kaptink writes with the latest revelation from Edward Snowden: "Microsoft helped the NSA to circumvent its encryption to address concerns that the agency would be unable to intercept web chats on the new Outlook.com portal. The agency already had pre-encryption stage access to email on Outlook.com, including Hotmail. The company worked with the FBI this year to allow the NSA easier access via Prism to its cloud storage service SkyDrive, which now has more than 250 million users worldwide. Microsoft also worked with the FBI's Data Intercept Unit to 'understand' potential issues with a feature in Outlook.com that allows users to create email aliases. Skype, which was bought by Microsoft in October 2011, worked with intelligence agencies last year to allow Prism to collect video of conversations as well as audio. Material collected through Prism is routinely shared with the FBI and CIA, with one NSA document describing the program as a 'team sport.'"

hypnosec writes "The longstanding stalemate between the Government of India and BlackBerry (formerly RIM) is over after the government reportedly accepted the solution provided by BlackBerry regarding lawful interception of messages sent using BBM and internet emails sent using BlackBerry Internet Services (BIS). As a result of this, the government will now be able to monitor e-mails in real-time sent using BlackBerry services and messages on BlackBerry Messenger. According to Economic Times, which claims to have reviewed a copy of the internal Department of Telecom document, 'Baring a few minor points for improvement of viewers, the lawful interception system for BlackBerry Services is ready for use.' The initial demands of the government also included the ability to intercept and monitor emails and messages sent using BlackBerry Enterprise Server, but it seems that this demand have been shelved for now."

Okian Warrior writes with this news as reported by TechDirt: "The Washington Post revealed some of the code names for various NSA surveillance programs, including NUCLEON, MARINA and MAINWAY. Chris Soghoian has pointed out that a quick LinkedIn search for profiles with codenames like MARINA and NUCLEON happens to turn up profiles like this one which appear to reveal more codenames: 'Skilled in the use of several Intelligence tools and resources: ANCHORY, AMHS, NUCLEON, TRAFFICTHIEF, ARCMAP, SIGNAV, COASTLINE, DISHFIRE, FASTSCOPE, OCTAVE/CONTRAOCTAVE, PINWALE, UTT, WEBCANDID, MICHIGAN, PLUS, ASSOCIATION, MAINWAY, FASCIA, OCTSKYWARD, INTELINK, METRICS, BANYAN, MARINA.' TRAFFICTHIEF, eh? WEBCANDID? Hmm... Apparently, NSA employees don't realize that information they post online can be revealed."

jfruh writes "The FCC's Universal Service Fund has a noble goal: using a small fee on all U.S. landlines to subsidize universal phone coverage throughout the country. But a recent report reveals that this early 20th centuryy program's design is wildly at odds with 21st century realities: Its main effect now is that poor people living in urban areas are subsidizing rich people living in the country. The FCC says that it's already enacted reforms to combat some of the worst abuses in the report — like subsidies to rural areas that add up to $24,000 per line — but even the $3,000 per line cap now in place seems absurd."

Razgorov Prikazka writes "The Russian Federal Guard Service (FSO), who are in charge of protecting high level politicians like president Putin (amongst others), are 'upgrading' to electric typewriters for writing sensitive documents. They have found out that computers pose a security risk and this is their answer to it. On first sight this seems like a very pragmatic and cost-efficient thing to do. However, the FSO has its roots in the KGB and those were the ones who placed keystroke loggers on the popular IBM Selectric electric typewriter 40 years ago! So how much safer does this make them?"

cylonlover writes "For a number of years now, police forces around the world have enlisted officers to pose as kids in online chat rooms, in an attempt to draw out pedophiles and track them down. Researchers at Spain's University of Deusto are now hoping to free those cops up for other duties, and to catch more offenders, via a chatbot that they've created. Its name is Negobot, and it plays the part of a 14 year-old girl." (Read the original source, in Spanish).

tsu doh nimh writes "One of the more time-honored traditions at DEF CON — the massive hacker convention held each year in Las Vegas — is 'Spot-the-Fed,' a playful and mostly harmless contest to out undercover government agents that attend the show each year. But that game might be a bit tougher when the conference rolls around again next month: In an apparent reaction to recent revelations about far-reaching U.S. government surveillance programs, DEF CON organizers are asking feds to just stay away: 'I think it would be best for everyone involved if the feds call a "time-out" and not attend DEF CON this year,' conference organizer Jeff Moss wrote in a short post at Defcon.org. Krebsonsecurity writes that after many years of mutual distrust, the hacker community and the feds buried a lot of their differences in the wake of 911, with the director of NSA even delivering the keynote at last year's conference. But this year? Spot the fed may just turn into hack-the-fed."

