cstacy writes "Tatu Yionen, inventor of SSH, says he feels 'a moral responsibility' to come out of retirement and warn that a 'little-noticed problem' could jeopardize the security of much of the world's confidential data. He is referring to the management (or lack thereof) of SSH keys (i.e. 'authorized_keys') files. He suggests that most organizations simply allow the SSH key files to be created, copied, accumulated, and abandoned, all over their network, making easy pickings for intruders to gain access. Do you think this is a widespread problem? How does your company manage SSH keys?" cstacy's summary here is accurate, but as charlesTheLurker notes, the article is a bit over the top: "The Washington Times claims that there's a huge vulnerability in ssh. It turns out that some reporter there has discovered that you can do passwordless login with the software, and has spun this into a story of a dangerous vulnerability. Sigh."
BLACK FRIDAY DEAL: Trust the World's Fastest VPN with Your Internet Security & Freedom--A Lifetime Subscription of PureVPN at $48 with coupon code "BFRIDAY20" ×
As part of their 2012 in review series, the EFF takes a look at how blasphemy laws have chilled online speech this year. A "dishonorable mention" goes to YouTube this year: "A dishonorable mention goes to YouTube, which blocked access to the controversial 'Innocence of Muslims' video in Egypt and Libya without government prompting. The Arabic Network for Human Rights Information, a group based in Egypt, condemned YouTube's decision."
The Electronic Frontier Foundation recaps two court cases pending in the U.S. which will decide whether you're allowed to re-sell the things you purchase. The first case deals with items bought in other countries for resale in the U.S., such as textbooks. An unfavorable decision there would mean "anything that is made in a foreign country and contains copies of copyrighted material – from the textbooks at issue in the Kirtsaeng case to shampoo bottles with copyrighted labels – could be blocked from resale, lending, or gifting without the permission of the copyright owner. That would create a nightmare for consumers and businesses, upending used goods markets and undermining what it really means to 'buy' and 'own' physical goods. The ruling also creates a perverse incentive for U.S. businesses to move their manufacturing operations abroad. It is difficult for us to imagine this is the outcome Congress intended." The second case is about whether music purchased on services like iTunes can be resold to other people. "Not only does big content deny that first sale doctrine applies to digital goods, but they are also trying to undermine the first sale rights we do have by forcing users to license items they would rather buy. The copyright industry wants you to "license" all your music, your movies, your games — and lose your rights to sell them or modify them as you see fit."
New submitter Isaac-1 writes "First it was the sex offenders being mapped using public records, now it seems to be gun owners — I wonder who will be next? It seems a newspaper in New York has published an interactive map with the names and addresses of people with [handguns]." It's happened before: In 2007, Virginia's Roanoke Times raised the ire of many gun owners by publishing a database of Virginia's gun permit holders that it assembled based on public records inquiries. (The paper later withdrew that database.) Similarly, WRAL-TV in North Carolina published a database earlier this year with searchable map of (partially redacted) information about permit holders in that state, and Philadelphia made the news for a similar disclosure — complete with interactive map and addresses — of hundreds of gun permit applicants and holders.
New submitter Alex Belits writes "Users of the Instagram image sharing service owned by Facebook filed a class action against Facebook for the recent change in Terms of Service." The changes that were supposed to take effect on January 16, 2013 declared for Facebook an unlimited right to use and license users' photos, added an arbitration requirement for legal disputes, and more. Guess the lawyers involved here weren't impressed enough by Facebook's hasty back-pedaling on this front; the company did explicitly disclaim ownership interest in the uploaded photos after a wave of complaints, but left in place certain other clauses in the new terms.
Dupple writes with news of another tech patent thrown out for obviousness. From the article: "On Friday, the High Court of London issued a ruling that said that one of Motorola's patents covering technology to synchronize messages across several devices should be invalidated. Originally, the patent covered the synching of messages across multiple pagers, but recently Motorola has used the patent in lawsuits against Apple and Microsoft for using similar message-syncing services in iCloud and on the Xbox, respectively. The presiding Judge Richard Arnold declared Motorola's patent invalid and said it should be revoked because the patent (which has a priority date from 1995, but was issued in 2002) contained technology that 'was obvious to experts in the field at the time.'"
alphadogg writes "As a new session of Congress convenes in early 2013, don't expect lawmakers to rush out a new version of the Stop Online Piracy Act (SOPA) or the Protect IP Act (PIPA). While some groups representing copyright holders still want to see stronger online enforcement, U.S. lawmakers don't seem to have the collective will to reintroduce similar bills and potentially face another massive online protest. In January 2012, more than 10 million Web users signed petitions, 8 million attempted calls to Congress and 4 million sent email messages, and more than 100,000 websites went dark in protest as the Senate scheduled a vote on PIPA. Lawmakers supporting the two bills baled out in droves, Senate leaders cancelled the PIPA vote, and SOPA's sponsor in the House of Representatives withdrew his legislation. 'That was an avalanche they've never seen,' said Ed Black, head of the Computer and Communications Industry Association. 'They're going to tiptoe in this area very carefully.'"
