Weezul writes "The Ada Initiative's Valerie Aurora got Violet Blue's Hackers As A High-Risk Population (29c3 abstract) talk on harm reduction methodology pulled from the Security BSides meeting in San Francisco by claiming it contained rape triggers [ed note: you might not want to visit the main page of the weblog as it contains a few pictures that might be considered NSFW in more conservative places]. It's frankly asinine to object to work around hacker ethics as 'off topic' at such broad hacker conference. Is Appelbaum's 29c3 keynote 'off topic' for asking hackers to work for the 'good guys' rather than military, police, their contractors, Facebook, etc.? Yes, obviously harm reduction is a psychological hack that need not involve a computer, but this holds for 'social engineering' as well. It's simply that hacking isn't nearly as specialized or inaccessible as say theoretical physics. Worse, there is no shortage of terrible technology laws like the CFAA, DMCA, etc. that exist partially because early hackers failed to communicate an ethics that seemed coherent and reasoned to outsiders." The Ada Initiative responds that such talks do more harm than good. It could also be argued that "not working for the bad guys" type talks aren't off-topic, since the hacker community has traditionally cared about things like information freedom.
Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Zaatxe writes with a bit of news about the music industry; sales are slightly up (basically flat). From the article: "The music industry, the first media business to be consumed by the digital revolution, said on Tuesday that its global sales rose last year for the first time since 1999, raising hopes that a long-sought recovery might have begun. The increase, of 0.3 percent, was tiny, and the total revenue, $16.5 billion, was a far cry from the $38 billion that the industry took in at its peak more than a decade ago. Still, even if it is not time for the record companies to party like it's 1999, the figures, reported Tuesday by the International Federation of the Phonographic Industry, provide significant encouragement. 'At the beginning of the digital revolution it was common to say that digital was killing music,' said Edgar Berger, chief executive of the international arm of Sony Music Entertainment. Now, he added, it could be said 'that digital is saving music.'" Because CDs aren't digital. CD sales are declining, and being replaced by the sale of lossy files. I wonder how much more money they could be making if they'd just sell folks lossless music on the open market (not just iTunes) since at least that's all that keeps me buying a CD or three a year (I own way too many CDs personally, and stopped buying music until discovering Bandcamp and easy lossless downloads rekindled my desire to find new stuff).
An anonymous reader sends this excerpt from a blog post by Taren Stinebrickner-Kauffman, founder of corporate watchdog SumOfUs.org and partner of the late Aaron Swartz: "The DOJ has told Congressional investigators that Aaron's prosecution was motivated by his political views on copyright. I was going to start that last paragraph with 'In a stunning turn of events,' but I realized that would be inaccurate — because it's really not that surprising. Many people speculated throughout the whole ordeal that this was a political prosecution, motivated by anything/everything from Aaron's effective campaigning against SOPA to his run-ins with the FBI over the PACER database. But Aaron actually didn't believe it was — he thought it was overreach by some local prosecutors who didn't really understand the internet and just saw him as a high-profile scalp they could claim, facilitated by a criminal justice system and computer crime laws specifically designed to give prosecutors, however incompetent or malicious, all the wrong incentives and all the power they could ever want. But this HuffPo article, and what I’m hearing from sources on the Hill, suggest that that’s not true. That Ortiz and Heymann knew exactly what they were doing: Shutting up, and hopefully locking up, an extremely effective activist whose political views, including those on copyright, threatened the Powers That Be."
schwit1 writes "New Jersey Gov. Chris Christie signed a bill Tuesday legalizing Internet gambling. While the bill only allows Atlantic City casino companies to take online bets, the WSJ believes that those casinos will partner with overseas companies that provide services for online gambling, potentially opening up a bigger market. Furthermore, the bill (PDF) will allow bettors from other states to gamble online, so long as regulators determine that the activity isn't prohibited by any federal or state laws. They included setting a 10-year trial period for online betting, and raising the taxes on the Atlantic City casinos' online winnings from 10 to 15 percent. New Jersey became the third state in the nation to legalize gambling over the Internet. Nevada and Delaware have passed laws legalizing Internet betting, which also is going on offshore, untaxed and unregulated."
