Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Businesses

Oculus Accused of Destroying Evidence, Zuckerberg To Testify In $2 Billion Lawsuit (arstechnica.com) 112

An anonymous reader quotes a report from Ars Technica: ZeniMax Media, the parent company of both Bethesda Softworks and Id Software, says it will prove at trial that John Carmack and others at Oculus stole trade secrets to "misappropriate" virtual reality technology that was first developed while Carmack was working at Id Software. What's more, ZeniMax is now accusing Oculus of "intentional destruction of evidence to cover up their wrongdoing." Mark Zuckerberg, CEO of Oculus parent company Facebook, is scheduled to respond to those accusations in testimony starting tomorrow, according to a report by Business insider. ZeniMax's statement comes after Carmack testified at trial last week, saying the case was "ridiculous and absurd." His testimony echoed Oculus' initial reaction when ZeniMax's accusations first surfaced in 2014. In court filings leading up to the trial, ZeniMax detailed its case that Carmack, while still an employee at Id Software, "designed the specifications and functionality embodied in the Rift SDK and directed its development." Carmack's technology and guidance allegedly "literally transformed" Oculus founder Palmer Luckey's early Rift prototype from a "primitive virtual reality headset" that was "little more than a display panel." Carmack allegedly used "copyrighted computer code, trade secret information, and technical know-how" from his time at ZeniMax after he moved to Oculus as CTO in 2013. As the trial began last week (as reported by a Law360 summary, registration required), Carmack told the court of his development of a virtual reality demo for Doom 3 in 2012 and his search for a VR headset that would be suitable to run it. That's when he says he got in touch with Luckey, leading to the now legendary E3 2012 demo that introduced Oculus to the public. ZeniMax is seeking $2 billion in damage, which matches the value that Facebook paid for Oculus in 2014. The trial is expected to last three weeks.
Government

Amateur Scientists Find New Clue In D.B. Cooper Case, Crowdsource Their Investigation (kare11.com) 132

Six months after the FBI closed the only unsolved air piracy in American aviation history -- after a 45-year investigation -- there's a new clue. An anonymous reader quotes Seattle news station KING: A band of amateur scientists selected by the Seattle FBI to look for clues in the world's most infamous skyjacking may have found new evidence in the 45-year-old case. They're asking for the public's help because of new, potential leads that could link DB Cooper to the Puget Sound aerospace industry in the early 1970s. The scientific team has been analyzing particles removed from the clip-on tie left behind by Cooper after he hijacked a Northwest Orient passenger jet in November 1971. A powerful electron microscope located more than 100,000 particles on old the JCPenny tie. The team has identified particles like Cerium, Strontium Sulfide, and pure titanium.

Tom Kaye, lead researcher for the group calling itself Citizen Sleuths, says the group is intrigued by the finding, because the elements identified were rarely used in 1971, during the time of Cooper's daring leap with a parachute from a passenger jet. One place they were being used was for Boeing's high-tech Super Sonic Transport plane...

Interestingly, it was even a Boeing aircraft that Cooper hijacked, and witnesses say he wasn't nervous on the flight, and seemed familiar with the terrain below.
Security

Student Hacker Faces 10 Years in Prison For Spyware That Hit 16,000 Computers (vice.com) 174

An anonymous reader quotes Motherboard: A 21-year-old from Virginia plead guilty on Friday to writing and selling custom spyware designed to monitor a victim's keystrokes. Zachary Shames, from Great Falls, Virginia, wrote a keylogger, malware designed to record every keystroke on a computer, and sold it to more than 3,000 people who infected more than 16,000 victims with it, according to a press release from the U.S. Department of Justice.

Shames, who appears to be a student at James Madison University, developed the first version of the spyware while he was still a high school student in 2013, "and continued to modify and market the illegal product from his college dorm room," according to the feds... While the feds only vaguely referred to it as "some malicious keylogger software," it appears the spyware was actually called "Limitless Keylogger Pro," according to evidence found by a security researcher who asked to remain anonymous... According to what appears to be Shames Linkedin page, he was an intern for the defense contractor Northrop Grumman from May 2015 until August 2016.

