lpress writes: The Internet was a major source of news -- fake and real -- during the election campaign. The operators of fake sites, whether motivated by politics or greed, are often anonymous. We avoid voter fraud by requiring verification of ones name, age and address. A verifiable real-names domain registration policy would discourage information fraud.
"I understand the wish to protect the privacy of a person or organization registering a domain name," argues the linked-to blog post, "but there is also a public interest." ICANN already requested comments on this back in 2015, but I'm curious what Slashdot's readers think. Should domain name registrations require a verifiable real name?

The Stack reports on Google's "new research into upscaling low-resolution images using machine learning to 'fill in' the missing details," arguing this is "a questionable stance...continuing to propagate the idea that images contain some kind of abstract 'DNA', and that there might be some reliable photographic equivalent of polymerase chain reaction which could find deeper truth in low-res images than either the money spent on the equipment or the age of the equipment will allow." An anonymous reader summarizes their report: Rapid and Accurate Image Super Resolution (RAISR) uses low and high resolution versions of photos in a standard image set to establish templated paths for upward scaling... This effectively uses historical logic, instead of pixel interpolation, to infer what the image would look like if it had been taken at a higher resolution.

It's notable that neither their initial paper nor the supplementary examples feature human faces. It could be argued that using AI-driven techniques to reconstruct images raises some questions about whether upscaled, machine-driven digital enhancements are a legal risk, compared to the far greater expense of upgrading low-res CCTV networks with the necessary resolution, bandwidth and storage to obtain good quality video evidence.
The article points out that "faith in the fidelity of these 'enhanced' images routinely convicts defendants."

An anonymous reader quotes Mashable: Manhattan District Attorney Cyrus Vance said Thursday that he wants Apple's encryption to go back to how it was in early 2014. Back then, police could basically extract any information they wanted after getting a warrant. "Doing nothing about this problem will perpetuate an untenable arms race between private industry and law enforcement," Vance said on Thursday. "Federal legislation is our only chance to lay these arms aside."

Vance said he's got 423 "lawfully-seized Apple devices" that his employees can't do anything with. Forty-two of those devices "pertain to homicide or attempted murder cases" according to the district attorney's office, and a similar number "relate to sex crimes." The argument, of course, is that the district attorney's office would have an easier time solving crimes if they had access to these phones... Apple believes being forced to hack into phones at the government's will is an unreasonable burden.
ZDNet adds that "the call for federal legislation could be given a popular boost by president elect Donald Trump, who previously called for a boycott on Apple products when it refused to help the FBI."

Trailrunner7 writes: A major privacy group has filed a lawsuit against the FBI to force the bureau to release all relevant documents about its plan to share a huge amount of biometric information with the Department of Defense. The lawsuit filed by EPIC (Electronic Privacy Information Center) concerns the FBI's Next Generation Identification (NGI) system, which comprises fingerprint, iris scan, and facial recognition data, and the bureau has been using it for several years... EPIC's lawsuit asks that the FBI be forced to release records about the plan to share NGI data with the Department of Defense under the Freedom of Information Act. EPIC filed a FOIA request about the plan last year and though the FBI said it has located 35 pages of records that are responsive to the request, it hasn't released any of those records.

An anonymous reader quotes a report from TorrentFreak: Earlier this week, news broke that following a complaint from the MPAA, local piracy giant FS.to was raided by police, with more than 60 servers seized and 19 people arrested. That investigation is still ongoing but now an even bigger target has folded in its wake. Founded in 2009, EX.UA is Ukraine's largest cyberlocker and one of the largest sites in the country, period. With millions of visitors each day the site is a much-loved resource but very shortly the platform will close its doors for good. In an announcement to users, EX.UA's owners said that it was time to throw in the towel after 12 months of trouble for the site and potential legal trouble ahead. "Over the past year EX.UA has had a chance to feel the direct threats, blackmail (including at the international level), and DDOS attacks. These actions jeopardize the personal information and personal files stored by users on the service," the site announced. EX.UA's operators say they have always tried to operate with respect for the laws of Ukraine, including dealing with takedowns quickly. However, the site does not approve of the system of distribution and rights management in place in the country and says it was one of the site's goals to raise this issue in Ukrainian society. Just recently, Ukraine passed a law which will allow copyright holders to block allegedly infringing sites without obtaining a court order. This, EX.UA says, is a sign of "uncivilized lobbying" and will only result in less respect for copyright. Faced with a change in the law and a desire to respect it, EX.UA's operators say that they will shut down the site. Users have just under two weeks to save their files.

An anonymous reader quotes a report from Motherboard: In bitcoin-related investigations, authorities will often follow the digital trail of an illegal transaction or suspicious user back to a specific account at a bitcoin trading company. From here, investigators will likely subpoena the company for records about that particular user, so they can then properly identify the person suspected of a crime. The Internal Revenue Service, however, has taken a different approach. Instead of asking for data relating to specific individuals suspected of a crime, it has demanded bitcoin trading site Coinbase to provide the identities of all of the firm's U.S. customers who made transactions over a three year period, because there is a chance they are avoiding paying taxes on their bitcoin reserves. Coinbase has a total of millions of customers. According to court filings, which were first flagged by financial blogger Zerohedge on Twitter, the IRS has launched an investigation to determine the correct amount of tax that those who use virtual currencies such as bitcoin are obligated to pay. But according to the documents, the IRS is asking for the identities of any U.S. Coinbase customer who transferred crypto-currency with the service between 2013 and 2015. "The John Does whose identities are sought by the summons are United States persons who, at any time during the period January 1, 2013, through December 31, 2015, conducted transactions in a convertible virtual currency," reads a memorandum written by Department of Justice attorneys and filed on Thursday, November 17.

