IP Address May Associate Lyft CTO With Uber Data Breach ( 103

An anonymous reader writes: According to two unnamed Reuters sources the IP address of Lyft CTO Chris Lambert has been revealed by Uber's investigations to be associated with the accessing of a security key that was accidentally deposited on GitHub in 2014 and used to access 50,000 database records of Uber drivers later that year. However, bearing in mind that the breach was carried out through a fiercely protectionist Scandinavian VPN, and that Lambert was a Google software engineer before become CTO of a major technology company, it does seem surprising that he would have accessed such sensitive data with his own domestic IP address.
United States

NSF Awards $74.5 Million To Support Interdisciplinary Cybersecurity Research ( 9

aarondubrow writes: The National Science Foundation announced $74.5 million in grants for basic research in cybersecurity. Among the awards are projects to understand and offer reliability to cryptocurrencies; invent technologies to broadly scan large swaths of the Internet and automate the detection and patching of vulnerabilities; and establish the science of censorship resistance by developing accurate models of the capabilities of censors. According to NSF, long-term support for fundamental cybersecurity research has resulted in public key encryption, software security bug detection, spam filtering and more.

Rookie Dongle Warns Parents When Their Kids Are Driving Too Fast ( 153

An anonymous reader writes: Dongle Apps, a Belgian tech company, has introduced a new system which alerts a car owner if the vehicle's driver is breaking the speed limit. Initially designed for parents and guardians to keep an eye on their young ones behind the wheel, the 'Rookie Dongle', connects to the vehicle's on-board diagnostics (OBD II) port, internal GPS and mobile technologies to push real-time data to the cloud and send notifications to car owners via email or text when the driver is speeding, suddenly accelerates, brakes hard or has high RPM levels.

Ask Slashdot: Where Can I Find "Nuts and Bolts" Info On Cookies & Tracking Mechanisms? 84

New submitter tanstaaf1 writes: I was thinking about the whole tracking and privacy train-wreck and I'm wondering why specific information on how it is done, and how it can be micromanaged or undone by a decent programmer (at least), isn't vastly more accessible? By searching, I can only find information on how to erase cookies using the browser. Browser level (black box) solutions aren't anywhere near good enough; if it were, the exploits would be few and far between instead everywhere everyday. Read below for the rest of tanstaaf1's question.

Wealth of Personal Data Found On Used Electronics Purchased Online 70

An anonymous reader writes: After examining 122 used mobile devices, hard disk drives and solid state drives purchased online, Blancco Technology Group and Kroll Ontrack found 48% contained residual data. In addition, 35% of mobile devices contained emails, texts/SMS/IMs, and videos. From the article: "Upon closer examination, Blancco Technology Group and Kroll Ontrack discovered that a deletion attempt had been made on 57 percent of the mobile devices and 75 percent of the drives that contained residual data. Even more compelling was the discovery that those deletion attempts had been unsuccessful due to common, but unreliable methods used, leaving sensitive information exposed and potentially accessible to cyber criminals. The residual data left on two of the second-hand mobile devices were significant enough to discern the original users' identities. Whether it's a person's emails containing their contact information or media files involving a company's intellectual property, lingering data can have serious consequences."

Prison Debate Team Beats Harvard's National Title Winners 191 writes: Lauren Gambino reports at The Guardian that months after winning this year's national debate championship, Harvard's debate team has fallen to a debate team of three inmates with violent criminal records. The showdown took place at the Eastern correctional facility in New York, a maximum-security prison where convicts can take courses taught by faculty from nearby Bard College, and where inmates have formed a popular debate club. The Bard prison initiative has expanded since 2001 to six New York correctional facilities, and aims to provide inmates with a liberal arts education so that when the students leave prison they are able to find meaningful work. A three-judge panel concluded that the Bard team had raised strong arguments that the Harvard team had failed to consider and declared the team of inmates victorious. "Debate helps students master arguments that they don't necessarily agree with," says Max Kenner. "It also pushes people to learn to be not just better litigators but to become more empathetic people, and that's what really speaks to us as an institution about the debate union."

The prison team has proven formidable in the past, beating teams from the US military academy at West Point and the University of Vermont. They lost a rematch against West Point in April, setting up a friendly rivalry between the teams. The competition against West Point has become an annual event, and the prison team is preparing for the next debate in spring. In the morning before the debate, team members talked of nerves and their hope that competing against Harvard—even if they lost—would inspire other inmates to pursue educations. "If we win, it's going to make a lot of people question what goes on in here," says Alex Hall, a 31-year-old from Manhattan convicted of manslaughter. "We might not be as naturally rhetorically gifted, but we work really hard."

