We are sorry to see you leave - Beta is different and we value the time you took to try it out. Before you decide to go, please take a look at some value-adds for Beta and learn more about it. Thank you for reading Slashdot, and for making the site better!
MojoKid writes with news that Microsoft has announced the opening of a 'Transparency Center' at their Redmond campus, a place where governments who use Microsoft software can come to review the source code in order to make sure it's not compromised by outside agencies. (The company is planning another Transparency Center for Brussels in Belgium.) In addition, Microsoft announced security improvements to several of its cloud products: As of now, Outlook.com uses TLS (Transport Layer Security) to provide end-to-end encryption for inbound and outbound email — assuming that the provider on the other end also uses TLS. The TLS standard has been in the news fairly recently after discovery of a major security flaw in one popular package (gnuTLS), but Microsoft notes that it worked with multiple international companies to secure its version of the standard. Second, OneDrive now uses Perfect Forward Secrecy (PFS). Microsoft refers to this as a type of encryption, but PFS isn't a standard like AES or 3DES — instead, it's a particular method of ensuring that an attacker who intercepts a particular key cannot use that information to break the entire key sequence. Even if you manage to gain access to one file or folder, in other words, that information can't be used to compromise the entire account.
jones_supa writes: Russia's legislature, often accused of metaphorically turning back the clock, has decided to do it literally – abandoning the policy of keeping the country on daylight-saving time all year. The 2011 move to impose permanent "summer time" in 2011 was one of the most memorable and least popular initiatives of Dmitry Medvedev's presidency. It forced tens of millions to travel to their jobs in pitch darkness during the winter. In the depths of December, the sun doesn't clear the horizon in Moscow until 10am. The State Duma, the lower house of parliament, voted 442-1 on Tuesday to return to standard time this autumn and stay there all year. The article also discusses a ban on swearing in books, plays, and films that went into effect today in Russia.
An anonymous reader writes: If you're involved in the free and open-source software movement — especially in the United States — you may want to read through this, as long as it may seem. It appears that the United States' Internal Revenue Service has strongly shifted its views of free and open-source software, and to the detriment of the movement, in my opinion. From the article: "The IRS reasons that since Yorba’s open source software may be used for any purpose, Yorba is not a charity. Consider all the for-profit and non-charitable ways the Apache server is used; I’d still argue Apache is a charitable organization. (What else could it be?) There’s a charitable organization here in San Francisco that plants trees throughout the city for the benefit of all. If one of their tree’s shade falls on a cafe table and cools the cafe’s patrons as they enjoy their espressos, does that mean the tree-planting organization is no longer a charity?"
McGruber (1417641) writes "In June 2013, Atlanta police arrested costumed street performer "Baton Bob" during the middle of a street performance after Baton Bob was allegedly involved in a verbal altercation with mall security guards. Now, a year later, Baton Bob has filed a federal lawsuit accusing Atlanta police of violating his constitutional rights, assault, discrimination, privacy violations and identify theft. Atlanta Police allegedly forced Baton Bob to make a pro-police statement on his Facebook page before officers would allow Bob to be released on bond. According to the lawsuit: "At approximately 3:40 p.m., while Plaintiff sat handcuffed and without an attorney, he was told to dictate a public statement to Officer Davis, who then typed and posted the message to the Baton Bob Facebook account. The message read: 'First of all, the atl police officer that responded to the incident thru security has been very respectful and gracious to me even in handcuffs. So, the situation escalated from a complaint from a security officer in the area and for some reason she rolled up on me like she didn't know who I was and like I had not been there before. For them to call police to come to intervene was not necessary. So, out of it, because of my fury, the Atlanta police officer did not understand the elements of the situation, so he was trying to do his job, respectfully and arrested my ass!!!!!!!!! I'll be out tomorrow so look out for my show at 14th and Peachtree. So now I'm waiting to be transported so I can sign my own bond and get the hell out of here. I want to verify, that the Atlanta police was respectful to me considering the circumstances. See you when I see you!!!!!!!!!!!!!!' As promised, Plaintiff was then given a signature bond and released from jail."
