Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. ×
Education

Arizona Bill Would Make Students In Grades 4-12 Participate Once In An Hour of Code (azpbs.org) 25

theodp writes: Christopher Silavong of Cronkite News reports: "A bill, introduced by [Arizona State] Sen. John Kavanagh [R-Fountain Hills] would mandate that public and charter schools provide one hour of coding instruction once between grades 4 to 12. Kavanagh said it's critical for students to learn the language -- even if it's only one session -- so they can better compete for jobs in today's world. However, some legislators don't believe a state mandate is the right approach. Senate Bill 1136 has passed the Senate, and it's headed to the House of Representatives. Kavanagh said he was skeptical about coding and its role in the future. But he changed his mind after learning that major technology companies were having trouble finding domestic coders and talking with his son, who works at a tech company." According to the Bill, the instruction can "be offered by either a nationally recognized nonprofit organization [an accompanying Fact Sheet mentions tech-backed Code.org] that is devoted to expanding access to computer science or by an entity with expertise in providing instruction to pupils on interactive computer instruction that is aligned to the academic standards."
The Courts

Appeals Court: You Have the Right To Film the Police (arstechnica.com) 92

An anonymous reader quotes a report from Ars Technica: A divided federal appeals court is ruling for the First Amendment, saying the public has a right to film the police. But the 5th U.S. Circuit Court of Appeals, in upholding the bulk of a lower court's decision against an activist who was conducting what he called a "First Amendment audit" outside a Texas police station, noted that this right is not absolute and is not applicable everywhere. The facts of the dispute are simple. Phillip Turner was 25 in September 2015 when he decided to go outside the Fort Worth police department to test officers' knowledge of the right to film the police. While filming, he was arrested for failing to identify himself to the police. Officers handcuffed and briefly held Turner before releasing him without charges. Turner sued, alleging violations of his Fourth Amendment right against unlawful arrest and detention and his First Amendment right of speech. The 2-1 decision Thursday by Judge Jacques Wiener is among a slew of rulings on the topic, and it provides fresh legal backing for the so-called YouTube society where people are constantly using their mobile phones to film themselves and the police. A dissenting appellate judge on the case -- Edith Brown Clement -- wrote Turner was not unlawfully arrested and that the majority opinion from the Texas-based appeals court jumped the gun to declare a First Amendment right here because one "is not clearly established."
The Courts

ZeniMax Files Injunction To Stop Oculus From Selling VR Headsets (gamespot.com) 52

ZeniMax, the parent company of Fallout and Skyrim developer Bethesda, has filed for an injunction against virtual-reality company Oculus over the recent stolen technology case. The company had accused Oculus of stealing VR-related code, and was subsequently awarded $500 million by a Dallas court earlier this month. ZeniMax has now filed additional papers against Oculus, requesting that Oculus' products using the stolen code be removed from sale. GameSpot reports: Specifically, ZeniMax is seeking to block sales of its mobile and PC developer kits, as well as technology allowing the integration of Oculus Rift with development engines Unreal and Unity, reports Law360. If the injunction isn't granted, ZeniMax wants a share of "revenues derived from products incorporating its intellectual properties," suggesting a 20 percent cut for at least 10 years. ZeniMax argues the previous settlement of $500 million is "insufficient incentive for [Oculus] to cease infringing." Oculus, meanwhile, says that "ZeniMax's motion does not change the fact that the [original] verdict was legally flawed and factually unwarranted. We look forward to filing our own motion to set aside the jury's verdict and, if necessary, filing an appeal that will allow us to put this litigation behind us," the virtual reality company stated.
Botnet

World's Largest Spam Botnet Adds DDoS Feature (bleepingcomputer.com) 20

An anonymous reader writes from a report via BleepingComputer: Necurs, the world's largest spam botnet with nearly five million infected bots, of which one million are active each day, has added a new module that can be used for launching DDoS attacks. The sheer size of the Necurs botnet, even in its worst days, dwarfs all of today's IoT botnets. The largest IoT botnet ever observed was Mirai Botnet #14 that managed to rack up around 400,000 bots towards the end of 2016 (albeit the owner of that botnet has now been arrested). If this new feature were to ever be used, a Necurs DDoS attack would easily break every DDoS record there is. Fortunately, no such attack has been seen until now. Until now, the Necurs botnet has been seen spreading the Dridex banking trojan and the Locky ransomware. According to industry experts, there's a low chance we'd see the Necurs botnet engage in DDoS attacks because the criminal group behind the botnet is already making too much money to risk exposing their full infrastructure in DDoS attacks.
Government

