An anonymous reader writes "Ars Technica published an article Friday highlighting the results from research conducted by a money-in-politics watchdog regarding the 28 congressmen who sent a combined total of three letters to the FCC protesting against re-classifying the internet as a public utility. These 28 members of the U.S. House of Representatives 'received, on average, $26,832 from the "cable & satellite TV production & distribution" sector over a two-year period ending in December. According to the data, that's 2.3 times more than the House average of $11,651.' That's average. Actual amounts that the 28 received over a two year period ranged from $109,250 (Greg Walden, R-OR) to $0 (Nick Rahall, D-WV). Look at the list yourselves, and find your representative to determine how much legitimacy can be attributed to their stated concerns for the public."
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test! ×
New submitter Lew Lorton notes a NY Times story about a thief in New York City who was tracked and located using a GPS device inside a decoy pill bottle he had stolen (along with other pill bottles) from a pharmacy. When police confronted the thief, he raised a gun to shoot at an officer, and was killed "The decoy bottles were introduced last year by the police commissioner at the time, Raymond W. Kelly, who announced that the department would begin to stock pharmacy shelves with decoy bottles of painkillers containing GPS devices. The initiative was in response to a sharp increase of armed and often deadly pharmacy robberies across the state, frequently by people addicted to painkillers. ... The bottles are designed to be weighted and to rattle when shaken, so a thief does not initially realize they do not contain pills. Each of the decoy bottles sits atop a special base, and when the bottle is lifted from the base, it begins to emit a tracking signal."
theodp writes: "'The NSA,' writes POLITICO's Stephanie Simon in her eye-opening Data Mining Your Children, 'has nothing on the ed tech startup known as Knewton. The data analytics firm has peered into the brains of more than 4 million students across the country. By monitoring every mouse click, every keystroke, every split-second hesitation as children work through digital textbooks, Knewton is able to find out not just what individual kids know, but how they think. It can tell who has trouble focusing on science before lunch — and who will struggle with fractions next Thursday.' Simon adds, 'Even as Congress moves to rein in the National Security Agency, private-sector data mining has galloped forward — perhaps nowhere faster than in education. Both Republicans and Democrats have embraced the practice. And the Obama administration has encouraged it, even relaxing federal privacy law to allow school districts to share student data more widely.'"
mpicpp sends this news from CNN: "Never fear the night of the living dead — the Pentagon has got you covered. From responses to natural disasters to a catastrophic attack on the homeland, the U.S. military has a plan of action ready to go if either incident occurs. It has also devised an elaborate plan should a zombie apocalypse befall the country, according to a Defense Department document obtained by CNN. In an unclassified document titled 'CONOP 8888,' officials from U.S. Strategic Command used the specter of a planet-wide attack by the walking dead as a training template for how to plan for real-life, large-scale operations, emergencies and catastrophes."
An anonymous reader writes "We've all heard about iPhone users switching over to Android-powered phones and no longer being able to receive text messages from friends and family still using iPhones. Well, a woman with exactly this issue has filed a lawsuit against Apple, complaining that '[p]eople who replace their Apple devices with non-Apple wireless phones and tablets are "penalized and unable to obtain the full benefits of their wireless-service contracts."' To be specific, '[t]he suit is based on contractual interference and unfair competition laws.' She is seeking class action status and undetermined damages."
An anonymous reader writes "Reuters reports that Apple and Google's Motorola Mobility unit are settling all patent lawsuits over smartphone tech. The settlement 'does not include a cross license to their respective patents,' and the companies will work together for patent reform. According to Reuters, 'The two companies informed a federal appeals court in Washington that the cases should be dismissed, according to filings on Friday. However, the deal does not appear to apply to Apple's litigation against Samsung Electronics Co Ltd, as no dismissal notices were filed in those cases. The most high-profile case between Apple and Motorola began in 2010. Motorola accused Apple of infringing several patents, including one essential to how cell phones operate on a 3G network, while Apple said Motorola violated its patents to certain smartphone features.'"
Daniel_Stuckey writes: "A homemade Lithuanian drone was reportedly being used to smuggle cigarettes into Russia, meaning that organized crime has beaten Amazon to the punch in the quest to deliver desirable products to customers aerially. Russia has 'detained' the drone, a spokesman with the Kaliningrad border department of the Russian Federal Security service told one of Russia's largest news organizations earlier this week. It's not the first time drones have been used to smuggle products — back in November, people tried to smuggle drugs into a prison in Georgia; the same thing happened in Sao Paolo back in March and in Quebec last fall. Basically, people have learned that drones are good at carrying things."