An anonymous reader quotes a report from Fossbytes: Kaspersky Lab, a Russian cybersecurity and antivirus company, has announced their new operating system which was in development for the last 14 years. Dubbed as Kaspersky OS, it has made its debut on a Kraftway Layer 3 Switch. Not many details have been revealed by the CEO Eugene Kaspersky in his blog post. The GUI-less OS -- as it appears in the image -- has been designed from scratch and Eugene said it doesn't have "even the slightest smell of Linux." He actually tagged "Kaspersky OS being non-Linux" as one of the three main distinctive features he mentioned. The other two features he briefly described are rather fascinating. The first feature is that the Kaspersky OS is based on microkernel architecture, which basically means using the minimum amount of ingredients to bake your own operating system. The OS can be custom-designed as per requirements by using different modification blocks. The second distinctive feature is the inbuilt security system which can control application behavior and OS modules. It touts Kaspersky OS as practically unhackable, unless a cyber-baddie has a quantum computer -- which will be required to crack the digital signature of the platform -- at his disposal.

The US government said on Friday it was deeply concerned over Russia's decision to block public access to networking site LinkedIn, saying it created a precedent that could be used to justify blocking other sites operating in Russia. From a report: LinkedIn, which has its headquarters in the United States, is the first major social network to be blocked under a new law that requires firms holding Russian citizens' data to store it on servers on Russian soil. Internet services analysts say other tech firms, including Facebook and Twitter, could also find access blocked unless they move data onto Russian-based servers. Maria Olson, spokeswoman at the US Embassy in Moscow, said Washington urged the Russian authorities to restore access immediately to LinkedIn, and said the restrictions harmed competition and the Russian people. "The United States is deeply concerned by Russia's decision to block access to the website LinkedIn," Olson said in a statement sent to Reuters. "This decision is the first of its kind and sets a troubling precedent that could be used to justify shutting down any website that contains Russian user data."

A teenage girl has been cryogenically frozen in the hope of being revived at a time when her cancer might be cured. The terminally ill 14-year-old girl from London won a legal fight to be frozen after she died. After her death in October, the girl's remains were transported to a cryonic facility in the United States. From a report: The girl, who was terminally ill with a rare cancer, was supported by her mother in her wish to be cryogenically preserved -- but not by her father. She wrote to the judge explaining that she wanted "to live longer" and did not want "to be buried underground." A High Court judge ruled that the girl's mother should be allowed to decide what happened to the body. The details of her case have just been released. "I have been asked to explain why I want this unusual thing done. I am only 14 years old and I don't want to die but I know I am going to die. I think being cryopreserved gives me a chance to be cured and woken up -- even in hundreds of years' time. I want to live and live longer and I think that in the future they may find a cure for my cancer and wake me up. I want to have this chance. This is my wish," the girl wrote. The judge, Mr Justice Peter Jackson, visited the girl in hospital and said he was moved by "the valiant way in which she was facing her predicament." His ruling, he said, was not about the rights or wrongs of cryonics but about a dispute between parents over the disposal of their daughter's body.

French president Francois Hollande announced at an annual UN climate change conference on Wednesday that France will shut down all its coal-fired power plants by 2023. He also "vowed to beat by two years the UK's commitment to stop using fossil fuels to generate power by 2025," reports The Independent: Mr Hollande, a keynote speaker at the event in Marrakech, Morocco, also praised his U.S. counterpart Barack Obama for his work on climate change, and then appeared to snub president-elect Donald Trump. "The role played by Barack Obama was crucial in achieving the Paris agreement," Mr Hollande said, before adding, in what has been perceived as a dig at Mr Trump, that becoming a signatory to the treaty is "irreversible." "We need carbon neutrality by 2050," the French President continued, promising that coal will no longer form part of France's energy mix in six to seven years' time. France is already a world leader in low-carbon energy. The country has invested heavily in nuclear power over the past few decades and now derives more than 75 percent of its electricity from nuclear fission. It produces so much nuclear energy, in fact, that it exports much of it to nearby nations, making around $2.66 billion each year.

An anonymous reader quotes a report from The Verge: What.cd, an invite-only music torrent website first launched in 2007, has been shut down after a raid by French authorities. The private tracker offered free (and often illegal) access to a massive, deeply thorough collection of music and was popular among audiophiles for its strict rules around quality and file formats. The site was created after the shutdown of another well-known torrent website, Oink, which operated between 2004 and 2007. Though its primary focus was music sharing, What.cd also permitted torrents of computer software, ebooks, and other content. Zataz Magazine is reporting 12 servers that powered What.cd's infrastructure were seized by French cybercrime authorities. What.cd hasn't been taken offline completely, but torrents are unavailable and the homepage now displays a message confirming its demise: "Due to some recent events, What.CD is shutting down. We are not likely to return any time soon in our current form. All site and user data has been destroyed. So long, and thanks for all the fish."

Krystalo quotes a report from VentureBeat: Mozilla today launched a new browser for iOS. In addition to Firefox, the company now also offers Firefox Focus, a browser dedicated to user privacy that by default blocks many web trackers, including analytics, social, and advertising. You can download the new app now from Apple's App Store. If you're getting a huge feeling of deja vu, that's because in December 2015, Mozilla launched Focus by Firefox, a content blocker for iOS. The company has now rebranded the app as Firefox Focus, and it serves two purposes. The content blocker, which can still be used with Safari, remains unchanged. The basic browser, which can be used in conjunction with Firefox for iOS, is new. Firefox Focus is basically just an iOS web view with tracking protection. If you shut it down, or iOS shuts it down while it's in the background, the session is lost. There's also an erase button if you want to wipe your session sooner. But those are really the only features -- there's no history, menus, or even tabs.

The head of the US National Security Agency has said that a "nation-state" consciously targeted presidential candidate Hillary Clinton's presidential campaign, in order to affect the US election. From an AOL article:Adm. Michael Rogers, who leads both the NSA and US Cyber Command, made the comments in response to a question about Wikileaks' release of nearly 20,000 internal DNC emails during a conference presented by The Wall Street Journal. "There shouldn't be any doubt in anybody's minds," Rogers said. "This was not something that was done casually. This was not something that was done by chance. This was not a target that was selected purely arbitrarily. This was a conscious effort by a nation-state to attempt to achieve a specific effect." Rogers did not specify the nation-state or the specific effect, though US intelligence officials suspect Russia provided the emails to Wikileaks, after hackers stole them from inside DNC servers and the personal email account of Hillary Clinton's campaign manager, John Podesta. At least two different hacker groups associated with the Russian government were found inside the networks of the DNC over the past year, reading emails, chats, and downloading private documents. Many of those files were later released by Wikileaks.Further reading: Quartz and MotherJones.

