Tag: privacy-rights

We know where you’ve been: Ars acquires 4.6M license plate scans from the cops

OAKLAND, Calif.—If you have driven in Oakland any time in the last few years, chances are good that the cops know where you’ve been, thanks to their 33 automated license plate readers (LPRs). Now Ars knows too. In response to a public records request, we obtained the entire LPR dataset of the Oakland Police Department (OPD), including more than 4.6 million reads of over 1.1 million unique plates between December 23, 2010 and May 31, 2014. The dataset is likely the largest ever publicly released in the United States—perhaps in the world. Read 59 remaining paragraphs | Comments

View article:
We know where you’ve been: Ars acquires 4.6M license plate scans from the cops

Google warns of unauthorized TLS certificates trusted by almost all OSes

In the latest security lapse involving the Internet’s widely used encryption system, Google said unauthorized digital certificates have been issued for several of its domains and warned misissued credentials may be impersonating other unnamed sites as well. The bogus transport layer security certificates are trusted by all major operating systems and browsers, although a fall-back mechanism known as public key pinning prevented the Chrome and Firefox browsers from accepting those that vouched for the authenticity of Google properties, Google security engineer Adam Langley wrote in a blog post published Monday . The certificates were issued by Egypt-based MCS Holdings , an intermediate certificate authority that operates under the China Internet Network Information Center (CNNIC). The Chinese domain registrar and certificate authority, in turn, is included in root stores for virtually all OSes and browsers. The issuance of the unauthorized certificates represents a major breach of rules established by certificate authorities and browser makers. Under no conditions are CAs allowed to issue certificates for domains other than those legitimately held by the customer requesting the credential. In early 2012, critics blasted US-based CA Trustwave for doing much the same thing and Langley noted an example of a France-based CA that has also run afoul of the policy. Read 6 remaining paragraphs | Comments

Read More:
Google warns of unauthorized TLS certificates trusted by almost all OSes

Islamic State doxes US soldiers, airmen, calls on supporters to kill them

Middle East terrorist organization Islamic State (ISIS) has called on its followers take the fight to 100 members of the United States military residing in the US. A group calling itself the “Islamic State Hacking Division” has posted names, addresses, and photographs of soldiers, sailors, and airmen online, asking its “brothers residing in America” to murder them, according to Reuters . Although the posting purports to come from the “Hacking Division,” US Department of Defense officials say that none of their systems appear to have been breached by the group. Instead, the personal data was almost certainly culled from publicly available sources, a DoD official told the  New York Times on the condition of anonymity. Those appearing on the list include crew members from the 2d Bomb Wing at Barksdale Air Force Base in Louisiana and the 5th Bomb Wing at Minot AFB in North Dakota, even though they have played no part in the US air campaign against ISIS. Other military members doxed have either been identified in media reports on the campaign or were cited by name in official DoD reports, officials told the  Times. Read 3 remaining paragraphs | Comments

See the original post:
Islamic State doxes US soldiers, airmen, calls on supporters to kill them

Classic FPS Descent to be rebooted by Star Citizen alums

The last time we checked in with Eric “Wingman” Peterson was August of 2014, where he was running Cloud Imperium Games’ Austin office and overseeing development on Star Citizen’s persistent universe. However, just a few months after that, Peterson left Cloud Imperium to develop his own game: a reboot of the mid-’90s first-person shooter game  Descent. Peterson has formed Descendent Studios , hired a development staff, and is currently overseeing a Kickstarter to pull together a minimum of $600,000 to finance development of the game, which is titled Descent Underground . Critically, Descent Underground has something that previous attempts to resurrect the Descent franchise have lacked: a licensing agreement with IP-holder Interplay. Kickstarter teaser for Descent Underground , formerly code-named “Ships That Fight Underground.” Old name, new presentation Descent was published by Interplay more than 20 years ago, in 1994. The first-person shooter developed by Parallax Software had players zipping around underground in a series of cavernous (and sometimes claustrophobic) mines filled with mad killer robots. Players navigated the underground environment in a Pyro GX spacecraft, which led to the game’s main selling point: it wasn’t just a regular FPS, but one which offered “six degrees of freedom.” In other words, you could move in any direction (X, Y, and Z) and turn in any direction (roll, pitch, yaw). Read 14 remaining paragraphs | Comments

