itwbennett writes "As Slashdot readers will remember, last month the U.S government 'petitioned the court system' to let the NSA retain phone call metadata for more than 5 years, ironically 'because it needs to preserve it as evidence for the various privacy lawsuits filed against the government.' Well, the Foreign Intelligence Surveillance Court has ruled against that request. The FISC's Presiding Judge Reggie B. Walton ruled Friday (PDF) that the proposed amended procedures would further infringe on the privacy interests of U.S. persons whose 'telephone records were acquired in vast numbers and retained by the government for five years to aid in national security investigation.'"
SlashBI: Your dashboard for the latest in business-intelligence news and analysis.
colinneagle writes "Speaking at the SXSW Conference recently, Dr. Peter W. Singer, director of the Center for 21st Century Security and Intelligence, recalled one U.S. official who was 'about to negotiate cybersecurity with China' asking him to explain what the term 'ISP' (Internet Service Provider) means. This wasn't the only example of this lack of awareness. 'That's like going to negotiate with the Soviets and not knowing what "ICBM" means,' Dr. Singer said. 'And I've had similar experiences with officials from the UK, China and Abu Dhabi.' Similarly, Dr. Singer recalled one account in which Janet Napolitano, the Secretary of the U.S. Homeland Security Department from 2009 to 2013, admitted that she didn't use email 'because she just didn't think it was useful.' 'A Supreme Court justice also told me "I haven't got round to email yet" — and this is someone who will get to vote on everything from net neutrality to the NSA negotiations,' Dr. Singer said."
Nerval's Lobster writes "In a Google Hangout with an auditorium full of South by Southwest attendees, government whistleblower (and former NSA employee) Edward Snowden suggested that encrypted communication should become more ubiquitous and easier to use for the majority of Internet denizens. 'The way we interact with [encrypted email and communications] is not good,' he said from somewhere within Russia, where he resides under the conditions of a one-year asylum. 'It needs to be out there, it needs to happen automatically, it needs to happen seamlessly.' For his part, Snowden still believes that companies should store user data that contributes directly to their respective business: 'It's not that you can't collect any data, you should only collect the data and hold it as long as necessary for the operation of the business.' He also couldn't resist some choice swipes at his former employer, accusing high-ranking intelligence officials Michael Hayden and Keith Alexander of harming the world's cyber-security—and by extension, United States national security—by emphasizing offensive operations over the defense of communications. 'America has more to lose than anyone else when every attack succeeds,' Snowden said. 'When you are the one country that has sort of a vault that's more full than anyone else's, it makes no sense to be attacking all day.'"
An anonymous reader writes "USA Today reports, "Ukraine may have to arm itself with nuclear weapons if the United States and other world powers refuse to enforce a security pact that obligates them to reverse the Moscow-backed takeover of Crimea, a member of the Ukraine parliament told USA TODAY. The United States, Great Britain and Russia agreed in a pact 'to assure Ukraine's territorial integrity' in return for Ukraine giving up a nuclear arsenal it inherited from the Soviet Union after declaring independence in 1991, said Pavlo Rizanenko, a member of the Ukrainian parliament. ... Russian President Vladimir Putin said that the commitments in the agreement are not relevant to Crimea because a 'coup' in Kiev has created 'a new state with which we have signed no binding agreements.' The U.S. and U.K. have said that the agreement remains binding and that they expect it to be treated 'with utmost seriousness, and expect Russia to, as well.'"
First time accepted submitter Trachman writes in with news about a monitoring program designed to help stop future leaks of government documents. "U.S. intelligence officials are planning a sweeping system of electronic monitoring that would tap into government, financial and other databases to scan the behavior of many of the 5 million federal employees with secret clearances, current and former officials told The Associated Press. The system is intended to identify rogue agents, corrupt officials and leakers, and draws on a Defense Department model under development for more than a decade, according to officials and documents reviewed by the AP."
SmartAboutThings writes "There's been a lot of brouhaha surrounding privacy these days, and despite the fact that Pinterest isn't among the most targeted websites when it comes to government data requests, the company, which is said to have near 80 million users, has decided to make public its first ever transparency report. Given the nature of the service and the fact that it is much smaller than Facebook, it was only natural not to expect too many data requests. According to Pinterest's report, from July to December 2013, the company has received only 7 warrants, 5 subpoenas, 1 civil subpoena, and 0 other requests about 13 user accounts. Compare that to Microsoft which has received more than 35,000 requests during the second half of last year while Facebook received somewhere around 15,000."
The Verge reports that "Tokyo-based Bitcoin exchange Mt. Gox lost $400 million worth of bitcoins in February. Its management said the amount was stolen after hackers exploited a transaction bug to divert the funds, but some of Mt. Gox's users are not so sure, suggesting instead that the exchange's owners pocketed the cash. Now, facing silence from those owners about the fate of the money and the methods by which 6 percent of all of the Bitcoin in the world could have been stolen, a group of hackers claims it has broken into the bankrupted Bitcoin exchange's network to get answers. ... Forbes reports that the group gained access to the personal blog and Reddit account of Mark Karpeles, Mt. Gox's CEO. The hackers used the platforms to post a message that claimed Karpeles still had access to some of the bitcoins that he'd reported stolen. In support of the claim, they uploaded a series of files that included a spreadsheet of more than a million trades, Karpeles' home addresses, and a screenshot purportedly confirming the hackers' access to the data." (The Forbes article on which the Verge report is based.)
