An anonymous reader writes "The FBI has released images of what they say are two suspects with backpacks and ball caps. 'Somebody out there knows these individuals as friends, neighbors, co-workers or family members of the suspects,' Special Agent Rick DesLauriers, the head of the FBI's Boston office said. 'And though it may be difficult, the nation is counting on those with information to come forward and provide it to us.'"
NewYorkCountryLawyer writes "Once again YouTube has defeated Viacom and other members of the content cartel; once again the Court has held that the Digital Millennium Copyright Act actually does mean what it says. YouTube had won the case earlier, at the district court level, but the US Court of Appeals for the Second Circuit, although ruling in YouTube's favor on all of the general principles at stake, felt that there were several factual issues involving some of the videos and remanded to the lower court for a cleanup of those loose ends. Now, the lower court — Judge Louis L. Stanton to be exact — has resolved all of the remaining issues in YouTube's favor, in a 24-page opinion. Among other things Judge Stanton concluded that YouTube had not had knowledge or awareness of any specific infringement, been 'willfully blind' to any specific infringement, induced its users to commit copyright infringement, interacted with its users to a point where it might be said to have participated in their infringements, or manually selected or delivered videos to its syndication partners. Nevertheless, 5 will get you 10 that the content maximalists will appeal once again."
An anonymous reader links to an article at Ars explaining the dropping inventory of bridges available to users of the Tor project's encrypted messaging system. They're looking for more bridges, but that doesn't necessarily mean buying new hardware per se. From the article: "After campaigning successfully last year to get more volunteers to run obfuscated Tor bridges to support users in Iran trying to evade state monitoring, the network has lost most of those bridges, according to a message to the Tor relays mailing list by Tor volunteer George Kadiankakis. 'Most of those bridges are down, and fresh ones are needed more than ever,' [Tor volunteer George] Kadiankakis wrote in an e-mail, 'since obfuscated bridges are the only way for people to access Tor in some areas of the world (like China, Iran, and Syria).' For those who want to donate bridges to the Tor network, the easiest route is to use Tor Cloud, an Amazon Web Service Elastic Compute Cloud image created by the Tor Project that allows people to leverage Amazon's free usage tier to deploy a bridge."
An anonymous reader writes with a story at the Daily Dot: "Despite the protests of Internet privacy advocates, the controversial Cyber Intelligence Sharing and Protection Act (CISPA) passed the House of Representatives Thursday. The vote was 288-127. ... CISPA saw a handful of minor amendments soon before passage. A representative for the EFF told the Daily Dot that while they were still analyzing the specifics, none of the actual changes to the bill addressed their core criticisms. ... But also as was the case the year before, on Tuesday the Obama administration issued a promise to veto the bill if it reaches the president’s desk without significant changes." Techdirt has a short report on the vote, too — and probably more cutting commentary soon to follow.
sholto writes "An aggressive expansion strategy by LinkedIn has backfired spectacularly amid accusations of identity fraud. Users complained the social network sent unrequested invites from their accounts to contacts and complete strangers, often with embarrassing results. One man claimed LinkedIn sent an invite from his account to an ex-girlfriend he broke up with 12 years ago who had moved state, changed her surname and her email address. ... 'This ex-girlfriend's Linked in profile has exactly ONE contact, ME. My wife keeps getting messages asking 'would you like to link to (her)? You have 1 contact in common!,' wrote Michael Caputo, a literary agent from Massachussetts."
gale the simple writes "Mike Rodgers made a minor splash Tuesday when he decided to liken CISPA opponents to 14-year-old basement dwellers. The EFF, naturally, picked up on this generalization and asked everyone to let the representative know that it is not just the 14-year-olds that care about privacy."
An anonymous reader writes "Amid rumors of an impending arrest in the Boston Marathon bombing, Xconomy has a rundown of local companies working on technologies relevant to the investigation and aftermath. The approaches include Web analytics to identify communication patterns, image and video analysis of the crime scene, surveillance camera hardware and software, and smart prosthetic devices for amputees. A big challenge the authorities face is the sheer volume and different proprietary formats of video from security cameras, mobile devices, and media groups. Ultimately this will be a case study in whether an individual bent on destruction can remain anonymous in an era of digital surveillance, social media, and crowdsourcing."
