An anonymous reader writes from a report via Softpedia: David Levin, 31, of Estero, Florida will spend 20 days in prison after hacking two websites belonging to the Florida state elections department. Levin, a security researcher, tested the security of two Florida state election websites without permission, and then recorded a video and posted on YouTube. The problem is that the man appearing in the video next to Levin was a candidate for the role of state election supervisor, running for the same position against the incumbent Supervisor of Elections, Sharon Harrington. Harrington reported the video to authorities, who didn't appreciate the media stunt pulled by the two, and charged the security researcher with three counts of hacking-related charges. The researcher turned himself in in May and pleaded guilty to all charges. This week, he received a 20-day prison sentence and two years of probation. In court he admitted to the whole incident being a political stunt.

An anonymous reader quotes a report from Reuters: The White House on Thursday named a retired U.S. Air Force general as the government's first federal cyber security chief, a position announced eight months ago that is intended to improve defenses against hackers. Gregory Touhill's job will be to protect government networks and critical infrastructure from cyber threats as federal chief information security officer, according to a statement. President Barack Obama announced the new position in February alongside a budget proposal to Congress asking for $19 billion for cyber security across the U.S. government. Touhill is currently a deputy assistant secretary for cyber security and communications at the Department of Homeland Security. He will begin his new role later this month, a source familiar with the matter said. Grant Schneider, who is the director of cyber security policy at the White House's National Security Council, will be acting deputy to Touhill, according to the announcement. wiredmikey adds from a report via SecurityWeek.Com: The White House today announced that Brigadier General (retired) Gregory J. Touhill has been named the first Federal Chief Information Security Officer (CISO). Back in February, President Barack Obama unveiled a cybersecurity "national action plan" (CNAP) which called for an overhaul of aging government networks and a high-level commission to boost security awareness. As part of the plan, the White House said it would hire a federal CISO to direct cybersecurity across the federal government. General Touhill is currently the Deputy Assistant Secretary for Cybersecurity and Communications in the Office of Cybersecurity and Communications at the Department of Homeland Security (DHS). The key hire comes at a time when the government needs cybersecurity talent more than ever. Earlier this week a report published by the U.S. House of Representatives Committee said the data breaches disclosed by the Office of Personnel Management (OPM) last year were a result of culture and leadership failures, and should not be blamed on technology.

An anonymous reader quotes a report from The Verge: Newly published documents from Edward Snowden have shed more light on American surveillance operations in the UK. The Intercept details how the NSA and GCHQ used information gathered by Menwith Hill Station, a massive but tightly sealed facility that intercepts satellite data transmissions worldwide. Among other things, the files appear to include evidence that links UK-based surveillance to American anti-terrorism campaigns outside official combat zones. While many surveillance efforts focus on the internet's connective "backbone" cables, Menwith Hill intercepts wireless signals, using an array of antennae and U.S. government satellites to capture up to 335 million pieces of metadata in a 12-hour period. Previous reports -- including an earlier Snowden leak -- have already revealed some of its capabilities. But The Intercept includes more details, particularly about the UK's involvement in "capture-kill" operations against suspected terrorists. It describes how the GHOSTHUNTER program traced the location of targets "when they log onto the internet," often in internet cafes. A different program called GHOSTWOLF, which let the NSA and GCHQ monitor traffic from Yemeni internet cafes, is part of a plan to "capture or eliminate key nodes in terrorist networks" by tracking their locations. This leak fuels existing suspicions that the UK's role in American covert drone strikes is greater than it admits -- potentially implicating it in the civilian deaths that have resulted. GCHQ told The Intercept that all its work "is carried out in accordance with a strict legal and policy framework," and "is entirely compatible with the European Convention on Human Rights."