An anonymous reader writes In a post published Monday, Symantec writes that western countries including the U.S., Spain, France, Italy, Germany, Turkey, and Poland are currently the victims of an ongoing cyberespionage campaign. The group behind the operation, called Dragonfly by Symantec, originally targeted aviation and defense companies as early as 2011, but in early 2013, they shifted their focus to energy firms. They use a variety of malware tools, including remote access trojans (RATs) and operate during Eastern European business hours. Symantec compares them to Stuxnet except that "Dragonfly appears to have a much broader focus with espionage and persistent access as its current objective with sabotage as an optional capability if required."
mrspoonsi (2955715) writes A court permitted the NSA to collect information about governments in 193 countries and foreign institutions like the World Bank, according to a secret document the Washington Post published Monday. The certification issued by a Foreign Intelligence Surveillance Court in 2010 shows the NSA has the authority to "intercept through U.S. companies not just the communications of its overseas targets, but any communications about its targets as well," according to the Post's report. Only four countries in the world — Britain, Canada, Australia and New Zealand — were exempt from the agreement, due to existing no-spying agreements that the Post highlights in this document about the group of countries, known as "Five Eyes" with the U.S.
An anonymous reader writes For some reason that escapes me, a Judge has granted Microsoft permission to hijack NoIP's DNS. This is necessary according to Microsoft to thwart a "global cybercrime epidemic" being perpetrated by infected machines running Microsoft software. No-IP is a provider of dynamic DNS services (among other things). Many legitimate users were affected by the takedown: "This morning, Microsoft served a federal court order and seized 22 of our most commonly used domains because they claimed that some of the subdomains have been abused by creators of malware. We were very surprised by this. We have a long history of proactively working with other companies when cases of alleged malicious activity have been reported to us. Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives. ... We have been in contact with Microsoft today. They claim that their intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve. However, this is not happening."
An anonymous reader writes "The U.S. Supreme Court declined to throw out a class-action lawsuit against Google for sniffing Wi-Fi networks with its Street View cars. The justices left intact a federal appeals court ruling that the U.S. Wiretap Act protects the privacy of information on unencrypted in-home Wi-Fi networks. Several class-action lawsuits were filed against Google shortly after the company acknowledged that its Street View cars were accessing email, web history and other data on unencrypted Wi-Fi networks. A Google spokesman said the company was disappointed that the Supreme Court had declined to hear the case."
An anonymous reader writes The Obama Administration is set to appoint Phil Johnson, a pharmaceutical industry executive, as the next Director of the United States Patent and Trademark Office, according to sources. The move is likely to anger patent reform advocates given Johnson's past efforts to block legislation aimed at reining in patent trolls, and in light of his positions that appear to contradict the White House's professed goal of fixing the patent system. The top job at the Patent Office has been vacant for around 18-months since the departure of previous director David Kappos in early 2013. Currently, the office is being managed by former Googler Michelle Lee, who was appointed deputy director in December. Earlier this month, Republican Senators led by Orrin Hatch (R-UT) sent a letter to President Obama that praised Lee but that also described the current USPTO management structure as "unfair, untenable and unacceptable for our country's intellectual property agency."
McGruber writes Atlanta Mayor Kasim Reed and New Orleans Mayor Mitch Landrieu agree: there will a 15 round fight between Uber and the taxicab industry that currently enjoys regulatory capture, but after a long fight, Uber will win. Landrieu says: "It actually is going to be a 15 round fight. And it's going to take time to work out, hopefully sooner rather than later. But that debate will be held.....But it is a forceful fight, and our city council is full of people on Uber's side, people on the cabs' side, and it's a battle." Mayor Reed of Atlanta also expressed how politically powerful the taxi cartels can be: "I tell you, Uber's worth more than Sony, but cab drivers can take you out. So you've got to [weigh that]. Get in a cab and they say, 'Well that mayor, he is sorry.' You come to visit Atlanta, they say, 'Well that Mayor Reed is as sorry as the day is long. Let me tell you how sorry he is while I drive you to your hotel. And I want you to know that crime is up.' This guy might knock you out. I want you to know it can get really real. It's not as easy as it looks."
theodp (442580) writes "The Internet's Own Boy, the documentary about the life and death of Aaron Swartz, was appropriately released on the net as well as in theaters this weekend, and is getting good reviews from critics and audiences. Which is kind of remarkable, since the Achilles' heel of this documentary, as critic Matt Pais notes in his review, is that "everyone on the other side of this story, from the government officials who advocated for Swartz's prosecution to Swartz's former Reddit colleagues to folks at MIT, declined participation in the film." Still, writer/director Brian Knappenberger manages to deliver a compelling story, combining interesting footage with interviews from Swartz's parents, brothers, girlfriends, and others from his Internet projects/activism who go through the stages of joy, grief, anger, and hope that one sees from loved ones at a wake. "This remains an important David vs. Goliath story," concludes Pais, "of a remarkable brain years ahead of his age with the courage and will to fight Congress-and a system built to impede, rather than encourage, progress and common sense. The Internet's Own Boy will upset you. As it should." And Quinn Norton, who inadvertently gave the film its title ("He was the Internet's own boy," Quinn said after Swartz's death, "and the old world killed him."), offers some words of advice for documentary viewers: "Your ass will be in a seat watching a movie. When it is done, get up, and do something.""
