chicksdaddy writes with news of a remote exploit in Samsung Smart TVs, and a warning for those who got one with a built-in camera. From the article: "The company that made headlines in October for publicizing zero day holes in SCADA products now says it has uncovered a remotely exploitable security hole in Samsung Smart TVs. If left unpatched, the vulnerability could allow hackers to make off with owners' social media credentials and even to spy on those watching the TV using built-in video cameras and microphones. In an e-mail exchange with Security Ledger, the Malta-based firm said that the previously unknown ('zero day') hole affects Samsung Smart TVs running the latest version of the company's Linux-based firmware. It could give an attacker the ability to access any file available on the remote device, as well as external devices (such as USB drives) connected to the TV. And, in a Orwellian twist, the hole could be used to access cameras and microphones attached to the Smart TVs, giving remote attacker the ability to spy on those viewing a compromised set."
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's now on IFTTT. Check it out! Check out the new SourceForge HTML5 Internet speed test! ×
An anonymous reader writes "Darren Nix works for 42Floors, a business that uses its website to help people find office space. He recently received a marketing email for a service that offered to identify visitors to his website. After squeezing some information out of the marketer and playing around with a demo account, he now explains exactly how sketchy companies track your presence across multiple websites. The marketer offered to provide Nix with 'tracking code that would sit in your web site' which would 'grab a few key pieces of data from each visitor.' This includes IP addresses and search engine data. The marketer's company would then automatically analyze the data to try to identify the user and send back whatever personal information they've collected on that user from different websites. Thus, it's entirely possible for a site to know your name, email address, and company on your very first visit, and without any interaction on your part. Nix writes, 'A real-world analogue would be this scenario: You drive to Home Depot and walk in. Closed-circuit cameras match your face against a database of every shopper that has used a credit card at Walmart or Target and identifies you by name, address, and phone. If you happen to walk out the front door without buying anything your phone buzzes with a text message from Home Depot offering you a 10% discount good for the next hour. Farfetched? I don't think so. ... All the necessary pieces already exist, they just haven't been combined yet.'"
TCPALaw writes "ccAdvertising, a company purported to have 'a long, long, long history of pumping spam out of every telecommunications orifice, and even boasting of voter suppression' has asked the FCC to declare spam filters illegal. Citing Free Speech rights, the company claims wireless carriers should be prohibited from employing spam filters that might block ccAdvertising's political spam. Without stating it explicitly, the filing implies that network neutrality must apply to spam, so the FCC must therefore prohibit spam filters (unless political spam is whitelisted). In an earlier filing, the company suggests it is proper that recipients 'bear some cost' of unsolicited political speech sent to their cell phones. The public can file comments with the FCC on ccAdvertising's filing online."
An anonymous reader points out an AP report which says a judge in Guatemala has ordered the release of John McAfee from a detention center. "Lawyer Telesforo Guerra said the judge notified him verbally of the ruling, but added that it may take a day for formal written notification to win McAfee's release, possibly as soon as Wednesday." McAfee, on the run from Belizean police, was arrested in Guatemala several days ago after making himself known to authorities. He did so because a pair of reporters who were interviewing him posted a photo which included metadata on the photo's location. In a live broadcast on Sunday, McAfee expressed a desire to return to the U.S. "I simply would like to live comfortably day by day, fish, swim, enjoy my declining years. My long-term plan was simply to get away from Belize, think, and decide what to do."
New submitter Nerdolicious writes "Ars Technica reports that Voltage Pictures, the studio behind the infamous Hurt Locker debacle, has requested subscriber information for thousands of TekSavvy customers in relation to alleged copyright infringements. In their official blog, TekSavvy clarifies the situation and provides further reassurance that they will not release any private customer information without a court order. They have also posted the legal documents containing both the official notice and list of films that are the subjects of the alleged infringements. However, several questions remain to be answered: will Canadian courts be amicable to these tactics after changes to copyright law were made specifically to prevent the predatory legal entanglement of Canadian citizens? Will the studio actually attempt to pursue the situation beyond the proliferation of threatening extortion letters? How would the already-clogged courts react to what amounts to denial-of-service attack on the judicial system?"
