An anonymous reader writes in with a story that raises the issue of how public anonymity is quickly disappearing thanks to facial recognition technology. "NameTag, an app built for Google Glass by a company called FacialNetwork.com, offers a face scanner for encounters with strangers. You see somebody on the sidewalk and, slipping on your high-tech spectacles, select the app. Snap a photo of a passerby, then wait a minute as the image is sent up to the company's database and a match is hunted down. The results load in front of your left eye, a selection of personal details that might include someone's name, occupation, Facebook and/or Twitter profile, and, conveniently, whether there's a corresponding entry in the national sex-offender registry."
An anonymous reader writes "The Canadian Royal Mounted Police report: An offset printing press used to manufacture counterfeit $20 banknotes was seized by the RCMP and US Secret Service. This significant seizure was made earlier today in the Trois-Rivières area. The authorities had been looking for this offset press for several years. A large quantity of paper was also seized by police, that could have been used by the counterfeiters to manufacture from $40-$200 million. The very high quality counterfeit notes were virtually undetectable to the naked eye. Some of the features they had were uncommon, including the type of paper used, which was especially made with a Jackson watermark and a dark vertical stripe imitating the security thread found in authentic notes."
cartechboy writes "Illegal parking has always been a major problem in Rome. More than half of Rome's 2.7 million residents use private vehicles, and the ancient city has a staggering ratio of 70 cars per 100 residents. So many residents park, uh, creatively. But now authorities think they've found a way to fight bad parking using social media. Basically, they've asked residents to post photos of bad parking jobs to Twitter. In December, the Italian cops began encouraging smart phone users to snap pics of illegally parked cars and tweet those photos to the department's Twitter account. The new system, which was created by Raffaele Clemente, Rome's chief of traffic police, seems to be working. In the first 30 days, police received more than 1,000 complaints tweeted to their account; (one example is here). Officials were able to respond to around 740 and hand out citations."
Hugh Pickens DOT Com writes "Phillip Swarts reports in the Washington Times that NASA is completing a $350 million rocket-engine testing tower at Stennis Space Center in Mississippi that it doesn't want and will never use. 'Because the Constellation Program was canceled in 2010, the A-3's unique testing capabilities will not be needed and the stand will be mothballed upon completion (PDF),, said NASA's inspector general. The A-3 testing tower will stand 300 feet and be able to withstand 1 million pounds of thrust (PDF). The massive steel structure is designed to test how rocket engines operate at altitudes of up to 100,000 feet by creating a vacuum within the testing chamber to simulate the upper reaches of the atmosphere. Although NASA does not expect to use the tower after construction, it's compelled by legislation from Sen. Roger F. Wicker (R-MS), who says the testing tower will help maintain the research center's place at the forefront of U.S. space exploration. 'Stennis Space Center is the nation's premier rocket engine testing facility,' says Wicker. 'It is a magnet for public and private research investment because of infrastructure projects like the A-3 test stand. In 2010, I authored an amendment to require the completion of that particular project, ensuring the Stennis facility is prepared for ever-changing technologies and demands.' Others disagree, calling the project the 'Tower of Pork' and noting that the unused structure will cost taxpayers $840,000 a year to maintain. 'Current federal spending trends are not sustainable, and if NASA can make a relatively painless contribution to deficit reduction by shutting down an unwanted program, why not let it happen?' says Pete Sepp, executive vice president of the National Taxpayers Union. 'It's not rocket science, at least fiscally.'"
An anonymous reader sends this story from TechDirt: "You may recall the stories from the past couple years about the so-called 'snooper's charter' in the UK — a system to further legalize the government's ability to spy on pretty much all communications. It was setting up basically a total surveillance system, even beyond what we've since learned is already being done today. Thankfully, that plan was killed off by Deputy Prime Minister Nick Clegg. However, Prime Minister David Cameron is back to pushing for the snooper's charter — and his reasoning is as stupid as it is unbelievable. Apparently, he thinks it's necessary because the fictional crime dramas he watches on TV show why it's necessary. Cameron said, 'I love watching, as I probably should stop telling people, crime dramas on the television. There's hardly a crime drama where a crime is solved without using the data of a mobile communications device. What we have to explain to people is that... if we don't modernise the practice and the law, over time we will have the communications data to solve these horrible crimes on a shrinking proportion of the total use of devices and that is a real problem for keeping people safe.'"
