Communications

New Privacy Concerns About US Program That Can Track Snail Mail 65

Posted by timothy
from the ask-not-what-your-country-can-do-to-you dept.
Lashdots writes: A lawyers' group has called for greater oversight of a government program that gives state and federal law enforcement officials access to metadata from private communications for criminal investigations and national security purposes. But it's not digital: this warrantless surveillance is conducted on regular mail. "The mail cover has been in use, in some form, since the 1800s," Chief Postal Inspector Guy J. Cottrell told Congress in November. The program targets a range of criminal activity including fraud, pornography, and terrorism, but, he said, "today, the most common use of this tool is related to investigations to rid the mail of illegal drugs and illegal drug proceeds." Recent revelations that the U.S. Postal Service photographs the front and back of all mail sent through the U.S., ostensibly for sorting purposes, has, Fast Company reports, brought new scrutiny—and new legal responses—to this obscure program.
Australia

Wellness App Author Lied About Cancer Diagnosis 255

Posted by timothy
from the but-this-was-my-whole-health-plan dept.
Freshly Exhumed writes: Wellness advocate Belle Gibson, who translated her high profile as a cancer survivor into publishing success, has admitted her cancer diagnosis was not real. Ms Gibson, 23, who claimed to have healed terminal brain cancer by eating wholefoods, made the admission in an interview with the Australian Women's Weekly. The success of Gibson's book, The Whole Pantry, and her smartphone application, which advocates natural therapies, has been largely dependent on her high-profile as a cancer survivor. Sadly, we've seen this sort of behaviour before. It would seem that Belle Gibson has emulated Dr. Andrew Wakefield in knowingly decieving the public in ways that could possibly be dangerous to the health of believers.
Government

Security Companies Accused of Exaggerating Iran's Cyberthreats Against the US 37

Posted by samzenpus
from the slightly-exaggerated dept.
An anonymous reader writes: A widely-read report accusing Iran of hundreds of thousands of cyberattacks against the U.S. is being criticized as hugely inaccurate as well as motivated by marketing and politics, according to a new whitepaper and critics around the security industry. The original report, solicited by a conservative think tank and published by Norse in the lead up to the RSA Security Conference, hit the front page of the New York Times by calling handshakes and network scans "sophisticated cyberattacks."
United States

House Bill Slashes Research Critical To Cybersecurity 196

Posted by samzenpus
from the do-more-with-less dept.
dcblogs writes: A U.S. House bill that will set the nation's basic research agenda for the next two years increases funding for computer science, but at the expense of other research areas. The funding bill, sponsored by Rep. Lamar Smith (R-Texas), the chair of the Science, Space and Technology Committee, hikes funding for computer science, but cuts — almost by half — social sciences funding, which includes the study of human behavior. Cybersecurity uses human behavior research because humans are often the weakest security link. Research funding social, behavioral and economic sciences will fall from $272 million to $150 million, a 45% decrease. The bill also takes a big cut out of geosciences research, which includes climate change study, from $1.3 billion to $1.2 billion, an 8% decrease. The insight into human behaviors that comes from the social science research, "is critical to understanding how best to design and implement hardware and software systems that are more secure and easier to use," wrote J. Strother Moore, the Computing Research Association chair and a professor of computer science at the University of Texas.
Facebook

Facebook's "Hello" Tells You Who's Calling Before You Pick Up 78

Posted by samzenpus
from the who-is-it? dept.
Mark Wilson writes: When you receive a call you'll usually see the number of the caller, but this may not be helpful in identifying them before you decide whether to pick up. Facebook's answer to this problem is Hello. This new app comes from the Facebook Messenger team and aims to tell you more about the person getting in touch with you even if you don't have their number saved in your address book. Currently available for Android, the dialer app also allows for the blocking of calls from individuals.
Government

