danomac writes "Police agencies in Canada want to have better tools to do online surveillance. Bill C-30 was to include new legislation (specifically Section 34) that would give police access to information without a warrant. This can contain your name, your IP address, and your mobile phone number. This, of course, creates all sorts of issues with privacy online. The police themselves say they have concerns with Section 34. Apparently, the way it is worded, it is not just police that can request the information, but any government agent. Would you trust the government with this kind of power?"

CowboyRobot writes "As budgets are pinched by reduced tax collection, many U.S. states are facing a possibility of not being able to handle the ever-increasing number of data breaches. 70% of state chief information security officers (CISOs) reported a data breach this year, each of which can cost up to $5M in some states. 'Cybersecurity accounts for about 1 to 2 percent of the overall IT budget in state agencies. ... 82 percent of the state CISOs point to phishing and pharming as the top threats to their agencies, a threat they say will continue in 2013, followed by social engineering, increasingly sophisticated malware threats, and mobile devices.' The full 2012 Deloitte-National Association of State Chief Information Officers (NASCIO) Cybersecurity Study is available online (PDF)."

alphadogg writes "The $100 million price differential between the Alcatel-Lucent and Cisco proposals to refresh California State University's 23-campus network revealed earlier this week was based on an identical number of switches and routers in various configurations. CSU allowed Network World to review spreadsheets calculating the eight-year total cost of ownership of each of the five bidders for the project. 'Everybody had to comply with this spreadsheet,' said CSU's director of cyberinfrastructure. 'Alcatel-Lucent won the project with a bid of $22 million. Cisco was the high bidder with a cost just under $123 million. Not only was Cisco's bid more than five-and-a-half times that of Alcatel-Lucent's, it was three times that of the next highest bidder: HP, at $41 million.'"

Penurious Penguin writes "Last year a Slashdot story mentioned the case of Daniel David Rigmaiden, or 'the Hacker.' With the help of an IMSI-catcher device, law enforcement had been able to locate and arrest the elusive 'Hacker,' leading to U.S. v. Rigmaiden. But far more elusive than the 'Hacker,' is the IMSI-catcher device itself — particularly the legalities governing its use. The secrecy and unconstitutionality of these Man In The Middle devices, i.e. 'stingrays,' has caught some attention. The EFF and ACLU have submitted an amicus brief in the Rigmaiden case; and EPIC, after filing an FOIA request in February and receiving a grossly redacted 67 out of 25,000 (6,000 classified) pages on the "stingray" devices, has now requested a district judge expedite disclosure of all documents. Some Judges also seem wary of the 'stingray,' having expressed concerns that their use violates the Fourth Amendment; and additionally, that information explaining how the technology is used remains too obscure. Perhaps the most controversial aspect of ISMI-catchers is their several-kilometer range. When a "stingray" is used to spoof a cellphone tower, thousands of innocent users may be collaterally involved. And while the government claims to delete all gathered data unrelated to the target, it also means no one else can know what that data really was. The government claims that because only attributes of calls — but not their content — are captured in the attack, search warrants aren't necessary." (More, below.)

Registered Coward v2 writes "The U.S. Supreme Court is set to hear a case to determine how copyright law and the doctrine of first sale applies to copyrighted works bought overseas, then imported to the U.S. and then re-sold. The case involves a foreign student who imported textbooks from Asia and the resold them in the U.S. to help fund his education. He was sued by the publisher, lost, and was ordered to pay $600,000 in damages. Now SCOTUS gets to weigh in on the issue. 'The idea -- upheld by the Supreme Court since 1908 -- is that once a copyright holder legally sells a product initially, the ownership claim is then exhausted, giving the buyer the power to resell, destroy, donate, whatever. It's a limited idea -- involving only a buyer's distribution right, not the power to reproduce that DVD or designer dress for sale. ... The tricky part is whether that first-sale doctrine applies to material both manufactured and first purchased outside the United States. Federal law gives that authority to a purchaser's work "lawfully made under this title." Does "this title" apply to any copyrighted work — whether manufactured all or in part in the United States and around the world?"

