alphadogg writes "Oracle is continuing to crack down on companies it claims are providing support services for its products in an illegal fashion. Last week, Oracle sued IT services providers Terix and Maintech, alleging they have 'engaged in a deliberate scheme to misappropriate and distribute copyrighted, proprietary Oracle software code' in the course of providing support for customers using Oracle's Solaris OS. Oracle's allegations are similar to ones it has made in lawsuits against other Solaris service providers, such as ServiceKey, as well as Rimini Street, which provides third-party support for Oracle and SAP applications."
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test! ×
First time accepted submitter MrClappy writes "I manage the network for a defense contractor that needs a cloud-based storage service and am having a lot of trouble finding an appropriate solution that meets our requirements. We are currently using DropBox and I am terrified of seeing another data leak like last year. Some of our data is classified under International Traffic in Arms Regulations (ITAR) which requires that all data to remain inside the US, including any cloud storage or redundant backups. We tried using Box as a more secure replacement but ended up canceling the service due to lack of functionality; 40,000 file sync limit, Linux-based domain controller compatibility issues and the fact that the sync application does not work while our computers are locked (which is an explicit policy for my users). I've been calling different companies and just can't seem to find a decent solution. Unless I'm severely missing something, I'm just blown away that no one offers this functionality with today's tech capabilities. Am I wrong?"
sl4shd0rk writes "Federal Judge William Pauley has dismissed an Obama Administration request to delay a hearing on Verizon/NSA data sifting. The ACLU has argued that the sifting is not authorized by statute and even if it were it would still be unconstitutional. The Obama Administration requested the delay on the grounds it needed more time to search through its classified material to determine what was suitable for disclosure." See also the case docket. Motions must be filed by August 26th, and oral arguments begin on November 1st.
sciencehabit writes "For Ved Chirayath, a graduate student and amateur fashion photographer, a photo project that involved NASA researchers dressed as Vikings was just a creative way to promote space science. 'I started this project hoping maybe one day some kid will look at it and say, 'I want to work for NASA,' ' says Chirayath, a student at Stanford University in Palo Alto, California, who also works nearby at NASA's Ames Research Center. He never suspected that his fanciful image would put him in the crosshairs of a government waste investigation triggered by a senior U.S. senator." The project was funded by an outside art grant. The best part: the investigation into the non-existent waste probably cost more than the "waste" would have were it funded by NASA in the first place.
An anonymous reader writes "Following the /. story on the Feds demanding SSL keys, now comes news that the feds are demanding user passwords, and in some cases, the encryption algorithm and salt used. From the article: 'A second person who has worked at a large Silicon Valley company confirmed that it received legal requests from the federal government for stored passwords. Companies "really heavily scrutinize" these requests, the person said. "There's a lot of 'over my dead body.'" ... Some of the government orders demand not only a user's password but also the encryption algorithm and the so-called salt, according to a person familiar with the requests. ... Other orders demand the secret question codes often associated with user accounts.' I'm next expecting to see the regulation or law demanding that all users use plain text for all web transactions, to catch terrorists and for the children."
Barence writes "Mozilla is proposing that the Firefox browser collects data on users' interests to pass on to websites. The proposal is designed to allow websites to personalize content to visitors' tastes, without sites having to suck up a user's browsing history, as they do currently. 'Let's say Firefox recognizes within the browser client, without any browsing history leaving my computer, that I'm interested in gadgets, comedy films, hockey and cooking,' says Justin Scott, a product manager from Mozilla Labs. 'Those websites could then prioritize articles on the latest gadgets and make hockey scores more visible. And, as a user, I would have complete control over which of my interests are shared, and with which websites.'" This is the result of an extended experiment. The idea is that your history is used to generate a set of interests which you can then share voluntarily with websites, hopefully discouraging the blanket tracking advertising systems love to do now.