Ars Technica has spent some time with pre-production (but very nearly final) samples of the Blackphone, from Geeksphone and Silent Circle. They give it generally high marks; the hardware is mostly solid but not cutting edge, but the software it comes with distinguishes it from run-of-the-mill Android phones. Though it's based on Android, the PrivOS system in these phone offers fine grained permissions, and other software included with the phone makes it more secure both if someone has physical access to the phone (by encrypting files, among other things) and if communications between this phone and another are being eavesdropped on. A small taste: At first start up, Blackphone’s configuration wizard walks through getting the phone configured and secured. After picking a language and setting a password or PIN to unlock the phone itself, the wizard presents the option of encrypting the phone’s stored data with another password. If you decline to encrypt the phone’s mini-SD storage during setup, you’ll get the opportunity later (and in the release candidate version of the PrivOS we used, the phone continued to remind me about that opportunity each time I logged into it until I did). PrivOS’ main innovation is its Security Center, an interface that allows the user to explicitly control just what bits of hardware functionality and data each application on the phone has access to. It even provides control over the system-level applications—you can, if you wish for some reason, turn off the Camera app’s access to the camera hardware and turn off the Browser app’s access to networks.
jfruh (300774) writes "California governor Jerry Brown has signed a law repealing Section 107 of California's Corporations Code, which prohibited companies or individuals from issuing money other than U.S. dollars. Before the law was repealed, not only bitcoin but everything from Amazon Coin to Starbucks Stars were techinically illegal; the law was generally not enforced."
VentureBeat reports that the unofficial Google ambassador to the world has made another significant visit to a place where Internet access is either forbidden or impractical for most of the citizenry; hopefully it heralds change on that front. Continuing his tour of countries with authoritarian governments and less-than-favorable Internet access, Google Chairman Eric Schmidt made a secret visit to Cuba yesterday. The U.S. government has forbidden its citizens from traveling to Cuba or spending any money within the country since cold war tensions in the 1960s. Even though the cold war is over, the ban remains in effect, which is why Schmidt’s visit is significant. Unofficially (meaning not on behalf of his company), the powerful Googler has also made controversial visits to North Korea and Myanmar to promote Internet freedom, and has previously spoken out against online censorship happening in both China and India. Schmidt, says the article, "was joined by a crew of former Google employees as well as author Jared Cohen."
An anonymous reader writes The U.S. National Archives has revealed to Wikipedia newspaper The Signpost that it will be uploading all of its holdings to the Wikimedia Commons. Dominic McDevitt-Parks told the Signpost that "The records we have uploaded so far contain some of the most high-value holdings ... However, we are not limiting ourselves ... Our approach has always been simply to upload as much as possible ... to make them as widely accessible to the public as possible."
An anonymous reader writes A day after a surprise U.S. Supreme Court decision to outlaw streaming TV service Aereo, U.S. broadcaster Fox has moved to use the ruling to clamp down on another internet TV service. Fox has cited Wednesday's ruling – which found Aereo to be operating illegally – to bolster its claim against a service offered by Dish, America's third largest pay TV service, which streams live TV programming over the internet to its subscribers and allows them to copy programmes onto tablet computers for viewing outside the home.
New submitter redr00k (3719103) writes with a link to the summary of a RAND Corporation study addressing "a general perception that there is a shortage of cybersecurity professionals within the United States, and a particular shortage of these professionals within the federal government, working on national security as well as intelligence. Shortages of this nature complicate securing the nation's networks and may leave the United States ill-prepared to carry out conflict in cyberspace." One of the key findings: waive the Civil Service rules. (The NSA can already bypass those rules; RAND's authors say this should be extended to other agencies.)
Jason Koebler (3528235) writes "The cybersecurity bill making its way through the Senate right now is so broad that it could allow ISPs to classify Netflix as a "cyber threat," which would allow them to throttle the streaming service's delivery to customers. "A 'threat,' according to the bill, is anything that makes information unavailable or less available. So, high-bandwidth uses of some types of information make other types of information that go along the same pipe less available," Greg Nojeim, a lawyer with the Center for Democracy and Technology, said. "A company could, as a cybersecurity countermeasure, slow down Netflix in order to make other data going across its pipes more available to users.""
