Last week, you asked questions of Eugene Kaspersky; below, find his answers on a range of topics, from the relationship of malware makers to malware hunters, to Kasperky Labs' relationship to the Putin government, as well as whitelisting vs. signature-based detection, Internet ID schemes, and the SCADA-specific operating system Kaspersky is working on. Spoiler: There are a lot of interesting facts here, as well as some teases.
Sign up for the Slashdot Daily Newsletter! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. ×
interval1066 writes "In a breathtaking new move by (another) little-known national security agency, the personal information of all U.S. citizens will be available for casual perusal. The 'National Counterterrorism Center' (I've never heard of this org) may now 'examine the government files of U.S. citizens for possible criminal behavior, even if there is no reason to suspect them.' This is different from past bureaucratic practice (never mind due process) in that a government agency not in the list of agencies approved to to certain things without due process may completely bypass due process and store (for up to 5 years) these records, the organization doesn't need a warrant, or have any kind of oversight of any kind. They will be sifting through these records looking for 'counter-insurgency activity,' supposedly with an eye to prevention. If this doesn't wake you up and chill you to your very bone, not too sure there is anything that will anyway."
Frequent contributor Bennett Haselton writes: "Hotmail and Yahoo Mail are apparently sharing a secret blacklist of domain names such that any mention of these domains will cause a message to be bounced back to the sender as spam. I found out about this because — surprise! — some of my new proxy site domains ended up on the blacklist. Hotmail and Yahoo are stonewalling, but here's what I've dug up so far — and why you should care." Read on for much more on how Bennett figured out what's going on, and why it's a hard problem to solve.
netbuzz writes "A new law banning broadcasters from delivering TV commercials at a higher volume takes effect today at the end of a yearlong implementation period. Called the CALM Act, or Commercial Advertisement Loudness Mitigation Act, the law does provide for violators to be fined. TV commercials that crank up the volume have been the No. 1 complaint logged with the FCC over the last 10 years."
NewYorkCountryLawyer writes "Jammie Thomas-Rasset, the Native American Minnesotan found by a jury to have downloaded 24 mp3 files of RIAA singles, has filed a petition for certioriari to the United States Supreme Court, arguing that the award of $220,000 in statutory damages is excessive, in violation of the Due Process Clause. Her petition (PDF) argued that the RIAA's litigation campaign was 'extortion, not law,' and pointed out that '[a]rbitrary statutory damages made the RIAA's litigation campaign possible; in turn,that campaign has inspired copycats like the so-called Copyright Enforcement Group; the U.S. Copyright Group, which has already sued more than 20,000 individual movie downloaders; and Righthaven, which sued bloggers. This Court should grant certiorari to review this use of the federal courts as a scourge.'"
mpawlo writes "Mr Julian Assange of Wikileaks fame, has, according to The Age, confirmed his intention to run for the Australian Senate in 2013. He will also form a Wikileaks political party. From the article: 'Mr Assange said plans to register an Australian WikiLeaks party were ''significantly advanced''. He indicated he would be a Senate candidate, and added that "a number of very worthy people admired by the Australian public" have indicated their availability to stand for election on a party ticket. Mr Assange said he is able to fulfill the requirements to register as an overseas elector in either New South Wales or Victoria and that he will shortly take a "strategic decision" about which state he would be a Senate candidate for.'"
dstates writes "The FCC is considering one of the biggest regulatory changes in decades: allowing a newly available chunk of wireless spectrum to be leased by different users at different times and places, rather than being auctioned off to one high bidder. The plan is to open a new WiFi with spectrum in the 3.550 to 3.650 gigahertz band now used by radar systems. Under the proposed rule to be voted on Wednesday, users could reserve pieces of that spectrum in different regions and at different time managed by a central database. Spectrum sharing is a dramatic change with a potential to make bandwidth accessible to many users. The plan has met with mixed reviews from the cellular carriers."
Orome1 writes "The voting period for the proposed changes to Facebook's Statement of Rights and Responsibilities and Data Use Policy has ended on Monday, and despite the email sent out to the users asking them to review the changes and cast their vote, less than one percent of all users have done so. 'An external auditor has reviewed and confirmed the final results. Of the 668,872 people who voted, 589,141 recommended we keep our existing SRR and Data Use Policy,' stated Elliot Schrage, Facebook's vice president of communications, public policy, and marketing. Still, that is not nearly enough to prevent the proposed changes — as required by Facebook, at least 30 percent of the users should have voted against them in order to keep the previous versions of the policies. Schrage pointed out that that the whole experience illustrated the clear value of Facebook's notice and comment process."