AmiMoJo writes "The BBC reports that Huawei, one of the world's largest manufacturers of telecoms equipment, is controlling popular ISP TalkTalk's web censorship system. The system, known as Homesafe, was praised by Prime Minister David Cameron. Customers who do not want filtering still have their traffic routed through the system, but matches to Huawei's database are dismissed rather than acted upon. In other words there is no opt-out. Mr Cameron has demanded similar measures be adopted by all internet service providers (ISPs) in the UK, to 'protect our children and their innocence.'"
An anonymous reader writes "Oilfield services giant Halliburton will plead guilty to destroying computer test results that had been sought as evidence in the Deepwater Horizon disaster, the Justice Department announced Thursday. Company officials threw out test results that showed 'little difference' between the number of devices Halliburton said was needed to center the cement casing in the well at the heart of the disaster and the number well owner BP installed, according to court papers. The issue has been key point of contention between the two companies in hearings and litigation ever since the April 2010 blowout. BP and Halliburton are still battling over responsibility for the disaster in a New Orleans federal courtroom. BP had no comment on the plea agreement Thursday evening."
wiredmikey writes "US authorities have charged four Russians and a Ukrainian five on charges of running a global hacking operation that targeted major payment processors, retailers and financial institutions. The charges stem from hacking attacks dating back to 2005 against several global brands, including the NASDAQ exchange, 7-Eleven, JC Penney, Hannaford, Heartland, JetBlue, Dow Jones, Euronet, Visa Jordan, Global Payment, Diners Singapore and Ingenicard. The men allegedly used SQL injection attacks as the initial entry point into the computer systems of global corporations. Once networks were breached, the defendants allegedly placed malware on the systems. According to the indictment (PDF), the malware used created a "back door," leaving the system vulnerable and helping the defendants maintain access to the network. The men face five years in prison for conspiracy to gain unauthorized access to computers; 30 years in prison for conspiracy to commit wire fraud; five years in prison for unauthorized access to computers; and 30 years in prison for wire fraud."
An anonymous reader points out this story about the latest effort by the U.S. to get Edward Snowden back in the country. "A U.S. Senate panel voted unanimously on Thursday to seek trade or other sanctions against Russia or any other country that offers asylum to former spy agency contractor Edward Snowden, who has been holed up for weeks at a Moscow airport. The 30-member Senate Appropriations Committee adopted by consensus an amendment to a spending bill that would direct Secretary of State John Kerry to meet with congressional committees to come up with sanctions against any country that takes Snowden in."
v3rgEz writes "After the ACLU's Christopher Soghoian highlighted NSA programs listed on LinkedIn, Jason Gulledge filed a request for details about the program — and turned up lucky. The NSA released 7 pages of database descriptions of its ANCHORY program, an open-source intelligence data gathering effort. The NSA's FOIA office said it would pony up more, but only if Gulledge could prove he was requesting the documents as part of a news gathering effort or if he would agree to pay associated fees."
steveb3210 writes "EQ2Wire.com is a fan site for the MMO Everquest 2. One feature of their site is a searchable portal for all game-related stats such as characters, equipment, items, and mobs which they generate from an XML feed provided by the game's publisher. Recently, the owner of a trademark has been threatening them over the name of a character and in the face of possible legal bills, they were forced to remove the character's profile from their site. Adding further insult to injury, the character seems to have been created prior to the trademark in question."
miller60 writes "The U.S. government keeps finding more data centers. Federal agencies have about 7,000 data centers, according to the latest stats from the ongoing IT consolidation process. The number started at 432 in 1999, but soon began to rise as agencies found more facilities, and exploded once the Obama administration decided to include server closets as well as dedicated data centers. The latest estimate is more than double the 3,300 facilities the government thought it had last year. The process has led to the closure of 484 data centers thus far, with another 855 planned over the next year. The GAO continues to call for the process to look beyond the number of facilities and focus on savings."
alphadogg writes "Malware writers are increasingly considering the Tor anonymity network as an option for hiding the real location of their command-and-control servers, according to researchers from security firm ESET. The researchers recently came across two botnet-type malware programs that use C&C servers operating as Tor 'hidden services.' The Tor Hidden Service protocol allows users to set up services — usually Web servers — that can only be accessed from within the Tor network through a random-looking hostname that ends in the .onion pseudo domain extension. The traffic between a Tor client and a Tor hidden service is encrypted and is randomly routed through a series of computers participating in the network and acting as relays."
