New submitter ukemike points out an article at CNET reporting on a how there's a "waiting list" for Apple to decypt iPhones seized by various law enforcement agencies. This suggests two important issues: first, that Apple is apparently both capable of and willing to help with these requests, and second, that there are too many of them for the company to process as they come in. From the article: "Court documents show that federal agents were so stymied by the encrypted iPhone 4S of a Kentucky man accused of distributing crack cocaine that they turned to Apple for decryption help last year. An agent at the ATF, the federal Bureau of Alcohol, Tobacco, Firearms and Explosives, 'contacted Apple to obtain assistance in unlocking the device,' U.S. District Judge Karen Caldwell wrote in a recent opinion. But, she wrote, the ATF was 'placed on a waiting list by the company.' A search warrant affidavit prepared by ATF agent Rob Maynard says that, for nearly three months last summer, he "attempted to locate a local, state, or federal law enforcement agency with the forensic capabilities to unlock' an iPhone 4S. But after each police agency responded by saying they 'did not have the forensic capability,' Maynard resorted to asking Cupertino. Because the waiting list had grown so long, there would be at least a 7-week delay, Maynard says he was told by Joann Chang, a legal specialist in Apple's litigation group. It's unclear how long the process took, but it appears to have been at least four months."
An anonymous reader writes "Yesterday, Russia's Foreign Minister declared that Moscow would not sell any new surface-to-air missiles to Syria, although there is a catch. He said old contracts are being honored. Could old contracts just be code for an already signed, but undisclosed deal for the S-300? Lavarov certainly left the door open: '...when questioned in particular about the S-300, his reply was not clear if the "earlier contracts" were for the S-300 or something else.' With Israeli Prime Minister Binyamin Netanyahu going to the Black Sea town of Sochi early next week for talks with President Vladimir Putin, it seems they may have something to talk about."
New submitter phrackthat writes with news that California State Senator Leland Yee (D-S.F.) says he wants regulations to track who owns and uses 3-D printers. Yee's comments come in response to the recent news of Defense Distributed's successful test-firing of a 3-D printed gun. "He's concerned that just about anyone with access to those cutting-edge printers can arm themselves. 'Terrorists can make these guns and do some horrible things to an individual and then walk away scott-free, and that is something that is really dangerous,' said Yee. He said while this new technology is impressive, it must be regulated when it comes to making guns. He says background checks, requiring serial numbers and even registering them could be part of new legislation that he says will protect the public. Yee added, 'This particular gun has no trace whatsoever.'"
New submitter lxrocks writes "Tax authorities in the U.S., Britain, and Australia have announced they are working with a gigantic cache of leaked data that may be the beginnings of one of the largest tax investigations in history. The secret records are believed to include those obtained by the International Consortium of Investigative Journalists that lay bare the individuals behind covert companies and private trusts in the British Virgin Islands, the Cook Islands, Singapore and other offshore hideaways. The IRS said, 'There is nothing illegal about holding assets through offshore entities; however, such offshore arrangements are often used to avoid or evade tax liabilities on income represented by the principal or on the income generated by the underlying assets. In addition, advisors may be subject to civil penalties or criminal prosecution for promoting such arrangements as a means to avoid or evade tax liability or circumvent information reporting requirements.'"
theodp writes "Valleywag's Adrian Chen wasn't the only one troubled by the tactics of Mark Zuckerberg's FWD.us political lobbying group. Composed of a Who's Who of tech millionaires and billionaires, the group boasted its control of massive distribution channels, broad popularity with Americans, and money would make it a political force to be reckoned with. But the group came under fire for embracing decidedly old-school political tactics, forming both left-leaning and right-leaning subsidiaries, thus broadening its appeal to those who might help advance its agenda. Reports that FWD.us had funded ads praising Arctic oil drilling drew fire from critics, including Tesla/SpaceX CEO Elon Musk, who FWD.us listed as a 'Major Supporter.' Not anymore. Valleywag reports that Musk has quit Zuckerberg's lobbying cabal, apparently feeling that the group's ends did not justify their hit-both-sides-of-the-aisle-to-get-what-you-want means. 'I have spent a lot of time fighting far larger lobbying organizations in DC and believe that the right way to win on a cause is to argue the merits of that cause,' Musk said. 'This statement may surprise some people, but my experience is that most (not all) politicians and their staffs want to do the right thing and eventually do.' By the way, didn't members of the Zuck PACk create, fund, and appear on Code.org, which lamented the sad state of U.S. CS education and featured a slick documentary showing technically clueless little kids, just weeks before launching their pro-techie immigration push? Hey, all's fair in love and lobbying!"
