Communications

Judge Rules AT&T Can't See Trump White House Communications About Time Warner Merger 43

The judge presiding over the Justice Department's attempt to block the AT&T-Time Warner merger has ruled that the White House's private communications on the merger will not be released. The Verge reports: When the department said in November that it would sue to block the mega-merger, thoughts immediately turned to the White House. President Trump has made no secret of his disdain for CNN, and some watchers questioned whether the White House's hand was present, guiding the Justice Department as a way to exact revenge on the Time Warner-owned property. The Justice Department has denied any wrongdoing, and said it is only looking to block the merger on the grounds that it is anti-competitive. But to prove the theory, AT&T and Time Warner requested communications between the Justice Department and White House that could have shown the department was engaging in "selective enforcement." In today's decision, the judge on the case said the companies had fallen "far short" of the legal bar required to receive the documents.
Social Networks

Facebook VP of Ads Criticised For Tweeting that Russian-bought Ads Had Not Been Designed to Sway the US Election (bbc.com) 245

Facebook's vice-president of adverts has been criticised for tweeting that Russian-bought ads had not been designed to sway the US election. From a report: Rob Goldman's tweet was retweeted by President Donald Trump. His view contradicted special counsellor Robert Mueller's recent indictments, in which 13 Russians were charged with meddling in the election via social media and other means. Mr Goldman is reported to have apologised to Facebook staff. In a series of tweets, Mr Goldman said that Russia's misinformation activity had been designed to "divide America" but added that "the majority of the Russian ad spend [on Facebook] happened after the election." However according to the indictment, the ads were only part of Russia's activity on the social-media platform. In the document, Facebook is mentioned 35 times. According to Wired, he sent a message to staff that read: "I wanted to apologise for having tweeted my own view about Russian interference without having it reviewed by anyone internally. The tweets were my own personal view and not Facebook's. I conveyed my view poorly. The special counsel has far more information about what happened [than] I do -- so seeming to contradict his statements was a serious mistake on my part."
Government

Vietnam's Internet is in Trouble (wapo.st) 112

The World Post: Vietnamese authorities have harped of late on the urgency of fighting cybersecurity threats and "bad and dangerous content." Yet the fight against either "fake news" or misinformation in Vietnam must not be used as a smoke screen for stifling dissenting opinions and curtailing freedom of speech [The link may be paywalled]. Doing so would only further stoke domestic cynicism in a country where the sudden expansion of space for free and open discussion has created a kind of high-pressure catharsis online. Other countries, including democratic states, are also scrambling to rein in toxic information online. But while Germany, for example, specifically targets hate speech and other extremist messaging that directly affects the masses, Vietnamese leaders are more fixated on content deemed detrimental to their own reputation and the survival of the regime.

The ruling Communist Party of Vietnam has repeatedly urged Facebook and Google to block "toxic" information that it said slandered and defamed Vietnamese leaders. Google sort of conformed by removing more than such 5,000 clips; Facebook also flagged about 160 anti-government accounts at the behest of the government.

Piracy

Flight Sim Company Embeds Malware To Steal Pirates' Passwords (torrentfreak.com) 211

TorrentFreak: Flight sim company FlightSimLabs has found itself in trouble after installing malware onto users' machines as an anti-piracy measure. Code embedded in its A320-X module contained a mechanism for detecting 'pirate' serial numbers distributed on The Pirate Bay, which then triggered a process through which the company stole usernames and passwords from users' web browsers.
The Courts

Man, Seeking New Copy of Windows 7 After Forced Windows 10 Upgrade, Sues Microsoft (bleepingcomputer.com) 344

