An anonymous reader sends this quote from an IDG News report: "The Dutch government's cyber security center has published guidelines (in Dutch) that it hopes will encourage ethical hackers to disclose security vulnerabilities in a responsible way. The person who discovers the vulnerability should report it directly and as soon as possible to the owner of the system in a confidential manner, so the leak cannot be abused by others. Furthermore, the ethical hacker will not use social engineering techniques, nor install a backdoor or copy, modify or delete data from the system, the NCSC specified. Alternatively a hacker could make a directory listing in the system, the guidelines said. Hackers should also refrain from altering the system and not repeatedly access the system. Using brute-force techniques to access a system is also discouraged, the NCSC said. The ethical hacker further has to agree that vulnerabilities will only be disclosed after they are fixed and only with consent of the involved organization. The parties can also decide to inform the broader IT community if the vulnerability is new or it is suspected that more systems have the same vulnerability, the NCSC said."
Catch up on stories from the past week (and beyond) at the Slashdot story archive
RocketAcademy writes "A group of New Mexico legislators is warning that the $200-million Spaceport America 'could become a ghost town, with tumbleweeds crossing the runways' if trial lawyers succeed in blocking critical liability legislation. The warning came in a letter to the Albuquerque Journal [subscription or free trial may be required]. Virgin Galactic has signed a lease to become the spaceport's anchor tenant, but may pull out if New Mexico is unable to provide liability protection for manufacturers and part suppliers, similar to legislation already passed by Texas, Colorado, Florida, and Virginia. The proposed legislation is also similar to liability protection which New Mexico offers to the ski industry. An eclectic group of business and civic interests has formed the Save Our Spaceport Coalition to support passage of the liability reform legislation, which is being fought by the New Mexico Trial Lawyers Association."
New submitter MouseTheLuckyDog writes "The patent office is reviewing its policy on software patents and is asking for feedback (PDF). Groklaw reports that the USPTO will be hosting a pair of roundtable sessions in February, during which the public will have the ability to attend and put forth their viewpoints. From the article: 'It's obvious the USPTO realizes there is serious unhappiness among software developers, and they'd like to improve things. Software developers are the folks most immediately and directly affected by the software patents the USPTO issues, and it's getting to the point that no one can code anything without potentially getting sued. I don't wish to be cynical, though, as that's a useless thing. So maybe we should look at it as an opportunity to at least be heard. It's progress that they even thought about having a dialogue with developers, if you look at it that way.' If you can make it to Silicon Valley on February 12 or New York City on February 27, go and make your voice heard."
New submitter tian2992 writes "The new terms for the Android SDK now include phrases such as 'you may not: (a) copy (except for backup purposes), modify, adapt, redistribute, decompile, reverse engineer, disassemble, or create derivative works of the SDK or any part of the SDK' among other non-Free-software-friendly terms, as noted by FSF Europe's Torsten Grote. Replicant, a free fork of Android, announced the release of Replicant SDK 4.0 based on the latest sources of the Android SDK without the new terms."
silentbrad writes in with a story about a Sony patent that would block the playing of second-hand games. "... the patent application was filed on 9 December 2012 by Sony Computer Entertainment Japan, and will work by linking individual game discs to a user's account without requiring a network connection meaning any future attempt to use this disc on another user's console won't work. The patent explains that games will come with contactless tags that will be read by your console in much the same way as modern bank cards. When a disc is first used, the disc ID and player ID will be stored on the tag. Every time the disc is used in future, the tag will check if the two ID's match up and, if not, then the disc won't work. The document goes on to explain that such a device is part of Sony's ongoing efforts to deter second-hand games sales, and is a far simpler solution than always-on DRM or passwords. It's worth noting that Sony has not confirmed the existence of the device, and the patent doesn't state what machine it will be used in, with later paragraphs also mentioning accessories and peripherals. ... There's also the issue of what happens should your console break and need replacing, or if you have more than one console. Will the games be linked to your PSN account, meaning they can still be used, or the console, meaning an entire new library of titles would need to be purchased?"
An anonymous reader writes a court has dismissed Apple's allegations that Amazon's use of the "app store" phrase constituted false advertising. "Apple's efforts to protect its intellectual property sometimes result in lawsuits that leave even the most ardent of Apple fans scratching their heads. One such suit was Apple's March 2011 lawsuit against Amazon over the retailer's use of the phrase 'app store' as used in its Amazon Appstore for Android. "
linuxwrangler writes "Two teens are behind bars after hatching a plan that involved drugging milkshakes they gave to the parents of one of the kids. The parents were suspicious after waking groggy the next day, and used a home drug-test on one of the remaining drinks. The teens came up with the plan in order to avoid their 10pm Internet curfew."