Taco Cowboy writes "The New York Times has become the latest target of Chinese censorship. Censors of the People's Republic of China, in an almost unheard of, truly remarkable feat of neck-breaking speed, blocked the (paywalled) website of the New York Times, all because of one news article. That particular article was about the enormous wealth of the family members of a very prominent figure in the Chinese Communist Party (CCP) — Chinese Premier Wen Jia Bao. The wealth in question totals some USD 2.7 billion. " (Also covered at the BBC.)

dsinc writes "And so it begins... Yahoo has made it official: it won't honor the Do Not Track request issued by Internet Explorer 10. Their justification? '[T]he DNT signal from IE10 doesn't express user intent" and "DNT can be easily abused.'" Wonder what percentage of users would rather be tracked by default.

whoever57 writes "The man who claimed ownership of 50% of Facebook has been arrested and charged with fraud in connection with his claims. The United States attorney in Manhattan said, 'Ceglia's alleged conduct not only constitutes a massive fraud attempt, but also an attempted corruption of our legal system through the manufacture of false evidence.' 'Dressing up a fraud as a lawsuit does not immunize you from prosecution.'"

New submitter Escape From NY writes "3.6 million Social Security numbers and 387,000 credit and debit card numbers were stolen from the SC Department of Revenue. Most of the credit and debit card numbers were encrypted — all but about 16,000. There were several different attacks, all of which originated outside the country. The first they're aware of happened on August 27, and four more happened in September. Officials first learned of the breach on October 10, and the security holes were closed on October 20. This is still a developing story, but anyone who filed a SC state tax return since 1998 my be at risk. Governor Nikki Haley today signed an executive order (PDF) to beef up the state's IT security."

An anonymous reader writes "TechCrunch has launched a project called CrunchGov, which aims to bring educated people together to work on tech-related government policy. 'It includes a political leaderboard that grades politicians based on how they vote on tech issues, a light legislative database of technology policy, and a public markup utility for crowdsourcing the best ideas on pending legislation.' They give politicians scores based on how their votes align with consensus on policy in the tech industry. 'A trial run of the public markup utility in Congress has already proven successful. When Rep. Issa opened his own alternative to SOPA for public markup, Project Madison participants came in droves with surprisingly specific legal suggestions. For instance, one savvy user noticed that current piracy legislation could mistakenly leave a person who owns a domain name legally responsible for the actions of the website administrator (the equivalent of holding a landlord responsible if his tenant was growing pot in the backyard). The suggestion was included in the updated bill before Congress, representing perhaps the first time that the public, en masse, could have a realistic shot at contributing to federal law purely based on the merit of their ideas.'"

We recently discussed news of a UK court ruling in which the judge decided Apple must publicly acknowledge that Samsung's Galaxy Tab did not infringe upon the iPad's design, both on the Apple website and in several publications. The acknowledgement has now been posted, and it's anything but apologetic. It states the court's ruling, helpfully referring to "Apple's registered design No. 000018607-0001," and quotes the judges words as an advertisement. The judge wrote, "The informed user's overall impression of each of the Samsung Galaxy Tablets is the following. From the front they belong to the family which includes the Apple design; but the Samsung products are very thin, almost insubstantial members of that family with unusual details on the back. They do not have the same understated and extreme simplicity which is possessed by the Apple design. They are not as cool." They go on to mention German and U.S. cases which found in Apple's favor. Apple's statement concludes, "So while the U.K. court did not find Samsung guilty of infringement, other courts have recognized that in the course of creating its Galaxy tablet, Samsung willfully copied Apple's far more popular iPad."

Penurious Penguin writes "In 2011, en route to Baltimore, Tennessee mother Andrea Abbott was arrested after squabbling with the TSA over their pat-down and "naked" body-scan process. Initially Abbott had protested a pat-down of her 14 year-old daughter, though eventually backed off. When her own turn came, she refused both a pat-down and body-scan. This week, despite having no criminal record, Abbott was found guilty of disorderly conduct and sentenced to one year of probation. A surveillance video of the affair shows what appears an agitated Abbott surrounded by various TSA agents, but seemingly contradicts the premise by which she was convicted. In the case against Abbott it was claimed that her behavior impeded the flow security-lines and lawful activity. Beyond Abbott's confession of issuing some verbal abuse, the video does not appear to display a significant blockage of traffic nor anything noticeably criminal."