Boarding Pass Barcodes Can Reveal Personal Data, Future Flights 64

An anonymous reader writes: Security experts have warned that barcodes contained on airplane boarding passes could offer a detailed stream of information to malicious individuals, including data on travel habits and future flight plans. Brian Krebs explained yesterday that by using an easily available online barcode reader, attackers can retrieve a person's name, frequent flyer number, and record locator — information needed to access an individual's account and details of past and upcoming flights, phone numbers, and billing information, along with options to change seats and cancel flights.
The Almighty Buck

FAA Proposes $1.9 Million Fine For Unauthorized Drone Use 228

An anonymous reader writes: The U.S. Federal Aviation Administration has been under pressure to regulate the nascent drone industry. It's obvious they lack a clear idea of how to proceed — but they're trying. Today they announced a proposal to fine SkyPan International a whopping $1.9 million for allegedly conducting 65 unauthorized commercial drone flights over Chicago and New York City. The flights occurred over a period of almost three years, for the purpose of aerial photography. 43 of the flights impinged upon highly restricted airspace, and the FAA says none of them were "without risk." They bluntly allege that SkyPan "operated the aircraft in a careless or reckless manner so as to endanger lives or property." SkyPan now has 30 days to respond.
The Courts

All Malibu Media Subpoenas In Eastern District NY Put On Hold 67

NewYorkCountryLawyer sends an update on the progress of Malibu Media, the company that filed subpoenas and copyright lawsuits over alleged BitTorrent piracy of pornography films: A federal Magistrate Judge in Central Islip, New York, has just placed all Malibu Media subpoenas in Brooklyn, Queens, Long Island, and Staten Island on hold indefinitely, due to "serious questions" raised by a motion to quash (PDF) filed in one of them. Judge Steven Locke's 4-page Order and Decision (PDF) cited the defendant's arguments that "(i) the common approach for identifying allegedly infringing BitTorrent users, and thus the Doe Defendant, is inconclusive; (ii) copyright actions, especially those involving the adult film industry, are susceptible to abusive litigation practices; and (iii) Malibu Media in particular has engaged in abusive litigation practices" as being among the reasons for his issuance of the stay.

Verizon Is Merging Its Cellphone Tracking Supercookie with AOL's Ad Tracking Network 99

schwit1 writes: ProPublica reports that Verizon is giving a new mission to its controversial hidden identifier that tracks users of mobile devices. Verizon said in a little-noticed announcement that it will soon begin sharing the profiles with AOL's ad network, which in turn monitors users across a large swath of the Internet. That means AOL's ad network will be able to match millions of Internet users to their real-world details gathered by Verizon, including — "your gender, age range and interests." AOL's network is on 40 percent of websites, including on ProPublica.

Porsche Chooses Apple Over Google Because Google Wants Too Much Data 422

countach44 writes: As reported in number 5 of this list from Motor Trend, Porsche went with Apple over Google for the infotainment system in its new 911. Apparently, Android Auto wants vehicle data (throttle position, speed, coolant temp, etc.) whereas Apple Play only needs to know if the car is in motion. Naturally, people are curious what Google, as a company building its own car, wants that data for.

International Exploit Kit Angler Thwarted By Cisco Security Team 36

An anonymous reader writes: Researchers at a Cisco security unit have successfully interrupted the spread of a massive international exploit kit which is commonly used in ransomware attacks. The scientists discovered that around 50% of computers infected with Angler were connecting with servers based at a Dallas facility, owned by provider Limestone Networks. Once informed, Limestone cut the servers from its network and handed over the data to the researchers who were able to recover Angler authentication protocols, information needed to disrupt future diffusion.

EU Court of Justice Declares US-EU Data Transfer Pact Invalid 203

Sique writes: Europe's highest court ruled on Tuesday that a widely used international agreement for moving people's digital data between the European Union and the United States was invalid. The decision, by the European Court of Justice, throws into doubt how global technology giants like Facebook and Google can collect, manage and analyze online information from their millions of users in the 28-member bloc. The court decreed that the data-transfer agreement was invalid as of Tuesday's ruling. New submitter nava68 adds links to coverage at the Telegraph; also at TechWeek Europe. From TechWeek Europe's article: The ruling was the court’s final decision in a data-protection case brought by 27-year-old Austrian law student Max Schrems against the Irish data protection commissioner. That case, in turn, was spurred by Schrems’ concerns over the collection of his personal data by Facebook, whose European headquarters is in Ireland, and the possibility that the data was being handed over to US intelligence services.
Electronic Frontier Foundation

EFF Joins Nameless Coalition and Demands Facebook Kills Its Real Names Policy 232

Mark Wilson writes: Facebook has seen heavy criticism for its real names (or 'authentic identities' as they are known to the social network) policy. Over the last year, all manner of rights groups and advocates have tried to convince Facebook to allow users to drop their real name in favor of a pseudonym if they want. Now the Electronic Frontier Foundation is part of the 74-member strong Nameless Coalition and has written to Facebook demanding a rethink on the ground of safety, privacy, and equality. This is far from being the first time Facebook has been called on to allow the use of 'fake names', and the latest letter is signed by LGBT groups, freedom advocates, privacy supporters, and feminist organizations.

