schwit1 writes "Mark Cuban won a years-long fight with the federal government Wednesday as jurors decided that the billionaire basketball team owner did not commit insider-trading when he sold his shares in an Internet company in 2004. The jury in federal district court in Dallas said that the Securities and Exchange Commission failed to prove the key elements of its case, including the claim that Cuban agreed to keep certain information confidential and not trade on it. The nine-member jury deliberated about half a day before reaching the unanimous decision that ended the three-week trial."

An anonymous reader writes in with word of a new tool for whistleblowers: "The 'strongest-ever' whistleblowing tool for sources to speak anonymously with journalists, partly developed by the late Reddit co-founder Aaron Swartz, has been launched by the Freedom of The Press Foundation. Before his suicide in January 2013, Swartz had been working on a tool for sources to anonymously submit documents to journalists online, without using traceable email and in a way that could be easily catalogued by news organisations. Called SecureDrop, the tool can be installed on any news organisation's website as a 'Contact Us' form page. But where these pages usually require a name and email address, the encrypted SecureDrop system is completely anonymous, assigning the whistleblower two unique identifiers - one seen by the journalist, and one seen by the whistleblower. These identities stay the same, so a conversation can be had without names being shared or known."

New submitter gamersunited writes with news of Blizzard Entertainment's defeat of another company that created bot software to automate World of Warcraft characters. Ceiling Fan Software faces a judgment of $7 million, and must disable any active licenses for the software. They're also forbidden from transferring or open-sourcing the bot software, and from facilitating its continued use in any way. The court order (PDF) follows more than two years of legal wrangling. Blizzard won a similar judgment a few years ago against another bot company called MDY Industries, which created the popular Glider bot.

mdsolar sends this news from the Associated Press: "The number of safety violations at U.S. nuclear power plants varies dramatically from region to region, pointing to inconsistent enforcement in an industry now operating mostly beyond its original 40-year licenses, according to a congressional study awaiting release. Nuclear Regulatory Commission figures cited in the Government Accountability Office report show that while the West has the fewest reactors, it had the most lower-level violations from 2000 to 2012 — more than 2½ times the Southeast's rate per reactor. The Southeast, with the most reactors of the NRC's four regions, had the fewest such violations, according to the report, a copy of which was obtained by The Associated Press. The striking variations do not appear to reflect real differences in reactor performance. Instead, the report says, the differences suggest that regulators interpret rules and guidelines differently among regions, perhaps because lower-level violations get limited review."

Nerval's Lobster writes "This year's revelations about NSA surveillance have upended the idea that our data—any of it—is truly secure from prying eyes. That uncertainty has sparked the rise of several businesses with a simple proposition: you can send whatever you want via their online service (text, images, video), and that data will vaporize within seconds of the recipient opening it up. One of the most popular of those services is Snapchat, which allows users to take "Snaps" (i.e., videos or photos) that self-destruct a few seconds after the recipient opens them; that data also disappears from the company's servers. But is 'disappearing' data truly secure from prying eyes? Earlier this week, Snapchat admitted to a loophole in its schema that leaves Snaps open to viewing by law enforcement — provided the latter shows up at the company's front door with a warrant. Until a recipient opens a Snap, it's stored in the company's datacenter. In theory, law enforcement could request that Snapchat send it an unopened Snap. 'If we receive a search warrant from law enforcement for the contents of Snaps and those Snaps are still on our servers,' read an Oct. 14 posting on Snapchat's corporate blog, 'a federal law called the Electronic Communications Privacy Act (ECPA) obliges us to produce the Snaps to the requesting law enforcement agency.' Law-enforcement entities have hit Snapchat with 'about a dozen' search warrants for unopened Snaps since May 2013. 'Law enforcement requests sometimes require us to preserve Snaps for a time, like when law enforcement is determining whether to issue a search warrant for Snaps,' the blog continued. That surveillance could also go beyond unopened Snaps: Snapchat 'Stories,' or a cluster of Snaps, live on the company's servers for up to 24 hours and can be viewed multiple times, which broadens the window for law enforcement to poke its way in."

dryriver writes "The Guardian reports: 'British Prime Minister David Cameron has encouraged a Commons select committee to investigate whether the Guardian has broken the law or damaged national security by publishing secrets leaked by the National Security Agency whistleblower Edward Snowden. He made his proposal in response to a question from former defense secretary Liam Fox, saying the Guardian had been guilty of double standards for exposing the scandal of phone hacking by newspapers and yet had gone on to publish secrets from the NSA taken by Snowden. Speaking at prime minister's questions on Wednesday, Cameron said: "The plain fact is that what has happened has damaged national security and in many ways the Guardian themselves admitted that when they agreed, when asked politely by my national security adviser and cabinet secretary to destroy the files they had, they went ahead and destroyed those files. So they know that what they're dealing with is dangerous for national security."'" Destroyed their copies of some files, certainly, but it's not like others don't have the files too.