Read the article:
Classic FPS Descent to be rebooted by Star Citizen alums

Windows 10 shaves off gigabytes with selective system file compression

With the Windows 8.1 Update, Microsoft shrank the Windows 8.1 install footprint to make it suitable for low-cost tablets with just 16GB of permanent storage, a reduction from the 32GB generally required for Windows 8. Windows 10 will shrink the disk footprint further, potentially freeing as much as 6.6GB of space on OEM preinstalls. Microsoft describes two sources of savings. The first is the re-use of a time-honored technique that fell out of fashion as hard drives grew larger and larger: per-file compression. The NTFS filesystem used in Windows has long allowed individual files and folders to be compressed, reducing their on-disk size at the expense of a small processor overhead when reading them. With spinning disks getting so large as to feel almost unlimited, per-file compression felt like a relic from a bygone age by the mid-2000s. But with the rise of solid state storage and ultra-cheap devices with just a handful of gigabytes available, per-file compression has gained a new lease on life. Read 11 remaining paragraphs | Comments

Read the article:
Windows 10 shaves off gigabytes with selective system file compression

Cops are freaked out that Congress may impose license plate reader limits

Despite the fact that no federal license plate legislation has been proposed, the International Association of Chiefs of Police (IACP) has sent a pre-emptive letter to top Congressional lawmakers, warning them against any future restrictions of automated license plate readers. The IACP claims to be the “world’s   oldest and largest association of law enforcement executives.” As the letter, which was published  last week, states: We are deeply concerned about efforts to portray automated license plate recognition (ALPR) technology as a national real-time tracking capability for law enforcement. The fact is that this technology and the data it generates is not used to track people in real time. ALPR is used every day to generate investigative leads that help law enforcement solve murders, rapes, and serial property crimes, recover abducted children, detect drug and human trafficking rings, find stolen vehicles, apprehend violent criminal alien fugitives, and support terrorism investigations. Sarah Guy, a spokeswoman for the IACP, told Ars that current state and local restrictions have made the police lobby group concerned at the federal level. Read 14 remaining paragraphs | Comments

View article:
Cops are freaked out that Congress may impose license plate reader limits

Consumer SSDs benchmarked to death—and last far longer than rated

We last checked in with TechReport’s grand SSD torture test back in June , when the first drives in the six-drive roundup had failed. The drives to first fall victim to the unending barrage of data writes were the Intel 335, one of two Kingston HyperX 3Ks (the one tasked with an non-compressible workload to stymie its compression-happy Sandforce controller), and the Samsung 840. All three failed short of 1PB of writes, but it’s also important to note that all of them—even the TLC-equipped Samsung 840—far exceeded their manufacturers’ stated write lifetimes. But now the experiment has come to its grand conclusion : all the drives have finally gone silent, their controllers unresponsive, their NAND cells heavy with extra electrons . The TechReport’s post-mortem is glorious in its depth and detail, with tons of data points and charts describing the course of the experiment and the fate of each of the drives. Tech-savvy buyers who might be worried about SSD lifetime decreasing even as SSD capacity skyrockets should have their fears assuaged by the ridiculous number of writes the tested drives endured; the drive that survived the longest survived more than 2.4 petabytes worth of sustained writes. That’s probably about 240x as much writing as a typical consumer SSD would need to endure over its lifetime. Read 2 remaining paragraphs | Comments

