Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.
Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and learn more about it. Thanks for reading, and for making the site better!
MojoKid writes We're often told that having a kill switch in our mobile devices — mostly our smartphones — is a good thing. At a basic level, that's hard to disagree with. If every mobile device had a built-in kill switch, theft would go down — who would waste their time over a device that probably won't work for very long? Here's where the problem lays: It's law enforcement that's pushing so hard for these kill switches. We first learned about this last summer, and this past May, California passed a law that requires smartphone vendors to implement the feature. In practice, if a smartphone has been stolen, or has been somehow compromised, its user or manufacturer would be able to remotely kill off its usability, something that would be reversed once the phone gets back into its rightful owner's hands. However, such functionality should be limited to the device's owner, and no one else. If the owner can disable a phone with nothing but access to a computer or another mobile device, so can Google, Samsung, Microsoft, Nokia or Apple. If the designers of a phone's operating system can brick a phone, guess who else can do the same? Everybody from the NSA to your friendly neighborhood police force, that's who. At most, all they'll need is a convincing argument that they're acting in the interest of "public safety."
msm1267 writes: The keepers of Tor commissioned a study testing the defenses and viability of their Firefox-based browser as a privacy tool. The results (PDF) were a bit eye-opening since the report's recommendations don't favor Firefox as a baseline for Tor, rather Google Chrome. But Tor's handlers concede that budget constraints and Chrome's limitations on proxy support make a switch or a fork impossible.
Via TorrentFreak comes news that Google is now being asked to remove one million links per day (or an average of one takedown notice every 8ms). In 2008, they received one takedown request approximately every six days. From the article: The massive surge in removal requests is not without controversy. It’s been reported that some notices reference pages that contain no copyrighted material, due to mistakes or abuse, but are deleted nonetheless. Google has a pretty good track record of catching these errors, but since manual review of all links is unachievable, some URLs are removed in error. ... The issue has also piqued the interest of U.S. lawmakers. Earlier this year the House Judiciary Subcommittee had a hearing on the DMCA takedown issue, and both copyright holders, Internet service providers, and other parties are examining what they can do to optimize the process. In the meantime, the number of removal requests is expected to rise and rise, with 10 million links per week being the next milestone.
stephendavion (2872091) writes Researchers will demonstrate the process used to spy on smartphones using gyroscopes at Usenix Security event on August 22, 2014. Researchers from Stanford and a defense research group at Rafael will demonstrate a way to spy on smartphones using gyroscopes at Usenix Security event on August 22, 2014. According to the "Gyrophone: Recognizing Speech From Gyroscope Signals" study, the gyroscopes integrated into smartphones were sensitive enough to enable some sound waves to be picked up, transforming them into crude microphones.
walterbyrd sends this story from Vox: Everyone agrees that there's been an explosion of patent litigation in recent years, and that lawsuits from non-practicing entities (NPEs) — known to critics as patent trolls — are a major factor. But there's a big debate about whether trolls are creating a drag on innovation — and if so, how big the problem is. A new study (PDF) by researchers at Harvard and the University of Texas provides some insight on this question. Drawing from data on litigation, R&D spending, and patent citations, the researchers find that firms that are forced to pay NPEs (either because they lost a lawsuit or settled out of court) dramatically reduce R&D spending: losing firms spent $211 million less on R&D, on average, than firms that won a lawsuit against a troll. "After losing to NPEs, firms significantly reduce R&D spending — both projects inside the firm and acquiring innovative R&D outside the firm," the authors write. "Our evidence suggests that it really is the NPE litigation event that causes this decrease in innovation."
mpicpp sends word of a $125,000 settlement for a man who was arrested for photographing members of the New York Police Department. On June 14th, 2012, the man was sitting in his car when he saw three African-American youths being stopped and frisked by police officers. He began taking pictures of the encounter, and after the police were done, he advised the youths to get the officers' badge numbers next time. When the officers heard him, they pulled him violently from his car and arrested him under a charge of disorderly conduct. The police allegedly deleted the pictures from his phone (PDF). Rather than go to trial, the city's lawyers decided a settlement was the best course of action.
cold fjord writes: According to Foreign Policy, "The revelation that Germany spies on Turkey, a NATO member, should dispel any notion that spying on allies violates the unwritten rules of international espionage. ... For nearly a year, the extent of NSA surveillance on German leaders ... has drawn stern rebuke from the German political and media establishment. ... Merkel went so far as to publicly oust the CIA station chief in Berlin. 'Spying among friends is not at all acceptable,' Merkel said. ... [C]alls made by Secretary of State John Kerry and former Secretary of State Hillary Clinton were accidentally recorded. ... 'It's a kind of delightful revelation given the fact that the Germans have been on their high horse.' Christian Whiton, a former ... State Department senior advisor, added that the report on German spying is a perfect example of why rifts over intelligence among allies should be handled quietly and privately." The Wall Street Journal adds, "Cem Özdemir, the head of the Green party and a leading German politician of Turkish descent, told Spiegel Online it would be 'irresponsible' for German spies not to target Turkey given its location as a transit country for Islamic State militants from Europe." Further details at Spiegel Online and The Wall Street Journal."