GovTechGuy writes "The House Energy and Commerce Committee passed legislation on Wednesday once again affirming the current management structure of the Web. In doing so, the lawmakers made one thing clear: the only government that should have its hands on the underpinnings of the Internet is the U.S. ' It affirms the importance of an Internet free from censorship and government control and codifies the existing management structure of the Internet. ... Notably, however, lawmakers dropped from the legislation the phrase “free from government control,” which had threatened to derail the April 11 markup by the Subcommittee on Communications and Technology. ... [Democrats argued] it could undermine the U.S. government’s ability to enforce existing — or future — laws online.'"
chicksdaddy writes "The American Civil Liberties Union filed a complaint with the U.S. Federal Trade Commission on Wednesday calling on the federal government to take action to stem an epidemic of unpatched and insecure Android mobile devices – declaring the sea of unpatched and vulnerable phones and tablets 'defective and unreasonably dangerous.' The civil liberties group's complaint for injunctive relief with the FTC (PDF), notes that 'major wireless carriers have sold millions of Android smartphones to consumers' but that 'the vast majority of these devices rarely receive software security updates.' The ACLU says carriers leave their customers vulnerable to malware and spear phishing attacks that can be used to record or transmit information on the device to' third parties. 'A significant number of consumers are using smartphones running a version of the Android operating system with known, exploitable security vulnerabilities for which fixes have been published by Google, but have not been distributed to consumers' smartphones by the wireless carriers and their handset manufacturer partners,' the ACLU said. Android devices now account for close to 70 percent of new mobile devices sold. The porous security of many of those devices has become a topic of concern. The latest data from Google highlights the challenge facing the company, with just over 25% of Android users running versions 4.1 or 4.2 – the latest versions of the OS, dubbed 'Jelly Bean,' more than six months after its release. In contrast, 40% of Android users are still running the 'Gingerbread' release – versions 2.3.3 through 2.3.7, a two year-old version of the operating system that has known security vulnerabilities."
New submitter zayyd writes "The CBC reports that publicly-elected Gerry Rogers, member of the Provincial Government for Newfoundland and Labrador, 'has been removed from the house of assembly for refusing to apologize for comments made by other users on a Facebook group of which she had been added to as a member.' Rogers was unwillingly added to a Facebook Group which included comments of death threats aimed at Premier Kathy Dunderdale from other users. From the article: 'Dunderdale said her government understands how Facebook groups work, and she said it is up to every MHA to monitor the comments posted on Facebook groups to which they belong.' Facebook's policies for Groups are somewhat clear, even if they don't actually answer the question of 'Can I prevent people from adding me to a new group?'"
Pikoro writes with news that Foxconn's parent company has entered into an agreement to pay Microsoft royalties for every Android device they manufacture, joining a rather long list of companies licensing patents for Android/Linux from Microsoft. From the BBC: "Microsoft has secured a patent deal with the world's biggest consumer electronics manufacturer to receive fees for devices powered by Google's Android and Chrome operating systems. Hon Hai — the parent company of Foxconn — said the deal would help prevent its clients being caught up in an ongoing intellectual property dispute. Microsoft says that Google's code makes use of innovations it owns. Google alleges its rival's claims are based on 'bogus patents.' 'The patents at issue cover a range of functionality embodied in Android devices that are essential to the user experience, including: natural ways of interacting with devices by tabbing through various screens to find the information they need; surfing the web more quickly, and interacting with documents and e-books.'"
An anonymous reader sent in word that the Obama administration is threatening to veto CISPA in its current form because "The Administration, however, remains concerned that the bill does not require private entities to take reasonable steps to remove irrelevant personal information (PDF) when sending cybersecurity data to the government or other private sector entities. Citizens have a right to know that corporations will be held accountable — and not granted immunity — for failing to safeguard personal information adequately. The Administration is committed to working with all stakeholders to find a workable solution to this challenge." Ars has a few more details, the EFF urges U.S. citizens to oppose the bill, and one of the sponsors tweeted that those opposed to the bill are basement dwelling fourteen-year-olds. Note that the Administration still wants there to be some kind of comprehensive data sharing law in the name of cybersecurity, so this may very well rear its head again in the coming months.
dcblogs writes "The U.S. Senate comprehensive immigration bill, due Tuesday, will allow the H-1B cap to rise from 65,000 to as high as 180,000. The bill, overall, contains some interesting provisions. It will require the U.S. Labor Dept. to create a website of H-1B job openings that employers must post to. The jobs must be posted least 30 calendar days before hiring an H-1B applicant to fill that position. The bill also raises wages for H-1B workers to make them more competitive, although the amount wasn't specified. One provision that will affect India, in particular, limits H-1B visa use to 50% of a firm's U.S. workforce. The provision may prompt India firms to buy U.S. companies to expand their U.S. presence."