Catalin Cimpanu, writing for BleepingComputer: An Albuquerque man has sued Microsoft and its CEO -- Satya Nadella -- seeking a fresh copy of Windows 7 or $600 million in damages. According to a civil complaint filed last week on February 14, Frank K. Dickman Jr. of Albuquerque, New Mexico, is suing Microsoft because of a botched forced Windows 10 upgrade. "I own a ASUS 54L laptop computer which has an OEM license for Windows Version 7," Dickman's claim reads. "The computer was upgraded to Windows Version 10 and became non-functional immediately. The upgrade deleted the cached, or backup, version of Windows 7." Dickman says that the laptop's original OEM vendor is "untrustworthy," hence, he cannot obtain a legitimate copy of Windows 7 to downgrade his laptop.
IBM

IBM Sues Microsoft's New Chief Diversity Officer To Protect Diversity Trade Secrets (geekwire.com) 190

theodp writes: GeekWire reports that IBM has filed suit against longtime exec Lindsay-Rae McIntyre, alleging that her new position as Microsoft's chief diversity officer violates a year-long non-compete agreement, allowing Microsoft to use IBM's internal secrets to boost its own diversity efforts. A hearing is set for Feb. 22, but in the meantime, a U.S. District Judge has temporarily barred McIntyre from working at Microsoft. "IBM has gone to great lengths to safeguard as secret the confidential information that McIntyre possesses," Big Blue explained in a court filing, citing its repeated success (in 2012, 2013, 2015, 2016, 2017) in getting the U.S. government to quash FOIA requests for IBM's EEO-1 Reports on the grounds that the mandatory race/ethnicity and gender filings represent "confidential proprietary trade secret information." IBM's argument may raise some eyebrows, considering that other tech giants -- including Google, Microsoft, Apple, and Facebook -- voluntarily disclosed their EEO-1s years ago after coming under pressure from Rev. Jesse Jackson and the Congressional Black Caucus. In 2010, IBM stopped disclosing U.S. headcount data in its annual report as it accelerated overseas hiring.
Crime

Sweden Considers Six Years in Jail For Online Pirates (torrentfreak.com) 193

Sweden's Minister for Justice has received recommendations as to how the country should punish online pirates. From a report: Helene Fritzon received a proposal which would create crimes of gross infringement under both copyright and trademark law, leading to sentences of up to six years in prison. The changes would also ensure that non-physical property, such as domain names, can be seized.
Security

Contractors Pose Cyber Risk To Government Agencies (betanews.com) 77

Ian Barker, writing for BetaNews: While US government agencies are continuing to improve their security performance over time, the contractors they employ are failing to meet the same standards according to a new report. The study by security rankings specialist BitSight sampled over 1,200 federal contractors and finds that the security rating for federal agencies was 15 or more points higher than the mean of any contractor sector. It finds more than eight percent of healthcare and wellness contractors have disclosed a data breach since January 2016. Aerospace and defense firms have the next highest breach disclosure rate at 5.6 percent. While government has made a concerted effort to fight botnets in recent months, botnet infections are still prevalent among the government contractor base, particularly for healthcare and manufacturing contractors. The study also shows many contractors are not following best practices for network encryption and email security.
Security

US's Greatest Vulnerability is Ignoring the Cyber Threats From Our Adversaries, Foreign Policy Expert Says (cnbc.com) 101

America's greatest vulnerability is its continued inability to acknowledge the extent of its adversaries' capabilities when it comes to cyber threats, says Ian Bremmer, founder and president of leading political risk firm Eurasia Group. From a report: Speaking to CNBC from the Munich Security Conference on Saturday, the prominent American political scientist emphasized that there should be much more government-level concern and urgency over cyber risk. The adversarial states in question are what U.S. intelligence agencies call the "big four": Russia, China, North Korea, and Iran. "We're vulnerable because we continue to underestimate the capabilities in those countries. WannaCry, from North Korea -- no one in the U.S. cybersecurity services believed the North Koreans could actually do that," Bremmer described, naming the ransomware virus that crippled more than 200,000 computer systems across 150 countries in May of 2017.

