TechWeek Europe reports that on Friday Russia's parliament passed a law "which bans online businesses from storing personal data of Russian citizens on servers located abroad[.] ... According to ITAR-TAAS, the changes to existing legislation will come into effect in September 2016, and apply to email services, social networks and search engines, including the likes of Facebook and Google. Domain names or net addresses not complying with regulations will be put on a blacklist maintained by Roskomnadzor (the Federal Supervision Agency for Information Technologies and Communications), the organisation which already has the powers to take down websites suspected of copyright infringement without a court order. In the case of non-compliance, Roskomnadzor will be able to impose 'sanctions,' and even instruct local Internet Service Providers (ISPs) to cut off access to the offending resource." According to the article, the "measure is widely seen as a response to reports about the intrusive surveillance practices of the US National Security Agency (NSA) and the UK’s GCHQ. Edward Snowden, who revealed sensitive data about the operations of both, is currently residing in Russia, with his asylum application up for a review in a couple of months." The writer points out that this would mean many web sites would be legally unavailable altogether to Russian users.
DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's now on IFTTT. Check it out! Check out the new SourceForge HTML5 Internet speed test! ×
An anonymous reader writes Only days after receiving harsh criticism from all corners of the internet for taking down links to news articles, Google has started to reinstate those links. Google's Peter Barron denied that they were simply granting all "right to be forgotten" requests. "The European Court of Justice [ECJ] ruling was not something that we welcomed, that we wanted — but it is now the law in Europe and we are obliged to comply with that law," he said. Still, Google's actions are being called "tactical" for how quickly they were able to stir public dissent over the EU ruling. "It's convenient, then, that it's found a way to get the media to kick up the fuss for it: there are very few news organisations in the world who are happy to hear their output is being stifled. A few automated messages later, the story is back in the headlines – and Google is likely to be happy about that."
New submitter Plumpaquatsch writes: Deutsche Welle reports: "A member of Germany's foreign intelligence agency has been detained for possibly spying for the U.S. The 31-year-old is suspected of giving a U.S. spy agency information about a parliamentary inquiry of NSA activities. During questioning, the suspect reportedly told investigators that he had gathered information on an investigative committee from Germany's lower house of parliament, the Bundestag. The panel is conducting an inquiry into NSA surveillance on German officials and citizens; yesterday an ex-staffer told it the NSA was 'totalitarian' mass collector of data."
Bismillah writes: The Preferred Network Offload feature in Android extends battery life, but it also leaks location data, according to the Electronic Frontier Foundation. What's more, the same flaw is found in Apple OS X and Windows 7. "This location history comes in the form of the names of wireless networks your phone has previously connected to. These frequently identify places you've been, including homes ('Tom’s Wi-Fi'), workplaces ('Company XYZ office net'), churches and political offices ('County Party HQ'), small businesses ('Toulouse Lautrec's house of ill-repute'), and travel destinations ('Tehran Airport wifi'). This data is arguably more dangerous than that leaked in previous location data scandals because it clearly denotes in human language places that you've spent enough time to use the Wi-Fi."
An anonymous reader writes in with this article from the BBC about Google's recent removal of a news story from search results. "Google's decision to remove a BBC article from some of its search results was "not a good judgement", a European Commission spokesman has said. A link to an article by Robert Peston was taken down under the European court's "right to be forgotten" ruling. But Ryan Heath, spokesman for the European Commission's vice-president, said he could not see a "reasonable public interest" for the action. He said the ruling should not allow people to "Photoshop their lives". The BBC understands that Google is sifting through more than 250,000 web links people wanted removed."
mask.of.sanity writes Forensics and industry experts have cast doubt on an alleged National Security Agency capability to locate whistle blowers appearing in televised interviews based on how the captured background hum of electrical devices affects energy grids. Divining information from electrified wires is a known technique: Network Frequency Analysis (ENF) is used to prove video and audio streams have not been tampered with, but experts weren't sure if the technology could be used to locate individuals.
v3rgEz (125380) writes A month before Comcast's announcement of a $45B takeover of rival Time-Warner, Comcast's top lobbyist invited the US government's top antitrust regulators to share the company's VIP box at the Sochi Olympics. A Freedom of Information Act request from Muckrock reveals that the regulators reluctantly declined, saying "it sounds like so much fun" but the pesky "rules folks" would frown on it, instead suggesting a more private dinner later.
realized (2472730) writes "In nine cases in 2013, state police were unable to break the encryption used by criminal suspects they were investigating, according to an annual report on law enforcement eavesdropping released by the U.S. court system on Wednesday. That's more than twice as many cases as in 2012, when police said that they'd been stymied by crypto in four cases—and that was the first year they'd ever reported encryption preventing them from successfully surveilling a criminal suspect. Before then, the number stood at zero."
