An anonymous reader quotes a report from Quartz: A new study from The Citizen Lab, a research group at the University of Toronto, reveals that censorship on WeChat occurs primarily in group chats rather than one-on-one chats between two people, and often in such a way where the sender of a text isn't even aware a piece of text has been scrubbed. The discoveries illuminates how China's government attempts to keep its citizens blind to the scope of its censorship regime. The researchers set out find the extent to which certain keywords got scrubbed from conversations between two or more users in WeChat. To do this, in June 2016 the team posed as a Chinese WeChat user and sent out 26,821 keywords containing terms that had been censored on other apps, including Tom-Skype (a made-for-China version of Skype) and YY (a live broadcast app). A corresponding Canadian user in the two-way chat would then report back to say whether or not the message had been received. The report states that out of the entire sample, only one term -- Falun Gong -- had been scrubbed. When they ran an identical test in August, even that text mysteriously passed without censorship. Yet when they tested group chats, they found multiple cases in which certain keywords triggered a removal. Specifically, while sensitive terms used in isolation were unlikely to trigger censorship (say "June 4th," a reference to the Tiananmen Square protests, brutally put down on June 4, 1989), it took effect when they were used in a full sentence or with other keywords. The researchers also discovered that when WeChat censored a message, the sender received no notice informing him that his text had not reached the intended recipient. The study also notes that "WeChat only censors content for users who bind their account to a mainland Chinese phone number when they first register to use the app." The censorship is still applied even if Chinese residents move to different countries or change phone numbers.
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
plover writes: Investigators from the U.S. Department of Justice, the FBI, Eurojust, Europol, and other global partners announced the takedown of a massive botnet named "Avalanche," estimated to have involved as many as 500,000 infected computers worldwide on a daily basis. A Europol release says: "The global effort to take down this network involved the crucial support of prosecutors and investigators from 30 countries. As a result, five individuals were arrested, 37 premises were searched, and 39 servers were seized. Victims of malware infections were identified in over 180 countries. In addition, 221 servers were put offline through abuse notifications sent to the hosting providers. The operation marks the largest-ever use of sinkholing to combat botnet infrastructures and is unprecedented in its scale, with over 800,000 domains seized, sinkholed or blocked." Sean Gallagher writes via Ars Technica: "The domains seized have been 'sinkholed' to terminate the operation of the botnet, which is estimated to have spanned over hundreds of thousands of compromised computers around the world. The Justice Department's Office for the Western Federal District of Pennsylvania and the FBI's Pittsburgh office led the U.S. portion of the takedown. 'The monetary losses associated with malware attacks conducted over the Avalanche network are estimated to be in the hundreds of millions of dollars worldwide, although exact calculations are difficult due to the high number of malware families present on the network,' the FBI and DOJ said in their joint statement. In 2010, an Anti-Phishing Working Group report called out Avalanche as 'the world's most prolific phishing gang,' noting that the Avalanche botnet was responsible for two-thirds of all phishing attacks recorded in the second half of 2009 (84,250 out of 126,697). 'During that time, it targeted more than 40 major financial institutions, online services, and job search providers,' APWG reported. In December of 2009, the network used 959 distinct domains for its phishing campaigns. Avalanche also actively spread the Zeus financial fraud botnet at the time."
According to French media, a court in the department of Ardeche on Tuesday sentenced a 32-year-old man in France to two years in prison for repeatedly visiting pro-ISIS websites -- even though there was no indication he planned to stage a terrorist attack. Police raided his house and found the man's browsing history. They also found pro-ISIS images and execution videos on his phone, personal computer, and a USB stick, an ISIS flag wallpaper on his computer, and a computer password that was "13novembrehaha," referencing the Paris terrorist attacks that left 130 people dead. Slashdot reader future guy shares with us an excerpt from The Verge's report: In court, the man argued that he visited the sites out of curiosity. "I wanted to tell the difference between real Islam and the false Islam, now I understand," he said, according to FranceBleu. But the man reportedly admitted to not reading other news sites or international press, and family members told the court that his behavior had recently changed. He became irritated when discussing religion, they said, and began sporting a long beard with harem pants. A representative from the Ardeche court confirmed to The Verge that there was no indication that the man had any plans to launch an attack. In addition to the two-year prison sentence, he will have to pay a 30,000 euros (roughly $32,000) fine.