Borge Brende, president of the World Economic Forum, weighed in, stressing the economic cost of cyber crimes. "It is very hard to attribute cyberattacks to different actors or countries, but the cost is just unbelievable. Annually more than a thousand billion U.S. dollars are lost for companies or countries due to these attacks and our economy is more and more based on internet and data."

Privacy

Facebook Admits SMS Notifications Sent Using Two-Factor Number Was Caused by Bug (theverge.com) 50

Facebook has clarified the situation around SMS notifications sent using the company's two-factor authentication (2FA) system, admitting that the messages were indeed caused by a bug. From a report: In a blog post penned by Facebook Chief Security Officer Alex Stamos, the company says the error led it to "send non-security-related SMS notifications to these phone numbers." Facebook uses the automated number 362-65, or "FBOOK," as its two-factor authentication number, which is a secure way of confirming a user's identity by sending a numeric code to a secondary device like a mobile phone. That same number ended up sending users Facebook notifications without their consent. When users would attempt to get the SMS notifications to stop, the replies were posted to their own Facebook profiles as status updates.
The Internet

FreeBSD's New Code of Conduct (freebsd.org) 836

FreeBSD has a new code of conduct, which is making several people angry. From the blog post: This code of conduct applies to all spaces used by the FreeBSD Project, including our mailing lists, IRC channels, and social media, both online and off. Anyone who is found to violate this code of conduct may be sanctioned or expelled from FreeBSD Project controlled spaces at the discretion of the FreeBSD Code of Conduct Committee. Participants are responsible for knowing and abiding by these rules. Harassment includes but is not limited to: Comments that reinforce systemic oppression related to gender, gender identity and expression, sexual orientation, disability, mental illness, neurodiversity, physical appearance, body size, age, race, or religion. Unwelcome comments regarding a person's lifestyle choices and practices, including those related to food, health, parenting, drugs, and employment. Deliberate misgendering. Deliberate use of "dead" or rejected names. Gratuitous or off-topic sexual images or behaviour in spaces where they're not appropriate.

Physical contact and simulated physical contact (e.g., textual descriptions like "hug" or "backrub") without consent or after a request to stop. Threats of violence. Incitement of violence towards any individual, including encouraging a person to commit suicide or to engage in self-harm. Deliberate intimidation. Stalking or following. Harassing photography or recording, including logging online activity for harassment purposes. Sustained disruption of discussion. Unwelcome sexual attention. Pattern of inappropriate social contact, such as requesting/assuming inappropriate levels of intimacy with others. Continued one-on-one communication after requests to cease. Deliberate "outing" of any private aspect of a person's identity without their consent except as necessary to protect vulnerable people from intentional abuse. Publication of non-harassing private communication without consent. Publication of non-harassing private communication with consent but in a way that intentionally misrepresents the communication (e.g., removes context that changes the meaning). Knowingly making harmful false claims about a person.

Security

Phishing Attack Scores Credentials For More Than 50,000 Snapchat Users (theverge.com) 11

An anonymous reader quotes an exclusive report from The Verge: In late July, Snap's director of engineering emailed the company's team in response to an unfolding privacy threat. A government official from Dorset in the United Kingdom had provided Snap with information about a recent attack on the company's users: a publicly available list, embedded in a phishing website named klkviral.org, that listed 55,851 Snapchat accounts, along with their usernames and passwords. The attack appeared to be connected to a previous incident that the company believed to have been coordinated from the Dominican Republic, according to emails obtained by The Verge. Not all of the account credentials were valid, and Snap had reset the majority of the accounts following the initial attack. But for some period of time, thousands of Snapchat account credentials were available on a public website. According to a person familiar with the matter, the attack relied on a link sent to users through a compromised account that, when clicked, opened a website designed to mimic the Snapchat login screen.
Businesses

Labor Board Says Google Could Fire James Damore For Anti-Diversity Memo (theverge.com) 597

