Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×
Windows

EU Privacy Watchdogs Say Windows 10 Settings Still Raise Concerns (reuters.com) 161

Julia Fioretti, reporting for Reuters: European Union data protection watchdogs said on Monday they were still concerned about the privacy settings of Microsoft's Windows 10 operating system despite the U.S. company announcing changes to the installation process. The watchdogs, a group made up of the EU's 28 authorities responsible for enforcing data protection law, wrote to Microsoft last year expressing concerns about the default installation settings of Windows 10 and users' apparent lack of control over the company's processing of their data. The group -- referred to as the Article 29 Working Party -- asked for more explanation of Microsoft's processing of personal data for various purposes, including advertising. "In light of the above, which are separate to the results of ongoing inquiries at a national level, even considering the proposed changes to Windows 10, the Working Party remains concerned about the level of protection of users' personal data," the group said in a statement which also acknowledged Microsoft's willingness to cooperate.
Piracy

Google and Microsoft To Crackdown On Piracy Sites In Search Results (telegraph.co.uk) 103

Google and Microsoft pledged on Monday to crack down on sites hosting pirated content that show up on their search engines. In what is being called a first of its kind agreement, Google and Microsoft's Bing will demote U.K. search results of copyright infringing websites. From a report on The Telegraph: The search engine operators have signed up to a clampdown that will see the UK's copyright watchdog monitor the search results they provide for unlawful websites. The agreement follows years of campaigning by record labels and film studios, which have accused Google and Microsoft of turning a blind eye to piracy and dragging their feet over measures to protect copyright online. Under a new voluntary code, the tech giants have committed to demote websites that have repeatedly been served with copyright infringement notices, so that they do not appear on the first page for common searches.
Piracy

Kim Dotcom Can Be Extradited, Rules A New Zealand Court (reuters.com) 188

Kim Dotcom -- and Megaupload's programmers Mathias Ortmann and Bram van der Kolk, as well as its advertising manager Finn Batato -- could soon be in a U.S. courtroom. A New Zealand judge just ruled they can all be extradited to the U.S. An anonymous reader quotes Reuters: The Auckland High Court upheld the decision by a lower court in 2015 on 13 counts, including allegations of conspiracy to commit racketeering, copyright infringement, money laundering and wire fraud, although it described that decision as "flawed" in several areas. Dotcom's lawyer Ron Mansfield said in a statement the decision was "extremely disappointing" and that Dotcom would appeal to New Zealand's Court of Appeal.

U.S. authorities say Dotcom and three co-accused Megaupload executives cost film studios and record companies more than $500 million and generated more than $175 million by encouraging paying users to store and share copyrighted material. High Court judge Murray Gilbert said that there was no crime for copyright in New Zealand law that would justify extradition but that the Megaupload-founder could be sent to the United States to face allegations of fraud.

"I'm no longer getting extradited for copyright," Dotcom commented on Twitter. "We won on that. I'm now getting extradited for a law that doesn't even apply.
Displays

Some Recyclers Give Up On Recycling Old Monitors And TVs (vice.com) 274

An anonymous reader writes: "In many cases, your old TV isn't recycled at all and is instead abandoned in a warehouse somewhere, left for society to deal with sometime in the future," reports Motherboard, describing the problem of old cathode-ray televisions and computer monitors with "a net negative recycling value" (since their component parts don't cover the cost of dismantling them). An estimated 705 million CRT TVs were sold in the U.S. since 1980, and many now sit in television graveyards, "an environmental and economic disaster with no clear solution." As much as 100,000 tons of potentially hazardous waste are stockpiled in two Ohio warehouses of the now-insolvent recycler Closed Loop, plus "at least 25,000 tons of glass and unprocessed CRTs in Arizona...much of it is sitting in a mountainous pile outside one of the warehouses."
One EPA report found 23,000 tons of lead-containing CRT glass abandoned in four different states just in 2013.
Privacy

Krebs: 'Men Who Sent SWAT Team, Heroin to My Home Sentenced' (krebsonsecurity.com) 208

An anonymous reader quotes KrebsOnSecurity: On Thursday, a Ukrainian man who hatched a plan in 2013 to send heroin to my home and then call the cops when the drugs arrived was sentenced to 41 months in prison for unrelated cybercrime charges. Separately, a 19-year-old American who admitted to being part of a hacker group that sent a heavily-armed police force to my home in 2013 was sentenced to three years probation.

