alphadogg writes "Security and how to protect users from pervasive monitoring will dominate the proceedings when members of Internet Engineering Task Force meet in London starting Sunday. For an organization that develops the standards we all depend on for the Internet to work, the continued revelations made by NSA whistleblower Edward Snowden have had wide-ranging repercussions. 'It wasn't a surprise that some activities like this are going on. I think that the scale and some of the tactics surprised the community a little bit. ... You could also argue that maybe we needed the wake-up call,' said IETF Chairman Jari Arkko. Part of that work will also be to make security features easier to use and for the standards organization to think of security from day one when developing new protocols."
Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!
An anonymous reader sends in a story about a network engineer named Bryan Seely, who was tired of seeing fake listings and spam on Google Maps. He contacted the company and tried to convince them to fix their system, but didn't have much luck. Afterward, he thought of an effective demonstration. He put up fake listings for the FBI and the Secret Service with phone numbers that sent the calls to him. When people called, he forwarded them to the actual agencies while he listened in. After recording a couple of calls for proof, he went to a local Secret Service office to explain the problem: "After that, Seely says, he got patted down, read his Miranda rights, and put in an interrogation room. Email correspondence with the Secret Service indicates that the special agent in charge called him a 'hero' for bringing this major security flaw to light. They let him go after a few hours. Seely says the fake federal listings, which were both ranked second every time I checked Google Maps, were up for four days. He took them down himself when the Secret Service asked."
An anonymous reader writes "Ben Kuchera at Polygon ponders the surveillance capabilities of our gaming consoles in light of recent NSA and GCHQ revelations. 'Xbox One Kinect can see in the dark. It can keep a moving human being in focus without motors. It knows how to isolate voices from background noise. The privacy implications of having a device that originally couldn't be removed pointed at your living room at all times was always kind of scary, and that fear has been at least partially justified.' Kuchera, like many of us, habitually disconnects cameras and microphones not currently in use. But he also feels a sense of inevitability about the whole thing: 'If the government wants this information they're going to get it, no matter what we do with our gaming consoles. It's important to pay attention to what our government is doing, but this issue is much bigger than our gaming consoles, and we open ourselves up to much greater forms of intrusion on a daily basis.'"
WebMink writes "In rare joint move, the OSI and FSF have joined with Eben Moglen's Software Freedom Law Center to file a U.S. Supreme Court briefing in the CLS vs Alice case. The brief asserts the basic arguments that processes are not patentable if they are implemented solely through computer software, and that the best test for whether a software-implemented invention is solely implemented through software is whether special apparatus or the transformation of matter have been presented as part of the claims (the 'machine or transformation' test). They assert that finding software-only inventions unpatentable will not imperil the pace of software innovation, citing the overwhelming success of open source in the software industry as proof."
jfruh writes "Steven R. Spriggs was ticketed and fined $165 for violating California's law on cell phone use while operating a motor vehicle, which states that you can only use a phone while driving if you have a hands-free device. But he appealed the judgement, arguing that the law only applied to actually talking on the phone, whereas he had been caught checking his GPS app. Now an appeals court has agreed with him. The law in question was enacted in 2006, before the smartphone boom."
jfruh writes "Under the U.S.'s previously secret program of gathering phone call metadata, that information was only retained for a period of five years. Now the government has petitioned the court system to retain it longer — not because it wants to, it says, but because it needs to preserve it as evidence for the various privacy lawsuits filed against the government. Federal lawyers have suggested several ways the information can be preserved without being available to the NSA."
just_another_sean writes "An Australian record label that threatened to sue one of the world's most famous copyright attorneys for infringement has reached a settlement with him. The settlement includes an admission that Lawrence Lessig, a Harvard Law School professor, had the right to use a song by the band Phoenix. From the article: 'In a statement, Liberation Music admitted Lessig's use of the song was protected by fair use — a legal doctrine that allows copyrighted material to be used for education, satire and a few other exceptions. Liberation Music says it will also pay Lessig for the harm it caused. The amount is confidential under the terms of the agreement, but it will be dedicated to supporting work by the Electronic Frontier Foundation, a digital civil rights group, to work on causes that were important to Lessig's friend Aaron Swartz, a technologist and activist who committed suicide last year.'"
itwbennett writes "As the list of victims of sophisticated cyber attacks expands, so does the need for specialized, high-priced, and hard-to-find talent to help investigate and recover from those attacks. The latest solution: hosted services offering access to cyber intelligence and incident response. 'At the RSA Security Conference this week, companies large and small are trumpeting the spy agency connections of senior staff as never before,' writes Paul Roberts. 'These new offerings — think of them as spooks-as-a-service — typically combine some degree of network and endpoint monitoring with a cloud-based management platform to gather and analyze data against data aggregated from other customers and third-party threat intelligence.'"