Hugh Pickens writes "Facing a $10 billion revenue shortfall for transportation financing, the Oregon Legislature is expected to consider a bill to require drivers with a vehicle getting at least 55 miles per gallon of gasoline to pay a per-mile tax after 2015 to offset the loss in tax revenue for fuel efficient cars at the gas pump, where the government has traditionally collected money to build and fix roads. Oregonians currently pay 30 cents per gallon, a tax that is automatically added at the pump, but as cars become more fuel efficient and alternative fuel sources are identified, state officials project gas tax revenue will decline. 'Everybody uses the road, and if some pay and some don't, then that's an unfair situation that's got to be resolved,' says Jim Whitty of the Department of Transportation. Opponents of the Oregon proposal say it will hurt a new industry. 'It will be one more obstacle that the industry and auto dealers will face in convincing consumers to buy these new cars,' says Paul Cosgrove, a lobbyist for the Alliance of Automobile Manufacturers. Other states, such as Nevada and Washington, are also looking at a per-mile charge and a Washington law that would charge electric car owners an annual fee goes into effect in February. Oregon did a pilot study of the mileage tax (PDF) where participants paid 1.56 cents per mile and got a credit for any gasoline tax they paid at the pump. Although initial media portrayals of the system were almost uniformly negative, 91% of test participants preferred the mileage tax to paying gas taxes."
Bobfrankly1 writes "Robert Stuart and his company Extensions Software are being charged by New York authorities, claiming he is promoting gambling in New York because of the actions of his clients. They are charging him after he rejected a plea agreement that would have him plead guilty to lesser charges, adding backdoors to his software, and using said backdoors to gather details on his clients and their customers." Another article on the case at Salon.
itwbennett writes "According to an ITworld report, 'Google has agreed to change some of its business practices, including allowing competitors access to some standardized technologies, to resolve a U.S. Federal Trade Commission antitrust complaint against the company.' This includes 'allow[ing] competitors access to standards-essential patents the company acquired along with its purchase of Motorola Mobility.' Also among the business practices Google has agreed to stop is 'scraping Web content from rivals and allegedly passing it off as its own, said FTC Chairman Jon Leibowitz.'" SlashCloud has some more details, including links to the agreement itself and Google's soft-pedaling description of "voluntary product changes."
Frequent contributor Bennett Haselton writes this week with his explanation of how an improved algorithm on the White House's petition-creation site could do away with Death Star petitions and even improve on the existing serious ones. Read on below for his modest proposal on that front.
cathyreisenwitz writes "The 2012 bankruptcy of Rhode Island-based video-game developer 38 Studios isn't just a sad tale of a start-up tech company falling victim to the vagaries of a rough economy. It is a completely predictable story of crony capitalism, featuring star-struck legislators and the hubris of a larger-than-life athlete completely unprepared to compete in business." Reason makes no bones about its view of this kind of public-private "partnership."
DavidGilbert99 writes with this excerpt from IB Times: "The Sandy Hook shooting once again raised the debate about how much power violent videogames wield over teenagers. Following proclamations from the National Rifle Association and the establishment of a study by the National Academy of Sciences to investigate the psychological effects of violent games on children, a group in Connecticut is now having its say Southington, a town 30 miles from where the shooting took place, is offering gift tokens in exchange for violent videogames, as well as other violent media such as DVDs or videos. The group, called SouthingtonSOS, said in a statement: 'There is ample evidence that violent video games, along with violent media of all kinds, including TV and movies portraying story after story showing a continuous stream of violence and killing, has contributed to increasing aggressiveness, fear, anxiety and is desensitizing our children to acts of violence including bullying.'" And Yes, they plan to destroy the traded-in games. (Note: Beware the obnoxious auto-playing video ad with sound; adjust volume accordingly.)
Curseyoukhan writes "Infosec vendor IID (Internet Identity) probably hopes that by the time 2014 rolls around no one will remember the prediction it just made. That is the year it says we will see the first murder via internet connected device. The ability to do this has been around for quite some time but the company won't say why it hasn't happened yet. Probably because that would have screwed up their fear marketing. CIO blogger challenges them to a $10K bet over their claim."
inode_buddha writes "Not long ago we ran a story about how a NY newspaper published lists of gun owners. Now, it seems the same newspaper has hired armed guards in response to unspecified threats to the editor, amid 'large volumes of negative response.' From the article: 'The editor, Caryn McBride, told police the newspaper hired a private security company whose "employees are armed and will be on site during business hours," the report said. The guards are protecting the newspaper's staff and Rockland County offices in West Nyack, New York.'"