Slashdot contributor Bennett Haselton writes "A recent webinar for newsletter publishers suggested that if you want your emails not to be blocked as 'spam,' you paradoxically have to engage in some practices that contribute to the erosion of users' privacy, including some tactics similar to what many spammers are doing. The consequences aren't disastrous, but besides being a loss for privacy, it's another piece of evidence that free-market forces do not necessarily lead to spam filters that are optimal for end users." Read on for the rest of Bennett's thoughts.

Kyle Jacoby writes "The NSA was right when it postulated that the mere knowledge of the existence of their program could weaken its ability to function. Virtual Private Networks (VPNs), which serve to mask the source and destination of data by routing it through a third-party server, have been a popular method for maintaining internet anonymity for the paranoid and prudent. However, the all-but-silent fall of secure email server Lavabit, and VPN provider CryptoSeal, have shown us just how pervasive the government's eye on our communications is. These companies chose to fold rather than to divulge customer data entrusted to them, which raises the million-dollar question: how many have chosen to remain open and silently hand over the keys to your data? Google has decided to put the private back in VPN by supporting uProxy, a project developed at the University of Washington with help from Brave New Software. Still using a VPN schema, their aim is to keep the VPN amongst friends (literally). Of course, you'll need a friend who is willing to let you route your net through their tubes. Their simple integration into Firefox and Chrome will lower the barrier, creating a decentralized VPN architecture that would make sweeping pen register orders more difficult, and would also make blocking VPNs a rather difficult task for countries like China, who block citizens' access to numerous websites. On a related note, when will the public finally demand that communications which pass encrypted through a third party still retain an reasonable expectation of privacy (rendering them pen register order-resistant)?"

beerdragoon writes "One of Canada's biggest mobile and TV providers will soon begin collecting detailed information on usage patterns of its subscribers. Starting November 16th, Bell plans on using this information to provide targeted ads for subscribers. According to Bell this policy will allow customers 'to receive Internet advertising that's relevant to them rather than the random online advertising they're receiving now.' Customers have until the 16th to opt out of the targeted ads, but there doesn't appear to be a way to opt out of the data collection. Apparently this is not illegal, but it is certainly considered unethical by many."

schwit1 writes "Oregon is moving ahead with a controversial plan to tax motorists based on the number of miles they drive as opposed to the amount of fuel they consume, raising myriad concerns about cost and privacy. The problem for lawmakers is that the existing per-gallon gas tax has hit a point of diminishing returns, as Americans drive less and vehicles become more fuel efficient. Economists and civil libertarians are concerned about the Oregon pilot project in large part because some mileage meters can track and record residents' every vehicular move. Rick Geddes, a Cornell University professor, said the basic device is okay because it is simply attached to a vehicle's computer, which cannot track locations. However, Geddes said privacy concerns could resurface should governments expand the program and use SmartPhone or apps to track movements and reward motorists who avoid congested roads and drive during off-peak hours. Mark Perry, a University of Michigan scholar, says the GPS or 'black box' system is 'particularly untenable.'" Per-car tracking and taxation has been a long time coming in Oregon, and it's not the only state where such an idea's been floated.

An anonymous reader writes "As described on the DigitalBond blog, a security researcher was subjected to a court ordered search in which a lack of pre-notification was premised on his self description as a 'hacker.' From the court order, 'The tipping point for the Court comes from evidence that the defendants – in their own words – are hackers. By labeling themselves this way, they have essentially announced that they have the necessary computer skills and intent to simultaneously release the code publicly and conceal their role in that act.'"

cartechboy writes "Texas is known for having the nation's most draconian anti-Tesla rules, based on intense and cash-rich lobbying and political donations by Texas car dealers. What's amazing is what would-be Tesla owners still have to do to get their hands on--and maintain--a Tesla Model S. How do you buy a car the laws try to stop you from owning? By jumping through wacky hoops, it turns out. Tesla store staff, for example, can't tell visitors how much a Model S costs. They can't give test drives, and they can't discuss financing options. Tesla service centers are banned from showing the company logo — or advertising that they do Tesla warranty work or service at all. So how have 1,000 Model S cars been sold? That would be sheer persistence."

Bob the Super Hamste writes "The New York Times is reporting that the TSA is now doing background investigations on passengers before they arrive at the airport. The publicly stated reason for this is that it is to streamline the security procedures at airports allowing more passengers to receive less scrutiny while at the air port but this new authority allows the TSA additional information about each traveler. The prescreening that is being performed for domestic travel now uses a simiar standard to that of foreign individuals who where entering the US. The new measures go beyond what is used in the Secure Flight program and while light on details mentions that the passengers passport number will be used. The article does however point out the data sources that are available to the TSA to conduct these pre-screening with such as tax identification number, past travel itineraries, property records, physical characteristics, and law enforcement or intelligence information. Also mentioned is that individuals who do not have a passport will not be subjected to the rules and from my reading will not be eligible for lesser screening at that airport. The stated goal of this program is to have 25% of all airline passengers in the US receive lighter screening at the airport so that they don't have to take their shoes off, remove jackets, or remove laptops from bags. Additionally passengers who are in higher risk categories can receive additional screenings. Also mentioned is that all passengers are currently prescreened and that airlines are required to share your passport data with the TSA if they have it." One thing I've noticed as a passenger is that the most dangerous-feeling aspect of flying right now seems to be the winding security line itself.

