jfruh writes: Point-of-sale software has meant that in many cases where once you'd have seen a cash register, you now see a general-purpose PC running point-of-sale (PoS) software. Unfortunately, those PCs have all the usual vulnerabilities, and when you run software on it that processes credit card payments, they become a tempting target for hackers. One of the latest attacks on PoS software comes in the form of malicious Word macros downloaded from spam emails.
An anonymous reader writes: Senior researcher Scott Lester at Context Information Security has shown how someone can easily monitor and record Bluetooth Low Energy signals transmitted by many mobile phones, fitness monitors, and iBeacons. The findings have raised concerns about the privacy and confidentiality wearable devices may provide. “Many people wearing fitness devices don’t realize that they are broadcasting constantly and that these broadcasts can often be attributed to a unique device,” said Scott says. “Using cheap hardware or a smartphone, it could be possible to identify and locate a particular device – that may belong to a celebrity, politician or senior business executive – within 100 meters in the open air. This information could be used for social engineering as part of a planned cyber attack or for physical crime by knowing peoples’ movements.” The researchers have even developed an Android app that scans, detects and logs wearable devices.
Mark Wilson writes: Before the UK elections earlier in the month, David Cameron spoke about his desire to clean up the internet. Pulling — as he is wont to do — on parental heartstrings, he suggested that access to porn on computers and mobiles should be blocked by default unless users specifically requested access to it. This opt-in system was mentioned again in the run-up to the election as Secretary of State for Culture, Media and Sport, Sajid Javid assured peopled that the party "will age restrict online porn". But it's not quite that simple. There is the small problem of Europe. A leaked EU Council document shows that plans are afoot to stop Cameron's plans in its tracks — and with the UK on the verge of trying to debate a better deal for itself within Europe, the Prime Minister is not in a particularly strong position for negotiating on the issue. Cameron has a fight on his hands, it seems, if he wants to deliver on his promise that "we need to protect our children from hardcore pornography". Documents seen by The Sunday Times reveal that the EU could make it illegal for ISPs and mobile companies to automatically block access to obscene material. Rather than implementing a default block on pornography, the Council of the European Union believes that users should opt in to web filtering and be able to opt out again at any time; this is precisely the opposite to the way Cameron would like things to work.
Patrick O'Neill writes: Tens of millions of daily subway riders around the world can be tracked through their smartphones by a new attack, according to research from China's Nanjing University. The new attack even works underground and doesn't utilize GPS or cell networks. Instead, the attacker steals data from a phone's accelerometer. Because each subway in the world has a unique movement fingerprint, the phone's motion sensor can give away a person's daily movements with up to 92% accuracy.
An anonymous reader writes: An article in Communications of the ACM takes a look at how Edward Snowden's revelations about government surveillance have changed privacy behaviors across the world. The results are fairly disappointing. While the news that intelligence agencies were trawling data from everyday citizens sparked an interest in privacy, it was small, and faded quickly. Even through media coverage has continued for a long time after the initial reports, public interest dropped back to earlier levels long ago. The initial interest spike was notably less than for other major news events. Privacy-enhancing behaviors experienced a small surge, but that too failed to impart any long-term momentum. The author notes that the spike in interest "following the removal of privacy-enhancing functions in Facebook, Android, and Gmail" was stronger than the reaction to the government's privacy-eroding actions.
An anonymous reader writes: The European Union recently published plans to ban 31 pesticides containing chemicals linked to testicular cancer and male infertility. Those potential regulations have now been dropped after a U.S. business delegation said they would adversely affect trade negotiations for the Transatlantic Trade and Investment Partnership. "Just weeks before the regulations were dropped there had been a barrage of lobbying from big European firms such as Dupont, Bayer and BASF over EDCs. The chemical industry association Cefic warned that the endocrines issue 'could become an issue that impairs the forthcoming EU-US trade negotiations.'"
An anonymous reader writes: Former Mozilla software engineer Monica Chew and Computer Science researcher Georgios Kontaxis recently released a paper (PDF) that examines Firefox's optional Tracking Protection feature. The duo found that with Tracking Protection enabled, the Alexa top 200 news sites saw a 67.5 percent reduction in the number of HTTP cookies set. Furthermore, performance benefits included a 44 percent median reduction in page load time and 39 percent reduction in data usage.