An anonymous reader writes in with news about a new anonymous instant messenger client on the way from Tor. "Forget the $16 billion romance between Facebook and WhatsApp. There's a new messaging tool worth watching. Tor, the team behind the world's leading online anonymity service, is developing a new anonymous instant messenger client, according to documents produced at the Tor 2014 Winter Developers Meeting in Reykjavik, Iceland."
mdsolar writes with news that the aging reactor fleet in the U.S. will likely see units hitting 80 or more years of use before being decommissioned. From the article: "Officials of the US Nuclear Regulatory Commission and the nuclear power industry expect the first application to be filed with the agency in 2018 or 2019 for a license renewal to operate a power reactor or reactors beyond 60 years. At a Nuclear Energy Institute forum in Washington Tuesday, neither NRC nor industry officials named specific plants considered likely to apply, and it was not clear from their remarks if any nuclear operator has yet volunteered to be the first to apply." Also see the staff report on preparing for the first applications. The proposed operating license changes would place no limit on the number of 20 year extensions, so perhaps a few reactors will end up in operation for a full century (if there's anyone left who can remember how to operate them then).
An anonymous reader writes with more chilling news from the Snowden files. Quoting the Guardian: "GCHQ files dating between 2008 and 2010 explicitly state that a surveillance program codenamed Optic Nerve collected still images of Yahoo webcam chats in bulk and saved them to agency databases, regardless of whether individual users were an intelligence target or not. ... The system, eerily reminiscent of the telescreens evoked in George Orwell's 1984, was used for experiments in automated facial recognition, to monitor GCHQ's existing targets, and to discover new targets of interest. Such searches could be used to try to find terror suspects or criminals making use of multiple, anonymous user IDs." Remember, friends don't video conference with friends unless they're using SIP and TLS.
Daniel_Stuckey writes "The contacts on Zambada-Ortiz's phone, which officials seized, would prove critical in pinpointing cartel stash houses strewn across Sinaloa state in mountainous northwest Mexico. Crucially, the episode would breathe new life into the joint US-Mexico dragnet that recently caught Chapo, who'd been at large for 13 years after famously escaping from Mexican prison in a laundry basket. Zambada-Ortiz's capture and the data scraped from his phone led to more and more Sinaloa phones until a month ago, when Mexican authorities (moving on American intelligence work) successfully carried out a number of raids that scored a cache of weapons and the arrests of a few of Chapo's senior henchmen. With each apprehension came another phone full of leads, 'a new trove of information for officials to mine,' as TIME reported. Then, sometime last week, Mexican commandos 'traced a number stored in a seized cell phone to a stash house outside the provincial capital of Culiacan, where they believed Guzman was hiding,' TIME added."
New submitter wassomeyob writes "In Canada, the province of Quebec has their Official Language Act of 1974 (aka Bill 22) which makes French their sole official language. It has famously been used to force business owners to modify signage to give French pre-eminance over other languages. Now, the Quebec language police seem to be extending their reach to Facebook. Eva Cooper owns Delilah in the Parc — a shop in Chelsea, Quebec near the Quebec/Ontario border. She received a letter from the language office telling her to translate everything posted on her store's Facebook page into French."
First time accepted submitter Martin Blank writes "Sarah Slocum, an early adopter of Google Glass, was bar hopping with friends in San Francisco when a few people in the bar took issue with the eyewear when she was demonstrating it to another patron even though she wasn't recording. When she felt threatened, she informed them that she would start recording. Two of them approached her, yelling and throwing a bar rag at her, and ultimately ripping the Glass from her face and running from the bar with it. She gave chase and eventually got the Glass back, but her purse was gone when she returned to the bar. This physical level of hostility is unusual, but discomfort with Glass is common, especially among those who don't understand how it works. Given that much more hidden spy cameras are available for far less than the $1500 cost of Glass, what will it take for general acceptance to finally take hold?"