Reader turp182 notes that the Amash Amendment (#100) to HR 2397 (DOD appropriations bill) failed to pass the House of Representatives, meaning it will not be added to the appropriations bill. turp182 writes "The amendment would have specifically defunded the bulk collection of American phone records." Americans can see how their representatives voted here.
First time accepted submitter fsagx writes "The U.S. government has attempted to obtain the master encryption keys that Internet companies use to shield millions of users' private Web communications from eavesdropping. These demands for master encryption keys, which have not been disclosed previously, represent a technological escalation in the clandestine methods that the FBI and the National Security Agency employ when conducting electronic surveillance against Internet users."
An anonymous reader writes "One of the arguments for continuing and even expanding the H1-B visa program (pdf) is that it enables highly-skilled immigrants to work in the U.S. and grow the U.S. economy. Counterarguments state that the H1-B visa program does not bring in the 'best and brightest' and is used to drive down wages, particularly in the STEM fields. This Bloomberg article, discussing pending H1-B legislation, quotes some of the salaries of current workers in the U.S. on H1-B visas: $4,800/month and $5,500/month which work out to $57,600/year and $66,000/year; only slightly higher than the average entry-level salaries of newly-graduated engineering or computer science majors."
cold fjord writes "Break out the tin foil hats, and make them double thick. Forbes reports, 'The NSA will soon cut the ribbon on a facility in Utah ... the center will be up and running by the "end of the fiscal year," ....Brewster Kahle is the engineering genius behind the Internet Archive,... Kahle estimates that a space of that size could hold 10,000 racks of servers .... "So we are talking $1 billion in machines." Kahle estimates each rack would be capable of storing 1.2 petabytes of data. ... all the phone calls made in the U.S. in a year would take up about 272 petabytes, ... If Kahle's estimations and assumptions are correct, the facility could hold up to 12,000 petabytes, or 12 exabytes – ... but is not of the scale previously reported. Previous estimates would allow the data center to easily hold hypothetical 24-hour video and audio recordings of every person in the United States for a full year. The data center's capacity as calculated by Kahle would only allow the NSA to create archives for the 13 million people living in the Los Angeles metro area. Even that reduced number struck Internet infrastructure expert Paul Vixie as high given the space allocated for data in the facility. ... he came up with an estimate of less than 3 exabytes of data capacity for the facility. That would only allow for 24-hour recordings of what every one of Philadelphia's 1.5 million residents was up to for a year. Still, he says that's a lot of data pointing to a 2009 article about Google planning multiple data centers for a single exabyte of info. '" Update: 07/25 16:33 GMT by T : For even more, see this story.
An anonymous reader writes "The Ninth U.S. Circuit Court of Appeals affirmed a lower court's ruling in favor of Dish Network, allowing the company to continue forward with it ad-skipping "Hopper" technology. From the article: 'Last year, Fox Broadcasting Company, with the support of other broadcast networks, sued Dish for its "Hopper" DVR and its "Auto Hop" feature, which automatically skips over commercials. According to the Fox, the Hopper automatically records eight days' worth of prime time programming on the four major networks that subscribers can play back on request. Beginning a few hours after the broadcast, viewers can choose to watch a program without ads. As we observed when the it started, this litigation was yet another in a long and ignominious series of efforts by content owners to use copyright law to control the features of personal electronic devices, and to capture for themselves the value of new technologies no matter who invents them.'"
twoheadedboy writes "Claire Perry MP, who has been the main driver of the UK government's plans for default blocking of pornography, has had her website plastered in porn by hackers. But the story only just begins there. Notable blogger Guido Fawkes, otherwise known as Paul Staines, posted on the matter, only to later be accused of sponsoring the hacking himself. During some back and forth over Twitter, it appeared Perry was 'confused,' as she said Fawkes had posted a link to the defaced page, when he had only shown a screenshot of the site. Given the backlash against the government's plans to censor porn and its technical fallacies, the event could be particularly embarrassing for Perry. She is not commenting on the matter, whilst Staines has threatened to sue unless Perry offers a retraction of her claim he had anything to do with the hack." The tweet: 'Apologies to anyone affected by the hacking of my website sponsored by @GuidoFawkes – proves so clearly what we are dealing with.' Someone needs a lesson about hypertext.
