Government

Warrantless Surveillance Can Continue Even If Law Expires, Officials Say (theverge.com) 68

According to a New York Times report citing American officials, the Trump administration has decided that the National Security Agency and the FBI can lawfully keep operating their warrantless surveillance program even if Congress fails to extend the law authorizing it before an expiration date of New Year's Eve. The Verge reports: The White House believes the Patriot Act's surveillance provisions won't expire until four months into 2018. Lawyers point to a one-year certification that was granted on April 26th of last year. If that certification is taken as a legal authorization for the FISA court overall -- as White House lawyers suggest -- then Congress will have another four months to work out the details of reauthorization. There are already several proposals for Patriot Act reauthorization in the Senate, which focus the Section 702 provisions that authorize certain types of NSA surveillance. Some of the proposals would close the backdoor search loophole that allows for warrantless surveillance of U.S. citizens, although a recent House proposal would leave it in place. But with Congress largely focused on tax cuts and the looming debt ceiling fight, it's unlikely the differences could be reconciled before the end of the year.
Medicine

FCC Chair Ajit Pai Falsely Claims Killing Net Neutrality Will Help Sick and Disabled People (vice.com) 205

An anonymous reader quotes a report from Motherboard: One popular claim by the telecom sector is that net neutrality rules are somehow preventing people who are sick or disabled from gaining access to essential medical services they need to survive. Verizon, for example, has been trying to argue since at least 2014 that the FCC's net neutrality rules' ban on paid prioritization (which prevents ISPs from letting deep-pocketed content companies buy their way to a distinct network performance advantage over smaller competitors) harms the hearing impaired. That's much to the chagrin of groups that actually represent those constituents, who have consistently and repeatedly stated that this claim simply isn't true. Comcast lobbyists have also repeated this patently-false claim in their attempt to lift the FCC ban on unfair paid prioritization deals.

The claim that net neutrality rules hurt the sick also popped up in a recent facts-optional fact sheet the agency has been circulating to try and justify the agency's Orwellian-named "Restoring Internet Freedom" net neutrality repeal. In the FCC's current rules, the FCC was careful to distinguish between "Broadband Internet Access Services (BIAS)," which is general internet traffic like browsing, e-mail or app data and "Non-BIAS data services," which are often given prioritized, isolated capacity to ensure lower latency, better speed, and greater reliability. VoIP services, pacemakers, energy meters and all telemedicine applications fall under this category and are exempt from the rules. Despite the fact that the FCC's net neutrality rules clearly exempt medical services from the ban on uncompetitive paid prioritization, FCC boss Ajit Pai has consistently tried to claim otherwise. He did so again last week during a speech in which he attempted to defend his agency from the massive backlash to its assault on net neutrality.
"By ending the outright ban on paid prioritization, we hope to make it easier for consumers to benefit from services that need prioritization -- such as latency-sensitive telemedicine," Pai said. "By replacing an outright ban with a robust transparency requirement and FTC-led consumer protection, we will enable these services to come into being and help seniors."
The Almighty Buck

Ask Slashdot: How Do I Explain Copyright To My Kids? 323

orgelspieler writes: My son paid for a copy of a novel on his iPad. When his school made it against the rules to bring iPads, he wanted to get the same book on his Kindle. I tried to explain that the format of his eBook was not readily convertible to the Kindle. So he tried to go on his schools online library app. He checked it out just fine, but ironically, the offline reading function only works on the now-disallowed iPads. Rather than paying Amazon $7 for a book I already own, and he has already checked out from the library, I found a bootleg PDF online. I tried to explain that he could just read that, but he freaked out. "That's illegal, Dad!" I tried to explain format shifting, and the injustice of the current copyright framework in America. Even when he did his own research, stumbling across EFF's website on fair use, he still would not believe me.