An anonymous reader writes: After a records request by Ars, the sheriff in San Bernardino County (SBSD) sent an example of a template for a "pen register and trap and trace order" application. The county attorneys claim what they sent was a warrant application template, even though it is not. The application cites no legal authority on which to base the request. "This is astonishing because it suggests the absence of legal authorization (because if there were clear legal authorization you can bet the government would be citing it)," Fred Cate, a law professor at Indiana University, told Ars. "Alternatively, it might suggest that the government just doesn't care about legal authorization. Either interpretation is profoundly troubling," he added. Further documents reveal that the agency has used a Stingray 303 times between January 1, 2014 and May 7, 2015.
jones_supa writes: Greece, the country which has been in extreme financial trouble and high debt for years, cannot make debt repayments to the International Monetary Fund (IMF) next month, unless it achieves a deal with creditors. 'The four installments for the IMF in June are €1.6 billion ($1.8 billion). This money will not be given and is not there to be given,' Interior Minister Nikos Voutsis told Greek Mega TV's weekend show. Shut out of bond markets and with bailout aid locked, cash-strapped Athens has been scraping state coffers to meet debt obligations and to pay wages and pensions. With its future as a member of the 19-nation eurozone potentially at stake, a second government minister accused its international lenders of subjecting it to slow and calculated torture.
Mark Wilson sends word that Amazon will begin paying corporate taxes on profits made in the UK. The company had previously been recording most of its UK sales as being in Luxembourg, which let them avoid the higher taxes in the UK. But at the end of last year, UK regulators decided they were losing too much tax revenue because of this practice, so they began implementing legislation that would impose a 25% tax on corporations routing their profits elsewhere. Amazon is the first large corporation to make the change, and it's expected to put pressure on Google, Microsoft, Apple, and others to do the same.
An anonymous reader writes: Palmer Luckey, founder of VR headset-maker Oculus, has been sued by a company accusing him of taking their confidential information and passing it off as his own. Total Recall Technologies, based in Hawaii, claims it hired Luckey in 2011 to build a head-mounted display. Part of that employment involved Luckey signing a confidentiality agreement. In August, 2012, Luckey launched a Kickstarter campaign for the Oculus Rift headset, and Facebook bought his company last year for $2 billion. TRT is seeking compensatory and punitive damages (PDF).
onproton writes: The Senate voted yesterday to reauthorize the controversial Trade Promotion Authority (TPA), which expedites, or 'Fast Tracks,' the passage of trade agreements through Congress. If also approved by the House, it will grant the authority to decide and negotiate the terms of agreements like the Trans-Pacific Partnership (TPP) to the executive branch, significantly limiting congressional involvement and leaving little room for debate. Proponents of the bill, namely the USTR, claim that Fast Tracking the TPP is critical to successfully negotiating its terms internationally, and will "ensure that Congress, stakeholders and the public are closely involved before, during and after the conclusion of trade agreement negotiations." Though in reality, it does not introduce significant changes in the transparency or reporting requirements that are currently in place, which have allowed the negotiations of this deal to be held in secret since 2009. With concerns being raised about the deal's impacts on everything from intellectual property rights to government sovereignty, it is surprising to many that Congress would abdicate their role in determining the specifics of agreements that may have far reaching implications for their constituents.
New submitter Steven King writes with a link to The Daily Dot's report that the U.S. Senate has rejected the controversial USA Freedom Act, thus "all but guaranteeing that key provisions of the USA Patriot Act will expire"; had it passed, the bill would have allowed continued use of some mass data-collection practices, but with the addition of stronger oversight. From the article: The Senate failed to reach agreement on passage of the USA Freedom Act, a bill to reauthorize and reform Section 215 of the USA Patriot Act, which the government has used to conduct bulk surveillance of Americans' phone records. The House of Representatives passed the bill last week by an overwhelming bipartisan majority, but Senate Democrats, who unified behind the bill, did not get enough Republican votes to assure passage. The linked piece also mentions that the EFF shifted its position on this bill, after a panel of Federal judges ruled that the Feds at the NSA had overstepped their bounds in collecting a seemingly unlimited trove of metadata relating to American citizen's phone calls.
New submitter Kristine Lofgren writes: The California Assembly just passed a vote to ban toxic microbeads, the tiny flecks found in toothpastes and exfoliants. Microbeads cause a range of problems, from clogging waterways to getting stuck in gums. The ban would be the strictest of its kind in the nation. As the article notes, the California Senate would need to pass a bill as well, for this ban to take effect, and if that happens, the resulting prohibition will come into place in 2020. From the article: Last year, Illinois became the first state in the U.S. to pass a ban on the usage of microbeads in cosmetics, approving a law that will go into effect in 2018, and earlier this year two congressmen introduced a bipartisan bill to outlaw the use of microbeads nationwide. And for exceptionally good reason; the beads, which serve as exfoliants and colorants are a massive source of water pollution, with scientists estimating that 471 million plastic microbeads are released into San Francisco Bay alone every single day.
PvtVoid writes: The Wall Street Journal now has a page up that encourages readers to sift through and tag Hillary Clinton's emails on Benghazi. Users can click on suggested tags such as "Heated", "Personal", "Boring", or "Interesting", or supply their own tags. What could possibly go wrong? I'm tagging this story "election2016."