FCC To Halt Rule That Protects Your Private Data From Security Breaches (arstechnica.com) 82

According to Ars Technica, "The Federal Communications Commission plans to halt implementation of a privacy rule that requires ISPs to protect the security of its customers' personal information." From the report: The data security rule is part of a broader privacy rulemaking implemented under former Chairman Tom Wheeler but opposed by the FCC's new Republican majority. The privacy order's data security obligations are scheduled to take effect on March 2, but Chairman Ajit Pai wants to prevent that from happening. The data security rule requires ISPs and phone companies to take "reasonable" steps to protect customers' information -- such as Social Security numbers, financial and health information, and Web browsing data -- from theft and data breaches. The rule would be blocked even if a majority of commissioners supported keeping them in place, because the FCC's Wireline Competition Bureau can make the decision on its own. That "full commission vote on the pending petitions" could wipe out the entire privacy rulemaking, not just the data security section, in response to petitions filed by trade groups representing ISPs. That vote has not yet been scheduled. The most well-known portion of the privacy order requires ISPs to get opt-in consent from consumers before sharing Web browsing data and other private information with advertisers and other third parties. The opt-in rule is supposed to take effect December 4, 2017, unless the FCC or Congress eliminates it before then. Pai has said that ISPs shouldn't face stricter rules than online providers like Google and Facebook, which are regulated separately by the Federal Trade Commission. Pai wants a "technology-neutral privacy framework for the online world" based on the FTC's standards. According to today's FCC statement, the data security rule "is not consistent with the FTC's privacy standards."
Government

Security Lapse Exposed New York Airport's Critical Servers For a Year (zdnet.com) 36

An anonymous reader quotes a report from ZDNet: A security lapse at a New York international airport left its server backups exposed on the open internet for almost a year, ZDNet has found. The internet-connected storage drive contained several backup images of servers used by Stewart International Airport, but neither the backup drive nor the disk images were password protected, allowing anyone to access their contents. Since April last year, the airport had been inadvertently leaking its own highly-sensitive files as a result of the drive's misconfiguration. Vickery, who also posted an analysis of his findings, said the drive "was, in essence, acting as a public web server" because the airport was backing up unprotected copies of its systems to a Buffalo-branded drive, installed by a contract third-party IT specialist. When contacted Thursday, the contractor dismissed the claims and would not comment further. Though the listing still appears on Shodan, the search engine for unprotected devices and databases, the drive has since been secured. The files contained eleven disk images, accounting for hundreds of gigabytes of files and folders, which when mounted included dozens of airport staff email accounts, sensitive human resources files, interoffice memos, payroll data, and what appears to be a large financial tracking database. Many of the files we reviewed include "confidential" internal airport documents, which contain schematics and details of other core infrastructure.
The Courts

Founder of India's $4 Smartphone Firm Arrested on Allegations of Fraud (reuters.com) 24

Remember the $4 smartphone from India? Yeah, things haven't really materialized. Reuters reports: The founder of an Indian tech firm that shot to prominence by offering a $4 smartphone has been arrested on allegations of fraud, after a handset dealer accused the company of not refunding him for an unfulfilled order, the police said. Mohit Goel, the founder of Ringing Bells, was arrested Thursday afternoon in Uttar Pradesh and will be produced in court later on Friday, said Rahul Srivastav, a police spokesman from the northern Indian state. Goel and his company made headlines last year with the "Freedom" smartphone, which was priced at 251 rupees ($3.77), attracting strong demand but also widespread scepticism and scrutiny from regulators even in price-conscious India, where cheap smartphones are big sellers. The founder was arrested after a dealer said he had paid 3 million Indian rupees for an order of handsets but had received only a fraction of the order. He further said some of the phones received were defective, according to the police.
Google

Alphabet's Waymo Sues Uber For Allegedly Stealing Self-Driving Secrets (bloomberg.com) 62