Fubar writes: Two city council members from Phoenix, AZ are introducing "draft language" for public discussion that would make it illegal to use a drone to film people without their knowledge. The council members are worred about privacy of people in their own yards, even including the requirement that law enforcement obtain a warrant for drone surveillance. A violation of the ordinance would be a Class 1 misdemeanor, which carries up to a $2,500 fine and six months in jail.
itwbennett (1594911) writes In a follow-up to yesterday's story about the Chinese hackers who stole hospital data of 4.5 million patients, IDG News Service's Martyn Williams set out to learn why the data, which didn't include credit card information, was so valuable. The answer is depressingly simple: people without health insurance can potentially get treatment by using medical data of one of the hacking victims. John Halamka, chief information officer of the Beth Israel Deaconess Medical Center and chairman of the New England Healthcare Exchange Network, said a medical record can be worth between $50 and $250 to the right customer — many times more than the amount typically paid for a credit card number, or the cents paid for a user name and password. "If I am one of the 50 million Americans who are uninsured ... and I need a million-dollar heart transplant, for $250 I can get a complete medical record including insurance company details," he said.
mdsolar (1045926) writes with this disconcerting story from CNet about security breaches at the U.S. Nuclear Regulatory Commission, revealed in a new report to have been compromised three times in the last three years: The body that governs America's nuclear power providers said in an internal investigation that two of the hacks are suspected to have come from unnamed foreign countries, the news site Nextgov reported based on a Freedom of Information Act request. The source of the third hack could not be identified because the logs of the incident had been destroyed, the report said. Hackers, often sponsored by foreign governments, have targeted the US more frequently in recent years. A report (PDF) on attacks against government computers noted that there was a 35 percent increase between 2010 and 2013.
Intruders used common hacking techniques to get at the NRC's computers. One attack linked to a foreign country or individual involved phishing emails that coerced NRC employees into submitting their login credentials. The second one linked to a foreign government or individual used spearphishing, or emails targeted at specific NRC employees, to convince them to click a link that led to a malware site hosted on Microsoft's cloud storage site SkyDrive, now called OneDrive. The third attack involved breaking into the personal account of a NRC employee. After sending a malicious PDF attachment to 16 other NRC employees, one person was infected with malware.
An anonymous reader writes The news aggregator Fark is ancient in dot com terms. Users submit news links to the privately run site and tear it — and each other — to pieces in the discussion threads. (Sound familiar?) While the site isn't as popular as during the early 2000s, the privately run discussion forum has continued and has its champions. site operator Drew Curtis announced today that Gifs, references, jokes and comments involving sexism will be deleted. "Adam Savage once described to me the problem this way: if the Internet was a dude, we'd all agree that dude has a serious problem with women. We've actually been tightening up moderation style along these lines for awhile now, but as of today, the FArQ will be updated with new rules reminding you all that we don't want to be the He Man Woman Hater's Club. This represents enough of a departure from pretty much how every other large internet community operates that I figure an announcement is necessary."
Given how bare-knuckled Fark can be, is it time? Overdue?
Personal Audio has been trying to assert patents they claim cover podcasting for some time now; in March Adam Carolla was sued and decided to fight back. Via the EFF comes news that he has settled with Personal Audio, and the outcome is likely beneficial to those still fighting the trolls. From the article: Although the settlement is confidential, we can guess the terms. This is because Personal Audio sent out a press release last month saying it was willing to walk away from its suit with Carolla. So we can assume that Carolla did not pay Personal Audio a penny. We can also assume that, in exchange, Carolla has given up the opportunity to challenge the patent and the chance to get his attorney’s fees. ... EFF’s own challenge to Personal Audio’s patent is on a separate track and will continue ... with a ruling likely by April 2015. ... We hope that Personal Audio’s public statements on this issue mean that it has truly abandoned threatening and suing podcasters. Though a press release might not be legally binding, the company will have a hard time justifying any further litigation (or threats of litigation) against podcasters. Any future targets can point to this statement. Carolla deserves recognition for getting this result.
itwbennett (1594911) writes Community Health Systems said the attack occurred in April and June of this year, but it wasn't until July that it determined the theft had taken place. Working with a computer security company, it determined the attack was carried out by a group based in China that used 'highly sophisticated malware' to attack its systems. The hackers got away with patient names, addresses, birthdates, telephone numbers and Social Security numbers of the 4.5 million people who were referred to or received services from doctors affiliated with the company in the last five years. The stolen data did not include patient credit card, medical, or clinical information.