Reuters reports that John McAfee's troubles in Central America seem to be coming to an end. After a Guatemalan judge ordered McAfee's release yesterday, the country's immigration authorities have now deported him, putting him on a plane to Miami this afternoon. McAfee told ABC News, "They took me out of my cell and put me on a freaking airplane. I had no choice in the matter." Which is not to say he's unhappy with the outcome: "It was the most gracious expulsion I've ever experienced. Compared to my past two wives that expelled me this isn't a terrible trip."
An anonymous reader writes "Egyptian blogger Alber Saber, maintainer of the Egyptian Atheists Facebook page, has been sentenced to three years in prison under Egypt's blasphemy law for posting the trailer for the anti-Muslim film Innocence of Muslims. This film was widely blamed for al-Qaeda's coordinated attacks on U.S. embassies on September 11 of this year, which were meant to pressure the U.S. for the release of Omar Abdel-Rahman, who is imprisoned in the U.S. for his role in the World Trade Center attack of 1993. Amnesty International calls the sentence an 'outrageous' assault on freedom of expression."
eldavojohn writes "Dr. Charles 'Chip' Groat, lead author of a study claiming there was no link between fracking and water contamination, has resigned at the University of Texas along with Dr. Raymond Orbach, the head of UT's Energy Institute. The reason is that Groat served on the board of a drilling company and received compensation totaling over $1.5 million from that entity over the last five years including time he spent writing the study. After the Public Accountability Initiative gave the UT report a thorough beating for failing to mention this it sparked UT to recommend the report's withdrawal. PAI said the original report was 'based on literature surveys, incident reports and conjecture' and criticized UT's press from downplaying the many caveats. PAI also said conclusions of the original report were 'tentative,' that the press coverage was 'inappropriately selective' and 'seemed to suggest that public concerns were without scientific basis and largely resulted from media bias.' This study was also covered by Slashdot via MSNBC quoting Groat and calling fracking safe in theory but not in practice."
chicksdaddy writes with news of a remote exploit in Samsung Smart TVs, and a warning for those who got one with a built-in camera. From the article: "The company that made headlines in October for publicizing zero day holes in SCADA products now says it has uncovered a remotely exploitable security hole in Samsung Smart TVs. If left unpatched, the vulnerability could allow hackers to make off with owners' social media credentials and even to spy on those watching the TV using built-in video cameras and microphones. In an e-mail exchange with Security Ledger, the Malta-based firm said that the previously unknown ('zero day') hole affects Samsung Smart TVs running the latest version of the company's Linux-based firmware. It could give an attacker the ability to access any file available on the remote device, as well as external devices (such as USB drives) connected to the TV. And, in a Orwellian twist, the hole could be used to access cameras and microphones attached to the Smart TVs, giving remote attacker the ability to spy on those viewing a compromised set."
An anonymous reader writes "Darren Nix works for 42Floors, a business that uses its website to help people find office space. He recently received a marketing email for a service that offered to identify visitors to his website. After squeezing some information out of the marketer and playing around with a demo account, he now explains exactly how sketchy companies track your presence across multiple websites. The marketer offered to provide Nix with 'tracking code that would sit in your web site' which would 'grab a few key pieces of data from each visitor.' This includes IP addresses and search engine data. The marketer's company would then automatically analyze the data to try to identify the user and send back whatever personal information they've collected on that user from different websites. Thus, it's entirely possible for a site to know your name, email address, and company on your very first visit, and without any interaction on your part. Nix writes, 'A real-world analogue would be this scenario: You drive to Home Depot and walk in. Closed-circuit cameras match your face against a database of every shopper that has used a credit card at Walmart or Target and identifies you by name, address, and phone. If you happen to walk out the front door without buying anything your phone buzzes with a text message from Home Depot offering you a 10% discount good for the next hour. Farfetched? I don't think so. ... All the necessary pieces already exist, they just haven't been combined yet.'"
TCPALaw writes "ccAdvertising, a company purported to have 'a long, long, long history of pumping spam out of every telecommunications orifice, and even boasting of voter suppression' has asked the FCC to declare spam filters illegal. Citing Free Speech rights, the company claims wireless carriers should be prohibited from employing spam filters that might block ccAdvertising's political spam. Without stating it explicitly, the filing implies that network neutrality must apply to spam, so the FCC must therefore prohibit spam filters (unless political spam is whitelisted). In an earlier filing, the company suggests it is proper that recipients 'bear some cost' of unsolicited political speech sent to their cell phones. The public can file comments with the FCC on ccAdvertising's filing online."
