Politics, Rights, Technology

Former Irish Chief Justice slams data retention as mass surveillance and threat to fundamental rights

Former Chief Justice of Ireland John L Murray has warned that retained telecommunications data poses a threat to fundamental rights and freedoms in a searing report [PDF] released on Tuesday alongside proposed amendments by the government to Ireland’s data retention laws.

Murray said Ireland’s data retention system touches every aspect of a person’s communications profile for a lengthy period of time.

[Data retention] establishes a form of mass surveillance of virtually the entire population of the state, involving the retention and storage of historic data, other than actual content, pertaining to every electronic communication, in any form, made by anyone and everyone at any time, he wrote.

A vast amount of private information pertaining to the personal communications of virtually everyone in the state is now retained without the consent of those affected in databases maintained by each private service provider in fulfilment of its statutory obligations.

Ireland’s data retention regime, enacted in 2011, mandates that data related to phone calls, text messages, and phone location be kept for two years and IP addresses for internet connections for one year. Due to a decision by the European Court of Justice (ECJ) striking down a European Union data retention directive in 2014, Ireland’s laws in the area need to be modified to remain compliant.

The retained data is able to be currently accessed under a disclosure request by Irish Defence Forces, an officer of the Revenue Commissioners, the Garda Síochána (Irish Police), the Competition and Consumer Protection Commission, or anyone with an appropriate court order or authorisation by the Data Protection Commissioner. The legislation also allows for individuals to request the data kept on them.

The former chief justice warned that safeguards in place for state authorities to access retained data could be undermined by those agencies believing they are entitled to the data if it is deemed useful by them.

Access to a person’s private historical communications data is an intrusion on their rights and on data which is personal to them, Murray said. Mere utility or potential utility is not the test — via ZDNet

Technology

In fight for free speech, researchers test anti-censorship tool built into the internet’s core

When the Chinese government wanted to keep its users off Facebook and Google, it blocked the entire country’s access to the US companies’ apps and sites. And when citizens started using third-party workarounds — like Tor, proxies and VPNs — to get around those blocks, it moved to quash those, too.

So a handful of researchers came up with a crazy idea: What if circumventing censorship didn’t rely on some app or service provider that would eventually get blocked but was built into the very core of the internet itself? What if the routers and servers that underpin the internet — infrastructure so important that it would be impractical to block — could also double as one big anti-censorship tool?

It turns out, the idea isn’t as crazy as it might seem. After six years in development, three research groups have joined forces to conduct real-world tests of an experimental new technique called refraction networking. They call their particular implementation TapDance, and it’s designed to sit within the internet’s core.

In partnership with two medium-sized US internet providers and the popular app Psiphon, they deployed TapDance for over a week this past spring to help more than 50,000 users around the world access the free and open internet — the first time such a test has been done outside the lab, and at such a large scale.

The researchers announced the test in a paper presented at the annual USENIX Security conference earlier this week.

In the long run, we absolutely do want to see refraction networking deployed at as many ISPs that are as deep in the network as possible, said David Robinson, one of the paper’s authors, and co-founder of the Washington-based tech policy consulting firm Upturn. We would love to be so deeply embedded in the core of the network that to block this tool of free communication would be cost-prohibitive for censors  — via CBC

History, Technology

Scrap dealer finds Apollo-era NASA computers in dead engineer’s basement

A pair of Apollo-era NASA computers and hundreds of mysterious tape reels have been discovered in a deceased engineer’s basement in Pittsburgh, according to a NASA Office of the Inspector General (OIG) report released in response to a Freedom of Information Act (FOIA) request.

Most of the tapes are unmarked, but the majority of the rest appear to be instrumentation reels for Pioneer 10 and Pioneer 11, NASA’s fly-by missions to Jupiter and Saturn.

The two computers are so heavy that a crane was likely used to move the machines, the report concluded.

At some point in the early 1970s, an IBM engineer working for NASA at the height of the Space Race took home the computers — and the mysterious tape reels. A scrap dealer, invited to clean out the deceased’s electronics-filled basement, discovered the computers. The devices were clearly labelled NASA PROPERTY, so the dealer called NASA to report the find.

Please tell NASA these items were not stolen, the engineer’s heir told the scrap dealer, according to the report. They belonged to IBM Allegheny Center Pittsburgh, PA 15212. During the 1968-1972 timeframe, IBM was getting rid of the items so [redacted engineer] asked if he could have them and was told he could have them.

You can read the entire report; the engineer’s identity has been redacted — Ars Technica UK

Politics, Technology

Elon Musk’s Tesla to build world’s biggest lithium ion battery to secure power for South Australia

South Australia will be home to the world’s largest lithium ion battery thanks to a historic agreement between Tesla and the State Government.

And Tesla boss Elon Musk is promising to build it in 100 days, or it’s free. Key points:

A 100-megawatt (129 megawatt hour) battery is to be in place before summer It will provide energy stability for SA and also be emergency back-up for shortfalls Elon Musk is sticking by a 100 days or free promise for SA taxpayers

Tesla will build the 100-megawatt battery which will store energy from French renewable company Neoen’s Hornsdale Wind Farm near Jamestown, which is still under construction.

