An anonymous reader writes "In an apparent reaction to the security vulnerabilities demonstrated by The H's associates at heise Security, the company behind WhatsApp Messenger is taking action against the developers of a library of functions for using the WhatsApp service via a PC. The developers have responded by removing the source code from the web. However, the popular texting alternative WhatsApp still has a major security problem. Attackers can compromise other users' accounts with relative ease, and send and receive messages from another user's account. Forked versions of the code are still available on Github."
Sign up for the Slashdot Daily Newsletter! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. ×
OverTheGeicoE writes "The Electronic Privacy Information Center (EPIC) recently filed a petition to force the Department of Homeland Security to start its public comment period on body scanners within 60 days or stop using them entirely. The Court of Appeals for the District of Columbia has issued its ruling (PDF), and has refused EPIC's petition. DHS told the court earlier that it expected to have a formal rule proposal on body scanners by the end of February, so the court denied EPIC's motion on the expectation that public comment period would start by late March. TFA and this submission have a pessimistic headline on this ruling, but other sources seem to think the glass is half-full, and that EPIC in effect got what it wanted. Is this a victory or a defeat? Will the rulemaking process start on time, or will a TSA dog eat the proposed rule in late March and force further delay?"
Trailrunner7 writes with one perspective on the inability of the Congress to pass 'cybersecurity' legislation before recessing. From the article: "They've taken innumerable swings at it, and struck out every time, ... and, for once, we all should be thankful for our lawmakers' inability to act. ... What it's not good at is understanding the Internet or acting swiftly and decisively. The current cybersecurity legislation mess is the perfect combination of those two factors. Corporations and government agencies in the U.S. have been getting their heads handed to them by attackers from around the world for several years now. Long-term, persistent campaigns have been targeting defense contractors, energy and utility companies, manufacturing firms, and government agencies with an alarming rate of success. But Congress, or at least some members of it, don't seem to understand that. Sen. Joseph Lieberman sent a letter Monday to President Obama, comparing the threat to U.S. networks from foreign attackers to the threat from terrorists before 9/11. He then urged the president to use his executive authority to somehow influence the situation. Let's be clear: If the companies that own and operate critical infrastructure — not to mention defense contractors — don't understand the nature of the threat they're facing at this point, no amount of incentives will change that. Neither Congress nor the President can fix this problem with the kinds of solutions they're considering." Reader CurseYouKhan links to a different perspective: "Chabinsky is the latest of several former Federal security types to issue warnings on the topic. Earlier this year, Shawn Henry, who recently retired as the Bureau’s top cyber-sleuth, also called for a more offense-minded approach. Ex-CIA director Michael Hayden thinks the private sector may not wait for the government to act. He expects to see the emergence of a 'digital Blackwater,' or the emergence of firms that could be hired to go all mercenary on online intruders."
nonprofiteer writes with news on what SceneTap has been up to for the last few months since. From the article: "SceneTap uses facial recognition technology to help bar-hoppers decide which night spot to go to based on how crowded a bar is and what the age and gender ratio is. ... Despite the fact that what the app does now is fairly innocuous. But what the app could do in the future, as described in a patent application filed in June, is pretty creepy. The patent application describes much more detailed data collection, including bar goers' race, height, weight, attractiveness, hair color, clothing type, and the presence of facial hair or glasses, and includes other possibilities usually left to the realm of dystopic fiction, including putting microphones in the cameras that could detect what customers are saying, and using facial recognition technology to identify customers and then get information about them from social networking websites and databases to determine 'relationship status, intelligence, education and income for the entire venue.'"
SternisheFan writes with news of a settlement in a case of Rent-to-Own firms grossly violating the privacy of their customers. From the article: "Seven rent-to-own companies and a software developer have settled federal charges that they spied on customers, ... The companies captured screenshots of confidential and personal information, logged keystrokes, and took webcam pictures of people in their homes. Their aim was to track the computers belonging to customers who were behind with their payments. 'An agreement to rent a computer doesn't give a company license to access consumers' private emails, bank account information, and medical records, or, even worse, webcam photos of people in the privacy of their own homes,' says FTC chairman Jon Leibowitz. 'The FTC orders today will put an end to their cyber spying.' Developer DesignerWare produced the software that was used to gather the information, PC Rental Agent. The package included a 'kill switch' designed to disable a computer of it was stolen, or if payments weren't made. However, an add-on program called Detective Mode could log key strokes, capture screen shots and take photographs using a computer's webcam, says the FTC in its complaint (PDF)."
