aggregator

Finland Is Killing Its Basic Income Experiment

Slashdot - Your Rights Online - Cz, 2018-04-19 16:40
tomhath shares a report: Since the beginning of last year, 2000 Finns are getting money from the government each month -- and they are not expected to do anything in return. The participants, aged 25-58, are all unemployed, and were selected at random by Kela, Finland's social-security institution. Instead of unemployment benefits, the participants now receive $690 per month, tax free. Should they find a job during the two-year trial, they still get to keep the money. While the project is praised internationally for being at the cutting edge of social welfare, back in Finland, decision makers are quietly pulling the brakes, making a U-turn that is taking the project in a whole new direction. "Right now, the government is making changes that are taking the system further away from a basic income," Kela researcher Miska Simanainen told the Swedish daily Svenska Dagbladet.

Read more of this story at Slashdot.

Facebook To Put 1.5 Billion Users Out of Reach of New EU Privacy Law

Slashdot - Your Rights Online - Cz, 2018-04-19 15:00
An anonymous reader quotes a report from Facebook: If a new European law restricting what companies can do with people's online data went into effect tomorrow, almost 1.9 billion Facebook users around the world would be protected by it. The online social network is making changes that ensure the number will be much smaller. Facebook members outside the United States and Canada, whether they know it or not, are currently governed by terms of service agreed with the company's international headquarters in Ireland. Next month, Facebook is planning to make that the case for only European users, meaning 1.5 billion members in Africa, Asia, Australia and Latin America will not fall under the European Union's General Data Protection Regulation (GDPR), which takes effect on May 25. That removes a huge potential liability for Facebook, as the new EU law allows for fines of up to 4 percent of global annual revenue for infractions, which in Facebook's case could mean billions of dollars.

Read more of this story at Slashdot.

German ICO Savedroid Pulls Exit Scam After Raising $50 Million

Slashdot - Your Rights Online - Cz, 2018-04-19 03:25
German company Savedroid has pulled a classic exit scam after raising $50 million in ICO and direct funding. The site is currently displaying a South Park meme with the caption "Aannnd it's gone." The founder, Dr. Yassin Hankir, has posted a tweet thanking investors and saying "Over and out." TechCrunch reports: A reverse image search found Hankir's photo on this page for Founder Institute, and he has pitched his product at multiple events, including this one in German. Savedroid was originally supposed to use AI to manage user investments and promised a crypto-backed credit card, a claim that CCN notes is popular with scam ICOs. It ran for a number of months and was clearly well-managed as the group was able to open an office and appear at multiple events.

Read more of this story at Slashdot.

Google Is Shuttering Domain Fronting, Creating a Big Problem For Anti-Censorship Tools

Slashdot - Your Rights Online - Cz, 2018-04-19 02:45
"The Google App Engine is discontinuing a practice called domain fronting, which lets services use Google's network to get around state-level internet blocks," reports The Verge. While the move makes sense from a cybersecurity perspective as domain fronting is widely used by malware to evade network-based detection, it will likely frustrate app developers who use it to get around internet censorship. From the report: First spotted by Tor developers on April 13th, the change has been rolling out across Google services and threatens to disrupt services for a number of anti-censorship tools, including Signal, GreatFire.org and Psiphon's VPN services. Reached by The Verge, Google said the changes were the result of a long-planned network update. "Domain fronting has never been a supported feature at Google," a company representative said, "but until recently it worked because of a quirk of our software stack. We're constantly evolving our network, and as part of a planned software update, domain fronting no longer works. We don't have any plans to offer it as a feature." Domain-fronting allowed developers to use Google as a proxy, forwarding traffic to their own servers through a Google.com domain. That was particularly important for evading state-level censorship, which might try to block all the traffic sent to a given service. As long as the service was using domain-fronting, all the in-country data requests would appear as if they were headed for Google.com, with encryption preventing censors from digging any deeper. We do not yet know exactly why and when Google is shutting down the practice, but will update this post once we learn more.

Read more of this story at Slashdot.

'Login With Facebook' Data Hijacked By JavaScript Trackers

Slashdot - Your Rights Online - Cz, 2018-04-19 02:03
An anonymous reader quotes a report from TechCrunch: Facebook confirms to TechCrunch that it's investigating a security research report that shows Facebook user data can be grabbed by third-party JavaScript trackers embedded on websites using Login With Facebook. The exploit lets these trackers gather a user's data including name, email address, age range, gender, locale, and profile photo depending on what users originally provided to the website. It's unclear what these trackers do with the data, but many of their parent companies including Tealium, AudienceStream, Lytics, and ProPS sell publisher monetization services based on collected user data. The abusive scripts were found on 434 of the top 1 million websites including freelancer site Fiverr.com, camera seller B&H Photo And Video, and cloud database provider MongoDB. That's according to Steven Englehardt and his colleagues at Freedom To Tinker, which is hosted by Princeton's Center For Information Technology Policy.

