another random user writes "A researcher by the name of Suriya Prakash has claimed that the majority of phone numbers on Facebook are not safe. It's not clear where he got his numbers from (he says 98 percent, while another time he says 500 million out of Facebook's 600 million mobile users), but his demonstration certainly showed he could collect countless phone numbers and their corresponding Facebook names with very little effort. Facebook has confirmed that it limited Prakash's activity but it's unclear how long it took to do so. Prakash disagrees with when Facebook says his activity was curtailed." Update: 10/11 17:47 GMT by T : Fred Wolens of Facebook says this isn't an exploit at all, writing "The ability to search for a person by phone number is intentional behavior and not a bug in Facebook. By default, your privacy settings allow everyone to find you with search and friend finder using the contact info you have provided, such as your email address and phone number. You can modify these settings at any time from the Privacy Settings page. Facebook has developed an extensive system for preventing the malicious usage of our search functionality and the scenario described by the researcher was indeed rate-limited and eventually blocked." Update: 10/11 20:25 GMT by T : Suriya Prakash writes with one more note: "Yes, it is a feature of FB and not a bug.but FB never managed to block me; the vul was in m.facebook.com. Read my original post. Many other security researchers also confirmed the existence of this bug; FB did not fix it until all the media coverage." Some of the issue is no doubt semantic; if you have a Facebook account that shows your number, though, you can decide how much you care about the degree to which the data is visible or findable.
Catch up on stories from the past week (and beyond) at the Slashdot story archive
An anonymous reader writes "IARPA — the sister agency to DARPA — is sponsoring researchers to examine crowdsourcing as a method to derive better intelligence predictions. This research will eventually be transitioned to the intelligence community to improve national intelligence estimates. From the article: 'Like Darpa, its better-known counterpart in the Pentagon, Iarpa funds far-out research ideas. However, Iarpa works on ideas that could eventually be used by the likes of the Central Intelligence Agency (CIA), rather than the military. “The goal that Iarpa has is to eventually transition this to the intelligence community, and use it for something like the National Intelligence Estimates,” says Jenn Carter, who works on the project.'"
coolstoryhansel writes "Stating that release of the draft legislation is not in the public interest [PDF] because it would prejudice decision making processes already in train, the Attorney General's Department has denied the release of the draft laws that would see wide-scale dragnet surveillance implemented along with an expansion of law enforcement powers for the purposes of 'national security'. Serkowski, speaking for the Pirate Party who lodged the FOI request labelled the Department response as 'disgraceful and troubling' saying the decision is 'completely trashing any semblance or notion of transparency or participative democratic process of policy development.'"
An anonymous reader writes "Germany's minister for science and education, who is currently under investigation by her alma mater for plagiarizing parts of her Ph.D thesis, is facing new accusations: a total of 92 alleged incidents of plagiarism (German) have been documented by a blogger, who calls 'this number of violations inexcusable.'"
coondoggie writes "What are the next big things in science and technology? Teleportation? Unlimited clean Energy? The scientists and researchers at DARPA and the White House Office of Science and Technology Policy put out a public call this week for ideas that could form what they call the Grand Challenges — ambitious yet achievable goals that that would herald serious breakthroughs in science and technology."
another random user writes "Apple, Google, Microsoft, Nokia, Samsung and others tech firms met with regulators and patent officials in Geneva to discuss changes to intellectual property laws. The event follows a flurry of lawsuits involving smartphone makers. It is set to focus on how to ensure license rights to critical technologies are offered on 'reasonable' terms. Companies are split over whether they should be allowed to ban rivals' devices if they do not agree a fee. The talks have been organized by the International Telecommunication Union (ITU), the UN agency responsible for ensuring phone-makers agree standards so that their devices can interact with each other."
wiredmikey writes "The U.S. Supreme Court said this week it will let stand an immunity law on wiretapping viewed by government as a useful anti-terror tool but criticized by privacy advocates. The top U.S. court declined to review a December 2011 appeals court decision that rejected a lawsuit against AT&T for helping the NSA monitor its customers' phone calls and Internet traffic. Plaintiffs argue that the law allows the executive branch to conduct 'warrantless and suspicionless domestic surveillance' without fear of review by the courts and at the sole discretion of the attorney general. The Obama administration has argued to keep the immunity law in place, saying it would imperil national security to end such cooperation between the intelligence agencies and telecom companies. The Supreme Court is set to hear a separate case later this month in which civil liberties' group are suing NSA officials for authorizing unconstitutional wiretapping."