eegad writes "I've been thinking a lot about how much information I give to technology companies like Google and Facebook and how I'm not super comfortable with what I even dimly know about how they're handling and selling it. Is it time for major companies like this, who offer arguably utility-like services for free in exchange for info, to start giving customers a choice about how to 'pay' for their service? I'd much rather pony up a monthly fee to access all the Google services I use, for example, and be assured that no tracking or selling of my information is going on. I'm not aware of how much money these companies might make from selling data about a particular individual, but could it possibly be more than the $20 or $30 a month I'd fork over to know that my privacy is a little more secure? Is this a pipe dream, or are there other people who would happily pay for their private use of these services? What kinds of costs or problems could be involved with companies implementing this type of dual business model?"
New submitter ThatsNotPudding writes "The U.S. Supreme court has rejected pleas to allow any challenges to the FISA wiretapping law unless someone can prove they've been harmed by it. 'The Foreign Intelligence Surveillance Act, or FISA, was originally designed to allow spying on the communications of foreign powers. But after the September 11 attacks, FISA courts were authorized to target a wide array of international communications, including communications between Americans and foreigners. ... In this case, the plaintiffs' groups said their communications were likely being scooped up by the government's expanded spying powers in violation of their constitutional rights. Today's decision, a 5-4 vote along ideological lines by the nation's highest court, definitively ends their case. In an opinion (PDF) by Justice Samuel Alito, the court ruled that these groups don't have the right to sue at all, because they can't prove they were being spied on.'" Further coverage at SCOTUSblog.
dp619 writes "Penn State law professor Clark Asay has written an editorial on F/OSS patent risk, saying, '...under the current patent system, it's entirely possible to obtain a patent that reads on software that FOSS communities independently create. Consequently, FOSS communities and their users are vulnerable to third party patent claims, even absent any sort of wrongdoing or copying on their part.' He suggests that developers collaborate to prevent bad or frivolous patents from being issued in the first place. The ongoing work of Linux Defenders and Peer-to-Patent are cited as good examples of how the FOSS community's collaborative spirit can help it counteract potential legal threats."
New submitter mynameiskhan writes "Major internet service providers today will start monitoring the internet traffic to their customers' computers and will warn them if they download copyrighted materials using peer to peer network. The article says, 'A person will be given up to six opportunities to stop before the Internet provider will take more drastic steps, such as temporarily slowing their connection, or redirecting Internet traffic until they acknowledge they received a notice or review educational materials about copyright law.' Furthermore, if you appeal the warning you will be required to pay $35 to state your case. Have the ISPs have had enough of RIAA pestering, or are they siding with RIAA?"
Google Hangout interview with Keith Bergelt, Chief Executive Officer of the Open Invention Network (OIN), which was jointly founded by IBM, NEC, Novell, Philips, Red Hat, and Sony to share their relevant patents with all Linux and Open Source developers and users in order to prevent patent troll attacks on FOSS, such as the famous SCO vs. IBM lawsuits that hampered Linux adoption during the early 2000s. It costs nothing to become a an OIN licensee, and over 500 companies have done so. Few people know, however, that individual developers and FOSS users can become OIN licensees; that you are welcome to do so, and it costs nothing. Read their license agreement, sign it, and send it in. That's all it takes. They also buy patents and accept patent donations. And "...if your company is being victimized by any entity seeking to assert its patent portfolio against Linux, please contact us so that we can aid you in your battle with these dark forces." This OIN service is called Linux Defenders 911. We hope you never need to use it, but it's good to know it's there if you do need it.
