Ars Technica reports that Google's map application for iOS, however popular it might be with users, raises red flags with European regulators, who maintain that it by default does not sufficiently safeguard user privacy as required by EU privacy rules. Ars quotes Marit Hansen of Germany's Independent Centre for Privacy Protection on why: "Hansen's main gripe is that Google's use of 'anonymous' is misleading. 'All available information points to having linkable identifiers per user," she told Computerworld. Hansen added this would allow Google to track several location entries, thus leading to her assumption that Google's 'anonymous location data' would be considered 'personal data' under the European law."
chicksdaddy writes "The newly discovered Dexter malware is one of the few examples of a malicious program that targets point of sale terminals, but also communicates, botnet-like, with a command and control infrastructure. According to an analysis by Seculert, the custom malware has infected 'hundreds POS systems' including those operated by 'big-name retailers, hotels, restaurants and even private parking providers.' Now a detailed analysis by Verizon's RISK team suggests that Dexter may be a creation of a group responsible for the ubiquitous Zeus banking Trojan. By analyzing early variants of Dexter discovered in the wild, Verizon determined that the IP addresses used for Dexter's command and control were also used to host Zeus-related domains and several domains for Vobfus, also known as 'the porn worm,' which has been used to deliver the Zeus malware. Verizon also produced some tantalizing clues as to the identity of one individual who may be a part of the crew responsible for the malware. The RISK team linked the domain registration for a Dexter C&C server to an unusual online handle, 'hgfrfv,' that was used to post a number of suggestive help requests ('need help with decrypting a table encrypted with EncryptByKey') in online technical forums, where a live.com e-mail address was also provided. The account name was also linked to a shell account on the outsourcing web site freelancer.com, which lists 'hgfrfv' as an individual residing in the Russian Federation."
An anonymous reader writes "Germany has pretty much become the new Eastern District of Texas, the world's most popular patent battleground. After Apple, Samsung and Motorola, the Chinese are now going to Germany as well to sort out their domestic patent squabbles. Huawei and ZTE, arguably the People's Republic's leading wireless tech companies, started suing each other in April last year. On Friday the Mannheim Regional Court held a Huawei vs. ZTE hearing, reports a local patent watcher. Huawei says ZTE infringes a 4G/LTE handover patent and wants its rival's base stations and USB modem sticks banned in Germany. More clashes between the two are coming up in the same court and in other places in Europe, including France."
First time accepted submitter veganboyjosh writes "I got an instant message from an uncle the other day, asking me what was in the link I sent him. I hadn't sent him a link so I figured that his account had been hacked and he'd received a malicious link from some bot address with my name in the 'From' box. This was confirmed when he told me the address the link had come from. When I tried explaining what the link was, that his account had been hacked, and that he should change the password to his @aol.com email account, his response was 'No, I think your account was hacked, since the email came from you.' I went over it again, with a real-life analog of someone calling him on the phone and pretending to be me, but I'm not sure if that sunk in or not. This uncle is far from tech savvy. He's in his 60s, and uses Facebook several times a week. He knows I'm online much more and kind of know my way around. After his initial response, I didn't have it in me to get into the whole 'Never click a link from an unfamiliar email address' bit; to him, this wasn't an unfamiliar email address, it was mine. How do I explain this to him, and what else should I feel responsible for telling him?"
An anonymous reader writes "Music industry group BPI has threatened legal action against six members of the UK Pirate Party, after the party refused to take its Pirate Bay proxy offline. BPI seems to want to hold the individual members of the party responsible for copyright infringements that may occur via the proxy, which puts them at risk of personal bankruptcy. Pirate Party leader Loz Kaye criticized the latest music industry threats and reiterated that blocking The Pirate Bay is a disproportionate measure."
Presto Vivace writes that the UK's Newcastle University is instituting a finger-print based attendance system. From the linked article: "University students may have to scan their fingerprints in future — to prove they are not bunking off lectures. ... Newcastle Free Education Network has organised protests against the plans, claiming the scanners would 'turn universities into border checkpoints' and 'reduce university to the attendance of lectures alone.'" The system is supposed to bring the university "in line with the UK Border Agency (UKBA) and clamp down on illegal immigrants."
Hugh Pickens writes "VOA reports that President Obama says it does not make sense for federal authorities to seek prosecution of recreational marijuana users in states where such use is legal. 'As it is, you know, the federal government has a lot to do when it comes to criminal prosecutions,' said Obama during a television interview with ABC's Barbara Walters. 'It does not make sense from a prioritization point of view for us to focus on recreational drug users in a state that has already said that, under state law, that's legal.' When asked if he supported legalizing marijuana, the president said he was not endorsing that. 'I wouldn't go that far, but what I think is that, at this point, Washington and Colorado, you've seen the voters speak on this issue.'"
Gordonjcp writes "The BBC are reporting that the proposed automatic blocking of porn websites by UK ISPs has been rejected by the government. Only 35% of the parents who responded to a survey on filtering wanted an automatic block. The report (PDF), drawn from over 3500 responses, found that 80% of all those who responded were in favour of no filtering of any kind."
SternisheFan sends this story from the Baltimore Sun: "The Baltimore City speed camera ticket alleged that the four-door Mazda wagon was going 38 miles per hour in a 25-mph zone — and that owner Daniel Doty owed $40 for the infraction. But the Mazda wasn't speeding. It wasn't even moving. The two photos printed on the citation as evidence of speeding show the car was idling at a red light with its brake lights illuminated. A three-second video clip also offered as evidence shows the car motionless, as traffic flows by on a cross street. Since the articles' publication, several lawmakers have called for changes to the state law that governs the way the city and other jurisdictions operate speed camera programs. Gov. Martin O'Malley said Tuesday that state law bars contractors from being paid based on the number of citations issued or paid —an approach used by Baltimore City, Baltimore County, Howard County and elsewhere. 'The law says you're not supposed to charge by volume. I don't think we should charge by volume,' O'Malley said. "If any county is, they need to change their program.'"
