American IT Workers Increasingly Alleging Discrimination 348

An anonymous reader writes: Some U.S. IT workers who have been replaced with H-1B contractors are alleging discrimination and are going to court. They are doing so in increasing numbers. There are at least seven IT workers at Disney who are pursuing, or plan to pursue, federal and state discrimination administrative complaints over their layoffs. Separately, there are ongoing court cases alleging discrimination against two of the largest India-based IT services firms, Infosys and Tata Consultancy Services. There may also be federal interest in examining the issue.

Experian Breached, 15 Million T-Mobile Customer's Data Exposed 161

New submitter Yuuki! writes: The Washington Post reports that T-Mobile's Credit Partner, Experian, has been breached revealing names, addresses, Social Security numbers, birth dates and driver's license and passport numbers for any customer who has applied for device financing or even services from T-Mobile which required a credit check. Both parties were quick to point out that no no credit card or banking data was stolen as part of the attack. The attack started back in September 2013 and was only just discovered on September 16, 2015. Both Experian and T-Mobile have posted statements on their websites and Experian is offering credit for two free years of identity resolution services and credit monitoring in the wake of the breach.
The Courts

East Texas Judge Throws Out 168 Patent Cases 151

Earthquake Retrofit writes: Ars Technica is reporting that an East Texas judge has thrown out 168 patent cases in one fell swoop. The judge's order puts the most litigious patent troll of 2014, eDekka LLC, out of business. The ruling comes from a surprising source: U.S. District Judge Rodney Gilstrap, the East Texas judge who has been criticized for making life extra-difficult for patent defendants. Gilstrap, who hears more patent cases than any other U.S. judge, will eliminate about 10 percent of his entire patent docket by wiping out the eDekka cases.

Patreon Hacked, Personal Data Accessed 79

AmiMoJo writes: In a blog post Jake Conte, CEO and co-founder of Patreon, writes: "There was unauthorized access to registered names, email addresses, posts, and some shipping addresses. Additionally, some billing addresses that were added prior to 2014 were also accessed. We do not store full credit card numbers on our servers and no credit card numbers were compromised. Although accessed, all passwords, social security numbers and tax form information remain safely encrypted with a 2048-bit RSA key."

Xiaomi Investigated For Using Superlatives In Advertising, Now Illegal In China 108

An anonymous reader writes: Chinese smartphone maker Xiaomi is under investigation for using superlative messaging on its website, according to a leaked document from the Beijing Ministry of Industry and Commerce. A new Chinese law states that adjectives used to promote products must not mislead consumers. The Xiaomi investigation [Chinese] follows claims made by rival Cong that the company used phrases such as 'the best' and 'the most advanced', in its online campaigns and therefore violated the country's advertising law. (The law against suprelatives doesn't seem to apply to communications by the government, about the government.)

Yelp For People To Launch In November 447 writes: Caitlin Dewey reports in the Washington Post that 'Peeple' — basically Yelp, but for humans will launch in November. Subtitled "character is destiny," Peeple is an upcoming app that promises to "revolutionize the way we're seen in the world through our relationships" by allowing you to assign reviews of one to five stars to everyone you know: your exes, your co-workers, the old guy who lives next door. You can't opt out — once someone puts your name in the Peeple system, it's there unless you violate the site's terms of service. And you can't delete bad or biased reviews — that would defeat the whole purpose. "People do so much research when they buy a car or make those kinds of decisions," says co-founder Julia Cordray. "Why not do the same kind of research on other aspects of your life?"

According to Caitlin, one does not have to stretch far to imagine the distress and anxiety that such a system will cause even a slightly self-conscious person; it's not merely the anxiety of being harassed or maligned on the platform — but of being watched and judged, at all times, by an objectifying gaze to which you did not consent. "If you're one of the people who miss bullying kids in high school, then Peeple is definitely going to be the app for you!," says Mike Morrison. "I'm really looking forward to being able to air all of my personal grievances, all from the safety of my phone. Thanks to the app, I'll be able to potentially ruin someone's life, without all the emotional stress that would occur if I actually try to fix the problem face-to-face."

