The Courts

Yelp Files New EU Complaint Against Google Over Search Dominance (ft.com) 56

Yelp has filed a complaint with the EU's antitrust watchdog against Google, arguing that the search company has abused its dominance in local search and pressuring Brussels to launch new charges against the tech giant, Financial Times reported Tuesday. From the report: European antitrust authorities fined Google $2.8B in June 2017 for favouring its own shopping service over rival offerings in its search results. Google denied wrongdoing and has appealed that decision. Now Yelp, which provides user ratings, reviews and other information about local businesses, wants Margrethe Vestager, the EU Competition Commissioner, to take action against Google for similar alleged abuse in the local search market, according to a copy of the complaint seen by the Financial Times. The move comes days after Yelp founder Jeremy Stopplelman appeared on 60 Minutes to talk about Google's search monopoly. Here's the exchange he had with reporter Steve Kroft: Jeremy Stoppelman: If I were starting out today, I would have no shot of building Yelp. That opportunity has been closed off by Google and their approach.
Steve Kroft: In what way?
Jeremy Stoppelman: Because if you provide great content in one of these categories that is lucrative to Google, and seen as potentially threatening, they will snuff you out.
Steve Kroft: What do you mean snuff you out?
Jeremy Stoppelman: They will make you disappear. They will bury you.

Businesses

Amazon Pushes Facial Recognition to Police, Prompting Outcry Over Surveillance (nytimes.com) 134

Nick Wingfield, reporting for The New York Times: In late 2016, Amazon introduced a new online service that could help identify faces and other objects in images, offering it to anyone at a low cost through its giant cloud computing division, Amazon Web Services. Not long after, it began pitching the technology to law enforcement agencies, saying the program could aid criminal investigations by recognizing suspects in photos and videos. It used a couple of early customers, like the Orlando Police Department in Florida and the Washington County Sheriff's Office in Oregon, to encourage other officials to sign up.

But now that aggressive push is putting the giant tech company at the center of an increasingly heated debate around the role of facial recognition in law enforcement. Fans of the technology see a powerful new tool for catching criminals, but detractors see an instrument of mass surveillance. On Tuesday, the American Civil Liberties Union led a group of more than two dozen civil rights organizations that asked Amazon to stop selling its image recognition system, called Rekognition, to law enforcement. The group says that the police could use it to track protesters or others whom authorities deem suspicious, rather than limiting it to people committing crimes.

United States

Trump Ignores 'Inconvenient' Security Rules To Keep Tweeting On His iPhone, Says Report (politico.com) 446

According to Politico, "President Donald Trump uses a White House cellphone that isn't equipped with sophisticated security features designed to shield his communications." The decision is "a departure from the practice of his predecessors that potentially exposes him to hacking or surveillance." From the report: The president uses at least two iPhones, according to one of the officials. The phones -- one capable only of making calls, the other equipped only with the Twitter app and preloaded with a handful of news sites -- are issued by White House Information Technology and the White House Communications Agency, an office staffed by military personnel that oversees White House telecommunications. While aides have urged the president to swap out the Twitter phone on a monthly basis, Trump has resisted their entreaties, telling them it was "too inconvenient," the same administration official said. The president has gone as long as five months without having the phone checked by security experts. It is unclear how often Trump's call-capable phones, which are essentially used as burner phones, are swapped out.
Bug

Comcast Website Bug Leaks Xfinity Customer Data (zdnet.com) 37

An anonymous reader quotes a report from ZDNet: A bug in Comcast's website used to activate Xfinity routers can return sensitive information on the company's customers. The website, used by customers to set up their home internet and cable service, can be tricked into displaying the home address where the router is located, as well as the Wi-Fi name and password. Two security researchers, Karan Saini and Ryan Stevenson, discovered the bug. Only a customer account ID and that customer's house or apartment number is needed -- even though the web form asks for a full address.

ZDNet obtained permission from two Xfinity customers to check their information. We were able to obtain their full address and zip code -- which both customers confirmed. The site returned the Wi-Fi name and password -- in plaintext -- used to connect to the network for one of the customers who uses an Xfinity router. The other customer was using his own router -- and the site didn't return the Wi-Fi network name or password.