Nate the greatest (2261802) writes "Here in the US it is legal to resell your MP3s on Redigi, and thanks to the UsedSoft decision you can resell downloaded software in Europe. But if you want to resell your ebooks you had better act fast. Tom Kabinet launched last week in the Netherlands to offer a marketplace for used ebooks, and it is already getting legal threats. The Dutch Trade Publishers Association (GAU) says that the site is committing piracy and if it doesn't shut down the GAU plans to take it to court. Citing a ruling from a German court, secretary general of the GAU Martijn David said that the question of legality had already been settled. Would anyone care to place a bet on whether the site is still in operation in 6 months?"
McGruber (1417641) writes In December 2013, Slashdot reported the arrest of seven metro Atlanta residents for allegedly selling counterfeit MARTA Breeze cards, stored-value smart cards that passengers use as part of an automated fare collection system on Atlanta's subway. Now, six months later (June 2014), the seven suspects have finally been indicted. According to the indictment, the co-conspirators purchased legitimate Breeze cards for $1, then fraudulently placed unlimited or monthly rides on the cards. They then sold the fraudulent cards to MARTA riders for a discounted cash price. Distributors of the fraudulent cards were stationed at several subway stations. The indictment claims that the ring called their organization the "Underground Railroad."
An anonymous reader writes It didn't take long for Aereo to deal with the realities of the U.S. Supreme Court decision. As of 11:30am EDT today Aereo is suspending operations while they go back to U.S. District Court. In order to keep good will with customers during this time, they are refunding the last month's payment for service. curtwoodward (2147628) writes to point out that the decision which has shut down Aereo for now doesn't mean doom for other cloud services: Don't listen to the trolls---the Supremes were very clear that their ruling only applied to Aereo's livestream and things that look just like it. iCloud, Dropbox and friends are fine.
theodp (442580) writes In an interview with The Washington Post's Lyndsey Layton that accompanied her report on How Bill Gates Pulled Off the Swift Common Core Revolution (the Gates Foundation doled out $233 million in grants to git-r-done), Gates denied that he has too much influence in K-12 education. Despite Gates' best efforts, however, there's been more and more pushback recently from both teachers and politicians on the standards, GeekWire's Taylor Soper reports, including a protest Friday by the Badass Teacher Association, who say Gates is ruining education. "We want to get corporations out of teaching," explained one protester. If that's the case, the "Badasses" probably won't be too pleased to see how the K-12 CS education revolution is shaping up, fueled by a deep-pocketed alliance of Gates, Google, Microsoft, Facebook, and others. Google alone has already committed $90 million to influence CS education. And well-connected Code.org, which has struck partnerships with school districts reaching over 2M U.S. students and is advising NSF-funded research related to the nation's CS 10K Project, will be conducting required professional development sessions for K-12 CS teachers out of Google, Microsoft, and Amazon offices this summer in Chicago, New York City, Boston, and Seattle. So, could K-12 CS Education ("Common Code"?) become the next Common Core?
An anonymous reader writes As the support for the Microsoft (MS) Windows XP service is terminated this year, the government will try to invigorate open source software in order to solve the problem of dependency on certain software. By 2020 when the support of the Windows 7 service is terminated, it is planning to switch to open OS and minimize damages. Industry insiders pointed out that the standard e-document format must be established and shared as an open source before open source software is invigorated. A similar suggestion that Korea might embrace more open source (but couched more cautiously, with more "should" and "may") is reported on the news page of the EU's program on Interoperability Solutions for European Public Administrations, based on a workshop presentation earlier this month by Korea's Ministry of Science, ICT, and Future Planning. (And at a smaller but still huge scale, the capitol city of Seoul appears to be going in for open source software in a big way, too.)
wiredmikey (1824622) writes Human Rights Watch on Friday demanded a clarification from Saudi Arabia over allegations from security researchers that the kingdom is infecting and monitoring dissidents' mobile phones with surveillance malware. The New York-based rights watchdog said surveillance software allegedly made by Italian firm Hacking Team mostly targeted individuals in Qatif district in Eastern Province, which has been the site of sporadic Shiite-led protests since February 2011. "We have documented how Saudi authorities routinely crack down on online activists who have embraced social media to call out human rights abuses," said Cynthia Wong, HRW's senior Internet researcher. "It seems that authorities may now be hacking into mobile phones, turning digital tools into just another way for the government to intimidate and silence independent voices." The accusations against the Saudi Government come days after researchers from Kaspersky Lab and Citizen Lab uncovered new details on advanced surveillance tools offered by HackingTeam [Note: mentioned in this earlier Slashdot story], including never before seen implants for smartphones running on iOS and Android.
