Compare cell phone plans using Wirefly's innovative plan comparison tool ×
Piracy

Cloudflare Faces Lawsuit For Assisting Pirate Sites (torrentfreak.com) 56

An anonymous reader shares a TorrentFreak report: In recent months CloudFlare has been called out repeatedly for offering its services to known pirate sites, including The Pirate Bay. These allegations have now resulted in the first lawsuit after adult entertainment publisher ALS Scan filed a complaint against CloudFlare at a California federal court. [...] Copyright holders are not happy with CloudFlare's actions. Just recently, the Hollywood-affiliated group Digital Citizens Alliance called the company out for helping pirate sites to stay online. Adult entertainment outfit ALS Scan agrees and has now become the first dissenter to take CloudFlare to court. In a complaint filed at a California federal court, ALS describes piracy as the greatest threat to its business. The rise of online piracy has significantly hurt the company's profits, they argue, noting that "pirate" sites are not the only problem. "The problems faced by ALS are not limited to the growing presence of sites featuring infringing content, or 'pirate' sites. A growing number of service providers are helping pirate sites thrive by supporting and engaging in commerce with these sites," ALS writes.
The Internet

Singapore To Cut Off Public Servants From the Internet (theguardian.com) 46

Singapore is planning to cut off web access for public servants as a defence against potential cyber attack, Reuters reports. The local government's move has already been criticized by many, who say that it marks a retreat for a technologically advanced city-state that has trademarked the term "smart nation". From an article on The Guardian: Some security experts say the policy, due to be in place by May, risks damaging productivity among civil servants and those working at more than four dozen statutory boards, and cutting them off from the people they serve. It may only raise slightly the defensive walls against cyber attack, they say. Ben Desjardins, director of security solutions at network security firm Radware, called it "one of the more extreme measures I can recall by a large public organisation to combat cyber security risks." Stephen Dane, a Hong Kong-based managing director at networking company Cisco Systems, said it was "a most unusual situation" and Ramki Thurimella, chair of the computer science department at the University of Denver, called it both "unprecedented" and "a little excessive".
PlayStation (Games)

Sony Tries To Remove News Articles About PlayStation 4 Slim Leak From The Internet (techdirt.com) 80

Sony is expected to announce two new PlayStation 4 consoles at a scheduled event on September 7th in New York City, but as that date nears more leaks of the consoles have emerged. The most recent leak appears to show the upcoming PlayStation 4 Slim, which Sony is trying to remove from the internet by taking down news articles from social media accounts about the leak. Erik Kain via @erikkain on Twitter tweeted (Tweet no longer exists): "Sony issued a takedown and had this post removed from my Facebook page: https://t.co/fIjP0buTdY (Warning: may be paywalled)." Techdirt reports: "[The Forbes post] references the work Eurogamer did in visiting the leaker of the image to confirm the console is for real (it is), as well as generating its own image and even video of the console working for its story on the leak. But if you go today to the Eurogamer post about the leak, the video has been replaced by the following update. UPDATE, 7.30pm: Upon taking legal advice, we have removed the video previously referenced in this article. Left unsaid is whether or not any contact had been made by Sony with Eurogamer, thus prompting this 'legal advice,' but one can imagine that being the case, particularly given Sony's threats to social media users sharing images and reporting of Sony leaks and, more to the point, threats against any media that might report on those leaks."
Patents

US Trade Judge Clears Fitbit of Stealing Jawbone's Trade Secrets (reuters.com) 13

An anonymous reader quotes a report from Reuters: Fitbit did not steal rival Jawbone's trade secrets, a U.S. International Trade Commission judge ruled on Tuesday, dashing Jawbone's hopes of securing an import ban against Fitbit's wearable fitness tracking devices. The judge, Dee Lord, said that there had been no violation of the Tariff Act, which gives the commission the power to block products that infringe U.S. intellectual property, because "no party has been shown to have misappropriated any trade secret." The ruling means Jawbone comes away with nothing from a complaint it filed with the trade agency in July 2015, accusing Fitbit of infringing six patents and poaching employees who took with them confidential data about Jawbone's business, such as plans, supply chains and technical details. Jawbone first sued Fitbit last year over trade secret violations in California state court, where the case is still pending. The companies, both based in San Francisco, are also litigating over patents in federal court.
Crime