An anonymous reader quotes a report from Washington Post: U.S. intelligence and law enforcement agencies are probing what they see as a broad covert Russian operation in the United States to sow public distrust in the upcoming presidential election and in U.S. political institutions, intelligence and congressional officials said. The aim is to understand the scope and intent of the Russian campaign, which incorporates cyber-tools to hack systems used in the political process, enhancing Russia's ability to spread disinformation. The effort to better understand Russia's covert influence operations is being coordinated by James R. Clapper Jr., the director of national intelligence. The Kremlin's intent may not be to sway the election in one direction or another, officials said, but to cause chaos and provide propaganda fodder to attack U.S. democracy-building policies around the world, particularly in the countries of the former Soviet Union. U.S. intelligence officials described the covert influence campaign here as "ambitious" and said it is also designed to counter U.S. leadership and influence in international affairs. One congressional official, who has been briefed recently on the matter, said "Russian 'active measures' or covert influence or manipulation efforts, whether it's in Eastern Europe or in the United States" are worrisome. It "seems to be a global campaign," the aide said. As a result, the issue has "moved up as a priority" for the intelligence agencies, which include the FBI and Department of Homeland Security as well as the CIA and the National Security Agency. Their comments came just before President Obama and Russian President Vladimir Putin talked privately about cyberspying and other matters on the sidelines of the Group of 20 talks in China.

An anonymous Slashdot reader quotes the BBC: The US and China -- together responsible for 40% of the world's carbon emissions -- have both formally joined the Paris global climate agreement... It will only come into force legally after it is ratified by at least 55 countries, which between them produce 55% of global carbon emissions. Before China made its announcement, the 23 nations that had so far ratified the agreement accounted for just over 1% of emissions. This will put pressure on G20 nations over the weekend to move faster with their pledge to phase out subsidies to fossil fuels...
There's a G20 summit starting on Sunday, and the BBC's environmental analyst reports that the accord "will just need the EU and a couple of other major polluters to cross the threshold." Its ultimate goal is to stop global temperatures from rising more than 2 degrees Celsius -- "well above the aspirational 1.5C heating that the UN accepts should really be the limit" -- though U.K. researchers report that already 2016 temperatures may be rising 1.1C above pre-industrial levels.

mi writes: Washington Free Beacon reports: "The National Science Foundation is spending roughly half a million dollars to combat 'online trolling.' A joint project by Northwestern and Northeastern universities is examining how to create 'trolling-free environments' on the internet. The researchers define online trolls as those who try to influence public opinion by boosting 'misleading' and 'inauthentic comments.'" Just how can the "misleading" and "inauthentic" speech be eliminated by the government without violating the First Amendment? "Today almost every browser click that users make is collected by numerous trackers associated with a variety of online services (e.g., advertising networks, online social networks, e-commerce platforms)," a grant for the project states. "Users have often expressed concern about the lack of privacy and control over their personal data. Nonetheless, despite a substantial effort to expose and control this prevalent behavior, the reality is that users keep accepting updated online privacy policies, which in turn grant the gathering of more personal data. This project explores re-using this extensive tracking infrastructure for the benefits of both the users themselves and web services, with a goal of preventing online trolling (scenarios in which various groups deploy tactics to influence public opinion on the internet, by leaving biased, false, misleading, and inauthentic comments, and then artificially amplifying their ratings). The project aims to show how the tracking infrastructure can be re-used as a user 'fingerprint,' allowing a lightweight and privacy-preserving form of identification for third-party web sites." The lead researchers on the project, Aleksander Kuzmanovic from Northwestern University, and Alan Mislove from Northeastern University, said: "Public opinion is of paramount importance in any society. It is thus not a surprise that many governments, political parties, and various other groups deploy tactics to influence public opinion on the internet, a practice commonly referred to as trolling." They say their work could help combat "troll armies" used by Russia and China.