Trailrunner7 writes The United States federal government issued more than 19,000 National Security Letters – perhaps its most powerful tool for domestic intelligence collection – in 2013, and those NSLs contained more than 38,000 individual requests for information. The new data was released by the Office of the Director of National Intelligence on Friday as part of its effort to comply with a directive from President Obama to declassify and release as much information as possible about a variety of tools that the government uses to collect intelligence. The directive came in the immediate aftermath of the first revelations by former NSA contractor Edward Snowden about the agency's capabilities, methods and use of legal authorities.
The use of NSLs is far from new, dating back several decades. But their use was expanded greatly after 9/11 and NSLs are different from other tools in a number of ways, perhaps most importantly in the fact that recipients typically are prohibited from even disclosing the fact that they received an NSL. Successfully fighting an NSL is a rare thing, and privacy advocates have been after the government for years to release data on their use of the letters and the number of NSLs issued. Now, the ODNI is putting some of that information into the public record."
dcblogs writes: In a speech Wednesday on the floor of the U.S. House of Representatives, Rep. Luis Gutierrez (D-Ill.) declared immigration reform dead. He chastised and baited Republicans in Congress for blocking reform, and declared that winning the White House without the support of a growing Hispanic population will become mathematically impossible. "The Republican Presidential nominee, whoever he or she may be, will enter the race with an electoral college deficit they cannot make up," said Gutierrez. If he's right, and comprehensive immigration reform is indeed dead, then so too is the tech industry's effort to raise the cap on H-1B visas. Immigration reform advocates have successfully blocked any effort to take up the immigration issue in piecemeal fashion, lest business support for comprehensive reform peel away. Next year may create an entirely new set of problems for tech. If the Republicans take control of the Senate, the tech industry will face this obstacle: Sen. Chuck Grassley (R-Iowa). Grassley, the ranking Republican on the Judiciary Committee could become its next chairman. He has been a consistent critic of the H-1B program through the years. "The H-1B program is so popular that it's now replacing the U.S. labor force," said Grassley, at one point.
Dega704 sends this news from Wired:
Plenty of nightmare surveillance theories surround the million-square-foot NSA facility opened last year in Bluffdale, Utah. Any locals driving by the massive complex Friday morning saw something that may inspire new ones: A massive blimp hovering over the center, with the letters NSA printed on its side.
Activist groups including the Electronic Frontier Foundation and Greenpeace launched the 135-foot thermal airship early Friday morning to protest the agency's mass surveillance programs and to announce the launch of Stand Against Spying, a website that rates members of Congress on their support or opposition to NSA reform. The full message on the blimp reads 'NSA: Illegal Spying Below' along with an arrow pointing downward and the Stand Against Spying URL."
blottsie writes: The Supreme Court ruled this week that it is illegal for police to search your phone without a warrant. But just because that's the new rule doesn't mean all 7.5 million law enforcement officers in the U.S. will abide by it. This guide, put together with the help of the EFF and ACLU, explains what to do if a police officer tries to search your phone without a warrant. Of course, that doesn't mean they don't have other ways of getting your data.
An anonymous reader writes Google often gets criticism for its seemingly boundless desire for data collection and analysis, but the company says it has higher ambitions than just figuring out how best to serve advertising. Speaking to the NY Times, Larry Page said, "We get so worried about these things that we don't get the benefits Right now we don't data-mine healthcare data. If we did we'd probably save 100,000 lives next year." By "these things," he means privacy concerns and fear that the data might be misused. But he also pointed to Street View as a case where privacy concerns mostly melted away after people used it and found it helpful. "In the early days of Street View, this was a huge issue, but it's not really a huge issue now. People understand it now and it's very useful. And it doesn't really change your privacy that much. A lot of these things are like that."
New submitter thermowax sends a report on how Massachusetts SWAT teams are dodging open records requests by claiming to be corporations. From the article: As it turns out, a number of SWAT teams in the Bay State are operated by what are called law enforcement councils, or LECs. These LECs are funded by several police agencies in a given geographic area and overseen by an executive board, which is usually made up of police chiefs from member police departments. ... Some of these LECs have also apparently incorporated as 501(c)(3) organizations. And it's here that we run into problems. According to the ACLU, the LECs are claiming that the 501(c)(3) status means that they're private corporations, not government agencies. And therefore, they say they're immune from open records requests. Let's be clear. These agencies oversee police activities. They employ cops who carry guns, wear badges, collect paychecks provided by taxpayers and have the power to detain, arrest, injure and kill. They operate SWAT teams, which conduct raids on private residences. And yet they say that because they've incorporated, they're immune to Massachusetts open records laws. The state's residents aren't permitted to know how often the SWAT teams are used, what they're used for, what sort of training they get or who they're primarily used against.