First time accepted submitter Dufflepod (3656815) writes "After yet another hardware purchase last week, I realized with some alarm just how drastically an enterprising burglar could increase the crapulence quotient of my life if they ever made off with my hardware. The house is alarmed, but much to my annoyance it isn't always set when people go out for any length of time. Ideally I want to 'alarm' the expensive items among my various PCs, UPS, NAS box, test equipment, and some of the sundry other gadgets & gizmos I require to stroke my inner geek. Over the past few days I have spent hours Googling for every combination of "anti-theft perimeter alarm radius motion detector vibration wireless" etc etc.. I have found various possible solutions, though the cost of some of them does make my eyes water (eg SonicShock @ €150/box). Has anyone out there decided to bite-the-bullet and protect their kit with decent alarms, and do you have any suggested 'do's & don'ts'?" So how would you secure valuable items, as opposed to securing the entire place?
An anonymous reader writes with some snippets pulled from a lengthy Q&A session at The New Yorker with former NSA head Keith Alexander, in which Alexander defends the collection of metadata by U.S. spy agencies both abroad and within the United States: "The probability of an attack getting through to the United States, just based on the sheer numbers, from 2012 to 2013, that I gave you—look at the statistics. If you go from just eleven thousand to twenty thousand, what does that tell you? That's more. That's fair, right? [..] These aren't my stats. The University of Maryland does it for the State Department. [...] The probability is growing. What I saw at N.S.A. is that there is a lot more coming our way. Just as someone is revealing all the tools and the capabilities we have. What that tells me is we're at greater risk. I can't measure it. You can't say, Well, is that enough to get through? I don't know. It means that the intel community, the military community, and law enforcement are going to work harder."
jfruh (300774) writes "The EFF has released its annual "Who Has Your Back" report, which uses publicly available records to see which web companies do the most to resist government demands for your personal data, by requiring warrants and being transparent about requests received. Social media giants Facebook and Twitter scored quite well; Snapchat was at the bottom of the list, and Amazon and AT&T didn't do much better." Here's the report itself.
Hugh Pickens DOT Com (2995471) writes "Jane Wakefield reports at BBC that a man convicted of possessing child abuse images is among the first to request Google remove links links to pages about his conviction after a European court ruled that an individual could force it to remove 'irrelevant and outdated' search results. Other takedown requests since the ruling include an ex-politician seeking re-election who has asked to have links to an article about his behaviour in office removed and a doctor who wants negative reviews from patients removed from google search results. Google itself has not commented on the so-called right-to-be-forgotten ruling since it described the European Court of Justice judgement as being 'disappointing'. Marc Dautlich, a lawyer at Pinsent Masons, says that search engines might find the new rules hard to implement. 'If they get an appreciable volume of requests what are they going to do? Set up an entire industry sifting through the paperwork?' says Dautlich. 'I can't say what they will do but if I was them I would say no and tell the individual to contact the Information Commissioner's Office.' The court said in its ruling that people could request the removal of data related to them that seem to be 'inadequate, irrelevant or no longer relevant, or excessive in relation to the purposes for which they were processed.'"
An anonymous reader writes "With patent reform stalled in the Senate, many states have decided to take up the issue themselves. 'As states kicked off their legislative sessions this winter, lawmakers responded to the threats against small businesses by writing bills that would ban "bad faith patent assertions" as a violation of consumer-protection laws. The bills target a specific type of patent troll: the kind that sends out vaguely worded letters demanding licensing fees. The thousands of letters sent out by the "scanner trolls" at MPHJ Technology are often brought up as a case-in-point. The new laws allow trolls that break rules around letter-writing to be sued in state court, either by private companies they've approached for licensing fees, or by state authorities themselves.'"
As you may have watched live earlier today, the FCC in a protester-heavy hearing has voted to formally consider a net neutrality proposal. The linked L.A. Times story says the 3-2 vote of the commissioners represents a victory for FCC Chairman Tom Wheeler: 'A Democrat who took over in November, Wheeler triggered outrage among public interest groups, online activists and many liberals with a plan that would for the first time allow the possibility of so-called pay-for-priority deals. Wheeler said his plan has been misconstrued and that it would not allow broadband providers to block any legal content or slow down connections in a way that is commercially unreasonable.' As the Washington Post points out, the phrase "commercially unreasonable" is a loaded one. More good coverage at Ars Technica, too.