alphadogg writes "Incidents of cellphone theft have been rising for several years and are fast becoming an epidemic. IDG News Service collected data on serious crimes in San Francisco from November to April and recorded 579 thefts of cellphones or tablets, accounting for 41 percent of all serious crime. In just over half the incidents, victims were punched, kicked or otherwise physically intimidated for their phones, and in a quarter of robberies, users were threatened with guns or knives. This isn't just happening in tech-loving San Francisco, either. The picture is similar across the United States. A big reason for such thefts, until recently, is that there had been little to stop someone using a stolen cellphone. Reacting to pressure from law enforcement and regulators, the U.S.'s largest cellphone carriers agreed early last year to establish a database of stolen cellphones."
ais523 writes "The Federal Circuit has divided CLS Bank vs. Alice Corp., a case about various sorts of patents, including software patents. Although the judges disagreed, to a lesser or greater extent, on the individual parts of the ruling, more than half decided that the patents in question — algorithms for hedging risk — were ineligible patent matter, and that merely adding an 'on a computer'-like clause to an abstract algorithm does not make it patentable. Further coverage is available at Groklaw, or you can read the opinion itself (PDF)."
theodp writes "Big Bloomberg is watching you. CNN reports that was the unsettling realization Goldman Sachs execs came to a few weeks ago when a Bloomberg reporter inadvertently revealed that reporters from the news and financial data provider had surveillance capabilities over users of Bloomberg terminals. 'Limited customer relationship data has long been available to our journalists,' acknowledged a Bloomberg spokesman. 'In light of [Goldman's] concern as well as a general heightened sensitivity to data access, we decided to disable journalist access to this customer relationship information for all clients.' Business Insider is now reporting on allegations that Bloomberg reporters used terminals to spy on JPMorgan during the 'London Whale' disaster; Bloomberg bragged about its leadership on this story."
Mobile photo-sharing app SnapChat has one claim to fame, compared to other ways people might share photos from their cellphones: the photos, once viewed, disappear from view, after a pre-set length of time. However, it turns out they don't disappear as thoroughly as users might like. New submitter nefus writes with this excerpt from Forbes: "Richard Hickman of Decipher Forensics found that it's possible to pull Snapchat photos from Android phones simply by downloading data from the phone using forensics software and removing a '.NoMedia' file extension that was keeping the photos from being viewed on the device. He published his findings online and local TV station KSL has a video showing how it's done."
An anonymous reader writes "A recurring theme in comments on Slashdot since the 9/11 attacks has been concern about the use of government power to monitor or suppress political activity unassociated with terrorism but rather based on ideology. It has just been revealed that the IRS has in fact done that. From the story: "The Internal Revenue Service inappropriately flagged conservative political groups for additional reviews during the 2012 election . . . Organizations were singled out because they included the words 'tea party' or 'patriot' in their applications for tax-exempt status, said Lois Lerner, who heads the IRS division that oversees tax-exempt groups. In some cases, groups were asked for their list of donors, which violates IRS policy in most cases, she said. 'That was wrong. That was absolutely incorrect, it was insensitive and it was inappropriate. That's not how we go about selecting cases for further review,' Lerner said . . . 'The IRS would like to apologize for that,' she added. . . . Lerner said the practice was initiated by low-level workers in Cincinnati and was not motivated by political bias. . . . she told The AP that no high level IRS officials knew about the practice. Tea Party groups were livid on Friday. ... In all, about 300 groups were singled out for additional review. . . Tea Party groups weren't buying the idea that the decision to target them was solely the responsibility of low-level IRS workers. ... During the conference call it was stated that no disciplinary action had been taken by those who engaged in this activity. President Obama has previously joked about using the IRS to target people." So it's not how they choose cases for review (except when it is), and was not motivated by political bias (except that it was). Also at National Review, with more bite.