New submitter duSoliel wrote in with news that another musician is complaining about a lack of royalties from streaming music services. This time, however, the musician is going after MediaNet (once known as MusicNet) which acts as an intermediary source for licensing songs to streaming music services that did not manage to gain compulsory licensing from the Copyright Royalty Board. MediaNet has a storied history riddled with lawsuits from the Harry Fox agency among others; a suit brought last year alleged that around a quarter of MediaNet's catalog was improperly licensed, but was settled privately out of court. Now, Aimee Mann is suing them for failure to properly license 120 of her songs, seeking $18 million in damages. From the article: "... she entered into a license agreement in 2003 with MediaNet (then known as MusicNet). The term of the license agreement was scheduled to end in 2006 but had automatic two-year extensions unless terminated by either party. Mann's representative is said to have sent a termination notice in 2005, but nevertheless, 'MediaNet continued after the Termination Date to transmit, perform, reproduce and distribute the Compositions as part of MediaNet's service, despite having no right or license to do so.' ... Besides suing for direct infringement, Mann is also claiming that MediaNet induced its business partners to commit copyright infringement. Mann also says she has not been paid any royalties by the company since Sept. 30, 2005 with the exception of a $20 advance this past March that was returned." The perils of not having sane compulsory licensing for Internet radio?
New submitter craighansen writes "The U.S. Securities and Exchange Commission has filed a lawsuit against a man they allege ran a Ponzi scheme using Bitcoin. According to the complaint (PDF), during 2011-2012, Trendon Shavers, operating under the username pirateat40, collected investments of over 700,000 Bitcoins from at least 66 'investors' (a valuation of $4.5M) with the promise of as much as 7% weekly returns. These 'investors' received about 500,000 Bitcoins in returns, so on average, they're probably much better-off than investors in Madoff's scheme. Nevertheless, with the rising value of Bitcoins, the $4.5M investments would be worth $65M at recent pricing if they had actually been left in Bitcoins, which approximates the 1% per day returns that the scheme promised."
twoheadedboy writes "A Chinese hacker group is the chief suspect of spear phishing attacks against the Falun Dafa spiritual group and military organizations in the Philippines. Data handed to TechWeek by AlienVault Labs showed how zero-day malware, designed to pilfer Outlook email account logins, was just one strand of the attacks, which are ongoing. Other malware sought to steal passwords for other accounts, dodging many commercial AV products, whilst remote access tools indicate this is a serious surveillance operation. Chinese authorities have neither confirmed nor denied the claims. But it marks another case of Internet-led surveillance with China's name attached to it, following numerous reports of mass Chinese hacking, which has already allegedly hit massive firms like Facebook and Google."
An anonymous reader writes "The hacking group known as the Syrian Electronic Army have hacked into Viber, defacing its support website, and posting what they claim is evidence of surveillance by the free phone-messaging app. The Syrian Electronic Army posted a message claiming the 'Israeli-based Viber is spying and tracking you' alongside what appeared to be a screenshot of an internal Viber database containing users' phone numbers, device UDIDs, IP address, operating system, and Viber version information." Viber is saying the attack was minor: "...the hack only allowed access to two minor systems, a customer support panel and a support administration system. According to the company's official response, 'no sensitive user data was exposed and Viber's databases were not "hacked."' Apparently, an employee simply fell victim to a phishing attack.
New submitter Ajay Anand writes with news that Eolas's web patents are really dead (the infamous browser plugin patent that forced Internet Explorer to change how it activated plugins). After Eolas sued a number of companies, last fall a jury found the patents invalid; Eolas naturally mounted an appeal. But a panel of judges simply affirmed the jury decision (PDF). A quiet ending to a decade of patent trolling.