Sergey Vovnenko, a.k.a. "Fly," "Flycracker" and "MUXACC1," pleaded guilty last year to aggravated identity theft and conspiracy to commit wire fraud. Prosecutors said Vovnenko operated a network of more than 13,000 hacked computers, using them to harvest credit card numbers and other sensitive information... A judge in New Jersey sentenced Vovnenko to 41 months in prison, three years of supervised released and ordered him to pay restitution of $83,368.

Separately, a judge in Washington, D.C. handed down a sentence of three year's probation to Eric Taylor, a hacker probably better known by his handle "Cosmo the God." Taylor was among several men involved in making a false report to my local police department at the time about a supposed hostage situation at our Virginia home. In response, a heavily-armed police force surrounded my home and put me in handcuffs at gunpoint before the police realized it was all a dangerous hoax known as "swatting"... Taylor and his co-conspirators were able to dox so many celebrities and public officials because they hacked a Russian identity theft service called ssndob[dot]ru. That service in turn relied upon compromised user accounts at data broker giant LexisNexis to pull personal and financial data on millions of Americans.

Privacy

Used Cars Can Still Be Controlled By Their Previous Owners' Apps (wtkr.com) 102

An IBM security researcher recently discovered something interesting about smart cars. An anonymous reader quotes CNN: Charles Henderson sold his car several years ago, but he still knows exactly where it is, and can control it from his phone... "The car is really smart, but it's not smart enough to know who its owner is, so it's not smart enough to know it's been resold," Henderson told CNNTech. "There's nothing on the dashboard that tells you 'the following people have access to the car.'" This isn't an isolated problem. Henderson tested four major auto manufacturers, and found they all have apps that allow previous owners to access them from a mobile device. At the RSA security conference in San Francisco on Friday, Henderson explained how people can still retain control of connected cars even after they resell them.

Manufacturers create apps to control smart cars -- you can use your phone to unlock the car, honk the horn and find out the exact location of your vehicle. Henderson removed his personal information from services in the car before selling it back to the dealership, but he was still able to control the car through a mobile app for years. That's because only the dealership that originally sold the car can see who has access and manually remove someone from the app.

It's also something to consider when buying used IoT devices -- or a smart home equipped with internet-enabled devices.
The Courts

Techdirt Asks Judge To Dismiss Another Lawsuit By That Guy Who Didn't Invent Email (arstechnica.com) 82

Three months ago Shiva Ayyadurai won a $750,000 settlement from Gawker (after they'd already gone bankrupt). He'd argued Gawker defamed him by mocking Ayyadurai's claim he'd invented email, and now he's also suing Techdirt founder Michael Masnick -- who is not bankrupt, and is fighting back. Long-time Slashdot reader walterbyrd quotes Ars Technica: In his motion, Masnick claims that Ayyadurai "is seeking to use the muzzle of a defamation action to silence those who question his claim to historical fame." He continues, "The 14 articles and 84 allegedly defamatory statements catalogued in the complaint all say essentially the same thing: that Defendants believe that because the critical elements of electronic mail were developed long before Ayyadurai's 1978 computer program, his claim to be the 'inventor of e-mail' is false"...

The motion skims the history of e-mail and points out that the well-known fields of e-mail messages, like "to," "from," "cc," "subject," "message," and "bcc," were used in ARPANET e-mail messages for years before Ayyadurai made his "EMAIL" program. Ayyadurai focuses on statements calling him a "fake," a "liar," or a "fraud" putting forth "bogus" claims. Masnick counters that such phrases are "rhetorical hyperbole" meant to express opinions and reminds the court that "[t]he law provides no redress for harsh name-calling."

The motion calls the lawsuit "a misbegotten effort to stifle historical debate, silence criticism, and chill others from continuing to question Ayyadurai's grandiose claims." Ray Tomlinson has been dead for less than a year, but in this fascinating 1998 article recalled testing the early email protocols in 1971, remembering that "Most likely the first message was QWERTYIOP."
Cellphones

Should International Travelers Leave Their Phones At Home? (freecodecamp.com) 510