Reader cold fjord writes: James Clapper, Director of National Intelligence, resigned last night. Clapper spent 30 years in military intelligence at the National Imagery and Mapping Agency. He was selected to be the Director of National Intelligence in 2010 with responsibility for 17 US intelligence agencies. Clapper was DNI during the monumental Snowden leaks of documents from NSA and various allied intelligence agencies as well as the release by WikiLeaks of the documents provided by (at the time) Private Bradley Manning. Besides the Snowden and Manning leaks, Clapper was engulfed in controversy over testimony to Congress in which he is alleged to have lied about NSA data collection in responding to a question from Senator Wyden. Clapper had previously stated he would leave at the end of the Obama administration. Clapper's resignation clears the way for incoming president-elect Trump to appoint his own Director of National Intelligence.

LinkedIn's network just got a little smaller: Russia's communications regulator ordered ISPs to block access to the business networking company on Thursday. From a report on PCWorld: Roskomnadzor made the order after a Moscow appeal court last week upheld an earlier ruling that LinkedIn breached Russian privacy laws. Tagansky district court ruled against LinkedIn on Aug. 4, following a complaint from the Russian federal service for the supervision of communications, information technology and mass media that its activities breached a law requiring businesses handling Russians' personal data to process that data in Russia. Roskomnadzor said it filed suit after LinkedIn failed to respond to two requests for information about its plans for relocating the data to Russia. LinkedIn isn't the only U.S. company that has been targeted under the legislation.

Facebook has stopped collecting WhatsApp user data across Europe, bowing to pressure from privacy watchdogs across the continent. The shift in policy means that European users of the messaging app will no longer have information -- including phone numbers -- relayed to Facebook, but the social network says it may only be a temporary suspension while the laws are debated. From a report on The Verge: "We hope to continue our detailed conversations with the UK Information Commissioner's Office and other data protection officials," Facebook says, confirming that it "remain[s] open to working collaboratively to address their questions." Facebook bought WhatsApp for $19 billion in 2014, but only started to collect data from its users in August this year. That move drew criticism from Europe's data collection authorities, 28 of whom signed an open letter sent last month in which they urged WhatsApp CEO Jan Koum to suspend data collection until the legality was worked out.

Zack Whittaker, reporting for ZDNet: The UK has just passed a massive expansion in surveillance powers, which critics have called "terrifying" and "dangerous." The new law, dubbed the "snoopers' charter," was introduced by then-home secretary Theresa May in 2012, and took two attempts to get passed into law following breakdowns in the previous coalition government. Four years and a general election later -- May is now prime minister -- the bill was finalized and passed on Wednesday by both parliamentary houses. Civil liberties groups have long criticized the bill, with some arguing that the law will let the UK government "document everything we do online." It's no wonder, because it basically does. The law will force internet providers to record every internet customer's top-level web history in real-time for up to a year, which can be accessed by numerous government departments; force companies to decrypt data on demand -- though the government has never been that clear on exactly how it forces foreign firms to do that that; and even disclose any new security features in products before they launch. Not only that, the law also gives the intelligence agencies the power to hack into computers and devices of citizens (known as equipment interference), although some protected professions -- such as journalists and medical staff -- are layered with marginally better protections. In other words, it's the "most extreme surveillance law ever passed in a democracy," according to Jim Killock, director of the Open Rights Group.

Russian digital forensics Elcomsoft says iPhones send near real-time logs to Apple servers even when iCloud backup is switched off. The firm adds that these logs are stored for up to four months. From a report on the Intercept:"You only need to have iCloud itself enabled" for the data to be sent, said Vladimir Katalov, CEO of Elcomsoft. The logs surreptitiously uploaded to Apple contain a list of all calls made and received on an iOS device, complete with phone numbers, dates and times, and duration. They also include missed and bypassed calls. Elcomsoft said Apple retains the data in a user's iCloud account for up to four months, providing a boon to law enforcement who may not be able to obtain the data either from the user's carrier, who may retain the data for only a short period, or from the user's device, if it's encrypted with an unbreakable passcode. "Absolutely this is an advantage [for law enforcement]," Robert Osgood, a former FBI supervisory agent who now directs a graduate program in computer forensics at George Mason University, said of Apple's call-history uploads. "Four months is a long time [to retain call logs]. It's generally 30 or 60 days for telecom providers, because they don't want to keep more [records] than they absolutely have to. So if Apple is holding data for four months, that could be a very interesting data repository and they may have data that the telecom provider might not."

An anonymous reader quotes a report from GeekWire: SpaceX has laid out further details about a 4,425-satellite communications network that's expected to provide global broadband internet access, with its Seattle-area office playing a key role in its development. The plan is explained in an application and supporting documents filed on Tuesday with the Federal Communications Commission. In the technical information that accompanied its application, SpaceX said it would start commercial broadband service with 800 satellites. That service would cover areas of the globe from 15 degrees north to 60 degrees north, and from 15 degrees south to 60 degrees south. That leaves out some portions of Alaska, which would require a temporary waiver from the FCC. Eventually, the network would grow to 4,425 satellites, transmitting in the Ku and Ka frequency bands. "Once fully deployed, the SpaceX system will pass over virtually all parts of the Earth's surface and therefore, in principle, have the ability to provide ubiquitous global service," SpaceX said. The satellites would orbit the planet at altitudes ranging from 714 to 823 miles (1,150 to 1,325 kilometers) -- well above the International Space Station, but well below geostationary satellites. SpaceX said it would follow federal guidelines to mitigate orbital debris. Each satellite would weigh 850 pounds (386 kilograms) and measure 13 by 6 by 4 feet (4 by 1.8 by 1.2 meters), plus solar arrays, SpaceX said. Operating lifetime was estimated at five to seven years per satellite.