Bill To Require Vaccination of Children Advances In California 608

Posted by samzenpus
from the won't-somebody-please-think-of-the-children? dept.
mpicpp sends the latest news on California legislation that would eliminate exemptions for vaccinating school children. A bill that would require nearly all children in California to be vaccinated by eliminating "personal belief" exemptions advanced through the State Legislature on Wednesday, though it still has several hurdles to clear. If approved, California would become one of only three states that require all parents to vaccinate their children as a condition of going to school, unless there is a medical reason not to do so. Under the bill, introduced after a measles outbreak that began at Disneyland, parents who refuse vaccines for philosophical or religious reasons would have to educate their children at home. The legislation prompted a roiling debate in Sacramento, and last week hundreds of people protested at the Capitol, arguing that it infringed on their rights and that it would unfairly shut their children out of schools. Last Wednesday, the legislation stalled in the Senate Education Committee as lawmakers said they were concerned that too many students would be forced into home schooling. This Wednesday, however, the bill passed that committee after its authors tweaked it, adding amendments that would expand the definition of home schooling to allow multiple families to join together to teach their children or participate in independent study programs run by public school systems.
United States

McConnell Introduces Bill To Extend NSA Surveillance 202

Posted by samzenpus
from the lets-see-what-you're-doing dept.
jriding sends word that the majority leader of the U.S. Senate has introduced a bill that would extend the surveillance provisions of the Patriot Act until 2020: Senate Majority Leader Mitch McConnell introduced a bill Tuesday night to extend through 2020 a controversial surveillance authority under the Patriot Act. The move comes as a bipartisan group of lawmakers in both chambers is preparing legislation to scale back the government's spying powers under Section 215 of the Patriot Act. It puts McConnell (R-Ky.) and Senate Intelligence Committee Chairman Richard Burr (R-N.C.), the bill’s co-sponsor, squarely on the side of advocates of the National Security Agency’s continued ability to collect millions of Americans’ phone records each day in the hunt for clues of terrorist activity.
Canada

The Great Canadian Copyright Giveaway: Copyright Extension For Sound Recordings 299

Posted by Soulskill
from the naturally-snuck-through-during-the-hockey-playoffs dept.
An anonymous reader writes: Despite no study, no public demands, and the potential cost to the public of millions of dollars, the Canadian government announced yesterday that it will extend the term of copyright for sound recordings and performances from 50 to 70 years. The music industry did not raise term extension as a key concern during either the 2012 copyright reform bill or the 2014 Canadian Heritage committee study on the industry. For Canadians, the extension could cost millions of dollars as works that were scheduled to come into the public domain will now remain locked down for decades.
Advertising

German Court Rules Adblock Plus Is Legal 279

Posted by Soulskill
from the non-crazy-software-judgments dept.
An anonymous reader writes: Following a four-month trial, a German court in Hamburg has ruled that the practice of blocking advertising is perfectly legitimate. Germany-based Eyeo, the company that owns Adblock Plus, has won a case against German publishers Zeit Online and Handelsblatt. These companies operate Zeit.de, Handelsblatt.com, and Wiwo.de. Their lawsuit, filed on December 3, charged that Adblock Plus should not be allowed to block ads on their websites. While the decision is undoubtedly a big win for users today, it could also set a precedent for future lawsuits against Adblock Plus and any other tool that offers similar functions. The German court has essentially declared that users are legally allowed to control what happens on their screens and on their computers while they browse the Web.
Privacy

UK Police Chief: Some Tech Companies Are 'Friendly To Terrorists' 230

Posted by Soulskill
from the arguments-that-are-getting-old dept.
An anonymous reader points out comments from Mark Rowley, the UK's national police lead for counter-terrorism, who thinks tech companies aren't doing enough to prevent terrorists from using their services. He said, "[The acceleration of technology] can be set up in a way which is friendly to terrorists and helps them ... and creates challenges for law enforcement and intelligence agencies. Or it can be set up in a way which doesn't do that." Rowley wouldn't name which companies in particular he's talking about, but he added, "Snowden has created an environment where some technology companies are less comfortable working with law reinforcement and intelligence agencies and the bad guys are better informed. We all love the benefit of the internet and all the rest of it, but we need their support in making sure that they're doing everything possible to stop their technology being exploited by terrorists. I'm saying that needs to be front and center of their thinking and for some it is and some it isn't."
Bug

Networking Library Bug Breaks HTTPS In ~1,500 iOS Apps 73

Posted by Soulskill
from the snake-in-the-walled-garden dept.
mrflash818 writes: A new report from analytics service SourceDNA found that roughly 1,500 iOS apps (with about 2 million total installs) contain a vulnerability that cripples HTTPS and makes man-in-the-middle attacks against those apps easy to pull off. "The weakness is the result of a bug in an older version of the AFNetworking, an open-source code library that allows developers to drop networking capabilities into their apps. Although AFNetworking maintainers fixed the flaw three weeks ago with the release of version 2.5.2, at least 1,500 iOS apps remain vulnerable because they still use version 2.5.1. That version became available in January and introduced the HTTPS-crippling flaw."
Crime