New submitter Jah-Wren Ryel writes "It's been just over a month since the NSA's dragnet surveillance program was leaked to the public. Tomorrow, Congress is voting on an amendment that would block funding for NSA programs that collect the call records of innocent Americans. A win tomorrow may start a chain reaction — but it won't happen unless we speak up. We have one day to convince Congress to act." The EFF is urging U.S. citizens to call their representatives, noting that there is no time for email to be effective (find your representative). You can read the amendment on the EFF site, quoting the EFF: "Reps. Justin Amash, John Conyers, Jr., Thomas Massie, Mick Mulvaney, and Jared Polis are proposing an amendment that would curtail funding for the implementation of orders under Section 215 of the PATRIOT Act unless the order is explicitly limited in scope. ... Even as the Amash/Conyers Amendment is gaining momentum, some are rallying around a decoy amendment that would do nothing to rein in domestic surveillance. That amendment, championed by Rep. Nugent, would not alter in any way the government's use of Section 215 to obtain bulk communications records on millions of Americans. EFF is urging Representatives to oppose the Nugent Amendment."
GigaOM notes that (excerpting) "Gary Becker, a Nobel-prize winning professor at the University of Chicago, stated this week that the U.S. patent system is ”too broad, too loose, and too expensive” and called for the end of software patents: 'Disputes over software patents are among the most common, expensive, and counterproductive. Their exclusion from the patent system would discourage some software innovations, but the saving from litigation costs over disputed patent rights would more than compensate the economy for that cost.'" Here are Becker's comments, from the always-fun Becker-Posner Blog.
Thornburg contributes news of a story spotted on Techmeme, writing: "[Joel Spolsky of] Joel On Software has a story about how he found and submitted prior art for a Microsoft patent listed on Ask Patents in 15 minutes. The patent was rejected based largely on the document he submitted." Spolsky gives a very readable introduction to the patent system, and software patents in particular; I especially like this part: "Software patent applications are of uniformly poor quality. They are remarkably easy to find prior art for. Ask Patents can be used to block them with very little work. And this kind of individual destruction of one software patent application at a time might start to make a dent in the mountain of bad patents getting granted. ... How cool would it be if Apple, Samsung, Oracle and Google got into a Mexican Standoff on Ask Patents? If each of those companies had three or four engineers dedicating a few hours every day to picking off their competitors’ applications, the number of granted patents to those companies would grind to a halt."
First time accepted submitter Koookiemonster writes "The Finnish citizens' initiative site (Finnish/Swedish only) has fulfilled the required amount of signatures for the third initiative since its founding. This means that the Parliament of Finland is required to take the Common Sense in Copyright initiative into processing. The initiative calls for removal of copyright infringement as a crime, reducing violations by private individuals to a misdemeanor." Torrent Freak notes "This makes Finland the first country in the world in which legislators will vote on a copyright law that was drafted by citizens."
Flere Imsaho writes "After admitting they have illegally spied on NZ citizens or residents 88 times (PDF) since 2003, the government, in a stunning example of arse covering, is about to grant the GCSB the right to intercept the communications of New Zealanders in its role as the national cyber security agency, rather than examine the role the GCSB should play and then look at the laws. There has been strong criticism from many avenues. The bill is being opposed by Labor and the Greens, but it looks like National now have the numbers to get this passed. Of course, the front page story is all about the royal baby, with this huge erosion of privacy relegated to a small article near the bottom of the front page. Three cheers, the monarchy is secure, never mind the rights of the people. More bread and circuses anyone?"