An anonymous reader quotes a report from Motherboard: A new tool makes it almost trivial for criminals to log onto websites as if they were you, and get access to your network router, allowing them to launch other types of attacks. Hackers and security researchers have long found ways to hack into computers left alone. But the new $5 tool called PoisonTap, created by the well-known hacker and developer Samy Kamkar, can even break into password-protected computers, as long as there's a browser open in the background. Kamkar explained how it works in a blog post published on Wednesday. And all a hacker has to do is plug it in and wait. PoisonTap is built on a Raspberry Pi Zero microcomputer. Once it's plugged into a USB port, it emulates a network device and attacks all outbound connections by pretending to be the whole internet, tricking the computer to send all traffic to it. Once the device is positioned in the middle like this, it can steal the victim's cookies, as long as they come from websites that don't use HTTPS web encryption, according to Kamkar. Security experts that reviewed Kamkar's research for Motherboard agreed that this is a novel attack, and a good way to expose the excessive trust that Mac and Windows computers have in network devices. That's the key of PoisonTap's attacks -- once what looks like a network device is plugged into a laptop, the computer automatically talks to it and exchanges data with it.

cold fjord writes: It will soon be a bit more difficult for Britain's Royal Navy to rule the waves as it gives up anti-ship missiles as a result of budget cuts. That will force the Royal Navy to go "old school" and rely upon naval gunfire for ship-to-ship combat. Cannon fire as the primary means of ship-to-ship combat has been largely obsolete since the 1950s following the invention of guided missiles in World War 2. Prior to that, cannon fire had been the primary means of naval combat for hundreds of years. Although the Royal Navy ranged up to 16" guns on battleships, the largest gun currently in active service is a 4.5" gun. That will leave the Royal Navy unable to engage targets beyond approximately 17 miles / 27 km, whereas Harpoon missiles provide an 80 mile / 130 m range. The loss of anti-ship missile capability will begin in 2018 and may last for 10 years for warships, and 2 years for helicopters. The Sun quotes a naval insider who said: "It's like Nelson saying, 'don't worry, I don't need canons, we've got muskets.'" The loss of missile capability heaps more misfortune upon a naval force that recently has seen its available frontline combat force drop to an unprecedented 24 warships.

In an interview last year with Donald Trump -- that The Washington Post resurfaced yesterday -- Breitbart News Network's executive chairman, Steve Bannon, suggested that there are too many asian CEOs in Silicon Valley. "He alluded to the idea that foreign students should return to their respective countries after attending school in the U.S., instead of sticking around and working at or starting tech companies," writes Ashley Carman via The Verge: Trump voiced concern over these students attending Ivy League schools and then going home: "We have to be careful of that, Steve. You know, we have to keep our talented people in this country," Trump said. When asked if he agreed, Bannon responded: "When two-thirds or three-quarters of the CEOs in Silicon Valley are from South Asia or from Asia, I think [...]" he didn't finish his sentence. "A country is more than an economy. We're a civic society." While Bannon didn't explicitly say anything against immigrants, he seemed to hint at the idea of a white nationalist identity with the phrase "civic society." The Huffington Post makes note of a May 2015 study in its report, which "found that 27 percent of professionals working in Silicon Valley companies were Asian or Asian-American. They represented less than 19 percent of managers and under 14 percent of executives, according to the report."

One day after republicans from the house and senate sent letters to FCC Chairman Tom Wheeler, urging him to avoid passing regulations before Donald Trump's inauguration as president, Wheeler appears to have complied with the request. The FCC today "announced the deletion of all items that were originally scheduled to be presented and voted on at tomorrow's meeting." Ars Technica reports: Before the change, the agenda included votes on price caps for "special access" business data services; Universal Service funding to expand mobile broadband networks; wireless roaming obligations; and requirements for audio description of TV programming for blind and visually impaired people. The only item not deleted from tomorrow's meeting is part of the "consent agenda," which means it is routine and wasn't going to be presented individually. Of the major items, the business data services proposal had received the most attention. These are dedicated wireline circuits provided by traditional phone companies like AT&T and Verizon; the services supply bandwidth for cellular data networks, indirectly affecting the price consumers pay for wireless service. The business data services are also used by banks and retailers to connect ATM machines and credit card readers, by government and corporate users to connect branch offices and data centers, and to support public safety operations and health care facilities. The now-deleted agenda item would have phased in price cap decreases of 11 percent over three years to account for "over a decade of efficiency gains" since the last price cap adjustment.

An anonymous reader quotes a report from TorrentFreak: When it comes to shutting down pirate sites, few groups have a longer history than the Motion Picture Association of America. The Hollywood organization has dozens of pirate scalps under its belt and today is able to claim another. Serving more than a million users every day, FS.to was one of Ukraine's largest pirate sites. Ranked the country's 21st most popular site overall, the movie-focused platform attracted the attention of the MPAA and local rights holders alike. That has resulted in one of the biggest raids ever seen in the country. According to the cyber crime division of Ukraine's national police, an operation shut down the platform Monday following a complaint from Hollywood. The authorities say that 19 people suspected of running the site via a network of local and offshore companies were arrested. The operation to shut the site appears to have been significant. Raids took place at the offices and homes of the suspects, plus datacenters where equipment running the site was installed. Thus far around 60 servers have been seized from a range of local ISPs but the operation is still ongoing so the tally could increase. Local sources indicate that the authorities have linked local Internet company Ferazko Holding Inc. with FS since it owns several of the site's domains including FS.to, BRB.to and FS.ua.

Quartz's charts and visualization service The Atlas, has released an insightful chart that shows the "total reader interactions with articles on Facebook" between October 11, 2016 and November 10, 2016. What's surprising is that Breitbart beat a list of establishment media outlets in total Facebook interactions. By far the source with the most interacted articles was Fox News, as it had more than 44 million people interact with its articles. CNN and Breitbart were neck-and-neck with more than 18 million interactions.

An anonymous reader quotes a report from Consumerist: A new report claims that some Office Depot employees are falsely claiming computers are infected with viruses in order to meet sales goals. According to KIRO-TV in Seattle, employees of the office supply retailer allege that pressure to sell protection plans and other services has led store staffers to misdiagnose computers with viruses. To investigate the claims, the station took six computers to various Office Depot stores in Washington and Oregon for PC Health Checks. There technicians determined that four out of the six computers showed symptoms of malware. To fix the issues, the employees attempted to sell services costing up to $200. The only problem? The computers were out of the box new. A second test by a unaffiliated computer security firm found no symptoms of malware and no needs for repair. The employee tells KIRO that workers selling the services are just following corporate mandates. To make matters worse, he says, the company posts sales goals and current employee sales in the break room for all to see. This, he claims, creates more aggressive associates to push harder when selling the protection plans for nonexistent programs.