An anonymous reader writes "John McCain, Republican Senator for Arizona and former U.S. presidential candidate, is drafting a new bill that would pressure TV providers to allow customers to select and pay for only the channels they want to watch. The bill will also 'bar TV networks from bundling their broadcast stations with cable channels they own during negotiations with the cable companies, according to industry sources. So for example, the Disney Company, which owns both ABC and ESPN, could not force a cable provider to pay for ESPN in order to carry ABC.' Perhaps most importantly, the bill could 'end the sports blackout rule, which prohibits cable companies from carrying a sports event if the game is blacked out on local broadcast television stations.' This would hamstring the ludicrous practice of blacking out TV broadcasts in order to drive fans to buy actual tickets to a game. The cable and satellite TV industry is expected to push back very strongly against the bill."
Doug Otto writes "Buried deep in the bowels of a bi-partisan immigration reform bill is a 'photo tool.' The goal is to create a photo database consisting of every citizen. Wired calls it 'a massive federal database administered by the Department of Homeland Security and containing names, ages, Social Security numbers and photographs of everyone in the country with a driver’s license or other state-issued photo ID.' Of course the database would be used only for good, and never evil. 'This piece of the Border Security, Economic Opportunity, and Immigration Modernization Act is aimed at curbing employment of undocumented immigrants. But privacy advocates fear the inevitable mission creep, ending with the proof of self being required at polling places, to rent a house, buy a gun, open a bank account, acquire credit, board a plane or even attend a sporting event or log on the internet.'"
In an overdue but welcome move, President Obama today issued an executive order mandating "open and machine-readable data" for government-published information. Also, kodiaktau writes "In a move to make data more readily available, the United States of America has announced the Project Open Data and has chosen GitHub to host the content." Ars has a great article on the announced policy, but as you might expect, it comes with caveats, exceptions, sub-goals and committees; don't expect too much change per day, or assume you have a right to open data, exactly, in the eyes of the government, but — "subject to appropriations" — it sounds good on paper. (I'd like the next step to be requiring that all file formats used by the government be open source.)
An anonymous reader writes with this snippet from Ars Technica: "Righthaven, the Las Vegas operation that sought to turn newspaper article copyright lawsuits into a business model, can now slap a date on its death certificate: May 9, 2013. This morning, the U.S. Court of Appeals for the Ninth Circuit ruled on the two Righthaven appeals that could have given the firm a final glimmer of hope — and the court told Righthaven to take a hike (PDF)."
First time accepted submitter He Who Has No Name writes "While the ATF appears to have no open objection to 3D printed firearms at this time, the Department of Defense apparently does. A short while ago, '#DEFCAD has gone dark at the request of the Department of Defense Trade Controls. Take it up with the Secretary of State' appeared on the group's site, and download links for files hosted there began to give users popups warning of the DoD takeover." Well, that didn't take long. Note: As of this writing, the site is returning an error, rather than the message above, but founder Cody Wilson has posted a similar message to twitter. At least the Commander in Chief is in town to deliver the message personally. Update: 05/09 21:17 GMT by T : Tweet aside, that should be Department of State, rather than Department of Defense, as many readers have pointed out. (Thanks!)
Wired has published a book review of sorts of a freely downloadable book called Untangling the Web: A Guide to Internet Research. If that title came from O'Reilly, Apress, or other big name in tech-publishing, it might be perfectly nice but less interesting. Instead, it was prepared as an internal guide for the NSA, and came to public attention through a FOIA request by MuckRock. (See this video interview with MuckRock's Michael Morisy at this year's SXSW.) The version that's been released is several years old. From Wired's report: "Although the author's name is redacted in the version released by the NSA, Muckrock's FOIA indicates it was written by Robyn Winder and Charlie Speight. A note the NSA added to the book before releasing it under FOIA says that the opinions expressed in it are the authors', and not the agency's. ... Lest you think that none of this is new, that Johnny Long has been talking about this for years at hacker conferences and in his book Google Hacking, you’d be right. In fact, the authors of the NSA book give a shoutout to Johnny, but with the caveat that Johnny’s tips are designed for cracking — breaking into websites and servers. 'That is not something I encourage or advocate,' the author writes." (Hat tip to ThinkGeek's Jacob Rose.)