Have any of you fellow Slashdotters figured out a good way to navigate the moral, legal, and technological issues of copyright law, as it relates to the next generation of nerds? Interestingly, my boy seems OK with playing old video games on the Wayback Machine, so I don't think it's a lost cause.
Security

NiceHash Hacked, $62 Million of Bitcoin May Be Stolen (reddit.com) 79

New submitter Chir breaks the news to us that the NiceHash crypto-mining marketplace has been hacked. The crypto mining pool broke the news on Reddit, where users suggest that as many as 4,736.42 BTC -- an amount worth more than $62 million at current prices -- has been stolen. The NiceHash team is urging users to change their online passwords as a result of the breach and theft.
Facebook

Facebook and YouTube Are Full of Pirated Video Streams of Live NFL Games (cnbc.com) 230

Pirated video streams of televised National Football League games are widespread on Facebook and on Google's YouTube service, CNBC has found. From a report: Using technology from these internet giants, thousands of football fans were able to watch long segments of many contests free of charge during the league's Week 13 schedule of games last Thursday and Sunday. Dozens of these video streams, pirated from CBS and NBC broadcasts, featured ads from well-known national brands interspersed with game action. This online activity comes as the league struggles with declining ratings that have been blamed variously on player protests during the national anthem and revelations about former players suffering from a brain disease caused by concussions. Yet this illegal distribution of NFL content may also be crimping the league's viewer numbers.
Firefox

Yahoo Sues Mozilla For Breach of Contract -- So Mozilla Counter Sues Yahoo (betanews.com) 112

Mark Wilson writes: Mozilla and Yahoo have started a legal spat about the deal that existed between the two companies regarding the use of the Yahoo search engine in the Firefox browser. On December 1, Yahoo fired the first shot filing a complaint that alleges Mozilla breached a contract that existed between the two companies by terminating the arrangement early. In a counter complaint, Mozilla says that it was not only justified in terminating the contract early, but that Yahoo Holdings and Oath still have a bill that needs to be settled.
The Almighty Buck

'We Could Fund a Universal Basic Income With the Data We Give Away To Facebook and Google' (thenextweb.com) 582

Tristan Greene reports via The Next Web: A universal basic income (UBI), wherein government provides a monthly stipend so citizens can afford a home and basic necessities, is something experts believe would directly address the issue of unemployment and poverty, and possibly even eliminate hundreds of other welfare programs. It may also be the only real solution to the impending automation bonanza. According to AI expert Steve Fuller, the problem is, giving people money when they lose jobs won't fix the issue, it's a temporary solution and we need permanent ones. Sounds fair, and he even has some ideas on how to accomplish this end: "We could hold Google and Facebook and all those big multinationals accountable; we could make sure that people, like those who are currently 'voluntarily' contributing their data to pump up companies' profits, are given something that is adequate to support their livelihoods in exchange."

It's an interesting idea, but difficult to imagine it's implementation. If the government isn't assigning a specific stipend value, we'll have to be compensated individually by companies. One way to do this, is by emulating the old coal mining company scrip scams of early last century. Employees working for companies would be paid in currency only redeemable at the company store. This basically created a system where a company could tax its own workers for profit. Google, for example, could use a system like that and say "opt-in for $10 worth of Google Play music for free," if they wanted to. Which doesn't help pay the bills when machines replace you at work, but at least you'll be able to voice search for your favorite songs. Another idea is to charge companies an automation tax, but again there's concerns as to how this would be implemented. A solution that combines government oversight with a tax on AI companies -- a UBI funded by the dividends of our data -- may be the best option. To be blunt: we should make Google, Microsoft, Facebook and other such AI companies pay for it with a simple data tax.

Encryption

US Says It Doesn't Need a Court Order To Ask Tech Companies To Build Encryption Backdoors (gizmodo.com) 248

schwit1 shares a report from Gizmodo: According to statements from July released this weekend, intelligence officials told members of the Senate Intelligence Committee that there's no need for them to approach courts before requesting a tech company help willfully -- though they can always resort to obtaining a Foreign Intelligence Surveillance Court order if the company refuses. The documents show officials testified they had never needed to obtain such an FISC order, though they declined to tell the committee whether they had "ever asked a company to add an encryption backdoor," per ZDNet. Other reporting has suggested the FISC has the power to authorize government personnel to compel such technical assistance without even notifying the FISC of what exactly is required. Section 702 of the Foreign Intelligence Surveillance Act gives authorities additional powers to compel service providers to build backdoors into their products.
Bitcoin