Reader Trailrunner7 writes: The recent DDoS attacks by the Mirai botnet against various targets, including DNS provider Dyn, have drawn the attention of congressional leaders, who say there may be a need for regulation of IoT device security in order to address the problem of vulnerable embedded devices. In a joint hearing on Wednesday, the House Subcommittee on Communications and Technology and the Subcommittee on Commerce, Manufacturing, and Trade delved into the issue of IoT security and several lawmakers said that they were reluctant to get the government involved in regulating this problem, but it may be inevitable. The problem, of course, is that many of the embedded devices that make up the IoT aren't manufactured in the United States, so regulation would have no effect on their security. Another piece of the puzzle is the fact that there's no one federal agency or independent organization that oversees security standards for IoT devices. There are embedded computers in cars, appliances, medical devices, and hundreds of other kinds of devices. That cuts across many different industries and regulatory fields, a problem that the federal government is not set up to handle. "I actually think we need a new agency. We can't have different rules if a computer makes calls, or a computer has wheels, or is in your body," said cryptographer Bruce Schneier, another witness during the hearing. "The government is getting involved here regardless, because the stakes are too high. The choice isn't between government involvement and no government involvement. It's between good government involvement and stupid government involvement. I'm not a regulatory fan but this is a world of dangerous things."

Twitter has suspended the accounts of a number of American "alt-right" activists hours after announcing a renewed push to crack down on hate speech. From a report on The Guardian:Among the accounts removed were those of the self-described white-nationalist National Policy Institute, its magazine, Radix, and its head Richard Spencer, as well as other prominent alt-right figures including Pax Dickinson and Paul Town. Spencer, who according to anti-hate group SPLC "calls for 'peaceful ethnic cleansing' to halt the 'deconstruction' of European culture", decried the bans as "corporate Stalinism" to right-wing news outlet Daily Caller. "Twitter is trying to airbrush the alt right out of existence," Spencer said. "They're clearly afraid. They will fail!"

For the first time, Amazon is taking counterfeit sellers to court. The move comes after several sellers expressed strong concerns about their businesses getting ripped off by Amazon, which is not doing anything to curb distribution of fake, poor quality products on its ecommerce platform. Notably, even Apple had said recently that a lot of its accessories listed on Amazon are fake products. From a CNBC report: On Monday, Amazon filed suit against a group of sellers for infringing on athletic training equipment developed by TRX. In a second case, Amazon sued sellers who are offering fake versions of a patented moving product called Forearm Forklift. [...] There's no way Amazon can litigate away the problem. The company generates over $75 billion a year in commerce, and about half the volume now comes from third-party sellers. However, with Amazon showing its willingness to take abusers to court, the company can at least hope to deter counterfeit sellers with the threat of potential legal action.

An anonymous reader quotes a report from Mashable: A San Diego CEO was fired after saying on Facebook that he would get a "sniper rifle" and "kill the president-elect." Matt Harrigan, CEO of the cybersecurity firm PacketSled, posted the comments on his personal Facebook page, but they ended up on Reddit where Trump supporters found the comments and mobilized to contact law enforcement. "I'm going to kill the president. Elect," Harrigan wrote. "Bring it Secret Service." PacketSled said in a statement that it had accepted Harrigan's resignation. "The PacketSled Board of Directors accepted the resignation of President and CEO Matthew Harrigan, effective immediately," the company said. "We want to be very clear, PacketSled does not condone the comments made by Mr. Harrigan, which do not reflect the views or opinions of the company, its employees, investors or partners." In a previous statement, the company said it reported the information to the Secret Service and placed Harrigan on administrative leave. According to The Next Web, Harrigan apologized for his remarks and said the threats were meant to be a joke: "My recent Facebook comment was intended to be a joke, in the context of a larger conversation, and only privately shared as such. Anyone who knows me, knows that I do not engage in this form of rhetoric with any level of seriousness and the comment most certainly does not represent my real personal views in any regard. I apologize if anything that I said was either taken seriously, was offensive, or caused any legitimate concern."

Earlier this year, the U.S. Navy was accused of pirating 3D software after testing a software package offered by Germany company Bitmanagement Software GmbH. The company had sued the United States of America for nearly $600 million. The U.S. Navy has now responded to the accusations, saying that though it did install the aforementioned software on "hundreds of thousands of computers within its network" without paying the German software maker for it, it did so with the consent of the software producer. Many might disagree, however. From a report on ArsTechnica: The Navy says that it could use the software on hundreds of thousands of computers with licenses for 38 machines. The Navy denied that a procurement official "acknowledged that additional licenses were necessary for it to distribute BS Contact Geo to its users." The government admitted that it had purchased 38 licenses, but "denies that the software licenses were 'limited,' as alleged by Plaintiff."

An anonymous reader quotes a report from Reuters: U.S. internet companies including Facebook Inc and Amazon Inc have sent President-elect Donald Trump a detailed list of their policy priorities, which includes promoting strong encryption, immigration reform and maintaining liability protections from content that users share on their platforms. The letter sent on Monday by the Internet Association, a trade group whose 40 members also include Alphabet's Google, Uber and Twitter, represents an early effort to repair the relationship between the technology sector and Trump, who was almost universally disliked and at times denounced in Silicon Valley during the presidential campaign. Some of the policy goals stated in the letter may align with Trump's priorities, including easing regulation on the sharing economy, lowering taxes on profits made from intellectual property and applying pressure on Europe to not erect too many barriers that restrict U.S. internet companies from growing in that market. Other goals are likely to clash with Trump, who offered numerous broadsides against the tech sector during his campaign. They include supporting strong encryption in products against efforts by law enforcement agencies to mandate access to data for criminal investigations, upholding recent reforms to U.S. government surveillance programs that ended the bulk collection of call data by the National Security Agency, and maintaining net neutrality rules that require internet service providers to treat web traffic equally. The association seeks immigration reform to support more high-skilled workers staying in the United States. While urging support for trade agreements, the letter does not mention the Trans Pacific Partnership, which Trump has repeatedly assailed with claims it was poorly negotiated and would take jobs away from U.S. workers. The technology sector supported the deal, but members of Congress have conceded since the election it is not going to be enacted.