Sparrowvsrevolution writes "The promise of a fully 3D-printable gun is that it can spread via the Internet and entirely circumvent gun control laws. Two days after that digital weapon's blueprint first appeared online, it seems to be fulfilling that promise. Files for the printable gun known as that 'Liberator' have been downloaded more than 100,000 times in two days, according to Defense Distributed, the group that created it. Those downloads were facilitated by Kim Dotcom's startup Mega, which Defense Distributed is using to host the Liberator's CAD files. And it's also been uploaded to the Pirate Bay, where it's one of the most popular files in the filesharing site's uncensorable 3D printing category."
judgecorp writes "The city of San Francisco has abandoned a law proposed in 2010 which would have required mobile phones to be labelled with their radiation level. Mobile phone industry body the CTIA fought the bill in court, arguing that there is not enough evidence of harm. The city is not convinced phones are safe — it says its decision to abandon the law is simply based on the legal costs."
Drishmung writes "The New Zealand Commerce Minister Craig Foss today (9 May 2013) announced a significant change to the Patents Bill currently before parliament, replacing the earlier amendment with far clearer law and re-affirming that software really will be unpatentable in New Zealand. An article on the Institute of IT Professionals web site by IT Lawyer Guy Burgess looks at the the bill and what it means, with reference to the law in other parts of the world such as the USA, Europe and Britain (which is slightly different from the EU situation)."
DavidGilbert99 writes "This time last year the Queen officially introduced the Communications Data Bill (known as the Snooper's Charter to those opposing it). Last month it was effectively killed when the UK deputy prime minister Nick Clegg said it went too far and he wouldn't support it. Today the Queen was back and while there was no official mention of the Communications Data Bill, there was mention of 'crime in cyberspace' and a very strong hint that more legislation to monitor people's online activity is on the way."
gannebraemorr writes "The U.S. Department of Justice and the FBI believe they don't need a search warrant to review Americans' e-mails, Facebook chats, Twitter direct messages, and other private files, internal documents reveal. Government documents obtained by the American Civil Liberties Union and provided to CNET show a split over electronic privacy rights within the Obama administration, with Justice Department prosecutors and investigators privately insisting they're not legally required to obtain search warrants for e-mail."
New submitter giveen1 writes "I recieved this email as a former Demonoid.me user. I tried to go to the website and link is dead. ... 'Dear Demonoid Community Member, We have all read the same news stories: The Demonoid servers shut down and seized in the Ukraine. The Demonoid admin team detained in Mexico. The demonoid.me domain snatched and put up for sale. The Demonoid trackers back online in Hong Kong, but then disappearing. ... Now for some good news: The heart and soul of Demonoid lives on! Through an amazing sequence of unlikely events, the data on those Ukrainian servers has made its way into the safe hands of members of our community and has now been re-launched as d2.vu.'" But it turns out that the site was distributing malware, hosted on an American VPS, and quickly shut down after the provider discovered this. No word yet on how the Demonoid user database was acquired, but if you did make the mistake of trying to log in Torrent Freak warns: "New information just in suggests that if you logged into the fake Demonoid and used the same user/password combo on any other site (torrent, email, Steam, PayPal) you should change them immediately."
hypnosec tipped us to news that India is rolling out a new intrusive monitoring system, using the authority of a 2000 telecom law. Quoting The Times of India: "However, Pavan Duggal, a Supreme Court advocate specialising in cyberlaw, said the government has given itself unprecedented powers to monitor private Internet records of citizens. 'This system is capable of abuse,' he said. The Central Monitoring System, being set up by the Centre for Development of Telematics, plugs into telecom gear and gives central and state investigative agencies a single point of access to call records, text messages, and emails as well as the geographical location of individuals." Privacy advocates are worried about abuse, partially because India has no effective privacy legislation, and the "...Indian government under PM Manmohan Singh has taken an increasingly uncompromising stance when it comes to online freedoms, with the stated aim usually to preserve social order and national security or fight 'harmful' defamation."
