NewYorkCountryLawyer writes "The U.S. Court of Appeals for the 8th Circuit has upheld the initial jury verdict in the case against Jammie Thomas, Capitol Records v. Jammie Thomas-Rasset. This case was the first jury trial for a file-sharing suit brought by the major record labels, and focused on copyright infringement for 24 songs. The Court of Appeals has ruled that the award of $220,000, or $9250 per song, was not an unconstitutional violation of Due Process. The Court, in its 18-page decision (PDF), declined to reach the 'making available' issue, for procedural reasons."

An anonymous reader writes with this excerpt from Geek.com: "The courtroom battle between Apple and Samsung seems to be far from over, and come tomorrow Apple is in for a major headache as soon as it makes the iPhone 5 official. That's because Samsung is poised to sue the company over patents it owns relating to LTE connectivity the new smartphone is expected to use. All Samsung needs to confirm is that the iPhone 5 is shipping with 4G LTE and it can then apparently set its lawyers into action. As is typical with these patent lawsuits, Samsung will most likely seek an import ban meaning the iPhone 5 may not be able to leave its manufacturing plants and make it to the U.S. to fulfill pre-orders. If such a thing ruling was made, Apple would most likely do a deal that meant it no longer pursued Samsung product bans, and might even forget about that billion dollar payout." Samsung's not the only one hoping to gain some leverage: itwbennett writes, "Apple's iPhone 5 and iPad 3 may violate a pair of patents bought by HTC back in April 2011 that cover methods used in 4G devices for faster downloads. International Trade Commission judge Thomas Pender said it would take 'clear and convincing' evidence to renounce the U.S. patents."

New submitter kgkoutzis writes "A few days ago I noticed some weird artifacts covering the screenshots I captured using the WoW game client application. I sharpened the images and found a repeating pattern secretly embedded inside. I posted this information on the OwnedCore forum and after an amazing three-day cooperation marathon, we managed to prove that all our WoW screenshots, since at least 2008, contain a custom watermark. This watermark includes our user IDs, the time the screenshot was captured and the IP address of the server we were on at the time. It can be used to track down activities which are against Blizzard's Terms of Service, like hacking the game or running a private server. The users were never notified by the ToS that this watermarking was going on so, for four years now, we have all been publicly sharing our account and realm information for hackers to decode and exploit. You can find more information on how to access the watermark in the aforementioned forum post which is still quite active."

chicksdaddy writes "The cloud-based hosting firm MediaFire has reversed a decision to suspend the account of virus researcher Mila Parkour after Naked Security raised questions about copyright violation complaints made against her by the mysterious firm LeakID. In an email to Parkour on Friday, MediaFire's director of customer support, Daniel Goebel, said that the company was restoring Parkour's access to her MediaFire account and apologized for the interruption in service. MediaFire also said it was asking LeakID, the Paris-based firm that accused Parkour of sharing copyrighted material, to 'confirm the status of the counterclaim [Parkour] submitted.' However, the firm is still blocking access to files that LeakID alleged were violating the US Digital Millennium Copyright Act (DMCA), a strict copyright enforcement law in the U.S."

New submitter isaaccs writes "I'm a mobile developer at a startup. My experience is in building user-facing applications, but in this case, a component of an app I'm building involves observing and collecting certain pieces of user information and then storing them in a web service. This is for purposes of analysis and ultimately functionality, not persistence. This would include some obvious items like names and e-mail addresses, and some less obvious items involving user behavior. We aim to be completely transparent and honest about what it is we're collecting by way of our privacy disclosure. I'm an experienced developer, and I'm aware of a handful of considerations (e.g., the need to hash personal identifiers stored remotely), but I've seen quite a few startups caught with their pants down on security/privacy of what they've collected — and I'd like to avoid it to the degree reasonably possible given we can't afford to hire an expert on the topic. I'm seeking input from the community on best-practices for data collection and the remote storage of personal (not social security numbers, but names and birthdays) information. How would you like information collected about you to be stored? If you could write your own privacy policy, what would it contain? To be clear, I'm not requesting stack or infrastructural recommendations."

carmendrahl writes "Despite a 2009 report from the National Academy of Sciences that found the science in crime labs wanting, very little reform of forensic science has taken place. At a session about the Innocence Project, a group that exonerates prisoners with DNA evidence, speakers called on chemists to join the fight for reform. But forensic chemists don't all agree on what needs reforming."