FBI Authorized Informants To Break The Law 22,800 Times In 4 Years (dailydot.com) 93

blottsie quotes a report from the Daily Dot: Over a four-year period, the FBI authorized informants to break the law more than 22,800 times, according to newly reviewed documents. Official records obtained by the Daily Dot under the Freedom of Information Act show the Federal Bureau of Investigation gave informants permission at least 5,649 times in 2013 to engage in activity that would otherwise be considered a crime. In 2014, authorization was given 5,577 times, the records show. USA Today previously revealed confidential informants engaged in "otherwise illegal activity," as the bureau calls it, 5,658 times in 2011. The figure was at 5,939 the year before, according to documents acquired by the Huffington Post. In total, records obtained by reporters confirm the FBI authorized at least 22,823 crimes between 2011 and 2014. Unfortunately, many of those crimes can have serious and unintended consequences. One of the examples mentioned in the Daily Dot's report was of an FBI informant who "was responsible for facilitating the 2011 breach of Stratfor in one of the most high-profile cyberattacks of the last decade. While a handful of informants ultimately brought down the principal hacker responsible, the sting also caused Stratfor, an American intelligence firm, millions of dollars in damages and left and estimated 700,000 credit card holders vulnerable to fraud."
Canada

Ashley Madison Security Protocols Violated Canada, Austrialia Privacy Laws (www.cbc.ca) 26

The Office of the Privacy Commissioner of Canada said Tuesday that the Canada-based online dating and social networking service Ashely Madison used inadequate privacy and security technology while marketing itself as a discreet and secure way for consenting adults to have affairs. CBC.ca reports: "In a report Tuesday, the privacy watchdog says the Toronto-based company violated numerous privacy laws in Canada and abroad in the era before a massive data breach exposed confidential information from their clients to hackers. The hack stole correspondence, identifying details and even credit card information from millions of the site's users. The resulting scandal cost the company about a quarter of its annual revenues from irate customers who demanded refunds and cancelled their accounts. Working with a similar agency in Australia, the privacy group says the company knew that its security protocols were lacking but didn't do enough to guard against being hacked. The company even adorned its website with the logo of a 'trusted security award' -- a claim the company admits it fabricated." The report found that "poor habits such as inadequate authentication processes and sub-par key and password management practices were rampant at the company" and that "much of the company's efforts to monitor its own security were 'focused on detecting system performance issues and unusual employee requests for decryption of sensitive user data.'" What's more is that Ashley Madison continued to store personal information of its users even after some of which had deleted or deactivated their account(s). These people then had their information included in databases published online after the hack.
Privacy

WikiLeaks Published Rape Victims' Names, Credit Cards, Medical Data (arstechnica.com) 285

Joe Mullin, writing for ArsTechnica: Even as WikiLeaks founder Julian Assange sits trapped in the Ecuadorean embassy, the WikiLeaks website continues to publish the secrets of various governments worldwide. But that's not all it's publishing. A report today by the Associated Press highlights citizens who had "sensitive family, financial or identity records" published by the site. "They published everything: my phone, address, name, details," said one Saudi man whose paternity dispute was revealed in documents published by the site. "If the family of my wife saw this... Publishing personal stuff like that could destroy people." One document dump, from Saudi diplomatic cables, held at least 124 medical files. The files named sick children, refugees, and patients with psychiatric conditions. In one case, the cables included the name of a Saudi who was arrested for being gay. In Saudi Arabia, homosexuality is punishable by death. In two other cases, WikiLeaks published the names of teenage rape victims. "This has nothing to do with politics or corruption," said Dr. Nayef al-Fayez, who had a patient with brain cancer whose personal details were published.
Facebook

Facebook Knows Your Political Preferences (businessinsider.com) 179

Facebook knows a lot more about its users than they think. For instance, the New York Times reports, the company is categorizing its users as liberal, conservative, or moderate. These details are valuable for advertisers and campaign managers, especially ahead of the election season. From a BusinessInsider report: For some, Facebook is able to come to conclusions about your political leanings easily, if you mention a political party on your page. For those that are less open about politics on social media, Facebook makes assumptions based on pages you like. As The New York Times explained, if you like Ben and Jerry's Facebook page and most of the other people that like that page identify as liberal, Facebook might assume you too are liberal.
Government

FBI Investigating Russian Hack Of New York Times Reporters, Others (cnn.com) 61

Hackers thought to be working for Russian intelligence have carried out a series of cyber breaches targeting reporters at the New York Times and other U.S. news organizations, reports CNN, citing US officials briefed on the matter. From the report: The intrusions, detected in recent months, are under investigation by the FBI and other US security agencies. Investigators so far believe that Russian intelligence is likely behind the attacks and that Russian hackers are targeting news organizations as part of a broader series of hacks that also have focused on Democratic Party organizations, the officials said. "Like most news organizations we are vigilant about guarding against attempts to hack into our systems," said New York Times Co. spokeswoman Eileen Murphy. "There are a variety of approaches we take up to and including working with outside investigators and law enforcement. We won't comment on any specific attempt to gain unauthorized access to The Times." The breaches targeting reporters and news organizations are part of an apparent surge in cyber attacks in the past year against entities beyond US government agencies.
Electronic Frontier Foundation

