angry tapir writes "Bitcoin exchanges generally don't seem to recover that easily after security breaches. However, BitFloor, which was hacked and had 24,000 Bitcoins stolen in early September, is coming back online, refunding account holders whose coins were stolen and implementing new security measures, including cold storage for private keys." The key word is "intends" — but I hope it happens as promised.
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's now on IFTTT. Check it out! Check out the new SourceForge HTML5 Internet speed test! ×
Mad Hamster writes "In the latest installment of the megaupload saga, an official study has determined that New Zealand's Government Communications and Security Bureau broke NZ law by spying on Megaupload founder Kim Dotcom. NZ Prime Minister John Key has apologised to Dotcom and all New Zealanders for this, saying they were entitled to be protected by the law but it had failed them. Link is to writeup in The Guardian." Lots of outlets are reporting this, based on TorrentFreak's report.
silentbrad writes "The CBC (among others) reports: "A Facebook spokesperson is denying reports that private messages sent by users on the social networking site have become public. The purported glitch began generating attention Monday after French newspaper Metro reported that private messages dating from 2007 to 2009 had become accessible to friends and acquaintances on their profile pages. Other newspapers across the country began reporting similar incidences, citing reports from the site's users. The issue may be related to Facebook moving to its Timeline layout worldwide. ... The company issued a statement in response, saying: 'A small number of users raised concerns after what they believed to be private messages appeared on their timeline. Our engineers investigated these reports and found that the messages were older wall posts that had always been visible on the users' profile pages. Facebook is satisfied that there has been no breach of user privacy.' TechCrunch.com wrote that there was no evidence the messages in question had been private, and posted an explanation from a company spokesperson. 'Every report we've seen, we've gone back and checked. We haven't seen one report that's been confirmed [of a private message being exposed]. A lot of the confusion is because before 2009 there were no likes and no comments on wall posts. People went back and forth with wall posts instead of having a conversation [in the comments of single wall post.]'"
chicksdaddy writes "File this one under 'proof of the obvious,' but researchers at the recent 4th International Workshop on Location Based Social Networks presented a paper proving that your activity on Foursquare can be used to reliably determine your hometown. A study of data on 13 million Foursquare accounts showed that researchers could infer 'with high accuracy' where a particular user lives based on their accumulation of mayorships, check-ins and tips. Specifically: the researchers could correctly infer the home town of the Foursquare users 78% of the time, within an accuracy of about 50 kilometers."
First time accepted submitter Cute and Cuddly writes in with some new Julian Assange news. "The U.S. military has designated Julian Assange and WikiLeaks as enemies of the United States — the same legal category as the al-Qaeda terrorist network and the Taliban insurgency. Declassified US Air Force counter-intelligence documents, released under US freedom-of-information laws, reveal that military personnel who contact WikiLeaks or WikiLeaks supporters may be at risk of being charged with 'communicating with the enemy.'"
h00manist writes that, as promised, "The police executed an order to detain Google's top executive in Brazil (Original in Portuguese), Fábio José Silva Coelho. Google refused an order to remove a YouTube video which accused a mayoral candidate of several crimes. Police say he will be released today; Brazilian law for the case allows for a one-year max sentence. Streisand Effect, anyone?"
An anonymous reader writes "In an apparent reaction to the security vulnerabilities demonstrated by The H's associates at heise Security, the company behind WhatsApp Messenger is taking action against the developers of a library of functions for using the WhatsApp service via a PC. The developers have responded by removing the source code from the web. However, the popular texting alternative WhatsApp still has a major security problem. Attackers can compromise other users' accounts with relative ease, and send and receive messages from another user's account. Forked versions of the code are still available on Github."
OverTheGeicoE writes "The Electronic Privacy Information Center (EPIC) recently filed a petition to force the Department of Homeland Security to start its public comment period on body scanners within 60 days or stop using them entirely. The Court of Appeals for the District of Columbia has issued its ruling (PDF), and has refused EPIC's petition. DHS told the court earlier that it expected to have a formal rule proposal on body scanners by the end of February, so the court denied EPIC's motion on the expectation that public comment period would start by late March. TFA and this submission have a pessimistic headline on this ruling, but other sources seem to think the glass is half-full, and that EPIC in effect got what it wanted. Is this a victory or a defeat? Will the rulemaking process start on time, or will a TSA dog eat the proposed rule in late March and force further delay?"