FuzzNugget writes "According to Wired, the two CFAA charges that were laid against the man who exploited a software bug on a video poker machine have been officially dismissed. Says Wired: '[U.S. District Judge Miranda] Du had asked prosecutors to defend their use of the federal anti-hacking law by Wednesday, in light of a recent 9th Circuit ruling that reigned in the scope of the CFAA. The dismissal leaves John Kane, 54, and Andre Nestor, 41, facing a single remaining charge of conspiracy to commit wire fraud.' Kane's lawyer agreed, stating, 'The case never should have been filed under the CFAA, it should have been just a straight wire fraud case. And I'm not sure its even a wire fraud. I guess we'll find out when we go to trial.'"
wiredmikey writes "A new report from the Pentagon marked the most explicit statement yet from the United States that it believes China's cyber espionage is focused on the U.S. government, as well as American corporations. China kept up a steady campaign of hacking in 2012 that included attempts to target U.S. government computer networks, which could provide Beijing a better insight into America's policy deliberations and military capabilities, according to the Pentagon's annual assessment of China's military. 'China is using its computer network exploitation capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs,' said the report to Congress (PDF). The digital espionage was part of a broader industrial espionage effort that seeks to secure military-related U.S. and Western technology, allowing Beijing to scale back its reliance on foreign arms manufacturers, the report said. One day later, Beijing dismissed the Pentagon's report that accused it of widespread cyberspying on the U.S. government, rejecting it as an 'irresponsible' attempt to drum up fear of China as a military threat."
SternisheFan writes with an excerpt from Ars Technica: "Attacks exploiting a previously unknown and currently unpatched vulnerability in Microsoft's Internet Explorer browser have spread to at least nine other websites, including those run by a big European company operating in the aerospace, defense, and security industries as well as non-profit groups and institutes, security researchers said. The revelation, from a blog post published Sunday by security firm AlienVault, means an attack campaign that surreptitiously installed malware on the computers of federal government workers involved in nuclear weapons research was broader and more ambitious than previously thought. Earlier reports identified only a website belonging to the US Department of Labor as redirecting to servers that exploited the zero-day remote-code vulnerability in IE version 8. ... 'The specific Department of Labor website that was compromised provides information on a compensation program for energy workers who were exposed to uranium,' CrowdStrike said. 'Likely targets of interest for this site include energy-related US government entities, energy companies, and possibly companies in the extractive sector. Based on the other compromised sites other targeted entities are likely to include those interested in labor, international health and political issues, as well as entities in the defense sector.'"
SternisheFan tipped us to news that the infamous copyright trolls Prenda Law are in a bit of trouble with the law. Today, U.S. District Court judge Otis Wright issued sanctions against Prenda. He recommends that the lawyers involved be disbarred and fined, granted court and lawyer fees to the defendants (doubled for punishment), and has referred them for criminal prosecution. Among the findings of fact are that they set up dozens of shell companies to disguise the true owners, actually committed identity theft, dodged taxes on settlement money, lied to the court, and abused the court by setting settlements on flimsy charges just below the cost of a defense.
On Friday, we mentioned that Defense Distributed had created a (near-enough-to) fully 3-D printed pistol. Sparrowvsrevolution now writes that "Last week, the Liberator was fired for the first time at a firing range and successfully shot a .380 caliber bullet using a remote firing setup. Over the weekend, Defense Distributed's founder, the anarchist and radical libertarian Cody Wilson, was bold enough to try firing it by hand. The results of that test, witnessed by a reporter, indicate that the era of the 3D-printed firearm may be upon us, for better or for worse." Predictably, certain politicians are — so to speak — up in arms about it.
An anonymous reader writes "A Methusen, Mass. high schooler, who goes by the rapper name 'Cammy Dee' has been arrested after posting lyrics that police felt were 'communicating terrorist threats.' This wouldn't be the first time rap lyrics were investigated, but if formally charged for 'communicating terrorist threats' this would a set a chilling low bar for terrorist investigations."