Patently Mobile is reporting about a new patent application filed by Samsung that lays out new holographic TV technology. Slashdot reader Rick Schumann writes via Consumerist: Holographic displays as described by Samsung would be able to make the depth the brain perceives consistent with the focus of the eyes. Lasers would be used to project holograms that float in front of the screen, which of course sounds a heck of a lot like a mini Princess Leia telling Obi-Wan Kenobi he's her only hope. The display apparatus could also include an eye tracking unit that would locate an observer's pupils and adjust how far it has to project the holographic image for optimum viewing.

Worth noting: This is just a patent application; no indication of even a working prototype.

An anonymous reader quotes a report from Motherboard: What's that song? On your cellphone, the popular app Shazam is able to answer that question by listening for just a few seconds, as if it were magic. On Apple's computers, Shazam never turns the microphone off, even if you tell it to. When a user of Shazam's Mac app turns the app "OFF," the app actually keeps the microphone on in the background. For the security researcher who discovered that the mic is always on, it's a bug that users should know about. For Shazam, it's just a feature that makes the app work better. Patrick Wardle, a former NSA hacker who now develops free Mac security tools, discovered this issue thanks to his latest software OverSight, which is designed to alert users when apps use their webcam and microphone. After he released OverSight, Wardle received an email from a user who noticed that the security app alerted him that Shazam was still listening even after he had switched the toggle to "off." Curious about this discovery, and worried his own software might be issuing a false alarm, Wardle reverse engineered the Shazam app to figure out what was happening. After a few hours analyzing the code, Wardle found out that, in fact, Shazam never stops listening, as he explained in a blog post published on Monday. James Pearson, VP of global communications for Shazam, said in a statement to Motherboard: "There is no privacy issue since the audio is not processed unless the user actively turns the app 'ON.' If the mic wasn't left on, it would take the app longer to both initialize the mic and then start buffering audio, and this is more likely to result in a poor user experience where users 'miss out' on a song they were trying to identify."

In an effort to prevent injuries among pedestrians, the U.S. government has finalized rules that require quiet hybrid and electric vehicles to emit alert sounds when they are traveling at low speeds. Reuters reports: The rules, which were required by Congress, will require automakers like Tesla Motors Inc, Nissan Motor Co and Toyota Motor Corp to add the sounds to all vehicles by September 2019. The U.S. Transportation Department said it expects the rules would prevent 2,400 injuries a year by 2020 and require the addition of alert sounds to about 530,000 2020 model vehicles. The U.S. National Highway Transportation Department said the rules will cost the auto industry about $39 million annually because automakers will need to add an external waterproof speaker to comply. But the benefits of the reduced injuries are estimated at $250 million to $320 million annually. NHTSA estimates the odds of a hybrid vehicle being involved in a pedestrian crash are 19 percent higher compared with a traditional gas-powered vehicle. About 125,000 pedestrians and bicyclists are injured annually. The rules will also help the blind and visually impaired. The rules apply to hybrid and electric cars, SUVs, trucks and buses weighing up to 10,000 pounds and seek to prevent crashes at intersections or when electric vehicles are backing up. At higher speeds, the alert is not required because other factors like tire and wind noise adequately warn pedestrians, NHTSA said.

An anonymous reader quotes a report from Ars Technica: A Charter customer has sued the cable company, alleging that it falsely advertises a lower price than it actually charges and falsely tells customers that extra fees tacked onto their bills are mandated by the government. The complaint, filed in California State Superior court in San Diego, takes aim at the "Broadcast TV" and "Sports Programming" surcharges that are added to customers' bills despite not being included in the advertised rate. "Charter is committing massive billing fraud by disguising price increases above the advertised and promised service package price in the form of the bogus 'Broadcast TV and Sports Programming Surcharges' line item on customer bills," said the lawsuit filed last week by Michael Song. The plaintiff is a subscriber in California, where Charter, the second largest cable company in the US after Comcast, operates via its newly acquired Time Warner Cable (TWC) subsidiary. Song is paying an extra $8.75 a month from those two fees combined. In addition to subtracting the fees from the advertised price, Charter falsely tells customers that it collects the fees to comply with government mandates, the lawsuit says. A Charter/TWC bill from last month is included in the complaint, and it says, "TWC imposes surcharges to recover costs of complying with its governmental obligations." Song's complaint also has a transcript of a chat with a Charter customer service agent, who claimed that Charter pays the broadcast fee back to the government. The customer service agent apparently has only a limited grasp of English, but the chat transcript helps illustrate one of the ways in which customers are being misinformed about their bills. Song's lawsuit repeatedly refers to the Broadcast TV and Sports Programming surcharges as "bogus" and "hidden," since they subtract a portion of the standard monthly charges from the "services" section of the bill.

An anonymous reader shares a BBC report:The number of children and young people needing counseling about online bullying has increased by 88 percent over five years, according to a helpline. The NSPCC's Childline service said it counselled more than 4,500 children in the past year compared to about 2,400 in 2011-12. The total number suffering online abuse is thought to be far higher. Some children as young as seven told Childline how they were tormented, abused and scared to go to school. The charity said online trolls caused misery and humiliation for thousands of children. Childline's president Dame Esther Rantzen said the figures should be a wake-up call. "Bullying can wreck young people's lives, especially now that the bullies don't stop at the school gates," she said. Cyber-bullying can follow them home until it becomes a persecution they cannot escape.

