Mobile photo-sharing app SnapChat has one claim to fame, compared to other ways people might share photos from their cellphones: the photos, once viewed, disappear from view, after a pre-set length of time. However, it turns out they don't disappear as thoroughly as users might like. New submitter nefus writes with this excerpt from Forbes: "Richard Hickman of Decipher Forensics found that it's possible to pull Snapchat photos from Android phones simply by downloading data from the phone using forensics software and removing a '.NoMedia' file extension that was keeping the photos from being viewed on the device. He published his findings online and local TV station KSL has a video showing how it's done."
An anonymous reader writes "A recurring theme in comments on Slashdot since the 9/11 attacks has been concern about the use of government power to monitor or suppress political activity unassociated with terrorism but rather based on ideology. It has just been revealed that the IRS has in fact done that. From the story: "The Internal Revenue Service inappropriately flagged conservative political groups for additional reviews during the 2012 election . . . Organizations were singled out because they included the words 'tea party' or 'patriot' in their applications for tax-exempt status, said Lois Lerner, who heads the IRS division that oversees tax-exempt groups. In some cases, groups were asked for their list of donors, which violates IRS policy in most cases, she said. 'That was wrong. That was absolutely incorrect, it was insensitive and it was inappropriate. That's not how we go about selecting cases for further review,' Lerner said . . . 'The IRS would like to apologize for that,' she added. . . . Lerner said the practice was initiated by low-level workers in Cincinnati and was not motivated by political bias. . . . she told The AP that no high level IRS officials knew about the practice. Tea Party groups were livid on Friday. ... In all, about 300 groups were singled out for additional review. . . Tea Party groups weren't buying the idea that the decision to target them was solely the responsibility of low-level IRS workers. ... During the conference call it was stated that no disciplinary action had been taken by those who engaged in this activity. President Obama has previously joked about using the IRS to target people." So it's not how they choose cases for review (except when it is), and was not motivated by political bias (except that it was). Also at National Review, with more bite.
An anonymous reader writes "John McCain, Republican Senator for Arizona and former U.S. presidential candidate, is drafting a new bill that would pressure TV providers to allow customers to select and pay for only the channels they want to watch. The bill will also 'bar TV networks from bundling their broadcast stations with cable channels they own during negotiations with the cable companies, according to industry sources. So for example, the Disney Company, which owns both ABC and ESPN, could not force a cable provider to pay for ESPN in order to carry ABC.' Perhaps most importantly, the bill could 'end the sports blackout rule, which prohibits cable companies from carrying a sports event if the game is blacked out on local broadcast television stations.' This would hamstring the ludicrous practice of blacking out TV broadcasts in order to drive fans to buy actual tickets to a game. The cable and satellite TV industry is expected to push back very strongly against the bill."
Doug Otto writes "Buried deep in the bowels of a bi-partisan immigration reform bill is a 'photo tool.' The goal is to create a photo database consisting of every citizen. Wired calls it 'a massive federal database administered by the Department of Homeland Security and containing names, ages, Social Security numbers and photographs of everyone in the country with a driver’s license or other state-issued photo ID.' Of course the database would be used only for good, and never evil. 'This piece of the Border Security, Economic Opportunity, and Immigration Modernization Act is aimed at curbing employment of undocumented immigrants. But privacy advocates fear the inevitable mission creep, ending with the proof of self being required at polling places, to rent a house, buy a gun, open a bank account, acquire credit, board a plane or even attend a sporting event or log on the internet.'"
In an overdue but welcome move, President Obama today issued an executive order mandating "open and machine-readable data" for government-published information. Also, kodiaktau writes "In a move to make data more readily available, the United States of America has announced the Project Open Data and has chosen GitHub to host the content." Ars has a great article on the announced policy, but as you might expect, it comes with caveats, exceptions, sub-goals and committees; don't expect too much change per day, or assume you have a right to open data, exactly, in the eyes of the government, but — "subject to appropriations" — it sounds good on paper. (I'd like the next step to be requiring that all file formats used by the government be open source.)
An anonymous reader writes with this snippet from Ars Technica: "Righthaven, the Las Vegas operation that sought to turn newspaper article copyright lawsuits into a business model, can now slap a date on its death certificate: May 9, 2013. This morning, the U.S. Court of Appeals for the Ninth Circuit ruled on the two Righthaven appeals that could have given the firm a final glimmer of hope — and the court told Righthaven to take a hike (PDF)."
