Last Chance - Get 15% off sitewide on Slashdot Deals with coupon code "BLACKFRIDAY" (some exclusions apply)". ×

Pwned Barbies Spying On Children? Toytalk CEO Downplays Hacking Reports ( 80

McGruber writes: Earlier this year Mattel unveiled "Hello Barbie," a $74.99 wi-fi equipped interactive doll. Users press a button on Barbie's belt to start a conversation and the recorded audio is processed over the internet so that the doll can respond appropriately. The doll also remembers the user's likes and dislikes.

Now Security Researcher Matt Jakubowski claims that he has managed to hack the Hello Barbie system to extract wi-fi network names, account IDs and MP3 files, which could be used to track down someone's home. "You can take that information and find out a person's house or business. It's just a matter of time until we are able to replace their servers with ours and have her say anything we want," Jakubowski warned. Mattel partnered with ToyTalk to develop "Hello Barbie." ToyTalk CEO Oren Jacob said: "An enthusiastic researcher has reported finding some device data and called that a hack. While the path that the researcher used to find that data is not obvious and not user-friendly, it is important to note that all that information was already directly available to Hello Barbie customers through the Hello Barbie Companion App. No user data, no Barbie content, and no major security or privacy protections have been compromised to our knowledge." A petition by the Campaign for a Commercial-Free Childhood asking Mattel to drop the doll has already been signed by over 6,000 people.

NOTE: The original reporting of this hack appears to have been this NBC-Chicago newscast.


Creator of Relay On BITNET, Predecessor of IRC, Dies ( 31

tmjva writes: Jeff Kell passed away on November 25 as reported here in the 3000newswire. He was inventor of BITNET Relay, a predecessor of Internet Relay Chat using the REXX programming language.

In 1987 he wrote the following preserved article about RELAY and here is his obituary.. May this early inventor rest in peace.


DecryptorMax/CryptInfinite Ransomware Decrypted, No Need To Pay Ransom ( 48

An anonymous reader writes: Emsisoft has launched a new tool capable of decrypting files compromised by the DecryptorMax (CryptInfinite) ransomware. The tool is quite easy to use, and will generate a decryption key. For best results users should compare an encrypted and decrypted file, but the tool can also get the decryption key by comparing an encrypted PNG with a random PNG downloaded off the Internet.
The Internet

Ask Slashdot: Is There a Bookmark Manager That Actually Manages Bookmarks? 94

hackwrench writes: Most reviews of so-called bookmark managers focus on the fact that they can share bookmarks across browsers and devices and whether or not they can make your bookmarks public or not. Sometimes they mention that you can annotate bookmarks. Little is said about real management features like making certain bookmarks exclusive to one or a set of browsers or devices, checking for dead links and maybe even looking them up on I'm sure this isn't an exhaustive list of features that would be good to have. What bookmarks managers do you use and why, and what features would you like to see in a bookmark manager?

LinkedIn's Own CSS Abused For Clickjacking Attacks 12

An anonymous reader writes: LinkedIn has fixed a security bug that allowed attackers to use its own CSS code for clickjacking attacks. Basically attackers can create blog posts and load CSS classes from LinkedIn's own stylesheets. If a reader lands on that blog post, then a malicious link can be shown for the entire area of the page. Not something "unique" since this type of method is quite well-known, but you don't generally expect to find these kind of attacks on LinkedIn's own platform. (Here's a link to the LinkedIn security blog. Sorry for not linking to the particular blog — LinkedIn has a weird URL policy. It's the first one.)

The First Online Purchase Was a Sting CD (Or Possibly Weed) ( 52

tedlistens writes: On August 11, 1994, 21-year-old Dan Kohn, founder of a pioneering, online commerce site, made his first web sale. His customer, a friend of his in Philadelphia, spent $12.48, plus shipping costs on Sting's CD "Ten Summoner's Tales," in a transaction protected by PGP encryption. "Even if the N.S.A. was listening in, they couldn't get his credit card number," Kohn told a New York Times reporter in an article about NetMarket the following day. According to a new short video about the history of online shopping, there were a few precedents, including a weed deal between grad students on the ARPANET and a 74-year-old British grandmother who in 1984 used a Videotex—essentially a TV connected to telephone lines—to order margarine, eggs, and cornflakes.

Swedish Court: ISPs Can't Be Forced To Ban the Pirate Bay ( 52

An anonymous reader writes: After years of rulings against The Pirate Bay around Europe, a Swedish court has now ruled that the country's ISPs can't be forced to block access to the torrent indexer. The case centers around copyright holders and an ISP called Bredbandsbolaget. The ISP refused to comply with demands that music pirates be cut off from internet access. When rightsholders couldn't get traction that way, they added Bredbandsbolaget to their list of targets. The court found that the ISP does not "participate" in copyright infringement carried out by its subscribers, and is thus not liable for any damages incurred.
United Kingdom

UK Prisons To Crack Down On Inmate Internet and Mobile Phone Use ( 69

An anonymous reader writes: UK prisons will roll out enhanced internet and mobile phone blocking technologies, according to new measures announced yesterday by Chancellor George Osborne in the Autumn Statement. The step, which seeks to stop inmate access to the internet and calls made from mobile devices, will involve part of a £1.3bn investment from the Ministry of Justice to improve the country's Prison Service. Through this strategy, the government hopes to drive "safety improvements" by denying calls and data used on illicit mobile devices. The latest development in blocking technologies promises to be better (paywalled) than earlier systems, which inmates have been able to get around.