An anonymous reader points out an AP report which says a judge in Guatemala has ordered the release of John McAfee from a detention center. "Lawyer Telesforo Guerra said the judge notified him verbally of the ruling, but added that it may take a day for formal written notification to win McAfee's release, possibly as soon as Wednesday." McAfee, on the run from Belizean police, was arrested in Guatemala several days ago after making himself known to authorities. He did so because a pair of reporters who were interviewing him posted a photo which included metadata on the photo's location. In a live broadcast on Sunday, McAfee expressed a desire to return to the U.S. "I simply would like to live comfortably day by day, fish, swim, enjoy my declining years. My long-term plan was simply to get away from Belize, think, and decide what to do."
New submitter Nerdolicious writes "Ars Technica reports that Voltage Pictures, the studio behind the infamous Hurt Locker debacle, has requested subscriber information for thousands of TekSavvy customers in relation to alleged copyright infringements. In their official blog, TekSavvy clarifies the situation and provides further reassurance that they will not release any private customer information without a court order. They have also posted the legal documents containing both the official notice and list of films that are the subjects of the alleged infringements. However, several questions remain to be answered: will Canadian courts be amicable to these tactics after changes to copyright law were made specifically to prevent the predatory legal entanglement of Canadian citizens? Will the studio actually attempt to pursue the situation beyond the proliferation of threatening extortion letters? How would the already-clogged courts react to what amounts to denial-of-service attack on the judicial system?"
Dupple writes "There's a two page article over on IT World detailing a new patent system passed by the European Parliament that will unify the patent process across most countries in the EU. Quoting: 'Parliament adopted all three proposed regulations needed to form the new patent system on Tuesday: the regulation on a Unitary Patent, the language regime and the formation of a new unified patent court system. Not all European Union member states want a part in the new system: Italy and Spain refused to participate, although they may join at any time. The new system will cut the cost of obtaining a patent in the participating countries by up to 80 percent, the Parliament said. The patents will be made available in English, French and German and applications will have to be made in one of those three languages. Not everyone was pleased with the newly adopted regulation though. MEPs opposing the adopted text are concerned the new system is going to be bad for innovation and business, and by voting for the text, the Parliament is giving away powers, they said. The new regulation "means the European Parliament will abdicate all its political powers to an organization ... that is outside of the E.U.," said Christian Engström, Pirate Party member of parliament, adding that he still wanted a European patent as long as it did not hamper innovation as he believes the proposal in its current form does.'"
megla writes "The BBC is reporting that the Draft Communications Bill is going to be re-written following widespread opposition. The hugely controversial bill would, as it stands, require ISPs to retain vast amounts of data and grant broad powers to authorities to access it, in some cases without needing any permission at all. For those who are interested in the gritty details the first parliamentary report into the legislation is sharply critical at times. This is good news for anyone in the UK who values their privacy, but it may not be enough. Many would prefer to see the bill scrapped entirely." Opposition to the bill, at least in its original form, isn't just from crazy civil libertarian types, either; reader judgecorp points out that it even includes Deputy prime minister of Britain Nick Clegg.
Techmeology writes "The BPI has threatened to sue the Pirate Party for allowing people access to The Pirate Bay through its proxy service. The leader of the Pirate Party UK, Loz Kaye said his party would go to court over the issue. Kaye said that he was determined to defend his party's principles even in the face of an expensive legal battle."
Hugh Pickens writes writes "AP reports that if disaster strikes a US nuclear power plant, the utility industry wants the ability to fly in heavy-duty equipment from regional hubs to stricken reactors to avert a meltdown providing another layer of defense in case a Fukushima-style disaster destroys a nuclear plant's multiple backup systems. 'It became very clear in Japan that utilities became quickly overwhelmed,' says Joe Pollock, vice president for nuclear operations at the Nuclear Energy Institute, an industry lobbying group that is spearheading the effort. US nuclear plants already have backup safety systems and are supposed to withstand the worst possible disasters in their regions, including hurricanes, tornadoes, floods and earthquakes. But planners can be wrong. The industry plan, called FLEX, is the nuclear industry's method for meeting new US Nuclear Regulatory Commission rules that will force 65 plants in the US to get extra emergency equipment on site and store it protectively. The FLEX program is supposed to help nuclear plants handle the biggest disasters. Under the plan, plant operators can summon help from the regional centers in Memphis and Phoenix. In addition to having several duplicate sets of plant emergency gear, industry officials say the centers will likely have heavier equipment that could include an emergency generator large enough to power a plant's emergency cooling systems, equipment to treat cooling water and extra radiation protection gear for workers. Federal regulators must still decide whether to approve the plans submitted by individual plants. 'They need to show us not just that they have the pump, but that they've done all the appropriate designing and engineering so that they have a hookup for that pump,' says NRC spokesman Scott Burnell said. 'They're not going to be trying to figure out, "Where are we going to plug this thing in?"'"