The Real Cost of Mobile Ads 117

New submitter cvdwl writes: A New York Times (mildly paywalled) article and associated analysis discuss the consumer cost of mobile ads, assuming a US$0.01/MB data plan. The article provides one of the only estimates I've seen of the the real cost in time and money (and time is money) of mobile advertising. Ethics of ad-blockers aside, this highlights the hidden costs of data-heavy (often lazy and poorly developed) web-design. In a nutshell, the worst sites took 10-30s load 10-20MB, costing $0.15-0.40, over 4G due to a blizzard of video, heavy images, and occasionally just massive scripts. The best sites had high content to ad ratios, typically loading 1-3MB of content and >500kB of advertising.

Google and Microsoft Agree To Stand Down In Patent Wars 43

_0x783czar writes: Today Google and Microsoft have announced an end to litigious hostilities between themselves; signaling another step on the road to peace as the "global smartphone wars" wind down. This moves settles 18 lawsuits in the U.S. and Germany, including those involving Motorola Mobility's patents, which Google retained after selling Motorola Mobility to Lenovo. Both companies hope this move will help settle the smartphone wars and refocus their efforts on consumers. Reuters reports: "Google and Microsoft have agreed to collaborate on certain patent matters and anticipate working together in other areas in the future to benefit our customers."

South Korean Citizen IDs Vulnerable, Based On US Model 57

An anonymous reader writes: South Korea's Resident Registration Number (RRN) has been proven 'vulnerable to almost any adversary' by the 'Queen of re-identification', Harvard Professor Latanya Sweeney, who previously proved that 87 percent of all Americans could be uniquely identified using just their ZIP code, birthdate, and sex. Sweeney was able to decrypt personal information from the RRN numbers of 23,163 deceased Koreans with 100% success by two different methods of attack, and notes that the South Korean system is based on one currently in use in the U.S.

Former Cisco CEO: China, India, UK Will Lead US In Tech Race Without Action 109

Mickeycaskill writes: Former Cisco CEO John Chambers says the US is the only major country without a proper digital agenda and laments the fact none of the prospective candidates for the US Presidential Election have made it an issue. Chambers said China, India, the UK and France were among those to recognize the benefits of the trend but the US had been slow — risking any economic gains and support for startups. "This is the first time that our government has not led a technology transition," he said. "Our government has been remarkably slow. We are the last major developed country in the world without a digital agenda. I think every major country has this as one of their top two priorities and we don't. We won't get GDP increase and we won't be as competitive with our startups. The real surprise to me was how governments around the world, except ours, moved."

Legal Loophole Offers Volkswagen Criminal Immunity 323

An anonymous reader writes: According to the Wall Street Journal (paywalled) a loophole in the 1970 Clean Air Act could make it impossible for U.S. prosecutors to subject Volkswagen to criminal charges over its use of standards-dodging 'defeat devices' in its emissions-testing software. Prosecutors are now reported to be considering alternative methods, including (considerably lesser) charges that Volkswagen lied to regulation authorities.

Citadel Botnet Operator Gets 4.5 Years In Prison 42

An anonymous reader writes: The U.S. Department of Justice has announced that Dimitry Belorossov, a.k.a. Rainerfox, an operator of the "Citadel" malware, has been sentenced to 4.5 years in prison following a guilty plea. Citadel was a banking trojan capable of stealing financial information. Belorossov and others distributed it through spam emails and malvertising schemes. He operated a 7,000-strong botnet with the malware, and also collaborated to improve it. The U.S. government estimates Citadel was responsible for $500 million in losses worldwide. Belorossov will have to pay over $320,000 in restitution.

Uber Raided By Dutch Authorities, Seen As 'Criminal Organization' 469

An anonymous reader writes: Uber offices in Amsterdam have been raided by Dutch authorities, as reported by several local media sources (Google translation of original in Dutch). This follows intimidatory deterrence practices earlier in The Netherlands, with Uber drivers being fined in the past months, and fresh allegations that the company would act as a "criminal organization" by offering a platform for taxi rides without license (read: without the authorities earning money from the practice). Time for tech companies to consider moving their European offices elsewhere? Uber's lawyers must be incredibly busy. Proposed regulations in London would effectively end the company's service there, while the mayor of Rio de Janeiro said he would ban Uber's operations outright. They're receiving mixed messages from Australia — just a day after running afoul of regulations in New South Wales, the Australian Capital Territory is moving to legalize it.