An anonymous reader writes "The NY Times reports on the arrests of two girls, ages 12 and 14, who allegedly harassed another 12-year-old girl who committed suicide. The girls are facing third-degree felony charges, and the police involvement was spurred by a comment on Facebook by the older of the two. 'In Internet shorthand it began "Yes, ik" — I know — "I bullied Rebecca nd she killed herself." The writer concluded that she didn't care, using an obscenity to make the point and a heart as a perverse flourish. Five weeks ago, Rebecca Ann Sedwick, a seventh grader in Lakeland in central Florida, jumped to her death from an abandoned cement factory silo after enduring a year, on and off, of face-to-face and online bullying. ... Brimming with outrage and incredulity, the sheriff said in a news conference on Tuesday that he was stunned by the older girl's Saturday Facebook posting. But he reserved his harshest words for the girl's parents for failing to monitor her behavior, after she had been questioned by the police, and for allowing her to keep her cellphone.'"

Jah-Wren Ryel sends this excerpt from Ed Felten at Freedom to Tinker: "Commentators on the Lavabit case, including the judge himself, have criticized Lavabit for designing its system in a way that resisted court-ordered access to user data. They ask: If court orders are legitimate, why should we allow engineers to design services that protect users against court-ordered access? The answer is simple but subtle: There are good reasons to protect against insider attacks, and a court order is an insider attack. To see why, consider two companies, which we’ll call Lavabit and Guavabit. At Lavabit, an employee, on receiving a court order, copies user data and gives it to an outside party—in this case, the government. Meanwhile, over at Guavabit, an employee, on receiving a bribe or extortion threat from a drug cartel, copies user data and gives it to an outside party—in this case, the drug cartel. From a purely technological standpoint, these two scenarios are exactly the same: an employee copies user data and gives it to an outside party. Only two things are different: the employee’s motivation, and the destination of the data after it leaves the company."

Nerval's Lobster writes "This morning we discussed news that the National Security Agency (NSA) has siphoned up millions of online address books and contact lists. The Post drew its information from top-secret documents provided by government whistleblower Edward Snowden, who spent the summer feeding information about the NSA to a variety of news outlets. Snowden's documents (as outlined in The Guardian, Spiegel Online and other venues) have detailed a massive NSA program that's siphoning all sorts of personal information from a variety of sources — and yet the public seems to have greeted each new revelation with weakening outrage. Whereas the initial news reports about NSA splying in June kicked off a firestorm of controversy and discussion (aggravated by the drama of Snowden seeking asylum in pretty much any country that would have him), the unveiling of the NSA's Great Contact-List Caper has ranked below the news stories such as the government shutdown, negotiations over Iran's nuclear program, and invites for Apple's upcoming iPad event on aggregators such as Google News; it also didn't make much of a blip on Twitter and other online forums. There's the very real possibility that Americans, despite the assurances of government officials, are being monitored in a way that potentially violates their privacy. Surely that's an issue that concerns a great many individuals; and yet, as time goes by, it seems as if people are choosing to focus on other things. Are we suffering from 'surveillance fatigue?'"

DavidGilbert99 writes "Ireland and its tax system came under some extreme scrutiny earlier this year when it was revealed that Apple funneled billions of dollars of revenue though three subsidiaries based in the country. Thanks to a loophole, none of these subsidiaries were tax-resident in Ireland, meaning they didn't even have to pay Ireland's relatively low 12.5% corporation tax rate. Worryingly for Apple, Ireland's finance minister may now shut this loophole. A measure within a new budget bill (PDF) would disallow Apple's status as a 'stateless' corporate entity for tax purposes. Apple will still be able to select a country like Bermuda as its tax residence, but it's a step in the right direction."

sfcrazy writes "Oracle has a love-hate relationship with open source technologies. In a whitepaper (PDF) for the Deparment of Defense, Oracle claims that TCO (total cost of ownership) goes up with the use of open source. They're essentially trying to build a case for the use of their own products within the government. 'The skill required to successfully and economically blend source code into a commercially viable product is relatively scarce. It should not be done directly at government expense.' Oracle also attacks the community-based development model, calling it more insecure than company developed products. 'Government-sponsored community development approaches to software creation lack the financial incentives of commercial companies to produce low-defect, well-documented code.'"

wiredog writes "One side effect of the NSA's surveillance program is that a great deal of spam is getting swept up along with the actual communications data. Overwhelming amounts, perhaps. From The Washington Post: '[W]hen one Iranian e-mail address of interest got taken over by spammers ... the Iranian account began sending out bogus messages to its entire address book. ... the spam that wasn't deleted by those recipients kept getting scooped up every time the NSA's gaze passed over them. And as some people had marked the Iranian account as a safe account, additional spam messages continued to stream in, and the NSA likely picked those up, too....Every day from Sept. 11, 2011 to Sept. 24, 2011, the NSA collected somewhere between 2 GB and 117 GB of data concerning this Iranian address."

dcblogs writes "In a better time, circa 1998, Cypress Semiconductor founder and CEO T.J. Rodgers gave a provocative speech, titled 'Why Silicon Valley Should Not Normalize Relations with Washington D.C.' This speech is still important to understanding the conflict that tech leaders have with Congress, and their relative silence during the shutdown. 'The metric that differentiates Silicon Valley from Washington does not fall along conventional political lines: Republican versus Democrat, conservative versus liberal, right versus left,' Rogers said. 'It falls between freedom and control. It is a metric that separates individual freedom to speak from tap-ready telephones; local reinvestment of profit from taxes that go to Washington; encryption to protect privacy from government eavesdropping; success in the marketplace from government subsidies; and a free, untaxed Internet from a regulated, overtaxed Internet.'"