An anonymous reader shares with us an excerpt from a report via Ars Technica: As she was being confirmed as Secretary of State, Hillary Clinton contacted Colin Powell to ask him about his use of a Blackberry while in the same role. According to a Federal Bureau of Investigations memorandum published today (PDF), Powell warned Clinton that if it became public that she was using a Blackberry to "do business," her e-mails would be treated as "official" record and be subject to the law. "Be very careful," Powell said according to the FBI. "I got around it all by not saying much and not using systems that captured the data." Perhaps Clinton's troubles began when she switched from a Blackberry-hosted e-mail account to an account on her Clintonemail.com domain -- a domain hosted on an Apple Power Mac "G4 or G5" tower running in the Clintons' Chappaqua, New York residence. The switch to the Power Mac as a server occurred the same month she exchanged messages with Powell. The Power Mac, originally purchased in 2007 by former President Clinton's aide Justin Cooper, had acted as the server for presidentclinton.com and wjcoffice.com. Cooper managed most of the technology support for Bill Clinton and took charge of setting up Hillary Clinton's new personal mail system on the Power Mac, which sat alongside a firewall and network switching hardware in the basement of the Clintons' home. But the Power Mac was having difficulty handling the additional load created by Blackberry usage from Secretary Clinton and her staff, so a decision was made quickly to upgrade the server hardware. Secretary Clinton's deputy chief of staff at the State Department, Huma Abedin, connected Cooper with Brian Pagliano, who had worked in IT for the secretary's 2008 presidential campaign. Cooper inquired with Pagliano about getting some of the campaign's computer hardware as a replacement for the Power Mac, and Pagliano was in the process of selling the equipment off.

schnell writes: The New York Times is reporting on the informal but seemingly symbiotic relationship between Russian hackers attacking American targets and Wikileaks (Warning: may be paywalled) as their favorite spot for disseminating the embarrassing results. New York Times reports: "American officials say Mr. Assange and WikiLeaks probably have no direct ties to Russian intelligence services. But the agendas of WikiLeaks and the Kremlin have often dovetailed." When it comes to embarrassing the U.S. government, Russia and Wikileaks' Julian Assange doubtlessly have common interests. But the reporters' analysis of leaks over the past several years raises a question of whether this is just a natural alliance of a source for incriminating documents and a motivated publisher, or does Wikileaks focus on the U.S. and downplay revelations about authoritarian regimes like Russia's as a result of the cozy relationship? nickovs adds: The New York Times is reporting how Russia often benefits when Julian Assange reveals the West's secrets. The article discusses Assange's change in stance regarding Russia over the years and how the Kremlin appears to support, and benefit from, the leaks that he publishes. The New York Times reports: "United States officials say they believe with a high degree of confidence that the Democratic Party material was hacked by the Russian government, and suspect that the codes may have been stolen by the Russians as well. That raises a question: Has WikiLeaks become a laundering machine for compromising material gathered by Russian spies? And more broadly, what precisely is the relationship between Mr. Assange and Mr. Putin's Kremlin?" Daily Mail (non paywalled source) reports: "In 2010 Assange was arrested in London on allegations of rape stemming from Sweden and released on bail. He described the arrest as a plot to extradite him to the U.S. where he could be investigated over the diplomatic cables leak, which greatly harmed American relations with the rest of the world while Clinton was Secretary of State. Putin also called the charges against Assange 'politically motivated' and said he is being 'persecuted for spreading the information he received from the U.S. military regarding the actions of the USA in the Middle East, including Iraq.' Russian officials have also suggested that Assange be given a Nobel Prize, and in 2012 paid to stream his TV show on state-backed network Russia Today. The Times also claims that Assange was offered a visa by Russia in 2011, though WikiLeaks has denounced this as false..."

Romanian hacker "Guccifer" who targeted high-profile US politicians has been sentenced for 52 months in prison. Guccifer, whose real name is Marcel Lazar, pleaded guilty in May on charges of aggravated identity theft and unauthorized access of a computer. Lazar targeted former Secretary of State Colin Powell and the Bush family and was arrested on hacking charges in Romania in 2014 and was sentenced four years. He was extradited to the U.S. to face charges in March 2016. Reuters adds: Lazar has said in interviews he breached Clinton's private server at her home in Chappaqua, New York, but law enforcement and national security officials say that claim is meritless. Lazar is believed to have hacked into email accounts of about 100 victims between 2012 and 2014. They include prominent political figures such as former Secretary of State Colin Powell, a relative of former President George W. Bush and Sidney Blumenthal, a former Clinton White House aide and an unofficial adviser to Clinton. Clinton is now the Democratic nominee for president. Lazar leaked online memos Blumenthal sent Clinton that were addressed to her private email account, which was used during her time as secretary of state to conduct both personal and work business in lieu of a government account.

