Crime

TeslaCrypt Isn't All That Cryptic 33

Posted by timothy
from the nelson-laugh dept.
citpyrc writes: TeslaCrypt, the latest-and-greatest ransomware branch off of the CryptoWall family, claims to the unwitting user that his/her documents are encrypted with "a unique public key generated for this computer". This coudn't be farther from truth. In actuality, the developers of this malware appear to have been lazy and implemented encryption using symmetric AES256 with a decryption key generated on the user's machine. If any of your machines are afflicted, Talos has developed a tool that can be used to generate the user's machine's symmetric key and decrypt all of the ransomed files.
Businesses

ATT, DirecTV Mega-Merger May Go Through 57

Posted by timothy
from the so-long-as-the-destruction-is-creative dept.
An anonymous reader writes: Hot on the heels of Comcast's failed attempt to swallow up Time Warner Cable, AT&T's pursuit of satellite provider DirecTV is plowing forward. What would be the result of a wireline and cellular mega-monopoly buying one of only two subscription satellite TV providers? Has to be worse than a Comcast/TWC marriage ... at least there, the territories and services offered didn't overlap at all, but AT&T offers voice, data, and television in many markets already. Adding satellite would stifle competition for television services (and to a lesser extent, because satellite is only best suited for rural installations, data).
Privacy

New Privacy Threat: Automated Vehicle Occupancy Detection 124

Posted by Soulskill
from the shades-of-minority-report dept.
An anonymous reader writes: The Electronic Frontier Foundation is warning against a new potential privacy threat: cameras that look inside cars and try to identify how many people are inside. This technology is a natural combination of simpler ones that have existed for years: basic object recognition software and road-side cameras (red light cameras, speeding cameras, license plate readers — you name it). Of course, we can extrapolate just a bit further, and point out that as soon as the cameras have high enough resolution, they can start running face recognition algorithms on the images, and determine the identities of a vehicle's occupants.

"The San Diego Association of Governments (SANDAG), a government umbrella group that develops transportation and public safety initiatives across the San Diego County region, estimates that 15% of drivers in High Occupancy Vehicle (HOV) lanes aren't supposed to be there. After coming up short with earlier experimental projects, the agency is now testing a brand new technology to crack down on carpool-lane scofflaws on the I-15 freeway. ... In short: the technology is looking at your image, the image of the people you're with, your location, and your license plate. (SANDAG told CBS the systems will not be storing license plate data during the trial phase and the system will, at least for now, automatically redact images of drivers and passengers. Xerox's software, however, allows police the option of using a weaker form of redaction that can be reversed on request.)"
The Courts

Texas Admonishes Judge For Posting Facebook Updates About Her Trials 91

Posted by samzenpus
from the was-that-wrong? dept.
An anonymous reader writes: Michelle Slaughter, a Galveston County judge, says she will appeal a public admonition from state officials that criticized her Facebook posts about cases brought before her court. From the article: "The State Commission on Judicial Conduct ordered Michelle Slaughter, a Galveston County judge, to enroll in a four-hour class on the 'proper and ethical use of social media by judges.' The panel concluded that the judge's posts cast 'reasonable doubt' on her impartiality. At the beginning of a high-profile trial last year in which a father was accused of keeping his nine-year-old son in a six-foot by eight-foot wooden box, the judge instructed jurors not to discuss the case against defendant David Wieseckel with anyone. 'Again, this is by any means of communication. So no texting, e-mailing, talking person to person or on the phone or on Facebook. Any of that is absolutely forbidden,' the judge told jurors. But Slaughter didn't take her own advice, leading to her removal from the case and a mistrial. The defendant eventually was acquitted of unlawful-restraint-of-a-child charges."
The Almighty Buck

Supreme Court To Consider Data Aggregation Suit Against Spokeo 62

Posted by samzenpus
from the getting-the-numbers-right dept.
BUL2294 writes: Consumerist and Associated Press are reporting that the Supreme Court has taken up the case of Spokeo, Inc. v. Robins — a case where Spokeo, as a data aggregator, faces legal liability and Fair Credit Reporting Act violations for providing information on Thomas Robins, an individual who has not suffered "a specific harm" directly attributable to the inaccurate data Spokeo collected on him.