theodp writes: "Apple has recently disclosed a pending patent for Inferring User Mood Based on User and Group Characteristic Data, which has received surprisingly scant attention from the press even though it ups the ante for privacy intrusion. The brainchild of iAd team members, Apple boasts its invention will make it possible to 'charge a higher rate for mood based content delivery' by scrutinizing 'channel characteristics, demographic characteristics, behavioral characteristics, spatial-temporal characteristics, and mood-associated characteristics.' Apple further explains: 'Mood-associated physical characteristics can include heart rate; blood pressure; adrenaline level; perspiration rate; body temperature; vocal expression, e.g. voice level, voice pattern, voice stress, etc.; movement characteristics; facial expression; etc. Mood-associated behavioral characteristics can include sequence of content consumed, e.g. sequence of applications launched, rate at which the user changed applications, etc.; social networking activities, e.g. likes and/or comments on social media; user interface (UI) actions, e.g. rate of clicking, pressure applied to a touch screen, etc.; and/or emotional response to previously served targeted content. Mood-associated spatial-temporal characteristics can include location, date, day, time, and/or day part. The mood-associated characteristics can also include data regarding consumed content, such as music genre, application category, ESRB and/or MPAA rating, consumption time of day, consumption location, subject matter of the content, etc. In some cases, a user terminal can be equipped with hardware and/or software that facilitates the collection of mood-associated characteristic data. For example, a user terminal can include a sensor for detecting a user's heart rate or blood pressure. In another example, a user terminal can include a camera and software that performs facial recognition to detect a user's facial expressions.' Your move, Google!"
An anonymous reader writes "On Saturday 20 July 2013, in the basement of the Guardian's office in Kings Cross, London, watched by two GCHQ technicians, Guardian editors destroyed hard drives and memory cards on which encrypted files leaked by Edward Snowden had been stored. This is the first time footage of the event has been released."
Jason Edward Harrington has seen some of the same frustrations, misgivings, and objections that have crossed the mind of probably every commercial airline traveler who's flown over the last decade in the U.S. One difference: Harrington got to see them from the perspective of a TSA agent. His description of the realities of the job (including learning the rote responses that agents are instructed to reassure the public with) is wince-worthy and compelling. A sample makes it clear why the TSA has such famously low morale, even among Federal agencies: "I hated it from the beginning. It was a job that had me patting down the crotches of children, the elderly and even infants as part of the post-9/11 airport security show. I confiscated jars of homemade apple butter on the pretense that they could pose threats to national security. I was even required to confiscate nail clippers from airline pilots—the implied logic being that pilots could use the nail clippers to hijack the very planes they were flying." It only gets worse from there.
Walking The Walk writes: "It seems the NSA isn't the only agency doing illegal domestic spying. According to a Snowden document obtained by the CBC, Communications Security Establishment Canada (CSEC) has apparently been tracking domestic travelers, starting from when they first use free Wi-Fi at an airport, and continuing for days after they left the terminal. From the article: 'The document indicates the passenger tracking operation was a trial run of a powerful new software program CSEC was developing with help from its U.S. counterpart, the National Security Agency. In the document, CSEC called the new technologies "game-changing," and said they could be used for tracking "any target that makes occasional forays into other cities/regions."' The CBC notes early in the article that the spy agency 'is supposed to be collecting primarily foreign intelligence by intercepting overseas phone and internet traffic, and is prohibited by law from targeting Canadians or anyone in Canada without a judicial warrant.' Predictably, CSEC's chief is quoted saying that they aren't allowed to spy on Canadians, so therefore they don't. As observed by experts consulted for the story, that claim is equivalent to saying that they collect the data but we're to trust that they don't look at it."
cultiv8 writes: "The Bureau for Private Postsecondary Education (BPPE), a unit in the California Department of Consumer Affairs charged with licensing and regulating postsecondary education in California, is arguing that 'learn to code' bootcamps fall under its jurisdiction and are subject to regulation. In mid-January, BPPE sent cease and desist letters to Hackbright Academy, Hack Reactor, App Academy, Zipfian Academy, and others. Unless they comply, these organizations face imminent closure and a hefty $50,000 fine. A BPPE spokesperson said these organizations have two weeks to start coming into compliance."
PhrostyMcByte writes: "TorrentFreak reports that Federal Judge Stephanie Rose recently put a thorn in the plans of copyright holders hoping to file cheap mass-lawsuits against alleged pirates. Rejecting all but one Doe for such a lawsuit, Rose's order mentions that the plaintiffs have failed to demonstrate the five Does in the case were a part of the same 'transaction' needed to be tried together, with an uncommon understanding of BitTorrent showing that '... even in all five cases where Doe defendants allegedly have "hit dates" on the same day and close in time, there is no showing that the earlier defendants were still connected to the Internet and actively distributing data through the BitTorrent client at the same time as the later defendants.'"
symbolset writes: "Consumerist, among others, is reporting on a Kansas bill to restrict municipal support of broadband expansion. Purportedly to ensure a 'level playing field' to encourage commercial expansion in this area, these bills are usually referred to as oligopoly protection acts. Everywhere they have been implemented expansion of new broadband technology stops. In this specific case no municipal entity in Kansas will be able to enter the same sort of agreements that enabled Google Fiber. From the bill:
Except with regard to unserved areas, a municipality may not, directly or indirectly:
(1) Offer to provide to one or more subscribers, video, telecommunications or broadband service; or
(2) purchase, lease, construct, maintain or operate any facility for the purpose of enabling a private business or entity to offer, provide, carry, or deliver video, telecommunications or broadband service to one or more subscribers."