MrMetlHed writes "A portion of this Reuters article about the Pentagon's inability to manage paying soldiers properly mentions that their payroll program has 'seven million lines of Cobol code that hasn't been updated.' It goes on to mention that the documentation has been lost, and no one really knows how to update it well. In trying to replace the program, the Pentagon spent a billion dollars and wasn't successful."

Swedish Pirate Party founder Rick Falkvinge reports that a fansite providing subtitles for movies has been raided by Swedish police at the behest of the copyright industry. "The movie subtitle fansite undertexter.se, literally meaning subtitles.se, is a site where people contribute their own translations of movies. This lets people who aren't good at the original language of a movie or cartoon put those fan-made subtitles – fansubs – on top of the movie or cartoon. Fansubbing is a thriving culture which usually provides better-than-professional subtitles for new episodes with less than 24 hours of turnaround (whereas the providers of the original cartoon or movie can easily take six months or more). What’s remarkable about this raid is that the copyright industry has decided to do a full-out raid against something that is entirely fan-made. It underscores the general sentiment of the copyright monopoly not protecting the creator of artwork, but protecting the big distribution monopolies, no matter who actually created the art."

An anonymous reader writes "The French Parliament just wrote into law the first instance of Free Software priority in a public service, by adopting the Bill on Higher Education and Research. [Advocacy association April], after extensively contributing to the debate, especially welcomes this vote and congratulates Deputies and Senators for recognizing the importance of Free Software in the Public Service for Higher Education, since it alone can ensure equal access to the future public service. April hopes that this first step will be followed by other legislation in favor of Free Software. It also thanks all the persons who mobilized and contacted the Parliament Members."

MarkWhittington writes "Two House Democrats, Reps. Donna Edwards (D-Md.) and Eddie Bernice Johnson (D-Texas), have proposed a bill called Apollo Lunar Landing Legacy Act, H.R. 2617 (PDF), that would establish the Apollo Lunar Landing Sites National Historical Park at all the Apollo lunar landing sites, according to a story in The Hill. 'The park would be comprised of all artifacts left on the surface of the moon from the Apollo 11 through 17 missions. The bill says these sites need to be protected because of the anticipated increase in commercial moon landings in the future.'"

New submitter Nicolas Jondet writes "French courts will not be able to disconnect convicted file-sharers from the Internet anymore. On Tuesday, the French Culture minister issued a decree modifying the graduated response scheme and removing the disconnection penalty. 'The report says that instead of simply disconnecting users, those suspected of copyright could be fined if they did not reply to warnings, with a relatively low fine (€60) to begin, and the size of the fine would increase depending on the number of infractions. French anti-piracy will now their focus – instead of handing heavy punishments to individual users, the government is looking towards penalizing "commercial piracy" and "sites that profit from pirated material," according to an official spokesperson.'"

GrueMaster writes "Did Florida ban computers and smartphones? They tried banning Internet Cafes, but the wording in the law is overly broad. '... it's the wording that's problematic, as it defines a slot machine as "any machine or device or system or network of devices" that can be used in games of chance. Turns out the Internet is full of gambling sites, which is where the definition runs into some problems. Consuelo Zapata, owner of the Miami-Dade county Internet cafe Incredible Investments, LLC, is suing the state (PDF) to overturn the ban, saying that definition is too broad and could be applied to any number of electronic devices. "

An anonymous reader writes "After every major war, technology developed for a conflict gets applied to civilian life. The BBC recently reported that Army researchers have adapted advanced social network analysis software used for counter-insurgencies in Iraq and Afghanistan to help law enforcement analyze the behavior of street gangs. With the growing problem of gang violence in major U.S. cities, this may provide a fresh perspective. 'Orca can figure out the likely affiliations of individuals who will not admit to being members of any specific gang, as well as the sub-structure of gangs – the gang ecosystem – and the identities of those who tend to dictate the behaviour of others. ... Having some knowledge of the links and affiliations between different gangs can highlight dangers that call for more focused policing. If a gang perpetrates some violent action on a rival gang, police will often monitor the rival gang more closely because of the likelihood of retaliation. But gangs know this, and so the rivals might instead ask an allied gang to carry out a reprisal. Understanding such alliances helps the police stay a step ahead.' The question is: will it work?"