An anonymous reader writes "A member of the Anonymous hacktivist group appears to have taken down GoDaddy with a massive Distributed Denial of Service (DDoS). The widespread issue seems to be affecting countless websites and services around the world, although not for everyone. Godaddy.com is down, but so are some of the site's DNS servers, which means GoDaddy hosted e-mail accounts are down as well, and lots more. It's currently unclear if the servers are being unresponsive or if they are completely offline. Either way, the result is that if your DNS is hosted on GoDaddy, your site may also look as if it is down, because it cannot resolve."

pdabbadabba writes "A Florida iPhone and iPad app developer, Blue Toad, has come forward claiming that it is the source of the Apple UDIDs previously released by Anonymous. Their dataset, they say, is a 98% match for the one Anonymous hackers claim to have stolen from an FBI laptop. If so, this development would cast serious doubt on Anonymous' claims and, possibly, calm fears that this data is evidence of an ongoing FBI surveillance operation (a claim the FBI has also denied)."

quax writes "Bettina Wulff faces an uphill battle for her reputation. Her husband had to resign as Germany's president due to corruption allegations and has many detractors. Apparently some of them started a character assassination campaign against his wife. At least that is, if you trust serious journalists who looked into the matter and stated that it is made up. Unfortunately though for Bettina Wulff, the rumors took off on the Internet. Now whenever you enter her name Google suggest the additional search terms 'prostitute' and 'escort.' Google refuses to alter its search index."

Hugh Pickens writes "Frédéric Filloux writes that eighteen months ago — under non disclosure — Google showed publishers a new transaction system for inexpensive products such as newspaper articles. It works like this: to gain access to a web site, the user is asked to participate to a short consumer research session: a single question or a set of images leading to a quick choice. It can be anything: pure market research for a packaging or product feature, surveying a specific behavior, evaluating a service, intention, expectation, you name it. Google's size puts it in a unique position to probe millions of people in a short period of time and the more Google gains in reliability, accuracy, and granularity (i.e. ability to probe a segment of blue collar-pet owners in Michigan or urbanite coffee-drinkers in London), the bigger it gets and the better it performs cutting market research costs 90% compared to traditional surveys. Companies will pay $150 for 1500 responses drawn from the general U.S. internet population. But what's in it for users? A young audience will be more inclined to accept such a surveywall because they always resist any form of payment for digital information, regardless of quality, usefulness, or relevance. Free is the norm. Or its illusion. This way users make micropayments, but with attention and data instead of cash. 'Young people have already demonstrated their willingness to give up their privacy in exchange for free services such as Facebook — they have yet to realize they paid the hard price,' writes Filloux. 'Economically, having one survey popping up from time to time — for instance when the user reconnects to a site — makes sense. Viewed from a spreadsheet, it could yield more money than the cheap ads currently in use.'"

CowboyRobot writes "Spyware is no longer the primary concern with unwanted software on mobile devices. According to mobile security firm Lookout, most mobile malware performs 'toll fraud' — billing victims using premium SMS services. The problem is very geographically-dependent, worst in areas with weak SMS regulation, particularly China, Ukraine, and Russia, where users are 10,000 times more likely to have malware on their phones than users in Japan, for example. Other risks include mobile ads surreptitiously uploading personal data, as well as apps that download other malware without users knowing. The full report is available."

New submitter blando writes "Between February and March of 2011, at the height of Egypt's tumultuous revolution, protesters stormed the offices of their feared State Security Investigations Service in Alexandria and Sixth of October city, on the edge of Cairo. It was there, amongst evidence of detentions, torture and surveillance at SSIS's headquarters, that information first came to light regarding a sales pitch by UK-based Gamma Group to Egypt's security agency for their FinFisher spyware."

dgharmon writes with word from the BBC that "A U.S. hacker who sold access to thousands of hijacked home computers has been jailed for 30 months. Joshua Schichtel of Phoenix, Arizona, was sentenced for renting out more than 72,000 PCs that he had taken over using computer viruses." Time is cheap: Schichtel admitted to giving access to those 72,000 computers for $1500.