The project will be in place before summer.

Mr Musk’s 100 days or it’s free pledge starts once the grid interconnection agreement has been signed — via redwolf.newsvine.com

Rights, Technology, World

EU Votes Today On Content Portability to Reduce Piracy

Members of the European Parliament will vote today on draft rules that would allow citizens to enjoy legally purchased music and movie streaming subscriptions when they travel to another EU country. It’s hoped that improved access to content will help to dampen frustrations and reduce Internet piracy.

Being a fully-paid up customer of a streaming service such as Spotify or Netflix should be a painless experience, but for citizens of the EU, complexities exist.

Subscribers of Netflix, for example, have access to different libraries, depending on where they’re located. This means that a viewer in the Netherlands could begin watching a movie at home, travel to France for a weekend break, and find on arrival that the content he paid for is not available there.

A similar situation can arise with a UK citizen’s access to BBC’s iPlayer. While he has free access to the service he previously paid for while at home, travel to Spain for a week and access is denied, since the service believes he’s not entitled to view.

While the EU is fiercely protective of its aim to grant free movement to both people and goods, this clearly hasn’t always translated well to the digital domain. There are currently no explicit provisions under EU law which mandate cross-border portability of online content services.

Following a vote today, however, all that may change.

In a few hours time, Members of the European Parliament will vote on whether to introduce new Cross-border portability rules (pdf), that will give citizens the freedom to enjoy their media wherever they are in the EU, without having to resort to piracy — via redwolf.newsvine.com

Politics, Technology

How Australia Bungled Its $36 Billion High-Speed Internet Rollout

The story of Australia’s costly internet bungle illustrates the hazards of mingling telecommunication infrastructure with the impatience of modern politics. The internet modernization plan has been hobbled by cost overruns, partisan maneuvering and a major technical compromise that put 19th-century technology between the country’s 21st-century digital backbone and many of its homes and businesses.

The government-led push to modernize its telecommunications system was unprecedented, experts say — and provides a cautionary tale for others who might like to try something similar.

Australia was the first country where a totally national plan to cover every house or business was considered, said Rod Tucker, a University of Melbourne professor and a member of the expert panel that advised on the effort. The fact it was a government plan didn’t necessarily make it doomed. In Australia, we have changes of governments every three years, which really works against the ability to undertake long-term planning, and the long-term rollouts of networks like this.

Australia poses natural connectivity challenges. It lies oceans away from other countries, and any network would have to connect far-flung cities separated by its sparsely populated interior.

Still, Australia had high hopes for its ambitious internet project. Started in 2009, the initiative, known as the National Broadband Network, was intended to bring advanced fibre-optic technology to the doorstep of just about every home and business. It was initially estimated to cost 43 billion Australian dollars, shared by the government and the private sector — via redwolf.newsvine.com

Technology

Google invests in new undersea cable from Australia to Southeast Asia

Google announced Wednesday that it’s investing in a new subsea cable system that will run between Australia and Asia. The investment is Google’s latest move to strengthen its ties to the APAC region.

Called Indigo, the cable will connect Perth, Sydney, and Singapore, with a branch to Jakarta. To build the cable, Google is partnering with AARNet, Indosat Ooredoo, Singtel, SubPartners and Telstra, while Alcatel Submarine Networks will construct the cable. Span approximately 9,000km, it’s expected to be completed by mid-2019.

Indigo will initially have two fibre pairs with a design capacity of around 18 terabits per second — enough capacity for people in Singapore and Sydney to join 8 million simultaneous high-definition Google Hangout video conference calls — via redwolf.newsvine.com

Technology

Google Has Finally Killed the CAPTCHA

CAPTCHA’s are an irritating but necessary evil. The system that is used to verify whether or not a user is human has been around a while and it had to evolve because machines were getting better at reading the text than humans. With its latest iteration, Google says you’ll no longer have to input anything at all.

Invisible CAPTCHA’s are the latest development in the Completely Automated Public Turing test to tell Computers and Humans Apart. Google acquired reCaptcha back in 2009. It updated the system in 2013 to allow for the ubiquitous I’m not a robot checkbox that’s all over the internet. That version worked by determining the user’s humanity through their clicking style. If the click seemed fishy, a more elaborate test would be offered. But the Invisible CAPTCHA is able to recognize that a user is not a bot simply by analysing their browsing behaviour — via redwolf.newsvine.com

Technology

Wikipedia bans Daily Mail as ‘unreliable’ source

Wikipedia editors have voted to ban the Daily Mail as a source for the website in all but exceptional circumstances after deeming the news group generally unreliable.

The move is highly unusual for the online encyclopaedia, which rarely puts in place a blanket ban on publications and which still allows links to sources such as Kremlin backed news organisation Russia Today, and Fox News, both of which have raised concern among editors.

The editors described the arguments for a ban as centred on the Daily Mail’s reputation for poor fact checking, sensationalism and flat-out fabrication.

The Wikimedia Foundation, which runs Wikipedia but does not control its editing processes, said in a statement that volunteer editors on English Wikipedia had discussed the reliability of the Mail since at least early 2015.