An anonymous reader writes with this excerpt: "David Cameron has attacked Facebook as irresponsible for lifting a ban on videos of beheadings being posted on its site. The prime minister said the social network must explain its decision to allow images showing decapitations to worried parents. Facebook has said users should be free to view such videos and then condemn the content. Cameron wrote on Twitter: 'It's irresponsible of Facebook to post beheading videos, especially without a warning. They must explain their actions to worried parents.' Facebook introduced a temporary ban on such videos in May but has since decided to remove the block on the grounds that the site is used to share information about world events, such as acts of terrorism and human rights abuses."

Trailrunner7 writes "A security researcher discovered a simple vulnerability in Verizon Wireless's Web-based customer portal that enabled anyone who knows a subscriber's phone number to download that user's SMS message history, including the numbers of the people he communicated with. The vulnerability, which has been resolved now, resulted from a failure of the Verizon Web app to check that a number entered into the app actually belonged to the user who was entering it. After entering the number, a user could then download a spreadsheet file of the SMS activity on a target account. Cody Collier, the researcher who discovered the vulnerability, said he decided right away to report it to Verizon because he is a Verizon customer and didn't want others to have access to his account information. 'I am a Verizon Wireless customer myself, so upon finding this, I immediately looked for a way to contact Verizon. I wouldn't want my account information to exposed in such way,' Collier said via email."

sl4shd0rk writes "CryptoSeal Privacy, a VPN provider, has closed down its consumer VPN service. The company says it has zeroed its crypto keys, adding, 'Essentially, the service was created and operated under a certain understanding of current U.S. law, and that understanding may not currently be valid. As we are a US company and comply fully with U.S. law, but wish to protect the privacy of our users, it is impossible for us to continue offering the CryptoSeal Privacy consumer VPN product.' The announcement ends with a warning: 'For anyone operating a VPN, mail, or other communications provider in the U.S., we believe it would be prudent to evaluate whether a pen register order could be used to compel you to divulge SSL keys protecting message contents, and if so, to take appropriate action.' Sounds like another victim of FISA-endorsed NSA activity."

realized writes "Experian — one of the three national U.S. credit bureaus — reportedly sold SSNs through its subsidiary, Court Ventures, to the operators of SuperGet.info who then offered all of the information online for a price. The website would advertise having '99% to 100% of all USA' in their database on websites frequented by carders. Hieu Minh Ngo, the website owner, was recently been indicted for 15-counts filed under seal in November 2012, charging him with conspiracy to commit wire fraud, substantive wire fraud, conspiracy to commit identity fraud, substantive identity fraud, aggravated identity theft, conspiracy to commit access device fraud, and substantive access device fraud."

itwbennett writes "It's no secret that the healthcare.gov website has been plagued by problems since its launch 3 weeks ago. On Sunday, the Department of Health and Human Services said that it's now bringing in the big guns: 'Our team is bringing in some of the best and brightest from both inside and outside government to scrub in with the [HHS] team and help improve HealthCare.gov,' the blog post reads. 'We're also putting in place tools and processes to aggressively monitor and identify parts of HealthCare.gov where individuals are encountering errors or having difficulty using the site, so we can prioritize and fix them.' Other emergency measures being taken as part of what HHS calls a 'tech surge' include defining new test processes to prevent new problems and regularly patching bugs during off-peak hours. Still unclear is how long it will take to fix the site. As recently reported on Slashdot, that could be anywhere from 2 weeks to 2 months."

rtoz writes "The US National Security Agency (NSA) has been intercepting French telephone calls 'on a massive scale,' according to a report published in Le Monde. According to Le Monde, the NSA recorded millions of telephone calls placed by French citizens over a 30-day period last year, including some placed by people with no connections to terrorist organizations. France called in the U.S. ambassador to protest the alleged large-scale spying on French citizens by NSA."