An anonymous reader quotes a report from Bloomberg: Apple plans to use drones and new indoor navigation features to improve its Maps service and catch longtime leader Google (Warning: source may be paywalled; alternate link), according to people familiar with the matter. The Cupertino, California-based company is assembling a team of robotics and data-collection experts that will use drones to capture and update map information faster than its existing fleet of camera-and-sensor ladened minivans, one of the people said. Apple wants to fly drones around to do things like examine street signs, track changes to roads and monitor if areas are under construction, the person said. The data collected would be sent to Apple teams that rapidly update the Maps app to provide fresh information to users, the person added. Apple is also developing new features for Maps, including views inside buildings and improvements to car navigation, another person familiar with the efforts said. Apple filed for an exemption on Sept. 21, 2015, from the Federal Aviation Administration to fly drones for commercial purposes, according to documents obtained by Bloomberg News. At that time, exemptions were required to commercially operate drones. In a response dated March 22, 2016, the FAA granted Apple approval to "operate an unmanned aircraft system to conduct data collection, photography, and videography," according to one of the documents. Apple's application told the FAA that it would use a range of drones sold by companies such as SZ DJI Technology Co. and Aibotix GmbH to collect the data. Apple has hired at least one person from Amazon's Prime Air division to help run the drone team, one of the people said.
Last month, instead of asking for data relating to specific individuals suspected of a crime, the Internal Revenue Service (IRS) demanded America's largest Bitcoin service, Coinbase, to provide the identities of all of the firm's U.S. customers who made transactions over a three year period because there is a chance they are avoiding paying taxes on their bitcoin reserves. On Wednesday, a federal judge authorized a summons requiring Coinbase to provide the IRS with those records. Gizmodo reports: Covering the identities and transaction histories of millions of customers, the request is believed to be the largest single attempt to identify tax evaders using virtual currency to date. As a so-called "John Doe" summons, the document targets a particular group or class of taxpayers -- rather than individuals -- the agency has a "reasonable basis" to believe may have broken the law. According to The New York Times, the IRS argued that two cases of tax evasion involving Coinbase combined with Bitcoin's "relatively high level of anonymity" serve as that basis. "There is no allegation in this suit that Coinbase has engaged in any wrongdoing in connection with its virtual currency exchange business," said the Justice Department on Wednesday. "Rather, the IRS uses John Doe summonses to obtain information about possible violations of internal revenue laws by individuals whose identities are unknown." In a statement, Coinbase vowed to fight the summons, which the company's head counsel has previously characterized as a "every, very broad" fishing expedition.
Beginning next year, internet service providers in the UK will send email notifications to subscribers whose connections have been allegedly used to download copyright infringing content. In what is an attempt to curtail piracy rates, these alerts would try to educate those who pirate about legal alternates. TorrentFreak adds: Mimicking its American counterpart, the copyright alert program will monitor the illegal file-sharing habits of UK citizens with a strong focus on repeat infringers. The piracy alerts program is part of the larger Creative Content UK (CCUK) initiative which already introduced several anti-piracy PR campaigns, targeted at the general public as well as the classroom. The plan to send out email alerts was first announced several years ago when we discussed it in detail, but it took some time to get everything ready. This week, a spokesperson from CCUK's "Get it Right From a Genuine Site" campaign informed us that it will go live in first few months of 2017. It's likely that ISPs and copyright holders needed to fine-tune their systems to get going, but the general purpose of the campaign remains the same.
Stephen Shankland, writing for CNET: Mozilla is marshaling public support for political positions, like backing net neutrality, defending encryption and keeping government surveillance from getting out of hand, says Denelle Dixon-Thayer, Mozilla's chief legal and business officer. The organization is funding the efforts with revenue from Firefox searches, which has jumped since 2014 when it switched from a global deal with Google to a set of regional deals. Mozilla brought in $421 million in revenue last year largely through partnerships with Yahoo in the US, Yandex in Russia and Baidu in China, according to tax documents released alongside Mozilla's 2015 annual report on Thursday. Pushing policy work brings new challenges well beyond traditional Mozilla work competing against Google's Chrome browser and Microsoft's Internet Explorer. They include squaring off against the incoming administration of Donald Trump.