Earlier this week, Apple was ordered to pay a record sum of 13 billion euros plus interest after the EU said Ireland illegally slashed the iPhone make's tax bill. At the time, Tim Cook found the accusations "baseless." In a new interview, he had more things to say:A war of words has erupted between Europe's competition chief and Apple CEO Tim Cook after Ireland was ordered to reclaim $14.5 billion in back taxes from the company. Cook, in an interview with the Irish Independent, labelled Brussels' competition chief Margrethe Vestager's decision as "total political crap." He claimed Ireland was being "picked on" and that he hoped to see the Irish government launch an appeal against the ruling. Vestager refuted that claim when quizzed by reporters on Thursday. "This is a decision based on the facts of the case. The figures that we used in our decision are the figures that we got from Apple themselves," she said. "There are very, very few figures in the public domain. More transparency would be a good thing, for example, a country by country reporting. If it was up to me, the non-confidential version of the decision would have been published yesterday, because that is another way of enabling everyone to see what we have decided and on what basis we have made this decision. Right now the ball is in the hands of Apple and Ireland."

The FBI has uncovered evidence that foreign hackers breached two state election databases in recent weeks, and it has warned election officials across the country to some measures to step up the security of their computer systems. The Guardian reports: The FBI warning did not identify the two states targeted by cyber intruders, but Yahoo News said sources familiar with the document said it referred to Arizona and Illinois, whose voter registration systems were penetrated. Citing a state election board official, Yahoo News said the Illinois voter registration system was shut down for 10 days in late July after hackers downloaded personal data on up to 200,000 voters. The Arizona attack was more limited and involved introducing malicious software into the voter registration system, Yahoo News quoted a state official as saying. No data was removed in that attack, the official said. US intelligence officials have become increasingly worried that hackers sponsored by Russia or other countries may attempt to disrupt the November presidential election.

The U.S. government announced plans to require some foreign travelers to provide their social media account names when entering the country -- and in June requested comments. Now the plan is being called "ludicrous," an "all-around bad idea," "blatant overreach," "desperate, paranoid heavy-handedness," "preposterous," "appalling," and "un-American," reports Slashdot reader dcblogs: That's just a sampling of the outrage. Some 800 responded to the U.S. request for comments about a proposed rule affecting people traveling from "visa waiver" countries to the U.S., where a visa is not required. This includes most of Europe, Singapore, Chile, Japan, South Korea, Australia and New Zealand... In a little twist of irony, some critics said U.S. President Obama's proposal for foreign travelers is so bad, it must have been hatched by Donald Trump.
"Travelers will be asked to provide their Twitter, Facebook, Instagram, LinkedIn, Google+, and whatever other social ID you can imagine to U.S. authorities," reports Computer World. "It's technically an 'optional' request, but since it's the government asking, critics believe travelers will fear consequences if they ignore it..."

"The incredible increase in the cost of EpiPens, auto-injectors that can stop life-threatening emergencies caused by allergic reactions, has hit home on Capitol Hill," reports CNN. Slashdot reader Applehu Akbar reports that the argument "has now turned into civil war in the US Senate": One senator's daughter relies on Epi-Pen, while another senator's daughter is CEO of Mylan, the single company that is licensed to sell these injectors in the US. On the worldwide market there is no monopoly on these devices... Is it finally time to allow Americans to go online and fill their prescriptions on the world market?
Time reports some patients are ordering cheaper EpiPens from Canada and other countries online, "an act that the FDA says is technically illegal and potentially dangerous." But the FDA also has "a backlog of about 4,000 generic drugs" awaiting FDA approval, reports PRI, noting that in the meantime prices have also increased for drugs treating cancer, hepatitis C, and high cholesterol. In Australia, where the drug costs just $38, one news outlet reports that the U.S. "is the only developed nation on Earth which allows pharmaceutical companies to set their own prices."