An anonymous reader writes "By 'buying out' the most obvious lunch spot nearest the RSA conference yesterday, opponents and truth-seekers regarding RSA's alleged deal with the NSA raised awareness amongst attendees in the most brutal way possible: by taking away tacos and tequila drinks. Robert Imhoff, Vegas 2.0 co-founder, says, 'RSA could begin to fix this by going on the record with a detailed response about the accusations.'" I tried to get attendees of the conference to comment on camera — even a little bit — on what they thought of the NSA spying revelations, and not a single person I approached would do so. The pained facial expressions when they refused were interesting, though, and reflect the problem with a surveillance society in a nutshell. Especially at a conference where the NSA is surrounded by vendors who sell the hardware and software that enables your "mere" metadata to be captured and sifted, plenty of the people on the floor know that the companies they work for are or might one day be seeking contracts to do all that capturing and sifting, even if they'd rather not be subject to it personally, so their don't want their face shown saying so.
An anonymous reader writes "Sen. Joe Manchin of West Virginia, a member of the Senate Banking Committee, has called for for heavily regulation of Bitcoin. Reached for comment, his staff confirmed Manchin is seeking a 'ban' that would apply to any cryptocurrency that's both anonymous and unregulated."
cold fjord writes "The Verge reports, 'Google and YouTube must scrub all copies of Innocence of Muslims, a low-budget anti-Islam film that drew international protest in 2012, at the behest of an actress who says she received death threats after being duped into a role. The Ninth Circuit Court of Appeals has granted a temporary takedown order on behalf of Cindy Lee Garcia, who filed a copyright claim against Google in an attempt to purge the video from the web. While actors usually give up the right to assert copyright protection when they agree to appear in a film, Garcia says that not only was she never an employee in any meaningful sense, the finished film bore virtually no relation to the one she agreed to appear in. In a majority opinion, Judge Alex Kozinski said she was likely in the right.' — Techdirt has extensive commentary on the ruling that's worth reading. It seems likely there will be an appeal, with the distinct possibility that Google and the MPAA will be on the same side."
New submitter DigitalParc writes "RadioShack recently launched a promotion for 6 months of free Netflix service with the purchase of a laptop, tablet, or phone. This ended up being a fantastic deal, until the shoddy redemption site they were using for the Netflix code redemption was exploited and many of the codes were stolen. 'Users on slickdeals, a deal-finding and sometimes deal-exploiting website, found that the URL of the redemption website could be changed upon trying to enter a code, resulting in a valid Netflix subscription code being generated. Within hours, many of Netflix codes that were allocated to this promotion were stolen and some were redeemed or put up for sale on eBay.'"
cold fjord writes with news that the Supreme Court has expanded the ability of police officers to search a home without needing a warrant, quoting the LA Times: "Police officers may enter and search a home without a warrant as long as one occupant consents, even if another resident has previously objected, the Supreme Court ruled Tuesday ... The 6-3 ruling ... gives authorities more leeway to search homes without obtaining a warrant, even when there is no emergency. The majority ... said police need not take the time to get a magistrate's approval before entering a home in such cases. But dissenters ... warned that the decision would erode protections against warrantless home searches." In this case, one person objected to the search and was arrested followed by the police returning and receiving the consent of the remaining occupant.
An anonymous reader writes in with new developments in a two-year-old spat between YouTube and GEMA (a German music royalty collection foundation). After the courts ordered YouTube to implement tools to block videos that contained music GEMA licenses, it seems that telling users why content was blocked isn't making GEMA happy. From the article: "GEMA applied for an injunction to force YouTube to change the messages, claiming that they misrepresent the situation and damage GEMA’s reputation. YouTube alone is responsible for blocking the videos, claiming otherwise is simply false, GEMA argued. ... Yesterday the District Court of Munich agreed with the music group and issued an injunction to force YouTube to comply, stating that the notices 'denigrate' GEMA with a 'totally distorted representation of the legal dispute between the parties.' Changing the message to state that videos are not available due to a lack of a licensing agreement between YouTube and GEMA would be more appropriate, the Court said." The messages currently reads, "Unfortunately, this video is not available in Germany because it may contain music for which GEMA has not granted the respective music rights." Seems pretty neutral. Non-compliance with the order could result in fines of €250,000 per infraction.