US president-elect Donald Trump would be a "naive" fool to launch an all-out trade war against China, a Communist party-controlled newspaper has claimed. From a report on The Guardian:During the acrimonious race for the White House Trump repeatedly lashed out at China, vowing to punish Beijing with "defensive" 45% tariffs on Chinese imports and to officially declare it a currency manipulator. "When they see that they will stop the cheating," the billionaire Republican, who has accused Beijing of "the greatest theft in the history of the world", told a rally in August. On Monday the state-run Global Times warned that such measures would be a grave mistake. "If Trump wrecks Sino-US trade, a number of US industries will be impaired. Finally the new president will be condemned for his recklessness, ignorance and incompetence," the newspaper said in an editorial. The Global Times claimed any new tariffs would trigger immediate "countermeasures" and "tit-for-tat approach" from Beijing.

"Almost every account password was cracked, thanks to the company's poor security practices," reports ZDNet -- even for "deleted" accounts. An anonymous reader quotes their article: The hack includes 339 million accounts from AdultFriendFinder.com, which the company describes as the "world's largest sex and swinger community [and] also includes over 15 million "deleted" accounts that weren't purged from the databases. On top of that, 62 million accounts from Cams.com, and 7 million from Penthouse.com were stolen, as well as a few million from other smaller properties owned by the company. The data accounts for two decades' worth of data from the company's largest sites, according to breach notification LeakedSource, which obtained the data... The three largest site's SQL databases included usernames, email addresses, and the date of the last visit, and passwords, which were either stored in plaintext or scrambled with the SHA-1 hash function, which by modern standards isn't cryptographically as secure as newer algorithms.
The attack apparently coincides with the discovery of "a local file inclusion flaw on the AdultFriendFinder site, which if successfully exploited could allow an attacker to remotely run malicious code on the web server. " Ironically, Friend Finder Networks doesn't even own Penthouse.com anymore. They sold the site to a new owner last February.

Long-time Slashdot reader jrincayc shares news from Red Hat's Fedora Engineering Manager, Tom Callaway. On the Fedora-legal mailing list, Callaway announced: Red Hat has determined that it is now acceptable for Fedora to include MP3 decoding functionality (not specific to any implementation, or binding by any unseen agreement). Encoding functionality is not permitted at this time.
And the same day Christian Schaller announced on the Gnome blog that mp3 playback would be supported in Fedora Workstation 25. You should be able to download the mp3 plugin on Day 1 through GNOME Software or through the missing codec installer in various GStreamer applications. For Fedora Workstation 26 I would not be surprised if we decide to ship it on the install media.
He added, "I know this has been a big wishlist item for a long time for a lot of people..."

An anonymous reader quotes The Guardian: White House officials conceded on Friday that the president's hard-fought-for Trans-Pacific Partnership trade deal would not pass Congress, as lawmakers there prepared for the anti-global trade policies of President-elect Donald Trump. Earlier this week, congressional leaders in both parties said they would not bring the trade deal forward during a lame-duck session of Congress, before the formal transition of power on January 20.
One Canadian law professor had argued the case against the TPP included its unbalanced intellectual property rules and risks to privacy, while the EFF believed it locked in the worst parts of U.S. copyright law and also exported them to other countries.

An anonymous reader reports that Donald Trump's upcoming presidency raises a few concerns for the security industry: "Some of his statements that industry professionals find troubling are his calls for 'closing parts of the Internet', his support for mass surveillance, and demands that Apple should have helped the FBI break the encrypted communications of the San Bernardino shooter's iPhone," writes SC Magazine. One digital rights activist even used Trump's surprise victory as an opportunity to suggest President Obama begin "declassifying and dismantling as much of the federal government's unaccountable, secretive, mass surveillance state as he can -- before Trump is the one running it... he has made it very clear exactly how he would use such powers: to target Muslims, immigrant families, marginalized communities, political dissidents, and journalists."

Edward Snowden's lawyer says "I think many Americans are waking up to the fact we have created a presidency that is too powerful," and the Verge adds that Pinboard CEO Maciej Ceglowski is now urging tech sites to stop collecting so much data. "According to Ceglowski, the only sane response to a Trump presidency was to get rid of as much stored user data as possible. 'If you work at Google or Facebook,' he wrote on Pinboard's Twitter account, 'please start a meaningful internal conversation about giving people tools to scrub their behavioral data.'"
Could a Trump presidency ultimately lead to a massive public backlash against government surveillance?

"America's children have officially won the right to sue their government over global warming," reports Motherboard. An anonymous reader quotes their article: Thursday, a lawsuit filed by 21 youth plaintiffs was ruled valid by U.S. District Judge Ann Aiken in Eugene, Oregon. A group of citizens, whose ages range from nine to twenty, charged President Obama, the fossil fuel industry, and other federal agencies with violating their constitutional rights by declining to take action against climate change. "Federal courts too often have been cautious and overly deferential in the arena of environmental law, and the world has suffered for it," wrote Judge Aiken in her ruling. [PDF]
Several groups -- including the U.S. government and the American Petroleum Institute -- had asked the judge to throw out the case, but the judge ruled instead that climate change would "threaten plaintiffs' fundamental constitutional rights to life and liberty," calling man-made climate change an "undisputed" fact. In a related story, Slashdot reader devinp shares a new study which suggests "Global changes in temperature due to human-induced climate change have already impacted every aspect of life on Earth from genes to entire ecosystems, with increasingly unpredictable consequences for humans."

An anonymous reader quotes Bleeping Computer: German police mocked a group of bungling crooks that tried to rob an ATM, but instead of malware they chose explosives, which they unwittingly placed near a device that issued bank statements, and not the actual money-dispensing ATM... The crooks placed small explosive charges next to a machine they thought to be an ATM, in the hopes of breaking its outer casing and getting access to the money vault inside... After being called in to investigate the loud blast that woke up the bank's neighbors German police discovered a partially destroyed bank statement printing machine... No money was stolen in the failed robbery, police reported.
In a statement on the Berlin police department's official web site, they described the ATM thieves as "not very clever."