The Department of Justice announced that he'll be sentenced on June 16, and faces a maximum of 10 years in prison.
Government

Petition With Over 1 Million Signatures Urges President Obama To Pardon Snowden (cnet.com) 268

An anonymous reader quotes a report from CNET: More than 1 million people signed onto a petition asking President Barack Obama to pardon Edward Snowden, proponents of the pardon said Friday. The campaign began in September, when Snowden, his attorney Ben Wizner from the ACLU, and other privacy activists announced they would formally petition Obama for a pardon. Snowden leaked classified NSA documents detailing surveillance programs run by the U.S. and its allies to journalists in 2013, kicking off a heated debate on whether Americans should be willing to sacrifice internet privacy to help the government protect the country from terrorist attacks. Obama and White House representatives have said repeatedly that Snowden must face the charges against him and that he'll be afforded a fair trial. In the U.S., a pardon is "an expression of the president's forgiveness and ordinarily is granted in recognition of the applicant's acceptance of responsibility for the crime and established good conduct for a significant period of time after conviction or completion of sentence," according to the Office of the Pardon Attorney. It does not signify innocence. Also on Friday, David Kaye urged Obama to consider a pardon for Snowden. Kaye, the special rapporteur to the United Nations Human Rights Council on the freedom of expression, said U.S. law doesn't allow Snowden to argue that his disclosures were made for the benefit of the public. The jury would merely be asked to decide whether Snowden stole government secrets and distributed them -- something Snowden himself concedes he did. In response to the petition, Edward Snowden tweeted: "Whether or not this President ends the war on whistleblowers, you've sent a message to history: I feared no one would care. I was wrong."
Privacy

Why You Shouldn't Trust Geek Squad (networkworld.com) 389

An anonymous reader quotes a report from Network World: The Orange County Weekly reports that Best Buy's "Geek Squad" repair technicians routinely search devices brought in for repair for files that could earn them $500 reward as FBI informants. This revelation came out in a court case, United States of America v. Mark A. Rettenmaier. Rettenmaier is a prominent Orange County physician and surgeon who took his laptop to the Mission Viejo Best Buy in November 2011 after he was unable to start it. According to court records, Geek Squad technician John "Trey" Westphal found an image of "a fully nude, white prepubescent female on her hands and knees on a bed, with a brown choker-type collar around her neck." Westphal notified his boss, who was also an FBI informant, who alerted another FBI informant -- as well as the FBI itself. The FBI has pretty much guaranteed the case will be thrown out by its behavior, this illegal search aside. According to Rettenmaier's defense attorney, agents conducted two additional searches of the computer without obtaining necessary warrants, lied to trick a federal magistrate judge into authorizing a search warrant for his home, then tried to cover up their misdeeds by initially hiding records. Plus, the file was found in the unallocated "trash" space, meaning it could only be retrieved by "carving" with sophisticated forensics tools. Carving (or file carving) is defined as searching for files or other kinds of objects based on content, rather than on metadata. It's used to recover old files that have been deleted or damaged. To prove child pornography, you have to prove the possessor knew what he had was indeed child porn. There has been a court case where files found on unallocated space did not constitute knowing possession because it's impossible to determine who put the file there and how, since it's not accessible to the user under normal circumstances.
Crime

Two Triple-Screen Laptops Were Stolen From Razer's CES Booth (theverge.com) 165

In a Facebook post, Razer CEO Min-Liang Tan said two of their prototype laptops shown off at CES 2017 were stolen. "We treat theft/larceny, and if relevant to this case, industrial espionage, very seriously -- it is cheating, and cheating doesn't sit well with us," Tan wrote. "Penalties for such crimes are grievous and anyone who would do this clearly isn't very smart." Both items were prototype models of a laptop, called Project Valerie, that has three 4K displays. The Verge reports: Tan says that Razer is working with law enforcement and CES management to investigate. He's also asking show attendees to email legal@razerzone.com with any info they might have on what happened. A company representative added that a $25,000 reward is being offered for information leading to a conviction. The alleged theft occurred "after official show hours," says Allie Fried, director of global events communications for the Consumer Technology Association, which runs CES. "The security of our exhibitors, attendees and their products and materials are our highest priority," Fried wrote in an email to The Verge. "We look forward to cooperating with law enforcement and Razer as the incident is investigated."
Crime