Except with regard to unserved areas, a municipality may not, directly or indirectly:
(1) Offer to provide to one or more subscribers, video, telecommunications or broadband service; or
(2) purchase, lease, construct, maintain or operate any facility for the purpose of enabling a private business or entity to offer, provide, carry, or deliver video, telecommunications or broadband service to one or more subscribers."
coondoggie writes: "As they have for the past few years the US Customs department teamed with the National Football League to cut into the lucrative counterfeit sports gear market. In what the feds called 'Operation Team Player,' special agents from U.S. Immigration and Customs Enforcement (ICE) and officers from Customs and Border Protection worked with the National Football League (NFL) and other sports leagues along with law enforcement agencies to identify illegal shipments imported into the U.S., as well as stores and vendors selling counterfeit trademarked items."
wiredmikey writes "President Barack Obama has nominated a US Navy officer, Vice Admiral Michael Rogers, to take over as head of the embattled National Security Agency, the Pentagon said Thursday. Rogers, 53, would take the helm at a fraught moment for the spy agency, which is under unprecedented pressure after leaks from ex-intelligence contractor Edward Snowden revealed the extent of its electronic spying. If confirmed by lawmakers, Rogers would also take over as head of the military's cyber warfare command. Rogers, who trained as an intelligence cryptologist, would succeed General Keith Alexander, who has served in the top job since 2005. He currently heads the US Fleet Cyber Command, overseeing the navy's cyber warfare specialists, and over a 30-year career has worked in cryptology and eavesdropping, or 'signals intelligence.' His confirmation hearings in the Senate are likely to be dominated by the ongoing debate about the NSA's espionage, and whether its sifting through Internet traffic and phone records violates privacy rights and democratic values."
An anonymous reader writes with this excerpt from the Washington Examiner: "Officials at the Consumer Financial Protection Bureau are conducting a massive, NSA-esque data-mining project collecting account information on an estimated 991 million American credit card accounts. It was also learned at a Congressional hearing Tuesday that CFPB officials are working with the Federal Housing Finance Agency on a second data-mining effort, this one focused on the 53 million residential mortgages taken out by Americans since 1998. ...Later in the hearing, [Rep. Randy Neugebauer, R-Texas] remarked that CFPB 'and NSA are in a contest of who can collect the most information,' ... although the CFPB disagreed with that statement. In previous testimony before Rep. Jeb Hensarling's panel, Antonakes said 'the combined data represents approximately 85-90 percent of outstanding card balances.' The Argus contract specifies that the company must collect 96 'data points' from each of the participating card issuers for each credit card account on a monthly basis. The 96 data points include a unique card-account identification reference number, ZIP code, monthly ending balance, borrower's income, FICO score, credit limit, monthly payment amount, and days past due. 'Would you object to getting permission from consumers, those people who you work for, before you collect and monitor their information?' Rep. Sean Duffy, R-Wis., asked Cordray. 'That would make it impossible to get the data,' Cordray replied."
An anonymous reader writes "A secretive EU body has agreed to develop a device to be fitted to all cars allowing police to cut off any engine at will, it emerged today. The device, which could be imposed within a decade, would also allow police to track a vehicle's movements as well as immobilise it. According to The Daily Telegraph a group of senior EU officials, including several Home Office mandarins, have signed off the proposal at a secret meeting in Brussels."
Daniel_Stuckey writes "It's no secret that apps like maps or local weather know your current location, and you're probably cool with that because you want to use the handy services they provide in exchange. But chances are there are many other apps on your phone, anything from dictionaries to games, that are also geolocating your every move without your knowledge or permission. Now researchers are developing a new app to police these smartphone spies, by tracking which apps are secretly tracking you, and warning you about it. Before your eyes glaze over at the mention of yet another privacy tool, it's worth noting that this new app is the first to be able to provide this line of defense between snooping apps and smartphone users for Android phones. Android's operating system is engineered not to allow apps to access information about other apps. But a team at Rutgers University found a way around that, by leveraging a function of Android's API to send a signal whenever an app requests location information from the operating system. MIT Technology Review reported on the research today."
Hugh Pickens DOT Com writes "Kim Severson reports at the NYT that by keeping schools and government offices open, and by not requiring tractor-trailers to use chains or stay out of the city's core, metropolitan Atlanta gambled and lost. "We don't want to be accused of crying wolf," said Gov. Nathan Deal, who pointed out that the storm had been forecast to just brush the south side of the city. If the city had been closed and the storm had been as light as some forecasters had told him it was going to be, he said, money would have been lost, and people would have complained. Tuesday's snowfall, that brought only 2-3 inches of snow to most of the Atlanta metro area, and the hundreds of thousands of motorists who flooded the metropolitan area's roadways as the storm moved in — created travel nightmares for commuters, truckers, students and their families. Some commuters were stuck in their vehicles up to 18 hours after they first hit the roads. Others abandoned their cars in or beside the road. Hundreds of students spent the night at school. Some surrounding cities, including Hiram, Woodstock, Sandy Springs and Acworth, opened emergency shelters for stranded motorists. "It's an easy joke made by Northerners," wrote Joe Sterling and Sarah Aarthun. "A dusting of snow shuts down an entire city and hapless drivers white-knuckle their way through a handful of flurries." Further North streets are salted well in advance of a coming storm but Atlanta doesn't have the capacity for that kind of treatment. "We simply have never purchased the amount of equipment necessary," said meteorologist Chad Myers adding Atlanta had plenty of warning. "Why would you in a city that gets one snow event every three years? Why would you buy 500 snowplows and salt trucks and have them sit around for 1,000 days, waiting for the next event?""
