New submitter Nicolas Jondet writes "French courts will not be able to disconnect convicted file-sharers from the Internet anymore. On Tuesday, the French Culture minister issued a decree modifying the graduated response scheme and removing the disconnection penalty. 'The report says that instead of simply disconnecting users, those suspected of copyright could be fined if they did not reply to warnings, with a relatively low fine (€60) to begin, and the size of the fine would increase depending on the number of infractions. French anti-piracy will now their focus – instead of handing heavy punishments to individual users, the government is looking towards penalizing "commercial piracy" and "sites that profit from pirated material," according to an official spokesperson.'"
GrueMaster writes "Did Florida ban computers and smartphones? They tried banning Internet Cafes, but the wording in the law is overly broad. '... it's the wording that's problematic, as it defines a slot machine as "any machine or device or system or network of devices" that can be used in games of chance. Turns out the Internet is full of gambling sites, which is where the definition runs into some problems. Consuelo Zapata, owner of the Miami-Dade county Internet cafe Incredible Investments, LLC, is suing the state (PDF) to overturn the ban, saying that definition is too broad and could be applied to any number of electronic devices. "
An anonymous reader writes "After every major war, technology developed for a conflict gets applied to civilian life. The BBC recently reported that Army researchers have adapted advanced social network analysis software used for counter-insurgencies in Iraq and Afghanistan to help law enforcement analyze the behavior of street gangs. With the growing problem of gang violence in major U.S. cities, this may provide a fresh perspective. 'Orca can figure out the likely affiliations of individuals who will not admit to being members of any specific gang, as well as the sub-structure of gangs – the gang ecosystem – and the identities of those who tend to dictate the behaviour of others. ... Having some knowledge of the links and affiliations between different gangs can highlight dangers that call for more focused policing. If a gang perpetrates some violent action on a rival gang, police will often monitor the rival gang more closely because of the likelihood of retaliation. But gangs know this, and so the rivals might instead ask an allied gang to carry out a reprisal. Understanding such alliances helps the police stay a step ahead.' The question is: will it work?"
snydeq writes "InfoWorld's Roger Grimes interviews a longtime friend and cyber warrior under contract with the U.S. government, offering a fascinating glimpse of the front lines in the ever-escalating and completely clandestine cyber war. From the interview: 'They didn't seem to care that I had hacked our own government years ago or that I smoked pot. I wasn't sure I was going to take the job, but then they showed me the work environment and introduced me to a few future co-workers. I was impressed. ... We have tens of thousands of ready-to-use bugs in single applications, single operating systems. ... It's all zero-days. Literally, if you can name the software or the controller, we have ways to exploit it. There is no software that isn't easily crackable. In the last few years, every publicly known and patched bug makes almost no impact on us. They aren't scratching the surface.'"
wiredmikey writes "Recently discovered security flaws in the Emergency Alerting System (EAS) which is widely used by TV and radio stations across the United States, has made the systems vulnerable to remote attack. The vulnerability stems from an SSH key that is hard-coded into DASDEC-I and DASDEC-II devices made by Monroe Electronics. Unless the default settings were altered during deployment, impacted systems are using a known key that could enable an attacker with full access if the systems are publicly faced or if they've already compromised the network. By exploiting the vulnerability, an attacker could disrupt a station's ability to transmit and/or could send out false emergency information. 'Earlier this year we were shown an example of an intrusion on the EAS when the Montana Television Network's regular programming was interrupted by news of a zombie apocalypse. Although there was no zombie apocalypse, it did highlight just how vulnerable the system is,' said Mike Davis, a principal research scientist at IOActive. The DHS issued an alert on the vulnerability, and IOActive, the firm that discovered the flaw, has published additional technical details (PDF) on the security issue."
FuzzNugget writes "After the Economic Development Administration (EDA) was alerted by the DHS to a possible malware infection, they took extraordinary measures. Fearing a targeted attack by a nation-state, they shut down their entire IT operations, isolating their network from the outside world, disabling their email services and leaving their regional offices high and dry, unable to access the centrally-stored databases. A security contractor ultimately declared the systems largely clean, finding only six computers infected with untargeted, garden-variety malware and easily repaired by reimaging. But that wasn't enough for the EDA: taking gross incompetence to a whole new level, they proceeded to physically destroy $170,500 worth of equipment (PDF), including uninfected systems, printers, cameras, keyboards and mice. After the destruction was halted — only because they ran out of money to continue smashing up perfectly good hardware — they had racked up a total of $2.3 million in service costs, temporary infrastructure acquisitions and equipment destruction."