Long-time Slashdot reader Toe, The sums up what he learned from freeCodeCamp's Quincy Larson: "Before you travel internationally, wipe your phone or bring/rent/buy a clean one." Larson's article is titled "I'll never bring my phone on an international flight again. Neither should you." All the security in the world can't save you if someone has physical possession of your phone or laptop, and can intimidate you into giving up your password... Companies like Elcomsoft make 'forensic software' that can suck down all your photos, contacts -- even passwords for your email and social media accounts -- in a matter of minutes.... If we do nothing to resist, pretty soon everyone will have to unlock their phone and hand it over to a customs agent while they're getting their passport swiped... And with this single new procedure, all the hard work that Apple and Google have invested in encrypting the data on your phone -- and fighting for your privacy in court -- will be a completely moot point.
The article warns Americans that their constitutional protections don't apply because "the U.S. border isn't technically the U.S.," calling it "a sort of legal no-man's-land. You have very few rights there." Larson points out this also affects Canadians, but argues that "You can't hand over a device that you don't have."
Security

RSA Conference Attendees Get Hacked (esecurityplanet.com) 54

The RSA Conference "is perhaps the world's largest security event, but that doesn't mean that it's necessarily a secure event," reports eSecurityPlanet. Scanning the conference floor revealed rogue access points posing as known and trusted networks, according to security testing vendor Pwnie Express. storagedude writes: What's worse, several attendees fell for these dummy Wi-Fi services that spoof well-known brands like Starbucks. The company also found a number of access points using outdated WEP encryption. So much for security pros...
At least two people stayed connected to a rogue network for more than a day, according to the article, and Pownie Express is reminding these security pros that connecting to a rogue network means "the attacker has full control of all information going into and out of the device, and can deploy various tools to modify or monitor the victim's communication."
Toys

German Government Tells Parents: Destroy This WiFi-Connected Doll (theverge.com) 140

It's illegal in Germany now to sell a talking doll named "My Friend Cayla," according to a story shared by Slashdot reader Bruce66423. And that's just the beginning. The Verge reports: A German government watchdog has ordered parents to "destroy" an internet-connected doll for fear it could be used as a surveillance device. According to a report from BBC News, the German Federal Network Agency said the doll (which contains a microphone and speaker) was equivalent to a "concealed transmitting device" and therefore prohibited under German telecom law... In December last year, privacy advocates said the toy recorded kids' conversations without proper consent, violating the Children's Online Privacy Protection Act.

Cayla uses a microphone to listen to questions, sending this audio over Wi-Fi to a third-party company that converts it to text. This is then used to search the internet, allowing the doll to answer basic questions, like "What's a baby kangaroo called?" as well as play games. In addition to privacy concerns over data collection, security researchers found that Cayla can be easily hacked. The doll's insecure Bluetooth connection can be compromised, letting a third party record audio via the toy, or even speak to children using its voice.

The Electronic Privacy Information Center has said toys like this "subject young children to ongoing surveillance...without any meaningful data protection standards." One researcher pointed out that the doll was accessible from up to 33 feet away -- even through walls -- using a bluetooth-enabled device.
The Courts

SAP License Fees Also Due For Indirect Users, Court Rules (networkworld.com) 123

SAP's licensing fees "apply even to related applications that only offer users indirect visibility of SAP data," according to a Thursday ruling by a U.K. judge. Slashdot reader ahbond quotes Network World: The consequences could be far-reaching for businesses that have integrated their customer-facing systems with an SAP database, potentially leaving them liable for license fees for every customer that accesses their online store. "If any SAP systems are being indirectly triggered, even if incidentally, and from anywhere in the world, then there are uncategorized and unpriced costs stacking up in the background," warned Robin Fry, a director at software licensing consultancy Cerno Professional Services, who has been following the case...

What's in dispute was whether the SAP PI license fee alone is sufficient to allow Diageo's sales staff and customers to access the SAP data store via the Salesforce apps, or whether, as SAP claims, those staff and customers had to be named as users and a corresponding license fee paid. On Thursday, the judge sided with SAP on that question.

Android

Congressman Calls For Probe Into Trump's Unsecured Android Phone (cnet.com) 507

An anonymous reader quotes a report from CNET: President Donald Trump regularly makes news because of his tweets. Now a congressman is making news because of the device the president reportedly uses to tweet. On Friday, Congressman Ted Lieu, a Democrat from Los Angeles, wrote a letter to the House Oversight Committee requesting an investigation into Trump's cybersecurity practices. In particular, he calls out Trump's apparent decision to keep using his personal Android phone instead of a secured phone the Secret Service issued him for his inauguration. The letter is also signed by 14 other members of Congress and calls for a public hearing to discuss the issues. "The device President Trump insists on using -- most likely the Samsung Galaxy S3 -- has particularly well documented vulnerabilities," the letter says. "The use of an unsecured phone risks the president of the United States being monitored by foreign or domestic adversaries, many of whom would be happy to hijack the president's prized Twitter account causing disastrous consequences for global security. Cybersecurity experts universally agree that an ordinary Android smartphone, which the president is reportedly using despite repeated warnings from the Secret Service, can be easily hacked."
Microsoft