An anonymous reader quotes a report from Ars Technica: The Food and Drug Administration on Tuesday approved the first large-scale, phase 3 clinical trial of ecstasy in patients suffering from post-traumatic stress disorder (PTSD), the New York Times reported. The regulatory green-light follows six smaller-scale trials that showed remarkable success using the drug. In fact, some of the 130 PTSD patients involved in those trials say ecstasy -- or 3,4-Methylenedioxymethamphetamine (MDMA) -- saved them from the devastating impacts of PTSD after more than a decade of seeing no improvement with the other treatment options available. Currently, the best of those established treatment options can only improve symptoms in 60 to 70 percent of PTSD patients, one expert noted. However, after one of the early MDMA studies, the drug had completely erased all traces of symptoms in two-thirds of PTSD patients. The new Phase 3 trial will involve at least 230 patients and is planned to start in 2017. Like the other trials, it is backed by the Multidisciplinary Association for Psychedelic Studies (MAPS), a nonprofit created in 1985 to advocate for the medical benefits and use of psychedelic drugs, such as MDMA and marijuana. Also like the others, the new, larger trial will involve a limited number of MDMA treatments administered by professional psychotherapists as part of a therapy program. In previous trials, patients spent 12 weeks in a psychotherapy program, including three eight-hour sessions in which they took MDMA and talked through traumatic memories.
Twitter has made a serious effort as of late to limit hate speech on its social media site, especially after Election Day where "biased graffiti, assaults and other incidents have been reported in the news." The company now faces President-elect Donald Trump, who has used Twitter for the past 18 months as a megaphone for his views and rants, which many would consider as "hate speech." According to the American Bar Association, hate speech is "speech that offends, threatens, or insults groups, based on race, color, religion, national origin, sexual orientation, or other traits." Quartz reports: While Trump's deceptive tweets may not violate Twitter's rules against harassment, threats and "hateful conduct," Twitter is still keeping an eye on his account for more egregious offenses. This week, the company told Slate it would consider banning key government officials, even the president, if its rules against hate speech or other language were violated. "The Twitter Rules prohibit violent threats, harassment, hateful conduct, and multiple account abuse, and we will take action on accounts violating those policies," a spokesperson wrote. Twitter confirmed with Quartz that everyone, including government officials, were subject to the policy: "The Twitter Rules apply to all accounts," a spokesman wrote. Trump may not have crossed that line yet, but he hasn't exactly refrained from making incendiary claims. Most recently, he claimed that Abdul Razak Ali Artan, who allegedly carried out an attack injuring 11 students at Ohio State University, "should not have been in our country." Artan was a legal permanent U.S. resident, whose family had fled Somalia for Pakistan in 2007. He arrived in the States in 2014.
An anonymous reader quotes a report from Computerworld: A Firefox zero-day being used in the wild to target Tor users is using code that is nearly identical to what the FBI used in 2013 to unmask Tor-users. A Tor browser user notified the Tor mailing list of the newly discovered exploit, posting the exploit code to the mailing list via a Sigaint darknet email address. A short time later, Roger Dingledine, co-founder of the Tor Project Team, confirmed that the Firefox team had been notified, had "found the bug" and were "working on a patch." On Monday, Mozilla released a security update to close off a different critical vulnerability in Firefox. Dan Guido, CEO of TrailofBits, noted on Twitter, that "it's a garden variety use-after-free, not a heap overflow" and it's "not an advanced exploit." He added that the vulnerability is also present on the Mac OS, "but the exploit does not include support for targeting any operating system but Windows." Security researcher Joshua Yabut told Ars Technica that the exploit code is "100% effective for remote code execution on Windows systems." "The shellcode used is almost exactly the shellcode of the 2013 one," tweeted a security researcher going by TheWack0lian. He added, "When I first noticed the old shellcode was so similar, I had to double-check the dates to make sure I wasn't looking at a 3-year-old post." He's referring to the 2013 payload used by the FBI to deanonymize Tor-users visiting a child porn site. The attack allowed the FBI to tag Tor browser users who believed they were anonymous while visiting a "hidden" child porn site on Freedom Hosting; the exploit code forced the browser to send information such as MAC address, hostname and IP address to a third-party server with a public IP address; the feds could use that data to obtain users' identities via their ISPs.