First time accepted submitter He Who Has No Name writes "While the ATF appears to have no open objection to 3D printed firearms at this time, the Department of Defense apparently does. A short while ago, '#DEFCAD has gone dark at the request of the Department of Defense Trade Controls. Take it up with the Secretary of State' appeared on the group's site, and download links for files hosted there began to give users popups warning of the DoD takeover." Well, that didn't take long. Note: As of this writing, the site is returning an error, rather than the message above, but founder Cody Wilson has posted a similar message to twitter. At least the Commander in Chief is in town to deliver the message personally. Update: 05/09 21:17 GMT by T : Tweet aside, that should be Department of State, rather than Department of Defense, as many readers have pointed out. (Thanks!)
Wired has published a book review of sorts of a freely downloadable book called Untangling the Web: A Guide to Internet Research. If that title came from O'Reilly, Apress, or other big name in tech-publishing, it might be perfectly nice but less interesting. Instead, it was prepared as an internal guide for the NSA, and came to public attention through a FOIA request by MuckRock. (See this video interview with MuckRock's Michael Morisy at this year's SXSW.) The version that's been released is several years old. From Wired's report: "Although the author's name is redacted in the version released by the NSA, Muckrock's FOIA indicates it was written by Robyn Winder and Charlie Speight. A note the NSA added to the book before releasing it under FOIA says that the opinions expressed in it are the authors', and not the agency's. ... Lest you think that none of this is new, that Johnny Long has been talking about this for years at hacker conferences and in his book Google Hacking, you’d be right. In fact, the authors of the NSA book give a shoutout to Johnny, but with the caveat that Johnny’s tips are designed for cracking — breaking into websites and servers. 'That is not something I encourage or advocate,' the author writes." (Hat tip to ThinkGeek's Jacob Rose.)
Sparrowvsrevolution writes "The promise of a fully 3D-printable gun is that it can spread via the Internet and entirely circumvent gun control laws. Two days after that digital weapon's blueprint first appeared online, it seems to be fulfilling that promise. Files for the printable gun known as that 'Liberator' have been downloaded more than 100,000 times in two days, according to Defense Distributed, the group that created it. Those downloads were facilitated by Kim Dotcom's startup Mega, which Defense Distributed is using to host the Liberator's CAD files. And it's also been uploaded to the Pirate Bay, where it's one of the most popular files in the filesharing site's uncensorable 3D printing category."
judgecorp writes "The city of San Francisco has abandoned a law proposed in 2010 which would have required mobile phones to be labelled with their radiation level. Mobile phone industry body the CTIA fought the bill in court, arguing that there is not enough evidence of harm. The city is not convinced phones are safe — it says its decision to abandon the law is simply based on the legal costs."
Drishmung writes "The New Zealand Commerce Minister Craig Foss today (9 May 2013) announced a significant change to the Patents Bill currently before parliament, replacing the earlier amendment with far clearer law and re-affirming that software really will be unpatentable in New Zealand. An article on the Institute of IT Professionals web site by IT Lawyer Guy Burgess looks at the the bill and what it means, with reference to the law in other parts of the world such as the USA, Europe and Britain (which is slightly different from the EU situation)."
DavidGilbert99 writes "This time last year the Queen officially introduced the Communications Data Bill (known as the Snooper's Charter to those opposing it). Last month it was effectively killed when the UK deputy prime minister Nick Clegg said it went too far and he wouldn't support it. Today the Queen was back and while there was no official mention of the Communications Data Bill, there was mention of 'crime in cyberspace' and a very strong hint that more legislation to monitor people's online activity is on the way."
gannebraemorr writes "The U.S. Department of Justice and the FBI believe they don't need a search warrant to review Americans' e-mails, Facebook chats, Twitter direct messages, and other private files, internal documents reveal. Government documents obtained by the American Civil Liberties Union and provided to CNET show a split over electronic privacy rights within the Obama administration, with Justice Department prosecutors and investigators privately insisting they're not legally required to obtain search warrants for e-mail."