Trailrunner7 writes with one perspective on the inability of the Congress to pass 'cybersecurity' legislation before recessing. From the article: "They've taken innumerable swings at it, and struck out every time, ... and, for once, we all should be thankful for our lawmakers' inability to act. ... What it's not good at is understanding the Internet or acting swiftly and decisively. The current cybersecurity legislation mess is the perfect combination of those two factors. Corporations and government agencies in the U.S. have been getting their heads handed to them by attackers from around the world for several years now. Long-term, persistent campaigns have been targeting defense contractors, energy and utility companies, manufacturing firms, and government agencies with an alarming rate of success. But Congress, or at least some members of it, don't seem to understand that. Sen. Joseph Lieberman sent a letter Monday to President Obama, comparing the threat to U.S. networks from foreign attackers to the threat from terrorists before 9/11. He then urged the president to use his executive authority to somehow influence the situation. Let's be clear: If the companies that own and operate critical infrastructure — not to mention defense contractors — don't understand the nature of the threat they're facing at this point, no amount of incentives will change that. Neither Congress nor the President can fix this problem with the kinds of solutions they're considering." Reader CurseYouKhan links to a different perspective: "Chabinsky is the latest of several former Federal security types to issue warnings on the topic. Earlier this year, Shawn Henry, who recently retired as the Bureau’s top cyber-sleuth, also called for a more offense-minded approach. Ex-CIA director Michael Hayden thinks the private sector may not wait for the government to act. He expects to see the emergence of a 'digital Blackwater,' or the emergence of firms that could be hired to go all mercenary on online intruders."
nonprofiteer writes with news on what SceneTap has been up to for the last few months since. From the article: "SceneTap uses facial recognition technology to help bar-hoppers decide which night spot to go to based on how crowded a bar is and what the age and gender ratio is. ... Despite the fact that what the app does now is fairly innocuous. But what the app could do in the future, as described in a patent application filed in June, is pretty creepy. The patent application describes much more detailed data collection, including bar goers' race, height, weight, attractiveness, hair color, clothing type, and the presence of facial hair or glasses, and includes other possibilities usually left to the realm of dystopic fiction, including putting microphones in the cameras that could detect what customers are saying, and using facial recognition technology to identify customers and then get information about them from social networking websites and databases to determine 'relationship status, intelligence, education and income for the entire venue.'"
SternisheFan writes with news of a settlement in a case of Rent-to-Own firms grossly violating the privacy of their customers. From the article: "Seven rent-to-own companies and a software developer have settled federal charges that they spied on customers, ... The companies captured screenshots of confidential and personal information, logged keystrokes, and took webcam pictures of people in their homes. Their aim was to track the computers belonging to customers who were behind with their payments. 'An agreement to rent a computer doesn't give a company license to access consumers' private emails, bank account information, and medical records, or, even worse, webcam photos of people in the privacy of their own homes,' says FTC chairman Jon Leibowitz. 'The FTC orders today will put an end to their cyber spying.' Developer DesignerWare produced the software that was used to gather the information, PC Rental Agent. The package included a 'kill switch' designed to disable a computer of it was stolen, or if payments weren't made. However, an add-on program called Detective Mode could log key strokes, capture screen shots and take photographs using a computer's webcam, says the FTC in its complaint (PDF)."
CuteSteveJobs writes "The Age reports on creeping Australian government surveillance, beginning with the first operation launched on a baseless rumor. Six decades later the still-unaware victim read five months of transcripts with deep distress. Two decades ago few Australians would have consented to carrying a government-accessible tracking device, but phone and tablet data accessible without a warrant includes historic and real-time location data. In 2010-2011 there were 250,000 warrantless accesses by Federal agencies including ASIO, AFP, the Tax Office, Defence, Immigration, Citizenship, Health, Ageing, and Medicare. This is 18 times the rate of similar requests in the U.S."
Techmeology writes "The Dutch Supreme Court has asked the European Court of Justice to decide whether downloading copyrighted material for personal use — even from illegal sources — is legal. At the heart of the debate is whether the European Copyright Directive requires that any new legal copy of material must have originated from a copy that is itself legal. The case tests the law in the Netherlands, where copyright holders are granted a levy on blank media in exchange for the legalization of private copying." In the Netherlands, it is already legal to download from illegal sources. But EU law might conflict and trump that.
An anonymous reader writes "Raspberry Pi was designed for education. As any popular product is bound to, Raspberry Pi has been criticized a lot for things like lack of a box, absence of supplied charger or even WiFi. Raspberry Pi has a much more fundamental flaw, which directly conflicts with its original goal: it is a black box tightly sealed with patents and protected by corporations. It isn't even remotely an open platform." The author thinks that patents on ARM are a serious threat to the openness of the platform (among other things like the proprietary GPU blob needed to boot). But even the FSF doesn't go that far. Wired had an editorial with the foundation justifying "selling out a little to sell a lot" that has a lot of info on the choices they had to make to hit their cost target.