Last week, President-elect Donald Trump appointed two new advisers to his transition team that will oversee his FCC and telecommunications policy agenda. Trump has added a third adviser today who, like the other two advisers, is a staunch opponent of net neutrality regulations. DSLReports adds: The incoming President chose Roslyn Layton, a visiting fellow at the broadband-industry-funded American Enterprise Institute, to help select the new FCC boss and guide the Trump administration on telecom policy. Layton joins Jeffrey Eisenach, a former Verizon consultant and vocal net neutrality critic, and Mark Jamison, a former Sprint lobbyist that has also fought tooth and nail against net neutrality; recently going so far as to argue he doesn't think telecom monopolies exist. Like Eisenach and Jamison, Layton has made a career out of fighting relentlessly against most of the FCC's more consumer-focused efforts, including net neutrality, consumer privacy rules, and increased competition in the residential broadband space. Back in October, Layton posted an article to the AEI blog proclaiming that the FCC's new privacy rules, which give consumers greater control over how their data is collected and sold, were somehow part of a "partisan endgame of corporate favoritism" that weren't necessary and only confused customers. Layton also has made it abundantly clear she supports zero rating, the practice of letting ISPs give their own (or high paying partners') content cap-exemption and therefore a competitive advantage in the market. She has similarly, again like Eisenach and Jamison, supported rolling back the FCC's classification of ISPs as common carriers under Title II, which would kill the existing net neutrality rules and greatly weaken the FCC's ability to protect consumers.
With the most recent update to Uber's ride-hailing app, the company has begun requesting users if they are willing to share their location data with Uber app even while the app is not in use. The company says it plans to use the data gained to improve user experience -- including offering improved pick-up times and locations. From an article on Business Insider: In August the company moved away from using Google Maps for its service and began using its own mapping technology. Google's lack of accuracy in many non-Western countries led to increased friction between consumers and drivers. This means the company needs to boost the amount of location data it has. Location data could also be used to provide new channels of revenue for the digital platform. This could include serving ads of local businesses or recommending nearby places of interest to users. Mobile marketing, which relies on accurate location data is a rapidly growing industry and could serve as a revenue windfall for Uber in the years ahead as it faces increasing competition. In fact, revenue from location-targeted mobile ads is expected to grow at an annualized rate of almost 34% between 2014 and 2019, surpassing $18 billion, according to a forecast from BIA/Kelsey.
A last-ditch effort in the Senate to block or delay rule changes that would expand the U.S. government's hacking powers failed Wednesday, despite concerns the changes would jeopardize the privacy rights of innocent Americans and risk possible abuse by the incoming administration of President-elect Donald Trump. Reuters adds: Democratic Senator Ron Wyden attempted three times to delay the changes which, will take effect on Thursday and allow U.S. judges will be able to issue search warrants that give the FBI the authority to remotely access computers in any jurisdiction, potentially even overseas. His efforts were blocked by Senator John Cornyn of Texas, the Senate's second-ranking Republican. The changes will allow judges to issue warrants in cases when a suspect uses anonymizing technology to conceal the location of his or her computer or for an investigation into a network of hacked or infected computers, such as a botnet.