New submitter giltwist (1313107) writes "Very shortly, the FCC will begin its vote on proceeding 14-28 regarding Chairman Wheeler's highly contentious Net Neutrality proceeding. Senator Al Franken called Net Neutrality the free speech issue of our time. The vote begins at 10:30am Eastern time today. Make sure to watch it live at the FCC's live stream." "A particularly full agenda" is right; it's a rambunctious crowd, too.
First time accepted submitter TechyImmigrant (175943) writes "Following the focus on government mass surveillance resulting from the information revealed by Edward Snowden, many organizations involved in security and communications put out statements essentially repudiating that surveillance. As of yesterday (May 15th 2014) the IACR (International Association for Cryptologic Research) who one might expect to have a position on this, has finally one year after the anniversary of the leaks, got around to making a position statement. 'The membership of the IACR repudiates mass surveillance and the undermining of cryptographic solutions and standards. Population-wide surveillance threatens democracy and human dignity. We call for expediting research and deployment of effective techniques to protect personal privacy against governmental and corporate overreach.' So the crypto guys don't like it either. Now we know." They're not the only ones: reader Juha Saarinen (2822817) writes "Stung by concerns that the NSA may have introduced deliberately weakened crypto algorithms, NIST is embarking on a review of its existing standards and developments."
First time accepted submitter registrations_suck (1075251) writes in with news about the dismantling of the HAARP project. The U.S. Air Force gave official notice to Congress Wednesday that it intends to dismantle the $300 million High Frequency Active Auroral Research Program in Gakona this summer. The shutdown of HAARP, a project created by the late Sen. Ted Stevens when he wielded great control over the U.S. defense budget, will start after a final research experiment takes place in mid-June, the Air Force said in a letter to Congress Tuesday. While the University of Alaska has expressed interest in taking over the research site, which is off the Tok Cutoff, in an area where black spruce was cleared a quarter-century ago for the Air Force Backscatter radar project that was never completed. But the school has not volunteered to pay $5 million a year to run HAARP. Responding to questions from Alaska Sen. Lisa Murkowski during a Senate hearing Wednesday, David Walker, deputy assistant secretary of the Air Force for Science, Technology and Engineering, said this is 'not an area that we have any need for in the future' and it would not be a good use of Air Force research funds to keep HAARP going. 'We're moving on to other ways of managing the ionosphere, which the HAARP was really designed to do,' he said. 'To inject energy into the ionosphere to be able to actually control it. But that work has been completed.' Comments of that sort have given rise to endless conspiracy theories, portraying HAARP as a super weapon capable of mind control or weather control, with enough juice to trigger hurricanes, tornadoes and earthquakes."
wiredmikey (1824622) writes "Sony Pictures Entertainment has acquired the rights to the new book by journalist Glenn Greenwald about fugitive US intelligence leaker Edward Snowden, the studio said Wednesday. James Bond franchise producers Michael Wilson and Barbara Broccoli will make the movie version of 'No Place to Hide,' described as 'a political film that will resonate with today's moviegoers.' The book, subtitled 'Edward Snowden, the NSA and the US Surveillance State,' was just recently published in Britain by Hamish Hamilton and in the United States by Metropolitan Books."
coondoggie (973519) writes "Future autos leased by the federal government will be equipped with some advanced high-tech safety technology in an effort to test the equipment in real-life situations. The General Services Administration (GSA) and the Department of Transportation's National Highway Traffic Safety Administration (NHTSA) said they would team up on the program to further develop high-tech driver and vehicle safety technology."
An anonymous reader writes "BlackPhone was designed by Phil Zimmermann (inventor of PGP). The 4.7" display phone features a 2 GHz NVIDIA Tegra 4i ARM Cortex-A9 quad-core processor with 60 GPU cores, 1GB RAM and 16GB storage [more specs]. The OS is a customized version of Android called PrivatOS which offers encrypted calls, texts and emails that can't be unscrambled even by spy agencies. It also offers built-in resistance against malicious software which will be most welcomed for users worried about free Apps that are becoming increasingly invasive, if not pure data collection spyware for unknown 3rd parties. It's coming out this June, and many Fortune 50 companies have already ordered the phone to protect against industrial espionage."