snydeq writes "InfoWorld's Roger Grimes interviews a longtime friend and cyber warrior under contract with the U.S. government, offering a fascinating glimpse of the front lines in the ever-escalating and completely clandestine cyber war. From the interview: 'They didn't seem to care that I had hacked our own government years ago or that I smoked pot. I wasn't sure I was going to take the job, but then they showed me the work environment and introduced me to a few future co-workers. I was impressed. ... We have tens of thousands of ready-to-use bugs in single applications, single operating systems. ... It's all zero-days. Literally, if you can name the software or the controller, we have ways to exploit it. There is no software that isn't easily crackable. In the last few years, every publicly known and patched bug makes almost no impact on us. They aren't scratching the surface.'"

wiredmikey writes "Recently discovered security flaws in the Emergency Alerting System (EAS) which is widely used by TV and radio stations across the United States, has made the systems vulnerable to remote attack. The vulnerability stems from an SSH key that is hard-coded into DASDEC-I and DASDEC-II devices made by Monroe Electronics. Unless the default settings were altered during deployment, impacted systems are using a known key that could enable an attacker with full access if the systems are publicly faced or if they've already compromised the network. By exploiting the vulnerability, an attacker could disrupt a station's ability to transmit and/or could send out false emergency information. 'Earlier this year we were shown an example of an intrusion on the EAS when the Montana Television Network's regular programming was interrupted by news of a zombie apocalypse. Although there was no zombie apocalypse, it did highlight just how vulnerable the system is,' said Mike Davis, a principal research scientist at IOActive. The DHS issued an alert on the vulnerability, and IOActive, the firm that discovered the flaw, has published additional technical details (PDF) on the security issue."

Trajan Przybylski writes "Information rights authorities in the UK, Germany, and Italy threatened to take legal action against Google if the company does not change its unified privacy policy. In its latest statement the ICO, Britain's information watchdog said Google's privacy policy implemented in March 2012 may not comply with the UK Data Protection Act. Many privacy activists and commentators have been critical of the data unification practice with some claiming the data sharing across web services carries serious risk of compromising people's identities as many users are not even aware their data is freely passed between Google-owned services."

FuzzNugget writes "After the Economic Development Administration (EDA) was alerted by the DHS to a possible malware infection, they took extraordinary measures. Fearing a targeted attack by a nation-state, they shut down their entire IT operations, isolating their network from the outside world, disabling their email services and leaving their regional offices high and dry, unable to access the centrally-stored databases. A security contractor ultimately declared the systems largely clean, finding only six computers infected with untargeted, garden-variety malware and easily repaired by reimaging. But that wasn't enough for the EDA: taking gross incompetence to a whole new level, they proceeded to physically destroy $170,500 worth of equipment (PDF), including uninfected systems, printers, cameras, keyboards and mice. After the destruction was halted — only because they ran out of money to continue smashing up perfectly good hardware — they had racked up a total of $2.3 million in service costs, temporary infrastructure acquisitions and equipment destruction."

NF6X writes "UCSD Lecturer Brett Stallbaum has released an Android app called Gun Geo Marker to allow people to 'Geolocate Dangerous Guns and Owners.' The app description states: 'The Gun Geo Marker operates very simply, letting parents and community members mark, or geolocate, sites associated with potentially unsafe guns and gun owners. These locations are typically the homes or businesses of suspected unsafe gun owners, but might also be public lands or other locations where guns are not handled safely, or situations where proper rights to own or use any particular type of firearm may not exist.' I question how the motivation behind developing this app differs from, say, developing an app to allow others to publicly geotag homes of people believed to belong to a particular religion or political party."

The EFF has been attempting to sue the government over illegal surveillance since the Bush administration, and, despite repeated attempts to have the case dismissed because of State Secrets, a federal judge has now ruled that the case must go forward in public court, throwing out the government's State Secrets argument. From the order: Having thoroughly considered the parties' papers, Defendants' public and classified declarations, the relevant legal authority and the parties' arguments, the Court GRANTS the Jewel Plaintiffs' motion for partial summary adjudication by rejecting the state secrets defense as having been displaced by the statutory procedure prescribed in 50 U.S.C. 1806(f) of FISA. In both related cases, the Court GRANTS Defendants' motions to dismiss Plaintiffs' statutory claims on the basis of sovereign immunity. The Court further finds that the parties have not addressed the viability of the only potentially remaining claims, the Jewel Plaintiffs' constitutional claims under the Fourth and First Amendments and the claim for violation of separation of powers and the Shubert Plaintiffs' fourth cause of action for violation of the Fourth Amendment. Accordingly, the Court RESERVES ruling on Defendants' motion for summary judgment on the remaining, non-statutory claims." Although some statutory claims were dismissed, the core Constitutional questions will be litigated.