According to a recently disclosed letter from the U.S. National Labor Relations Board, Google didn't violate labor laws by firing engineer James Damore for a memo criticizing the company's diversity program. "The lightly redacted statement is written by Jayme Sophir, associate general counsel of the NLRB's division of advice; it dates to January, but was released yesterday, according to Law.com," reports The Verge. "Sophir concludes that while some parts of Damore's memo was legally protected by workplace regulations, 'the statements regarding biological differences between the sexes were so harmful, discriminatory, and disruptive as to be unprotected.'" From the report: Damore filed an NLRB complaint in August of 2017, after being fired for internally circulating a memo opposing Google's diversity efforts. Sophir recommends dismissing the case; Bloomberg reports that Damore withdrew it in January, and that his lawyer says he's focusing on a separate lawsuit alleging discrimination against conservative white men at Google. NLRB records state that its case was closed on January 19th. In her analysis, Sophir writes that employers should be given "particular deference" in trying to enforce anti-discrimination and anti-harassment policies, since these are tied to legal requirements. And employers have "a strong interest in promoting diversity" and cooperation across different groups of people. Because of this, "employers must be permitted to 'nip in the bud' the kinds of employee conduct that could lead to a 'hostile workplace,'" she writes. "Where an employee's conduct significantly disrupts work processes, creates a hostile work environment, or constitutes racial or sexual discrimination or harassment, the Board has found it unprotected even if it involves concerted activities regarding working conditions."
The Courts

Judge Won't Let FCC's Net Neutrality Repeal Stop Lawsuit Alleging Charter Throttled Netflix (hollywoodreporter.com) 33

An anonymous reader quotes a report from The Hollywood Reporter: [I]n the first significant decision referring to the repeal [of net neutrality] since FCC chairman Ajit Pai got his way, a New York judge on Friday ruled that the rescinding of net neutrality rules wasn't relevant to an ongoing lawsuit against Charter Communications. New York Attorney General Eric Schneiderman filed the lawsuit almost exactly a year ago today. It's alleged that Charter's Spectrum-TWC service promised internet speeds it knew it couldn't deliver and that Spectrum-TWC also misled subscribers by promising reliable access to Netflix, online content and online games. According to the complaint, the ISP intentionally failed to deliver reliable service in a bid to extract fees from backbone and content providers. When Netflix wouldn't pay, this "resulted in subscribers getting poorer quality streams during the very hours when they were most likely to access Netflix," and after Netflix agreed to pay demands, service "improved dramatically." This arguably is the kind of thing that net neutrality was supposed to prevent. And Charter itself pointed to the net neutrality repeal in a bid to block Schneiderman's claims that Charter had engaged in false advertising and deceptive business practices. New York Supreme Court Justice O. Peter Sherwood isn't sold.

He writes in an opinion that the FCC's order "which promulgates a new deregulatory policy effectively undoing network neutrality, includes no language purporting to create, extend or modify the preemptive reach of the Transparency Rule," referring to how ISPs have to disclose "actual network performance." And although Charter attempted to argue that the FCC clarified its intent to stop state and local governments from imposing disclosure obligations on broadband providers that were inconsistent with FCC's rules, Sherwood notes other language from the "Restoring Internet Freedom Order" how states will "continue to play their vital role in protecting consumers from fraud, enforcing fair business practices... and generally responding to consumer inquiries and complaints."

Government

Facebook Must Stop Tracking Belgian Users, Court Rules (mercurynews.com) 83

Facebook must stop tracking Belgian users' surfing outside the social network and delete data it's already gathered, or it will face fines of 250,000 ($312,000) euros a day, a Belgian court ruled. From a report: Facebook "doesn't sufficiently inform" clients about the data it gathers on their broader web use, nor does it explain what it does with the information or say how long it stores it, the Brussels Court of First Instance said in a statement. The social network is coming under increasing fire in Europe, with a high-profile German antitrust probe examining whether it unfairly compels users to sign up to restrictive privacy terms. Belgium's data-protection regulators have targeted the company since at least 2015 when a court ordered it to stop storing non-users' personal data.

Slashdot Top Deals