Apple, Microsoft Tout Their Privacy Policies To Get Positive PR 102

jfruh writes: Apple hasn't changed its privacy policy in more than a year — but that didn't stop the company from putting up a glossy website explaining it in layman's terms. Microsoft too has been touting its respect for its users's privacy. This doesn't represent any high-minded altruism on those companies' parts, of course; it's part of their battle against Google, their archrival that offers almost all of its services for free and makes its money mining user data.

Carly Fiorina: I Supplied HP Servers For NSA Snooping 488

MFingS writes: According to an article at Motherboard, shortly after 9/11, NSA director Michael Hayden requested extra computing power and Carly Fiorina, then CEO of HP, responded by re-routing truckloads of servers to the agency. Fiorina acknowledged providing the servers to the NSA during an interview with Michael Isikoff in which she defended warrantless surveillance (as well as waterboarding) and framed her collaboration with the NSA in patriotic terms. Fiorina's compliance with Hayden's request for HP servers is but one episode in a long-running and close relationship between the GOP presidential hopeful and U.S. intelligence agencies.

Snowden Joins Twitter, Follows NSA 206

wiredmikey writes: Edward Snowden joined Twitter Tuesday, picking up more than a quarter of a million followers on the social network in just over two hours. Snowden followed a single Twitter account: the U.S. National Security Agency, from which he stole electronic documents revealing the agency's secret surveillance programs. "Can you hear me now?" he asked in his first tweet, which was quickly resent by Twitter users tens of thousands of times. In his second, Snowden noted the recent news about the planet Mars and then quipped about the difficulty he had finding asylum after the U.S. government fingered him as the source of the NSA leaks. "And now we have water on Mars!" he wrote. "Do you think they check passports at the border? Asking for a friend."

Newly Found TrueCrypt Flaw Allows Full System Compromise 106

itwbennett writes: James Forshaw, a member of Google's Project Zero team has found a pair of flaws in the discontinued encryption utility TrueCrypt that could allow attackers to obtain elevated privileges on a system if they have access to a limited user account. 'It's impossible to tell if the new flaws discovered by Forshaw were introduced intentionally or not, but they do show that despite professional code audits, serious bugs can remain undiscovered,' writes Lucian Constantin.

FBI and DEA Under Review For Misuse of NSA Mass Surveillance Data 86

Patrick O'Neill writes: The FBI and DEA were among the agencies fed information from an NSA surveillance program described as "staggering" by one judge who helped strike the program down. Now the two agencies are under review by the Justice Department for the use of parallel construction as well as looking into the specifics and results of cases originating from NSA tips. (Here's some more on the practice of parallel construction in this context.)

How the FBI Hacks Around Encryption 91

Advocatus Diaboli writes with this story at The Intercept about how little encryption slows down law enforcement despite claims to the contrary. To hear FBI Director James Comey tell it, strong encryption stops law enforcement dead in its tracks by letting terrorists, kidnappers and rapists communicate in complete secrecy. But that's just not true. In the rare cases in which an investigation may initially appear to be blocked by encryption — and so far, the FBI has yet to identify a single one — the government has a Plan B: it's called hacking.

Hacking — just like kicking down a door and looking through someone's stuff — is a perfectly legal tactic for law enforcement officers, provided they have a warrant. And law enforcement officials have, over the years, learned many ways to install viruses, Trojan horses, and other forms of malicious code onto suspects' devices. Doing so gives them the same access the suspects have to communications — before they've been encrypted, or after they've been unencrypted.
The Almighty Buck

Study: $1.8 Billion In Reshipping Fraud With Stolen Cards Each Year 139

An anonymous reader writes: Researchers from the University of California, Santa Barbara and others studied the economy of how criminals monetize stolen credit cards by operating reshipping scams as means to cash out, KrebsOnSecurity reports: "A time-honored method of extracting cash from stolen credit cards involves "reshipping" scams, which manage the purchase, reshipment and resale of carded consumer goods from America to Eastern Europe — primarily Russia. A new study suggests that some 1.6 million credit and debit cards are used to commit at least $1.8 billion in reshipping fraud each year, and identifies some choke points for disrupting this lucrative money laundering activity. [...] disrupting the reshipping chains of these scams has the potential to cripple the underground economy by affecting a major income stream of cybercriminals. By way of example, the team found that a single criminal-operated reshipping service can earn a yearly revenue of over 7.3 million US dollars, most of which is profit."