Futures Trader Arrested For Causing 2010 'Flash Crash' 307

Posted by Soulskill
from the moving-at-the-speed-of-government dept.
New submitter dfsmith writes: Apparently the "Flash Crash" of the stock market in May 2010 was perpetrated by a futures trader in the UK. The US Justice Department alleges that he used a "dynamic layering scheme" of large-volume sell orders to confuse other buyers, hence winning big in his futures trades. "By allegedly placing multiple, simultaneous, large-volume sell orders at different price points—a technique known as 'layering'—Sarao created the appearance of substantial supply in the market. As part of the scheme, Sarao allegedly modified these orders frequently so that they remained close to the market price, and typically canceled the orders without executing them. When prices fell as a result of this activity, Sarao allegedly sold futures contracts only to buy them back at a lower price. Conversely, when the market moved back upward as the market activity ceased, Sarao allegedly bought contracts only to sell them at a higher price."
Government

'Aaron's Law' Introduced To Curb Overzealous Prosecutions For Computer Crimes 206

Posted by Soulskill
from the intimidation-is-not-justice dept.
SonicSpike writes: Sens. Rand Paul (R-KY) and Ron Wyden (D-OR), and Rep. Zoe Lofgren (D-CA) introduced bipartisan legislation today to better target serious criminals and curb overzealous prosecutions for non-malicious computer and Internet offenses.

The legislation, inspired by the late Internet innovator and activist Aaron Swartz, who faced up to 35 years in prison for an act of civil disobedience, would reform the quarter-century old Computer Fraud and Abuse Act (CFAA) to better reflect computer and internet activities in the digital age. Numerous and recent instances of heavy-handed prosecutions for non-malicious computer crimes have raised serious questions as to how the law treats violations of terms of service, employer agreements and website notices.

"Aaron’s Law would change the definition of 'access without authorization' in the CFAA so it more directly applies to malicious hacks such as sending fraudulent emails, injecting malware, installing viruses or overwhelming a website with traffic."
Twitter

Twitter Rolls Out New Anti-Abuse Tools 254

Posted by Soulskill
from the making-it-harder-to-be-a-jerk dept.
An anonymous reader writes: After facing criticism that it gives trolls and hatemongers a platform to intimidate people, Twitter has now rolled out a new set of tools and policies to handle abusive tweets. Previously, they only prohibited threats of violence that were "direct" and "specific," but now that's been expanded to all threats of violence or tweets promoting violence. They said, "Our previous policy was unduly narrow and limited our ability to act on certain kinds of threatening behavior." Twitter has also added non-permanent bans, as well as this: "[W]e have begun to test a product feature to help us identify suspected abusive Tweets and limit their reach. This feature takes into account a wide range of signals and context that frequently correlates with abuse including the age of the account itself, and the similarity of a Tweet to other content that our safety team has in the past independently determined to be abusive." Twitter's general counsel recently said, "Freedom of expression means little as our underlying philosophy if we continue to allow voices to be silenced because they are afraid to speak up. We need to do a better job combating abuse without chilling or silencing speech."
The Courts

Supreme Court Rules Extending Traffic Stop For Dog Sniff Unconstitutional 401

Posted by Soulskill
from the not-allowed-to-hound-you-anymore dept.
bmxeroh writes: The Supreme Court ruled today (PDF) that a police officer may not extend a traffic stop beyond the time needed to complete the tasks related to that stop for the purposes of allowing a trained dog to sniff for drugs. Justice Ruth Bader Ginsburg wrote for the majority (6-3) that police authority "ends when tasks tied to the traffic infraction are — or reasonably should have been — completed." The case, Rodriguez v. United States, 13-9972, all started with Rodriguez was stopped in Nebraska for driving out of his lane. After he was given the ticket for that infraction, he was made to wait an additional seven to eight minutes for a drug dog to arrive which promptly alerted to the presence of drugs in the car. Upon search, the officers found a small bag of methamphetamine in his possession.