itwbennett writes "ICANN wants to store more data (including credit card information) about domain name registrations in its Whois database, wants to hold on to that data for two years after registration ends, and wants to force registrant contact information to be re-verified annually — moves that are applauded by David Vladeck, director of the FTC's Bureau of Consumer Protection. The E.U.'s Article 29 Working Group is markedly less enthusiastic, saying ICANN's plans trample on citizens' right to privacy."
concealment sends this quote from an article at CNN: "Moderating a discussion on the future of broadband, Mashable editor-in-chief Lance Ulanoff tossed a provocative question to the audience: 'By quick show of hands, how many out there think that broadband is a luxury?' Next question: 'How many out there think it is a human right?' That option easily carried the audience vote. Broadband access is too important to society to be relegated to a small, privileged portion of the world population, Hans Vestberg, president and CEO of Ericsson, said during the discussion. Dr. Hamadoun Touré, secretary-general of the International Telecommunication Union, echoed Vestberg's remarks. 'We need to make sure all the world's inhabitants are connected to the goodies of the online world, which means better health care, better education, more sustainable economic and social development,' Touré said."
hypnosec writes "The German Government has gone a bit too far trying to be transparent, inadvertently revealing that German police monitor Skype, Google Mail, MSN Hotmail, Yahoo Mail, and Facebook chat when necessary. The revelations, spotted by the annalist blog, come from a report of expenses incurred by the Federal Ministry of the Interior following a parliamentary inquiry. The report contains lots of tables and as many would find those boring, some highlights: On page 34 and page 37 of the report line item 486 and 265 respectively, represent decoding software for Google Mail, MSN Hotmail, Yahoo Mail for prevention and investigation."
Earlier this year, the Free Software Foundation announced a hardware endorsement campaign for hardware that respects the rights of its owner (no DRM, runs Free Software, support for open formats, no or freely licensed patents, etc.). Now, they've announced that the Lulzbot AO-100 3D Printer is the first device to pass certification and be endorsed by the FSF. Source code to both the hardware and software is available, naturally.
another random user sends word of a case in Pennsylvania District Court in which Judge Michael Baylson has ordered a trial to resolve the issue of whether an IP address can identify a particular person. The plaintiff, Malibu Media, has filed 349 lawsuits against groups of alleged infringers, arguing that getting subscriber information from an ISP based on an IP address that participated in file-sharing was suitable for identification purposes. A motion filed by the defendants in this case explains "how computer-based technology would allow non-subscribers to access a particular IP address," leading Judge Baylson to rule that a trial is "necessary to find the truth." "The Bellwether trial will be the first time that actual evidence against alleged BitTorrent infringers is tested in court. This is relevant because the main piece of evidence the copyright holders have is an IP-address, which by itself doesn't identify a person but merely a connection. ... Considering what's at stake, it would be no surprise if parties such as the Electronic Frontier Foundation (EFF) are willing to join in. They are known to get involved in crucial copyright troll cases, siding with the defendants. We asked the group for a comment, but have yet to receive a response. On the other side, Malibu Media may get help from other copyright holders who are engaged in mass-BitTorrent lawsuits. A ruling against the copyright holder may severely obstruct the thus far lucrative settlement business model, meaning that millions of dollars are at stake for these companies. Without a doubt, the trial is expected to set an important precedent for the future of mass-BitTorrent lawsuits in the U.S. One to watch for sure."
An anonymous reader sends this quote from The Guardian: "Doctors and government health officials should set limits, as they do for alcohol, on the amount of time children spend watching screens – and under-threes should be kept away from the television altogether, according to a paper in an influential medical journal published on Tuesday. A review of the evidence in the Archives Of Disease in Childhood says children's obsession with TV, computers and screen games is causing developmental damage as well as long-term physical harm. Doctors at the Royal College of Paediatrics and Child Health, which co-owns the journal with the British Medical Journal group, say they are concerned."