New submitter DaveSmith1982 writes with word from PV Tech that A property tax exemption for solar power systems in California has been extended to 2025, following the passing of a bill as part of the annual state budget. Senate Bill 871 (SB871) was approved during the signing of the budget by governor Jerry Brown, which took place last week. The wording of SB871 extends the period during which property taxes will not be applied to "active solar energy systems," which includes PV and solar water heaters.
New submitter marxmarv writes If you search the web for communications security information, or read online tech publications like Linux Journal or BoingBoing, you might be a terrorist. The German publication Das Erste disclosed a crumb of alleged XKeyScore configuration, with the vague suggestion of more source code to come, showing that Tor directory servers and their users, and as usual the interested and their neighbor's dogs due to overcapture, were flagged for closer monitoring. Linux Journal, whose domain is part of a listed selector, has a few choice words on their coveted award. Would it be irresponsible not to speculate further?
New submitter thittesd0375 (1111917) writes New rules adopted by the FCC will greatly limit the amount of bandwidth available in the unlicensed U-NII band used to deliver internet to rural areas. The filters required to comply with the new rules would shrink the available frequencies from 125MHz to only 45MHz. Petitions to reconsider this ruling can be submitted here and previous petitions can be found here.
An anonymous reader writes with this excerpt from TechDirt: Three years ago we wrote about how Austrian police had seized computers from someone running a Tor exit node. This kind of thing happens from time to time, but it appears that folks in Austria have taken it up a notch by... effectively now making it illegal to run a Tor exit node. According to the report, which was confirmed by the accused, the court found that running the node violated 12 of the Austrian penal code, which effectively says:"Not only the immediate perpetrator commits a criminal action, but also anyone who appoints someone to carry it out, or anyone who otherwise contributes to the completion of said criminal action." In other words, it's a form of accomplice liability for criminality. It's pretty standard to name criminal accomplices liable for "aiding and abetting" the activities of others, but it's a massive and incredibly dangerous stretch to argue that merely running a Tor exit node makes you an accomplice that "contributes to the completion" of a crime. Under this sort of thinking, Volkswagen would be liable if someone drove a VW as the getaway car in a bank robbery. It's a very, very broad interpretation of accomplice liability, in a situation where it clearly does not make sense.
tobiasly (524456) writes I run a few websites which are occasionally the target of bogus DMCA takedown requests. Even a cursory look at these requests would reveal that the content these requests try to have removed are not even eligible for copyright (for example, someone named "John Smith" decides he wants to have every instance of his name removed from the internet, so he claims he has a copyright on "John Smith", and the comment section of my website has that name somewhere.) I'm guessing most webmasters of sites with significant traffic face this problem, but I'm having difficulty finding information on domain registrars' and hosting providers' DMCA response policies. Most seem to over-react and require an official counter-response. I'm worried I'll miss one of these someday and find that my entire domain was suspended as a result. Both my domain registrar and hosting provider have forwarded these notices in the past. I'm also worried that they're forwarding my response (including personal details) to the original complainant. Which domain registrars and hosting providers have you found who handle these complaints in a reasonable manner, and filter out the ones that are obviously bogus? Which ones have a clearly stated policy regarding these requests, and respect the site owner's privacy? Some of these domains are .us TLD, which unfortunately will limit my choice to U.S.-based companies.