Daniel_Stuckey (2647775) writes with news that we may soon learn which countries were sold the FinFisher malware package to spy on their own citizens. "The UK's High Court ruled yesterday that HM Revenue and Customs acted 'unlawfully' when it declined to detail how it was investigating the export of digital spy tools created by a British company. Human rights group Privacy International is celebrating the decision of Mr. Justice Green, which means HMRC now has to reconsider releasing information on its investigation into controls surrounding the export of malware known as FinFisher, created by British supplier Gamma International. The widespread FinFisher malware family, also known as FinSpy, can carry out a range of surveillance operations, from snooping on Skype and Facebook conversations to siphoning off emails or files sitting on a device. It is supposed to benefit law enforcement in their investigations, but has allegedly been found in various nations with poor human rights records, including Bahrain and Ethiopia."
An anonymous reader writes with news that the IETF has adopted a policy of designing new protocols taking into account the need to mitigate pervasive monitoring of all traffic. From the article: "...RFC 7258, also known as BCP 188 (where BCP stands for 'Best Common Practice'); it represents Internet Engineering Task Force consensus on the fact that many powerful well-funded entities feel it is appropriate to monitor people's use of the Net, without telling those people. The consensus is: This monitoring is an attack and designers of Internet protocols must work to mitigate it."
NapalmV sends this news from the BBC: "The European Union Court of Justice said links to 'irrelevant' and outdated data should be erased on request. The case was brought by a Spanish man who complained that an auction notice of his repossessed home on Google's search results infringed his privacy. Google said the ruling was 'disappointing.'" The EU Justice Commissioner said, "Companies can no longer hide behind their servers being based in California or anywhere else in the world. ... The data belongs to the individual, not to the company. And unless there is a good reason to retain this data, an individual should be empowered — by law — to request erasure of this data." According to the ruling (PDF), if a search provider declines to remove the data, the user can escalate the situation to a judicial authority to make sure the user's rights are being respected.
DroidJason1 writes: "Microsoft has unbundled the Kinect from the Xbox One. The unbundled system's price now matches the PlayStation 4. Microsoft is touting 'your feedback' as the reason for this move. Any Xbox One functionality that relies on voice, video, gestures, etc, will not work without a Kinect, and users will be able to purchase a standalone Kinect later this year."
An anonymous reader writes "FCC Chairman Tom Wheeler has decided to back-pedal just a bit on his recent proposal to end the "Open Internet" regulation regime in favor of a system with more liberal rules that could include so-called internet fast lanes, by means of which major ISPs could favor or disfavor different kinds or providers of internet traffic. Says an article at USA Today, 'Wheeler's latest revision doesn't entirely ban Internet fast lanes, leaving room for some public-interest cases like a healthcare company sending electrocardiography results. But unlike his initial proposal last month, Wheeler is proposing to specifically ban certain types of fast-lanes, including prioritization given by ISPs to their subsidiaries that make and stream content, according to an FCC official who wasn't authorized talk about the revisions publicly before the vote. Wheeler is also open to applying some "common carrier" rules that regulate telephone companies, which would result in more stringent oversight of the ISPs in commercial transactions.'" Update: 05/13 16:37 GMT by T : Oops -- I missed this earlier, substantially similar story.
First time accepted submitter Dimetrodon (2714071) writes "It is an unspoken rule of military procurement that any IT or communications technology will invariably be years behind what is commercially available or technically hobbled to ensure security. One case in point is the uncomfortably backronymed NeRD, or Navy e-Reader Device, an electronic book so secure the 300 titles it holds can never be updated. Ever."
Mark.JUK (1222360) writes "The European Court of Justice (ECJ) has today ruled that Google, Bing and others, acting as internet search engine operators, are responsible for the processing that they carry out of personal data which appears on web pages published by third parties. As a result any searches made on the basis of a person's name that returns links/descriptions for web pages containing information on the person in question can, upon request by the related individual, be removed. The decision supports calls for a so-called 'right to be forgotten' by Internet privacy advocates, which ironically the European Commission are already working to implement via new legislation. Google failed to argue that such a decision would be unfair because the information was already legally in the public domain."