Trailrunner7 writes "As the noise and drama surrounding the NSA surveillance leaks and its central character, Edward Snowden, have continued to grow in the last few months, many people and organizations involved in the story have taken great pains to line up on either side of the traitor/hero line regarding Snowden's actions. While the story has continued to evolve and become increasingly complex, the opinions and rhetoric on either side has only grown more strident and inflexible, leaving no room for nuanced opinions or the possibility that Snowden perhaps is neither a traitor nor a hero but something else entirely."
Rambo Tribble writes "Reuters is reporting that concessions by the Internet giant have paved the way for a resolution to the long-standing European Union investigation into Google's alleged anti-competitive practices. From the article: 'A settlement with the European Union's regulator would mean that Google, the world's biggest internet search engine, would escape a possible fine of as much as $5 billion or 10 percent of its 2012 revenue. Such an outcome would mirror the company's success in the United States last year where it received only a mild reprimand from the Federal Trade Commission, which said Google had not manipulated its website results following a 19-month investigation.'"
gallifreyan99 writes "The real revolution in drugs isn't Silk Road—it's the open web. Thanks to the net, almost anyone with a basic handle on chemistry can design, manufacture and sell their own narcotics, and in most cases the cops are utterly unable to stop them. This piece is kind of crazy: the writer actually creates a new powerful-but-legal stimulant based on a banned substance, and gets a Chinese lab to manufacture it."
holy_calamity writes "MIT Technology Review reports on a new cryptosystem designed to protect stolen data against attempts to break encryption by brute force guessing of the password or key. Honey Encryption serves up plausible fake data in response to every incorrect guess of the password. If the attacker does eventually guess correctly, the real data should be lost amongst the crowd of spoof data. Ari Juels, who invented the technique and was previously chief scientist at RSA, is working on software to protect password managers using the technique."
Nerval's Lobster writes "Rovio Entertainment, the software company behind Angry Birds, denies that it knowingly shares data with the NSA, Britain's GCHQ, or any other national intelligence agency. But that didn't stop hackers from briefly defacing the Angry Birds website with an NSA logo and the title 'Spying Birds.' Rovio's troubles began with a New York Times article that suggested the NSA and GCHQ had installed backdoors in popular apps such as Angry Birds, allowing the agencies to siphon up enormous amounts of user data. The Times drew its information from government whistleblower Edward Snowden, who has leaked hundreds of pages of top-secret documents related to NSA activities over the past few months. 'The alleged surveillance may be conducted through third party advertising networks used by millions of commercial web sites and mobile applications across all industries,' Rovio wrote in a statement on its website. 'If advertising networks are indeed targeted, it would appear that no Internet-enabled device that visits ad-enabled web sites or uses ad-enabled applications is immune to such surveillance.' The company pledged to evaluate its relationships with those ad networks. The controversy is unlikely to dampen enthusiasm for the Angry Birds franchise, which has enjoyed hundreds of millions of downloads across a multitude of platforms. It could, however, add momentum to continuing discussions about the NSA's reach into peoples' lives."
Hugh Pickens DOT Com writes "Naoki Hiroshima, creator of Cocoyon and a developer for Echofon, writes at Medium that he had a rare one-letter Twitter username — @N — and had been offered as much as $50,000 for its purchase. 'People have tried to steal it. Password reset instructions are a regular sight in my email inbox,' writes Hiroshima. 'As of today, I no longer control @N. I was extorted into giving it up.' Hiroshima writes that a hacker used social engineering with Paypal to get the last four digits of his credit card number over the phone then used that information to gain control of his GoDaddy account. 'Most websites use email as a method of verification. If your email account is compromised, an attacker can easily reset your password on many other websites. By taking control of my domain name at GoDaddy, my attacker was able to control my email.' Hiroshima received a message from his extortionist. 'Your GoDaddy domains are in my possession, one fake purchase and they can be repossessed by godaddy and never seen again. I see you run quite a few nice websites so I have left those alone for now, all data on the sites has remained intact. Would you be willing to compromise? access to @N for about 5 minutes while I swap the handle in exchange for your godaddy, and help securing your data?' Hiroshima writes that it''s hard to decide what's more shocking, the fact that PayPal gave the attacker the last four digits of his credit card number over the phone, or that GoDaddy accepted it as verification. Hiroshima has two takeaways from his experience: Avoid custom domains for your login email address and don't let companies such as PayPal and GoDaddy store your credit card information."