A few weeks ago, Rightscorp announced plans to have ISPs disconnect repeat copyright infringers. mpicpp (3454017) wrote in with news that Rightscorp announced during their latest earnings call further plans to require ISPs to block all web access (using a proxy system similar to hotel / college campus wifi logins) until users admit guilt and pay a settlement fine (replacing the current system of ISPs merely forwarding notices to users). Quoting TorrentFreak: [Rightscorp] says 75,000 cases have been settled so far with copyright holders picking up $10 from each. ... What is clear is that Rightscorp is determined to go after "Comcast, Verizon, AT&T, Cable Vision and one more" in order to "get all of them compliant" (i.e forwarding settlement demands). The company predicts that more details on the strategy will develop in the fall, but comments from COO & CTO Robert Steele hint on how that might be achieved. ... "[What] we really want to do is move away from termination and move to what's called a hard redirect, like, when you go into a hotel and you have to put your room number in order to get past the browser and get on to browsing the web." The idea that mere allegations from an anti-piracy company could bring a complete halt to an entire household or business Internet connection until a fine is paid is less like a "piracy speeding ticket" and more like a "piracy wheel clamp", one that costs $20 to have removed.
alphadogg (971356) writes with news that the transition from Windows to GNU/Linux in Munich may be in danger The German city of Munich, long one of the open-source community's poster children for the institutional adoption of Linux, is close to performing a major about-face and returning to Microsoft products. Munich's deputy mayor, Josef Schmid, told the Süddeutsche Zeitung that user complaints had prompted a reconsideration (Google translation to English) of the city's end-user software, which has been progressively converted from Microsoft to a custom Linux distribution — "LiMux" — in a process that dates back to 2003.
An anonymous reader writes The debate over Internet governance for much of the past decade has often come down to a battle between ICANN and the United Nations. The reality has always been far more complicated. The U.S. still maintains contractual control over ICANN, while all governments exert considerable power within the ICANN model through the Governmental Advisory Committee (GAC). Now governments are looking for even more power, seeking a near-complete veto power of ICANN decisions.
An anonymous reader writes Julian Assange has hosted a press conference in which he indicated he is soon about to leave the embassy of Ecuador in London. From the article: "WikiLeaks founder Julian Assange, who has spent over two years in Ecuador's London embassy to avoid a sex crimes inquiry in Sweden, said on Monday he planned to leave the building 'soon', but Britain signaled it would still arrest him if he tried. Assange made the surprise assertion during a news conference alongside Ecuador's Foreign Minister Ricardo Patino. But his spokesman played down the chances of an imminent departure, saying the British government would first need to revise its position and let him leave without arrest, something it has repeatedly refused to do.
Rick Zeman writes Wired has an interesting article on the possibility of selectable ethical choices in robotic autonomous cars. From the article: "The way this would work is one customer may set the car (which he paid for) to jealously value his life over all others; another user may prefer that the car values all lives the same and minimizes harm overall; yet another may want to minimize legal liability and costs for herself; and other settings are possible. Philosophically, this opens up an interesting debate about the oft-clashing ideas of morality vs. liability." Meanwhile, others are thinking about the potential large scale damage a robot car could do.
Lasrick writes Patrick Lin writes about a recent FBI report that warns of the use of robot cars as terrorist and criminal threats, calling the use of weaponized robot cars "game changing." Lin explores the many ways in which robot cars could be exploited for nefarious purposes, including the fear that they could help terrorist organizations based in the Middle East carry out attacks on US soil. "And earlier this year, jihadists were calling for more car bombs in America. Thus, popular concerns about car bombs seem all too real." But Lin isn't too worried about these threats, and points out that there are far easier ways for terrorists to wreak havoc in the US.
An anonymous reader writes "The former CEO of Redflex, a major red light camera vendor, and John Bills, former Managing Deputy Commissioner at the Department of Transportation, have been indicted on federal corruption charges stemming from a contract with the City of Chicago. According to the indictment, a friend of Bills was hired as a contractor and paid $2 million. Much of that money was then kicked back to Bills, who also got a Mercedes and a condominium via Redflex employees. The defendants are facing 23 counts including: mail fraud, wire fraud, and bribery. Each fraud count carries a maximum sentence of 20 years."