Read more of this story at Slashdot.

A Florida Man Has been Accused of Making 97 Million Robocalls

Slashdot - Your Rights Online - Śr, 2018-04-18 21:25
A Florida man accused of flooding consumers with 97 million phone calls touting fake travel deals appeared Wednesday before lawmakers to explain how robocalls work and to say, "I am not the kingpin of robocalling that is alleged." From a report: Adrian Abramovich, of Miami, who is fighting a proposed $120 million fine, told senators that open-source software lets operators make thousands of phone calls with the click of a button, in combination with cloud-based computing and "the right long distance company." "Clearly regulation needs to address the carriers and providers and require the major carriers to detect robocalls activity," Abramovich said in testimony submitted in advance to the Senate Commerce Committee. He has asked the Federal Communications Commission to reduce the fine proposed last year, calling it disproportionate, in part because most calls went unanswered or resulted in a quick hang-up by consumers. The panel's chairman, Senator John Thune, a South Dakota Republican, called Abamovich and officials from the FCC and other agencies to discuss ways to stop abusive calls.

Read more of this story at Slashdot.

Richard Stallman On Facebook's Privacy Scandal: We Need a Law. There's No Reason We Should Let Them Exist if the Price is Knowing Everything About Us

Slashdot - Your Rights Online - Śr, 2018-04-18 20:03
From a wide-ranging interview of Richard Stallman by New York Magazine: New York Magazine: Why do you think these companies feel justified in collecting that data? Richard Stallman: Oh, well, I think you can trace it to the general plutocratic neoliberal ideology that has controlled the U.S. for more than two decades. A study established that since 1998 or so, the public opinion in general has no influence on political decisions. They're controlled by the desires of the rich and of special interests connected with whatever issue it is. So the companies that wanted to collect data about people could take advantage of this general misguided ideology to get away with whatever they might have wanted to do. Which happened to be collecting data about people. But I think they shouldn't be allowed to collect data about people. We need a law. Fuck them -- there's no reason we should let them exist if the price is knowing everything about us. Let them disappear. They're not important -- our human rights are important. No company is so important that its existence justifies setting up a police state. And a police state is what we're heading toward. Most non-free software has malicious functionalities. And they include spying on people, restricting people -- that's called digital restrictions management, back doors, censorship. Empirically, basically, if a program is not free software, it probably has one of these malicious functionalities. So imagine a driverless car, controlled of course by software, and it will probably be proprietary software, meaning not-free software, not controlled by the users but rather by the company that makes the car, or some other company. Well imagine if that has a back door, which enables somebody to send a command saying, "Ignore what the passenger said, and go there." Imagine what that would do. You can be quite sure that China will use that functionality to drive people toward the places they're going to be disappeared or punished. But can you be sure that the U.S. won't?

Read more of this story at Slashdot.

Data Firm Leaks 48 Million User Profiles it Scraped From Facebook, LinkedIn, Others

Slashdot - Your Rights Online - Śr, 2018-04-18 19:20
Zack Whittaker, reporting for ZDNet: A little-known data firm was able to build 48 million personal profiles, combining data from sites and social networks like Facebook, LinkedIn, Twitter, and Zillow, among others -- without the users' knowledge or consent. Localblox, a Bellevue, Wash.-based firm, says it "automatically crawls, discovers, extracts, indexes, maps and augments data in a variety of formats from the web and from exchange networks." Since its founding in 2010, the company has focused its collection on publicly accessible data sources, like social networks Facebook, Twitter, and LinkedIn, and real estate site Zillow to name a few, to produce profiles. But earlier this year, the company left a massive store of profile data on a public but unlisted Amazon S3 storage bucket without a password, allowing anyone to download its contents. The bucket, labeled "lbdumps," contained a file that unpacked to a single file over 1.2 terabytes in size. The file listed 48 million individual records, scraped from public profiles, consolidated, then stitched together.

Read more of this story at Slashdot.