New submitter giveen1 writes "I recieved this email as a former Demonoid.me user. I tried to go to the website and link is dead. ... 'Dear Demonoid Community Member, We have all read the same news stories: The Demonoid servers shut down and seized in the Ukraine. The Demonoid admin team detained in Mexico. The demonoid.me domain snatched and put up for sale. The Demonoid trackers back online in Hong Kong, but then disappearing. ... Now for some good news: The heart and soul of Demonoid lives on! Through an amazing sequence of unlikely events, the data on those Ukrainian servers has made its way into the safe hands of members of our community and has now been re-launched as d2.vu.'" But it turns out that the site was distributing malware, hosted on an American VPS, and quickly shut down after the provider discovered this. No word yet on how the Demonoid user database was acquired, but if you did make the mistake of trying to log in Torrent Freak warns: "New information just in suggests that if you logged into the fake Demonoid and used the same user/password combo on any other site (torrent, email, Steam, PayPal) you should change them immediately."
hypnosec tipped us to news that India is rolling out a new intrusive monitoring system, using the authority of a 2000 telecom law. Quoting The Times of India: "However, Pavan Duggal, a Supreme Court advocate specialising in cyberlaw, said the government has given itself unprecedented powers to monitor private Internet records of citizens. 'This system is capable of abuse,' he said. The Central Monitoring System, being set up by the Centre for Development of Telematics, plugs into telecom gear and gives central and state investigative agencies a single point of access to call records, text messages, and emails as well as the geographical location of individuals." Privacy advocates are worried about abuse, partially because India has no effective privacy legislation, and the "...Indian government under PM Manmohan Singh has taken an increasingly uncompromising stance when it comes to online freedoms, with the stated aim usually to preserve social order and national security or fight 'harmful' defamation."
FuzzNugget writes "According to Wired, the two CFAA charges that were laid against the man who exploited a software bug on a video poker machine have been officially dismissed. Says Wired: '[U.S. District Judge Miranda] Du had asked prosecutors to defend their use of the federal anti-hacking law by Wednesday, in light of a recent 9th Circuit ruling that reigned in the scope of the CFAA. The dismissal leaves John Kane, 54, and Andre Nestor, 41, facing a single remaining charge of conspiracy to commit wire fraud.' Kane's lawyer agreed, stating, 'The case never should have been filed under the CFAA, it should have been just a straight wire fraud case. And I'm not sure its even a wire fraud. I guess we'll find out when we go to trial.'"
wiredmikey writes "A new report from the Pentagon marked the most explicit statement yet from the United States that it believes China's cyber espionage is focused on the U.S. government, as well as American corporations. China kept up a steady campaign of hacking in 2012 that included attempts to target U.S. government computer networks, which could provide Beijing a better insight into America's policy deliberations and military capabilities, according to the Pentagon's annual assessment of China's military. 'China is using its computer network exploitation capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs,' said the report to Congress (PDF). The digital espionage was part of a broader industrial espionage effort that seeks to secure military-related U.S. and Western technology, allowing Beijing to scale back its reliance on foreign arms manufacturers, the report said. One day later, Beijing dismissed the Pentagon's report that accused it of widespread cyberspying on the U.S. government, rejecting it as an 'irresponsible' attempt to drum up fear of China as a military threat."
SternisheFan writes with an excerpt from Ars Technica: "Attacks exploiting a previously unknown and currently unpatched vulnerability in Microsoft's Internet Explorer browser have spread to at least nine other websites, including those run by a big European company operating in the aerospace, defense, and security industries as well as non-profit groups and institutes, security researchers said. The revelation, from a blog post published Sunday by security firm AlienVault, means an attack campaign that surreptitiously installed malware on the computers of federal government workers involved in nuclear weapons research was broader and more ambitious than previously thought. Earlier reports identified only a website belonging to the US Department of Labor as redirecting to servers that exploited the zero-day remote-code vulnerability in IE version 8. ... 'The specific Department of Labor website that was compromised provides information on a compensation program for energy workers who were exposed to uranium,' CrowdStrike said. 'Likely targets of interest for this site include energy-related US government entities, energy companies, and possibly companies in the extractive sector. Based on the other compromised sites other targeted entities are likely to include those interested in labor, international health and political issues, as well as entities in the defense sector.'"
SternisheFan tipped us to news that the infamous copyright trolls Prenda Law are in a bit of trouble with the law. Today, U.S. District Court judge Otis Wright issued sanctions against Prenda. He recommends that the lawyers involved be disbarred and fined, granted court and lawyer fees to the defendants (doubled for punishment), and has referred them for criminal prosecution. Among the findings of fact are that they set up dozens of shell companies to disguise the true owners, actually committed identity theft, dodged taxes on settlement money, lied to the court, and abused the court by setting settlements on flimsy charges just below the cost of a defense.