Bismillah (993337) writes "The new Telecommunications (Interception Capability and Security) Act of 2013 is in effect in New Zealand and brings in several drastic changes for ISPs, telcos and service providers. One of the country's spy agencies, the GCSB, gets to decide on network equipment procurement and design decisions (PDF), plus operators have to register with the police and obtain security clearance for some staff. Somewhat illogically, the NZ government pushed through the law combining mandated communications interception capabilities for law enforcement, with undefined network security requirements as decided by the GCSB. All network operators are subject to the new law, including local providers as well as the likes of Facebook, Google, Microsoft, who have opposed it, saying the new statutes clash with overseas privacy legislation."
tsu doh nimh (609154) writes "A 16-year-old male from Ottawa, Canada has been arrested for allegedly making at least 30 fraudulent calls — including bomb threats and 'swattings' — to emergency services across North America over the past few months. Canadian media isn't identifying the youth because of laws that prevent the disclosure, but the alleged perpetrator was outed in a dox on Pastebin that was picked up by journalist Brian Krebs, who was twice the recipient of attempted swat raids at the hand of this kid. From the story: 'I told this user privately that targeting an investigative reporter maybe wasn't the brightest idea, and that he was likely to wind up in jail soon. But @ProbablyOnion was on a roll: That same day, he hung out his for-hire sign on Twitter, with the following message: "want someone swatted? Tweet me their name, address and I'll make it happen."'"
Bob9113 (14996) writes "According to Glenn Greenwald, reporting in The Guardian: 'A June 2010 report from the head of the NSA's Access and Target Development department is shockingly explicit. The NSA routinely receives – or intercepts – routers, servers, and other computer network devices being exported from the US before they are delivered to the international customers. The agency then implants backdoor surveillance tools, repackages the devices with a factory seal, and sends them on. The NSA thus gains access to entire networks and all their users. The document gleefully observes that some "SIGINT tradecraft is very hands-on (literally!)".'"
An anonymous reader writes with news that Michael Devine, one of the plaintiffs in a lawsuit accusing tech firms including Apple and Google of conspiring to keep salaries low, has asked the court to reject a $324 million settlement. "Apple has more than $150 billion in the bank, eclipsing the combined cash reserves of Israel and Britain. Google, Intel and Adobe have a total of about $80 billion stored up for a rainy day. Against such tremendous cash hoards, $324 million is chump change. But that is what the four technology companies have agreed to pay to settle a class action brought by their own employees. The suit, which was on track to go to trial in San Jose, Calif., at the end of May, promised weeks if not months of damaging revelations about how Silicon Valley executives conspired to suppress wages and limit competition. Details of the settlement are still under wraps. 'The class wants a chance at real justice,' he wrote. 'We want our day in court.' He noted that the settlement amount was about one-tenth of the estimated $3 billion lost in compensation by the 64,000 class members. In a successful trial, antitrust laws would triple that sum. 'As an analogy,' Mr. Devine wrote, 'if a shoplifter is caught on video stealing a $400 iPad from the Apple Store, would a fair and just resolution be for the shoplifter to pay Apple $40, keep the iPad, and walk away with no record or admission of wrongdoing? Of course not.' 'If the other class members join me in opposition, I believe we will be successful in convincing the court to give us our due process,' Mr. Devine said in an interview on Sunday. He has set up a website, Tech Worker Justice, and is looking for legal representation. Any challenge will take many months. The other three class representatives could not be reached for comment over the weekend."
concertina226 (2447056) writes "The United Nations will debate the use of killer robots for the first time at the UN Convention on Certain Conventional Weapons (CCW) this week, but human rights activists are calling for the robots to be banned. Human Rights Watch and Harvard Law School's International Human Rights Clinic have published a new report entitled 'Shaking the Foundations: The Human Rights Implications of Killer Robots', which calls for killer robots to be banned to prevent a potential arms race between countries. Killer robots, or fully autonomous weapons, do not yet exist but would be the next step after remote-controlled armed drones used by the US military today. Fully autonomous weapons would have the ability to identify and fire on targets without human intervention, putting compliance with international humanitarian laws in doubt. Among the problems with killer robots highlighted in the report is the risk of criminal liability for a military officer, programmer or weapons manufacturer who created or used an autonomous weapon with intent to kill. If a robot killed arbitrarily, it would be difficult to hold anyone accountable."
An anonymous reader writes "FCC Chairman Tom Wheeler has said he will revise proposed rules for regulating broadband Internet, and is offering assurances that the agency won't allow companies to segregate Web traffic into fast and slow lanes. From the article: 'The new language by FCC Chairman Tom Wheeler to be circulated as early as Monday is an attempt to address criticism of his proposal unveiled last month that would ban broadband providers from blocking or slowing down websites but allow them to strike deals in which content companies could pay them for faster delivery of Web content to customers.'"