An anonymous reader quotes a report from Bloomberg: It took Alphabet Inc.'s Waymo seven years to design and build a laser-scanning system to guide its self-driving cars. Uber Technologies Inc. allegedly did it in nine months. Waymo claims in a lawsuit filed Thursday that was possible because a former employee stole the designs and technology and started a new company. Waymo accuses several employees of Otto, a self-driving startup Uber acquired in August for $680 million, of lifting technical information from Google's autonomous car project. The "calculated theft" of Alphabet's technology earned Otto's employees more than $500 million, according to the complaint in San Francisco federal court. The claims in Thursday's case include unfair competition, patent infringement and trade secret misappropriation. Waymo was inadvertently copied on an e-mail from one of its vendors, which had an attachment showing an Uber lidar circuit board that had a "striking resemblance" to Waymo's design, according to the complaint. Anthony Levandowski, a former manager at Waymo, in December 2015 downloaded more than 14,000 proprietary and confidential files, including the lidar circuit board designs, according to the complaint. He also allegedly created a domain name for his new company and confided in some of his Waymo colleagues of plans to "replicate" its technology for a competitor. Levandowski left Waymo in January 2016 and went on in May to form Otto LLC, which planned to develop hardware and software for autonomous vehicles.
Bug

Cloudflare Leaks Sensitive User Data Across the Web (theregister.co.uk) 76

ShaunC writes: In a bug that's been christened "Cloudbleed," Cloudflare disclosed today that some of their products accidentally exposed private user information from a number of websites. Similar to 2014's Heartbleed, Cloudflare's problem involved a buffer overrun that allowed uninitialized memory contents to leak into normal web traffic. Tavis Ormandy, of Google's Project Zero, discovered the flaw last week. Affected sites include Uber, Fitbit, and OK Cupid, as well as unnamed services for hotel booking and password management. Cloudflare says the bug has been fixed, and Google has purged affected pages from its search index and cache. Further reading: The Register, Ars Technica
Transportation

Self-Driving Cars Should Be Liable For Accidents, Not the Passengers: UK Government (arstechnica.co.uk) 241

"Electric charging points at all major motorway services and petrol stations, and the occupants of a self-driving car aren't liable in the case of an accident -- those are two of the measures proposed by a new law that the UK government hopes will let us reap the rewards of improved transport technology over the next few years," reports Ars Technica. "These changes are part of the Vehicle Technology and Aviation Bill (VTAB), a draft law that is basically a shopping list of governmental desires." From the report: The first item on the bill involves automated vehicles, and how to ensure that the vehicle's owner (which may or may not be a driver) and potential accident victims are protected. The bill says that insurance companies must offer two types of protection: for when a vehicle is acting autonomously, but also if the human driver decides to takes control. Essentially, the government wants to make sure that an accident victim can always claim compensation from the insurance company, even if the car was acting autonomously. It would then be up for the insurance company to try and reclaim that money from the car maker through existing common law and product liability arrangements. In a somewhat rare display of tech savviness, there are two exemptions listed in the bill. If the vehicle owner makes unauthorized changes to the car's software, or fails to install a software update as mandated by their insurance policy, then the insurer doesn't have to pay. It isn't clear at this point which capabilities will be enough to classify a vehicle as "self-driving." The draft law asks the department for transport (DfT) to work it out, post haste, and then to determine which vehicles qualify for the new type of insurance. The planned law also outlines new governmental powers to improve the UK's electric charging infrastructure.
Privacy

Judge Rules Against Forced Fingerprinting (thestack.com) 126

An anonymous reader quotes a report from The Stack: A federal judge in Chicago has ruled against a government request which would require forced fingerprinting of private citizens in order to open a secure, personal phone or tablet. In the ruling, the judge stated that while fingerprints in and of themselves are not protected, the government's method of obtaining the fingerprints would violate the Fourth and Fifth amendments. The government's request was given as part of a search warrant related to a child pornography ring. The court ruled that the government could seize devices, but that it could not compel people physically present at the time of seizure to provide their fingerprints "onto the Touch ID sensor of any Apple iPhone, iPad, or other Apple brand device in order to gain access to the contents of any such device." The report mentions that the ruling was based on three separate arguments. "The first was that the boilerplate language used in the request was dated, and did not, for example, address vulnerabilities associated with wireless services. Second, the court said that the context in which the fingerprints were intended to be gathered may violate the Fourth Amendment search and seizure rights of the building residents and their visitors, all of whom would have been compelled to provide their fingerprints to open their secure devices. Finally, the court noted that historically the Fifth Amendment, which protects against self-incrimination, does not allow a person to circumvent the fingerprinting process." You can read more about the ruling via Ars Technica.
Iphone