An anonymous reader writes The editor of a Bitcoin advocacy site believes the proliferation of altcoins (cryptocurrencies other than Bitcoin) is harming Bitcoin's long-term potential as an alternative to traditional currencies. Posting at BadBitcoin.org, a site that seeks to expose online scams that target Bitcoin users, the pseudonymous ViK compares altcoins, including the Internet meme inspired Dogecoin, to a pump-and-dump scheme where developers create their own version of the Bitcoin wallet and blockchain and then "pre-mine" or generate a significant number of cryptocurrency units before the altcoin's official release. Later, when their value has risen, the pre-mined altcoins are exchanged for Bitcoin or in some cases converted directly to cash. While critics of cryptocurrencies in general might find ViK's comments about the altcoin "tulip" mania ironic, the self-confessed Bitcoin fan is nevertheless calling for an altcoin boycott: "The easiest way to stop them is to not participate. We all know that they only have one purpose, and that is to make Bitcoin for the so called developers."
First time accepted submitter kavzee writes The popular Australian online discussion forum, Whirlpool, is being sued by a financial services group for refusing to remove a negative review about its services. A similar story occurred a number of years ago when another company by the name of 2Clix attempted to sue Whirlpool for the same reasons but later withdrew their case. "A financial services business licenced through National Australia Bank is suing an online forum for refusing to remove an allegedly fake and negative post about its services, claiming it has damaged its reputation with would-be clients. It is the latest legal action launched against an online forum or review website for publishing negative comments, following several high profile cases in Australia and overseas. Financial advice group WCS Group has initiated action against Whirlpool in the Supreme Court of Victoria, seeking unspecified damages and costs, despite the fact the forum generates no revenue."
An anonymous reader writes: The Electronic Frontier Foundation has updated its guide for protecting yourself and your cell phone at a protest. In addition to being extremely powerful tools (real-time communication to many watchers via social media, and video recording functionality), cell phones can also give authorities a lot of information about you if they confiscate it. The EFF is trying to encourage cell phone use and prepare people to use them. (The guide is based on U.S. laws, but much of the advice makes sense for other places as well.) Here are a few small snippets: "Start using encrypted communications channels. Text messages, as a rule, can be read and stored by your phone company or by surveillance equipment in the area. ... If the police ask to see your phone, tell them you do not consent to the search of your device. Again, since the Supreme Court's decision in Riley, there is little question that officers need a warrant to access the contents of your phone incident to arrest, though they may be able to seize the phone and get a warrant later. ... If your phone or electronic device was seized, and is not promptly returned when you are released, you can file a motion with the court to have your property returned."
v3rgEz writes: Wondering how the St. Louis County Police ended up armed with surplus military gear, and what equipment other departments have? A FOIA request at MuckRock has turned up every item given to local law enforcement under the Pentagon's 1022 program, the mechanism by which local law enforcement can apply for surplus or used military gear.
New submitter Nocturrne writes: The FOSS project Lantern is having great success in unblocking the internet for many users in oppressive regimes, like China and Iran. Much like Tor and BitTorrent, Lantern is using peer-to-peer networking to overcome firewalls, but with the additional security of a trusted network of friends. "If you download Lantern in an uncensored region, you can connect with someone in a censored region, who can then access whatever content they want through you. What makes the system so unique is that it operates on the basis of trust. ... Through a process called consistent routing, the amount of information any single Lantern user can learn about other users is limited to a small subset, making infiltration significantly more difficult." The network of peers is growing, but we need more friends in uncensored countries to join us.
Advocatus Diaboli writes with this excerpt from Heise: Since the early days of TCP, port scanning has been used by computer saboteurs to locate vulnerable systems. In a new set of top secret documents seen by Heise, it is revealed that in 2009, the British spy agency GCHQ made port scans a "standard tool" to be applied against entire nations. Twenty-seven countries are listed as targets of the HACIENDA program in the presentation, which comes with a promotional offer: readers desiring to do reconnaissance against another country need simply send an e-mail. Also from the article: The list of targeted services includes ubiquitous public services such as HTTP and FTP, as well as common administrative protocols such as SSH (Secure SHell protocol – used for remote access to systems) and SNMP (Simple Network Management Protocol – used for network administration) (Figure 4). Given that in the meantime, port scanning tools like Zmap have been developed which allow anyone to do comprehensive scans, it is not the technology used that is shocking, but rather the gargantuan scale and pervasiveness of the operation.