George Maschke writes "Last year, the McClatchy newspaper group reported on a federal criminal investigation into individuals offering instruction on how to pass polygraph tests. The ongoing investigation, dubbed 'Operation Lie Busters,' has serious free speech implications, and one of the two men known to have been targeted is presently serving an 8-month prison term. The other, Doug Williams, himself a former police polygrapher, has this week for the first time gone public with the story of federal agents' February 2013 raid on his office and home (video). Williams, who has not been charged with a crime but remains in legal jeopardy, is selling his story in an e-book. Public interest website AntiPolygraph.org (which I co-founded) has published a synopsis."
As the NSA metadata collection scandal has developed, a number of technology and communications companies have fought to increase the transparency of the data collection process by publishing reports on how much data government agencies are asking them for. These transparency reports have been limited, however, because most government requests are entwined with a gag order. In a speech two weeks back, President Obama said this would change, and now the Dept. of Justice has announced new, slightly relaxed rules about what information companies can share. According to an email from the U.S. Deputy Attorney General (PDF) to the General Counsel of Google, Facebook, LinkedIn, Microsoft, and Yahoo, the companies can publish: how many Criminal Process requests they received, how many National Security Letters they received, how many accounts were affected by NSLs, how many Foreign Intelligence Surveillance Act orders were received (both for communications content and 'non-content'), and how many customers were targeted by FISA requests. The companies still aren't allowed to give specific numbers, but they can report them in bands of 1,000 — for example, 0-999, 1,000-1,999, etc. Information requests for old services cannot be disclosed for at least six months. The first information requests for a new service cannot be disclosed for two years. The companies also have the option of lumping all the NSL and FISA requests together — if they do that, they can report in bands of 250 instead of 1,000.
PUBPAT website's About page says, "The Public Patent Foundation at Benjamin N. Cardozo School of Law ('PUBPAT') is a not-for-profit legal services organization whose mission is to protect freedom in the patent system." Today's interviewee, Daniel B. Ravicher, is the group's Executive Director and founder. Eben Moglen is on the Board of Directors, and PUBPAT's goals have been aligned with the FSF since PUBPAT started. The most publicized PUBPAT success so far was, in conjunction with the ACLU, getting patents on naturally-occurring genes overturned. Go, PUBPAT!
DavidGilbert99 writes "Facebook updates its Android app quite a lot, but the latest version asks for some rather odd permissions. Rolling out in the UK this week, some users have noticed that it now wants permission to read your text messages. While most suspected Facebook wanted to access the data to try and serve you more targeted ads, Facebook says it is only so it can facilitate two-factor authentication...apparently."
swinferno writes "The Dutch ISPs Ziggo and XS4all are no longer required to block access to the websites of The Pirate Bay. [Original in Dutch; here's Google's translation.] This has been decided by the court in The Hague. The blockade has proven to be ineffective. The Dutch anti-piracy organization BREIN will have to reimburse legal costs of €326,000. The internet provider XS4ALL has already started lifting the ban. The website of The Pirate Bay was ordered to be blocked by the two major ISPs in January 2012. Recent studies by Amsterdam University and CentERdata showed that this did not reduce the number of downloads from illegal sources. Many people circumvented the blockade."
Trailrunner7 writes "A group of six Congressmen have asked President Barack Obama to remove James Clapper as director of national intelligence as a result of his misstatements to Congress about the NSA's dragnet data-collection programs. The group, led by Rep. Darrell Issa (R-Calif.), said that Clapper's role as DNI 'is incompatible with the goal of restoring trust in our security programs.' Clapper is the former head of the National Geospatial Intelligence Agency and has been DNI since 2010. In their letter to Obama, the group of Congressmen calling for his ouster said that he lied to Congress and should no longer be in office. 'The continued role of James Clapper as Director of National Intelligence is incompatible with the goal of restoring trust in our security programs and ensuring the highest level of transparency. Director Clapper continues to hold his position despite lying to Congress, under oath, about the existence of bulk data collection programs in March 2013. Asking Director Clapper, and other federal intelligence officials who misrepresented programs to Congress and the courts, to report to you on needed reforms and the future role of government surveillance is not a credible solution,' the letter from Issa, Ted Poe, Paul Broun, Doug Collins, Walter Jones and Alan Grayson says." "Misstatement," of course, being the favorite euphemism for "lie."
Capt.Albatross writes "At Slate, Chris Kirk presents a map of schools in the USA that both receive public funding and teach creationism. It also shows public schools in those states where they are allowed to teach creationism (without necessarily implying that creationism is taught in all public schools of those states). There is a brief outline of the regulations in those states where this occurs, but the amounts involved are not discussed."
schwit1 writes "New leaked NSA documents shed a new light on the agency's assault on the data controls of smartphone apps. Using app data permissions as a jumping off point, the documents show agency staffers building huge quantities of data, including 'intercepting Google Maps queries made on smartphones, and using them to collect large volumes of location information.' One slide lists capabilities for 'hot mic' recording, high precision geotracking, and file retrieval which would reach any content stored locally on the phone, including text messages, emails and calendar entries. As the slide notes in a parenthetical aside, 'if it's on the phone, we can get it.'"