New submitter wilbrod writes "A Quebec special effects artist charged with corrupting morals has been found not guilty in a case that tested the boundaries of creative expression and Canadian obscenity laws. He was charged with three counts of corrupting morals by distributing, possessing and producing obscene material. During the trial, Couture argued his gory works, roughly a thousand images and two short videos that appeared on Couture's website, Inner Depravity, should be considered art. The material in question depicts gruesome murders, torture, sexual abuse, assaults and necrophilia — all with young female victims."
theodp writes "'It can be tough to stay connected over long distances,' writes GeekWire's Todd Bishop. 'Yes, there's phone calls, texting, Facebook, Twitter, IM, video chatting and everything else. But what if you could give virtual hugs to each other using battery-powered, Internet-enabled pillows?' That — and more — is covered by Microsoft's newly-awarded patent on Force-Feedback Within Telepresence, the idea of using interactive, connected devices to bring physical interactions to long-distance communications. Readers of Ted Nelson's 1975 Computer Lib/Dream Machines can only imagine the interesting possibilities for Skype!"
The NSA was originally supposed to handle foreign intelligence, and leave the domestic spying to other agencies, but Presto Vivace writes with this bit from CNET: "'The National Security Agency's Perfect Citizen program hunts for vulnerabilities in 'large-scale' utilities, including power grid and gas pipeline controllers, new documents from EPIC show.' 'Perfect Citizen?' Who thinks up these names?" "The program is scheduled to continue through at least September 2014," says the article.
Techmeology writes "Just days after the UK Pirate Party was forced to kill its proxy service Pirate Parties in Argentina and Luxembourg have created their own proxies. In a statement, the Pirate Party in Argentina said: 'We wish the UK Pirate Party best of luck in their continued fight for free access to culture and knowledge. We have put up our own Pirate Bay proxy which is accessible from anywhere in the world, including the UK and other places where it has been censored.'"
An anonymous reader writes "2 Player Productions, the producers of Minecraft: The Story of Mojang, on Saturday uploaded the documentary to The Pirate Bay. The news comes as a surprise move after an announcement earlier this week that the film is premiering today for free on Xbox Live to Gold subscribers. You can download it here."
An anonymous reader writes "After the rubber-banding, 'Steve Jobs' heuristics and pinch-to-zoom patents, another Apple patent in use against Samsung comes under pressure. An anonymous filer, most likely Samsung, has filed a reexamination request against Apple's RE41,922 patent on a 'method and apparatus for providing translucent images on a computer display.' It's not among the patents a California jury evaluated this summer, but one of four patents an ITC judge preliminarily found Samsung to infringe. The reexamination request features five new pieces of prior art (three U.S. patents from the early 1990s and two Japanese patents), all of which dealt with translucent images. The patent office will decide next year whether to grant or deny the request for reexamination. Expect more such petitions targeting Apple patents."
jonklinger writes with the lead from his report on a move to hamper internet freedom in Israel: "Israel is to attempt, again, to pass a bill that authorizes police officers to issue warrants to Internet service providers to block or restrict access to specific websites involved either in gambling, child pornography or copyright infringement. The bill itself proposes that such administrative procedures shall be clandestine and that court decisions shall be made ex-parte, where some of the court's ruling will not be even dislosed to the owner of the website, and the court may hear and use inadmissible evidence."
Hugh Pickens writes "Michael Wilson writes in the NY Times that top intelligence officials in the New York Police Department are looking for ways to target 'apolitical or deranged killers before they become active shooters' using techniques similar to those being used to spot terrorists' chatter online. The techniques would include 'cyber-searches of language that mass-casualty shooters have used in e-mails and Internet postings,' says Police Commissioner Raymond W. Kelly. 'The goal would be to identify the shooter in cyberspace, engage him there and intervene, possibly using an undercover to get close, and take him into custody or otherwise disrupt his plans.' There are also plans to send officers to Newtown and to scenes of other mass shootings to collect information says the department's chief spokesman Paul. J. Browne adding that potential tactics include creating an algorithm that would search online 'for terms used by active shooters in the past that may be an indicator of future intentions.' The NYPD's counter-terrorism division released a report last year, 'Active Shooter (PDF),' after studying 202 mass shooting incidents. 'So, we think this is another logical step,' says Kelly."