Photo-filter app Prisma, the popular program which makes pictures and video look like painterly art, had its access to Facebook's Live Video API revoked this month. From a report on NYMag:According to Prisma, Facebook justified choking off Prisma's access by stating, "Your app streams video from a mobile device camera, which can already be done through the Facebook app. The Live Video API is meant to let people publish live video content from other sources such as professional cameras, multi-camera setups, games or screencasts." This is the implied aim of Facebook's video API, the technical entry point for producers to pump video into Facebook's network: The API is meant for broadcasting setups that are not phone-based. The problem is that none of this is explained in Facebook's documentation for developers. In fact, it states the opposite. Here is the very first question from the company's Live API FAQ: "The Live API is a data feed and the "glue" needed to create higher-quality live videos on Facebook. It allows you to send live content directly to Facebook from any camera."
Speculations have turned out be true. The Chinese government is now testing systems that will be used to create digital records of citizens' social and financial behavior. In turn, these will be used to create a so-called social credit score, which will determine whether individuals have access to services, from travel and education to loans and insurance cover. Some citizens -- such as lawyers and journalists -- will be more closely monitored. From a report on MIT Technology Review: Planning documents apparently describe the system as being created to "allow the trustworthy to roam everywhere under heaven while making it hard for the discredited to take a single step." The Journal claims that the system will at first log "infractions such as fare cheating, jaywalking and violating family-planning rules" but will be expanded in the future -- potentially even to Internet activity. Some aspects of the system are already in testing, but there are some challenges to implementing such a far-reaching apparatus. It's difficult to centralize all that data, check it for accuracy, and process it, for example -- let alone feed it back into the system to control everyday life. And China has data from 1.4 billion people to handle.
An anonymous reader quotes a report from Ars Technica: The attacker who infected servers and desktop computers at the San Francisco Metropolitan Transit Agency (SFMTA) with ransomware on November 25 apparently gained access to the agency's network by way of a known vulnerability in an Oracle WebLogic server. That vulnerability is similar to the one used to hack a Maryland hospital network's systems in April and infect multiple hospitals with crypto-ransomware. And evidence suggests that SFMTA wasn't specifically targeted by the attackers; the agency just came up as a target of opportunity through a vulnerability scan. In an e-mail to Ars, SFMTA spokesperson Paul Rose said that on November 25, "we became aware of a potential security issue with our computer systems, including e-mail." The ransomware "encrypted some systems mainly affecting computer workstations," he said, "as well as access to various systems. However, the SFMTA network was not breached from the outside, nor did hackers gain entry through our firewalls. Muni operations and safety were not affected. Our customer payment systems were not hacked. Also, despite media reports, no data was accessed from any of our servers." That description of the ransomware attack is not consistent with some of the evidence of previous ransomware attacks by those behind the SFMTA incident -- which Rose said primarily affected about 900 desktop computers throughout the agency. Based on communications uncovered from the ransomware operator behind the Muni attack published by security reporter Brian Krebs, an SFMTA Web-facing server was likely compromised by what is referred to as a "deserialization" attack after it was identified by a vulnerability scan. A security researcher told Krebs that he had been able to gain access to the mailbox used in the malware attack on the Russian e-mail and search provider Yandex by guessing its owner's security question, and he provided details from the mailbox and another linked mailbox on Yandex. Based on details found in e-mails for the accounts, the attacker ran a server loaded with open source vulnerability scanning tools to identify and compromise servers to use in spreading the ransomware, known as HDDCryptor and Mamba, within multiple organizations' networks.
An anonymous reader quotes a report from BleepingComputer: Windows security expert and infrastructure trainer Sami Laiho says that by holding SHIFT + F10 while a Windows 10 computer is installing a new OS build, an attacker can open a command-line interface with SYSTEM privileges. This CLI debugging interface also grants the attacker full access to the computer's hard drive data, despite the presence of BitLocker. The CLI debugging interface is present when updating to new Windows 10 and Windows 10 Insiders builds. The most obvious exploitation scenario is when a user leaves his computer unattended during the update procedure. A malicious insider can open the CLI debugger and perform malicious operations under a root user, despite BitLocker's presence. But there are other scenarios where Laiho's SHIFT + F10 trick can come in handy. For example when police have seized computers from users who deployed BitLocker or when someone steals your laptop. Windows 10 defaults help police/thieves in this case because these defaults forcibly update computers, even if the user hasn't logged on for weeks or months. This CLI debugging interface grants the attacker full access to the computer's hard drive, despite the presence of BitLocker. The reason is that during the Windows 10 update procedure, the OS disables BitLocker while the Windows PE (Preinstallation Environment) installs a new image of the main Windows 10 operating system. "This [update procedure] has a feature for troubleshooting that allows you to press SHIFT + F10 to get a Command Prompt," Laiho writes on his blog. "The real issue here is the Elevation of Privilege that takes a non-admin to SYSTEM (the root of Windows) even on a BitLocker (Microsoft's hard disk encryption) protected machine." Laiho informed Microsoft of the issue and the company is apparently working on a fix.