Peter Hudson writes from a report via Recode: "After failing to get Congress to pass a 'startup visa' as part of broad immigration reform, the Obama administration is moving ahead with an alternative that would allow overseas entrepreneurs to live in the U.S. for up to five years to help build a company," reports Recode. "Already speaking out in favor of the new rules is PayPal co-founder Max Levchin: 'I believe that the most promising entrepreneurs from around the world should have the same opportunity I had -- the chance to deliver on their potential, here in America.' Levchin moved to the U.S. from the Soviet Union in 1991." There are three conditions that need to be met in order to be eligible to work in the U.S. under the new rule: the foreigner would have to own at least 15 percent of a U.S.-based startup, the foreigner would need to have a central role in the startup's operations, and the startup would need to have "potential for rapid business growth and job creation." The third requirement could be met by having at least $100,000 in government grants or $345,000 invested from U.S. venture investors. "Under [the International Entrepreneur Rule (PDF)] being formally proposed on Friday, the Department of Homeland Security would be empowered to use its existing authority to allow entrepreneurs to legally work in the country for two years, possibly followed by a one-time three-year extension," reports Recode. "While the public will have 45 days to comment, the rules aren't subject to congressional approval."

Following a former Facebook journalist's report that the company's workers routinely suppressed news stories of interest to conservative readers from the social network's Trending Topics section, the company has been in damage control mode. First, the company announced it would tweak its Trending Topics section and revamp how editors find trending stories. Specifically, they will train the human editors who work on Facebook's trending section and abandon several automated tools it used to find and categorize trending news in the past. Most recently, Facebook added political scenarios to its orientation training following the concerns. Now, it appears that Facebook will "end its practice of writing editorial descriptions for topics, replacing them with snippets of text pulled from news stories." Kurt Wagner, writing for Recode: It's been more than three months since Gizmodo first published a story claiming Facebook's human editors were suppressing conservative news content on the site's Trending Topics section. Facebook vehemently denied the report, but has been dealing with the story's aftermath ever since. On Friday, Facebook announced another small but notable change to Trending Topics: Human editors will no longer write the short story descriptions that accompany a trending topic on the site. Instead, Facebook is going to use algorithms to "pull excerpts directly from stories." It is not, however, cutting out humans entirely. In fact, Facebook employees will still select which stories ultimately make it into the trending section. An algorithm will surface popular stories, but Facebook editors will weed out the inappropriate or fake ones. "There are still people involved in this process to ensure that the topics that appear in Trending remain high-quality," the company's blog reads.

An anonymous reader quotes a report from Neowin: The open-source disk cleaning application, BleachBit, got quite a decent ad pitch from the world of politics after it was revealed lawyers of the presidential hopeful, Hillary Clinton, used the software to wipe her email servers. Clinton is currently in hot water, being accused of using private servers for storing sensitive emails. "[South Carolina Representative, Trey Gowdy, spoke to Fox News about Hillary Clinton's lawyers using BleachBit to wipe the private servers. He said:] 'She and her lawyers had those emails deleted. And they didn't just push the delete button; they had them deleted where even God can't read them. They were using something called BleachBit. You don't use BleachBit for yoga emails or bridesmaids emails. When you're using BleachBit, it is something you really do not want the world to see.'" Two of the main features that are listed on the BleachBit website include "Shred files to hide their contents and prevent data recovery," and "Overwrite free disk space to hide previously deleted files." These two features would make it pretty difficult for anyone trying to recover the deleted emails. Slashdot reader ahziem adds: The IT team for presidential candidate Hillary Clinton used the open source cleaning software BleachBit to wipe systems "so even God couldn't read them," according to South Carolina Rep. Trey Gowdy on Fox News. His comments on the "drastic cyber-measure" were in response to the question of whether emails on her private Microsoft Exchange Server were simply about "yoga and wedding plans." Perhaps Clinton's team used an open-source application because, unlike proprietary applications, it can be audited, like for backdoors. In response to the Edward Snowden leaks in 2013, privacy expert Bruce Schneier advised in an article in which he stated he also uses BleachBit, "Closed-source software is easier for the NSA to backdoor than open-source software." Ironically, Schneier was writing to a non-governmental audience. Have any Slashdotters had any experience with BleachBit? Specifically, have you used it for erasing "yoga emails" or "bridesmaids emails?"