Transportation

Boeing's Folding Wingtips Get the FAA Green Light (engadget.com) 81

Boeing received FAA approval today for its folding wingtips, which will let the planes stop at airport gates big enough to accommodate typical 777 models. "Once the 777X lands, the wingtips will rotate until they point upwards," reports Engadget. "Bloomberg notes that the plane will be the only commercial model in widespread use to have such a feature." From the report: The 777X's wingtips are so novel that U.S. regulators had to draw up new standards for them. The agency was concerned that the wingtips could cause safety issues -- some plane crashes occurred after pilots did not secure flaps on wings before takeoff. The FAA required Boeing to have several warning systems to make sure pilots won't attempt a takeoff before the wingtips are locked in the correct position. The FAA also wanted assurances that there was no way the tips would rotate during flight, and that the wings could handle winds of up to 75 miles per hour while on the ground.

The new wings are made from carbon-fiber composites that are stronger and lighter than the metal Boeing uses in other wings. That lets the company increase the wings' width by 23 feet to 235 feet, which makes flying more efficient. These are the widest wings Boeing has attached to a plane, surpassing the 747-8's 224 feet. However, it doesn't hold the record for a commercial plane: the Airbus A380 has a 262-foot-wide wing, which forced some airports to install gates specifically to accommodate it.

Security

Google and Microsoft Disclose New CPU Flaw, and the Fix Can Slow Machines Down (theverge.com) 80

An anonymous reader quotes a report from The Verge: Microsoft and Google are jointly disclosing a new CPU security vulnerability that's similar to the Meltdown and Spectre flaws that were revealed earlier this year. Labelled Speculative Store Bypass (variant 4), the latest vulnerability is a similar exploit to Spectre and exploits speculative execution that modern CPUs use. Browsers like Safari, Edge, and Chrome were all patched for Meltdown earlier this year, and Intel says "these mitigations are also applicable to variant 4 and available for consumers to use today." However, unlike Meltdown (and more similar to Spectre) this new vulnerability will also include firmware updates for CPUs that could affect performance. Intel has already delivered microcode updates for Speculative Store Bypass in beta form to OEMs, and the company expects them to be more broadly available in the coming weeks. The firmware updates will set the Speculative Store Bypass protection to off-by-default, ensuring that most people won't see negative performance impacts.

"If enabled, we've observed a performance impact of approximately 2-8 percent based on overall scores for benchmarks like SYSmark 2014 SE and SPEC integer rate on client 1 and server 2 test systems," explains Leslie Culbertson, Intel's security chief. As a result, end users (and particularly system administrators) will have to pick between security or optimal performance. The choice, like previous variants of Spectre, will come down to individual systems and servers, and the fact that this new variant appears to be less of a risk than the CPU flaws that were discovered earlier this year.

Businesses

US Treasury Secretary Calls For Google Monopoly Probe (theregister.co.uk) 85

After a 60 Minutes episode that focused on Google and its effective search monopoly, U.S. Treasury Secretary Steve Mnuchin called for large tech companies to be investigated for potential antitrust violations. Asked whether Google was abusing its market dominance as a monopoly, Mnuchin told CNBC on Monday "these are issues that the Justice Department needs to look at seriously," and argued that it was important to "look at the power they have" noting that companies like Google "have a greater and greater impact on the economy." The Register reports: Mnuchin's willingness to directly criticize Google and other tech companies and argue that they should be under investigation is just the latest sign that Washington DC is serious about digging in the market power of Big Internet. It is notable that it was 20 years ago, almost to the day, that America finally dealt with another tech antitrust problem when the Justice Department and 20 state attorneys general filed suit -- on May 18, 1998 -- against what was then the most powerful tech company in the country: Microsoft.
Communications

FCC is Hurting Consumers To Help Corporations, Mignon Clyburn Says On Exit (arstechnica.com) 91

Former Commissioner Mignon Clyburn, who left the agency this month, has taken aim at it in an interview, saying the agency has abandoned its mission to safeguard consumers and protect their privacy and speech. From her interview with ArsTechnica: "I'm an old Trekkie," Clyburn told Ars in a phone interview, while comparing the FCC's responsibility to the Star Trek fictional universe's Prime Directive. "I go back to my core, my prime directive of putting consumers first." If the FCC doesn't do all it can to bring affordable communications services to everyone in the US, "our mission will not be realized," she said. The FCC's top priority, as set out by the Communications Act, is to make sure all Americans have "affordable, efficient, and effective" access to communications services, Clyburn said. But too often, the FCC's Republican majority led by Chairman Ajit Pai is prioritizing the desires of corporations over consumers, Clyburn said. "I don't believe it's accidental that we are called regulators," she said. "Some people at the federal level try to shy away from that title. I embrace it."