An anonymous reader writes Reuters reported on Friday that Apple "has begun keeping the personal data of some Chinese users on servers in mainland China." Apple has claimed that the move is meant "to improve the speed and reliability of its iCloud service", but given China's track record with censorship and privacy, the explanation rings hollow for some skeptics. Nevertheless, Apple assures its Chinese users that their personal data on China Telecom is encrypted and that the encryption keys will be stored offshore. Only time will tell if Apple will be able to resist Chinese government requests to access its China-based servers.
stoborrobots writes: The Government Accountability Office has investigated the cost blowouts associated with how the Centers for Medicare & Medicaid Services (CMS) handled the Healthcare.gov project. It has released a 60-page report entitled Healthcare.gov: Ineffective Planning and Oversight Practices Underscore the Need for Improved Contract Management, with a 5 page summary. The key takeaway messages are:
An anonymous reader writes US Department of Defense contractors will have to wait until September 24 to see what specific rules they will be required to follow when it comes to the reporting of computer breaches to the DoD. This particular requirement has been mandated by the US Congress last year, in an attempt to get clear view of the type and frequency of attacks contractors face. The US Congress will require "cleared defense contractors" — i.e. those who have been granted clearance by the DoD to access, receive, or store classified information — to effect a rapid report in the wake of a successful breach, and to include in it a description of the technique or method used in the penetration, a sample of the malicious software used (if discovered), and a summary of information created for the Department in connection with any Department program that has been potentially compromised due to such penetration.
Jason Koebler writes The FBI has had an eager eye on surveillance drones since first experimenting with remote control airplanes in 1995. But budget cuts nearly ended the Bureau's unmanned machinations in 2010, and it took a dedicated push aimed at making drones "a tool the FBI cannot do without" to cement their place in the FBI's surveillance toolkit. The near termination—and subsequent expansion—of the FBI's drone program over the past four years is chronicled in hundreds of heavily-redacted pages released under a lawsuit filed by Citizens for Responsibility and Ethics in Washington over the past several months.
An anonymous reader is just one of many who have pointed out that things don't look good for Uber in Berlin. Berlin has banned car service Uber, which allows users to summon a ride on their smartphone, for not offering drivers and vehicles licensed to carry passengers, or full insurance cover, the German capital said. The ban takes immediate effect and Uber risks fines of up to 25,000 euros each time it violates the city's Public Transport Act, Berlin authorities said in a statement. Uber said on Thursday it would appeal against the decision, accusing Berlin of denying its people choice and mobility. "As a new entrant we are bringing much-needed competition to a market that hasn't changed in years. Competition is good for everyone and it raises the bar and ultimately it's the consumer who wins," said Fabien Nestmann, German General Manager at Uber. Undaunted by the setback in Berlin, Uber has launched uberTAXI in Hong Kong.
An anonymous reader writes "Google today announced it is expanding its Safe Browsing service to protect users against malware that makes unexpected changes to your computer. Google says it will show a warning in Chrome whenever an attempt is made to trick you into downloading and installing such software. In the case of malware, PUA stands for Potentially Unwanted Application, which is also sometimes called Potentially Unwanted Program or PUP. In short, the broad terms encompass any downloads that the user does not want, typically because they display popups, show ads, install toolbars in the default browser, change the homepage or the search engine, run several processes in the background that slow down the PC, and so on."
Daniel_Stuckey writes with a story about an interesting (or, you might think, creepy) institution at the University of Washington's Seattle campus. It's the Center for Game Science, a research lab that makes educational video games for children, and that received the bulk of its funding from the Defense Advanced Research Projects Agency, the wing of the U.S. Department of Defense that supports research into experimental military technology. Why is DARPA the original primary funder of the CGS? According to written and recorded statements from current and former DARPA program managers, as well as other government documents, the DARPA-funded educational video games developed at the CGS have a purpose beyond the pretense of teaching elementary school children STEM skills.