It said: Based on the requests for comments section [on the reliable sources noticeboard], volunteer editors on English Wikipedia have come to a consensus that the Daily Mail is generally unreliable and its use as a reference is to be generally prohibited, especially when other more reliable sources exist — via redwolf.newsvine.com

Technology

The Cryptographic Capability of the Barbie Typewriter

In 1998, Mattel began selling the electronic Barbie Typewriter to replace the earlier mechanical typewriter in the Barbie line, thus continuing the toy industry habit of introducing young children to technology that is 30 years out of date. Nonetheless, it could keep children busy learning to read and write away from your word processor. But the typewriter had a secret. It was manufactured by Mehano in Slovenia, which already made other children’s typewriters. Mehano took an older model and made it pink and purple for Mattel. The base model they used had a wonderful secret capability that was sadly never included in Mattel’s marketing.

Apart from a range of typesetting features, such as letter-spacing and underline, this children’s toy was capable of encoding and decoding secret messages, using one of 4 built-in cipher modes. These modes were activated by entering a special key sequence on the keyboard, and was explained only in the original documentation.

When the E-115 was adopted by Mattel as an addition to the Barbie product line, it was aimed mainly at girls with a minimum age of 5 years. For this reason the product was given a pink-and-purple case and the Barbie logo and image were printed on the body. As it was probably thought that secret writing would not appeal to girls, the coding/decoding facilities were omitted from the manual. Nevertheless, these facilities can still be accessed if you know how to activate them.

If you happen to have one of these typewriters sitting around, you can find the instructions for using the crypto codes at Crypto Museum — via Neatorama

Technology, Wildlife

How technology is helping homeless pets find a new home

In Australia, over 137,390 animals once called pets are received annually by the RSPCA [PDF] alone, with rescue homes and animal shelters receiving surrendered animals faster than they can re-home those already in care.

With few options other than euthanasia for those animals unable to be placed, self-taught coder John Bishop decided he needed to do something and launched Pet Rescue in 2003, an online service connecting former pets with new owners.

Working with approximately 98 percent of the rescue groups in Australia from the RSPCA to animal welfare leagues, vets, pounds, and foster carers, non-profit Pet Rescue currently has over 8,600 animals from 952 rescue groups on its website.

Essentially it’s an aggregation service but that’s not very sexy, Bishop explained. We look at ourselves as providing connections between pets in care with the rescue groups and the public that are looking to adopt.

As Pet Rescue operates at a not-for-profit, Bishop has been faced with the mammoth task of keeping up with technology since day one — via redwolf.newsvine.com

Technology

Tesla unveils residential ‘solar roof’ with updated battery storage system

Tesla will build and sell its own line of solar panels with integrated batteries, the company announced at a press event at Universal Studios in LA, today. The Powerwall 2 will allow residential homeowners to replace their entire roof with solar panels and an updated Powerwall 2 battery system, making it much simpler for homes to be entirely powered by solar power.

The roof is made of a textured glass tile with integrated solar cells. The roofs look as good or better than conventional roofs, according to Musk. They look like normal roofing tiles from the ground, but are completely transparent to the sun. The tiles are hydrographically printed, which, Musk says, makes each one a special snowflake tile, and no two roofs will be the same. You can take any two roofs that look like that and they will be different — because they are different, said Musk.

There are a number of different versions of solar panels: Textured Glass Tile, Slate Glass Tile, Tuscan Glass Tile, and Smooth Glass Tile. Tesla says its glass tiles are much more durable than conventional roof tile — something that’s important in areas with risk of hail.

The products are a joint collaboration between SolarCity and Tesla, according to SolarCity CEO Lyndon Rive. Tesla is attempting to acquire SolarCity for $2.6 billion and shareholders of both companies will vote on the proposed acquisition in the middle of November.

The Powerwall 2 can store 14 kWh of energy, with a 5 kW continuous power draw, and 7 kW peak. The battery is warranted for unlimited power cycles for up to 10 years. It can be floor or wall mounted, inside or outside. It can be used for load shifting or back-up power — via redwolf.newsvine.com

Food, Technology

Sundrop Farms pioneering solar-powered greenhouse to grow food without fresh water

A groundbreaking greenhouse that relies on sunlight and seawater to grow tomatoes officially opens next week, 300 kilometres north of Adelaide.

The company Sundrop Farms spent several years developing the idea at a pilot plant on the outskirts of Port Augusta, before building a commercial facility that is 100 times larger.

This is a very special project, head grower Adrian Simkins said.

The 20-hectare futuristic-looking facility includes a field of more than 23,000 mirrors that capture the sunlight and direct it to a central receiver at the top of a 127-metre power tower.

At its peak it produces 39 megawatts of thermal energy, which is used for electricity, heating and making water.

All the water used for irrigating the crops is piped from the Spencer Gulf and converted into fresh water using a thermal desalination unit.

Mr Simkins has spent more than two decades running tomato greenhouses in Europe and North America and says the desalinated water is first-class.

It’s almost the perfect water, he said.