NF6X writes "UCSD Lecturer Brett Stallbaum has released an Android app called Gun Geo Marker to allow people to 'Geolocate Dangerous Guns and Owners.' The app description states: 'The Gun Geo Marker operates very simply, letting parents and community members mark, or geolocate, sites associated with potentially unsafe guns and gun owners. These locations are typically the homes or businesses of suspected unsafe gun owners, but might also be public lands or other locations where guns are not handled safely, or situations where proper rights to own or use any particular type of firearm may not exist.' I question how the motivation behind developing this app differs from, say, developing an app to allow others to publicly geotag homes of people believed to belong to a particular religion or political party."
The EFF has been attempting to sue the government over illegal surveillance since the Bush administration, and, despite repeated attempts to have the case dismissed because of State Secrets, a federal judge has now ruled that the case must go forward in public court, throwing out the government's State Secrets argument. From the order: Having thoroughly considered the parties' papers, Defendants' public and classified declarations, the relevant legal authority and the parties' arguments, the Court GRANTS the Jewel Plaintiffs' motion for partial summary adjudication by rejecting the state secrets defense as having been displaced by the statutory procedure prescribed in 50 U.S.C. 1806(f) of FISA. In both related cases, the Court GRANTS Defendants' motions to dismiss Plaintiffs' statutory claims on the basis of sovereign immunity. The Court further finds that the parties have not addressed the viability of the only potentially remaining claims, the Jewel Plaintiffs' constitutional claims under the Fourth and First Amendments and the claim for violation of separation of powers and the Shubert Plaintiffs' fourth cause of action for violation of the Fourth Amendment. Accordingly, the Court RESERVES ruling on Defendants' motion for summary judgment on the remaining, non-statutory claims." Although some statutory claims were dismissed, the core Constitutional questions will be litigated.
judgecorp writes "Privacy International is mounting a legal challenge against snooping by the UK government's intelligence agency GCHQ. But the case will be held in secret The group is challenging UK government access to Privacy, and the UK's own Tempora system, arguing that both allow 'indiscriminate' snooping because they operate in secrecy with a lack of legal oversight. All well and good — but the authorities have ruled that Privacy's challenge must be heard by the Investigatory Powers Tribunal, which hears cases in secret and is under no obligation to explain or justify its verdicts."
First time accepted submitter toshikodo writes "The BBC is reporting a claim that some sub-post office workers in the UK have been sent to jail because of a bug in the accounting software that they use. The Post Office admits Horizon computer defect. I've worked on safety critical system in the past, and I am well aware of the potential for software to ruin lives (thankfully AFAIK nobody has been harmed by my software), but how many of us consider the potential for bugs in ordinary software to adversely affect those that use it?"
First time accepted submitter Dr_Ish writes "The BBC is reporting that the opening ceremonies of last the Olympics last year were potentially subject to a cyber attack that could have cut all the lights and power. Of course, it did not happen. However, the interesting question is whether this is real, or whether this is a FUD story promoted by GCHQ to help shore up some credibility issues."
judgecorp writes "MIT's Immersion project sifts your Gmail, and constructs a map of your associations. Without opening a single message, it gives a clear view of who you connect with. It's a glimpse of some of what the NSA PRISM can do. From the article: 'You can assume that if the NSA is looking at your email, the information in Immersion is similar to what they will see. Consider that they probably see all of your email addresses (and not just Gmail) and that the metadata is examined along with the metadata from everyone you’ve corresponded with, and you can see just how much can be inferred from this data alone.'"