Clyburn said that deregulation isn't bad in markets with robust competition, because competition itself can protect consumers. But "that is just not the case" in broadband, she said. "Let's just face it, [Internet service providers] are last-mile monopolies," she told Ars. "In an ideal world, we wouldn't need regulation. We don't live in an ideal world, all markets are not competitive, and when that is the case, that is why agencies like the FCC were constructed. We are here as a substitute for competition." Broadband regulators should strike a balance that protects consumers and promotes investment from large and small companies, she said. "If you don't regulate appropriately, things go too far one way or the other, and we either have prices that are too high or an insufficient amount of resources or applications or services to meet the needs of Americans," Clyburn said.

Privacy

Most GDPR Emails Unnecessary and Some Illegal, Say Experts (theguardian.com) 84

The vast majority of emails flooding inboxes across Europe from companies asking for consent to keep recipients on their mailing list are unnecessary and some may be illegal, privacy experts have said, as new rules over data privacy come into force at the end of this week. From a report: Many companies, acting based on poor legal advice, a fear of fines of up to $23.5 million and a lack of good examples to follow, have taken what they see as the safest option for hewing to the General Data Protection Regulation (GDPR): asking customers to renew their consent for marketing communications and data processing. But Toni Vitale, the head of regulation, data and information at the law firm Winckworth Sherwood, said many of those requests would be needless paperwork, and some that were not would be illegal.
United States

Supreme Court Upholds Workplace Arbitration Contracts Barring Class Actions (nytimes.com) 328

The Supreme Court on Monday ruled that companies can use arbitration clauses in employment contracts to prohibit workers from banding together to take legal action over workplace issues. From a report: The vote was 5 to 4, with the court's more conservative justices in the majority. The court's decision could affect some 25 million employment contracts. Writing for the majority, Justice Neil M. Gorsuch said the court's conclusion was dictated by a federal law favoring arbitration and the court's precedents. If workers were allowed to band together to press their claims, he wrote, "the virtues Congress originally saw in arbitration, its speed and simplicity and inexpensiveness, would be shorn away and arbitration would wind up looking like the litigation it was meant to displace." Justice Ruth Bader Ginsburg read her dissent from the bench, a sign of profound disagreement. In her written dissent, she called the majority opinion "egregiously wrong." In her oral statement, she said the upshot of the decision "will be huge under-enforcement of federal and state statutes designed to advance the well being of vulnerable workers."
Google

Google Sued For 'Clandestine Tracking' of 4.4 Million UK iPhone Users' Browsing Data (theguardian.com) 32

Google is being sued in the high court for as much as $4.3 billion for the alleged "clandestine tracking and collation" of personal information from 4.4 million iPhone users in the UK. From a report: The collective action is being led by former Which? director Richard Lloyd over claims Google bypassed the privacy settings of Apple's Safari browser on iPhones between August 2011 and February 2012 in order to divide people into categories for advertisers. At the opening of an expected two-day hearing in London on Monday, lawyers for Lloyd's campaign group Google You Owe Us told the court information collected by Google included race, physical and mental heath, political leanings, sexuality, social class, financial, shopping habits and location data.

Hugh Tomlinson QC, representing Lloyd, said information was then "aggregated" and users were put into groups such as "football lovers" or "current affairs enthusiasts" for the targeting of advertising. Tomlinson said the data was gathered through "clandestine tracking and collation" of browsing on the iPhone, known as the "Safari Workaround" -- an activity he said was exposed by a PhD researcher in 2012. Tomlinson said Google has already paid $39.5m to settle claims in the US relating to the practice. Google was fined $22.5m for the practice by the US Federal Trade Commission in 2012 and forced to pay $17m to 37 US states.

AI

New Toronto Declaration Calls On Algorithms To Respect Human Rights 160

A coalition of human rights and technology groups released a new declaration on machine learning standards, calling on both governments and tech companies to ensure that algorithms respect basic principles of equality and non-discrimination. The Verge reports: Called The Toronto Declaration, the document focuses on the obligation to prevent machine learning systems from discriminating, and in some cases violating, existing human rights law. The declaration was announced as part of the RightsCon conference, an annual gathering of digital and human rights groups. "We must keep our focus on how these technologies will affect individual human beings and human rights," the preamble reads. "In a world of machine learning systems, who will bear accountability for harming human rights?" The declaration has already been signed by Amnesty International, Access Now, Human Rights Watch, and the Wikimedia Foundation. More signatories are expected in the weeks to come.