US Customs and Border Protection Wants To Know Who You Are On Twitter (eff.org) 337

An anonymous reader quotes a report from Electronic Frontier Foundation: U.S. border control agents want to gather Facebook and Twitter identities from visitors from around the world. But this flawed plan would violate travelers' privacy, and would have a wide-ranging impact on freedom of expression -- all while doing little or nothing to protect Americans from terrorism. A proposal has been issued by U.S. Customs and Border Protection to collect social media handles from visitors to the United States from visa waiver countries. The Electronic Frontier Foundation opposes the proposal and has commented on it individually and as part of a larger coalition. "CBP specifically seeks 'information associated with your online presence -- Provider/Platform -- Social media identifier' in order to provider DHS 'greater clarity and visibility to possible nefarious activity and connections' for 'vetting purposes,'" reports EFF. "In our comments, we argue that would-be terrorists are unlikely to disclose social media identifiers that reveal publicly available posts expressing support for terrorism." They say this plan "would unfairly violate the privacy of innocent travelers," would cause "innocent travelers" to "engage in self-censorship, cutting back on their online activity out of fear of being wrongly judged by the U.S. government," and would lead to a "slippery slope, where CBP would require U.S. citizens and residents returning home to disclose their social media handles, or subject both foreign visitors and U.S. persons to invasive device searches at ports of entry with the intent of easily accessing any and all cloud data."
Power

New Mexico Nuclear Accident Ranks Among the Costliest In US History (latimes.com) 307

mdsolar quotes a report from Los Angeles Times: When a drum containing radioactive waste blew up in an underground nuclear dump in New Mexico two years ago, the Energy Department rushed to quell concerns in the Carlsbad desert community and quickly reported progress on resuming operations. The early federal statements gave no hint that the blast had caused massive long-term damage to the dump, a facility crucial to the nuclear weapons cleanup program that spans the nation, or that it would jeopardize the Energy Department's credibility in dealing with the tricky problem of radioactive waste. But the explosion ranks among the costliest nuclear accidents in U.S. history, according to a Times analysis. The long-term cost of the mishap could top $2 billion, an amount roughly in the range of the cleanup after the 1979 partial meltdown at the Three Mile Island nuclear power plant in Pennsylvania. The Feb. 14, 2014, accident is also complicating cleanup programs at about a dozen current and former nuclear weapons sites across the U.S. Thousands of tons of radioactive waste that were headed for the dump are backed up in Idaho, Washington, New Mexico and elsewhere, state officials said in interviews. "The direct cost of the cleanup is now $640 million, based on a contract modification made last month with Nuclear Waste Partnership that increased the cost from $1.3 billion to nearly $2 billion," reports Los Angeles Times. "The cost-plus contract leaves open the possibility of even higher costs as repairs continue. And it does not include the complete replacement of the contaminated ventilation system or any future costs of operating the mine longer than originally planned."
Television

North Korea Unveils Netflix-Like Streaming Service Called 'Manbang' (bbc.com) 159

North Korea has unveiled a set-top box that offers video-on demand services similar to Netflix. The service is called Manbang, which translates to "everywhere" in Korean, and allows consumers to stream documentaries about Kim Jong Un and other "educational" programs, as well as five live TV channels. "If a viewer wants to watch, for instance, an animal movie and sends a request to the equipment, it will show the relevant video to the viewer [...] this is two-way communications," according to NK News. It reportedly works by plugging the set-top box into an internet modem, then connecting an HDMI cable from the cable box to the TV. A very small number of North Koreans will actually be able to use the device as "only a few thousand [...] have access to the state-sanctioned internet, in a nation of 25 million people," reports New York Daily News.
Security

BHU's 'Tiger Will Power' Wi-Fi Router May Be The Most Insecure Router Ever Made (softpedia.com) 62

An anonymous reader writes from a report via Softpedia: A Wi-Fi router manufactured and sold only in China can easily run for the title of "most insecure router ever made." The BHU router, whose name translates to "Tiger Will Power," has a long list of security problems that include: four authentication bypass flaws (one of which is just hilarious); a built-in backdoor root account that gets created on every boot-up sequence; the fact that it opens the SSH port for external connections after every boot (somebody has to use that root backdoor account right?); a built-in proxy server that re-routes all traffic; an ad injection system that adds adverts to all the sites you visit; and a backup JS file embedded in the router firmware if the ad script fails to load from its server. For techies, there's a long technical write-up, which gets funnier and scarier at the same time as you read through it. "An attacker authenticating on the router can use a hardcoded session ID (SID) value of 700000000000000 to gain admin privileges," reports Softpedia. "If he misspells the SID and drops a zero, that's no problem. The BHU router will accept any value and still grant the user admin rights."
Crime