An anonymous reader writes "Senator Al Franken can be counted among the many who are at odds with the FCC's proposed net neutrality rules. From the article: 'Senator Al Franken has a pretty good idea of what the term "net neutrality" means—and that, he says, puts him head-and-shoulders above many of his colleagues in the U.S. Congress. "We literally have members of Congress—I've heard members of the House—say, 'We've had all this innovation on the Internet without net neutrality. Why do we need it now?'" he told TIME in an interview last week. "I want to say, 'Come on, just try to understand the idea. Or at least just don't give a speech if you don't know what you're saying. Please—it hurts my head."'"
SonicSpike (242293) points out this article about a mask that can foil surveillance cameras and provide fuel for nightmares. "If the world starts looking like a scene from Matrix 3 where everyone has Agent Smith's face, you can thank Leo Selvaggio. His rubber mask aimed at foiling surveillance cameras features his visage, and if he has his way, plenty of people will be sporting the Personal Surveillance Identity Prosthetic in public. It's one of three products made by the Chicago-based artist's URME Surveillance, a venture dedicated to 'protecting the public from surveillance and creating a safe space to explore our digital identities.' 'Our world is becoming increasingly surveilled. For example, Chicago has over 25,000 cameras networked to a single facial recognition hub,' reads the URME (pronounced U R Me) site. 'We don't believe you should be tracked just because you want to walk outside and you shouldn't have to hide either. Instead, use one of our products to present an alternative identity when in public.'"
ClownP (1315157) writes in with this story about a hacker who did some of his work while aboard a nuclear aircraft carrier. " A former sailor assigned to a US nuclear aircraft carrier and another man have been charged with hacking the computer systems of 30 public and private organizations, including the US Navy, the Department of Homeland Security, AT&T, and Harvard University. Nicholas Paul Knight, 27, of Chantilly, VA, and Daniel Trenton Krueger, 20, of Salem, IL, were members of a crew that hacked protected computers as part of a scheme to steal personal identities and obstruct justice, according to a criminal complaint unsealed earlier this week in a US District Court in Tulsa, Oklahoma. The gang, which went by the name Team Digi7al, allegedly took to Twitter to boast of the intrusions and publicly disclose sensitive data that was taken. The hacking spree lasted from April 2012 to June 2013, prosecutors said."
An anonymous reader writes "An article by David Cole at the NY Review of Books lays out why we should care as much about the collection of metadata as we do about the collection of the data itself. At a recent debate, General Michael Hayden, who formerly led both the NSA and the CIA, told Cole, 'we kill people based on metadata.' The statement is stark and descriptive: metadata isn't just part of the investigation. Sometimes it's the entire investigation. Cole talks about the USA Freedom Act, legislation that would limit the NSA's data collection powers if it passes. The bill contains several good steps in securing the privacy of citizens and restoring due process. But Cole says it 'only skims the surface.' He writes, 'It does not address, for example, the NSA's guerilla-like tactics of inserting vulnerabilities into computer software and drivers, to be exploited later to surreptitiously intercept private communications. It also focuses exclusively on reining in the NSA's direct spying on Americans. ... In the Internet era, it is increasingly common that everyone's communications cross national boundaries. That makes all of us vulnerable, for when the government collects data in bulk from people it believes are foreign nationals, it is almost certain to sweep up lots of communications in which Americans are involved.' He concludes, '[T]he biggest mistake any of us could make would be to conclude that this bill solves the problem.'"
An anonymous reader writes "A article on The Register titled talks about a demo that was given in London last month by NCC Group where they turned a modern TV into an audio bug. 'The devices contain microphones and cameras that can be utilized by applications — Skype and similar apps being good examples. The TV has a fairly large amount of storage, so would be able to hold more than 30 seconds of audio – we only captured short snippets for demonstrations purposes. A more sophisticated attack could store more audio locally and only upload it at certain times, or could even stream it directly to a server, bypassing the need to use any of the device’s storage.' Given the Snowden revelations and what we've seen previously about older tech being deprecated, how can we protect ourselves with the modern devices (other than not connecting them to the Internet)?"
phmadore writes: "Some clever German pranksters managed to put one over on a sect of the intelligentsia just the other day. In this 30-minute presentation (video) at the re:publica 2014 tech conference, activists going under the pseudonyms of Paul von Ribbeck and Gloria Spindle presented four new (and moderately credible) Google products making up the 'Google Nest': Google Trust, Google Hug, Google Bee, and Google Bye. 'We can't really guarantee that we protect your information, but we can do our very best to protect you,' says Spindle about eight minutes in. Google is reportedly rather upset about the whole affair. The conference organizers were in on the joke — the audience were clued in afterward and asked to participate in order to fool the media. For me, the discussion-worthy items here are: data insurance and the value of data."