What Non-Geeks Hate About the Big Bang Theory 405

v3rgEz writes: It has been said that there is a lot to dislike about the Big Bang Theory, from the typical geek's point of view: It plays in stereotypes of geekdom for cheap laughs, makes non-sensical gags, and has a laugh track in 2015. But what does the rest of America (well, the part of America not making it the number one show on television) think? FCC complaints recently released accuse the show of everything from animal cruelty to subliminal messaging, demanding that the sitcom be ripped from the airwaves lest it ruin America. The full complaints for your reading pleasure.

Trans-Pacific Partnership Trade Deal Is Reached 278

An anonymous reader writes: The NY Times reports that negotiators have finally reached agreement over the Trans-Pacific Partnership from the U.S. and 11 other nations. The TPP has been in development for eight years, and has the potential to dramatically strengthen U.S. economic ties to east Asia. Though the negotiations have been done in secret, the full text of the agreement should be published within a month. Congress (and the legislative houses of the other participating countries) will have 90 days to review it and decide whether to ratify it. The TPP has been criticized in tech circles for how it regards intellectual property and facilitates website blocking, among other issues.

Proponents will also have to answer broader questions about whether it stifles competition, how it treats individuals versus large corporations, as if it creates environmental problems. To give you an idea of how complex it is: "The Office of the United States Trade Representative said the partnership eventually would end more than 18,000 tariffs that the participating countries have placed on United States exports, including autos, machinery, information technology and consumer goods, chemicals and agricultural products ranging from avocados in California to wheat, pork and beef from the Plains states."

Sex, Drugs, and Transportation: How Politicians Tried To Keep Uber Out of Vegas 135 writes: Johana Bhuiyan has written an interesting article about how the Las Vegas taxi industry used every political maneuver in its arsenal to keep Uber and Lyft off the strip. Vegas is one of the most lucrative transportation markets in the country, with some 41.1 million visitors passing through it annually. The city's taxi industry has raked in a whopping $290 million this year to date (PDF). What made Vegas unique — what made it Uber's biggest challenge yet — was the extent to which local governments were willing to protect the incumbents. According to Bhuiyan, in Las Vegas, Uber and its pugnacious CEO Travis Kalanick really did run into the corrupt taxi cartel bogeymen they'd long claimed to be saving us from, and this cartel would prove to be their most formidable opponent. But when push came to shove and the fight turned ugly, the world's fastest-growing company ran right over its entrenched opposition.

TiVo's Latest Offering Detects and Skips Ads, Adds 4K Capability 85

As described by The Verge, the newest generation of TiVo is in some ways a step backward: it comes with fewer tuners than some earlier models, and less storage as well. However, two big features that distinguish the company's new Bolt DVR may entice users anyhow: it adds 4K recording, and (probably of use to more people, given the scarcity of 4K content, not to mention its file size) also can recognize and skip commercials, a feature that users have sorely missed as a mainstream feature in standalone DVRs for quite a while. (And it's possible that broadcasters will come up with a way to kill the commercial-skip function as they did with Dish's AutoHop.)

Google Lets Advertisers Target By (Anonymized) Customer Data 58

An anonymous reader writes: Google's new advertising product, called Customer Match, lets advertisers upload their customer and promotional email address lists into AdWords. The new targeting capability extends beyond search to include both YouTube Trueview ads and the newly launched native ads in Gmail. Customer Match marks the first time Google has allowed advertisers to target ads against customer-owned data in Adwords. Google matches the email addresses against those of signed-in users on Google. Individual addresses are hashed and are supposedly anonymized. Advertisers will be able to set bids and create ads specifically geared to audiences built from their email lists. This new functionality seems to make de-anonymization of google's supposedly proprietary customer data just a hop, skip and jump away. If you can specify the list of addresses that get served an ad, and the criteria like what search terms will trigger that ad, you can detect if and when your target searches for specific terms. For example, create an email list that contains your target and 100 invalid email addresses that no one uses (just in case google gets wise to single-entry email lists). Repeat as necessary for as many keywords and as many email addresses that you wish to monitor.

4 Calif. Students Arrested For Alleged Mass-Killing Plot 450

The New York Times reports that four high school students in the small California town of Tuolumne, about 120 miles east of San Francisco, have been arrested, but not yet charged, for planning an attack on their school, Summerville High School. According to the Times, three of the four were overheard discussing this plot, and a fourth conspirator was later identified. Their goal, according to Toulumne sheriff James Mele, was "to shoot and kill as many people as possible at the campus"; they had not however been able yet to obtain the weapons they wanted to carry out the attack. From NBC News' version of the story: "Detectives located evidence verifying a plot to shoot staff and students at Summerville High School," Mele said. "The suspects' plan was very detailed in nature and included names of would-be victims, locations and the methods in which the plan was to be carried out."