You’re taking all the salt out of it, there’s no disease aspects, it’s very pure and then we’re able to enhance it with the nutrition that the plants require — via redwolf.newsvine.com

Technology

Why the silencing of KrebsOnSecurity opens a troubling chapter for the ‘Net

For the better part of a day, KrebsOnSecurity, arguably the world’s most intrepid source of security news, has been silenced, presumably by a handful of individuals who didn’t like a recent series of exposés reporter Brian Krebs wrote. The incident, and the record-breaking data assault that brought it on, open a troubling new chapter in the short history of the Internet.

The crippling distributed denial-of-service attacks started shortly after Krebs published stories stemming from the hack of a DDoS-for-hire service known as vDOS. The first article analyzed leaked data that identified some of the previously anonymous people closely tied to vDOS. It documented how they took in more than $600,000 in two years by knocking other sites offline. A few days later, Krebs ran a follow-up piece detailing the arrests of two men who allegedly ran the service. A third post in the series is here.

On Thursday morning, exactly two weeks after Krebs published his first post, he reported that a sustained attack was bombarding his site with as much as 620 gigabits per second of junk data. That staggering amount of data is among the biggest ever recorded. Krebs was able to stay online thanks to the generosity of Akamai, a network provider that supplied DDoS mitigation services to him for free. The attack showed no signs of waning as the day wore on. Some indications suggest it may have grown stronger. At 4.00pm, Akamai gave Krebs two hours’ notice that it would no longer assume the considerable cost of defending KrebsOnSecurity. Krebs opted to shut down the site to prevent collateral damage hitting his service provider and its customers.

It’s hard to imagine a stronger form of censorship than these DDoS attacks because if nobody wants to take you on then that’s pretty effective censorship, Krebs told Ars on Friday. I’ve had a couple of big companies offer and then think better of offering to help me. That’s been frustrating.

Until recently, a DDoS attack in excess of 600Gb was nearly impossible for all but the most sophisticated and powerful actors to carry out. In 2013, attacks against anti-spam organization Spamhaus generated headlines because the 300Gb torrents were coming uncomfortably close to Internet-threatening size. The assault against KrebsOnSecurity represents a much greater threat for at least two reasons. First, it’s twice the size. Second and more significant, unlike the Spamhaus attacks, the staggering volume of bandwidth doesn’t rely on misconfigured domain name system servers which, in the big picture, can be remedied with relative ease — via redwolf.newsvine.com

Technology

NIST’s new password rules – what you need to know

It’s no secret. We’re really bad at passwords. Nevertheless, they aren’t going away any time soon.

With so many websites and online applications requiring us to create accounts and think up passwords in a hurry, it’s no wonder so many of us struggle to follow the advice of so-called password security experts.

At the same time, the computing power available for password cracking just gets bigger and bigger.

OK, so I started with the bad news, but this cloud does have a silver lining.

It doesn’t need to be as hard as we make it and the government is here to help.

That’s right, the United States National Institute for Standards and Technology (NIST) is formulating new guidelines for password policies to be used in the whole of the US government (the public sector).

Why is this important? Because the policies are sensible and a great template for all of us to use within our own organisations and application development programs.

Anyone interested in the draft specification for Special Publication 800-63-3: Digital Authentication Guidelines can review it as it evolves over on Github or in a more accessible form on NIST’s website.

For a more human approach, security researcher Jim Fenton did a presentation earlier this month at the PasswordsCon event in Las Vegas that sums up the changes nicely — via redwolf.newsvine.com

Politics, Technology

#CensusFail is a failure to listen to ‘experts’ and it’s complicated…

Australia just had a massive jump in IT jargon, well, sort of LOL! DDoS is now a thing you hear punters inserting into a conversation, so are servers, hacks, VPN’s and more. The problem is, most don’t actually really understand what the hell they are saying. As is often the case when it comes to the technical, a little bit of knowledge is dangerous.

But you know what, you don’t need to understand it all.

Yes, we are in a so-called Digital era, but the point is, do you know exactly how your car works, all the intimate details of how it is built, what is used, all the safety parameters, engineering, designing etc? In general the answer would be No. It is a tool. You know how to drive it, not the ducks nuts about how it is put together and all the moving parts. You do know you need to lock it so it won’t get stolen, you know there are certain laws to abide by so you don’t endanger yourself and others, but the actual chunk of steel that propels you – sometimes at great speed – down the road is beyond your knowledge and to be perfectly frank, we don’t need to know — via redwolf.newsvine.com

Politics, Technology

Census 2016: no sign of any DDoS attack

While the head of the Australian Bureau of Statistics David Kalisch is claiming that hackers forced the closure of the organisation’s website on census night, there is no evidence to show that any such attack occurred.

The website digitalattackmap.com tracks events of this nature but as security pro Matthew Hackling posted last night, the site detected no unusual activity in Australia at all.

Hackling commented in a tweet: Hmmm. Nothing unusual DDoS wise for Australia and yesterday #censusfail — via redwolf.newsvine.com

Rights, Technology

FBI Wants Biometric Database Hidden From Privacy Act

The FBI is working to keep information contained in a key biometric database private and unavailable, even to people whose information is contained in the records.