As reported by the Washington Post, Edward Snowden denies in no uncertain terms the idea that he failed to go through proper channels to expose what he thought were troubling privacy violations being committed by the NSA, and that he observed as a contractor employed by the agency. The article begins: "[Snowden] said he repeatedly tried to go through official channels to raise concerns about government snooping programs but that his warnings fell on the deaf ears. In testimony to the European Parliament released Friday morning, Snowden wrote that he reported policy or legal issues related to spying programs to more than 10 officials, but as a contractor he had no legal avenue to pursue further whistleblowing." Further, "Elsewhere in his testimony, Snowden described the reaction he received when relating his concerns to co-workers and superiors. The responses, he said, fell into two camps. 'The first were well-meaning but hushed warnings not to "rock the boat," for fear of the sort of retaliation that befell former NSA whistleblowers like Wiebe, Binney, and Drake.' All three of those men, he notes, were subject to intense scrutiny and the threat of criminal prosecution."
sciencehabit writes "New data show that after remaining more or less steady for a decade, the number of investigators with National Institutes of Health (NIH) funding dropped sharply last year by at least 500 researchers and as many as 1000. Although not a big surprise—it came the same year that NIH's budget took a 5% cut—the decline suggests that a long-anticipated contraction in the number of labs supported by NIH may have finally begun."
An anonymous reader writes with an excerpt from an intriguing article at TechDirt about the sometimes very low-tech methods of the East German Stasi. They may have been using more pencils than computers, but they were gathering information on their targets using the same kind of metadata whose significance the U.S. government has lately been downplaying: "They amassed dossiers on about one quarter of the population of the country during the Communist regime. But their spycraft — while incredibly invasive — was also technologically primitive by today's standards. While researching my book Dragnet Nation, I obtained the above hand drawn social network graph and other files from the Stasi Archive in Berlin, where German citizens can see files kept about them and media can access some files, with the names of the people who were monitored removed. The graphic shows forty-six connections, linking a target to various people (an 'aunt,' 'Operational Case Jentzsch,' presumably Bernd Jentzsch, an East German poet who defected to the West in 1976), places ('church'), and meetings ('by post, by phone, meeting in Hungary')."
An anonymous reader writes "Google is facing investigation by the Competition Commission of India and potentially faces fines up to 10% of its three-year average turnover. While Google has settled anti-trust cases in the U.S. and the European Union, India's competition regime does not have provisions for settlement process." From the Times of India article linked: "The complaint against Google, also one of the world's most valued company, was first filed by advocacy group CUTS International way back in late 2011. Later, matrimonial website matrimony.com also filed a complaint. Referring to Google's settlement with the European Commission, matrimony.com counsel Ferida Satarawala said: 'Google's unfair use of trademarks as well as its retaliatory conduct are not specifically addressed in the European settlement and are distinct theories of harm being pursued by the CCI. Therefore, this settlement is unlikely to address CCI's concerns in our case.'"
First time accepted submitter DTentilhao writes "On Friday, Glenn Greenwald's new website The Intercept published a number of internal NSA documents that didn't necessarily reveal any great state secrets, but instead cast some light on the NSA's office culture. Those documents, leaked by former security contractor Edward Snowden, were actually from an advice column series, written by a 20-year veteran of NSA management under the pen name 'Zelda.'" Here's the Intercept report.
Daniel_Stuckey writes with an excerpt from his story at Motherboard: "Yesterday, I got as close as any media physically can to Barrett Brown, the American journalist that was locked up in late 2012 for pasting a hyperlink in a chatroom, which federal prosecutors alleged contained leaked credit card data from the Statfor hacks. Due to a media gag order upheld by the US District Court in the Northern District of Texas, Brown isn't allowed to make "any statement to members of any television, radio, newspaper, magazine, internet (included, but not limited to bloggers)," with the exception of Kevin M. Gallagher, who heads his defense fund. ... Earlier this week, US Attorney Sarah Saldaña filed a motion to dismiss 11 of Brown's charges, namely those related to the pasted hyperlink (including trafficking in stolen authentication features, aggravated identity theft, and access device fraud). The motion came as both a victory for Brown's case, and a sigh of relief to supporters who have continuously cited the absurdity of his charges related to hyperlinking."
First time accepted submitter paddysteed writes "I go to secondary school in the UK. I went digging around the computers there and found that on the schools machines, there was a root CA from the school. I then suspected that the software they instruct windows users to install on their own hardware to gain access to the BYOD network installed the same certificate. I created a windows virtual machine and connected to the network the way that was recommended. Immediately afterwards I checked the list of root CA's, and found my school's. I thought the story posted a few days ago was bad, but what my school has done is install their certificate on people's own machines — which I think is far worse. This basically allows them to intercept and modify any HTTPS traffic on their network. Considering this is a boarding school, and our only method of communicating to the outside world is over their network, I feel this is particularly bad. We were not told about this policy and we have not signed anything which would excuse it. I confronted the IT department and they initially denied everything. I left and within five minutes, the WiFi network was down then as quickly as it had gone down, it was back up. I went back and they confirmed that there was a mistake and they had 'fixed' it. They also told me that the risk was very low and the head of networks told me he was willing to bet his job on it. I asked them to instruct people to remove the bad certificate from their own machines, but they claimed this was unnecessary due to the very low risk. I want to take this further but to get the school's management interested I will need to explain what has happened and why it is bad to non-technical people and provide evidence that what has been done is potentially illegal."
malachiorion writes with this report from Popular Science"Seventy-four years ago, Russia accomplished what no country had before, or has since: it sent armed ground robots into battle. These remote-controlled Teletanks took the field during one of WWII's earliest and most obscure clashes, as Soviet forces pushed into Eastern Finland for roughly three and a half months, from 1939 to 1940. The workings of those Teletanks were cool, though they were useless against Germany, and Russia proceeded to fall behind the developed world in military robotics."