An anonymous reader writes Google has begun removing some search results to comply with a European Union ruling upholding citizens' right to have objectionable personal information about them hidden in search engines. "Google engineers overnight updated the company's technical infrastructure to begin implementing the removals, and Thursday began sending the first emails to individuals informing them that links they had requested were being taken down. The company has hired a dedicated 'removals team' to evaluate each request, though only a small number of the initial wave of takedown requests has so far been processed."
mpicpp writes with good news for every New Yorker who needs 44oz of soft drink to be refreshed. New York's Court of Appeals ruled Thursday that New York City's ban on large sugary drinks, which was previously blocked by lower courts, is illegal. "We hold that the New York City Board of Health, in adopting the 'Sugary Drinks Portion Cap Rule,' exceeded the scope of its regulatory authority," the ruling said. Former New York City Mayor Michael Bloomberg had pushed for the ban on sugary drinks larger than 16 ounces as a way to fight obesity and other health problems.
schwit1 (797399) writes with word that, after revelations that Verizon assisted the NSA in its massive surveillance program, Germany is cutting ties with Verizon as their infrastructure provider. From the article: The Interior Ministry says it will let its current contract for Internet services with the New York-based company expire in 2015. The announcement comes after reports this week that Verizon and British company Colt provide Internet services to the German parliament and other official entities. ... Ministry spokesman Tobias Plate said Thursday that Germany wants to ensure it has full control over highly sensitive government communications networks.
Trailrunner7 (1100399) writes ... Security experts have been pounding the drum about the importance of encrypting not just data in transit, but information stored on laptops, phones, and portable drives. But the Massachusetts Supreme Judicial Court put a dent in that armor on Wednesday, ruling that a criminal defendant could be compelled to decrypt the contents of his laptops. The case centers on a lawyer who was arrested in 2009 for allegedly participating in a mortgage fraud scheme. The defendant, Leon I. Gelfgatt, admitted to Massachusetts state police that he had done work with a company called Baylor Holdings and that he encrypted his communications and the hard drives of all of his computers. He said that he could decrypt the computers seized from his home, but refused to do so. The MJSC, the highest court in Massachusetts, was considering the question of whether the act of entering the password to decrypt the contents of a computer was an act of self-incrimination, thereby violating Gelfgatt's Fifth Amendment rights. The ruling.
An anonymous reader writes with news that, not long after UK ISPs agreed to send piracy notices (Voluntary Copyright Alerts Program), thoughts have already turned toward adding criminal penalties. From the article: Prime Minister David Cameron's IP advisor believes that the carrot needs to be backed up by a stick. In a report published yesterday largely detailing the "Follow the Money" approach to dealing with pirate sites, Mike Weatherley MP says now is the time to think about VCAP’s potential failure. "The Voluntary Copyright Alert Programme (VCAP) is welcomed and will be a good step forward once it is hopefully in operation in 2015, although it is primarily an education tool," Weatherley says. ... "Warnings and fines are obvious first steps, with Internet access blocking and custodial sentencing for persistent and damaging infringers not to be ruled out in my opinion." These suggestions aren't new, but this is the second time in a matter of months that the Prime Minister's closest advisor on IP matters has spoken publicly about the possibility of putting persistent file-sharers in jail.
Last fall, Newegg lost a case against patent troll TQP for using SSL with RC4, despite arguments from Diffie of Diffie-Hellman key exchange. Intuit was also targeted by a lawsuit for infringing the same patent, and they were found not to be infringing. mpicpp (3454017) sends this excerpt from Ars: U.S. Circuit Judge William Bryson, sitting "by designation" in the Eastern District of Texas, has found in a summary judgment ruling (PDF) that the patent, owned by TQP Development, is not infringed by the two defendants remaining in the case, Intuit Corp. and Hertz Corp. In a separate ruling (PDF), Bryson rejected Intuit's arguments that the patent was invalid. Not a complete victory (a clearly bogus patent is still not invalidated), but it's a start.
schwit1 (797399) sends word of a new and exciting use for all of the data various entities are collecting about you. From the article: You may soon get a call from your doctor if you've let your gym membership lapse, made a habit of ordering out for pizza or begin shopping at plus-sized stores. That's because some hospitals are starting to use detailed consumer data to create profiles on current and potential patients to identify those most likely to get sick, so the hospitals can intervene before they do. Acxiom Corp. (ACXM) and LexisNexis are two of the largest data brokers who collect such information on individuals. They say their data are supposed to be used only for marketing, not for medical purposes or to be included in medical records. While both sell to health insurers, they said it's to help those companies offer better services to members.
angry tapir writes The Australian government has indicated it intends to seek a boost to the powers of Australia's spy agencies, particularly ASIO (the Australian Security Intelligence Organization). The attorney-general told the Senate today that the government would introduce legislation based on recommendations of a parliamentary committee that last year canvassed "reforms" including boosting ASIO's power to penetrate third party computer systems to intercept communications to and from a target. That report also covered other issues such as the possibility of introducing a mandatory data retention scheme for ISPs and telcos.