FBI Arrests Volkswagen Executive On Charges Related To Dieselgate (cnet.com) 106

According to CNET, the FBI has arrested Volkswagen executive Oliver Schmidt over the weekend on charges of conspiracy to defraud the U.S. relating to the ongoing Dieselgate emissions scandal. From the report: Schmidt headed VW's regulatory compliance office in the U.S. from 2014 to March 2015. The FBI's official Criminal Complaint states that during that time VW employees -- Schmidt included -- knowingly installed secret "defeat device" software in 475,000 diesel cars in the U.S., hiding during emissions testing the fact that those cars emitted up to 40 times the legally allowable pollution levels when on the road. The complaint asserts that by knowingly installing this secret cheat software, Schmidt and VW conspired to defraud the U.S. by impairing and impeding the Environmental Protection Agency and violating the Clean Air Act, leading to the arrest on Saturday. Schmidt is due to appear before a Federal Court in Miami on Monday.
Crime

Macbook Saves Man's Life During Fort Lauderdale Airport Shooting (chron.com) 175

A 37-year-old credits his MacBook Pro laptop with saving his life during a shooting at the baggage claim of the Fort Lauderdale-Hollywood International Airport. An anonymous reader quotes WPLG Miami: He placed it in his backpack, but didn't think of it when he felt an impact on his back during the shooting... When the bloodshed was over, he said he went to the men's restroom and saw a bullet hole on the laptop. He gave it to FBI agents. And he was in shock when they found a 9 mm bullet in his backpack. That was when he realized a gunman aimed to kill him, but the laptop took the bullet for him. "If I didn't have that backpack on, the bullet would have shot me between the shoulders," Frappier said.
Government

FBI Releases (Redacted) Documents About The San Bernardino iPhone Case (go.com) 35

The FBI released 100 pages of documents about the unidentified vendor who unlocked the iPhone used by the San Bernardino shooter, but "censored critical details that would have shown how much the FBI paid, whom it hired and how it opened the phone." An anonymous reader quotes the Associated Press: The files make clear that the FBI signed a nondisclosure agreement with the vendor. The records also show that the FBI received at least three inquiries from companies interested in developing a product to unlock the phone, but none had the ability to come up with a solution fast enough for the FBI. The FBI also said in contracting documents that it did not solicit competing bids or proposals because it thought widely disclosing the bureau's needs could harm national security... The suit by the media organizations argued there was no legal basis to withhold the information and challenged the adequacy of the FBI's search for relevant records. It also said the public had a right to know whether the vendor has adequate security measures, is a proper recipient of government funds and will act only in the public interest. In refusing to provide the records, the FBI said the records had been compiled for law enforcement purposes and might interfere with ongoing enforcement proceedings, even though at the time the shooters were both dead and there were no indications others were involved.
Crime

How A Massive India Call Center Swindled 15,000 Americans (nytimes.com) 104

An FBI agent based in India says the country has now become a major hub for call-center fraud, blaming "a demographic bulge of computer-savvy, young, English-speaking job seekers; a vast call-center culture; super-efficient technology; and what can only be described as ingenuity." The Justice Depatment recently indicted one company for scamming "hundreds of millions of dollars" from over 15,000 victims, placing more than 1.8 million phone calls to Americans, and Slashdot reader retroworks brings an update: The New York Times has an interesting blow-by-blow story on two India tech center employees who informed on their call center fraud operation, which targeted Americans (especially recent immigrants) with fraudulent IRS calls and other scams. [May be paywalled; free version here.] The building was surrounded by police, phone lines cut. Eventually 630 of the employees were released, and charges were brought against 70 managers and executives of the call center.
The operation filled a seven-story high-rise, and the Times reports that after the raid, "fraudulent IRS calls to Americans dropped 95% percent, according to the Better Business Bureau." But they add that one former employee believes the scams will continue. Within weeks of the raid, he'd been offered a nearly identical job: calling Americans and claiming that their computer was infected with a virus.
Crime

New California Law Finally Makes Ransomware Illegal 128

Reader Trailrunner7 writes: It was nice to see the calendar turn over to 2017, for a lot of reasons, not the least of which is that on Jan. 1 a new law went into effect in California that outlaws the use of ransomware. The idea of needing a new law to make a form of hacking illegal may seem counterintuitive, but ransomware is a case of criminals outflanking the existing laws. Ransomware emerged in a big way a few years ago and the law enforcement community was not prepared for the explosion of infections. While there have been takedowns of ransomware gangs, they often involve charges of money laundering or other crimes, not the installation of the ransomware itself. In September, California Gov. Jerry Brown signed into law a bill that made the use of ransomware a crime, essentially a form of extortion. The law went into effect on Jan. 1.
Transportation