Iran Bans State Bodies From Using Telegram App, Khamenei Shuts Account

Slashdot - Your Rights Online - Śr, 2018-04-18 16:40
Iran banned government bodies on Wednesday from using the popular Telegram instant messaging app as Supreme Leader Ayatollah Ali Khamenei's office said his account would shut down to protect national security, Iranian media reported. From a report: ISNA news agency did not give a reason for the government ban on the service which lets people send encrypted messages and has an estimated 40 million users in the Islamic Republic. The order came days after Russia -- Iran's ally in the Syrian war -- started blocking the app in its territory following the company's repeated refusal to give Russian state security services access to users' secret messages. Iran's government banned "all state bodies from using the foreign messaging app," according to ISNA.

Read more of this story at Slashdot.

Huawei To Back Off US Market Amid Rising Tensions

Slashdot - Your Rights Online - Śr, 2018-04-18 12:00
Huawei is reportedly going to give up on selling its products and services in the United States (Warning: source may be paywalled; alternative source) due to Washington's accusations that the company has ties to the Chinese government. The change in tactics comes a week after the company laid off five American employees, including its biggest American lobbyist. The New York Times reports: Huawei's tactics are changing as its business prospects in the United States have darkened considerably. On Tuesday, the Federal Communications Commission voted to proceed with a new rule that could effectively kill off what little business the company has in the United States. Although the proposed rule does not mention Huawei by name, it would block federally subsidized telecommunications carriers from using suppliers deemed to pose a risk to American national security. Huawei's latest moves suggest that it has accepted that its political battles in the United States are not ones it is likely to win. "Some things cannot change their course according to our wishes," Eric Xu, Huawei's deputy chairman, said at the company's annual meeting with analysts on Tuesday. "With some things, when you let them go, you actually feel more at ease."

Read more of this story at Slashdot.

Former FCC Broadband Panel Chair Arrested For Fraud

Slashdot - Your Rights Online - Śr, 2018-04-18 03:25
An anonymous reader quotes a report from DSLReports: The former chair of a panel built by FCC boss Ajit Pai to advise the agency on broadband matters has been arrested for fraud. Elizabeth Ann Pierce, former CEO of Quintillion Networks, was appointed by Pai last April to chair the committee, but her tenure only lasted until September. Pierce resigned from her role as Quintillion CEO last August after investigators found she was engaged in a scam that tricked investors into pouring money into a multi-million dollar investment fraud scheme. According to the Wall Street Journal, Pierce convinced two investment firms that the company had secured contracts for a high-speed fiber-optic system that would generate hundreds of millions of dollars in future revenue. She pitched the system as a way to improve Alaska's connectivity to the rest of the country, but the plan was largely a fabrication, law enforcement officials say. "As it turned out, those sales agreements were worthless because the customers had not signed them," U.S. Attorney Geoffrey Berman said in prepared remarks. "Instead, as alleged, Pierce had forged counterparty signatures on contract after contract. As a result of Pierce's deception, the investment companies were left with a system that is worth far less than Pierce had led them to believe." Quintillion says it began cooperating with lawmakers as soon as allegations against Pierce surfaced last year. Pierce was charged with wire fraud last Thursday and faces a maximum sentence of 20 years in prison.

Read more of this story at Slashdot.

Facebook Admits To Tracking Users, Non-Users Off-Site

Slashdot - Your Rights Online - Śr, 2018-04-18 02:45
Facebook said in a blog post yesterday that they tracked users and non-users across websites and apps for three main reasons: providing services directly, securing the company's own site, and "improving our products and services." The statement comes as the company faces a U.S. lawsuit over a controversial facial recognition feature launched in 2011. The Guardian reports: "When you visit a site or app that uses our services, we receive information even if you're logged out or don't have a Facebook account. This is because other apps and sites don't know who is using Facebook," Facebook's product management director, David Baser, wrote. "Whether it's information from apps and websites, or information you share with other people on Facebook, we want to put you in control -- and be transparent about what information Facebook has and how it is used." But the company's transparency has still not extended to telling non-users what it knows about them -- an issue Zuckerberg also faced questions over from Congress. Asked by Texas representative Gene Green whether all information Facebook holds about a user is in the file the company offers as part of its "download your data" feature, Zuckerberg had responded he believed that to be the case. Privacy campaigner Paul-Olivier Dehaye disagreed, noting that, even as a Facebook user, he had been unable to access personal data collected through the company's off-site tracking systems. Following an official subject access request under EU law, he told MPs last month, Facebook had responded that it was unable to provide the information.

Read more of this story at Slashdot.