New submitter stewartrob70 writes with an explanation of the inadvertent (or at least unwarranted) blocking of innocuous sites that UK ISPs Virgin and Sky are engaged in, as reported by PC Pro. The ISPs' filtering systems "appear to be blocking innocent third-party sites with apparently little or no human oversight." stewartrob70 excerpts from a blog posting with an explanation of why: "In order to understand why this specific issue happened, you need to be familiar with a quirk in how DNS is commonly used in third-party load-balanced site deployments. Many third-party load balanced systems, for example those using Amazon's AWS infrastructure, are enabled by pointing CNAME records at names controlled by those third-party systems. For example www.example.com may be pointed at loadbalancer.example.net. However, 'example.com' usually cannot be directly given a CNAME record (CNAME records cannot be mixed with the other record types needed such as those pointing to nameservers and mailservers). A common approach is to point "example.com" to a server that merely redirects all requests to 'www.example.com.' From forum posts we can see that it's this redirection system, in this specific case an A record used for 'http-redirection-a.dnsmadeeasy.com,' that has been blocked by the ISPs — probably a court-order-blocked site is also using the service — making numerous sites unavailable for any request made without the ''www' prefix."

reifman writes "Perhaps the reason the NSA's surveillance programs are so unpopular with Americans is that we haven't seen any of the potential consumer benefits that spying and big data can provide. Here are ten ideas for the productization and monetization of the NSA's spying infrastructure to inspire Americans to consider the bright side of the dark arts." In case anyone doesn't notice, these suggestions (at least most of them) are presented tongue-in-cheek; a truly secure email system, though, is another story.

McGruber writes "Over at Bloomberg Businessweek, Paul Ford explains that the debacle known as healthcare.gov makes clear that it is time for the government to change the way it ships code: namely, by embracing the open source approach to software development that has revolutionized the technology industry." That seems like the only way to return maximum value to the taxpayers, too.

An anonymous reader writes "University of Nebraska-Lincoln professor Matt Waite waived a government cease and desist letter recently received for his experiments using 3-pound, $500 drones for news reporting (specifically, for a story about drought in Nebraska). He gave journalism organizations the lowdown on what they can expect from the government on this front going forward and said he's posting his experience in trying to get certified by the FAA on GitHub so they can follow along."

rtoz writes "The National Security Agency (NSA ) of United States hacked into the Mexican president's public email account and gained deep insight into policymaking and the political system. The news is likely to hurt ties between the US and Mexico. This operation, dubbed 'Flatliquid,' is described in a document leaked by whistleblower Edward Snowden. Meanwhile U.S. President Barack Obama's administration is urging the Supreme Court not to take up the first case it has received on controversial National Security Agency cybersnooping."

An anonymous reader writes "In a talk at Y Combinator's startup school event, Stanford lecturer Balaji Srinivasan explained his vision for governing systems of the future. The idea is to find space to set up a new 'opt-in' society outside existing governments, and design it to take full advantage of technology to keep people in control of their own lives. That means embracing tech that subverts existing industries and rejecting regulation on new ways of doing things. '[N]ew industries are simultaneously disrupting existing ones while also exiting the system entirely, he says. With 3D printing, regulation is being turned into DRM. With quantified self, medicine is going mobile. With Bitcoin, capital control becomes packet filtering. All of these examples, Srinivasan says, are ways in which technology is allowing people to exit current systems like physical product production and distribution; personal health; and finance in favor of spaces of their own creation.' Srinivasan's ideas are a natural extension of a few proposals already in the works — Peter Thiel has been trying to build a small tech incubator city that floats in international waters, outside of government control. Elon Musk wants to have a Mars colony, and Larry Page has wished for a tech-centric Burning man that's free from government regulation. 'The best part is this,' Srinivasan said. 'The people who think this is weird, the people who sneer at the frontier, who hate technology, won't follow you there.'"

An anonymous reader writes "Richard Schiffman writes in The Guardian that the Republican-led shutdown of the U.S. government caused significant damage to many scientific programs. For example: shortly before the shutdown started, over a hundred scientists had gathered to perform critical equipment tests on the James Webb Space Telescope — Hubble's successor — and that work was unable to continue without the government around. 'Not only did this delay cost the program an estimated $1M a day, but, given NASA's tight schedule, some tests may never get done now.' It doesn't stop there: 'This is only one of untold thousands of projects that were mothballed when Congress's failure to approve a budget defunded the US government at the start of the month. Federal websites were taken offline, scientists couldn't receive emails, attend meetings, or interact with their colleagues. Crucial environmental, food safety and climate monitoring programs were either suspended, or substantially scaled back.' Schiffman provides a few more examples, including one project that's losing a year's worth of work and equipment that will end up buried under snow in Antarctica. But it goes beyond even the basic funding issues; in many cases, scientific work is simply too intertwined with the government to continue without it. Andrew Rosenberg, the director of the Union of Concerned Scientists' center for science and democracy, said, 'It is all so interconnected now. Federal researchers collect data that is utilized by researchers in academia, by people working in industry, at state and local levels, so when you ask how dependent are we on the federal government in terms of science, it's a bit like asking: do you need your left leg?'"