Feds Shut Down Allegedly Fraudulent Cryptocurrency Offering (arstechnica.com) 47

An anonymous reader quotes a report from Ars Technica: The Securities and Exchange Commission on Monday announced that it was taking action against an initial coin offering (ICO) that the SEC alleges is fraudulent. The announcement represents the first enforcement action by the SEC's recently created cyber fraud unit. In July, the agency fired a warning shot. It announced that a 2016 fundraising campaign had run afoul of securities law, but that the SEC would decline to prosecute those responsible. The hope was to get the cryptocurrency world to take securities laws more seriously without doing anything drastic. Now the SEC is taking the next step by prosecuting what it considers to be one of the most egregious scams in the ICO world. The SEC's complaint, filed in federal court in New York, is against Dominic Lacroix, whom the SEC describes as a "recidivist securities law violator." The SEC considers Lacroix's cryptocurrency project, PlexCoin, to be a "fast-moving Initial Coin Offering (ICO) fraud that raised up to $15 million from thousands of investors since August by falsely promising a 13-fold profit in less than a month." The PlexCoin website has a hilariously vague description of this supposedly revolutionary cryptocurrency. "The PlexCoin's new revolutionary operating structure is safer and much easier to use than any other current cryptocurrency," the site proclaims. "One of the many features of PlexBank will be to secure your cryptocurrency from market variation, which is highly volatile, and invest your money in a place where you can get interesting guaranteed returns." According to Ars, "The SEC isn't impressed and is arguing that PlexCoin has 'all of the characteristics of a full-fledged cyber scam.' The agency is seeking to freeze the assets of the PlexCoin project in hopes of getting investors' funds back to them."
Canada

ISPs and Movie Industry Prepare Canadian Pirate Site Blocking Deal (torrentfreak.com) 86

An anonymous reader quotes a report from TorrentFreak: A coalition of movie industry companies and ISPs, including Bell, Rogers, and Cineplex are discussing a proposal to implement a plan to allow for website blockades without judicial oversight. The Canadian blocklist would be maintained by a new non-profit organization called "Internet Piracy Review Agency" (IPRA) and enforced through the CTRC, Canadaland reports. The plan doesn't come as a total surprise as Bell alluded to a nationwide blocking mechanism during a recent Government hearing. What becomes clear from the new plans, however, is that the telco is not alone. The new proposal is being discussed by various stakeholders including ISPs and local movie companies. As in other countries, major American movie companies are also in the loop, but they will not be listed as official applicants when the plan is submitted to the CRTC. Canadian law professor Micheal Geist is very critical of the plans. Although the proposal would only cover sites that "blatantly, overwhelmingly or structurally" engage in or facilitate copyright infringement, this can be a blurry line.

"Recent history suggests that the list will quickly grow to cover tougher judgment calls. For example, Bell has targeted TVAddons, a site that contains considerable non-infringing content," Geist notes. "It can be expected that many other sites disliked by rights holders or broadcasters would find their way onto the block list," he adds. While the full list of applicants is not ready yet, it is expected that the coalition will file its proposal to the CRTC before the end of the month.

Privacy

Germany Preparing Law for Backdoors in Any Type of Modern Device (bleepingcomputer.com) 251

Catalin Cimpanu, writing for BleepingComputer: German authorities are preparing a law that will force device manufacturers to include backdoors within their products that law enforcement agencies could use at their discretion for legal investigations. The law would target all modern devices, such as cars, phones, computers, IoT products, and more. Officials are expected to submit their proposed law for debate this week, according to local news outlet RedaktionsNetzwerk Deutschland (RND). The man supporting this proposal is Thomas de Maiziere, Germany's Interior Minister, who cites the difficulty law enforcement agents have had in past months investigating the recent surge of terrorist attacks and other crimes.
Privacy

Trump Is Looking at Plans For a Global Network of Private Spies (vice.com) 480

David Gilbert, writing for Vice: The White House is reportedly looking at a proposal to create a ghost network of private spies in hostile countries -- a way of bypassing the intelligence community's "deep state," which Donald Trump believes is a threat to his administration. The network would report directly to the president and CIA Director Mike Pompeo, and would be developed by Blackwater founder Erik Prince, according to multiple current and former officials speaking to The Intercept. "Pompeo can't trust the CIA bureaucracy, so we need to create this thing that reports just directly to him," a former senior U.S. intelligence official with firsthand knowledge of the proposals told the website. Described as "totally off the books," the network would be run by intelligence contractor Amyntor Group and would not share any data with the traditional intelligence community.
Security

A Popular Virtual Keyboard App Leaks 31 Million Users' Personal Data (zdnet.com) 65

Zack Whittaker, writing for ZDNet: Personal data belonging to over 31 million customers of a popular virtual keyboard app has leaked online, after the app's developer failed to secure the database's server. The server is owned by Eitan Fitusi, co-founder of AI.type, a customizable and personalizable on-screen keyboard, which boasts more than 40 million users across the world. But the server wasn't protected with a password, allowing anyone to access the company's database of user records, totaling more than 577 gigabytes of sensitive data. The database appears to only contain records on the app's Android users.
Businesses