Cellebrite Can Now Unlock Apple iPhone 6, 6 Plus (cyberscoop.com) 102

Patrick O'Neill writes: A year after the battle between the FBI and Apple over unlocking an iPhone 5c used by a shooter in the San Bernardino terrorist attack, smartphone cracking company Cellebrite announced it can now unlock the iPhone 6 and 6 Plus for customers at rates ranging from $1,500 to $250,000. The company's newest products also extract and analyze data from a wide range of popular apps including all of the most popular secure messengers around. From the Cyberscoop report: "Cellebrite's ability to break into the iPhone 6 and 6 Plus comes in their latest line of product releases. The newest Cellebrite product, UFED 6.0, boasts dozens of new and improved features including the ability to extract data from 51 Samsung Android devices including the Galaxy S7 and Galaxy S7 Edge, the latest flagship models for Android's most popular brand, as well as the new high-end Google Pixel Android devices."
Communications

FCC Votes To Lift Net Neutrality Transparency Rules For Smaller Internet Providers (theverge.com) 114

The Federal Communications Commission today voted to lift transparency requirements for smaller internet providers. According to The Verge, "Internet providers with fewer than 250,000 subscribers will not be required to disclose information on network performance, fees, and data caps, thanks to this rule change. The commission had initially exempted internet providers with fewer than 100,000 subscribers with the intention of revisiting the issue later to determine whether a higher or lower figure was appropriate." From the report: The rule passed in a 2-1 vote, with Republicans saying the reporting requirements unfairly burdened smaller ISPs with additional work. Only Democratic commissioner Mignon Clyburn opposed. Clyburn argued that the disclosures were an important consumer protection that was far from overbearing on businesses, particularly ones this large. Clyburn also argued that the rule would allow larger internet providers to avoid disclosing information by simply breaking their service areas up into different subsidiaries. Republican commissioner Michael O'Rielly voted in favor of the change, saying he actually would have preferred the subscriber exemption to be even higher. And commission chairman Ajit Pai said the rules were necessary to protect "mom and pop internet service providers" from "burdensome requirements [...] that impose serious and unnecessary costs."
The Courts

Amazon Argues That Alexa Is Protected By the First Amendment in a Murder Trial (qz.com) 112

Amazon is sticking to its guns in the fight to protect customer data. The ecommerce giant has filed a motion to quash the search warrant for recordings from an Amazon Echo in the trial of James Andrew Bates, accused of murdering friend Victor Collins in Bentonville, Arkansas in November 2015. And it's arguing that the responses of Alexa, the voice of the Echo, has First Amendment rights as part of that motion. From a report on Quartz: The company's lawyers claim that Alexa's recordings and responses are subject to free speech protections under the US constitution's bill of rights, and that prosecutors need to provide more evidence that this audio is essential to the case. "It is well established that the First Amendment protects not only an individual's right to speak, but also his or her 'right to receive information and ideas,'" Amazon lawyers wrote in a court filing. "At the heart of that First Amendment protection is the right to browse and purchase expressive materials anonymously, without fear of government discovery." Amazon also referenced a 2014 case involving Chinese search giant Baidu, where a court ruled that results returned by a search engine are protected by the First Amendment.
Piracy

Google Says Almost Every Recent 'Trusted' DMCA Notices Were Bogus (torrentfreak.com) 81

Reader AmiMoJo writes: In comments submitted to a U.S. Copyright Office consultation, Google has given the DMCA a vote of support, despite widespread abuse. Noting that the law allows for innovation and agreements with content creators, Google says that 99.95% of URLs it was asked to take down last month didn't even exist in its search indexes. "For example, in January 2017, the most prolific submitter submitted notices that Google honored for 16,457,433 URLs. But on further inspection, 16,450,129 (99.97%) of those URLs were not in our search index in the first place."

Slashdot Top Deals