An anonymous reader sent in a link to an article in Wired about the latest DMCA loophole hearing. Bad news: the federal government rejected requests that would make console modding and breaking DRM on DVDs to watch them legal. So, you dirty GNU/Linux hippies using libdvdcss better watch out: "Librarian of Congress James Billington and Register of Copyrights Maria Pallante rejected the two most-sought-after items on the docket, game-console modding and DVD cracking for personal use and 'space shifting.' Congress plays no role in the outcome. The regulators said that the controls were necessary to prevent software piracy and differentiated gaming consoles from smart phones, which legally can be jailbroken. ... On the plus side, the regulators re-authorized jailbreaking of mobile phones. On the downside, they denied it for tablets, saying an 'ebook reading device might be considered a tablet, as might a handheld video game device.'" So you can jailbreak a phone, but if it's 1" larger and considered a "tablet" you are breaking the law.

hessian writes "It's not certain that Google will face a federal antitrust lawsuit by year's end. But if that happens, it seems likely to follow an outline sketched by Thomas Barnett, a Washington, D.C., lawyer on the payroll of Google's competitors. Barnett laid out his arguments during a presentation here last night: Google is unfairly prioritizing its own services such as flight search over those offered by rivals such as Expedia, and it's unfairly incorporating reviews from Yelp without asking for permission. 'They systematically reinforce their dominance in search and search advertising,' Barnett said during a debate on search engines and antitrust organized by the Federalist Society. 'Google's case ought to have been brought a year or two ago.'"

hypnosec writes "A hacker who claims to be a member of the hacking collective Anonymous has revealed that the hacktivist group is working on a Wikileaks-like service dubbed Tyler and that it will be launched on December 21. The Anonymous member revealed that the service will be decentralized and will be based on peer-to-peer service, unlike Wikileaks, thus making Tyler rather immune to closure and raids. The site will serve as a haven for whistleblowers, where they can publish classified documents and information. The hacker said in an emailed interview that 'Tyler will be P2P encrypted software, in which every function of a disclosure platform will be handled and shared by everyone who downloads and deploys the software.'" That sounds like a lot to live up to. Decentralized, attack-resistant and encrypted all sound nice, but I'm curious both about the funding it would take, and whether it matches Wikileaks' own security.

another random user writes "A senior government official has sparked anger by advising internet users to give fake details to websites to protect their security. Andy Smith, an internet security chief at the Cabinet Office, said people should only give accurate details to trusted sites such as government ones. He said names and addresses posted on social networking sites 'can be used against you' by criminals. ... 'When you put information on the internet do not use your real name, your real date of birth,' he told a Parliament and the Internet Conference in Portcullis House, Westminster. 'When you are putting information on social networking sites don't put real combinations of information, because it can be used against you.' But he stressed that internet users should always give accurate information when they were filling in government forms on the internet, such a tax returns."

concealment writes in with a story about a newly found security issue with the bar codes on boarding passes. "Flight enthusiasts, however, recently discovered that the bar codes printed on all boarding passes — which travelers can obtain up to 24 hours before arriving at the airport — contain information on which security screening a passenger is set to receive. Details about the vulnerability spread after John Butler, an aviation blogger, drew attention to it in a post late last week. Butler said he had discovered that information stored within the bar codes of boarding passes is unencrypted, and so can be read in advance by technically minded travelers. Simply by using a smartphone or similar device to check the bar code, travelers could determine whether they would pass through full security screening, or the expedited process."

An anonymous reader writes "A web analytics company has agreed to settle Federal Trade Commission charges that it violated federal law by using its web-tracking software that collected personal data without disclosing the extent of the information that it was collecting. The company, Compete Inc., also allegedly failed to honor promises it made to protect the personal data it collected. KISSmetrics, the developer and seller of the homonymous tool, has agreed to pay up to make the suit go away, but the the two plaintiffs will get only $5,000 each, while the rest of the money — more than half a million dollars — will go to their lawyers for legal fees."

theodp writes "The USPTO lowered the bar again on Tuesday, granting U.S. Patent No. 8,296,373 to four Facebook inventors for Automatically Managing Objectionable Behavior in a Web-based Social Network, essentially warning users or suspending their accounts when their poking, friend requesting, and wall posting is deemed annoying. From the patent: 'Actions by a user exceeding the threshold may trigger the violation module 240 to take an action. For example, the point 360, which may represent fifty occurrences of an action in a five hour period, does not violate any of the policies as illustrated. However, the point 350, which represents fifty occurrences in a two hour period, violates the poke threshold 330 and the wall post threshold 340. Thus, if point 350 represents a user's actions of either poking or wall posting, then the policy is violated.'"

sl4shd0rk writes "Good news for Apple, bad news for Samsung. Yesterday, Apple filed legal papers with the International Trade Commission citing a Department of Justice investigation into whether Samsung is misusing its 'Standards essential' patents in ways which violate antitrust law. Apple claims Samsung has violated commitments to license its essential patents to competitors on fair, reasonable and non-discriminatory terms. Or, more specifically, Samsung is 'using certain patents as a basis for improper legal actions that seek to block the sale of competitors' products.' The article says Google (because of its recent acquisition, Motorola Mobility) is under the same scrutiny."