Slashdot reader whoever57 writes; Navinder Sarao, the British trader who was accused of causing the "flash crash" in 2010 and was extradited to the U.S. this week has pleaded guilty to one count of wire fraud and one count of spoofing. No details of the plea deal have been released, but it's believed that he's agreed to forfeit $13 million. Several years of jail time are also expected for Mr. Sarao.
From the Telegraph: Sarao, a 37-year-old working out of a modest suburban home in Hounslow in west London, allegedly made tens of millions of dollars with a computer program that could automatically manipulate prices... "Navinder Sarao abused sophisticated technology to make a quick profit, and jeopardised the integrity of US financial markets," said Assistant Attorney General Leslie Caldwell.
Sentencing guidelines suggest he'll spend at least six and a half years in prison, though he faced a maximum possible sentence of 30 years and still faces the possibility of $38 million in sanctions.

"Tech support scammers have started exploiting a two-year-old bug in Google Chrome to trick victims into believing their PC is infected with malware," reports security researcher Sophos. It begins by freezing the browser, BrianFagioli reports, sharing an article from Beta News: These bad guys pose as Microsoft tech support and display an in-browser message that says the user's computer is infected with "Virus Trojan.worm! 055BCCAC9FEC". To make matters worse, Google has apparently known about the exploit for more than two years and simply failed to patch it. "The bug was discovered in Chrome 35 in July 2014 in the history.pushState() HTML5 function, a way of adding web pages into the session history without actually loading the page in question. The developer who reported the issue published code showing how to add so many items into Chrome's history list that the browser would effectively freeze", says Sophos...

"Users can either close Chrome using the Task Manager or, in cases where the browser is using up so much processor power that Task Manager doesn't appear, by rebooting the computer. The chances of encountering this particular scam are small -- it's only been spotted on a single website -- but its existence underlines how small bugs that don't seem terribly important may nevertheless be abused by cybercriminals down the line."

"President Obama has a political moment to pardon Manning & Snowden," WikiLeaks tweeted on Friday, adding "If not, he hands a Trump presidency the freedom to take his prize." And a new online petition is also calling for a pardon of WikiLeaks founder Julian Assange, saying Assange is "a hero and must be honoured as such," attracting over 10,000 supporters in just a few days. An anonymous reader writes: Monday WikiLeaks also announced, "irrespective of the outcome of the 2016 U.S. Presidential election, the real victor is the U.S. public which is better informed as a result of our work." Addressing complaints that they specifically targeted Hillary Clinton's campaign, the group said "To date, we have not received information on Donald Trump's campaign, or Jill Stein's campaign, or Gary Johnson's campaign or any of the other candidates that fulfills our stated editorial criteria." But they also objected to the way their supporters were portrayed during the U.S. election, arguing that Trump and others "were painted with a broad, red brush. The Clinton campaign, when they were not spreading obvious untruths, pointed to unnamed sources or to speculative and vague statements from the intelligence community to suggest a nefarious allegiance with Russia. The campaign was unable to invoke evidence about our publications -- because none exists."
Thursday a WikiLeaks representative expressed surprise that, despite the end of the U.S. election, Julian Assange's internet connection in the Ecuadorean Embassy in London has not yet been restored.

Peter Thiel's time spent campaigning for Donald Trump during the election season has paid off. According to a statement released today, Donald Trump has named Thiel to the executive committee of his presidential transition team. The Verge reports: Thiel, who donated $1.25 million to Trump's campaign late in the election cycle, mostly stood alone among colleagues in his support for Trump, who was publicly disdained in the Valley. Thiel's support came at a cost to businesses like startup accelerator Y Combinator, which soon attracted negative publicity for having Thiel as a part-time adviser. Thiel also brought criticism to Facebook, where he is a board member, although Mark Zuckerberg defended his place at the company. Thiel further angered First Amendment supporters by bankrolling the Hulk Hogan lawsuit that brought down Gawker. Thiel said before the election that he would find some way of working with the Trump administration, and although his final role is unclear, his appointment to Trump's executive committee signals the relationship will indeed continue.

An anonymous reader quotes a report from Ars Technica: Federal investigators temporarily seized a Tor-hidden site known as Playpen in 2015 and operated it for 13 days before shutting it down. The agency then used a "network investigative technique" (NIT) as a way to ensnare site users. However, according to newly unsealed documents recently obtained by the American Civil Liberties Union, the FBI not only temporarily took over one Tor-hidden child pornography website in order to investigate it, the organization was in fact authorized to run a total of 23 other such websites. According to an FBI affidavit among the unsealed documents: "In the normal course of the operation of a web site, a user sends "request data" to the web site in order to access that site. While Websites 1-23 operate at a government facility, such request data associated with a user's actions on Websites 1-23 will be collected. That data collection is not a function of the NIT. Such request data can be paired with data collected by the NIT, however, in order to attempt to identify a particular user and to determine that particular user's actions on Websites 1-23." Security researcher Sarah Jamie Lewis told Ars that "it's a pretty reasonable assumption" that at one point the FBI was running roughly half of the known child porn sites hosted on Tor-hidden servers. Lewis runs OnionScan, an ongoing bot-driven analysis of the Tor-hidden darknet. Her research began in April 2016, and it shows that as of August 2016, there were 29 unique child porn related sites on Tor-hidden servers. That NIT, which many security experts have dubbed as malware, used a Tor exploit of some kind to force the browser to return the user's actual IP address, operating system, MAC address, and other data. As part of the operation that took down Playpen, the FBI was then able to identify and arrest the nearly 200 child porn suspects. (However, nearly 1,000 IP addresses were revealed as a result of the NIT's deployment, which could suggest that even more charges may be filed.)

Orome1 quotes a report from Help Net Security: Adding hardware protections to software ones in order to block the ever increasing onslaught of computer malware seems like a solid idea, and a group of researchers have just been given a $275,000 grant from the National Science Foundation to help them work on a possible solution: malware-detecting CPUs. This project, titled "Practical Hardware-Assisted Always-On Malware Detection," will be trying out a new approach: they will modify a computer's CPU chip to feature logic checks for anomalies that can crop up while software is running. "The modified microprocessor will have the ability to detect malware as programs execute by analyzing the execution statistics over a window of execution," Ponomarev noted. "Since the hardware detector is not 100-percent accurate, the alarm will trigger the execution of a heavy-weight software detector to carefully inspect suspicious programs. The software detector will make the final decision. The hardware guides the operation of the software; without the hardware the software will be too slow to work on all programs all the time."