New York's Attorney General Is Investigating Bitcoin Exchanges

Slashdot - Your Rights Online - Śr, 2018-04-18 00:45
The office of New York Attorney General Eric Schneiderman announced today that it has launched an investigation into bitcoin exchanges. He's reportedly looking into thirteen major exchanges, including Coinbase, Gemini Trust, and Bitfinex, requesting information on their operations and what measures they have in place to protect consumers. The Verge reports: "Too often, consumers don't have the basic facts they need to assess the fairness, integrity, and security of these trading platforms," Schneiderman said in a statement. His office sent detailed questionnaires to the thirteen exchanges, asking them to disclose who owns and controls them, and how their basic operation and transaction fees work. The questionnaire also asks for specific details on how exchanges might suspend trading or delay orders, indicating Schneiderman is particularly concerned with exchanges manipulating the timing of public orders. The investigation will attempt to shed more transparency on how platforms combat market manipulation attempts and suspicious trading, as well as bots, theft, and fraud. Many of the exchanges Schneiderman is targeting, such as Beijing-based Huobi, have headquarters located outside the U.S., but the attorney general has jurisdiction over any foreign business operating in New York. Coin Center's director of research Peter Van Valkenburgh tells The Verge that the new investigation might be overkill, given the existing rules already in place for bitcoin exchanges. "Far from being unregulated," he says, "these businesses must contend with state money transmission licensing laws, federal anti-money laundering law, CFTC scrutiny for commodities spot market manipulation, SEC scrutiny for securities trading (should any tokens traded be securities), and in this case, state consumer protection investigations from the several attorneys general."

Read more of this story at Slashdot.

Online Tax Filers Will Get Extension After IRS Payment Website Outage

Slashdot - Your Rights Online - Wt, 2018-04-17 23:25
An anonymous reader quotes a report from CNBC: The IRS will give last-minute filers additional time to file their tax returns after the page for paying their tax bills using their bank accounts crashed, Treasury Secretary Steven Mnuchin told the Associated Press. The IRS "Direct Pay" page allows filers to transfer funds from their checking or savings account to pay what they owe. As of 5 p.m. ET on April 17 -- Tax Day -- the page was still unavailable. Direct Pay is a free service. The "Payment Plan" page, where filers can pay their tax bill in installments also appears to have crashed. "I'd strongly advise folks who owe any federal taxes and cannot pay online to mail a check or money order to the IRS to the appropriate address," said Patrick Thomas, director of Notre Dame Law School's Tax Clinic. According to a TurboTax spokesperson, the IRS's technical difficulties are affecting all tax preparers and tax returns. "Taxpayers should go ahead and continue to prepare and file their taxes as normal with TurboTax," the spokesperson said. "TurboTax has uninterrupted service and is available and accepting e-filed returns," she said. "We will hold returns until the IRS is ready to begin accepting them again." H&R Block said it will continue to accept returns from filers.

Read more of this story at Slashdot.

Former Cambridge Analytica Employee Says Facebook Users Affected Could Be 'Much Greater Than 87 million'

Slashdot - Your Rights Online - Wt, 2018-04-17 19:25
Cambridge Analytica and its partners used data from previously unknown "Facebook-connected questionnaires" to obtain user data from the social media service, according to testimony from a former Cambridge Analytica employee. From a report: Brittany Kaiser provided evidence to the British Parliament today as part of a hearing on fake news. Kaiser, who worked on the business team at Cambridge Analytica's parent company until January of this year, wrote in a statement that she was "aware in a general sense of a wide range of surveys" used by Cambridge Analytica or its partners, and she said she believes the number of people whose Facebook data may have been compromised is likely higher than the widely reported 87 million.

Read more of this story at Slashdot.

IRS 'Direct Pay' Option Not Working on Tax Day

Slashdot - Your Rights Online - Wt, 2018-04-17 17:48
An anonymous reader shares a report: Online payments on IRS.gov are partially down. But the government still expects its money. A page on the IRS website that allows taxpayers to make a payment is not working for many as of Tuesday morning. Clicking on "Make a payment" on the payments page redirects the user to a page titled "unplannedOutagePage. Note that your tax payment is due although IRS Direct Pay may not be available," the page notes. UPDATE 04/17/18: Treasury Secretary Steven Mnuchin told the Associated Press that online tax filers will get an extension due to today's website outage.

Read more of this story at Slashdot.