CuteSteveJobs writes "The Age reports on creeping Australian government surveillance, beginning with the first operation launched on a baseless rumor. Six decades later the still-unaware victim read five months of transcripts with deep distress. Two decades ago few Australians would have consented to carrying a government-accessible tracking device, but phone and tablet data accessible without a warrant includes historic and real-time location data. In 2010-2011 there were 250,000 warrantless accesses by Federal agencies including ASIO, AFP, the Tax Office, Defence, Immigration, Citizenship, Health, Ageing, and Medicare. This is 18 times the rate of similar requests in the U.S."
Techmeology writes "The Dutch Supreme Court has asked the European Court of Justice to decide whether downloading copyrighted material for personal use — even from illegal sources — is legal. At the heart of the debate is whether the European Copyright Directive requires that any new legal copy of material must have originated from a copy that is itself legal. The case tests the law in the Netherlands, where copyright holders are granted a levy on blank media in exchange for the legalization of private copying." In the Netherlands, it is already legal to download from illegal sources. But EU law might conflict and trump that.
An anonymous reader writes "Raspberry Pi was designed for education. As any popular product is bound to, Raspberry Pi has been criticized a lot for things like lack of a box, absence of supplied charger or even WiFi. Raspberry Pi has a much more fundamental flaw, which directly conflicts with its original goal: it is a black box tightly sealed with patents and protected by corporations. It isn't even remotely an open platform." The author thinks that patents on ARM are a serious threat to the openness of the platform (among other things like the proprietary GPU blob needed to boot). But even the FSF doesn't go that far. Wired had an editorial with the foundation justifying "selling out a little to sell a lot" that has a lot of info on the choices they had to make to hit their cost target.
Penurious Penguin writes "Fuhu Inc., maker of the $199 children-tailored Nabi tablet, is suing Toys R Us. The lawsuit arises after a legal agreement (ended in January) between Fuhu and Toys R Us went awry and Toys R Us released a similar product of their own, the $150 Tabeo. The dispute alleges that Toys R Us may have intended from inception to eventually abandon the Nabi for their own future variation, the Tabeo, presumably after gathering sufficient understanding of Fuhu's design concepts and business strategies. The ZDNet article quite thoroughly covering the story notes some of the formidable investors behind Fuhu, including Acer Inc., Kingston Digital, and Foxconn Digital Inc. Fuhu also sells through retail stores such as WalMart, Target, Best Buy, GameStop and Amazon.com.Another more-recent ZDNet article further analyzes the story."
New submitter J0n45 writes "I will soon be traveling to mainland China. While I'm only a tourist, I will still be working freelance for a company back home. I know for a fact that a large amount of the websites I need to have access to on a daily basis for business reasons are censored by the Great Firewall of China. I have been using the Tor Browser for a while now for personal purposes. However Tor has been blocked by China. I was wondering if a personal proxy (connected to a computer back home) would do the trick. Would I be too easily traceable? Basically, I'm wondering if I need to try random public proxies until I find one that works or if there are any other options. What does Slashdot think?"
An anonymous reader writes "A 27-year old man was arrested yesterday in Greece (Greek-language original) by the electronic crime police, for creating a Facebook page "Geron Pastitsios" which made fun of an extremely respected Orthodox Christian monk who lived in Mount Athos, as well as the Greek Church. The arrest came promptly after the Greek far-right party — which holds 7% of the parliament seats — submitted an official petition asking the government to take down the page. The charges that the young man faces are 'blasphemy' and 'disrespect to the religious beliefs of others.'" What would the UN say?
Lucas123 writes "The very thought of losing that pear-shaped giver of warm, yellow light drove Europeans to hoard Edison's invention [Note: Or possibly Joseph Swan's invention; HT to eldavojohn.] as the EU's Sept. 1 ban on incandescent light bulbs approached. China's ban on incandescent lamps starts Oct. 1. And, in the U.S., the Energy Independence and Security Act (EISA) of 2007 effectively began banning the 100W bulb this year and will ban the most popular bulbs — the 75W, 60W and 40W screw-in incandescent bulbs --over the next two years. The end standard requires bulbs to use 65% less energy by 2020. But Republicans in Congress continue to fight the ban by hamstringing the energy efficiency standards through appropriations legislation, cutting off funds for the enforcement of the light bulb ban."