An anonymous reader writes Ryan Lackey of CloudFlare and Marc Rogers of Lookout revealed a new OPSEC device at Def Con called PORTAL (Personal Onion Router to Assure Liberty). It "provides always-on Tor routing, as well as 'pluggable' transport for Tor that can hide the service's traffic signature from some deep packet inspection systems." In essence, PORTAL is a travel router that the user simply plugs into their existing device for more than basic Tor protection (counterpoint to PogoPlug Safeplug and Onion Pi). On the down side, you have to download PORTAL from Github and flash it "onto a TP-Link compatible packet router." The guys behind the device acknowledge that not many people may want to (or even know how to) do that, so they're asking everyone to standby because a solution is pending. The project's GitHub page has a README file that lists compatible models, with some caveats: "It is highly recommended to use a modified router. The modified MR11U and WR703N provide a better experience than the stock routers due to the additional RAM. The severe space constraints of the stock router make them very challenging to work with. Due to the lack of usable space, it is necessary to use an external disk to store the Tor packages. The stock router has only a single USB port, and the best option is to use a microSD in a 3G modem." (Note: Lackey is no stranger to helping people secure internet privacy.)
mrspoonsi sends this BBC report: "A U.S. juggler facing child sex abuse charges, who jumped bail 14 years ago, has been arrested in Nepal after the use of facial-recognition technology. Street performer Neil Stammer traveled to Nepal eight years ago using a fake passport under the name Kevin Hodges. New facial-recognition software matched his passport picture with a wanted poster the FBI released in January. Mr Stammer, who had owned a magic shop in New Mexico, has now been returned to the U.S. state to face trial. The Diplomatic Security Service, which protects U.S. embassies and checks the validity of U.S. visas and passports, had been using FBI wanted posters to test the facial-recognition software, designed to uncover passport fraud. The FBI has been developing its own facial-recognition database as part of the bureau's Next Generation Identification program."
WIRED published a long piece on Edward Snowden today (worth a read on its own), and simultaneously broke news of "MonsterMind," an NSA program to monitor all network traffic and detect attacks, responding with a counterattack automatically. From the article: Although details of the program are scant, Snowden tells WIRED in an extensive interview with James Bamford that algorithms would scour massive repositories of metadata and analyze it to differentiate normal network traffic from anomalous or malicious traffic. Armed with this knowledge, the NSA could instantly and autonomously identify, and block, a foreign threat. More than this, though, Snowden suggests MonsterMind could one day be designed to return fire — automatically, without human intervention... Snowden raised two issues with the program: the source of an attack could be spoofed to trick the U.S. into attacking an innocent third party, and the violation of the fourth amendment since the NSA would effectively need to monitor all domestic network traffic for the program to work. Also in Bamford's interview are allegations that the NSA knocked Syria offline in 2012 after an attempt to install intercept software on an edge router ended with the router being bricked.
Lasrick writes: Although the complicity of scientists in the smuggling of radioactive materials has been a long-standing concern, smuggling-prevention efforts have so far failed to recognize a key aspect to the problem: scientists are often sought out to test the quality and level of the material well before it is taken to the black market. Egle Murauskaite of the U.S. National Consortium for the Study of Terrorism and Responses to Terrorism (START) describes why concentrating on this aspect of the smuggling process, long considered less egregious than the actual selling of the material, could really make a difference in keeping radioactive materials off the black market in the first place.
dcblogs writes: Mikey Dickerson, a site reliability engineer at Google, who was appointed Monday by the White House as the deputy federal CIO, will lead efforts to improve U.S. Websites. Dickerson, who worked on the Healthcare.gov rescue last year, said that one issue the government needs to fix is its culture. In describing his experience on the Healthcare.gov effort, he said the workplace was "not one that is optimized to get good work out of engineers." It was a shirt-and-tie environment, and while Dickerson said cultural issues may sound superficial, they are still real. "You don't have to think that the engineers are the creative snowflakes and rock stars that they think they are, you don't have to agree with any of that," Dickerson said in a recent conference presentation posted online. "I'm just telling you that's how they think of themselves, and if you want access to more of them, finding a way to deal with that helps a lot." Engineers want to make a difference, Dickerson said, and he has collected the names of more than 140 engineers who would be willing to take unpaid leave from their jobs to work on a meaningful project.
An anonymous reader writes: Phil Plait reports that a trio of U.S. Congressmen are asking NASA to investigate what they call "an epidemic of anomalies" at SpaceX. They sent a memo (PDF) demanding that SpaceX be held accountable to taxpayers for mission delays stemming from the development of new rockets. Plait notes, "[A]s a contractor, the rules are different for them than they would be if NASA themselves built the rockets, just as the rules are for Boeing or any other contractor. In fact, as reported by Space News, NASA didn't actually pay for the development of the Falcon 9; Elon Musk did." He adds, "Another reason this is silly is that every rocket ever made has undergone problems; they are fiendishly complex machines and no design has ever gotten from the drafting board to the launch pad without issues. Sure, SpaceX has experienced launch delays and other problems, but the critical thing to remember is that those problems are noted, assessed, and fixed sometimes within hours or minutes." Plait accuses the congressmen of trying to bury private spaceflight under red tape in order to protect established industries in their own states.