CowboyRobot writes "A new targeted attack campaign with apparent Korean ties has been stealing email and Facebook credentials and other user-profile information from Russian telecommunications, IT, and space research organizations. The attackers are grabbing email user accounts and passwords from Outlook, as well as information about the victims' email server."
cayenne8 writes "I've been a staunch advocate of NOT joining Facebook or Twitter or the other social networks to protect my privacy and to not voluntarily give all my personal information away to corporate America, or even the Government. However, I'm beginning to look into making money through various means on the side, one of them being photography/videography. With these mediums, being seen is critically important. Having a business facing site on Facebook/Google+ and even using Twitter can be great for self promotion, and can open up your business to a huge audience. If you were to open your FB and other social network accounts with business ONLY information, and keep your personal information (name, image, etc) off the Facebook account...will this keep your personal privacy still from them, or are their algorithms good enough to piece together who you are from the business only sites? Is the payoff worth the potential trade-off for generating potential customers for your business and guiding them to your primary website?"
hackingbear writes "One of the Chinese Web censorship's central features has long been blocking searches for the names of top leaders to maintain their public images. Sina Weibo, China's largest microblog service, unblocked searches for the names of many top political leaders in a possible sign of looser controls a month after new senior officials were named to head the ruling party, though a number of other senior leaders are still blocked on Weibo, including Premier Web Jiabao. That (President) Xi might be leading by example on softening Web censorship could be a promising sign for future reforms. It isn't on a major shift, but it could portend one."
tsamsoniw writes "PNC, Bank of America, SunTrust, and other major financial institutions have experienced a wave of DDoS attacks and site outages over the past couple of days, and Islamic extremist hacker group Izz ad-Din al-Qassam Cyber Fighters is claiming responsibility. The group, which launched similar attacks earlier this year, reiterated its demands: that a controversial YouTube video mocking the prophet Mohammed "be eliminated from the Internet.""
snydeq writes "A federal jury in Delaware has found Apple's iPhone infringes on three patents held by MobileMedia, a patent-holding company formed by Sony, Nokia and MPEG LA, InfoWorld reports. The jury found that the iPhone directly infringed U.S. patent 6,070,068, which was issued to Sony and covers a method for controlling the connecting state of a call, U.S. patent 6,253,075, which covers call rejection, and U.S. patent 6,427,078, which covers a data processing device. MobileMedia has garnered the unflattering descriptor "patent troll" from some observers. The company, which was formed in 2010, holds some 300 patents in all."
Last week, you asked questions of Eugene Kaspersky; below, find his answers on a range of topics, from the relationship of malware makers to malware hunters, to Kasperky Labs' relationship to the Putin government, as well as whitelisting vs. signature-based detection, Internet ID schemes, and the SCADA-specific operating system Kaspersky is working on. Spoiler: There are a lot of interesting facts here, as well as some teases.
interval1066 writes "In a breathtaking new move by (another) little-known national security agency, the personal information of all U.S. citizens will be available for casual perusal. The 'National Counterterrorism Center' (I've never heard of this org) may now 'examine the government files of U.S. citizens for possible criminal behavior, even if there is no reason to suspect them.' This is different from past bureaucratic practice (never mind due process) in that a government agency not in the list of agencies approved to to certain things without due process may completely bypass due process and store (for up to 5 years) these records, the organization doesn't need a warrant, or have any kind of oversight of any kind. They will be sifting through these records looking for 'counter-insurgency activity,' supposedly with an eye to prevention. If this doesn't wake you up and chill you to your very bone, not too sure there is anything that will anyway."
Frequent contributor Bennett Haselton writes: "Hotmail and Yahoo Mail are apparently sharing a secret blacklist of domain names such that any mention of these domains will cause a message to be bounced back to the sender as spam. I found out about this because — surprise! — some of my new proxy site domains ended up on the blacklist. Hotmail and Yahoo are stonewalling, but here's what I've dug up so far — and why you should care." Read on for much more on how Bennett figured out what's going on, and why it's a hard problem to solve.
netbuzz writes "A new law banning broadcasters from delivering TV commercials at a higher volume takes effect today at the end of a yearlong implementation period. Called the CALM Act, or Commercial Advertisement Loudness Mitigation Act, the law does provide for violators to be fined. TV commercials that crank up the volume have been the No. 1 complaint logged with the FCC over the last 10 years."
NewYorkCountryLawyer writes "Jammie Thomas-Rasset, the Native American Minnesotan found by a jury to have downloaded 24 mp3 files of RIAA singles, has filed a petition for certioriari to the United States Supreme Court, arguing that the award of $220,000 in statutory damages is excessive, in violation of the Due Process Clause. Her petition (PDF) argued that the RIAA's litigation campaign was 'extortion, not law,' and pointed out that '[a]rbitrary statutory damages made the RIAA's litigation campaign possible; in turn,that campaign has inspired copycats like the so-called Copyright Enforcement Group; the U.S. Copyright Group, which has already sued more than 20,000 individual movie downloaders; and Righthaven, which sued bloggers. This Court should grant certiorari to review this use of the federal courts as a scourge.'"