Presto Vivace writes with this outline of what voting can look like while remaining countable and anonymous — and how it does look north of the U.S. border. "In Canada, they use hand-marked paper ballots, hand counted in public. Among other things, that process means that we can actually be sure who won. And if the elections of 2000 and 2008 are any guide, and the race stays as close as the pollsters sat it is, we might, on Wednesday, November 7, not be sure who won." Any Canadians among our readers who want to comment on this?"

bazorg writes "Rick Falkvinge of the Swedish Pirate Party blogs on the subject of freedom of the press and foresees how users of Google glasses could be charged for possession and distribution of illegal porn. 'Child pornography is a toxic subject, but a very important one that cannot and should not be ignored. This is an attempt to bring the topic to a serious discussion, and explain why possession of child pornography need to be re-legalized in the next ten years.'"

jfruh writes "Two lawyers in Houston were able to exploit business filing systems to seize control of dormant publicly traded corporations — and then profit by pushing their worthless stock. In many states, anyone can change important information about a publicly registered company — including the corporate officers or company contact information — without any confirmation that they have anything to do with the company in the first place. Massachusetts requires a password to do this through the state registry's website, but they'll give you the password if you call and ask for it. Long focused on individual ID theft, state governments are finally beginning to realize that corporate ID theft is a huge problem as well."

New submitter InPursuitOfTruth writes with news that the Obama administration has been circulating a draft of an executive order focused on cybersecurity. This follows the recent collapse of an attempt at cybersecurity legislation in the Senate. According to people who have seen the draft, the order would codify standards and best practices for critical infrastructure. That said, it's questionable how effective it would be, since participation would be voluntary, and the standards would be set by "an inter-agency council that would be led by the Department of Homeland Security." The other agencies involved would include NIST, the DoD, and the Commerce Dept. "It would be left up to the companies to decide what steps they want to take to meet the standards, so the government would not dictate what type of technology or strategy they should adopt."

Underholdning writes "It's been five years since Radiohead brought the pay what you want model to the public with their successful sale of their 'In Rainbows' album. Now, here's a fresh example of how a game developer is making The Pirate Bay work for him by offering his game, McPixel, for free and letting people pay what they want. Currently TPB has more than 5000 applicants wanting to do the same. 'Sosowski isn't worried that promoting a game on a site known for piracy might be more effective at attracting more pirates than actual paying customers. "The game was already available on TPB beforehand, and I believe if someone didn't want to pay, he just didn't ... It is up to people to decide how much they would like to pay for the game, and I have no worries. I am happy that more people can enjoy my game. ... TPB is one of the most visited sites in the Internet, and simply having a game there is a form of advertisement and promotion."'"

An anonymous reader writes "Ars reports on a decision from a district judge in Illinois, who ruled that sniffing traffic on an unencrypted Wi-Fi network is not wiretapping. In the ruling, the judge points out an exception in the Wiretap Act which allows people to 'intercept or access an electronic communication made through an electronic communication system that is configured so that such electronic communication is readily accessible to the general public.' He concludes that 'the communications sent on an unencrypted Wi-Fi network are readily available to the general public.' Orin Kerr disagrees with the ruling, saying that the intent of the person setting up the network is important: 'No one suggests that unsecured wireless networks are set up with the goal that everyone on the network would be free to read the private communications of others.'"

hypnosec writes "A new patch for Apache by Roy Fielding, one of the authors of the Do Not Track (DNT) standard, is set to override the DNT option if the browser reaching the server is Internet Explorer 10. Microsoft has by default enabled DNT in Internet Explorer 10 stating that it is to 'better protect user privacy.' This hasn't gone down well with ad networks, users and other browser makers. According to Mozilla, the DNT feature shouldn't be either in an active state or an inactive state until and unless a user specifically sets it. Along the same lines is the stance adopted by Digital Advertising Alliance. The alliance has revealed that it will only honor DNT if and only if it is not switched on by default. This means advertisers will be ignoring the DNT altogether no matter how a particular browser is set up. The DNT project has another member – Apache. It turns out that Microsoft's stance is like a thorn to Apache as well. Fielding has written a patch for the web server titled 'Apache does not tolerate deliberate abuse of open standards.' The patch immediately sparked a debate, which instigated Fielding to elaborate on his work: 'The only reason DNT exists is to express a non-default option. That's all it does. [...] It does not protect anyone's privacy unless the recipients believe it was set by a real human being, with a real preference for privacy over personalization.'"