An anonymous reader writes "It appears that two weeks ago my email address got into the wrong database. Since that time there have been continuing attempts to access my accounts and create new accounts in my name. I have received emails asking me to click the link below to confirm I want to create an account with Twitter, Facebook, Apple Games Center, Facebook mobile account, and numerous pornographic sites. I have not attempted to create accounts on any of these services. I have also received 16 notices from Apple about how to reset my Apple ID. I am guessing these notices are being automatically generated in response to too many failed login attempts. At this point I have no reason to believe any of my accounts have been compromised but I see no good response."
concealment writes "Many of us have had the experience of going to Amazon to buy one thing but checking out with a huge shopping cart of items that we didn't initially seek—or even know were available. Amazon's merchandising often benefits Amazon's customers, but trademark owners who lose sales to their competition due to it aren't as thrilled. Fortunately for Amazon, a California federal court recently upheld Amazon's merchandising practices in its internal search results."
An anonymous reader writes with this news (excerpted from IT World) that follows up on the report of pressure put on Sweden's Pirate Party for its connection to The Pirate Bay: "The Pirate Bay has opened two new gateways to its internal network in order to shield its current Internet provider, the Swedish Pirate Party, which had been threatened with legal action if it did not stop providing Internet access to the torrent search site by Tuesday. The Swedish Pirate Party had provided bandwidth to The Pirate Bay for about three years because it was hard for the site to find anyone else who would do so. But last Tuesday the Rights Alliance, an organization that represents the film industry, gave it an ultimatum: The Pirate Party had to cut off Internet access to the torrent search site or face legal action. The Pirate Bay's administrators said in a post on Facebook that, because of the legal threat and the potential cost of fighting it, 'We've taken the decision to move on to Norway and Spain.'"
chicksdaddy writes "The security firm Bit9 released a more detailed analysis of the hack of its corporate network was part of a larger operation that was aimed a firms in a 'very narrow market space' and intended to gather information from the firms. The analysis, posted on Monday on Bit9's blog is the most detailed to date of a hack that was first reported on February 8 by the blog Krebsonsecurity.com, but that began in July, 2012. In the analysis, by Bit9 Chief Technology Officer Harry Sverdlove said 32 separate malware files and malicious scripts were whitelisted in the hack. Bit9 declined to name the three customers affected by the breach, or the industry segment that was targeted, but denied that it was a government agency or a provider of critical infrastructure such as energy, utilities or banking. The small list of targets — just three — and the fact that one malware program was communicating with a system involved in a recent 'sinkholing operation' raises the specter that the hack of Bit9 may have played a part in the recent attacks on Facebook, Twitter and Apple, though Bit9 declined to name the firms or the market they serve."
skade88 writes "As I get older, I find the little details of my life slip away from my memory after years and decades pass. I find myself wishing I had a way to record at least sound and video of my entire life. It would be nice to be able to go back and see what I was like when I was younger without the fog of memory clouding my view of the past. It would be cool to share with my boy friend and future kids how I was when I was younger by just showing them video from my life. Do y'all know of any good way to do this? I would settle for recording what I see from a first person point of view. There is also concerns that range beyond the technical. If I were to record my entire life, that would mean also recording other people, when they are interacting with me on a daily basis. What sort of privacy laws pertain to this? Even without laws, would others act differently around me because they were being recorded with my life record? How would it make you feel if your friend or family member did this?"
An anonymous reader writes "A small U.S. university has come up with a novel solution to reduce the possibility of using a dead person's hand to get past a fingerprint scanner through the use of hemoglobin detection. The device quickly checks the fingerprint and hemoglobin 'non-intrusively' to verify the identity and whether the individual is alive. This field of research is called Biocryptology and seeks to ensure that biometric security devices can't be easily bypassed."
New submitter C0R1D4N writes "Carl Bergmanson, a New Jersey gubernatorial democrat running in the 2013 primary, has recently spoken out against the new 'six strike policy' being put in place this week by major ISPs. He said: 'The internet has become an essential part of living in the 21st century, it uses public infrastructure and it is time we treat it as a public utility. The electric company has no say over what you power with their service, the ISPs have no right to decide what you can and can not download.'"