The database is known as the Next Generation Identification System, and it is an amalgamation of biometric records accumulated from people who have been through one of a number of biometric collection processes. That could include convicted criminals, anyone who has submitted records to employers, and many other people. The NGIS also has information from agencies outside of the FBI, including foreign law enforcement agencies and governments. Because of the nature of the records, the FBI is asking the federal government to exempt the database from the Privacy Act, making the records inaccessible through information requests.

The bureau says in a proposal to exempt the database from disclosure that the NGIS should be exempt from the Privacy Act for a number of reasons, including the possibility that providing access could compromise sensitive law enforcement information, disclose information which would constitute an unwarranted invasion of another’s personal privacy; reveal a sensitive investigative technique; could provide information that would allow a subject to avoid detection or apprehension; or constitute a potential danger to the health or safety of law enforcement personnel, confidential sources, and witnesses — via redwolf.newsvine.com

Technology

Must listen: We’ve found the real Bastard Operator From Hell

Nobody likes having to deal with cold calls to the office. But when you’re manning the IT help desk, you have no choice but to pick up the phone — even when it’s a pushy sales pitch.

So what to do about those annoying calls from over-enthusiastic sales staff itching to shift their technology wares? One spectacularly resourceful, and possibly sadistic, IT department has a solution: boot them all to Hell.

An IT boss — whose identity and employer we’re keeping anonymous, lest they be flooded with calls from people eager to experience it first-hand – explained to El Reg the story behind Extension 666 — via redwolf.newsvine.com

Technology

Australia’s First Powerwall Home Batteries Are Already Installed In Western Sydney

When Tesla’s Powerwall battery energy storage system was first announced, solar-friendly Australians went mad for it. A relatively cheap integrated system that could hook up to the grid and to rooftop solar panels, the Powerwall is one of the first widely-available technologies that could reduce users’ reliance on energy delivered via the national electricity grid. And now, one of the first Powerwall batteries to be installed in Australia is already bolted to the outside wall of a home in western Sydney.

Australia is the first country in the world to have Powerwall batteries installed and delivered, and companies like Natural Solar and Origin Energy are receiving and installing their first shipments into homes and businesses around Australia. New South Wales is first, but other states and territories have their first installations scheduled from the start of next week onwards — via redwolf.newsvine.com

Business, Politics, Rights, Technology

61 agencies after warrantless access to Australian telecommunications metadata

The names of 57 agencies that are seeking to gain access to telecommunications metadata stored on Australian residents without a warrant have been released under a Freedom of Information (FOI) request.

The names of four agencies have been redacted, with the Attorney-General’s Department (AGD) previously saying that disclosing the names of these agencies would be contrary to the public interest.

The FOI request originally asked for correspondence from organisations seeking to gain access to stored telecommunications metadata. The department denied this request on practical grounds, stating that 2,661 pages spread across 288 documents were related to such a request, and that 45 third parties needed to be consulted before the information could be released.

Eventually, the request was narrowed down to merely a list of agencies looking to be declared as an enforcement agency as defined under the Telecommunications (Interception and Access) Act.

Agencies objected to disclosure on the basis that it would compromise the trust they place in the Commonwealth, AGD said last week. During consultation, these four agencies clearly indicated that disclosure of this information would damage the relationship between the department and the relevant agencies, and could affect any future cooperation with the department
— via redwolf.newsvine.com

Technology, Wildlife

Track the dangerous squirrels attacking the US power grid

It’s not just Chinese and Russian hackers that want to take down the power grid. The real cyber enemy lives inside — a true insider threat — and has been attacking national power lines for decades: squirrels. A new Twitter account and accompanying website @cybersquirrel1 is tracking the threat. As of January 5th, the site reports that squirrels have successfully disrupted the power grid 623 times, whereas birds have successfully penetrated it 214 times. These unclassified operations go back to 1987, or when the site begins its data collection.

Site visitors can choose a month and year to see a map populate with these successful squirrel operations around the country, along with links back to news stories about the subsequent power outages — via redwolf.newsvine.com

Technology

Uncooperative Russian ISP Prevents Cisco from Shutting Down Cybercriminal Gang

Cisco’s Talos research team has managed to identify and partially shut down a cyber-criminal group that is using the RIG exploit kit to infect users with all kinds of malware.

This particular group used a series of security vulnerabilities, but most of the time, it was using the CVE-2015-5119 flaw in Flash, which allowed the group to compromise computers and later infect them with spambots.

Cisco reports that, in most cases, the main payload was the Tofsee spambot variant, which infected Windows machines via Internet Explorer.

Researchers say that most of the users getting infected via this particular RIG exploit kit campaign are redirected to the site using malicious ads and iframes embedded in legitimate and compromised websites.

The campaign was extremely active during the past fall and used well over 7,000 different domain names and 44 IPs to spread their malware payloads — via redwolf.newsvine.com

Rights, Technology

Error 451: The new HTTP code for censorship

Governments will not always be able to disguise which content they restrict across the Web thanks to a new error code which will warn users of content restricted through censorship.