New submitter CarlThansk (3713681) writes The courts have long debated on if cell phones can be searched during an arrest without a warrant. Today, the Supreme Court unanimously ruled that the police need warrants to search the cellphones of people they arrest. "Chief Justice John G. Roberts Jr., writing for the court, said the vast amount of data contained on modern cellphones must be protected (PDF) from routine inspection." Phones may still be searched under limited circumstances (imminent threats), but this looks like a clear win for privacy. Quoting the decision: "We cannot deny that our decision today will have an impact on the ability of law enforcement to combat crime. Cell phones have become important tools in facilitating coordination and communication among members of criminal enterprises, and can provide valuable incriminating information about dangerous criminals. Privacy comes at a cost."
New submitter Last_Available_Usern (756093) writes that the Aereo saga is likely over. "The U.S. Supreme Court today dealt a potentially fatal blow to Aereo, an Internet service that allows customers to watch broadcast TV programs on mobile devices by renting a small DVR and antennas (in supported cities) to record and then retransmit local programming on-demand over the internet." Ruling (PDF). Aereo was found to be publicly transmitting, according to SCOTUSBlog "The essence of the Aereo ruling is that Aereo is equivalent to a cable company, not merely an equipment provider."
An anonymous reader writes The experts at Kaspersky Lab have discovered evidence of a targeted attack against the clients of a large European bank. According to the logs found in the server used by the attackers, apparently in the space of just one week cybercriminals stole more than half a million euros from accounts in the bank. The experts also detected transaction logs on the server, containing information about which sums of money were taken from which accounts. All in all, more than 190 victims could be identified, most of them located in Italy and Turkey. The sums stolen from each bank account, according to the logs, ranged between 1,700 to 39,000 euros.
New submitter Andreas Kolbe writes: "Businessman, philanthropist and musician Yank Barry and the Global Village Champions Foundation are suing four Wikipedia editors for defamation, claiming they have maliciously conspired to keep Barry's Wikipedia biography unduly negative. The Daily Dot article includes a copy of the legal brief and quotes Barry as saying, "My page was so ridiculously false and made me sound like a terrible person and people believed it causing deals to fall through. I finally had enough."
New submitter dmitrygr sends this news from Reuters: The U.S. government's no-fly list banning people accused of links to terrorism from commercial flights violates their constitutional rights because it gives them no meaningful way to contest that decision, a federal judge ruled on Tuesday. ... "The court concludes international travel is not a mere convenience or luxury in this modern world. Indeed, for many international travel is a necessary aspect of liberties sacred to members of a free society," [U.S. District Judge Anna Brown] wrote in her 65-page ruling (PDF). "Accordingly, on this record the court concludes plaintiff's inclusion on the no-fly list constitutes a significant deprivation of their liberty interests in international travel," Brown said.
An anonymous reader sends this report from Ars Technica: The Federal Aviation Administration has said that online shopping powerhouse Amazon may not employ drones to deliver packages, at least not anytime soon. The revelation was buried in an FAA document (PDF) unveiled Monday seeking public comment on its policy on drones, or what the agency calls "model aircraft." The FAA has maintained since at least 2007 that the commercial operation of drones is illegal. ... In Monday's announcement, published in the Federal Register, the FAA named Amazon's December proposal as an example of what is barred under regulations that allow the use of drones for hobby and recreational purposes. The agency did not mention Amazon Prime Air by name, but it didn't have to. Under a graphic that says what is barred, the FAA mentioned the "Delivering of packages to people for a fee." A footnote added, "If an individual offers free shipping in association with a purchase or other offer, FAA would construe the shipping to be in furtherance of a business purpose, and thus, the operation would not fall within the statutory requirement of recreation or hobby purpose."