lrosen (attorney Lawrence Rosen) writes with a response to an article that appeared on Opensource.com late last month, detailing a court case that arose between Versata Software and Ameriprise Financial Services; part of the resulting dispute hinges on Versata's use of GPL'd software (parsing utility VTD-X, from Ximpleware), though without acknowledging the license. According to the article's author, attorney Aaron Williamson (former staff attorney for the Software Freedom Law Center), "Lawyers for commercial software vendors have feared a claim like this for essentially the entire 20-odd-year lifetime of the GPL: a vendor incorporates some GPL-licensed code into a product—maybe naively, maybe willfully—and could be compelled to freely license the entire product as a result. The documents filed by Amerprise in the case reflect this fearful atmosphere, adopting the classically fear-mongering characterization of the GPL as a 'viral' license that 'infects' its host and 'requires it to become open source, too.'" Rosen writes: I want to acknowledge Aaron's main points: This lawsuit challenges certain assumptions about GPLv2 licensing, and it also emphasizes the effects of patents on the FOSS (and commercial) software ecosystem. I also want to acknowledge that I have been consulted as an expert by the plaintiff in this litigation (Ximpleware vs. Versata, et al.) and so some of what I say below they may also say in court. Read on for the rest (and Williamson's article, too, for a better understanding of this reaction to it). An important take-away: it's not just the license that matters.
An anonymous reader writes "Criminals smuggle an estimated $30 billion in U.S. currency into Mexico each year from the United States, most of it laundered drug money. But researchers say help is on the way for border guards in the form of a portable device that identifies specific vapors given off by U.S. paper money. "We're developing a device that mimics the function of trained dogs 'sniffing' out concealed money, but without the drawbacks, such as expensive training, sophisticated operators, down time and communication limitations," says Suiqiong Li, Ph.D., a member of the research team behind the technology. When developing the device, the researchers first had to figure out which gases money emits and how fast that happens. It turned out that the gases are a set of trace chemicals, including aldehydes, furans and organic acids." What do bitcoins smell like?
metasonix (650947) writes On Sunday the 2014 Wikimania conference in London closed. Wikimania is the major annual event for Wikipedia editors, insiders and WMF employees to meet face-to-face, give presentations and submit papers. Usually they are full of "Wiki-Love" and good feelings; but this year, as the Wikipediocracy blog summarized, Wikipedia and its "god-king" Jimmy Wales came under considerable fire from the UK media — a very unusual occurrence. And much of it was direct criticism of Wales himself, including a very hostile interview by BBC journalist James O'Brien, who had been repeatedly defamed in his Wikipedia biography by persons unknown.
concertina226 (2447056) writes Scientists at China's Southwest University in Chongqing are working on a new type of camera that takes Big Brother to a whole new level – the camera is meant to detect highly stressed individuals so that police can catch them before they commit a crime. The camera makes use of hyperspectral imaging, i.e. a 'stress sensor' that measures the amount of oxygen in blood across visible areas of the body, such as the face. Chinese authorities are deeply concerned about the recent spate of deadly attacks occurring in public places, such as the mass stabbing attack by eight knife-wielding extremists in the city of Kunming, Yunnan in March, which left 29 civilians dead and over 140 others injured.
An anonymous reader writes In yet another example of the quality of Comcast's customer service, a story surfaced today of a Comcast customer who was over-charged for a service that was never provided. At first, the consumer seemed to be on the losing end of a customer service conversation, with Comcast insisting that the charges were fair. But then, the consumer whipped out a recording of a previous conversation that he had with another Comcast representative in which not only was the consumer promised that he wouldn't be charged for services not rendered, but the reason why was explained. Suddenly Comcast conceded, and the fees were dropped. But most telling of all, the Comcast rep implied that she only dropped them because he had taped his previous interaction with Comcast customer service. I wish I had recordings of every conversation that I've ever had with AT&T, the USPS, and the landlord I once had in Philadelphia. Lifehacker posted last year a few tips on the practicality of recording phone calls, using Google Voice, a VoIP service, or a dedicated app. Can anyone update their advice by recommending a good Android app (or iOS, for that matter) designed specifically to record sales and service calls, complete with automated notice?