Bill Gates: The Robot That Takes Your Job Should Pay Taxes (qz.com) 387

In a recent interview with Quartz, Bill Gates said he believes that governments should tax companies that use robots who are taking human jobs, as a way to at least temporarily slow the spread of automation and to fund other types of employment. The money gained from taxing robots could then be used to finance jobs taking care of elderly people or working with kids in schools -- jobs which humans are particularly well suited for. Quartz reports: [Gates] argues that governments must oversee such programs rather than relying on businesses, in order to redirect the jobs to help people with lower incomes. The idea is not totally theoretical: EU lawmakers considered a proposal to tax robot owners to pay for training for workers who lose their jobs, though on Feb. 16 the legislators ultimately rejected it. "You ought to be willing to raise the tax level and even slow down the speed" of automation, Gates argues. That's because the technology and business cases for replacing humans in a wide range of jobs are arriving simultaneously, and it's important to be able to manage that displacement. "You cross the threshold of job replacement of certain activities all sort of at once," Gates says, citing warehouse work and driving as some of the job categories that in the next 20 years will have robots doing them. You can watch Gates' remarks in a video here, or read the transcript embedded in Quartz' report.
Encryption

Researchers Discover Security Problems Under the Hood of Automobile Apps (arstechnica.com) 27

An anonymous reader quotes a report from Ars Technica: Malware researchers Victor Chebyshev and Mikhail Kuzin examined seven Android apps for connected vehicles and found that the apps were ripe for malicious exploitation. Six of the applications had unencrypted user credentials, and all of them had little in the way of protection against reverse-engineering or the insertion of malware into apps. The vulnerabilities looked at by the Kaspersky researchers focused not on vehicle communication, but on the Android apps associated with the services and the potential for their credentials to be hijacked by malware if a car owner's smartphone is compromised. All seven of the applications allowed the user to remotely unlock their vehicle; six made remote engine start possible (though whether it's possible for someone to drive off with the vehicle without having a key or RFID-equipped key fob present is unclear). Two of the seven apps used unencrypted user logins and passwords, making theft of credentials much easier. And none of the applications performed any sort of integrity check or detection of root permissions to the app's data and events -- making it much easier for someone to create an "evil" version of the app to provide an avenue for attack. While malware versions of these apps would require getting a car owner to install them on their device in order to succeed, Chebyshev and Kuzin suggested that would be possible through a spear-phishing attack warning the owner of a need to do an emergency app update. Other malware might also be able to perform the installation.
AI

EU Moves To Bring In AI Laws, But Rejects Robot Tax Proposal (newatlas.com) 72

An anonymous reader quotes a report from New Atlas: The European Parliament has voted on a resolution to regulate the development of artificial intelligence and robotics across the European Union. Based on a raft of recommendations drafted in a report submitted in January to the legal affairs committee, the proposed rules include establishing ethical standards for the development of artificial intelligence, and introducing an insurance scheme to cover liability for accidents involving driverless cars. Not every element in the broad-ranging report was accepted by the Parliament though, with a recommendation to institute a "robot tax" roundly rejected. The robot tax proposal was designed to create a fund that manages the repercussions and retraining of workers made redundant through the increased deployment of industrial and service robots. But those in the robotics industry were supportive of the Parliamentary rejection, with the International Federation of Robotics suggesting to Reuters a robot tax would have been harmful to the burgeoning industry, stifling innovation and competitiveness. The European Parliament passed the resolution comfortably with 396 votes to 123, with 85 abstentions.
Piracy

70 Percent of Young Swedish Men Are Video Pirates, Study Says (torrentfreak.com) 207

A new study from Sweden has found that just over half of all young people admit to obtaining movies and TV shows from the Internet without paying, a figure that rockets to 70 percent among young men, reports TorrentFreak, citing a study. From the report: According to figures just released by media industry consultants Mediavision, in January 2017 almost a quarter of all Swedes aged between 15 and 74 admitted either streaming or downloading movies from 'pirate' sites during the past month. Perhaps unsurprisingly, the tendency to do so is greater among the young. More than half of 15 to 24-year-olds said they'd used a torrent or streaming site during December. When concentrating that down to only young men in the same age group, the figure leaps to 70 percent.
The Courts