Turkish Journalist Jailed For Terrorism Was Framed, Forensic Report Shows (vice.com) 94

An anonymous reader quotes a report from Motherboard: Turkish investigative journalist Baris Pehlivan spent 19 months in jail, accused of terrorism based on documents found on his work computer. But when digital forensics experts examined his PC, they discovered that those files were put there by someone who removed the hard drive from the case, copied the documents, and then reinstalled the hard drive. The attackers also attempted to control the journalist's machine remotely, trying to infect it using malicious email attachments and thumb drives. Among the viruses detected in his computer was an extremely rare trojan called Ahtapot, in one of the only times it's been seen in the wild. Pehlivan went to jail in February of 2011, along with six of his colleagues, after electronic evidence seized during a police raid in 2011 appeared to connect all of them to Ergenekon, an alleged armed group accused of terrorism in Turkey. A paper recently published by computer expert Mark Spencer in Digital Forensics Magazine sheds light into the case after several other reports have acknowledged the presence of malware. Spencer said no other forensics expert noticed the Ahtapot trojan in the OdaTV case, nor has determined accurately how those documents showed up on the journalist's computer. However, almost all the reports have concluded that the incriminating files were planted. "We are not guilty," Baris Pehlivan told Andrada Fiscutean via Motherboard. "The files were put into our computers by a virus and by [attackers] entering the OdaTV office secretly. None of us has seen those documents before the prosecutor showed them to us." (OdaTV is the website Pehlivan works for and "has been critical of the government and the Gulen Movement, which was accused by Turkish president Recep Tayyip Erdogan of orchestrating the recent attempted coup.") In regard to the report, senior security consultant at F-Secure, Taneli Kaivola, says, "Yes, [the report] takes an impressive level of conviction to locally attack a computer four times, and remotely attack it seven times [between January 1, 2011, and February 11, 2011], as well as a certain level of technical skill to set up the infrastructure for those attacks, which included document forgery and date and time manipulation."
Piracy

Cox Denies Liability for Pirating Subscribers, Appeals $25 Million Verdict (torrentfreak.com) 95

Cox Communications insists that it is not responsible for copyright infringements carried out by its subscribers, challenging the ruling by a Virginia federal jury late last year. The court had found Cox Communications guilty and had asked it to pay music publisher BMG Rights Management a sum of $25 in damages. TorrentFreak reports: The verdict was a massive victory for the music company and a disaster for Cox, but the case is not closed yet. After a failed motion for judgment as a matter of law earlier this month, the ISP has now informed the court that it will take the case to the U.S. Court of Appeals for the Fourth Circuit. Cox denies any wrongdoing and hopes to get a judgment in its favor at the appeals court. Considering the gravity of the case, Cox's move is not surprising. The liability verdict has come as a shock to the Internet provider industry, as it suggests that providers have to actively disconnect repeat infringers. At the moment, many ISPs don't have a solid policy in place where repeat copyright infringers lose their subscription. In fact, the law doesn't prescribe when and based on what evidence an ISP has to terminate an account.
Democrats

FBI Finds 14,900 More Documents From Hillary Clinton's Email Server (go.com) 507

An anonymous reader quotes a report from ABC News: The FBI uncovered nearly 15,000 more emails and materials sent to or from Hillary Clinton as part of the agency's investigation into her use of private email at the State Department. The documents were not among the 30,000 work-related emails turned over to the State Department by her attorneys in December 2014. The State Department confirmed it has received "tens of thousands" of personal and work-related email materials -- including the 14,900 emails found by the FBI -- that it will review. At a status hearing Monday before federal Judge Emmett Sullivan, who is overseeing that case, the State Department presented a schedule for how it would release the emails found by the FBI. The first group of 14,900 emails was ordered released, and a status hearing on Sept. 23 "will determine the release of the new emails and documents," Sullivan said. "As we have previously explained, the State Department voluntarily agreed to produce to Judicial Watch any emails sent or received by Secretary Clinton in her official capacity during her tenure as secretary of state which are contained within the material turned over by the FBI and which were not already processed for FOIA by the State Department," said State Department spokesman Mark Toner in a statement issued Monday. "We can confirm that the FBI material includes tens of thousands of non-record (meaning personal) and record materials that will have to be carefully appraised at State," it read. "State has not yet had the opportunity to complete a review of the documents to determine whether they are agency records or if they are duplicative of documents State has already produced through the Freedom of Information Act" said Toner, declining further comment.
Government