Gizmodo: Don't Buy Anyone an Amazon Echo Speaker (gizmodo.com) 252

Adam Clark Estes, writing for Gizmodo: Three years ago, we said the Echo was "the most innovative device Amazon's made in years." That's still true. But you shouldn't buy one. You shouldn't buy one for your family. [...] Your family members do not need an Amazon Echo or a Google Home or an AppleHomePod or whatever that one smart speaker that uses Cortana is called. And you don't either. You only want one because every single gadget-slinger on the planet is marketing them to you as an all-new, life-changing device that could turn your kitchen into a futuristic voice-controlled paradise. You probably think that having an always-on microphone in your home is fine, and furthermore, tech companies only record and store snippets of your most intimate conversations. No big deal, you tell yourself. Actually, it is a big deal. The newfound privacy conundrum presented by installing a device that can literally listen to everything you're saying represents a chilling new development in the age of internet-connected things. By buying a smart speaker, you're effectively paying money to let a huge tech company surveil you. And I don't mean to sound overly cynical about this, either. Amazon, Google, Apple, and others say that their devices aren't spying on unsuspecting families. The only problem is that these gadgets are both hackable and prone to bugs.
The Courts

State Board Concedes It Violated Free Speech Rights of Oregon Man Fined For Writing 'I Am An Engineer' (oregonlive.com) 178

According to Oregon Live, "A state panel violated a Beaverton man's free speech rights by claiming he had unlawfully used the title 'engineer' and by fining him when he repeatedly challenged Oregon's traffic-signal timing before local media and policymakers, Oregon's attorney general has ruled." From the report: Oregon's Board of Examiners for Engineering and Land Surveying unconstitutionally applied state law governing engineering practice to Mats Jarlstrom when he exercised his free speech about traffic lights and described himself as an engineer since he was doing so "in a noncommercial'' setting and not soliciting professional business, the state Department of Justice has conceded. "We have admitted to violating Mr. Jarlstrom's rights,'' said Christina L. Beatty-Walters, senior assistant attorney general, in federal court Monday. The state's regulation of Jarlstrom under engineering practice law "was not narrowly tailored to any compelling state interests,'' she wrote in court papers. The state has pledged the board will not pursue the Beaverton man any further when he's not acting in a commercial or professional manner, and on Monday urged a federal judge to dismiss the case. The state also sent a $500 check to Jarlstrom in August, reimbursing him for the state fine.

Jarlstrom and his lawyers argued that's not good enough. They contend Jarlstrom isn't alone in getting snared by the state board's aggressive and "overbroad'' interpretation of state law. They contend others have been investigated improperly and want the court to look broader at the state law and its administrative rules and declare them unconstitutional. In the alternative, the state law should be restricted to only regulating engineering communications that are made as part of paid employment or a contractual agreement.

Censorship

Cloudflare's CEO Has a Plan To Never Censor Hate Speech Again (arstechnica.com) 393

"Cloudflare CEO Matthew Prince hated cutting off service to the infamous neo-Nazi site the Daily Stormer in August," reports Ars Technica. "And he's determined not to do it again. 'I'm almost a free-speech absolutist.' Prince said at an event at the New America Foundation last Wednesday. But in a subsequent interview with Ars, Prince argued that in the case of the Daily Stormer, the company didn't have much choice." From the report: Prince's response was to cut Daily Stormer off while laying the groundwork to make sure he'd never have to make a decision like that again. In a remarkable company-wide email sent shortly after the decision, Prince described his own actions as "arbitrary" and "dangerous." "I woke up this morning in a bad mood and decided to kick them off the Internet," Prince wrote in August. "It was a decision I could make because I'm the CEO of a major Internet infrastructure company." He argued that "it's important that what we did today not set a precedent." Prior to August, Cloudflare had consistently refused to police content published by its customers. Last week, Prince made a swing through DC to help ensure that the Daily Stormer decision does not, in fact, set a precedent. He met with officials from the Federal Communications Commission and with researchers at the libertarian Cato Institute and the left-of-center New America Foundation -- all in an effort to ensure that he'd have the political cover he needed to say no next time he came under pressure to take down controversial content.