ndogg writes "Mozilla is considering pulling TeliaSonera from its list of root certificate SSL providers. They have asked for comments on this on their mailing list. They're concerned about the use of the certificates by those governments for spying on its citizens, particularly in Azerbaijan, Kazakhstan, Georgia, Uzbekistan and Tajikistan — where TeliaSonera operates subsidiaries or is heavily invested. Mozilla's concern is that TeliaSonera has possibly issued certificates that allow hardline government servers to masquerade as legitimate websites — so-called man-in-the-middle attacks — and decrypt web traffic. This alleged activity would contradict Mozilla's policy against 'knowingly issuing certificates without the knowledge of the entities whose information is referenced in the certificates.'"
An anonymous reader writes "Gottfrid Svartholm Warg, a.k.a. 'anakata,' co-founder of The Pirate Bay, has been indicted by a Swedish court on charges of computer hacking and fraud. The prosecuting attorney said, 'A large amount of data from companies and agencies was taken during the hack, including a large amount of personal data, such as personal identity numbers of people with protected identities.' According to Ars, 'The first count of hacking involves allegedly unlawfully using another person's username and password to search Infotorg, a well-known massive privately held commercial database of "private individuals, companies, properties and vehicles." The second count, as previously reported, involves an alleged hack dating back to 2010 of Logica, a Swedish IT firm that contracts with the Swedish tax authority. In March 2012, Logica was hit by an online attack that resulted in around 9,000 Swedes (Google Translate) having their personal identity numbers and names released to the public. ... The third count of hacking, allegedly taking place between July and August 2012, accuses Svartholm Warg of unauthorized access of major Nordic region bank Nordea's computers. The fraud charges accuse Svartholm Warg of allegedly transferring and attempting to transfer money from Nordea to other unauthorized bank accounts.'"
An anonymous reader writes "A trader who last year made an unauthorized purchase of nearly US$1 billion worth of Apple stock has pled guilty to wire fraud, securities fraud and conspiracy. On October 25, 2012 — the same day Apple posted its Q3 2012 earnings — David Miller of Rochdale Securities made a number of unauthorized purchases of Apple shares which ultimately led to the demise of the financial services firm he worked for. The aim of Miller's action was to make a lot of money very quickly by purchasing large quantities of Apple shares and selling them in a post-earnings surge."
An anonymous reader writes with this excerpt from Motherboard about the immediate aftermath of yesterday's bomb attack in Boston, which attempts to explain the (unsurprisingly) poor accessibility of the cellular network after the blasts: "Gut instinct suggests that the network must've been overloaded with people trying to find loved ones. At first, the Associated Press said it was a concerted effort to prevent any remote detonators from being used, citing a law enforcement official. After some disputed that report, the AP reversed its report, citing officials from Verizon and Sprint who said they'd never had a request to shut down the network, and who blamed slowdowns on heavy load. (Motherboard's Derek Mead was able to send text messages to both his sister and her boyfriend, who were very near the finish line, shortly after the bombing, which suggests that networks were never totally shut down. Still, shutting down cell phone networks to prevent remote detonation wouldn't be without precedent: It is a common tactic in Pakistan, where bombings happen with regularity.)"
An anonymous reader writes "Monday, the Supreme Court will hear a case on the validity of breast cancer gene patents. The court has a chance to end human gene patents after three decades. From the article: 'Since the 1980s, patent lawyers have been claiming pieces of humanity's genetic code. The United States Patent and Trademark Office has granted thousands of gene patents. The Federal Circuit, the court that hears all patent appeals, has consistently ruled such patents are legal. But the judicial winds have been shifting. The Supreme Court has never ruled on the legality of gene patents. And recently, the Supreme Court has grown increasingly skeptical of the Federal Circuit's patent-friendly jurisprudence. Meanwhile, a growing number of researchers, health care providers, and public interest groups have raised concerns about the harms of gene patents. The American Civil Liberties Union estimates that more than 40 percent of genes are now patented. Those patents have created "patent thickets" that make it difficult for scientists to do genetic research and commercialize their results. Monopolies on genetic testing have raised prices and reduced patient options.'"
badger.foo writes "When you publicly assert that somebody sent spam, you need to ensure that your data is accurate. Your process needs to be simple and verifiable, and to compensate for any errors, you want your process to be transparent to the public with clear points of contact and line of responsibility. Here are some pointers from the operator of the bsdly.net greytrap-based blacklist."