Nuclear Waste Accident 2 Years Ago May Cost More Than $2 Billion To Clean Up (arstechnica.com) 20

An anonymous reader writes: The Los Angeles Times is estimating that an explosion that occurred at a New Mexico nuclear waste dumping facility in 2014 could cost upwards of $2 billion to clean up. Construction began on the Waste Isolation Pilot Plant (WIPP) in New Mexico's Carlsbad desert in the 1980s. The site was built to handle transuranic waste from the US' nuclear weapons program. The WIPP had been eyed to receive nuclear waste from commercial power-generating plants as well. According to the LA Times, the 2014 explosion at the WIPP was downplayed by the federal government, with the Department of Energy (DoE) putting out statements indicating that cleanup was progressing quickly. Indeed, a 2015 Recovery Plan insisted that "limited waste disposal operations" would resume in the first quarter of 2016. Instead, two years have passed since the incident without any indication that smaller nuclear waste cleanup programs around the US will be able to deliver their waste to the New Mexico facility any time soon. The 2014 explosion apparently occurred when engineers at the Los Alamos National Laboratory were preparing a drum of plutonium and americium waste -- usually packed with kitty litter (yes, kitty litter) -- and decided to "substitute an organic material for a mineral one."
Businesses

Massachusetts Will Tax Ride-Sharing Companies To Subsidize Taxis (reuters.com) 442

Massachusetts will tax ride-sharing services -- 20 cents for each ride -- with 25% of the money raised going into a special fund for the taxi industry (according to an article shared by schwit1 ). Reuters reports: Ride services are not enthusiastic about the fee. "I don't think we should be in the business of subsidizing potential competitors," said Kirill Evdakov, the chief executive of Fasten, a ride service that launched in Boston last year and also operates in Austin, Texas. Some taxi owners wanted the law to go further, perhaps banning the start-up competitors unless they meet the requirements taxis do, such as regular vehicle inspection by the police...

The fee may raise millions of dollars a year because Lyft and Uber alone have a combined 2.5 million rides per month in Massachusetts... The 5-cent fee will be collected through the end of 2021. Then the taxi subsidy will disappear and the 20 cents will be split by localities and the state for five years. The whole fee will go away at the end of 2026.

Republican Governor Charlie Baker signed the law, which specifically bans ride-sharing services from passing those costs on to their drivers or riders. And the article notes that Taiwan has also hit Uber with a $6.4 million tax bill, while Seattle has passed a new law allowing ride-sharing drivers to unionize.
Education

Four Code Bootcamps Are Now Eligible For Government Financial Aid (hackeducation.com) 85

Long-time Slashdot reader theodp notes a pilot program for improving computer science education which includes financial aid for students at four code bootcamps: In this week's Hack Education Weekly News, Audrey Watters writes, "The US Department of Education has selected eight higher ed institutions and eight 'non-traditional providers' that will work as partners to pilot the DoE's new EQUIP experiment, meaning that students will be able to receive federal financial aid for coding bootcamps, MOOCs, and the like...

"Good thing there haven't been any problems with for-profit higher ed and exploitation of financial aid, otherwise this would all seem like a terrible idea."

The original submission has more details on the participants (including the four code bootcamps). Ultimately the program involves pairing "non-traditional" providers with higher education institutions -- and then monitoring their results with a third-party "quality assurance entity" -- to improve the ways we measure a school's performance, but also testing new ways to fund training for computer careers. (I'm curious how Slashdot's readers feel about government loans for attendees at code bootcamps...)
Government

Group Wants To Shut Down Tor For a Day On September 1 (softpedia.com) 222

An anonymous reader writes: An internal group at the Tor Project is calling for a full 24-hour shutdown of the Tor network to protest the way the Tor Project dealt with the Jake Applebaum sexual misconduct accusations, and because of recent rumors it might be letting former government agents in its ranks. Two Tor members, also node operators, have shut down their servers as well, because of the same reason. They explained their motivations here and here.
"The protesters have made 16 demands," according to the article, six related to related to supposed infiltration of Tor by government agents, and 10 regarding the Appelbaum ruling and investigation -- including "asking all Tor employees that participated in this investigation to leave" and "the persons behind the JacobAppelbaum.net and the @JakeMustDie and @VictimsOfJake Twitter accounts to come forward and their identities made public."

Slashdot Top Deals