An anonymous reader writes At the non-profit where I work, there isn't a lot of money for buying stock photos or licensing professional images. So, we've turned to sources of 'free' imagery, notably Creative Commons-licensed photos on Flickr. While we're not a huge organization, we do have 100+ individuals creating content in one way or another. We're now wrestling with compliance of the CC licensing, like including links for By Attribution images, etc. Our legal counsel is also scared of photographers changing their licenses and suing us after the fact. How do you document the images you find were licensed one way in the past, especially when numerous people from across the country are acquiring the images?
mpicpp (3454017) points out this story illustrating the problem of betting on the differential between the price of deliverable bitcoin-mining hardware and the price of bitcoin itself: Yet another Bitcoin miner manufacturer, CoinTerra, now faces legal action for not fulfilling an order when it originally promised to. CoinTerra is the third Bitcoin-related startup to face litigation for breach of contract and/or fraud in recent months. The CoinTerra lawsuit was filed in late April 2014 by an Oakland, California-based man seeking to be the lead plaintiff in a proposed class-action lawsuit. Lautaro Cline, the suit alleges, purchased a TerraMiner IV in October 2013 for delivery by January 2014. The company promised, he claims, that this miner would operate at two terahashes per second and would consume 1,200 watts of power. It did neither. However, Cline's suit also claims that CoinTerra did not deliver the miner until February 2014, and it "operated well below the speed advertised and consumed significantly more power than CoinTerra represented, causing Plaintiff to suffer significant lost profits and opportunities."
msm1267 (2804139) writes Controversial spyware commercially developed by Italy's Hacking Team and sold to governments and law enforcement for the purpose of surveillance has a global command and control infrastructure. For the first time, security experts have insight into how its mobile malware components work. Collaborating teams of researchers from Kaspersky Lab and Citizen Lab at the Monk School of Global Affairs at the University of Toronto today reported on their findings during an event in London. The breadth of the command infrastructure supporting Hacking Team's Remote Control System (RCS) is extensive, with 326 servers outed in more than 40 countries; the report also provides the first details on the inner workings of the RCS mobile components for Apple iOS and Android devices. Adds reader Trailrunner7: [T]he report also provides the first details on the inner workings of the RCS mobile components for Apple iOS and Android devices. The new modules enable governments and law enforcement officers with extensive monitoring capabilities over victims, including the ability to report on their location, steal data from their device, use the device's microphone in real time, intercept voice and SMS messages sent via applications such as Skype, WhatsApp, Viber, and much more.
An anonymous reader writes with this news from The Independent: An American driver is facing a $48,000 fine after using a mobile signal jammer in his car to block motorists around him from using their phones on the road. Jason Humphreys reportedly used the jammer from the back seat of his Toyota Highlander for around two years before being caught by Florida police. The 60-year-old said that he used the jammer – which transmits radio signals that interfere with mobile phones – because he was 'fed up' with watching others use their phones on the road. A story from late April (before the fine was levied) gives more detail: The case along I-4 started on April 29, 2013, when the cellular company Metro PCS contacted the Federal Communications Commission because a transmission tower along I-4 would suffer in the morning and evening. A week later, agents from the FCC's enforcement division in Tampa staked out the freeway on May 7, 8, and 9 and pinpointed a “strong wideband emission” in the cellphone wireless range “emanating from a blue Toyota Highlander sport utility vehicle,” with Florida license plates, according to a complaint issued by the FCC on Tuesday. Another clue: When Hillsborough County Sheriffs deputies stopped the SUV, their own two-way radios were jammed."
An anonymous reader writes The U.S. Court of Appeals for the 2nd Circuit last week reversed a tax evasion conviction against an accountant because the government had used data from his computers that were seized under a warrant targeting different suspects. The Fourth Amendment, the court pointed out, "prevents the seizure of one thing under a warrant describing another." Law enforcement originally made copies of his hard drives and during off-site processing, separated his personal files from data related to the original warrant. However, 1.5 years later, the government sifted through his personal files and used what it found to build a case against him. The appeals court held that "[i]f the Government could seize and retain non-responsive electronic records indefinitely, so it could search them whenever it later developed probable cause, every warrant to search for particular electronic data would become, in essence, a general warrant," which the Fourth Amendment protects against. The EFF hopes that the outcome of this appeal will have implications for the NSA's dragnet surveillance practice.
mpicpp (3454017) writes with news that a dump of fare logs from NYC cabs resulted in trip details being leaked thanks to using an MD5 hash on input data with a very small key space and regular format. From the article:
City officials released the data in response to a public records request and specifically obscured the drivers' hack license numbers and medallion numbers. ... Presumably, officials used the hashes to preserve the privacy of individual drivers since the records provide a detailed view of their locations and work performance over an extended period of time.
It turns out there's a significant flaw in the approach. Because both the medallion and hack numbers are structured in predictable patterns, it was trivial to run all possible iterations through the same MD5 algorithm and then compare the output to the data contained in the 20GB file. Software developer Vijay Pandurangan did just that, and in less than two hours he had completely de-anonymized all 173 million entries.