The Northside Independent School District (NISD) of Texas, has decided to drop their controversial student RFID card plans and settle on hundreds of cameras to monitor students. Apparently, the technology wasn't quite the attendance silver bullet administration thought it would be, as Slate's Will Oremus discovered. 'Northside Independent School District spokesman Pascual Gonzalez told me that the microchip-ID program turned out not to be worth the trouble. Its main goal was to increase attendance by allowing staff to locate students who were on campus but didn't show up for roll call. That was supposed to lead to increased revenue. But attendance at the two schools in question a middle school and a high school barely budged in the year that the policy was in place. And school staff found themselves wasting a lot of time trying to physically track down the missing students based on their RFID locators. "We're very confident we can still maintain a safe and secure school because of the 200 cameras that are installed at John Jay High School and the 100 that are installed at Jones Middle School. Plus we are upgrading those surveillance systems to high-definition and more sophisticated cameras. So there will be a surveillance-camera umbrella around both schools," Gonzalez said."'
judgecorp writes "David Cameron, the British Prime Minister has promised that the UK's ISPs will be required to provide connections with 'porn blocking' filters switched on by default.. The public promise comes despite opposition from ISPs, and the near-universal acknowledgment that the system wouldn't work. Last week also saw the leak of a letter from the Department for Education which effectively told ISPs to lie — to implement their preferred 'active choice' system, and simply call it 'default-on'."
Frosty Piss writes "When people say the feds are monitoring what people are doing online, what does that mean? How does that work? When, and where, does it start? Pete Ashdown, CEO of XMission, an internet service provider in Utah, knows. He received a Foreign Intelligence Service Act (FISA) warrant in 2010 mandating he let the feds monitor one of his customers, through his facility. He also received a broad gag order. Says Mr. Ashdown, 'I would love to tell you all the details, but I did get the gag order... These programs that violate the Bill of Rights can continue because people can't go out and say, This my experience, this is what happened to me, and I don't think it is right.' In this article, Mr. Ashdown tells us about the equipment the NSA installed on his network, and what he thinks it did."
An anonymous reader writes "I work for a technical magazine that has been available in print for over 40 years. Moving to providing an alternative subscription available online has been hard; the electronic version is quickly pirated and easily available around the world each month. We are a small company, and our survival depends not only on advertising but on the subscription fees. Do any slashdotters have experience of delivering electronic magazines via a subscription service in a way that is cost effective and secure?"
Daniel_Stuckey writes "General Counsel of the Office of the Director of National Intelligence Robert S. Litt explained that our expectation of privacy isn't legally recognized by the Supreme Court once we've offered it to a third party. Thus, sifting through third party data doesn't qualify 'on a constitutional level' as invasive to our personal privacy. This he brought to an interesting point about volunteered personal data, and social media habits. Our willingness to give our information to companies and social networking websites is baffling to the ODNI. 'Why is it that people are willing to expose large quantities of information to private parties but don't want the Government to have the same information?,' he asked."
judgecorp writes "When Google gathered personal Wi-Fi data through its Street View cars, the UK privacy watchdog, the ICO did not press charges, saying that Google had "contained" the data in "quarantined cages". It has now been revealed that the ICO never checked this assertion. It just took Google's word for it, and never visited Google to try and check on whether the data actually was contained. From TechWeekEurope's correspondence with the ICO it seems that the regulator had a team of three looking into the Google Wi-Fi data scandal. Seeing that it was impossible to check Google's claims in depth, the ICO decided to just take Google's word it had done what it claimed."
An anonymous reader writes "The U.S. Dept. of Justice has announced that Panasonic and its subsidiary Sanyo have been fined $56.5 million for their roles in price fixing conspiracies involving battery cells and car parts. The fines are part of a larger investigation into the prices of auto parts. Interestingly, 12 people at various companies have been sentenced to jail time, and three more are going to prison. Since the charges are felonies, none of the sentences are shorter than a year and a day. Criminal fines targeting these companies has totaled over $874 million. 'The conduct of Panasonic, SANYO, and LG Chem resulted in inflated production costs for notebook computers and cars purchased by U.S. consumers. These investigations illustrate our efforts to ensure market fairness for U.S. businesses by bringing corporations to justice when their commercial activity violates antitrust laws.'"
pegdhcp writes with news that the UK government has signaled its intent to support a bill that would issue a posthumous pardon to Alan Turing, who is known for his work in defeating the German Enigma code machines in World War II and widely considered the father of computer science. Turing was charged with and convicted of "gross indecency" in 1952 for being gay. He was sentenced to chemical castration, and he committed suicide two years later. "The announcement marks a change of heart by the government, which declined last year to grant pardons to the 49,000 gay men, now dead, who were convicted under the 1885 Criminal Law Amendment Act. They include Oscar Wilde. ... [Lord Ahmad of Wimbledon] told peers: "Alan Turing himself believed that homosexual activity would be made legal by a royal commission. In fact, appropriately, it was parliament which decriminalized the activity for which he was convicted. The government are very aware of the calls to pardon Turing, given his outstanding achievements, and have great sympathy with this objective That is why the government believe it is right that parliament should be free to respond to this bill in whatever way its conscience dictates and in whatever way it so wills."