The law is strongly on Cloudflare's side here. Internet infrastructure providers like Cloudflare have broad legal immunity for content created by their customers. But legal rights may not matter if Cloudflare comes under pressure from customers to take down content. And that's why Prince is working to cultivate a social consensus that infrastructure providers like Cloudflare should not be in the censorship business -- no matter how offensive its customers' content might be.

Piracy

Gamer Streams Pay-Per-View UFC Fight By Pretending To Play It (theverge.com) 75

WheezyJoe writes: A pay-per-view UFC Match was streamed in its entirety on Twitch and other platforms by a gamer pretending he was "playing" the fight as a game. The gamer, AJ Lester, appearing in the corner of the image holding his game controller, made off like he was controlling the action of the "game" when in fact he was re-broadcasting the fight for free. A tweet showing Lester's antics went viral with over 63,000 retweets and 140,000 likes at the time of publication. Another clip shows him reacting wildly yelling "oooooooooooooooh!!!" and "damnnnnnn!" in response to the match.
Piracy

Not Even Free TV Can Get People To Stop Pirating Movies and TV Shows (qz.com) 221

An anonymous reader quotes a report from Quartz: Since the internet made it easier to illegally download and stream movies and TV shows, Hollywood struggled with people pirating its works online. About $5.5 billion in revenue was lost to piracy globally last year, Digital TV Research found (pdf), and it's expected to approach $10 billion by 2022. Streaming-video services like Netflix and Hulu have made it more affordable to access a wide-range of titles from different TV networks and movie studios. But the availability of cheap content online has done little to curb piracy, according to research published in Management Science (paywall) last month. Customers who were offered free subscriptions to a video-on-demand package (SVOD) were just as likely to turn to piracy to find programming as those without the offering, researchers at Catolica Lisbon School of Business & Economics and Carnegie Mellon University found.

The researchers partnered with an unnamed internet-service provider -- in a region they chose not to disclose -- to offer customers who were already prone to piracy an on-demand package for free for 45 days. About 10,000 households participated in the study, and about half were given the free service. The on-demand service was packaged like Netflix or Hulu in layout, appearance, and scope of programming, but was delivered through a TV set-top box. It had a personalized recommendation engine that surfaced popular programming based on what those customers were already watching illegally through BitTorrent logs, which were obtained from a third-party firm. The study found that while the participants watched 4.6% more TV overall when they had the free on-demand service, they did not stop using BitTorrent to pirate movies and TV shows that were not included in the offering.

Security

PayPal Says 1.6 Million Customer Details Stolen In Breach At Canadian Subsidiary (bleepingcomputer.com) 24

New submitter Kargan shares a report from BleepingComputer: PayPal says that one of the companies it recently acquired suffered a security incident during which an attacker appears to have accessed servers that stored information for 1.6 million customers. The victim of the security breach is TIO Networks, a Canadian company that runs a network of over 60,000 utility and bills payment kiosks across North America. PayPal acquired TIO Networks this past July for $238 million in cash. PayPal reportedly suspended the operations of TIO's network on November 10th. "PayPal says the intruder(s) got access to the personal information of both TIO customers and customers of TIO billers," reports BleepingComputer. "The company did not reveal what type of information the attacker accessed, but since this is a payment system, attackers most likely obtained both personally-identifiable information (PII) and financial details." The company has started notifying customers and is offering free credit monitoring memberships.
The Internet

FCC Won't Delay Vote, Says Net Neutrality Supporters Are 'Desperate' (arstechnica.com) 347

An anonymous reader quotes a report from Ars Technica: The Federal Communications Commission will move ahead with its vote to kill net neutrality rules next week despite an unresolved court case that could strip away even more consumer protections. FCC Chairman Ajit Pai says that net neutrality rules aren't needed because the Federal Trade Commission can protect consumers from broadband providers. But a pending court case involving AT&T could strip the FTC of its regulatory authority over AT&T and similar ISPs. A few dozen consumer advocacy groups and the City of New York urged Pai to delay the net neutrality-killing vote in a letter today. If the FCC eliminates its rules and the court case goes AT&T's way, there would be a "'regulatory gap' that would leave consumers utterly unprotected," the letter said. When contacted by Ars, Pai's office issued this statement in response to the letter: "This is just evidence that supporters of heavy-handed Internet regulations are becoming more desperate by the day as their effort to defeat Chairman Pai's plan to restore Internet freedom has stalled. The vote will proceed as scheduled on December 14."

Slashdot Top Deals