An anonymous reader writes "Days after the killing of leftist blogger Thaba Baba, mosques throughout Bangladesh called for a popular uprising to demand the killing of other bloggers who had held a rally calling for the death of Jama'at-e-Islami leaders convicted of war crimes. This happens in an atmosphere of ongoing tension between Left and Right, with the leftist government threatening to outlaw rightist parties while the right uses violence to quiet selected enemies."
theodp writes "Before iTunes, Netflix, MySpace, Facebook, and the Kindle, 17-year-old Shawn Fanning and 18-year-old Sean Parker gave the world Napster. And it was very good. The Observer's Tom Lamont reports on VH1's soon-to-premiere Downloaded, a documentary that tells the story of the rise and fall of the file-sharing software that started the digital music revolution, and shares remembrances of how Napster rocked his world. 'I was 17,' writes Lamont, 'and the owner of an irregular music collection that numbered about 20 albums, most of them a real shame (OMC's How Bizarre, the Grease 2 soundtrack). One day I had unsupervised access to the family PC and, for reasons forgotten, an urge to hear the campy orchestral number from the film Austin Powers. I was a model Napster user: internet-equipped, impatient and mostly ignorant of the ethical and legal particulars of peer-to-peer file-sharing. I installed the software, searched Napster's vast list of MP3 files, and soon had Soul Bossa Nova plinking kilobyte by kilobyte on to my hard drive.' Sound familiar?"
An anonymous reader writes "Dozens of fans attending a NASCAR race at Daytona Speedway were injured when a crash during the last lap triggered a chain reaction, culminating in the front section of Kyle Larson's car ricocheting into the fence in front of the stands (Larson escaped injury). While the footage accompanying the article is dramatic enough, an even more riveting clip showing the chaotic scene in the stands from up close was posted on YouTube, but was taken down after NASCAR claimed it violated their copyright . YouTube has since restored the fan's video. A NASCAR spokesman has issued a clarification, saying that the takedown request was done out of respect for those injured. The race was an opening act for the main event, the Daytona 500, which officials say will proceed as scheduled. 'With the fence being prepared tonight to our safety protocols, we expect to go racing tomorrow with no changes,' Speedway President Joie Chitwood told CNN."
Hugh Pickens writes "The rules for papal elections are steeped in tradition. John Paul II last codified them in 1996, and Benedict XVI left the rules largely untouched. The 'Universi Dominici Gregis on the Vacancy of the Apostolic See and the Election of the Roman Pontiff' is surprisingly detailed. Now as the College of Cardinals prepares to elect a new pope, security people like Bruce Schneier wonder about the process. How does it work, and just how hard would it be to hack the vote? First, the system is entirely manual, making it immune to the sorts of technological attacks that make modern voting systems so risky. Second, the small group of voters — all of whom know each other — makes it impossible for an outsider to affect the voting in any way. The chapel is cleared and locked before voting. No one is going to dress up as a cardinal and sneak into the Sistine Chapel. In short, the voter verification process is about as good as you're ever going to find. A cardinal can't stuff ballots when he votes. Then the complicated paten-and-chalice ritual ensures that each cardinal votes once — his ballot is visible — and also keeps his hand out of the chalice holding the other votes. Ballots from previous votes are burned, which makes it harder to use one to stuff the ballot box. What are the lessons here? First, open systems conducted within a known group make voting fraud much harder. Every step of the election process is observed by everyone, and everyone knows everyone, which makes it harder for someone to get away with anything. Second, small and simple elections are easier to secure. This kind of process works to elect a pope or a club president, but quickly becomes unwieldy for a large-scale election. And third: When an election process is left to develop over the course of a couple of thousand years, you end up with something surprisingly good."