An anonymous reader writes from a report via Schneier on Security: Two researchers have discovered over 100 Tor nodes that are spying on hidden services. Cory Doctorow from Boing Boing reports: “These nodes — ordinary nodes, not exit nodes — sorted through all the traffic that passed through them, looking for anything bound for a hidden service, which allowed them to discover hidden services that had not been advertised. These nodes then attacked the hidden services by making connections to them and trying common exploits against the server-software running on them, seeking to compromise and take them over. The researchers used ‘honeypot’ .onion servers to find the spying computers: these honeypots were .onion sites that the researchers set up in their own lab and then connected to repeatedly over the Tor network, thus seeding many Tor nodes with the information of the honions’ existence. They didn’t advertise the honions’ existence in any other way and there was nothing of interest at these sites, and so when the sites logged new connections, the researchers could infer that they were being contacted by a system that had spied on one of their Tor network circuits. No one knows who is running the spying nodes: they could be run by criminals, governments, private suppliers of ‘infowar’ weapons to governments, independent researchers, or other scholars (though scholarly research would not normally include attempts to hack the servers once they were discovered).” The Tor project is aware of the attack and is working to redesign its system to try and block it. Security firm Bitdefender has issued an alert about a malicious app called EasyDoc that hands over control of Macs to criminals via Tor. Read more of this story at Slashdot.
Read this article:
Researchers Discover Over 100 Tor Nodes Designed To Spy On Hidden Services
Kristen V. Brown, reporting for Fusion:It is well-trod territory at this point that biases against women’s technological abilities hold women in technology back. Study after study has shown bias persists at every point of the employment process. So the start-up interviewing.io decided to try and do something about it. It masked women’s voices to sound like men’s and vice versa during online interviews to see if interviewers would like them better. It was inspired to do the experiment because it was seeing some alarming data. Interviewing.io is a platform that allows people to practice technical interviewing anonymously and, hopefully, get a job in the process. After amassing data from thousands of technical interviews, the company noticed a troubling trend, writes founder Aline Lerner in a blog post: “Men were getting advanced to the next round 1.4 times more often than women. Interviewee technical score wasn’t faring that well either — men on the platform had an average technical score of 3 out of 4, as compared to a 2.5 out of 4 for women.” Read more of this story at Slashdot. 
An anonymous reader writes: Github’s transparency report for 2015 shows that the site received many DMCA notices that removed more than 8, 200 projects. “In 2015, we received significantly more takedown notices, and took down significantly more content, than we did in 2014, ” Github reports. For comparison, the company received only 258 DMCA notices in 2014, 17 of which responded with a counter-notice or retraction. In 2015, they received 505 takedown notices, 62 of which were the subject of counters or withdrawals. TorrentFreak reports: “Copyright holders are not limited to reporting one URL or location per DMCA notice. In fact, each notice filed can target tens, hundreds, or even thousands of allegedly infringing locations.” September was a particularly active month as it took down nearly 5, 834 projects. “Usually, the DMCA reports we receive are from people or organizations reporting a single potentially infringing repository. However, every now and then we receive a single notice asking us to take down many repositories, ” Github explains. They are called ‘Mass Removals’ when more than 100 repositories are asked to be removed. “In all, fewer than twenty individual notice senders requested removal of over 90% of the content GitHub took down in 2015.” Read more of this story at Slashdot.