Greenwald: Why the CIA Is Smearing Edward Snowden After Paris Attacks ( 290

JoeyRox points out that Glenn Greenwald has some harsh words for the CIA in an op-ed piece for the LA Times. From the article: "Decent people see tragedy and barbarism when viewing a terrorism attack. American politicians and intelligence officials see something else: opportunity. Bodies were still lying in the streets of Paris when CIA operatives began exploiting the resulting fear and anger to advance long-standing political agendas. They and their congressional allies instantly attempted to heap blame for the atrocity not on Islamic State but on several preexisting adversaries: Internet encryption, Silicon Valley's privacy policies and Edward Snowden."

Google Scours 1.2 Million URLs To Conform With EU's "Right To Be Forgotten" Law ( 66

An anonymous reader writes: According to a Google report the company has evaluated 1,234,092 URLs from 348,085 requests since the EU's May 2014 "right to be forgotten" ruling, and has removed 42% of those URLs. Engadget reports: "To show how it comes to its decisions, the company shared some of the requests it received and its decisions. For example: a private citizen that was convicted of a serious crime, but had that conviction overturned during appeal, had search results about the crime removed. Meanwhile a high ranking public official in Hungary failed to get the results squelched of a decades-old criminal conviction. Of course, that doesn't mean the system is perfect and the company has already been accused of making mistakes."

IT Execs On Their Dream Dinner Guests 83

StewBeans writes: In this lighthearted article for the holiday, IT executives were asked, if they could invite any technologist living or deceased to their Thanksgiving dinner, who would they invite and why? One CTO said that he'd invite the CTO of Amazon, Werner Vogels, so he could hear his thoughts on the future of cloud computing. Another would invite Ratan Tata, who he calls the "Bill Gates of India." Other responses range from early visionaries like Grace Hopper and Vint Cerf to the mysterious inventors/designers of the Roland TR-808.
The Courts

Insurer Refuses To Cover Cox In Massive Piracy Lawsuit ( 100

An anonymous reader writes with news that Cox Communications' insurer, Lloyds Of London underwriter Beazley, is refusing to cover legal costs and any liabilities from the case brought against it by BMG and Round Hill Music. TorrentFreak reports: "Trouble continues for one of the largest Internet providers in the United States, with a Lloyds underwriter now suing Cox Communications over an insurance dispute. The insurer is refusing to cover legal fees and potential piracy damages in Cox's case against BMG Rights Management and Round Hill Music. Following a ruling from a Virginia federal court that Cox is not protected by the safe-harbor provisions of the DMCA, the Internet provider must now deal with another setback. Following a ruling from a Virginia federal court that Cox is not protected by the safe-harbor provisions of the DMCA, the Internet provider must now deal with another setback."

What Is the Future of the Television? ( 232

An anonymous reader writes: Benedict Evans has an interesting post about where television hardware is headed. In the 1990s and early 2000s, the tech industry made a huge push to invade the living room, trying to make the internet mesh with traditional TV broadcasts. As we all know, their efforts failed. Now, we periodically see new waves of devices to attach to the TV, but none have been particularly ambitious. The most successful devices of the recent wave, like the Chromecast and Apple TV, are simply turning the TV into a dumb screen for streamed content. Meanwhile, consumption of all types of video content is growing on smaller screens — tablets, phones, etc. Even game consoles are starting to see their market eroded by boxes like the Steam Link, which acts as a pipe for a game being played elsewhere on a PC. It raises an intriguing question: where is the television headed? What uses and functions does one giant screen serve that can't be cleverly redistributed to smaller screens? Evans concludes, "The web's open, permissionless innovation beat the closed, top-down visions of interactive TV and the information superhighway."

The Tamagochi Singularity Made Real: Infinite Tamagochi Living On the Internet ( 84

szczys writes: Everyone loves Tamagochi, the little electronic keychains spawned in the '90s that let you raise digital pets. Some time ago, XKCD made a quip about an internet-based matrix of thousands of these digital entities. That quip is now a reality thanks to elite hardware hacker Jeroen Domburg (aka Sprite_TM). In his recent talk called "The Tamagochi Singularity" at the Hackaday SuperConference he revealed that he had built an infinite network of virtual Tamagochi by implementing the original hardware as a virtual machine. This included developing AI to keep them happy, and developing a protocol to emulate their IR interactions. But he went even further, hacking an original keychain to use wirelessly as a console which can look in on any of the virtual Tamagochi living on his underground network. This full-stack process is unparalleled in just about every facet: complexity, speed of implementation, awesome factor, and will surely spark legions of other Tamagochi Matrices.