Eavesdropping Uber Driver Helps Rescue 16-Year-Old From Her Pimps (washingtonpost.com) 219

Slashdot reader sabri writes "In California, an Uber driver saved a 16 year old girl from human traffickers after he overheard them talk about delivering the girl to a customer." The Washington Post reports: Uber driver Keith Avila picked up a passenger who looked like a 12-year-old girl in a short skirt Monday night. That was the first sign that something was off, he would say later. Two women got into his car with the girl outside a house in Sacramento. Halfway to their destination -- a Holiday Inn in Elk Grove, California -- they asked Avila to turn up the music, he said. Then the women turned to the girl. Avila listened in.

"They were describing what they were going to do when they get there: 'Check for guns. Get the money before you start touching up on the guy,'" Avila said on Facebook Live minutes after he dropped off the passengers, then called police to report the women whom he suspected of prostituting the child. The girl was 16, not 12, Elk Grove police told local news outlets. But Avila's suspicions were right, they said. The teen was being sold for sex at the Holiday Inn, and her eavesdropping Uber driver had saved her.

The teen girl was returned to her family, while the two women with her were charged with multiple felonies. The driver had only joined Uber a few weeks earlier, but his Facebook Live video from outside his fare's house has now been viewed more than 240,000 times.
Crime

Police Request Amazon Echo Recordings For Homicide Investigation (cnet.com) 168

Tulsa_Time quotes a report from CNET: Amazon's Echo and Echo Dot are in millions of homes now, with holiday sales more than quadrupling from 2015. Always listening for its wake word, the breakthrough smart speakers boast seven microphones waiting to take and record your commands. Now, Arkansas police are hoping an Echo found at a murder scene in Bentonville can aid their investigation. [First reported by The Information, investigators filed search warrants to Amazon, requesting any recordings between November 21 and November 22, 2015, from James A. Bates, who was charged with murder after a man was strangled in a hot tub. While investigating, police noticed the Echo in the kitchen and pointed out that the music playing in the home could have been voice activated through the device. While the Echo records only after hearing the wake word, police are hoping that ambient noise or background chatter could have accidentally triggered the device, leading to some more clues. Amazon has not sent any recordings to the officers but did provide Bates' account information to authorities, according to court documents. The retailer giant said it doesn't release customer information without a "valid and binding legal demand." "Amazon objects to over-broad or otherwise inappropriate demands as a matter of course," the company said in a statement. Even without Amazon's help, police may be able to crack into the Echo, according to the warrant. Officers believe they can tap into the hardware on the smart speakers, which could "potentially include time stamps, audio files or other data."] Police also found a Nest thermostat, a Honeywell alarm system, wireless weather monitoring in the backyard and WeMo devices for lighting at the smart home crime scene. Officers have also seized an iPhone 6S, a Macbook Pro, a PlayStation 4 and three tablets in the investigation.
Biotech

You're An Adult, But Your Brain Might Not Be, Researchers Say (cnn.com) 261

"The human brain reaches its adult volume by age 10, but the neurons that make it up continue to change for years after that," reports the New York Times, citing a new paper by neuroscience researchers that questions when "adulthood" really begins. An anonymous reader writes: One of the paper's authors -- an associate psychology professor at Harvard -- tells CNN that "There is no agreed-on benchmark that, when reached, would allow a neuroscientist to say 'Aha! This brain is fully developed'. However, it is safe to say that by almost any metric, the brain is continuing to develop actively well past the age of 18..."

"Some children, researchers have found, have neural networks that look as if they belong to an adult..." adds the Times, noting that adolescents also "do about as well as adults on cognition tests, for instance. But if they're feeling strong emotions, those scores can plummet. The problem seems to be that teenagers have not yet developed a strong brain system that keeps emotions under control."