Cybersecurity Tech Accord: More Than 30 Tech Firms Pledge Not to Assist Governments in Cyberattacks

Slashdot - Your Rights Online - Wt, 2018-04-17 16:40
Over 30 major technology companies, led by Microsoft and Facebook, on Tuesday announced what they are calling the Cybersecurity Tech Accord, a set of principles that include a declaration that they will not help any government -- including that of the United States -- mount cyberattacks against "innocent civilians and enterprises from anywhere." The companies that are participating in the initiative are: ABB, Arm, Avast, Bitdefender, BT, CA Technologies, Cisco, Cloudflare, DataStax, Dell, DocuSign, Facebook, Fastly, FireEye, F-Secure, GitHub, Guardtime, HP Inc., HPE, Intuit, Juniper Networks, LinkedIn, Microsoft, Nielsen, Nokia, Oracle, RSA, SAP, Stripe, Symantec, Telefonica, Tenable, Trend Micro, and VMware. The announcement comes at the backdrop of a growing momentum in political and industry circles to create a sort of Digital Geneva Convention that commits the entire tech industry and governments to supporting a free and secure internet. The effort comes after attacks such as WannaCry and NotPetya hobbled businesses around the world last year, and just a day after the U.S. and U.K. issued an unprecedented joint alert citing the threat of cyberattacks from Russian state-sponsored actors. The Pentagon has said Russian "trolling" activity increased 2,000 percent after missile strikes in Syria. Interestingly, Amazon, Apple, Google, and Twitter are not participating in the program, though the Tech Accord says it "remains open to consideration of new private sector signatories, large or small and regardless of sector."

Read more of this story at Slashdot.

19-Year-Old Archivist Charged For Downloading Freedom-of-Information Releases

Slashdot - Your Rights Online - Wt, 2018-04-17 09:00
Ichijo writes: According to CBC News, a Canadian teen "has been charged with 'unauthorized use of a computer,' which carries a possible 10-year prison sentence, for downloading approximately 7,000 freedom-of-information releases. The provincial government says about 250 of those contain Nova Scotians' sensitive personal information." "When he was around eight [...] his Grade 3 class adopted an animal at a shelter, receiving an electronic adoption certificate," reports CBC. "That lead to a discovery on the classroom computer. 'The website had a number at the end, and I was able to change the last digit of the number to a different number and was able to see a certificate for someone else's animal that they adopted,' he said. 'I thought that was interesting.' The teenager's current troubles arose because he used the same trick on Nova Scotia's freedom-of-information portal, downloading about 7,000 freedom-of-information requests." The teen is estimated to have around 30 terabytes of online data on his hard drives, which equates to "millions" of webpages. "He usually copies online forums such as 4chan and Reddit, where posts are either quickly erased or can become difficult to locate."

Read more of this story at Slashdot.

Supreme Court Set To Hear Landmark Online Sales Tax Case

Slashdot - Your Rights Online - Wt, 2018-04-17 05:30
An anonymous reader quotes a report from Gizmodo: On Tuesday, the U.S. Supreme Court will hear arguments in a case that could at least somewhat clarify Donald Trump's complaints about Amazon "not paying internet taxes." It will also decide if those cheap deals on NewEgg are going to be less of a steal. The case concerns the state of South Dakota versus online retailers Wayfront, NewEgg, and Overstock.com in a battle over whether or not state sales tax should apply to all online transactions in the U.S., regardless of where the customer or retailer is located. It promises to have an impact on the internet's competition with brick-and-mortar retailers, as well as continue to address the ongoing legal questions surrounding real-world borders in the borderless world of online.

Read more of this story at Slashdot.

Facebook Must Face Class-Action Lawsuit Over Facial Recognition, Says Judge

Slashdot - Your Rights Online - Wt, 2018-04-17 03:50
U.S. District Judge James Donato ruled on Monday that Facebook must face a class-action lawsuit alleging that the social network unlawfully used a facial recognition process on photos without user permission. Donato ruled that a class-action was the most efficient way to resolve the dispute over facial templates. KFGO reports: Facebook said it was reviewing the ruling. "We continue to believe the case has no merit and will defend ourselves vigorously," the company said in a statement. Lawyers for the plaintiffs could not immediately be reached for comment. Facebook users sued in 2015, alleging violations of an Illinois state law about the privacy of biometric information. The class will consist of Facebook users in Illinois for whom Facebook created and stored facial recognition algorithms after June 7, 2011, Donato ruled. That is the date when Facebook launched "Tag Suggestions," a feature that suggests people to tag after a Facebook user uploads a photo. In the U.S. court system, certification of a class is typically a major hurdle that plaintiffs in proposed class actions need to overcome before reaching a possible settlement or trial.

Read more of this story at Slashdot.