An anonymous reader writes "The U.S. Department of Justice says it needs greater authority to hack remote computers in the course of an investigation. The agency reasons that criminal operations involving computers are become more complicated, and argues that its own capabilities need to scale up to match them. An ACLU attorney said, 'By expanding federal law enforcement's power to secretly exploit "zero-day"' vulnerabilities in software and Internet platforms, the proposal threatens to weaken Internet security for all of us.' This is particularly relevant in the wake of Heartbleed — it's been unclear whether the U.S. government knew about it before everyone else did. This request suggests that the DOJ, at least, did not abuse it — but it sure looks like they would've wanted to. You can read their request starting on page 499 of this committee meeting schedule."
Hugh Pickens DOT Com (2995471) writes "Jaikumar Vijayan reports at Computerworld that a physician at Columbia University Medical Center (CU) attempted to "deactivate" a personally owned computer from a hospital network segment that contained sensitive patient health information, creating an inadvertent data leak that is going to cost the hospital $4.8 million to settle with the U.S. Department of Health and Human Services (HHS). The error left patient status, vital signs, laboratory results, medication information, and other sensitive data on about 6,800 individuals accessible to all via the Web. The breach was discovered after the hospital received a complaint from an individual who discovered personal health information about his deceased partner on the Web. An investigation by the HHS Office for Civil Rights (OCR) found that neither Columbia University nor New York Presbyterian Hospital, who operated the network jointly, had implemented adequate security protections, or undertook a risk analysis or audit to identify the location of sensitive patient health information on the joint network. "For more than three years, we have been cooperating with HHS by voluntarily providing information about the incident in question," say the hospitals. "We also have continually strengthened our safeguards to enhance our information systems and processes, and will continue to do so under the terms of the agreement with HHS." HHS has also extracted settlements from several other healthcare entities over the past two years as it beefs up the effort to crack down on HIPAA violations. In April, it reached a $2 million settlement with with Concentra Health Services and QCA Health Plan. Both organizations reported losing laptops containing unencrypted patient data."
angry tapir (1463043) writes "The Australian government is eyeing the introduction of a government-wide content-management system, with the preferred choice almost certain to be Drupal. Government documents indicate that part of the appeal is that Drupal modules can be easily shared between government agencies and with the public."
First time accepted submitter ChelleChelle2 (2908449) writes "Edward Snowden's release of classified material exposing the existence of numerous global surveillance programs (obtained while working as an NSA contractor at Booz Allen Hamilton) has been referred to as 'the most damaging breach of secrets in U.S. history.' Regardless of whether one choses to champion or condemn Snowden's actions, it is apparent that the NSA needs to dramatically rework its security measures. In this article Bob Toxen, renown author of several books and articles on Linux Security, discusses the security practices that could have stopped Snowden. Equally interesting, he weighs in on the constitutionality and morality of the NSA's spying on all Americans."
New submitter rjune (123157) writes with some rare positive news from the online ride-sharing world, specifically from Milwaukee. "Ald. Robert Bauman is drafting a proposed ordinance that, if approved by the Common Council, would change the way public passenger vehicles are regulated and licensed. The proposal, expected to be outlined on Friday before the Common Council's Public Transportation Review Board, not only lifts the cap on taxicab vehicle perimits but accommodates new smartphone app services such as Uber and Lyft. Both Uber and Lyft are already in the marketplace." I wish that the cities I spend the most time in would do the same, but they've been busily protecting the local cartels, instead.
Lucas123 writes "A U.S. District Court has ruled that Marvell Technology must pay Carnegie Mellon University (CMU) $1.54B for infringing on two hard drive chip patents. Marvell was also ordered to pay interest at 0.14% annually, and 50 cents for each chip sold that uses the intellectual property. While Marvell did not comment on the case, CMU said it 'understands' that Marvell will again appeal the ruling and the school 'will look forward to the federal circuit court' upholding the lower court's ruling. The latest decision by a U.S. District Court in Western Pennsylvania ends for now a five-year legal battle between the two. In 2012, a jury found Marvell had violated CMU's patents, and the chip maker then appealed that ruling."