And this cuts both ways, according to a psychologist at Temple University who wants the voting age lowered to 16. ("Sixteen-year-olds are just as good at logical reasoning as older people are," he tells the Times) But he also believes judges should consider the lack of emotional control when sentencing defendants -- even if they're in their early 20s. "Most crime situations that young people are involved in are emotionally arousing situations -- they're scared, or they're angry, intoxicated or whatever."
Encryption

Russian Authorities Are Trying To Unlock iPhone 4S From Russian Ambassador's Killer (techcrunch.com) 106

The off-duty police officer who killed the Russian ambassador in Turkey was shot by Turkish special forces minutes after the crime. He had an iPhone 4S on him, and now, Haberturk, Turkish authorities asked for Russia's help to unlock the iPhone. From a report: Given that it's an iPhone 4S and it has a 4-digit passcode, it should be quite easy to unlock the device. There are many solutions out there to do this and authorities don't even need to ask for Apple's help. The iPhone 4S is quite old now and it was a much less secure device. First, the iPhone 4S runs iOS 5 to iOS 9, but many iPhone 4S owners didn't update to recent iOS versions. If the device runs iOS 7 or earlier, getting the content of the device is a piece of cake. The content of the device isn't encrypted as Apple started encrypting all data with iOS 8. Authorities can access this data quite easily. Second, if the iPhone is running iOS 8, remember that the iPhone 4S didn't have a Secure Enclave and Touch ID sensor. The Secure Enclave is a coprocessor that utilizes a secure boot process to make sure that it's uncompromized. It has a secret unique ID not accessible by the rest of the phone, Apple or anyone -- it's like a private key. The phone generates ephemeral keys (think public keys) to talk with the Secure Enclave. They only work with the unique ID to encrypt and decrypt the data on the coprocessor.
Crime

Hotbed of Cybercrime Activity Tracked Down To ISP In Region Where Russia Is Invading Ukraine (bleepingcomputer.com) 70

An anonymous reader writes: Last week, WordPress security firm WordFence revealed it detected over 1.65 million brute-force attacks originating from an ISP in Ukraine that generated more malicious traffic than GoDaddy, OVH, and Rostelecom, put together. A week later, after news of WordFence's findings came to light, Ukrainian users have tracked down the ISP to a company called SKS-Lugan in the city of Alchevs'k, in an area controlled by pro-Russian forces in eastern Ukraine. All clues point to the fact that the ISP's owners are using the chaos created by the Russian military intervention in Ukraine to host cyber-crime operations on their servers. Some of the criminal activities the ISP hosts, besides servers for launching brute-force attacks, include command-and-control servers for the Locky ransomware, [email, comment, and forum] spam botnets, illegal streaming sites, DDoS stressers, carding sites, several banking trojans (Vawtrack, Tinba), and infostealers (Pony, Neurevt). UPDATE 12/22/16: The headline and summary have been updated to reflect the fact that Ukraine is fighting a Russian invasion, and is not in a "civil war," as mentioned in the source.
EU

EU's Highest Court Delivers Blow To UK Snooper's Charter (theguardian.com) 156

"General and indiscriminate retention" of emails and electronic communications by governments is illegal, the EU's highest court has ruled, in a judgment that could trigger challenges against the UK's new Investigatory Powers Act -- the so-called snooper's charter. From a report on The Guardian: Only targeted interception of traffic and location data in order to combat serious crime -- including terrorism -- is justified, according to a long-awaited decision by the European court of justice (ECJ) in Luxembourg. The finding came in response to a legal challenge initially brought by the Brexit secretary, David Davis, when he was a backbench MP, and Tom Watson, Labour's deputy leader, over the legality of GCHQ's bulk interception of call records and online messages. Davis and Watson, who were supported by Liberty, the Law Society, the Open Rights Group and Privacy International, had already won a high court victory on the issue, but the government appealed and the case was referred by appeal judges to the ECJ. The case will now return to the court of appeal to be resolved in terms of UK legislation.
Businesses

Chicago Electronics Recycler Faked Tear-Downs, Sent Hazardous Waste To Overseas Landfills (arstechnica.com) 91