From SCOTUSblog: "Robins, who filed a class-action lawsuit, claimed that Spokeo had provided flawed information about him, including that he had more education than he actually did, that he is married although he remains single, and that he was financially better off than he actually was. He said he was unemployed and looking for work, and contended that the inaccurate information would make it more difficult for him to get a job and to get credit and insurance." So, while not suffering a specific harm, the potential for harm based on inaccurate data exists. Companies such as Facebook and Google are closely watching this case, given the potential of billions of dollars of liability for selling inaccurate information on their customers and other people.
Privacy

The Sun Newspaper Launches Anonymous Tor-Based WikiLeaks-Style SecureDrop 63

Posted by samzenpus
from the keeping-your-name-out-of-it dept.
Mark Wilson writes: The likes of Julian Assange's WikiLeaks have set the standard for blowing the lid on huge stories based on tips from anonymous sources. Whistle-blowers such as Edward Snowden have brought to public attention stories which would otherwise have been kept hidden from the public, and it has been with the help of newspapers such as the Guardian that this information has been disseminated around the world.

Other newspapers are keen to ride on the coattails of those blazing a trail in the world of investigative journalism, and the latest to join the party is The Sun. Today, Murdoch-owned News Corp's newspaper and website launches SecureDrop — a way for whistle-blowers to anonymously leave tip-offs that can be further investigated.

The cloud service provides a means of getting in touch with journalists at The Sun without giving up anonymity — something which is particularly important when making revelations about companies and governments. The site provides a basic guide to getting started with the SecureDrop service, starting off with pointing would-be users in the direction of the Tor Browser Bundle.
Google

Google Launches a Marketplace To Buy Patents From Interested Sellers 39

Posted by samzenpus
from the fighting-the-trolls dept.
An anonymous reader writes: Google has announced an experimental marketplace called the Patent Purchase Promotion, which aims to keep patents out of the hands of patent trolls. From the announcement: "By simplifying the process and having a concentrated submission window, we can focus our efforts into quickly evaluating patent assets and getting responses back to potential sellers quickly. Hopefully this will translate into better experiences for sellers, and remove the complications of working with entities such as patent trolls."
Government

Indian Telecom Authority Releases a Million Email IDs, Taken Down By Hackers 21

Posted by samzenpus
from the naming-names dept.
knwny writes: In a bizarre move that threatens the privacy of over a million internet users in India, the Telecom Regulatory Authority of India (TRAI) has released the list of email IDs from which it received responses regarding net neutrality. Most of these responses were sent by the general public following a massively popular online campaign to protect Internet neutrality in India. The regulatory body says that it has received large number of comments from the stakeholders on its Consultation paper on "Regulatory Framework for OTT services". So to aid the reading of comments, it has divided them into three blocks — "comments from the service providers," "comments from the service providers' association" and "comments from other stakeholders'"(this includes individuals, organizations, consulting firms etc). In the meantime, the TRAI website remains inaccessible after a DDoS attack by Anonymous India, the hacker collective, apparently in retaliation for the data release.
United States

Officials Say Russian Hackers Read Obama's Unclassified Emails 107

Posted by samzenpus
from the lets-have-a-look dept.
An anonymous reader points out that Russian hackers reportedly obtained some of President Obama’s emails when the White House’s unclassified computer system was hacked last year. Some of President Obama's email correspondence was swept up by Russian hackers last year in a breach of the White House's unclassified computer system that was far more intrusive and worrisome than has been publicly acknowledged, according to senior American officials briefed on the investigation. The hackers, who also got deeply into the State Department's unclassified system, do not appear to have penetrated closely guarded servers that control the message traffic from Mr. Obama's BlackBerry, which he or an aide carries constantly. But they obtained access to the email archives of people inside the White House, and perhaps some outside, with whom Mr. Obama regularly communicated. From those accounts, they reached emails that the president had sent and received, according to officials briefed on the investigation.
Government

Woman Behind Pakistan's First Hackathon, Sabeen Mahmud, Shot Dead 488

Posted by samzenpus
from the trying-to-silence-the-future dept.
An anonymous reader sends word that Sabeen Mahmud, a prominent Pakistani social and human rights activist, has been shot dead. The progressive activist and organizer who ran Pakistan's first-ever hackathon and led a human rights and a peace-focused nonprofit known as The Second Floor (T2F) was shot dead by unidentified gunmen in Karachi. Sabeen Mahmud was leaving the T2F offices with her mother some time after 9pm on Friday evening, reports the Pakistani newspaper Dawn. She was on her way home when she was shot, the paper reports. Her mother also sustained bullet wounds and is currently being treated at a hospital; she is said to be in critical condition.
United States

Declassified Report From 2009 Questions Effectiveness of NSA Spying 56

Posted by Soulskill
from the moving-at-the-speed-of-government dept.
schwit1 writes: With debate gearing up over the coming expiration of the Patriot Act surveillance law, the Obama administration on Saturday unveiled a 6-year-old report examining the once-secret program code-named Stellarwind, which collected information on Americans' calls and emails. The report was from the inspectors general of various intelligence and law enforcement agencies.