New submitter robp writes "After a link to VLC showed up in one of HBO's DMCA takedown requests, I recalled how often I've linked to VLC in my own copy, and how often I've seen that app noted across traditional-media outlets — even though you could make the same arguments against linking to it that Judge Kaplan bought in 2000. Now, though, even the House's own IT department not only links to this CSS-circumventing app but endorses it. Question is, what led to this enlightenment?"
An anonymous reader writes with this excerpt from ABC News: "A former student was sentenced to a year in prison for rigging his school elections at California State University-San Marcos so he could become student president, court documents show. Matthew Weaver, 22, was charged in January with wire fraud, access device fraud and unauthorized access to a computer. He pleaded guilty in March, admitting that he had stolen the email passwords of more than 740 students and used them to vote for himself 630 times during the student elections in March 2012... Right before the voting ended, on March 15, 2012, officials noticed 259 votes coming from another IP address. Officials tracked the IP address to a classroom, and found Weaver sitting there. There was only one other student in the lab, according to court documents. A university police officer arrested Weaver and seized his bag, subsequently discovering that he had stashed the keyloggers there."
Bruce Schneier points out on his blog a proposal to use electronic randomizers at airport security checkpoints. Schneier writes there: "I've seen something like this at customs in, I think, India. Every passenger walks up to a kiosk and presses a button. If the green light turns on, he walks through. If the red light turns on, his bags get searched. Presumably the customs officials can set the search percentage. Automatic randomized screening is a good idea. It's free from bias or profiling. It can't be gamed. These both make it more secure. Note that this is just an RFI from the TSA. An actual program might be years away, and it might not be implemented well. But it's certainly a start." In this case, the proposal is for randomizers that direct passengers to particular conveyor-belt lines for screening.
vikingpower writes "A Dutch newspaper has a digital version of the letter Mr. Opstelten, Secretary of Justice and Security, sent to Dutch Parliament (PDF in Dutch), in which he quietly admits to 56,825 phone taps (a 3% rise in one year) and to 16,676 internet taps in 2012, a 400% rise, or a fivefold increase, in one year. An older report already exposed the Netherlands as one of the biggest wiretappers in the western world. Slate also knew, back in 2006, that Europeans actually love wiretapping and internet tapping. In the Netherlands, a country with a population of only 16 million, the practice has risen to the level of a staggering 1 in 1,000 phones being tapped."
coolnumbr12 writes "When Yahoo purchased Tumblr in May, Tumblr founder David Karp said Tumblr wouldn't be changing, and Yahoo CEO Marissa Mayer said, 'Part of our strategy here is to let Tumblr be Tumblr.' But a new search policy went into effect Thursday that excludes all adult blogs from Google, Bing, Yahoo and other search engines by disabling indexing of anything it tags as 'adult.' The policy effectively makes the content and 10 percent of Tumblr users completely invisible."
An anonymous reader sends this quote from the NY Times: "Staking out new ground in the noisy debate about technology and privacy in law enforcement, the New Jersey Supreme Court on Thursday ordered that the police will now have to get a search warrant before obtaining tracking information from cellphone providers. The ruling (PDF) puts the state at the forefront of efforts to define the boundaries around a law enforcement practice that a national survey last year showed was routine, and typically done without court oversight or public awareness. With lower courts divided on the use of cellphone tracking data, legal experts say, the issue is likely to end up before the United States Supreme Court. The New Jersey decision also underscores the extent of the battles over government intrusion into personal data in a quickly advancing digital age, from small town police departments to the National Security Agency's surveillance of e-mail and cellphone conversations."