New submitter davesays writes "CNN anchors Erin Burnett and Carol Costello have interviewed Former FBI Counterterrorisim specialist Tim Clemente. In the interviews he asserts that all digital communications are recorded and stored. Clemente: 'No, welcome to America. All of that stuff is being captured as we speak whether we know it or like it or not.' 'All of that stuff' — meaning every telephone conversation Americans have with one another on U.S. soil, with or without a search warrant — 'is being captured as we speak.' 'No digital communication is secure,' by which he means not that any communication is susceptible to government interception as it happens (although that is true), but far beyond that: all digital communications — meaning telephone calls, emails, online chats and the like — are automatically recorded and stored and accessible to the government after the fact. To describe that is to define what a ubiquitous, limitless Surveillance State is."
dryriver writes "Dear Slashdotters, We are a two man crew who have spent almost three years developing a video processing algorithm that 'upgrades' the visual quality of digital video footage. We take video footage that is "of average quality" — think an amateur shooting on a cheap digital camcorder or on a smartphone camera — and use various mathematical tricks we have developed to make the footage look better — optically sharper, better lit, more vivid colours, improved contrast, enhanced sense of three-dimensionality and of 'being-there realism.' In about a month, we will be presenting our algorithm to some venture capitalists. We have the obligatory before-and-after video demos prepared for this, of course. But there will also be a short PowerPoint presentation where we explain our tech in some detail. Now here is our main question: What, in your opinion, should we — or indeed should we NOT — put in the PowerPoint presentation to impress a Venture Capitalist? Should we talk about how we developed the algorithm at all — what kind of R&D and testing was involved? Should we try to walk the VCs through how our algorithm works under the hood — simplified a bit for a 'non-engineer' audience of course? Or should we stick to talking about market potential, marketing strategy & money-related stuff only? If you were in our shoes — presenting a digital video-quality improvement technology to professional VCs — what would and would you not put in your PowerPoint? Any advice on this from Slashdotters with some experience would be most welcome!"
theodp writes "E-mails and other communications between employees,' explains Google in a newly-published patent application for its Policy Violation Checker invention, 'can implicate potential violations of company policy or local, state or federal law that can go unchecked by attorneys or other legal personnel.' So how can you avoid those embarrassing Goldman Sachs and Enron e-mail gaffes? Use Google's 'methods and systems for identifying problematic phrases in an electronic document'! From the patent application: 'Documents may be used as evidence in court, administrative, or other proceedings. It is in a company's best interest to minimize or eliminate policy violations and/or situations that could give rise to legal liability. It is also often in a company's best interest to be able to Pack [?] these situations. Problematic phrases include, but are not limited to, phrases that present policy violations, have legal implications, or are otherwise troublesome to a company, business, or individual.' So, if you can't Do-No-Evil, at least you can Do-No-Discoverable-Evil!"
Why does a car rated for 47mpg fall so far short? The Houston Chronicle features an article on just why EPA gas estimates can be so different from real-world drivers' experience at the pump (or in looking at the dashboard display), in particular for hybrid cars. From the article: "A geometric average of the FTP-75 and HFET results (with city driving weighted at 55 percent and highway driving weighted at 45 percent) produces a vehicle's CAFE fuel economy, which is then incorporated into a manufacturer's corporate average. CAFE is measured using these tests to the present day. In fact, this methodology will be 50 years old when it's used to gauge compliance with the forthcoming 54.5-mpg CAFE requirements in 2025. That kind of continuity is admirable in baseball, but not in transportation. These tests are irrelevant to contemporary real-world driving. For example, the maximum acceleration on either test is 3.3 mph per second. At that rate, it takes more than 18 seconds to hit 60 mph. Even in the horsepower-deprived 1970s, most people were driving harder than that. And the 60-mph maximum speed on the highway test does not accord with the 75-mph truth of today's interstate traffic."
freddienumber13 writes "The CCTV cameras operated by the local government in the country town of Nowra, NSW (Australia) have been turned off following an order by the Administrative Decisions Tribunal. The local government is crying because it believes that it is losing an effective method in combating crime in public. Locals however are rejoicing that they are no longer being recorded whilst walking down the street."
Techdirt explains the strange story of a lawsuit-happy bus company in Illinois which managed to tick off a cadre of determined redditors by calling them uncomplimentary names in the reddit forums. This all started when a bus passenger, Jeremy Leval, reported unsavory behavior by a company employee (telling an exchange student "If you don't understand English, you don't belong at the University of Illinois or any 'American' University.") and said so online. Besides the name calling on reddit, the bus company threatened the forum moderator with libel charges, and over insults posted by the bus company employees which the moderator had deleted. Further, company owner "[Dennis] Toeppen threatened to sue Leval, saying, 'The attorneys for Suburban Express are reviewing this incident with a view towards filing the appropriate legal action against this meddlesome MBA student.'" Attorney Ken White of Popehat got involved, though, and asked with good effect whether the company had fully considered the Streisand Effect. The strangest part? Toeppen's former involvement as a domain squatter.