Dupple writes "There's a two page article over on IT World detailing a new patent system passed by the European Parliament that will unify the patent process across most countries in the EU. Quoting: 'Parliament adopted all three proposed regulations needed to form the new patent system on Tuesday: the regulation on a Unitary Patent, the language regime and the formation of a new unified patent court system. Not all European Union member states want a part in the new system: Italy and Spain refused to participate, although they may join at any time. The new system will cut the cost of obtaining a patent in the participating countries by up to 80 percent, the Parliament said. The patents will be made available in English, French and German and applications will have to be made in one of those three languages. Not everyone was pleased with the newly adopted regulation though. MEPs opposing the adopted text are concerned the new system is going to be bad for innovation and business, and by voting for the text, the Parliament is giving away powers, they said. The new regulation "means the European Parliament will abdicate all its political powers to an organization ... that is outside of the E.U.," said Christian Engström, Pirate Party member of parliament, adding that he still wanted a European patent as long as it did not hamper innovation as he believes the proposal in its current form does.'"
megla writes "The BBC is reporting that the Draft Communications Bill is going to be re-written following widespread opposition. The hugely controversial bill would, as it stands, require ISPs to retain vast amounts of data and grant broad powers to authorities to access it, in some cases without needing any permission at all. For those who are interested in the gritty details the first parliamentary report into the legislation is sharply critical at times. This is good news for anyone in the UK who values their privacy, but it may not be enough. Many would prefer to see the bill scrapped entirely." Opposition to the bill, at least in its original form, isn't just from crazy civil libertarian types, either; reader judgecorp points out that it even includes Deputy prime minister of Britain Nick Clegg.
Techmeology writes "The BPI has threatened to sue the Pirate Party for allowing people access to The Pirate Bay through its proxy service. The leader of the Pirate Party UK, Loz Kaye said his party would go to court over the issue. Kaye said that he was determined to defend his party's principles even in the face of an expensive legal battle."
Hugh Pickens writes writes "AP reports that if disaster strikes a US nuclear power plant, the utility industry wants the ability to fly in heavy-duty equipment from regional hubs to stricken reactors to avert a meltdown providing another layer of defense in case a Fukushima-style disaster destroys a nuclear plant's multiple backup systems. 'It became very clear in Japan that utilities became quickly overwhelmed,' says Joe Pollock, vice president for nuclear operations at the Nuclear Energy Institute, an industry lobbying group that is spearheading the effort. US nuclear plants already have backup safety systems and are supposed to withstand the worst possible disasters in their regions, including hurricanes, tornadoes, floods and earthquakes. But planners can be wrong. The industry plan, called FLEX, is the nuclear industry's method for meeting new US Nuclear Regulatory Commission rules that will force 65 plants in the US to get extra emergency equipment on site and store it protectively. The FLEX program is supposed to help nuclear plants handle the biggest disasters. Under the plan, plant operators can summon help from the regional centers in Memphis and Phoenix. In addition to having several duplicate sets of plant emergency gear, industry officials say the centers will likely have heavier equipment that could include an emergency generator large enough to power a plant's emergency cooling systems, equipment to treat cooling water and extra radiation protection gear for workers. Federal regulators must still decide whether to approve the plans submitted by individual plants. 'They need to show us not just that they have the pump, but that they've done all the appropriate designing and engineering so that they have a hookup for that pump,' says NRC spokesman Scott Burnell said. 'They're not going to be trying to figure out, "Where are we going to plug this thing in?"'"
judgecorp writes "Russia, China and other nations have withdrawn proposals to take control over the Internet within their borders. The proposals, handed to the World Conference on International Telecommunications (WCIT) on Friday, caused widespread dismay and protest. The WCIT event in Dubai, run by the UN agency ITU, is working on new International Telecommunications Regulations (ITRs) which are due for their first revision since the emergence of the mass Internet. The line-up of nations wanting to formalize their power to restrict the Internet included Russia, China, UAE, Saudi Arabia, Algeria, Sudan and Egypt. Their proposal has been withdrawn without explanation, an ITU spokesperson confirmed."