On Friday, the group responsible for Internet standards, the Internet Engineering Steering Group (IESG), approved a new HTTP code to differentiate between Web pages which cannot be shown for technical reasons and others which are unavailable for non-technical reasons, such as governmental censorship.

Status codes, available within the 100s to 500s, are most commonly encountered when something goes wrong — such as a server downtime, for example, which prevents a user from accessing a Web page. The common 404 error tells users a page has not been found, but now 451 is coming into its own as a way to track other restrictions.

Online censorship is on the rise. Governments in the European bloc force ISPs to restrict access to websites linking to pirated content, China has its ever-famous “Great Firewall” which heavily restricts the Web, and countries including Russia and South Korea are also cracking down on access.

It isn’t always easy to work out whether a Web page is down because of technical reasons or governmental meddling. However, a new Internet protocol could change that.

Mark Nottingham, chair the IETF HTTP Working Group — developers of the Internet’s core HTTP protocol — explained in a blog post while the 403 error status code says “Forbidden,” it does not specify if there are legal reasons for restricting content.

However, status code 451 — a hat tip to Fahrenheit 451 — can now be used to distinguish pages unavailable due to censorship — via redwolf.newsvine.com

Technology

Don’t flip your lid: The Internet of Helmets has arrived

Microsoft has shown off an internet helmet built by a customer.

The hard-wired headwear is the brainchild of construction outfit Laing O’Rourke, which is rightly concerned with the welfare of workers it sends out to build stuff in the sweltering heat of places like Australia and the Middle East.

Folks toiling in the hot sun in such locales are liable to come down with nasty ailments like heatstroke, which the company would rather avoid because an afflicted worker is a danger to their colleagues as well as themselves.

The firm’s therefore found a way to fit sensors measuring heart rate, ambient temperature, body temperature, ultra-violet light and location into the sweatband of a bog-standard building site hard hat. There’s also a Zigbee radio in there with a range of 100m to shunt all the data into a Linux box, which passes it on to an Intel Compute Stick. That device shunts the lot into Azure where the incoming data’s crunched and turned into alerts to get that chap off the site, stat. And not because of the classic building site shocker — horrid arse-crack exposure — but rather because the helmet suggests a worker’s in a physical state that suggests ill-health or increased likelihood of accidents.

What’s that you say? Building sites are bigger than 100m? They certainly are, so Laing O’Rourke’s cunning R&D folk have daisy-chained Zigbee repeaters and reckon they’ve built a helmet-net with a range of 500 metres. Zigbee’s low power requirements make for all-day data beaming action. And if you’re worried about all that collection, storing-and-forwarding and cloud uploading going on, know that heatstroke’s symptoms can be detected before a sufferer notices them. So a few minutes diagnostic delay won’t be disastrous — via redwolf.newsvine.com

Business, Politics, Rights, Technology

TPP: ISPs will hand over copyright infringer details

Trans Pacific Partnership (TPP) member states will force internet service providers (ISPs) to give up identification details of alleged copyright infringers so that rights holders can protect and enforce their copyright through criminal and civil means with few limitations, according to the full text of the agreement.

The TPP, the full text of which has been published on the website for the New Zealand Ministry of Foreign Affairs and Trade a month after reaching agreement, will regulate trade between Australia, the United States, New Zealand, Canada, Singapore, Vietnam, Malaysia, Japan, Mexico, Peru, Brunei, and Chile.

Section J of the Intellectual Property chapter [PDF] covers ISPs, with Article 18.82(7) stating that member states must enable copyright holders to access the details of alleged copyright infringers through ISPs.

Each party shall provide procedures, whether judicial or administrative, in accordance with that party’s legal system, and consistent with principles of due process and privacy, that enable a copyright owner that has made a legally sufficient claim of copyright infringement to obtain expeditiously from an internet service provider information in the provider’s possession identifying the alleged infringer, in cases in which that information is sought for the purpose of protecting or enforcing that copyright, the text says.

The full text of the intellectual property chapter ties in with leaks last month from WikiLeaks revealing that ISPs would be forced to give up copyright infringer details — via redwolf.newsvine.com

Business, Technology

New top-level domains a money grab and a mistake: Paul Vixie

Dr Paul Vixie, a pioneer of the internet’s domain name system (DNS), has lashed out at the creation of hundreds of new top-level domains, ranging from .dog to .horse, and .cool to .porn, labelling them a money grab and a mistake.

Vixie, who is now the chief executive officer of Farsight Security, was speaking at the Ruxcon information security conference in Melbourne on Sunday about the importance of securing the internet’s DNS infrastructure.

In response to an audience question about the Internet Corporation for Assigned Names and Numbers (ICANN) decision to create some 1900 new top-level domains in this first round alone, Vixie was blunt.

I think it is a money grab. My own view is that ICANN functions as a regulator, and that as a regulator it has been captured by the industry that they are regulating. I think that there was no end-user demand whatsoever for more so-called DNS extensions, [or] global generic top-level domains (gTLDs), he said.

Vixie sees the demand for the new domains as having come from the people who have the budget to send a lot of people to every ICANN meeting, and participate in every debate, that is, the domain name registrars who simply want more names to sell, so they can make more money. But these new domains don’t seem to be working.

