Forgot your password?
typodupeerror

Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

Privacy

A New Form of Online Tracking: Canvas Fingerprinting 184

Posted by Unknown Lamer
from the subverting-features-for-evil-and-profit dept.
New submitter bnortman (922608) was the first to write in with word of "a new research paper discussing a new form of user fingerprinting and tracking for the web using the HTML 5 <canvas> ." globaljustin adds more from an article at Pro Publica: Canvas fingerprinting works by instructing the visitor's Web browser to draw a hidden image. Because each computer draws the image slightly differently, the images can be used to assign each user's device a number that uniquely identifies it. ... The researchers found canvas fingerprinting computer code ... on 5 percent of the top 100,000 websites. Most of the code was on websites that use the AddThis social media sharing tools. Other fingerprinters include the German digital marketer Ligatus and the Canadian dating site Plentyoffish. ... Rich Harris, chief executive of AddThis, said that the company began testing canvas fingerprinting earlier this year as a possible way to replace cookies ...
Facebook

The Loophole Obscuring Facebook and Google's Transparency Reports 18

Posted by samzenpus
from the fuzzy-math dept.
Jason Koebler writes The number of law enforcement requests coming from Canada for information from companies like Facebook and Google are often inaccurate thanks to a little-known loophole that lumps them in with U.S. numbers. For example, law enforcement and government agencies in Canada made 366 requests for Facebook user data in 2013, according to the social network's transparency reports. But that's not the total number. An additional 16 requests are missing, counted instead with U.S. requests thanks to a law that lets Canadian agencies make requests with the U.S. Department of Justice.
Government

Activist Group Sues US Border Agency Over New, Vast Intelligence System 82

Posted by samzenpus
from the lets-see-what-you-have-there dept.
An anonymous reader writes with news about one of the latest unanswered FOIA requests made to the Department of Homeland Security and the associated lawsuit the department's silence has brought. The Electronic Privacy Information Center (EPIC) has sued the United States Customs and Border Protection (CBP) in an attempt to compel the government agency to hand over documents relating to a relatively new comprehensive intelligence database of people and cargo crossing the US border. EPIC's lawsuit, which was filed last Friday, seeks a trove of documents concerning the 'Analytical Framework for Intelligence' (AFI) as part of a Freedom of Information Act (FOIA) request. EPIC's April 2014 FOIA request went unanswered after the 20 days that the law requires, and the group waited an additional 49 days before filing suit. The AFI, which was formally announced in June 2012 by the Department of Homeland Security (DHS), consists of "a single platform for research, analysis, and visualization of large amounts of data from disparate sources and maintaining the final analysis or products in a single, searchable location for later use as well as appropriate dissemination."
Privacy

Researcher Finds Hidden Data-Dumping Services In iOS 95

Posted by samzenpus
from the don't-take-my-data-bro dept.
Trailrunner7 writes There are a number of undocumented and hidden features and services in Apple iOS that can be used to bypass the backup encryption on iOS devices and remove large amounts of users' personal data. Several of these features began as benign services but have evolved in recent years to become powerful tools for acquiring user data.

Jonathan Zdziarski, a forensic scientist and researcher who has worked extensively with law enforcement and intelligence agencies, has spent quite a bit of time looking at the capabilities and services available in iOS for data acquisition and found that some of the services have no real reason to be on these devices and that several have the ability to bypass the iOS backup encryption. One of the services in iOS, called mobile file_relay, can be accessed remotely or through a USB connection can be used to bypass the backup encryption. If the device has not been rebooted since the last time the user entered the PIN, all of the data encrypted via data protection can be accessed, whether by an attacker or law enforcement, Zdziarski said.
Update: 07/21 22:15 GMT by U L : Slides.
Communications

New York Judge OKs Warrant To Search Entire Gmail Account 150

Posted by samzenpus
from the we-want-everything dept.
jfruh writes While several U.S. judges have refused overly broad warrants that sought to grant police access to a suspect's complete Gmail account, a federal judge in New York State OK'd such an order this week. Judge Gabriel W. Gorenstein argued that a search of this type was no more invasive than the long-established practice of granting a warrant to copy and search the entire contents of a hard drive, and that alternatives, like asking Google employees to locate messages based on narrowly tailored criteria, risked excluding information that trained investigators could locate.
Businesses