An anonymous reader writes "Has Immigration Minister Jason Kenney been emailing you? Maybe it's because you're gay. The minister sent out an email on Sept 24 lauding the government's efforts to protect and promote queer rights abroad. It highlights the 'emphasis . . . on gay and lesbian refugee protection, which is without precedent in Canada's immigration history.' The Ottawa Citizen's Glen McGregor broke the story, complete with reaction over the 'creepy' letter. For many who received an email from Citizenship and Immigration Minister Jason Kenney about gay refugees on Friday, the message raised one important question: How did he know I'm gay? The Conservatives have targeted written messages at minority communities in the past, most notably using direct mail lists to send out greetings to Jewish voters on religious holidays. Some recipients were alarmed by the prospect of the government assembling lists based on ethnicity or religious beliefs. Surely creating such a list will become easier when you are forced to use your real identities on social sites."
Trailrunner7 writes with this excerpt from Threatpost: "For the last five years, NIST, the government body charged with developing new standards for computer security, among other things, has been searching for a new hash function to replace the aging SHA-2 function. Five years is a long time, but this is the federal government and things move at their own pace in Washington, but NIST soon will be announcing the winner from the five finalists that were chosen last year. Despite the problems that have cropped up with some versions of SHA-2 in the past and the long wait for the new function, there doesn't seem to be much in the way of breathless anticipation for this announcement. So much so, in fact, that Bruce Schneier, a co-author of one of the finalists not only isn't hoping that his entry wins, he's hoping that none of them wins. ... It's not because Schneier doesn't think the finalists are worthy of winning. In fact, he says, they're all good and fast and perfectly capable. The problem is, he doesn't think that the world needs a new hash function standard at all. SHA-512, the stronger version of the SHA-2 function that's been in use for more than a decade, is still holding up fine, Schneier said, which was not what cryptographers anticipated would be the case when the SHA-3 competition was conceived. 'I expect SHA-2 to be still acceptable for the foreseeable future. That's the problem. It's not like AES. Everyone knew that DES was dead — and triple-DES was too slow and clunky — and we needed something new. So when AES appeared, people switched as soon as they could. This will be different,' Schneier said via email."
curtwoodward writes "Intellectual Ventures, the controversial patent middleman company headed by former Microsoft CTO Nathan Myhrvold, has settled one of the first lawsuits it ever filed. This legal spat was with two Asian firms: South Korea-based Hynix and Japan-based Elpida. It also involved a complaint to the International Trade Commission, which roped in downstream customers including Dell and H-P because they used components from the two manufacturers. The terms weren't disclosed, but it seems quite likely that Intellectual Ventures was able to get the licensing fees it always wanted: The company's head lawyer is quoted praising the two former adversaries, and explaining once again that the company wants to license its patents instead of heading to court."
hlovy writes "Iran moved forward with their previously discussed plans for a domestic version of the Internet over the weekend, as government officials announced that Google would be one of the first websites to be filtered through their state-controlled information network. According to Reuters, officials are claiming that the country's self-contained version of the World Wide Web, which was first announced last week, is part of an initiative to improve cyber security. However, it will reportedly also give the country the ability to better control the type of information that users can access online."
An anonymous reader writes "In a blog post responding to the latest controversy over Ubuntu, Mark Shuttleworth says 'integrating online scope results' are 'not putting ads in Ubuntu' because the shopping results 'are not paid placement', but 'straightforward search results'. He goes on to explain his plans to make the Home Lens of the Dash a place to find 'anything anywhere'. Like a cross between Chrome OS's new app launcher, Siri and Google Now 'it will get smarter and smarter' so you can 'ask for whatever you want' it 'just works'."
eldavojohn writes "An article published in Pakistan's Daily Times contains several quotes from Pakistan's Prime Minister Raja Pervez Ashraf indicating his intent to push for international blasphemy laws in both the United Nations and the Organization of Islamic Co-operation (57 countries). These comments came shortly after Pakistan's 'Day of Love for the Prophet' turned into riots that left 19 people dead and, of course, this all follows the extended trailers of 'Innocence of Muslims' being translated. Questionable circumstances surround who is prosecuted under these 'blasphemy laws' and what kind of fear they instill in Pakistan's minorities. The UN's Human Rights Charter mentions protection from 'religious intolerance' but also in the same sentence 'freedom of opinion and expression.'"
An anonymous reader writes "While there's much talk of Apple asking for more money from Samsung, there's less talk of the likelihood that the verdict will be overturned completely. Based on voir dire, and the foreman's subsequent statements to the press, it seems he failed to follow the law."
First time accepted submitter startling writes "Members of the public are being asked by the US Patent Office to help weed out bogus patent applications. It wants the public to contribute to a website that will spot applications for patents on technologies that have already been invented. The website, called Ask Patents, will be run by US firm Stack Exchange that has a track record of operating Q&A websites."