TrueSatan writes "Pirate bay founder Gottfrid Svartholm is set to be released from solitary confinement but is still to serve the remainder of a one-year sentence relating to Pirate Bay activities. Five months remain of that sentence and they are to be served in a normal prison with far fewer restrictions on his confinement — assuming no new charges are brought against him. He had been accused of involvement in the hacking of Swedish IT firm Logica, but no charges have been substantiated in that case. He was later implicated in a second case but, once more, no charges have been substantiated against him."
paysonwelch writes "John McAfee, famed antivirus software pioneer and human rights advocate, today announced that he will host a news conference to ask the world for its protection against the Government of Belize. On his official blog, whoismcafee.com, Mr. McAfee has accused the Belize government of widespread corruption. Because of this, Mr. McAfee feels that he will be in grave danger if he were to be returned to there."
spacenet writes "As a response to RMS speaking out against Ubuntu about its privacy-violating integrated Amazon search results, which he considers to be spyware, Ubuntu Community Manager Jono Bacon has addressed RMS's statements. In his reply, Jono claims that Stallman's views on privacy do not align with Canonical's, that some of his statements are worded in order to 'generate fear, uncertainty, and doubt about Ubuntu' and that 'it just seems a bit childish to me.' The comments on the post itself are well worth a read."
First time accepted submitter Shifuimam writes "I downloaded a DOSBox port for Android recently to get back into all the games of my childhood. Turns out that the only free distribution available hasn't been updated in nearly two years, so I looked for alternatives. There are two on Google Play — DOSBox Turbo and "DOSBot". Both charge a fee — DOSBox Turbo is $3.99; DOSBot is $0.99. The developer of DOSBot says on his Google Play entry that he will not release the source code of his application because it's not GPL, even though it's derived from source released under GPL v2 — this is definitely a violation of the license. The developer of DOSBox Turbo is refusing to release the source for his application unless you pay the $3.99 to "buy" a license of it. The same developer explicitly states that the "small" fee (although one might argue that $3.99 is pretty expensive for an OSS Android app) is to cover the cost of development. Unless I'm misreading the text of GPL v2, a fee can only be charged to cover the cost of the distribution of a program or derived work, not the cost of development. And, of course, it doesn't cost the developer anything for someone to log in to Google Play and download their app. In fact, from what I can tell, there's a one-time $25 fee to register for Google Checkout, after which releasing apps is free. Where do you draw the line on this? What do you do in this kind of situation?"
SternisheFan sends this quote from Ars: "On Friday, a federal grand jury in Dallas indicted Barrett Brown, a former self-proclaimed Anonymous spokesperson, for trafficking 'stolen authentication features,' as well as 'access device fraud' and 'aggravated identity theft.' Brown has been detained since he was arrested in September for allegedly threatening a federal agent. 10 counts of the 12-count indictment concern the aggravated identity theft charge (the indictment references 10 people from whom Brown is alleged to have stolen information), but the most interesting charge is probably the first; a single count saying Brown, 'did knowingly traffic in more than five authentication features knowing that such features were stolen and produced without lawful authority.' But rather than a physical back-alley hand-off, this alleged trafficking happened online when Barrett transferred a hyperlink, 'from the Internet Relay Chat (IRC) channel called "#Anonops" to an IRC channel under Brown's control, called "#ProjectPM."' That hyperlink happened to include over 5,000 credit card numbers, associating Ids, and Card Verification Values (CVVs) from the Stratfor Global Intelligence database."