An anonymous reader quotes a report from Ars Technica: Congress has passed a law protecting the right of U.S. consumers to post negative online reviews without fear of retaliation from companies. The bipartisan Consumer Review Fairness Act was passed by unanimous consent in the U.S. Senate yesterday, a Senate Commerce Committee announcement said. The bill, introduced in 2014, was already approved by the House of Representatives and now awaits President Obama's signature. The Consumer Review Fairness Act -- full text available here -- voids any provision in a form contract that prohibits or restricts customers from posting reviews about the goods, services, or conduct of the company providing the product or service. It also voids provisions that impose penalties or fees on customers for posting online reviews as well as those that require customers to give up the intellectual property rights related to such reviews. The legislation empowers the Federal Trade Commission to enforce the new law and impose penalties when necessary. The bill also protects reviews that aren't available via the Internet.
The future for one of the few remaining alternative mobile OS platforms, Jolla's Sailfish OS, looks to be taking clearer shape. Today the Finnish company which develops and maintains the core code, with the aim of licensing it to others, announced Sailfish has achieved domestic certification in Russia for government and corporate use. TechCrunch adds:In recent years the Russian government has made moves to encourage the development of alternatives to the duopoly of US-dominated smartphone platforms, Android and Apple's iOS -- flagging Sailfish as one possibility, along with Tizen. Although Sailfish looks to have won out as the preferred Android alternative for Russia at this point. The government has said it wants to radically reduce its reliance on foreign mobile OSes -- to 50 per cent by 2025 vs the 95 per cent of the market garnered by Android and iOS in 2015. Sailfish's local certification in Russia also follows an announcement earlier this year that a new Russian company, Open Mobile Platform (OMP), had licensed the OS with the intention of developing a custom version of the platform for use in the domestic market. So, in other words, a Russian, strategic 'Android alternative' is currently being built on Sailfish.
From a report on Motherboard: On Tuesday, the UK is due to pass its controversial new surveillance law, the Investigatory Powers Act, according to the Home Office. The Act, which has received overwhelming support in both the House of Commons and Lords, formally legalizes a number of mass surveillance programs revealed by Edward Snowden in 2013. It also introduces a new power which will force internet service providers to store browsing data on all customers for 12 months. Civil liberties campaigners have described the Act as one of the most extreme surveillance laws in any democracy, while law enforcement agencies believe that the collection of browsing data is vital in an age of ubiquitous internet communications. "The Investigatory Powers Act 2016 will ensure that law enforcement and the security and intelligence agencies have the powers they need in a digital age to disrupt terrorist attacks, subject to strict safeguards and world-leading oversight," a statement from the Home Office reads. Much of the Act gives stronger legal footing to the UK's various bulk powers, including "bulk interception," which is, in general terms, the collection of internet and phone communications en masse. In June 2013, using documents provided by Edward Snowden, The Guardian revealed that the GCHQ taps fibre-optic undersea cables in order to intercept emails, internet histories, calls, and a wealth of other data. Update: "Snooper's charter" bill has become the law. The home secretary said:"The Investigatory Powers Act is world-leading legislation, that provides unprecedented transparency and substantial privacy protection. "The government is clear that, at a time of heightened security threat, it is essential our law enforcement and security and intelligence services have the power they need to keep people safe. The internet presents new opportunities for terrorists and we must ensure we have the capabilities to confront this challenge. But it is also right that these powers are subject to strict safeguards and rigorous oversight."