AthanasiusKircher (1333179) writes The story is classic: Boy meets Girl. Boy likes Girl. Boy goes on the internet and writes about his fantasies that involve killing and eating Girl. Boy goes to jail. In this case, the man in question, NYC police officer Gilberto Valle, didn't act on his fantasies — he just shared them in a like-minded internet forum. Yesterday, Valle was released from jail after a judge overturned his conviction on appeal. U.S. District Judge Paul Gardephe wrote that Valle was "guilty of nothing more than very unconventional thoughts... We don't put people in jail for their thoughts. We are not the thought police and the court system is not the deputy of the thought police." The judge concluded that there was insufficient evidence, since "this is a conspiracy that existed solely in cyberspace" and "no reasonable juror could have found that Valle actually intended to kidnap a woman... the point of the chats was mutual fantasizing about committing acts of sexual violence on certain women." (A New York magazine article covered the details of the case and the implications of the original conviction earlier this year.)
rudy_wayne (414635) writes A Goldman Sachs contractor was testing internal changes made to Goldman Sachs system and prepared a report with sensitive client information, including details on brokerage accounts. The report was accidentally e-mailed to a 'gmail.com' address rather than the correct 'gs.com' address. Google told Goldman Sachs on June 26 that it couldn't just reach into Gmail and delete the e-mail without a court order. Goldman Sachs filed with the New York Supreme Court, requesting "emergency relief" to avoid a privacy violation and "avoid the risk of unnecessary reputational damage to Goldman Sachs."
Graculus (3653645) writes Budgetmakers in the U.S. Senate have moved to halt U.S. participation in ITER, the huge international fusion experiment now under construction in Cadarache, France, that aims to demonstrate that nuclear fusion could be a viable source of energy. Although the details are not available, Senate sources confirm a report by Physics Today that the Senate's version of the budget for the Department of Energy (DOE) for fiscal year 2015, which begins 1 October, would provide just $75 million for the United States' part of the project. That would be half of what the White House had requested and just enough to wind down U.S. involvement in ITER. According to this story from April, the U.S. share of the ITER budget has jumped to "$3.9 billion — roughly four times as much as originally estimated." (That's a pretty big chunk; compare it, say, to NASA's entire annual budget.)
wiredmikey writes Researchers with RSA have discovered a Boleto malware (Bolware) ring that compromised as many as 495,753 Boleto transactions during a two-year period. Though it is not clear whether the thieves successfully collected on all of the compromised transactions, the value of those transactions is estimated to be worth as much as $3.75 billion. A Boleto is essentially a document that allows a customer to pay an exact amount to a merchant. Anyone who owns a bank account — whether a company or an individual — can issue a Boleto associated with their bank. The first signs of its existence appeared near the end of 2012 or early 2013, when it began to be reported in the local news media," according to the report (PDF). "The RSA Research Group analyzed version 17 of the malware, gathering data between March 2014 and June 2014. The main goal of Boleto malware is to infiltrate legitimate Boleto payments from individual consumers or companies and redirect those payments from victims to fraudster accounts."
An anonymous reader writes There's an independent agency within the U.S. government called the Privacy and Civil Liberties Oversight Board. Their job is to weigh the benefits of government actions — like stopping terrorist threats — against violations of citizens' rights that may result from those actions. As you might expect, the NSA scandal landed squarely in their laps, and they've compiled a report evaluating the surveillance methods. As the cynical among you might also expect, the Oversight Board gave the NSA a pass, saying that while their methods were "close to the line of constitutional reasonableness," they were used for good reason. In the completely non-binding 191-page report (PDF), they said, "With regard to the NSA's acquisition of 'about' communications [metadata], the Board concludes that the practice is largely an inevitable byproduct of the government's efforts to comprehensively acquire communications that are sent to or from its targets. Because of the manner in which the NSA conducts upstream collection, and the limits of its current technology, the NSA cannot completely eliminate 'about' communications from its collection without also eliminating a significant portion of the 'to/from' communications that it seeks."
the simurgh writes: As many who follow the Kim Dotcom saga know, New Zealand police seized his encrypted computer drives in 2012, copies of which were illegally passed to the FBI. Fast-forward to 2014: Dotcom wants access to the seized but encrypted content. A New Zealand judge has now ruled that even if the Megaupload founder supplies the passwords, the encryption keys cannot be forwarded to the FBI.
vortex2.71 (802986) writes Amazon is suing a former employee of its cloud services division after he took a similar position at Google. The interesting aspect of the lawsuit is that Google is choosing to vigorously defend the lawsuit, so this is a case of Goliath vs. Goliath rather than David vs. Goliath. According to court documents, Zoltan Szabadi left a business-development position at Amazon Web Services for Google's Cloud Platform division. Szabadi's lawyer responded by contending that, while Szabadi did sign a non-compete agreement, he would only use his general knowledge and skills at Google and would not use any confidential information he had access to at Amazon. He also believes Amazon's confidentiality and non-compete agreements are an unlawful business practice.