They found that while many senior intelligence officials believe the program filled a gap by increasing access to international communications, others including FBI agents, CIA analysts and managers "had difficulty evaluating the precise contribution of the [the surveillance system] to counterterrorism efforts because it was most often viewed as one source among many available analytic and intelligence-gathering tools in these efforts."

"The report said that the secrecy surrounding the program made it less useful. Very few working-level C.I.A. analysts were told about it. ... Another part of the newly disclosed report provides an explanation for a change in F.B.I. rules during the Bush administration. Previously, F.B.I. agents had only two types of cases: "preliminary" and "full" investigations. But the Bush administration created a third, lower-level type called an "assessment." This development, it turns out, was a result of Stellarwind.
Government

Think Tanks: How a Bill [Gates Agenda] Becomes a Law 152

Posted by Soulskill
from the daily-dose-of-cynicism dept.
theodp writes: The NY Times' Eric Lipton was just awarded a 2015 Pulitzer Prize for investigative reporting that shed light on how foreign powers buy influence at think tanks. So, it probably bears mentioning that Microsoft's 'two-pronged' National Talent Strategy (PDF) to increase K-12 CS education and the number of H-1B visas — which is on the verge of being codified into laws — was hatched at an influential Microsoft and Gates Foundation-backed think tank mentioned in Lipton's reporting, the Brookings Institution. In 2012, the Center for Technology Innovation at Brookings hosted a forum on STEM education and immigration reforms, where fabricating a crisis was discussed as a strategy to succeed with Microsoft's agenda after earlier lobbying attempts by Bill Gates and Microsoft had failed. "So, Brad [Microsoft General Counsel Brad Smith]," asked the Brookings Institution's Darrell West at the event, "you're the only [one] who mentioned this topic of making the problem bigger. So, we galvanize action by really producing a crisis, I take it?" "Yeah," Smith replied (video). And, with the help of nonprofit organizations like Code.org and FWD.us that were founded shortly thereafter, a national K-12 CS and tech immigration crisis was indeed created.
Government

FCC Chairman: a Former Cable Lobbyist Who Helped Kill the Comcast Merger 85

Posted by Soulskill
from the judging-books-by-covers dept.
An anonymous reader writes: After Friday's news that the Comcast/TWC merger is dead, the Washington Post points out an interesting fact: FCC Chairman Tom Wheeler, who was instrumental in throwing up roadblocks for the deal, used to be a lobbyist for the cable and wireless industry. "Those who predicted Wheeler would favor industry interests 'misunderstood him from the beginning — the notion that because he had represented various industries, he was suddenly in their pocket never made any sense,' said one industry lawyer, who spoke on the condition of anonymity because he represents clients before the FCC." The "revolving door" between government and industry is often blamed for many of the problems regulating corporations. We were worried about it ourselves when Wheeler was nominated for his current job. I guess this goes to show that it depends more on the person than on their previous job.
Patents

Vizio, Destroyer of Patent Trolls 99

Posted by Soulskill
from the best-defense-is-a-strong-offense dept.
An anonymous reader writes: We read about a lot of patent troll cases. Some are successful and some are not, but many such cases are decided before ever going to court. It's how the patent troll operates — they know exactly how high litigation costs are. Even without a legal leg to stand on, they can ask for settlements that make better financial sense for the target to accept, rather than dumping just as much money into attorney's fees for an uncertain outcome. Fortunately, some companies fight back. TV-maker Vizio is one of these, and they've successfully defended against 16 different patent trolls, some with multiple claims. In addition, they're going on the offensive, trying to wrest legal fees from the plaintiffs for their spurious claims. "For the first time, it stands a real chance, in a case where it spent more than $1 million to win. Two recent Supreme Court decisions make it easier for victorious defendants to collect fees in patent cases. The TV maker is up against a storied patent plaintiffs' firm, Chicago-based Niro, Haller & Niro, that has fought for Oplus tooth and nail. ... For Vizio, the company feels that it's on the verge of getting vindication for a long-standing policy of not backing down to patent trolls."
Government

A Guide To the 5 Cybersecurity Bills Now Before Congress 17

Posted by Soulskill
from the better-know-a-bill dept.
blottsie writes: At press time, the House had passed two cybersecurity bills, one Senate bill had been passed out of committee and reported to the full chamber for a final vote, and a third House bill and a second Senate bill were awaiting review by the appropriate committee. The two House bills that passed earlier this week will be combined and sent to the Senate, but the Senate won't take up them up directly; instead, it will vote on its own two bills. It's complicated, so here's a quick breakdown of the key details.