theodp writes "A newly-granted Microsoft patent for Variable Formatting of Cells covers the use of 'variable formatting for cells in computer spreadsheets, tables, and other documents', such as using the spectrum from a first color to a second color to represent the values in or associated with each cell. Which is really not a heck of a lot different from how Baron Pierre Charles Dupin created what's believed to be the first choropleth map way back in 1826, when he used shadings from black to white to illustrate the distribution and intensity of illiteracy in France. By the way, beginning in March, the U.S. will switch from a first-to-invent to a first-to-file system of granting patents. Hey, what could go wrong?"
dsinc writes that Russia's "Communications and Press Ministry has proposed banning children from using Wi-Fi networks in public, potentially making cafes, restaurants and other locations providing the service responsible for enforcing the law. An official with the ministry's Federal Mass Media Inspection Service, known as Roskomnadzor, said the ban should apply to people under 18 years old. Locations providing Wi-Fi access would be held legally responsible for implementing the rule, and failing to meet the proposed measure would result in a fine ranging from 20,000 rubles to 50,000 rubles ($640 to $1,600), Vedomosti reported Thursday." The law, ostensibly to "shield" children, would apply to a fairly broad definition of child — anyone under 18.
tsu doh nimh writes "Brian Krebs follows up on a recent Slashdot discussion about a cybercrime gang that is recruiting botmasters to help with concerted heists against U.S. financial institutions. The story looks at the underground's skeptical response to this campaign, which is being led by a criminal hacker named vorVzakone ('thief in law'), who has released a series of videos about himself. vorVzakone also is offering a service called 'insurance from criminal prosecution,' in which miscreants can purchase protection from goons who specialize in bribing or intimidating Russian/Eastern European police into scuttling cybercrime investigations. For $100,000, the service also claims to have people willing to go to jail in place of the insured. Many in the criminal underground view the entire scheme as an elaborate police sting operation."
concealment writes "A new lawsuit targets Google for reading e-mails to target ads, according to TechCrunch. But the issue isn't that Google is reading e-mails from registered users; rather, the company is using e-mails sent from other services to Google users to target ads as well. Google has gotten the side-eye a few times in the past for using e-mail content to serve context-based ads to its Gmail users. And for those Gmail users, Google's hide is covered: the terms of service explicitly state that users' e-mail content determines what ads they see."
Jafafa Hots writes "The Supreme Court is set to decide, in the case of Kirtsaeng v. John Wiley & Sons, whether or not First Sale Doctrine applies to products made with parts sourced from outside the United States. If the Supreme Court upholds an appellate ruling, it would mean that the IP holders of anything you own that has been made in China, Japan or Europe, for example, would have to give you permission to sell it. Your old used CDs, cell phone, books, or that Ford truck with foreign parts? It may not be yours to sell unless you get explicit permission and presumably pay royalties. 'It would be absurd to say anything manufactured abroad can't be bought or sold here,' said Marvin Ammori, a First Amendment lawyer and Schwartz Fellow at the New American Foundation who specializes in technology issues."
mask.of.sanity writes "New privacy threats have been uncovered by security researchers that could allow every device operating on 3G networks to be tracked. The vulnerabilities could be exploited with cheap commercial off-the-shelf technology to reveal the location of phones and other 3G-capable devices operating on all 3G compliant networks. It was similar, but different, to previous research that demonstrated how attackers could redirect a victim's outgoing traffic to different networks."
redletterdave writes with an excerpt from IB Times that should be met with a bit of skepticism: "A new study released by international law firm DLA Piper Monday morning shows that among technology companies and their executives, Republican nominee Mitt Romney is the preferred presidential candidate for improving and advancing the technology industry. The study surveyed thousands of entrepreneurs, consultants, venture capitalists, CEOs, CFOs, and other C-level officers at technology companies, asking them their opinions about the 2012 presidential election and the issues facing their particular industry. The majority of respondents said Mitt Romney would be better with the technology industry, with 64 percent favoring the former governor from Massachusetts, and only 41 percent favoring the incumbent president. This is a complete turnaround from 2008 when the numbers were heavily in favor of Obama, with 60 percent of respondents saying then-Sen. Obama would be better for the sector than the Republican candidate, Sen. John McCain." There's a whole lot of number stretching going on: the results more or less indicate only a slight preference for Romney; a healthy chunk of responses were that his policies would be "neutral" and Obama's would at worst be slightly bad. Would you like six politicians, or half a dozen? One thing is universal: everyone hates SOX.