An anonymous reader writes "Charlie Shrem, the chief executive officer of bitcoin exchange BitInstant, has been arrested and charged with money laundering. 'In the federal criminal complaint, the Southern District of New York charges Shrem, the 24-year-old CEO of BitInstant, with three counts, including one count operating an unlicensed money transmitting business, one count of money laundering conspiracy and one count willful failure to file suspicious activity report. Robert Faiella, a Silk Road user who operated under the name “BTCKing,” was charged with one count of operating an unlicensed money transmitting business and one count money laundering conspiracy.'"
An anonymous reader writes "Tor Mail was an anonymized email service run over Tor. It was operated by a company called Freedom Hosting, which was shut down by the FBI last August. The owner was arrested for 'enabling child porn,' and the Tor Mail servers suddenly began hosting FBI malware that attempted to de-anonymize users. Now, Wired reports on a new court filing which indicates that the FBI was also able to grab Tor Mail's entire email database. 'The filings show the FBI built its case in part by executing a search warrant on a Gmail account used by the counterfeiters, where they found that orders for forged cards were being sent to a TorMail e-mail account: "email@example.com." Acting on that lead in September, the FBI obtained a search warrant for the TorMail account, and then accessed it from the bureau's own copy of "data and information from the TorMail e-mail server, including the content of TorMail e-mail accounts," according to the complaint (PDF) sworn out by U.S. Postal Inspector Eric Malecki.'"
Nerval's Lobster writes "U.S. Attorney General Eric Holder made government whistleblower Edward Snowden a very peculiar offer last week: plead guilty, and the U.S. government would consider how to handle his criminal case. That seems an inverted way of doing things—in the United States, the discussions (if not the trial) usually come before the guilty plea—but Holder's statement hints yet again at the conundrum facing the government when it comes to Snowden, a former subcontractor for the National Security Agency (NSA) who leaked secrets about that group's intelligence operations to a number of newspapers, most notably The Guardian. It's unlikely that the U.S. government would ever consider giving full clemency to Snowden, but now it seems that various officials are willing to offer something other than locking him in a deep, dark cell and throwing away the key. If Snowden ever risked coming back to the United States (or if he was forced to return, thanks to the Russians kicking him out and no other country willing to give him asylum), and you were Holder and Obama, what sort of deal would you try to strike with everybody's favorite secrets-leaker?"
Hugh Pickens DOT Com writes "Yale Law School professors Amy Chua, the self-proclaimed 'Tiger Mom,' and her husband Jed Rubenfeld write in the NYT that it may be taboo to say it, but certain ethnic, religious and national-origin groups are doing strikingly better than Americans overall and Chua and Rubenfeld claim to have identified the three factors that account some group's upward mobility. 'It turns out that for all their diversity, the strikingly successful groups in America today share three traits that, together, propel success,' write Chua and Rubenfeld. 'The first is a superiority complex — a deep-seated belief in their exceptionality. The second appears to be the opposite — insecurity, a feeling that you or what you've done is not good enough. The third is impulse control.' Ironically, each element of the Triple Package violates a core tenet of contemporary American thinking. For example, that insecurity should be a lever of success is anathema in American culture. Feelings of inadequacy are cause for concern or even therapy and parents deliberately instilling insecurity in their children is almost unthinkable. Yet insecurity runs deep in every one of America's rising groups; and consciously or unconsciously, they tend to instill it in their children. Being an outsider in a society — and America's most successful groups are all outsiders in one way or another — is a source of insecurity in itself. Immigrants worry about whether they can survive in a strange land, often communicating a sense of life's precariousness to their children. Hence the common credo: They can take away your home or business, but never your education, so study harder. 'The United States itself was born a Triple Package nation, with an outsized belief in its own exceptionality, a goading desire to prove itself to aristocratic Europe and a Puritan inheritance of impulse control,' conclude Chua and Rubenfeld adding that prosperity and power had their predictable effect, eroding the insecurity and self-restraint that led to them. 'Thus the trials of recent years — the unwon wars, the financial collapse, the rise of China — have, perversely, had a beneficial effect: the return of insecurity...America has always been at its best when it has had to overcome adversity and prove its mettle on the world stage. For better and worse, it has that opportunity again today.'"
Maow writes "Edward Snowden has been interviewed by a German TV network and stated that the NSA is involved in industrial espionage, which is outside the range of national security. He claims that Siemens is a prime example of a target for the data collection. I doubt this would surprise AirBus or other companies, but it shall remain to be seen what measures global industries take (if any) to prevent their internal secrets from falling into NSA's — and presumably American competitors' — hands." AirBus is a good example of a company that has experienced spying from both sides.
New submitter pefisher writes "The British are apparently admitting that they track their citizens as they travel the world (through information provided by intelligence agencies) and are arresting them if they have been somewhere that frightens them. 'Sir Peter, who leads the Association of Chief Police Officer's "Prevent" strategy on counter-terrorism, told BBC Radio 4's Today programme that those returning from Syria "may well be charged and investigated, but they will be put into our programmes".' The program seems to consist of being spied on by the returnee's cooperative neighbors."