Facebook knows a lot more about its users than they think. For instance, the New York Times reports, the company is categorizing its users as liberal, conservative, or moderate. These details are valuable for advertisers and campaign managers, especially ahead of the election season. From a BusinessInsider report: For some, Facebook is able to come to conclusions about your political leanings easily, if you mention a political party on your page. For those that are less open about politics on social media, Facebook makes assumptions based on pages you like. As The New York Times explained, if you like Ben and Jerry's Facebook page and most of the other people that like that page identify as liberal, Facebook might assume you too are liberal.

An anonymous reader quotes a report from ABC News: The FBI uncovered nearly 15,000 more emails and materials sent to or from Hillary Clinton as part of the agency's investigation into her use of private email at the State Department. The documents were not among the 30,000 work-related emails turned over to the State Department by her attorneys in December 2014. The State Department confirmed it has received "tens of thousands" of personal and work-related email materials -- including the 14,900 emails found by the FBI -- that it will review. At a status hearing Monday before federal Judge Emmett Sullivan, who is overseeing that case, the State Department presented a schedule for how it would release the emails found by the FBI. The first group of 14,900 emails was ordered released, and a status hearing on Sept. 23 "will determine the release of the new emails and documents," Sullivan said. "As we have previously explained, the State Department voluntarily agreed to produce to Judicial Watch any emails sent or received by Secretary Clinton in her official capacity during her tenure as secretary of state which are contained within the material turned over by the FBI and which were not already processed for FOIA by the State Department," said State Department spokesman Mark Toner in a statement issued Monday. "We can confirm that the FBI material includes tens of thousands of non-record (meaning personal) and record materials that will have to be carefully appraised at State," it read. "State has not yet had the opportunity to complete a review of the documents to determine whether they are agency records or if they are duplicative of documents State has already produced through the Freedom of Information Act" said Toner, declining further comment.

An anonymous reader writes: The Los Angeles Times is estimating that an explosion that occurred at a New Mexico nuclear waste dumping facility in 2014 could cost upwards of $2 billion to clean up. Construction began on the Waste Isolation Pilot Plant (WIPP) in New Mexico's Carlsbad desert in the 1980s. The site was built to handle transuranic waste from the US' nuclear weapons program. The WIPP had been eyed to receive nuclear waste from commercial power-generating plants as well. According to the LA Times, the 2014 explosion at the WIPP was downplayed by the federal government, with the Department of Energy (DoE) putting out statements indicating that cleanup was progressing quickly. Indeed, a 2015 Recovery Plan insisted that "limited waste disposal operations" would resume in the first quarter of 2016. Instead, two years have passed since the incident without any indication that smaller nuclear waste cleanup programs around the US will be able to deliver their waste to the New Mexico facility any time soon. The 2014 explosion apparently occurred when engineers at the Los Alamos National Laboratory were preparing a drum of plutonium and americium waste -- usually packed with kitty litter (yes, kitty litter) -- and decided to "substitute an organic material for a mineral one."

Massachusetts will tax ride-sharing services -- 20 cents for each ride -- with 25% of the money raised going into a special fund for the taxi industry (according to an article shared by schwit1 ). Reuters reports: Ride services are not enthusiastic about the fee. "I don't think we should be in the business of subsidizing potential competitors," said Kirill Evdakov, the chief executive of Fasten, a ride service that launched in Boston last year and also operates in Austin, Texas. Some taxi owners wanted the law to go further, perhaps banning the start-up competitors unless they meet the requirements taxis do, such as regular vehicle inspection by the police...

The fee may raise millions of dollars a year because Lyft and Uber alone have a combined 2.5 million rides per month in Massachusetts... The 5-cent fee will be collected through the end of 2021. Then the taxi subsidy will disappear and the 20 cents will be split by localities and the state for five years. The whole fee will go away at the end of 2026.
Republican Governor Charlie Baker signed the law, which specifically bans ride-sharing services from passing those costs on to their drivers or riders. And the article notes that Taiwan has also hit Uber with a $6.4 million tax bill, while Seattle has passed a new law allowing ride-sharing drivers to unionize.