Beyond general non-discrimination practices, the declaration focuses on the individual right to remedy when algorithmic discrimination does occur. "This may include, for example, creating clear, independent, and visible processes for redress following adverse individual or societal effects," the declaration suggests, "[and making decisions] subject to accessible and effective appeal and judicial review."
Privacy

'TeenSafe' Phone Monitoring App Leaked Thousands of User Passwords (zdnet.com) 44

An anonymous reader quotes a report from ZDNet: At least one server used by an app for parents to monitor their teenagers' phone activity has leaked tens of thousands of accounts of both parents and children. The mobile app, TeenSafe, bills itself as a "secure" monitoring app for iOS and Android, which lets parents view their child's text messages and location, monitor who they're calling and when, access their web browsing history, and find out which apps they have installed. But the Los Angeles, Calif.-based company left its servers, hosted on Amazon's cloud, unprotected and accessible by anyone without a password.

"We have taken action to close one of our servers to the public and begun alerting customers that could potentially be impacted," said a TeenSafe spokesperson told ZDNet on Sunday. The database stores the parent's email address associated with their associated child's Apple ID email address. It also includes the child's device name -- which is often just their name -- and their device's unique identifier. The data contains the plaintext passwords for the child's Apple ID. Because the app requires that two-factor authentication is turned off, a malicious actor viewing this data only needs to use the credentials to break into the child's account to access their personal content data.

Microsoft

Bill Gates Shares His Memories of Donald Trump (cnn.com) 487

MSNBC recently published a video of Bill Gates telling his staff at the Gates Foundation that he had two meetings with Donald Trump since the president was elected. In the video, Gates says Trump doesn't know the difference between two sexually transmitted diseases -- human papillomavirus (HPV) and human immunodeficiency virus (HIV) -- and that it was "scary" how much Trump knew about Gates' daughter's appearance. Gates also said he urged Trump to support innovation and technology during those meetings. CNN reports: Taking audience questions about his interactions with Trump at a Bill & Melinda Gates Foundation meeting, the former Microsoft honcho said he first met Trump in December 2016. He told the audience that Trump had previously come across his daughter, Jennifer, at a horse show in Florida. "And then about 20 minutes later he flew in on a helicopter to the same place," Gates said, according to video of the event broadcast by MSNBC late Thursday. "So clearly he had been driven away but he wanted to make a grand entrance in a helicopter. "Anyway, so when I first talked to him, it was actually kind of scary how much he knew about my daughter's appearance. Melinda (Gates' wife) didn't like that too well."

Gates also said he discussed science with Trump on two separate occasions, where he says the President questioned him on the difference between HIV and HPV. "In both of those two meetings, he asked me if vaccines weren't a bad thing because he was considering a commission to look into ill-effects of vaccines and somebody -- I think it was Robert Kennedy Jr. -- was advising him that vaccines were causing bad things. And I said no, that's a dead end, that would be a bad thing, don't do that. "Both times he wanted to know if there was a difference between HIV and HPV so I was able to explain that those are rarely confused with each other," Gates said.

Cellphones

Pentagon-Funded Project Will 'Solve' Cellphone Identity Verification Within Two Years (nextgov.com) 111

Long-time Slashdot reader Zorro quotes Nextgov: The Defense Department is funding a project that officials say could revolutionize the way companies, federal agencies and the military itself verify that people are who they say they are and it could be available in most commercial smartphones within two years. The technology, which will be embedded in smartphones' hardware, will analyze a variety of identifiers that are unique to an individual, such as the hand pressure and wrist tension when the person holds a smartphone and the person's peculiar gait while walking, said Steve Wallace, technical director at the Defense Information Systems Agency.

Organizations that use the tool can combine those identifiers to give the phone holder a "risk score," Wallace said. If the risk score is low enough, the organization can presume the person is who she says she is and grant her access to sensitive files on the phone or on a connected computer or grant her access to a secure facility. If the score's too high, she'll be locked out... Another identifier that will likely be built into the chips is a GPS tracker that will store encrypted information about a person's movements, Wallace said. The verification tool would analyze historical information about a person's locations and major, recent anomalies would raise the person's risk score.

A technical director at the agency "declined to say which smartphone and chipmakers planned to participate in the project, but said the capability will be available 'in the vast majority of mobile devices.'"

Slashdot Top Deals