Link:
Consumer SSDs benchmarked to death—and last far longer than rated

AT&T still throttles unlimited data, and FCC isn’t promising to stop it

How long will AT&T continue to get away with throttling unlimited data plans? Even after the Federal Communications Commission’s recent net neutrality ruling banned throttling, the FCC isn’t saying whether it will put a stop to it. All major US cellular carriers impose some form of throttling on unlimited data plans, but AT&T’s throttling seems most likely to fall afoul of the FCC’s rules. The big carriers generally reserve the right to slow down data speeds for customers with unlimited data plans after they hit a certain usage threshold each month, but they only do the actual throttling when the user is connected to a congested tower. AT&T, on the other hand, slows its unlimited LTE users down for the rest of the month once they’ve hit a 5GB threshold, and the throttling happens at all hours of the day and in all locations regardless of whether the user is connected to a congested tower. More than any other throttling policy enforced by a major carrier, this one seems designed to push customers with grandfathered unlimited data plans onto newer, more expensive plans that charge automatic overage fees when customers go over their caps. Read 12 remaining paragraphs | Comments

See the article here:
AT&T still throttles unlimited data, and FCC isn’t promising to stop it

CryptoLocker look-alike searches for and encrypts PC game files

Crypto-based “ransomware” has become a lucrative business for cybercriminals. Since the arrival of CryptoLocker on the scene last year, a number of copycat malware packages have appeared to compete in the cyber-extortion market, encrypting victims’ photos and other personal files with a key that will be destroyed if they don’t contact the malware’s operators and pay up. Recently, a new variant has emerged that seeks to raise the stakes with a particular class of victim by specifically seeking out files related to a number of popular PC games, as well as Valve’s Steam gaming platform. The malware, which is a variant of the crypt-ransomware called TeslaCrypt, superficially looks like CryptoLocker. But according to a number of security researchers who have analyzed the malware, it shares little code with CryptoLocker or its more well-known successor CryptoWall. And while it will also will target photos and documents, as well as iTunes-related files, as Bromium security researcher Vadim Kotov noted in an analysis on Bromium Labs’ blog , TeslaCrypt also includes code that specifically looks for files related to more than 40 specific PC games, gaming platforms, and game developer tools. The games include both single player and multiplayer games, though it isn’t clear how targeting some of the multiplayer games would affect users other than requiring a re-install. The games targeted include a mix of older and newer titles— for example, Blizzard’s StarCraft II and WarCraft III real-time strategy games and its World of Warcraft online game are targeted. Also on TeslaCrypt’s hit list: Bioshock 2, Call of Duty, DayZ, Diablo, Fallout 3, League of Legends, F.E.A.R, S.T.A.L.K.E.R, Minecraft, Metro 2033, Half-Life 2, Dragon Age: Origins, Resident Evil 4, World of Tanks, Metin 2, and The Elder Scrolls (specifically, Skyrim-related files), as well as Star Wars: The Knights Of The Old Republic. There’s also code that searches for files associated with games from specific companies that affect a wide range of titles, including a variety of games from EA Sports, Valve, and Bethesda, and Valve’s Steam gaming platform. And the game development tools RPG Maker, Unity3D and Unreal Engine are targeted as well. Read 4 remaining paragraphs | Comments

See the original article here:
CryptoLocker look-alike searches for and encrypts PC game files

Apple releases iOS 8.2 today with Apple Watch support and plenty of bug fixes

SAN FRANCISCO—iOS 8.2 has been in development for several months now, and today Apple is formally releasing the update to the public. It’s available as an over-the-air update or through iTunes for any device running iOS 8, including the iPhone 4S, 5, 5C, 5S, 6, and 6 Plus; all iPads except the first-generation model; and the fifth-generation iPod Touch. The biggest feature update is support for the Apple Watch. The device will work with the iPhone 5 and newer models, but it will not work with iPads or iPods. Once you’ve tethered a watch to your phone, a new companion app will allow you to change the watch’s settings, organize its Home screen, and make other changes. We’ll take a longer look at this companion app when the time comes to review the Apple Watch itself. For those of you with other iDevices and/or no particular interest in the Apple Watch, there are still plenty of reasons to install the update. HomeKit will allow users to control devices at home Read 2 remaining paragraphs | Comments

Link:
Apple releases iOS 8.2 today with Apple Watch support and plenty of bug fixes