California In the Running For Tesla Gigafactory 171

Posted by samzenpus
from the if-you-build-it dept.
An anonymous reader writes Thanks to some clean-energy tax incentives approved late this spring, California appears to be in the running again for Tesla's "Gigafactory". From the article: "The decision should have been made by now, and ground broken, according to the company's timeline, but is on hold, allowing California, which was not in the race initially — CEO Elon Musk has called California an improbable choice, citing regulations — to throw its hat in the ring. 'In terms of viability, California has progressed. Now it's a four-plus-one race,' said Simon Sproule, Tesla's vice president of global communication and marketing, referring to the four named finalists — Texas, Arizona, New Mexico and Nevada — for the prize. That's heartening. Having the Gigafactory would be a vindication of Gov. Jerry Brown's drive to make California the home of advanced manufacturing, of which Tesla's battery technology is a prime example. With its technology, 'Tesla may be in position to disrupt industries well beyond the realm of traditional auto manufacturing. It's not just cars,' a Morgan Stanley analyst told Quartz, an online business publication last year.
Privacy

Snowden Seeks To Develop Anti-Surveillance Technologies 129

Posted by samzenpus
from the snowden-brand dept.
An anonymous reader writes Speaking via a Google Hangout at the Hackers on Planet Earth Conference, Edward Snowden says he plans to work on technology to preserve personal data privacy and called on programmers and the tech industry to join his efforts. "You in this room, right now have both the means and the capability to improve the future by encoding our rights into programs and protocols by which we rely every day," he said. "That is what a lot of my future work is going to be involved in."
United States

Ars Editor Learns Feds Have His Old IP Addresses, Full Credit Card Numbers 209

Posted by samzenpus
from the no-stone-left-unturned dept.
mpicpp writes with the ultimate results of Ars's senior business editor Cyrus Farivar's FOIA request. In May 2014, I reported on my efforts to learn what the feds know about me whenever I enter and exit the country. In particular, I wanted my Passenger Name Records (PNR), data created by airlines, hotels, and cruise ships whenever travel is booked. But instead of providing what I had requested, the United States Customs and Border Protection (CBP) turned over only basic information about my travel going back to 1994. So I appealed—and without explanation, the government recently turned over the actual PNRs I had requested the first time.

The 76 new pages of data, covering 2005 through 2013, show that CBP retains massive amounts of data on us when we travel internationally. My own PNRs include not just every mailing address, e-mail, and phone number I've ever used; some of them also contain: The IP address that I used to buy the ticket, my credit card number (in full), the language I used, and notes on my phone calls to airlines, even for something as minor as a seat change.
Power

EPA Mulling Relaxed Radiation Protections For Nuclear Power 230

Posted by Soulskill
from the one-new-member-of-the-x-men-per-100,000-normals dept.
mdsolar sends this news from Forbes: Both proponents and opponents of nuclear power expect the Environmental Protection Agency in coming months to relax its rules restricting radiation emissions from reactors and other nuclear facilities. EPA officials say they have no such intention, but they are willing to reconsider the method they use to limit public exposure—and the public's level of risk.

At issue is a 1977 rule that limits the total whole-body radiation dose to any member of the public from the normal operation of the uranium fuel cycle—fuel processing, reactors, storage, reprocessing or disposal—to 0.25 millisieverts per year. (This rule, known as 40 CFR part 190, is different from other EPA regulations that restrict radionuclides in drinking water and that limit public exposure during emergencies. Those are also due for revision.) "We have not made any decisions or determined any specifics on how to move forward with any of these issues. We do, however, believe the regulation uses outdated science, and we are thinking about how to bring the regulation more in line with current thinking," said Brian Littleton, a chemical engineer with EPA's Office of Radiation and Indoor Air."
Government

Drone Search and Rescue Operation Wins Fight Against FAA 77

Posted by Soulskill
from the compelling-reasons-to-get-lost-in-the-woods dept.
An anonymous reader writes: Back in February, officials at the Federal Aviation Administration told a Texas search-and-rescue team they couldn't use drones help locate missing persons. The team, which is called EquuSearch, challenged the FAA in court. On Friday, the court ruled (PDF) in favor of EquuSearch, saying the FAA's directive was "not a formal cease-and-desist letter representing the agency's final conclusion." EquuSearch intends to resume using the drones immediately. This puts the FAA in the position of having to either initiate formal proceedings against EquuSearch, which is clearly operating to the benefit of society (as opposed to purely commercial drone use), or to revisit and finalize its rules for small aircraft entirely. The latter would be a lengthy process because "Congress has delegated rule making powers to its agencies, but the Administrative Procedures Act requires the agencies to provide a public notice and comment period first."
Transportation