Dputiger writes "In the wake of activist Aaron Swartz's suicide, MIT launched an investigation into the circumstances that led to his initial arrest and felony charges. It's now clear that the move was nothing but a face-saving gesture. Moments before the court-ordered release of Swartz's Secret Service file under the Freedom of Information Act, MIT intervened, asking the judge to block the release. Supposedly this is to protect the identities of MIT staff who might be harassed — but government policy is to redact such information already."
jfruh writes "When blogger Dan Tynan started seeing lots of Latvians in his LinkedIn People You May Know list, it was pretty funny, considering he'd never been to Latvia or ever met anyone from there. But now that shadowy spy agencies are using algorithms similar to LinkedIn's to see if we're terrorists, mistakes like this are a lot scarier. From the article: 'More than ever -- and online in particular -- who you know can be more important than who you are. In fact, who somebody thinks you know may be more important than who you are, especially if that somebody is a faceless government bureaucracy with limitless power to izjaukt savu dzvi (mess up your life).'"
wiredmikey writes "Despite fevered arguments that iOS is more secure than Android, and that Android offers developers more options than iOS, a study has found that both platforms are equally as invasive and curious when it comes to collecting user data. Security firm BitDefender analyzed more than 522,000 apps over the past year and focused on the 'intrusive behaviors' the app developer may have included in the product, such as tracking location, reading contact lists, and leaking your email address or device ID. According to Catalin Cosi, iOS applications appear to be more focused on harvesting private data than the ones designed for Android. Cosi did acknowledge that Android apps state all the permissions needed at installation time and there is no way to change the settings afterwards, while iOS permissions are requested at run-time, as the specific resource is used, making iOS a little bit more secure in practice."
itwbennett writes "Baltimore this week became the first city to hop on the open data bandwagon with the launch of the Baltimore Decoded website. The site makes the city's charter and codes more accessible to the public and will eventually include information on court decisions, legislative tracking and city technical standards (e.g., building regulations, zoning restrictions, fire codes). The site also offers a RESTful, JSON-based API for accessing the data. ITworld's Phil Johnson dug in and found these lesser-known Baltimore codes: You can't hold more than 1 yard sale every 6 months, you can't tie a horse to a tree, and you can't have fruit on a wharf. What you do with this information is up to you."
Nerval's Lobster writes "a 'broad alliance' of 63 technology companies and civil liberties organizations plan on demanding more transparency about U.S. government surveillance programs, according to a new report in AllThingsD. Those companies and organizations will reportedly ask the government to allow them to report more accurate information about user-data requests. At the moment, federal agencies forbid Google, Microsoft, and other tech vendors from reporting more than a broad numerical range; for example, Google might announce as part of its Transparency Report that it received between 0-999 National Security Letters (issued by agencies as part of national security investigations) in 2009. 'We seek permission for the same information to be made available regarding the government's national security–related authorities," reads a portion of a letter that will be reportedly published July 19 and signed by all those tech companies. "This information about how and how often the government is using these legal authorities is important to the American people, who are entitled to have an informed public debate about the appropriateness of those authorities and their use.' This is all continuing fallout from Edward Snowden's leaks of top-secret documents alleging that the NSA maintains a program called PRISM that allegedly siphons personal information from the databases of the world's largest tech companies. Ever since, those companies (which have all denied participation in PRISM) have been anxious to show the world that they only give the government as little user data as possible. This new push for more 'transparency' plays to that strategy, and the stakes couldn't be higher—if consumers and businesses lose faith in their IT providers' ability to preserve privacy, the latter's very existence could be at risk."
New submitter cpitman writes "In a house hearing Wednesday the NSA admitted that it could query not only a suspect's records, but also perform up to a 'three hop query'. Considering that most people in the world are separated by under 6 degrees of separation, the NSA essentially claims that any single suspect gives them rights to investigate a large chunk of the world's population. With the terror watch list having over 700,000 names, just how many times has Kevin Bacon been investigated?"