Via Ars Technica comes news that an Amtrak employee was paid nearly $900,000 over the last ten years to give the DEA passenger lists outside of normal channels. Strangely enough, the DEA already had access to such information through official channels. From the article: The employee, described as a "secretary to a train and engine crew" in a summary obtained by the AP, was selling the customer data without Amtrak's approval. Amtrak and other transportation companies collect information from their customers including credit card numbers, travel itineraries, emergency contact info, passport numbers, and dates of birth. When booking tickets online in recent years, Amtrak has also collected phone numbers and e-mail addresses. ... Amtrak has long worked closely with the DEA to track drug trafficking activity on its train lines. The Albuquerque Journal reported in 2001 that "a computer with access to Amtrak's ticketing information sits on a desk in the [DEA]'s local office," wrote the ACLU.
wabrandsma (2551008) writes From The Economist: "The patent system, which was developed independently in 15th century Venice and then in 17th century England, gave entrepreneurs a monopoly to sell their inventions for a number of years. Yet by the 1860s the patent system came under attack, including from The Economist. Patents, critics argued, stifled future creativity by allowing inventors to rest on their laurels. Recent economic research backs this up."
SpzToid writes Following up an earlier story here on Slashdot, now Xiaomi has apologized for collecting private data from its customers. From the article: "Xiaomi Inc said it had upgraded its operating system to ensure users knew it was collecting data from their address books after a report by a computer security firm said the Chinese budget smartphone maker was taking personal data without permission. The privately held company said it had fixed a loophole in its cloud messaging system that had triggered the unauthorized data transfer and that the operating system upgrade had been rolled out on Sunday. The issue was highlighted last week in a blog post by security firm F-Secure Oyg. In a lengthy blogpost on Google Plus, Xiaomi Vice President Hugo Barra apologized for the unauthorized data collection and said the company only collects phone numbers in users' address books to see if the users are online."
McGruber writes An internal investigation by the U.S. Patent and Trademark Office found that some of its 8,300 patent examiners repeatedly lied about the hours they were putting in and many were receiving bonuses for work they did not do. While half of the USPTO's Patent Examiners work from home full time, oversight of the telework program — and of examiners based at the Alexandria headquarters — was "completely ineffective," investigators concluded. The internal investigation also unearthed another widespread problem. More than 70 percent of the 80 managers interviewed told investigators that a "significant" number of examiners did not work for long periods, then rushed to get their reviews done at the end of each quarter. Supervisors told the review team that the practice "negatively affects" the quality of the work. "Our quality standards are low," one supervisor told the investigators. "We are looking for work that meets minimal requirements." Patent examiners review applications and grant patents on inventions that are new and unique. They are experts in their fields, often with master's and doctoral degrees. They earn at the top of federal pay scale, with the highest taking home $148,000 a year.
An anonymous reader writes Have you heard of personalized postage stamps? You pay the value of the stamps plus a fee and the post office prints official stamps usable for postage which show (almost) anything you can put into a jpeg file. An Austrian Tibet supporter found out what 'almost' means. He submitted a picture of the Dalai Lama with the text 'His Holiness the Dalai Lama,' but the Austrian post office refused to produce these stamps. Stampnews and the Neue Zuercher Zeitung (autotranslation) reported that this had been due to pressure from the Chinese embassy in Vienna. Now there is a video showing how visual cryptography has been used to get around this attempt at censorship [caution: organ music] .
Def Con shows no mercy. As gleefully reported by sites several Blackberry-centric sites, researcher Justin Case yesterday demonstrated that he could root the much-heralded Blackphone in less than five minutes. From n4bb.com's linked report: "However, one of the vulnerabilities has already been patched and the other only exploitable with direct user consent. Nevertheless, this only further proves you cannot add layers of security on top of an underlying platform with security vulnerabilities." Case reacts via Twitter to the crowing: "Hey BlackBerry idiots, stop miss quoting me on your blogs. Your phone is only "secure" because it has few users and little value as a target."
An anonymous reader writes with a link to a story in the LA Times: "Few places in the country are so warm and bright as Mary Wilkerson's property on the beach near St. Petersburg, Fla., a city once noted in the Guinness Book of World Records for a 768-day stretch of sunny days. But while Florida advertises itself as the Sunshine State, power company executives and regulators have worked successfully to keep most Floridians from using that sunshine to generate their own power. Wilkerson discovered the paradox when she set out to harness sunlight into electricity for the vintage cottages she rents out at Indian Rocks Beach. She would have had an easier time installing solar panels, she found, if she had put the homes on a flatbed and transported them to chilly Massachusetts. While the precise rules vary from state to state, one explanation is the same: opposition from utilities grown nervous by the rapid encroachment of solar firms on their business."