Your Personal Facebook Live Videos Can Legally End Up on TV (thememo.com) 143

Kitty Knowles, reporting for the Memo: Think you control what happens to your personal videos? Think again. One father who live-streamed his partner's labour on Facebook last May, has found out the hard way: he saw the birth of his son replayed on Good Morning America and numerous other media outlets. This week, he lost a high-profile court battle against the broadcasters. If you don't want this to happen to you, don't make the same mistakes. It's one thing wanting to share a life-changing moment with friends and family. But most would understand why Kali Kanongataa didn't want his child's birth aired for all to see. That hasn't however, stopped a US judge throwing out Kanongataa's copyright infringement case against the likes of the ABC, Yahoo, and Rodale, the company that publishes Women's Health. Apparently, the father-to-be realised his film was streaming publicly on social media about 30 minutes into recording, but decided to leave it that way. Media outlets broadcasting the clips have defended doing so on the terms of "fair use." Legally, "fair use" means that when pictures or videos are the focus of a major news story, selected footage can be used.Heads up, Facebook will soon release a video app for set-top boxes by Apple and Amazon to broadcast Live videos on the big screen.
Blackberry

BlackBerry Sued By Over 300 Former Employees (mobilesyrup.com) 73

An anonymous reader shares a report: BlackBerry is facing a class-action lawsuit from more than 300 former employees across Canada, according to a news release from law firm Nelligan O'Brien Payne LLP. The Waterloo, Ontario-based tech company is accused of denying employees their termination entitlements by transferring them to a partner company and, once they had accepted employment there, handed them resignation letters. The former employees were then allegedly given their final date of work. "BlackBerry's actions amount to a termination of the employees' employment," the law firm said. "This entitles these employees to statutory, common law, and/or contractual entitlements on termination."
Businesses

Samsung Chief Lee Arrested In Corruption Investigation (reuters.com) 24

According to Reuters, Samsung chief Jay Y. Lee was arrested on Friday over his alleged role in a corruption scandal that led parliament to impeach South Korean President Park Geun-hye. From the report: The 48-year-old Lee, vice chairman of Samsung Electronics Co Ltd (005930.KS), was taken into custody at the Seoul Detention Centre, where he had awaited the court's decision following a day-long, closed-door hearing that ended on Thursday evening. The judge's decision was announced at about 5:30 a.m. (2030 GMT) on Friday, more than 10 hours after Lee, the sprawling conglomerate's third-generation leader, had left the court. The same court rejected a request from prosecutors last month to arrest Lee. On Tuesday, the special prosecutor's office had requested a warrant to arrest him and another executive, Samsung Electronics president Park Sang-jin, on bribery and other charges. The prosecution said it had secured additional evidence and brought more charges against Lee in the latest warrant request. While Lee's detention is not expected to hamper day-to-day operation of Samsung Group companies, which are run by professional managers, experts have said it could affect strategic decision-making by South Korea's biggest conglomerate. Prosecutors have focused their investigations on Samsung's relationship with Park, 65, who was impeached by parliament in December and has been stripped of her powers while the Constitutional Court decides whether to uphold her impeachment. They accused Samsung of paying bribes totaling 43 billion won ($37.74 million) to organizations linked to Choi to secure the government's backing for a merger of two Samsung units. That funding includes Samsung's sponsorship of the equestrian career of Choi's daughter, who is in detention in Denmark, having been on a South Korean wanted list.
Privacy

Scottish Court Awards Damages For CCTV Camera Pointed At Neighbor's House (boingboing.net) 95

AmiMoJo quotes a report from BoingBoing: Edinburgh's Nahid Akram installed a CCTV system that let him record his downstairs neighbors Debbie and Tony Woolley in their back garden, capturing both images and audio of their private conversations, with a system that had the capacity to record continuously for five days. A Scottish court has ruled that the distress caused by their neighbor's camera entitled the Woolleys to $21,000 (17,000 British Pounds) in damages, without the need for them to demonstrate any actual financial loss. The judgment builds on a 2015 English court ruling against Google for spying on logged out Safari users, where the users were not required to show financial losses to receive compensation for private surveillance.

Slashdot Top Deals