From Ars Technica comes this update in the defamation case filed by climate researcher Michael Mann against political commentator Mark Steyn of National Review magazine, who rhetorically compared Mann to Penn State coach Jerry Sandusky and accused him of publishing intentionally misleading research results. "The defendants tried to get it dismissed under the District of Columbia's Strategic Lawsuit Against Public Participation (SLAPP) statute, which attempts to keep people from being silenced by frivolous lawsuits. The judge hearing the case denied the attempt and then promptly retired; Mann next amended his complaint, leading an appeals court to send the whole thing back to a new trial judge. Now the new judge has denied the SLAPP attempt yet again. In a decision released late last week (and hosted by defendant Mark Steyn), the judge recognizes that the comparison to a child molester is part of the "opinions and rhetorical hyperbole" that are protected speech when used against public figures like Mann. However, the accompanying accusations of fraud are not exempt:"
The L.A. Times reports that a group of students and parents, fed up with what they see as overarching job security in California schools, are suing in the hopes of making harder for poor teachers to stay on the books. From the article: "The lawsuit, filed by the nonprofit, advocacy group Students Matter, contends that these education laws are a violation of the Constitution's equal protection guarantee because they do not ensure that all students have access to an adequate education. Vergara versus California, filed on behalf of nine students and their families, seeks to revamp a dismissal process that the plaintiffs say is too costly and time consuming, lengthen the time it takes for instructors to gain tenure and dismantle the 'last hired, first fired' policies that fail to consider teacher effectiveness. The lawsuit aims to protect the rights of students, teachers and school districts against a "gross disparity" in educational opportunity, lawyers for the plaintiffs said." Perhaps related.
An anonymous reader points out this recently published study (PDF) on detecting malicious (or at least suspicious) Tor exit relays. From their conclusions: "After developing a scanner, we closely monitored all ~1000 exit relays over a period of four months. Wed discovered 25 relays which were either outright malicious or simply misconfigured. Interestingly, the majority of the attacks were coordinated instead of being isolated actions of independent individuals. Our results further suggest that the attackers made an active effort to remain under the radar and delay detection." One of the authors, Philipp Winter, wrote a followup blog post to help clarify what the paper's findings mean for Tor users, including this clarification: "First, it's important to understand that 25 relays in four months isn't a lot. It is ultimately a very small fraction of the Tor network. Also, it doesn't mean that 25 out of 1,000 relays are malicious or misconfigured (we weren't very clear on that in the paper). We have yet to calculate the churn rate of exit relays which is the rate at which relays join and leave the network. 1,000 is really just the approximate number of exit relays at any given point in time. So the actual number of exit relays we ended up testing in four months is certainly higher than that. As a user, that means that you will not see many malicious relays 'in the wild."
The San Francisco Chronicle reports that "A federal judge overturned a jury's multimillion-dollar damage award to the programmer of the original John Madden Football video game on Wednesday, saying there was no evidence that his work was copied for seven years, without credit, by the marketer of later versions of the hugely successful game. The ruling by U.S. District Judge Charles Breyer of San Francisco spared Electronic Arts Inc. from nearly $4 million in damages, plus interest that could have exceeded $7 million. The jury verdict also could have led to larger damages against the company for later versions of the game, which reaped billions of dollars in revenues, if future juries found that those, too, had been lifted from the work of programmer Robin Antonick." Also at Kotaku.
tsu doh nimh writes "Michaels Stores Inc., which runs more than 1,250 crafts stores across the United States, said Saturday that it is investigating a possible data breach involving customer cardholder information. According to Brian Krebs, the journalist who broke the story [and, previously] news of the Target and Neiman Marcus breaches, the U.S. Secret Service has confirmed it is investigating. Krebs cited multiple sources in the banking industry saying they were tracking a pattern of fraud on cards that were all recently used at Michaels Stores Inc. In response to that story, Michaels issued a statement saying it 'recently learned of possible fraudulent activity on some U.S. payment cards that had been used at Michaels, suggesting that the Company may have experienced a data security attack.' In 2011, Michaels disclosed that attackers had physically tampered with point-of-sale terminals in multiple stores, but so far there are no indications what might be the cause of the latest breach. Both Target and Neiman Marcus have said the culprit was malicious software designed to steal payment card data, and at least in Target's case that's been shown to be malware made to infect retail cash registers."
Bob9113 writes "According to an article on Ars Technica, the Republican National Committee (RNC) has passed a resolution that "encourages Republican lawmakers to immediately take action to halt current unconstitutional surveillance programs and provide a full public accounting of the NSA's data collection programs." The resolution, according to Time, was approved by an overwhelming majority voice vote at the Republican National Committee's Winter Meeting General Session, going on this week in Washington, DC."
wiredmikey writes "Microsoft on Friday said that attackers breached the email accounts of a "select number" of employees, and obtained access to documents associated with law enforcement inquiries. According to the company, a number of Microsoft employees were targeted with attacks aiming to compromise both email and social media accounts '..We have learned that there was unauthorized access to certain employee email accounts, and information contained in those accounts could be disclosed,' said Adrienne Hall, General Manager at Microsoft's Trustworthy Computing Group. 'It appears that documents associated with law enforcement inquiries were stolen,' Hall said. Targeted attacks like this are not uncommon, especially for an organization like Microsoft. What's interesting about this is that the incident was significant enough to disclose, indicating that a fair number of documents could have been exposed, or that the company fears some documents will make their way to the public if released by the attackers—which may be the case if this was a 'hacktivist' attack."