Japan To Offer $20,000 Subsidy For Fuel-Cell Cars 156

Posted by Soulskill
from the it's-a-bit-easier-being-green dept.
An anonymous reader writes "Toyota is on track to launch the first consumer fuel-cell car in Japan next year, and the country's Prime Minister says the government wants to assist the new alternative to gas-driven vehicles. Shinzo Abe announced that Japan will offer subsidies of almost $20,000 for fuel cell cars, which will decrease the Toyota model's cost by about 28%. He said, "This is the car of a new era because it doesn't emit any carbon dioxide and it's environmentally friendly. The government needs to support this. Honda is also planning to release a fuel-cell car next year, but experts expect widespread adoption to take decades, since hydrogen fuel station infrastructure is still in its infancy."
Crime

World Health Organization Calls For Decriminalization of Drug Use 472

Posted by Soulskill
from the WHO-already-dismissed-by-old-people-as-being-a-bunch-of-potheads dept.
An anonymous reader writes: We've known for a while: the War on Drugs isn't working. Scientists, journalists, economists, and politicians have all argued against continuing the expensive and ineffective fight. Now, the World Health Organization has said flat out that nations should work to decriminalize the use of drugs. The recommendations came as part of a report released this month focusing on the prevention and treatment of HIV. "The WHO's unambiguous recommendation is clearly grounded in concerns for public health and human rights. Whilst the call is made in the context of the policy response to HIV specifically, it clearly has broader ramifications, specifically including drug use other than injecting. In the report, the WHO says: 'Countries should work toward developing policies and laws that decriminalize injection and other use of drugs and, thereby, reduce incarceration. ...Countries should ban compulsory treatment for people who use and/or inject drugs." The bottom line is that the criminalization of drug use comes with substantial costs, while providing no substantial benefit.
Privacy

Australian Website Waits Three Years To Inform Customers of Data Breach 35

Posted by Unknown Lamer
from the better-never-than-late dept.
AlbanX (2847805) writes Australian daily deals website Catch of the Day waited three years to tell its customers their email addresses, delivery addresses, hashed passwords, and some credit card details had been stolen. Its systems were breached in April 2011 and the company told police, banks and credit cards issuers, but didn't tell the Privacy Commissioner or customers until July 18th.
United Kingdom

UK Government Faces Lawsuit Over Emergency Surveillance Bill 44

Posted by Unknown Lamer
from the spilled-some-state-oppression dept.
judgecorp (778838) writes The British Government has had to produce an emergency surveillance Bill after the European Court of Justice ruled that European rules on retaining metadata were illegal. That Bill has now been passed by the House of Commons with almost no debate, and will become law if approved by the House of Lords. But the so-called DRIP (Data retention and Investigatory Powers) Bill could face a legal challenge: the Open Rights Group (ORG) is fundraising to bring a suit which would argue that blanket data retention is unlawful, so these emergency measures would be no more legal than the ones they replaced.
Patents

Appeals Court Affirms Old Polaroid Patent Invalid 45

Posted by Unknown Lamer
from the bite-the-dust dept.
mpicpp (3454017) writes with news of a notoriously abused (basically "method of displaying images on a machine") software patent being declared invalid. From the article: The ruling from last week is one of the first to apply new Supreme Court guidance about when ideas are too "abstract" to be patented. ... The patents in this case describe a type of "device profile" that allows digital images to be accurately displayed on different devices. US Patent No. 6,128,415 was originally filed by Polaroid in 1996. After a series of transfers, in 2012 the patent was sold to Digitech Image Technologies, a branch of Acacia Research Corporation, the largest publicly traded patent assertion company. ... In the opinion, a three-judge panel found that the device profile described in the patent is a "collection of intangible color and spatial information," not a machine or manufactured object. "Data in its ethereal, non-physical form is simply information that does not fall under any of the categories of eligible subject matter under section 101," wrote Circuit Judge Jimmie Reyna on behalf of the panel.

Mr. Cole's Axiom: The sum of the intelligence on the planet is a constant; the population is growing.

Working...