They’re gradually rolling out, and they are all commercial failures, Vixie said — via redwolf.newsvine.com

Politics, Rights, Technology

CISA blowup: Web giants sharing private info isn’t about security

There were sharp words on the floor of the US Senate on Wednesday as lawmakers debated the controversial Cybersecurity Information Sharing Act (CISA) and its amendments.

The bill, proposed by Senators Richard Burr (R-NC) and Dianne Feinstein (D-CA), would allow internet giants and other companies to share people’s personal information with the US government so it can be analyzed for signs of lawbreaking – be it computer related or not.

In return, the companies would get legal immunity from angry customers, although legal action is unlikely because the businesses and the government don’t have to reveal what they have shared, even with a freedom of information request.

The proposed legislation has been criticized by internet rights groups, and also by technology firms. Google, Facebook, Microsoft, and others published an open letter calling for the legislation to be rewritten, and since then Apple, Salesforce.com, Yelp, and Wikipedia have joined them in opposing the draft law.

Feinstein said organizations won’t be forced to reveal citizens’ private lives to Uncle Sam: it won’t be mandatory for businesses to hand over people’s private records, she claimed.

If you don’t like the bill, you don’t have to do it, Feinstein said.

So it’s hard for me to understand why we have companies like Apple and Google and Microsoft and others saying they can’t support the bill at this time. You have no reason, because you don’t have to do anything, but there are companies by the hundreds if not thousands that want to participate in this.

Her colleague Burr said on the floor that he couldn’t understand the opposition to CISA. Businesses against the new law will put their users at risk, he said, because by not sharing people’s personal information, they will not be given intelligence and heads up on attacks from the Feds.

When the companies who are against this get hacked, they are going to be begging to cooperate with the federal government, he opined — via redwolf.newsvine.com

Politics, Technology

Majority of ISPs not ready for metadata laws that come into force today

The vast majority of Australian internet service providers (ISPs) are not ready to start collecting and storing metadata as required under the country’s data retention laws which come into effect today.

ISPs have had the past six months to plan how they will comply with the law, but 84 per cent say they are not ready and will not be collecting metadata on time.

The Attorney-General’s department says ISPs have until April 2017 to become fully compliant with the law.

The figures come from a survey sent to ISPs by telecommunications industry lobby group Communications Alliance.

It found two-thirds of them are still not entirely sure what type of metadata the Government wants retained.

Communications Alliance chief executive John Stanton said ISPs have had to start collecting a significant amount of new data, and complying with the laws has been difficult and time consuming.

The Government’s claim that what they’re asking for is retention of the status quo has never been correct, he said.

The vast majority [of ISPS] are saying: ‘We’re trying, but we’re not there yet’ — via redwolf.newsvine.com

Technology

BBC joins war against Flash, launches beta HTML5 iPlayer

It may not be the definitive decision which propels humanity towards our inevitable end, but in a post on the Beeb’s internet blog, James East, the Media Playout Product Manager, stated that his team is now confident they can achieve the playback quality you’d expect from the BBC without using a third-party plugin.

HTML5 has already been used to deliver video to iOS devices. However, the Beeb has been hesitant to share this rollout to desktop services.

This was not an act of spite, East assures readers, but because Aunty felt that the consistent experience and efficient media delivery offered by Flash outweighed the benefit of moving to HTML5 — via redwolf.newsvine.com

Health, Science, Technology

World-first operation implants 3D-printed titanium ribcage and sternum

A Spanish cancer patient is the first person in the world to receive a titanium 3D-printed sternum and rib cage, designed and manufactured by an Australian company.

The 54-year-old needed his sternum and a portion of his rib cage replaced.

The CSIRO said chest prosthetics were notoriously tricky to create due to the complex customised geometry and design for each patient.

Thoracic surgeons typically use flat and plate implants in the chest, but they can come loose over time and create complications, the CSIRO said.

A 3D-printed implant was a safer option for the patient because it can identically mimic the intricate structures of the sternum and ribs.

Almost a fortnight since the surgery, the CSIRO confirmed the patient was discharged and had recovered well — via redwolf.newsvine.com

Technology

You’ve been Drudged! Malware-squirting ads appear on websites with 100+ million visitors

Internet lowlives who used Yahoo! ads to infect potentially countless PCs with malware have struck again — using adverts on popular websites to reach millions more people.

Security researchers at MalwareBytes this week discovered the crooks running another massive campaign of ads that use the Angler Exploit Kit to infiltrate Windows PCs via vulnerabilities in Adobe Flash and web browsers.

Prominent websites including the Drudge Report and Weather.com — a pair of sites whose total traffic alone amounts to nearly 200 million visits per month — were apparently inadvertently carrying the ads, putting millions of netizens at risk.

MalwareBytes said the network carrying the ads, AdSpirit, was notified, and it has since taken down the offending adverts. The campaign has now moved to AOL’s ad network, with dodgy adverts appearing on eBay, we’re told — via redwolf.newsvine.com

Politics, Rights, Technology

Government exploit vendor hacked, client data exposed

One of the world’s most notorious providers of offensive information technology to governments has had its internal systems breached and customer documentation dumped on the open internet.

