, all those chats will be stored in a server accessible to WhatsApp, Apple, or whoever manages your cloud backup service—as well as any government agency that comes knocking.

More about George Mason University, Awkward, Law School, Antonin Scalaia, and World

The Carthaginian general Hannibal lived over 2,200 years ago, yet his legacy continues to cast an immense shadow over modern history and culture. Brimming with hatred for Rome, the charismatic commander staged an invasion in 218 BCE that famously involved marching an estimated 30,000 troops, 15,000 horses, and 37 elephants over the Alps.

Caught completely off guard by Hannibal’s flamboyantly bold approach, the Romans suffered a series of devastating defeats that almost cost them their burgeoning empire. Emboldened by the success of his crossing, Hannibal rampaged through his enemy’s defenses, crippling the Roman army with an excruciatingly well-executed pincer move at the Battle of Cannae in 216 BCE.

Though the great general would ultimately lose the Carthaginian-Roman conflict, called the Second Punic War, to his worthy rival Scipio Africanus, Hannibal’s brash yet cunning style is still emulated by modern military strategists, and the nightmare of his invasion haunted the Roman empire for the rest of its existence.

But while many ancient writers documented Hannibal’s elephantine march, the exact route he took has been contested for centuries. Now, in an exciting development, an international team led by geomorphologist Bill Mahaney of York University may have finally cracked this longstanding cold case.

Path Hannibal took to threaten Rome. Image: Abalg/Pinpin

In a study published this week in Archaeometry, Mahaney and his colleagues describe a floodplain bog near the Col de la Traversette, a mountain pass perched a dizzying 3,000 meters above sea level on the French/Italian border. The site contains compelling evidence of what the team calls a “mass animal deposition,” suggesting that the area was once disrupted by an enormous throng of humans and animals that stopped to camp there, exactly around the time Hannibal made his fateful lunge for Rome.

What’s more, the team found abundant evidence of Clostridia bacteria, which is a major component of horse manure. While this is not an unequivocable slam dunk confirming that Hannibal crossed there, it does represent the first tangible evidence of this notorious march recovered from the Alps.

“The microbiological remains [...] are clearly well preserved,” Chris Allen, a microbiologist at Queen's University Belfast and a co-author of the study, told me. “Most Clostridia produce endospores—basically microscopic, highly stable, genetic pods that can morph into living bacteria if the conditions are right.”

“These things can survive remarkable physical conditions,” he added. “This is accepted by the scientific community. So I am not surprised at all that they are still there after 2,000-plus years.”

Indeed, it’s somewhat more challenging to understand why a trail of ancient horse dung is the only firm remnant that has ever been recovered from Hannibal’s death-defying maneuver. Surely an army comprised of thousands of men and animals would have littered its trail with corpses and artifacts?

Aerial view of excavation site. Image: Peeter Somelar of the University of Tartuu (Estonia)

“It is always difficult to explain a negative result,” Allen explained. “I think that Hannibal's army was really the crack troops of their day. Even at the scale they were at, I wouldn't imagine they left a lot of hard evidence behind.”

But even troops as disciplined as Hannibal’s couldn’t help but leave a trail of fecal detritus in its wake. The fact that Mahaney’s team has been able to pick up this path is exciting enough on its own merits, but it also offers a lens through which to view historical events beyond Hannibal’s crossing.

“The organic [chemistry] and microbiological end could be used to work up other sites in the ancient world and even in the New World,” Mahaney told me. “Anywhere there is some evidence that people occupied a site even for a few days, as with Hannibal. One could follow sites identified by Julius Caesar in his logs and use the biotic signals to find sites worth geoarchaeological exploration.”

“We think our approach is quite novel,” Allen said. “It may well be applied to other similar situations, but there are various factors that need to be satisfied. For example, critical in this case was the fact that this is a highly undisturbed site.”

Finding similarly unruffled sites, rich in bacterial samples, can help fill out the story of these murky ancient events, and add valuable context to the movements of the world’s most influential leaders. Evidently, captivating texts are hidden in the Earth, written in the language of life, which can augment what we know from historical texts and accounts.

In this case, the site has validated Mahaney’s longstanding theory that Hannibal made his route through the Col de la Traversette, which he outlined in his 2008 book Hannibal’s Odyssey: Environmental Background to the Alpine Invasion of Italia. This path was first championed by British biologist Sir Gavin de Beer some 60 years ago, but has remained controversial in academic circles.

Painting of Hannibal crossing Alps. Image: Heinrich Leutemann

To that point, the study’s authors have more work to do before they can conclusively declare that Hannibal’s forces once camped at the bog below the Col de la Traversette. For instance, Allen is currently leading a “full scale metagenomic analysis” of the samples extracted from the ancient bog to get a firmer grasp on their origins and identity.

“I think ultimately only a full scale excavation of the site will satisfy all the experts,” Allen told me. “That will probably be down to the French. The area is part of a National Park, we were very lucky to get permission to investigate the site to begin with. This was largely down to one of the co-authors—Pierre Tricart from Grenoble.”

What these future efforts and expeditions will turn up remains to be seen. But if the site is conclusively proved to have been visited by Hannibal and his army of Punic vengeance, one of the most significant outstanding mysteries in military history will finally be resolved.

The best seats in the house at Yankee Stadium this afternoon belong to a pair of dudes wearing Teenage Mutant Ninja Turtles costumes. And we all have Last Week Tonight to thank.

Read more...

More about Lego, Funny, Viral Videos, and Watercooler

I love playing clever puzzle games with friends and for years my go to company has been ThinkFun. They’ve just released a title with the claim of “teaching the basics of computer programming without a computer”. The designer of Code Master is an ex NASA virtual reality simulations programmer named Mark Engelberg and I think he’s hit his mark.

Like most of ThinkFun’s games, it comes with an ingenious, well-ramped set of levels that teaches new mechanics as you go. Even though the later levels are driving me batty, the “Huzzah!” moments encourage me to keep playing long after I should have gone to bed.

You play the role of an adventurer who needs to collect gems on each level before escaping through a Portal. To aid you in your quest you’ll need to “write a program” that moves your hero across the map.

To write the program you’ll need to order a random set of movement tokens that allows your avatar to travel on appropriately colored paths.

For the level shown above, you’re movement tokens are 1 red, 1 blue and 2 greens and must be placed in the following order to make it from start to finish.

This particular level may seem simple but believe me – the game ramps to insane levels of difficulty!

Early on you’ll be introduced to special paths that only allow your Avatar to move in the direction the arrows are pointing and Loop paths that bring your Avatar back to his current position.

In the intermediate levels, you’ll meet up with conditions that teach how if-then statements work in coding. This is where the game gets hairy.

I had a great time playing it with my 9 year old Nephew this past Christmas. As long as I was there to keep him on track he had a great time with it and felt like a mini-genius the entire time.

The lone con - The only thing with the game I’d like changed is the material of the Avatar and Portal’s bases. These pieces are gigantic and the fact that they have to occupy the same space at times makes it impossible to keep track of what lies beneath them.

If ThinkFun does another run of this game and the bases are redesigned to be transparent, the game will be perfect.

The many pros - Code Master is a clever and beautifully designed game that will make anyone feel smarter for having played it.

Like many puzzle games, you have the safety net of an answer booklet to bail you out when the going gets too tough. 

There is no doubt in my mind that Code Master will inspire a new breed of game programmers and I hope that my Nephew will be one of them.

In case you missed it last week, an enterprising Twitter user pointed out to Walmart that they were selling University of Maryland shirts with the nickname TERPS jammed into what is clearly an outline of Massachusetts:

Read more...