USSJoin writes "Andrew Auernheimer (or Weev, as he's often better known) is serving a 41-month sentence under the Computer Fraud and Abuse Act. The case is currently on appeal to the Third Circuit Court of Appeals; his lawyer filed the appellate brief last week. Now, a group of 13 security researchers, led by Meredith Patterson, and including include Peiter "Mudge" Zatko, Space Rogue, Jericho, Shane MacDougall, and Dan Kaminsky, are making their own thoughts heard by the court. They are submitting a brief to the Third Circuit Court of Appeals that argues that not only is Weev's conviction bad law, but if upheld, it will destroy independent security research, and perhaps the rest of consumer safety research as well."
andrewa writes "In an interview with Der Spiegel Snowden claims that the NSA, amongst other things, collaborated with Israel to write the Stuxnet virus. Not that this is news, as it has been suspected that it was a collaborative effort for some time. When asked about active major programs and how international partners help, Snowden says: 'The partners in the "Five Eyes" (behind which are hidden the secret services of the Americans, the British, the Australians, New Zealanders and Canadians -- ed.) sometimes go even further than the NSA people themselves. Take the Tempora program of the British intelligence GCHQ for instance. Tempora is the first "I save everything" approach ("Full take") in the intelligence world. It sucks in all data, no matter what it is, and which rights are violated by it. This buffered storage allows for subsequent monitoring; not a single bit escapes. Right now, the system is capable of saving three days’ worth of traffic, but that will be optimized. Three days may perhaps not sound like a lot, but it's not just about connection metadata. "Full take" means that the system saves everything. If you send a data packet and if makes its way through the UK, we will get it. If you download anything, and the server is in the UK, then we get it. And if the data about your sick daughter is processed through a London call center, then ... Oh, I think you have understood.'"
First time accepted submitter qwerdf writes "The Electronic Frontier Foundation's goal is 'defending your rights in the digital world', and its activities span the full gamut of freedom fighting: providing help with court cases; issuing white papers that explain current threats; running campaigns to spread awareness of various issues; and developing technologies that make our online activities safer from prying eyes. Here's a short history of how the EFF came together, what it has done so far, and how it's preparing for upcoming battles."
McGruber writes "The Washington Post is reporting the existence of 'Team Telecom', lawyers from the FBI and the departments of Defense, Justice and Homeland Security, who ensure that Global Crossing and other foreign-owned telecoms, quickly and confidentially fulfill the USA's surveillance requests. Team Telecom leverages the authority of the Federal Communications Commission (FCC) to approve cable licenses. The security agreement for Global Crossing, whose fiber-optic network connected 27 nations and four continents, required the company to have a 'Network Operations Center' on U.S. soil that could be visited by government officials with 30 minutes of warning. Surveillance requests, meanwhile, had to be handled by U.S. citizens screened by the government and sworn to secrecy — in many cases prohibiting information from being shared even with the company's executives and directors. A spokesman for Level 3 Communications declined to comment for the Washington Post's article."
First time accepted submitter Salo2112 writes "In a case believed to be the first of its kind, federal authorities have seized a Charleston man's virtual currency due to an alleged drug law violation with possible links to a shadowy online black market. From the article: 'The U.S. Drug Enforcement Administration recently posted a forfeiture notice indicating that agents had seized 11.02 Bitcoins worth $814 from 31-year-old Eric Daniel Hughes for allegedly violating the federal Controlled Substances Act. No other details were provided.'"
eldavojohn writes "A recent poll from the YouGov consisting of one thousand responses shows that Snowden's support among Americans has shifted. Now, according to the poll, more Americans think he did the wrong thing rather than the right thing when asked: 'Based on what you've heard, do think Snowden's leak of top-secret information about government surveillance programs to the media was the right thing to do or the wrong thing to do?' The results and breakdown are available online (PDF). Without getting into racial or political breakdowns, the results now show that 38% say he did the wrong thing, 33% say he did the right thing and 29% remain undecided about the results of his actions. Instead of charging the populace into action Snowden may be facing apathy at best and public disapproval at worst."
An anonymous reader writes "As physical book stores continue to struggle and disappear, the NY Times puts the changing book industry into perspective as a cost of the existence of Amazon. Further, it's a cost that hasn't been fully paid, as other effects of Amazon's ascendancy have yet to be felt. Quoting: 'One consequence of this shift is that soon no one will know what a book's "real" price is. Price will be determined by demand and perhaps by whim. The first seeds of this can be seen in the Justice Department's suit against the leading publishers, who felt that Amazon was pricing their e-books so low that it threatened their viability. The government accused the publishers of colluding to raise prices in an anti-consumer move. Amazon was not a party to the case, but it emerged the big winner.' Economists, publishers, and readers no longer have confidence that a book will cost the same amount this week as it did the last."