An anonymous reader writes "The Washington Post reports, "British law enforcement agencies averted a plot to orchestrate a large-scale terror attack similar to the assault on Kenya's Westgate mall, an official said Monday. Police were questioning four men in their 20s on suspicion of terrorism after they were detained Sunday in pre-planned, intelligence-led raids. A British security official said the men were planning a shooting spree akin to the Westgate attack in Nairobi, in which at least 67 people died. ... in a series of statements, the force said the men were all British nationals between the ages of 25 and 29, with roots in Turkey, Pakistan, Algeria and Azerbaijan. ... the London police firearms unit took part in the arrests. British police rarely carry weapons and their involvement suggested concern that men might have been armed." — The Sydney Morning Herald has video. Prime Minister Cameron recently expressed concern regarding such a possibility."

realized writes "The Obamacare website Healthcare.gov has a hidden terms of service that is not shown to people when they sign up. The hidden terms, only viewable if you 'view source' on the site, says that the user has 'no reasonable expectation of privacy regarding any communication or data transiting or stored on this information system.' Sadly, the taxpayer-funded website still does not work for most people, so it's hard to confirm – though when it's fixed in two months, we should finally be able to see it." Note: As the article points out, that phrasing is "not visible to users and obviously not intended as part of the terms and conditions." So users shouldn't worry that they've actually, accidentally agreed to any terms more onerous than the ones they can read on the signup page, but it's an interesting inclusion. What's the last EULA you read thoroughly?

Charliemopps writes that the Washington Post reports "The NSA is collecting hundreds of millions of contact lists from all over the world, many of them belonging to Americans. The intercept them from instant messaging services as they move across global data links. The NSA is gathering contact lists in large numbers that amount to a sizable fraction of the world's e-mail and instant messaging accounts." According to the leaked document (original as a PDF), the NSA is intercepting some chat protocols and at least IMAP, and then analyzing the data for buddy list information and inbox contents.

An anonymous reader writes with news of a man caught by the NSA dragnet for donating a small sum of money to an organization that the federal government considered terrorist in nature. The man is having problems mounting an appeal. From the article: "Seven months after his conviction, Basaaly Moalin's defense attorney moved for a new trial, arguing that evidence collected about him under the government's recently disclosed dragnet telephone surveillance program violated his constitutional and statutory rights. ... The government's response (PDF), filed on September 30th, is a heavily redacted opposition arguing that when law enforcement can monitor one person's information without a warrant, it can monitor everyone's information, 'regardless of the collection's expanse.' Notably, the government is also arguing that no one other than the company that provided the information — including the defendant in this case — has the right to challenge this disclosure in court." This goes far beyond the third party doctrine, effectively prosecuting someone and depriving them of the ability to defend themselves by declaring that they have no standing to refute the evidence used against them.

Covalent writes "RMS describes how much surveillance is too much (hint: it's all too much) and how to combat, circumvent, and prevent future surveillance. How much of what is suggested is plausible? How much is just a pipe dream? Discuss!" The article contains an extensive list of things we do that give too much data to centralized organization, and offers solutions to combat all of them. From the article: "The goal of making journalism and democracy safe therefore requires that we reduce the data collected about people by any organization, not just by the state. We must redesign digital systems so that they do not accumulate data about their users. If they need digital data about our transactions, they should not be allowed to keep them more than a short time beyond what is inherently necessary for their dealings with us."

MarkWhittington writes "Alan Steinberg, a post doctorate fellow in political science at Sam Houston State University, conducted a study surrounding the vexing problem of how to motivate more people to support increased levels of funding for NASA. In an October 14, 2013 piece in The Space Review, Steinberg announced the results of a study conducted with a group of college students. Steinberg's approach was based on the findings of a study by Roger Launius conducted in the late 1990s that suggested that the American public believe that NASA spending takes up about 20 percent of the federal budget. It has in fact never exceeded four percent, which it enjoyed at the height of the Apollo program, and is currently about .5 percent. Steinberg was testing a notion advanced by Neil deGrasse Tyson that if people knew the true size of NASA's budget they would be more likely to support increasing it."

cagraham writes "Snack company Mondelez International (maker of Oreos, Trident, Cadbury eggs) will introduce so-called 'smart shelves' into store checkout aisles beginning 2015. The shelves will use Microsoft's Kinect software, in addition to other tech, to identify shoppers age and sex, and will then use that info to deliver demographically tailored advertisements. The shelves will be able to track engagement, monitor how long customer's watch each ad, and offer discounts if a customer is considering a purchase (weight sensors will tell the machine if you pick up a product). Mondelez says the software will only use and collect aggregate data, and will not record any video or photos."