Federals agents have accused Brian Brundage, the former owner of Chicago-based electronics recycling company Intercon Solutions and current owner of EnviroGreen Processing, of fraud for failing to properly break down and recycle electronic devices according to federal guidelines. Brundage allegedly shipped Cathode Ray Tubes (CRTs) from old computer and TV monitors, which contained "hazardous amounts of lead," and batteries to overseas landfills for disposal. The leftover electronics that weren't shipped overseas were destroyed inappropriately at his businesses or stored in warehouses, which is forbidden by federal guidelines. Ars Technica reports: According to the indictment (PDF), Brundage also improperly resold many of the electronics he acquired. Between 2009 and 2015, Brundage received shipments of calculators from an unnamed technology company in Texas with instructions to disassemble the calculators and recycle them accordingly. But Brundage apparently resold the calculators to another company based in Tampa, Florida, which purchased and sold used electronics. In exchange for the shipments of calculators, Brundage allegedly had the company in Tampa directly pay some of Brundage's personal expenses. Those expense include between $31,000 and $39,000 per year for a nanny and $26,000 to $42,000 per year for a housekeeper, as well as tens of thousands of dollars for jewelry expenses and payments to an Indiana-based casino. Among the more colorful accusations in the US government's indictment of Brundage: the businessman allegedly went to lengths to fool third-party auditors into giving his companies the certifications necessary to keep doing business as an e-recycler. Brundage allegedly invited unknowing customers on sham tours of Intercon's facility. Once there, he "directed Intercon's warehouse staff to set up a staged disassembly line to make it falsely appear as though Intercon regularly processed e-waste in a manner that was consistent with its public representations." The Chicago Tribune published a feature on Intercon in 2007. In it, Brundage is quoted saying, "We put old products on a disassembly line. We break each item down to raw materials and send them off to be smelted and reused." He added, "nothing that leaves here goes to a landfill."
Advertising

Russian Hackers Stole $5 Million Per Day From Advertisers With Bots and Fake Websites (cnn.com) 93

Russian hackers have used fake websites and bots to steal millions of dollars from advertisers. According to researchers, the fraud has siphoned more than $180 million from the online ad industry. CNNMoney reports: Dubbed "Methbot," it is a new twist in an increasingly complex world of online crime, according to White Ops, the cybersecurity firm that discovered the operation. Methbot, so nicknamed because the fake browser refers to itself as the "methbrowser," operates as a sham intermediary advertising ring: Companies would pay millions to run expensive video ads. Then they would deliver those ads to what appeared to be major websites. In reality, criminals had created more than 250,000 counterfeit web pages no real person was visiting. White Ops first spotted the criminal operation in October, and it is making up to $5 million per day -- by generating up to 300 million fake "video impressions" daily. According to White Ops, criminals acquired massive blocks of IP addresses -- 500,000 of them -- from two of the world's five major internet registries. Then they configured them so that they appeared to be located all over the United States. They built custom software so that computers (at those legitimate data centers) acted like real people viewing those ads. These "people" even appeared to have Facebook accounts (they didn't), so that premium ads were served. Hackers fooled ad fraud blockers because they figured out how to build software that mimicked a real person who only surfed during the daytime -- using the Google Chrome web browser on a Macbook laptop.
Crime

Can Consumers Fight Package Thieves With Technology? (geekwire.com) 295

Every year more than 10 million packages are stolen off doorsteps, according to a study by August Home Inc. -- a company which sells a "smart" door lock that's controlled by your cellphone so you can remotely let a delivery person into your house. But that's just one of the weird ways consumers are using technology to try to fight package thieves. An anonymous reader reports: Some online shopping sites will now also text you when one of their packages gets left on your doorstep, according to GeekWire, which reports that for a thousand bucks you can also just buy a lockable iBin parcel-delivery box. But there's also a startup selling an odd new product called Package Guard, "a Frisbee sized, wi-fi-enabled device that alerts a user when a package has been delivered and set on top of it. Package Guard sets off a loud alarm if anyone unauthorized tries to remove the package."

GeekWire details the frustration of one Seattle police detective. "Bach knows the crimes are happening, he knows it all spikes during the holiday season and he knows that the few thieves who are caught are likely to see little if any jail time." (Though Bach admits "We do a wide variety of undercover stings," including a recent operation involving mobile surveillance with a "major delivery company.") One Seattle man even attempted to stop thieves by installing a Ring smart doorbell to film activity on his doorstep, only to discover that this only enabled him to watch helplessly as a thief opened his package, and then successfully stole all of its contents.

Though he yelled at the video "Bring my package back now!" that thief was never caught.

Slashdot Top Deals