UK Mobile Operator Could Block Ads At Network Level ( 103

Mickeycaskill writes: UK network operator EE says it is investigating the possibility of blocking adverts at a network level, allowing customers to limit the types and frequency of adverts they see in browsers and applications. The move is likely to concern digital publishers, many of whom rely on advertising revenue to fund their content. Ad blockers have become more popular in recent times, with many users employing them to save battery life, consume less data and protect against malvertising attacks. EE CEO Olaf Swantee said, "We think it’s important that, over time, customers start to be offered more choice and control over the level and intensity of ads on mobile. For EE, this is not about ad blocking, but about starting an important debate around customer choice, controls and the level of ads customers receive. This is an important debate that needs to happen soon."
The Internet

One Family Suffering Through Years-Long Trolling Campaign ( 256

blottsie writes: Since 2010, the Straters have been under assault from an online campaign of ever-increasing harassment — prank deliveries, smear attacks, high-profile hacks, and threats of violence against schools and law enforcement officials in their name — and it's slowly torn them apart. Masterminding it all is a teenage Lizard Squad hacker from Finland, at war with their son, Blair, over a seemingly minor dispute. "When the family started getting notices about their utilities being disconnected, they realized things were escalating out of control. Utility provider Commonwealth Edison once called the house to iron out the details about a request to have the power turned off after a supposed move. Something similar happened with their trash service. On Halloween 2013, Comcast shut off their cable and Internet service."
Electronic Frontier Foundation

Judge Wipes Out Safe Harbor Provision In DMCA, Makes Cox Accomplice of Piracy ( 222

SysKoll writes: The DMCA is well-known for giving exorbitant powers to copyright holders, such as taking down a page or a whole web site without a court order. Media companies buy services from vendors like Rightscorp, a shake-down outfit that issues thousands of robot-generated take-down notices and issues threats against ISPs and sites ignoring them. Cox, like a lot of ISPs, is inundated with abusive take-down notices, in particular from Rightscorp. Now, BMG Rights Management and Round Hill Music are suing Cox for refusing to shut off the Internet access of subscribers that Rightscorp accused of downloading music via BitTorrent. Cox argues that as an ISP, they benefit from the Safe Harbor provision that shields access providers from subscribers' misbehavior. Not so, says U.S. District Judge Liam O'Grady. The judge sided with the media companies ahead of trial, saying Cox should have terminated the repeat offenders accused by Rightscorp. Cox's response is quite entertaining for a legal document (PDF): its description of Rightscorp includes the terms "shady," "shake-down," and "pay no attention to the facts." O'Grady also derided the Electronic Frontier Foundation's attempt to file an amicus brief supporting Cox, calling them hysterical crybabies.

Yahoo Denies Ad-blocking Users Access To Email ( 323

JoeyRox writes: Yahoo is running an A/B test that blocks access to Yahoo email if the site detects that the user is running an Ad Blocker. Yahoo says that this a trial rather than a new policy, effecting only a "small number" of users. Those lucky users are greeted with a message that reads "Please disable Ad Blocker to continue using Yahoo Mail." Regarding the legality of the move, "Yahoo is well within its rights to do so," said Ansel Halliburton an attorney at Kronenberger Rosenfeld who specializes in Internet law.

Patreon Users Threatened By Ashley Madison Scammers ( 75

itwbennett writes: "Over the last few days, the group responsible for extortion attempts and death threats against Ashley Madison users has turned to a new set of targets – Patreon users," writes CSO's Steve Ragan. A message sent from the same account used in previous campaigns by the scammers demands a payment of 1 BTC or else the Patreon user will have their personal information exposed. "The [Bitcoin] wallet being used by the group has barely collected anything," says Ragan, "suggesting that after their massive push towards Ashley Madison users, people have stopped falling for their scams."

What the Sony Hack Looked Like To Employees ( 51

An anonymous reader writes: The cyber attack on Sony was one of the highest profile hacks in the past several years. Slate tracked down two dozen people who worked there at the time, and asked them what it was like on the inside while it was happening. Quoting: "The telephone directory vanished. Voicemail was offline. Computers became bricks. Internet access on the lot was shuttered. The cafeteria went cash-only. Contracts—and the templates those contracts were based on—disappeared. Sony's online database of stock footage was unsearchable. It was near impossible for Sony to communicate directly with its employees—much less ex-employees, who were also gravely affected by the hack—to inform them of what was even happening and what to do about it. 'It was like moving back into an earlier time,' one employee says." Some employees had their workloads doubled, some had nothing to do. While the hack brought the company together at the beginning, it eventually descended into recriminations and lawsuits.