An anonymous reader writes "Two weeks ago, SpaceX filed suit against the U.S. Air Force in an attempt to enforce competition for rocket purchases. They argued it was a bad idea to blindly shovel money into Russia's coffers for rides to space, and said there was no way for other rocket manufacturers to get a foot in the door. Last week, it looked like they were getting traction — an injunction was granted, temporarily halting the Air Force's process of buying rockets. Unfortunately for SpaceX, that injunction has now been dissolved. At the heart of the suit was Executive Order 13,661, which blocks the transfer of wealth to people in the Russian Federation who are related to the situation in the Ukraine. SpaceX said that since Russian Deputy Prime Minister Dmitry Rogozin was the head of their space agency, payments to the agency were effectively payments to him. The U.S. departments of Commerce, State, and the Treasury all sent letters to the court saying this was not the case, and the court agreed. Here's the final ruling."
An anonymous reader writes "Remember the court battle between Google and Oracle? It's the one where Oracle claimed Android violated Oracle's patents and copyright related to Java. Oracle thought they deserved $6 billion in compensation, but ended up getting nothing. Well, it's still going, and the tide is turning somewhat in Oracle's favor. An appeals court decided that Oracle can claim copyright over some parts of Java. It's a complicated ruling (PDF) — parts of it went Google's way and parts of it went Oracle's way — but here's the most important line: '[T]he declaring code and the structure, sequence, and organization of the 37 Java API packages at issue are entitled to copyright protection.' A jury's earlier finding of infringement has been reinstated, and now it's up to Google to justify its actions under fair use."
An anonymous reader writes "Following the FCC's proposal a couple weeks ago to allow an internet fast lane, a group of activists has come up with a fun counterproposal: force the FCC itself into the slow lane and see how they like it. They write, 'Since the FCC seems to have no problem with this idea, I've (through correspondence) gotten access to the FCC's internal IP block, and throttled all connections from the FCC to 28.8kbps modem speeds on the Neocities.org front site, and I'm not removing it until the FCC pays us for the bandwidth they've been wasting instead of doing their jobs protecting us from the "keep America's internet slow and expensive forever" lobby.' The group has published the code snippet that throttles FCC IP addresses, and they encourage other web admins to implement it."
New submitter echo-e writes: "A deal has been made between groups representing content creators and ISPs in the UK concerning how the ISPs should respond to suspected illegal file sharers. In short, the ISPs will send letters or emails with an 'educational' rather than threatening tone, alerting users to legal alternatives. The rights holders will be notified of the number of such alerts that have been sent out, but only the ISPs will know the identity of the offenders. Only four of the UKs ISPs have agreed to the 'Voluntary Copyright Alert Programme' so far, but the remaining ISPs are expected to join the programme at a later stage. The debate between rights holders and ISPs has raged on for years. This agreement falls short of the of the proposals put forward by the rights holders groups, but the ISPs have argued that it is not their responsibility to police users and that a legal process already exists for going after individuals."
Bruce66423 (1678196) writes in with news about a planned protest by London black-cab drivers against Uber. "London black-cab drivers are planning to cause gridlock in the city to protest against car service Uber. The Licensed Taxi Drivers Association complains that Uber's drivers are using a smartphone app to calculate fares despite it being illegal for private vehicles to be fitted with taximeters. Transport for London has declined to intervene, because it disagrees that there has been a breach of the law. LTDA now plans to force the issue by holding the action in early June. 'Transport for London not enforcing the Private Hire Vehicles Act is dangerous for Londoners,' Steve McNamara, LTDA's general secretary, told the BBC. 'I anticipate that the demonstration against TfL's handling of Uber will attract many many thousands of cabs and cause severe chaos, congestion and confusion across the metropolis.'"
The New York Times is one of many outlets reporting that Snapchat has agreed to settle with the FTC about the gap between promises made about the company's "disappearing" communications system and reality. "The Federal Trade Commission on Thursday said Snapchat had agreed to settle charges that the company was deceiving users about the ephemeral nature of the photos and video messages sent through its service. The messages were significantly less private than the company had said, the commission said. In marketing the service, Snapchat has said that its messages “disappear forever.” But in its complaint, the commission said the messages, often called snaps, can be saved in several ways. The commission said that users can save a message by using a third-party app, for example, or employ simple workarounds that allow users to take a screenshot of messages without detection." Besides the monetary side of the settlement (details of which are promised soon on the FTC's site), the company has agreed to operate for the next 20 years with special supervision of a new privacy program; it seems a little optimistic as a timeframe for any social-media related business. Here are the FTC's charges (PDF).