Lasrick writes "Tom Bielefeld, a physicist specializing in nuclear security, writes a detailed article that has some surprising revelations about nuclear security in the U.S. (and elsewhere). Although some security measures have been tightened since 9/11, the US does not require transports of category-1 to be protected by armed guards, and individual states don't have to provide lists of 'safe havens' to the transport company (and they often don't). And at hospitals and other buildings that house radioactive materials and devices, 'security conditions remain hair-raising, even when these facilities have been checked by inspectors.'"
Toe, The writes "The New York Police Department has quietly installed about 200 temporary surveillance cameras in midtown Manhattan to help spot trouble along 'Super Bowl Boulevard,' a 13-block street fair on Broadway that's expected to draw large crowds during the windup to the game. The temporary cameras for the Super Bowl festivities will supplement a system of thousands of permanent cameras covering midtown and Wall Street that the NYPD monitors from a command center in lower Manhattan. The department has pioneered analytical software that allows it to program the cameras to detect suspicious activity, such as a bag or other objects left in one place for a long time. Hazmat and bomb squads will be on standby. Others officers will patrol with bomb-sniffing dogs. Still more will watch from rooftops and from police helicopters. At a recent security briefing at the stadium, police chiefs and other officials said success will be measured in part by how well authorities conceal all the concern over potential threats." Now it's a proven tradition: Superbowl crowds are a good place to test people-watching gear.
schwit1 sends this news from Aviation Week: "A new U.S. Defense Department report warns that ongoing software, maintenance and reliability problems with Lockheed Martin Corp's F-35 stealth fighter could delay the Marine Corps' plans to start using its F-35 jets by mid-2015. It said Lockheed had delivered F-35 jets with 50 percent or less of the software capabilities required by its production contracts with the Pentagon. The computer-based logistics system known as ALIS was fielded with 'serious deficiencies' and remained behind schedule, which affected servicing of existing jets needed for flight testing, the report said. It said the ALIS diagnostic system failed to meet even basic requirements. The F35 program, which began in 2001, is 70 percent over initial cost estimates, and years behind schedule, but top U.S. officials say it is now making progress. They have vowed to safeguard funding for the program to keep it on track. Earlier this week, the nonprofit Center for International Policy said Lockheed had greatly exaggerated its estimate (PDF) that the F-35 program sustained 125,000 U.S. jobs to shore up support for the program."
Hugh Pickens DOT Com writes "David Stout reports at Time Magazine that what began with a Craigslist ad from a lesbian couple calling for a sperm donor in rural Topeka, Kansas ended in court on Wednesday with a judge ordering the sperm donor to pay child support. The Kansas Department for Children and Families filed the case in October 2012 seeking to have William Marotta declared the father of a child born to Jennifer Schreiner in 2009 so he can be held responsible for about $6,000 in public assistance the state provided, as well as future child support. 'In this case, quite simply, the parties failed to perform to statutory requirement of the Kansas Parentage Act in not enlisting a licensed physician at some point in the artificial insemination process, and the parties' self-designation of (Marotta) as a sperm donor is insufficient to relieve (Marotta) of parental right and responsibilities to the child,' wrote Judge Mattivi. Marotta opposed that action, saying he had contacted Schreiner and her partner at the time, Angela Bauer, in response to an ad they placed on Craigslist seeking a sperm donor and signed a contract waiving his parental rights and responsibilities. 'We stand by that contract,' says Defense attorney Swinnen adding that the Kansas statute doesn't specifically require the artificial insemination be carried out by a physician. 'The insinuation is offensive, and we are responding vigorously to that. We stand by our story. There was no personal relationship whatsoever between my client and the mother, or the partner of the mother, or the child. Anything the state insinuates is vilifying my client, and I will address it.'"
theodp writes "Probably not the most fortuitous timing, but the USPTO has granted Google its wish for a patent on Transportation-Aware Physical Advertising Conversions, a system that arranges for free or discounted transportation to an advertiser's business location that will be more or less convenient based upon how profitable a customer is deemed. It's reminiscent of the free personal chauffeured limousine rides long enjoyed by Las Vegas casino 'whales', but at scale and using cars that may not have drivers. A server, Google explains, 'arranges the selected transportation option, for example, by dispatching a vehicle or providing instructions for using public transportation.' So, it seems a Larry or Sergey type might expect to be taken gratis to the Tesla dealership via a private autonomous car or even helicopter, while others may get a discount on a SF Muni bus ride to Safeway. Google also describes how advertisers will be able to use a customer's profile 'to exclude a customer from being considered for an offer based on exclusion criteria identified by a business,' such as age, job title, purchasing history, clothing size, or other 'desirable' characteristics."