puddingebola writes with a New York Times article about how mundane PC equipment — not just more esoteric and eyebrow-raising network monitoring equipment from Blue Coat — makes its way to Syria: "Large amounts of computer equipment from Dell have been sold to the Syrian government through a Dubai-based distributor despite strict trade sanctions intended to ban the selling of technology to the regime, according to documents obtained by The New York Times. The disclosure of the computer sales is the latest example of how the Syrian government has managed to acquire technology, some of which is used to censor Internet activity and track opponents of the Syrian president, Bashar al-Assad."
Jeremiah Cornelius writes "Bruce Schneier, security expert (and rational voice in the wilderness), explains in an editorial on CNN why 'Connecting the Dots' is a 'Hindsight Bias.' In heeding calls to increase the amount of surveillance data gathered and shared, agencies like the FBI have impaired their ability to discover actual threats, while guaranteeing erosion of personal and civil freedom. 'Piling more data onto the mix makes it harder, not easier. The best way to think of it is a needle-in-a-haystack problem; the last thing you want to do is increase the amount of hay you have to search through. The television show Person of Interest is fiction, not fact.'"
hypnosec writes "U.S. officials have told the Indian Government that they will not be able to serve summons to the executives of companies like Google and Facebook because they are not convinced that the content hosted on these sites can cause violence and that these summons impact 'free speech principles.' The reply comes as a response to India's request to the US to help serve papers to 11 Internet companies accused of hosting content on their sites that was meant to fuel communal hatred and violence. The U.S. authorities said that there are limitations when it comes to protection on free speech — when the speech comprises a true threat or provokes imminent violence — but in this particular case there is not sufficient evidence of either of these."
A year ago today, we noted that Sen. Rand Paul of Kentucky called for the abolition of the Transportation Security Administration. It's now nearly 12 years since the hijacked-plane terror attacks of 2001; the TSA was created barely two months later, and has been (with various rules, procedures, and equipment, all of it controversial for reasons of privacy, safety, and efficacy) a major presence ever since at American commercial airports. "The American people shouldn't be subjected to harassment, groping, and other public humiliation simply to board an airplane," wrote Paul last year, and in June of 2012, he followed up by introducing two bills on the topic; the first calling for a "bill of rights" for air travelers, the other for privatizing airport screening practices. Neither bill went far. Should they have? Libertarian-leaning Paul did not succeed in knocking back the TSA, never mind privatizing its functions (currently funded at nearly $8 billion annually), though some of the things called for in his bill of rights are manifest now at least in muted form. (Very young passengers, as well as elderly passengers, face less stringent security requirements, for instance, and TSA has ended its prohibition of certain items aboard planes.) Whether you're from the U.S. or not, what practical changes would you like to see implemented? What shouldn't be on the bill of rights for airplane passengers?
First time accepted submitter carlypage3 writes "Benefits claimants in the UK are being forced to use Microsoft's now obsolete Windows XP and Internet Explorer 6 software. The Department of Work and Pensions (DWP) states that its online forms are not compatible with Internet Explorer 7, 8, 9 and 10, Safari, Google Chrome or Firefox. As if that wasn't unnerving enough, the Gov.UK website says that users cannot submit claims using Mac OS X or Linux operating systems, either." (Note: as we noted not long ago, it's not just the DWP that's stuck using IE6.)
nk497 writes "Dutch police are set to get the power to hack people's computers or install spyware as part of investigations — but antivirus experts say they won't help police reach their targets. Mikko Hypponen, chief research officer at F-Secure, said the Dutch bill could lead to antivirus firms being asked asked to cooperate with authorities to let an attack reach the target. So far, Hypponen hasn't seen a single antivirus vendor cooperate with such a request, and said his own firm wouldn't want to take part. Purely for business reasons, it doesn't make sense to fail to protect customers and let malware through 'regardless of the source.'"