Penurious Penguin writes "Fuhu Inc., maker of the $199 children-tailored Nabi tablet, is suing Toys R Us. The lawsuit arises after a legal agreement (ended in January) between Fuhu and Toys R Us went awry and Toys R Us released a similar product of their own, the $150 Tabeo. The dispute alleges that Toys R Us may have intended from inception to eventually abandon the Nabi for their own future variation, the Tabeo, presumably after gathering sufficient understanding of Fuhu's design concepts and business strategies. The ZDNet article quite thoroughly covering the story notes some of the formidable investors behind Fuhu, including Acer Inc., Kingston Digital, and Foxconn Digital Inc. Fuhu also sells through retail stores such as WalMart, Target, Best Buy, GameStop and Amazon.com.Another more-recent ZDNet article further analyzes the story."
New submitter J0n45 writes "I will soon be traveling to mainland China. While I'm only a tourist, I will still be working freelance for a company back home. I know for a fact that a large amount of the websites I need to have access to on a daily basis for business reasons are censored by the Great Firewall of China. I have been using the Tor Browser for a while now for personal purposes. However Tor has been blocked by China. I was wondering if a personal proxy (connected to a computer back home) would do the trick. Would I be too easily traceable? Basically, I'm wondering if I need to try random public proxies until I find one that works or if there are any other options. What does Slashdot think?"
An anonymous reader writes "A 27-year old man was arrested yesterday in Greece (Greek-language original) by the electronic crime police, for creating a Facebook page "Geron Pastitsios" which made fun of an extremely respected Orthodox Christian monk who lived in Mount Athos, as well as the Greek Church. The arrest came promptly after the Greek far-right party — which holds 7% of the parliament seats — submitted an official petition asking the government to take down the page. The charges that the young man faces are 'blasphemy' and 'disrespect to the religious beliefs of others.'" What would the UN say?
Lucas123 writes "The very thought of losing that pear-shaped giver of warm, yellow light drove Europeans to hoard Edison's invention [Note: Or possibly Joseph Swan's invention; HT to eldavojohn.] as the EU's Sept. 1 ban on incandescent light bulbs approached. China's ban on incandescent lamps starts Oct. 1. And, in the U.S., the Energy Independence and Security Act (EISA) of 2007 effectively began banning the 100W bulb this year and will ban the most popular bulbs — the 75W, 60W and 40W screw-in incandescent bulbs --over the next two years. The end standard requires bulbs to use 65% less energy by 2020. But Republicans in Congress continue to fight the ban by hamstringing the energy efficiency standards through appropriations legislation, cutting off funds for the enforcement of the light bulb ban."
An anonymous reader writes "Has Immigration Minister Jason Kenney been emailing you? Maybe it's because you're gay. The minister sent out an email on Sept 24 lauding the government's efforts to protect and promote queer rights abroad. It highlights the 'emphasis . . . on gay and lesbian refugee protection, which is without precedent in Canada's immigration history.' The Ottawa Citizen's Glen McGregor broke the story, complete with reaction over the 'creepy' letter. For many who received an email from Citizenship and Immigration Minister Jason Kenney about gay refugees on Friday, the message raised one important question: How did he know I'm gay? The Conservatives have targeted written messages at minority communities in the past, most notably using direct mail lists to send out greetings to Jewish voters on religious holidays. Some recipients were alarmed by the prospect of the government assembling lists based on ethnicity or religious beliefs. Surely creating such a list will become easier when you are forced to use your real identities on social sites."
Trailrunner7 writes with this excerpt from Threatpost: "For the last five years, NIST, the government body charged with developing new standards for computer security, among other things, has been searching for a new hash function to replace the aging SHA-2 function. Five years is a long time, but this is the federal government and things move at their own pace in Washington, but NIST soon will be announcing the winner from the five finalists that were chosen last year. Despite the problems that have cropped up with some versions of SHA-2 in the past and the long wait for the new function, there doesn't seem to be much in the way of breathless anticipation for this announcement. So much so, in fact, that Bruce Schneier, a co-author of one of the finalists not only isn't hoping that his entry wins, he's hoping that none of them wins. ... It's not because Schneier doesn't think the finalists are worthy of winning. In fact, he says, they're all good and fast and perfectly capable. The problem is, he doesn't think that the world needs a new hash function standard at all. SHA-512, the stronger version of the SHA-2 function that's been in use for more than a decade, is still holding up fine, Schneier said, which was not what cryptographers anticipated would be the case when the SHA-3 competition was conceived. 'I expect SHA-2 to be still acceptable for the foreseeable future. That's the problem. It's not like AES. Everyone knew that DES was dead — and triple-DES was too slow and clunky — and we needed something new. So when AES appeared, people switched as soon as they could. This will be different,' Schneier said via email."