Hacking Team, founded in 2003 and based in Milan, Italy, provides surveillance software and intrusion tools to law enforcement agencies around the world.

On its website it boasts clients across the US, Europe and the Asia Pacific, assisted by more than 50 employees providing all aspects of offensive IT tools.

The company’s primary surveillance tool – dubbed Da Vinci – earned it a spot on the Reporters Without Borders Enemies of the Internet list.

Its products allow governments to monitor online communications, record voice-over-IP (VoIP) sessions, remotely activate microphones and cameras, and break encrypted files and emails.

The company’s Twitter account was today compromised, and around 400GB of internal emails, files and source code were leaked to the internet, and spread via social media.

The attackers also posted screenshots of the compromised data from the leaked file to Twitter, and defaced the company’s logo and biography.

Earlier this afternoon — before his own Twitter account appeared to be hacked — Hacking Team engineer Christian Pozzi confirmed the breach and said the company was notifying affected customers and working with police.

According to the leaked data, Hacking Team counts customers from South Korea, Saudi Arabia, Lebanon, Egypt and Mongolia. The company has long maintained it does not sell to oppressive governments — via redwolf.newsvine.com

Technology

Popular Security Software Came Under Relentless NSA and GCHQ Attacks

The National Security Agency and its British counterpart, Government Communications Headquarters, have worked to subvert anti-virus and other security software in order to track users and infiltrate networks, according to documents from NSA whistleblower Edward Snowden.

The spy agencies have reverse engineered software products, sometimes under questionable legal authority, and monitored web and email traffic in order to discreetly thwart anti-virus software and obtain intelligence from companies about security software and users of such software. One security software maker repeatedly singled out in the documents is Moscow-based Kaspersky Lab, which has a holding registered in the UK, claims more than 270,000 corporate clients, and says it protects more than 400 million people with its products.

British spies aimed to thwart Kaspersky software in part through a technique known as software reverse engineering, or SRE, according to a top-secret warrant renewal request. The NSA has also studied Kaspersky Lab’s software for weaknesses, obtaining sensitive customer information by monitoring communications between the software and Kaspersky servers, according to a draft top-secret report. The US spy agency also appears to have examined emails inbound to security software companies flagging new viruses and vulnerabilities.

The efforts to compromise security software were of particular importance because such software is relied upon to defend against an array of digital threats and is typically more trusted by the operating system than other applications, running with elevated privileges that allow more vectors for surveillance and attack. Spy agencies seem to be engaged in a digital game of cat and mouse with anti-virus software companies; the US and UK have aggressively probed for weaknesses in software deployed by the companies, which have themselves exposed sophisticated state-sponsored malware — via redwolf.newsvine.com

Politics, Rights, Technology

Glenn Greenwald says Australia is ‘one of most aggressive’ in mass surveillance

Australia is one of the most aggressive countries in the world in terms of mass surveillance and its techniques could be the subject of future leaks, journalist Glenn Greenwald, who first reported on the Edward Snowden revelations for the Guardian, has said.

Greenwald, who now works for The Intercept, told ABC’s Lateline program on Thursday night that Australia is probably the country that has gotten away with things the most in terms of the Snowden revelations.

There are interesting documents about what Australia is doing to privacy rights — not just to their own citizens Glenn Greenwald

Australia is one of the most aggressive countries that engage in mass surveillance as a member of the Five Eyes partnership, he said, referring to a security sharing arrangement between the United States, the United Kingdom, Australia, New Zealand and Canada.

There has been less reporting on Australia than the other four countries. We intend to change that.

We are working on the reporting, he continued. We will definitely get that done as soon as we can — via redwolf.newsvine.com

Entertainment, Technology

How Eddie Van Halen Hacks a Guitar

My playing style really grew from the fact that I couldn’t afford a distortion pedal. I had to try to squeeze those sounds out of my guitar. The first real work I did was in my bedroom. I added pickups, because I didn’t like the sound of the originals. I couldn’t afford a router — I didn’t even know what a router was — so I started hammering away with a screwdriver. That didn’t work at all. Chunks of wood flew off and there was sawdust flying all over the place. But I was on a mission. I knew what I wanted and I just kept at it until I finally got there — via Popular Mechanics

Entertainment, Technology

Touch Pianist

Touch Pianist is a web toy that let’s you play famous piano pieces on your computer keyboard. No musical skill needed! The notes are there in visual form; all you have to do is hit any keys to make them play. It’s a little like Guitar Hero, except the controls don’t matter, you set the tempo, and you can’t lose. The only skill you need is to keep the tempo going in a way that makes it sound pleasant to you. The default screen is Moonlight Sonata, but you can pull down other choices — via Neatorama

Technology

Conversation With a Tech Support Scammer

When investigating an incident that involved domain redirection and a suspected tech support scam, I recorded my interactions with the individual posing as a help desk technician and researched the background of this scheme. It was an educational exchange, to say the least. Here’s what I learned about this person’s and his employer’s techniques and objectives — via redwolf.newsvine.com