hypnosec writes "Google has indirectly walked right into one of the Middle East's most obstinate conflicts by labeling Palestine as an independent nation — wiping off the term 'Palestinian Territories' and replacing it with 'Palestine' in its localized search page. Google's move is more or less in line with the UN's October decision to name Palestine as a non-member observer state. The status given to Palestine will allow the state to join UN debates as well as global bodies such as the International Criminal Court, in theory at least. Up until May 1, anyone visiting http://www.google.ps were shown the phrase Palestinian Territories. This change is definitely not a huge one but, it has attracted criticism from politicians in Israel."
rjupstate writes "The Pentagon is quickly moving to approve the latest devices and platforms from BlackBerry, Samsung, and Apple. That's good news for two of those companies. It's not-so-good news for BlackBerry. 'The Pentagon currently has about 600,000 smartphone users – almost all using BlackBerrys – but ultimately aims to have as many as 8m smartphones and tablets, under the terms of a scheme made public last November.' 'In its effort to expand into the high security government niche, one that BlackBerry has enjoyed near singular control of for years, Samsung recently created a government advisory board made up of Samsung executives and security experts from various U.S. and foreign government security agencies. ... In the end, the program will likely elevate that status of both Apple and Samsung within military and civilian government agencies in the U.S. and other western countries.'"
An anonymous reader writes "In a case stemming from a Jacksonville burglary, the Florida Supreme Court ruled 5-2 Thursday that police must get a search warrant before searching someone's cell phone. 'At this time, we cannot ignore that a significant portion of our population relies upon cell phones for email communications, text message information, scheduling, and banking,' read the majority opinion (PDF), authored by Justice Fred Lewis. 'The position of the dissent, which would permit the search here even though no issue existed with regard to officer safety or evidence preservation, is both contrary to, and the antithesis of, the fundamental protections against government intrusion guaranteed by the Fourth Amendment.'"
Krazy Kanuck sends this quote from the BBC: "Warner Bros is being sued for the alleged unauthorized use of two cats that have achieved internet fame. ... The complaint alleged that the cats were used without permission in Scribblenauts, a series of games on the Nintendo DS and other platforms. Court documents alleged that Warner Bros and 5th Cell 'knowingly and intentionally infringed' both claimant's ownership rights. 'Compounding their infringements,' court papers (PDF) said, 'defendants have used "Nyan Cat" (designed by Christopher Torres) and "Keyboard Cat" (created in 1984 by Charles Schmidt), even identifying them by name, to promote and market their games, all without plaintiffs' permission and without any compensation to plaintiffs.' "
jrepin writes "Digital restrictions management (DRM) creates damaged goods that users cannot control or use freely. It requires users to give-up control of their computers and restricts access to digital data and media. Device manufacturers and corporate copyrights holders have already been massively infecting their products with user-hostile DRM. Tablets, mobile phones and other minicomputers are sold with numerous restrictions embedded that cripple users freedom. The proposal at table in W3C to put DRM into HTML goes even further. Fight it: use today's today is international Day Against DRM, so spread the word and make yourself heard!" The EFF suggests making every day a day against DRM.
An anonymous reader writes "The Dutch government today presented a draft bill that aims to give law enforcement the power to hack into computer systems — including those located in foreign countries — to do research, gather and copy evidence or block access to certain data. Law enforcement should be allowed to block access to child pornography, read emails that contain information exchanged between criminals and also be able to place taps on communication, according to a draft bill published Thursday and signed by Ivo Opstelten, the Minister of Security and Justice. Government agents should also be able to engage in activities such as turning on a suspect's phone GPS to track their location, the bill said. Opstelten announced last October he was planning to craft this bill."
mikejuk writes with news of an advancement for homomorphic encryption and open source: "To be fully homomorphic the code has to be such that a third party can add and multiply numbers that it contains without needing to decrypt it. In other words they can change the data by working with just the encrypted version. This may sound like magic but a fully homomorphic scheme was invented in 2009 by Craig Gentry. This was a step in the right direction but the problem was that it is very inefficient and computationally intensive. Since then there have been a number of improvements that make the scheme practical in the right situations Now Victor Shoup and Shai Halevi of the IBM T J Watson Research Center have released an open source (GPL) C++ library, HElib, as a Github project. The code is said to incorporate many optimizations to make the encryption run faster. Homomorphic encryption has the potential to revolutionize security by allowing operations on data without the need to decrypt it."