aggregator

99.7 Percent of Unique FCC Comments Favored Net Neutrality, Independent Analysis Finds

Slashdot - Your Rights Online - Pn, 2018-10-15 22:40
When a Stanford researcher removed all the duplicate and fake comments filed with the Federal Communications Commission last year, he found that 99.7 percent of public comments -- about 800,000 in all -- were pro-net neutrality. From a report: "With the fog of fraud and spam lifted from the comment corpus, lawmakers and their staff, journalists, interested citizens and policymakers can use these reports to better understand what Americans actually said about the repeal of net neutrality protections and why 800,000 Americans went further than just signing a petition for a redress of grievances by actually putting their concerns in their own words," Ryan Singel, a media and strategy fellow at Stanford University, wrote in a blog post Monday. Singel released a report [PDF] Monday that analyzed the unique comments -- as in, they weren't a copypasta of one or dozens of other letters -- filed last year ahead of the FCC's decision to repeal federal net neutrality protections. That's from the 22 million total comments filed, meaning that more than 21 million comments were fake, bots, or organized campaigns.

Read more of this story at Slashdot.

US Voter Records From 19 States Is Being Sold on a Hacking Forum, Threat Intelligence Firms Say

Slashdot - Your Rights Online - Pn, 2018-10-15 22:00
Catalin Cimpanu, reporting for ZDNet: The voter information for approximately 35 million US citizens is being peddled on a popular hacking forum, two threat intelligence firms have discovered. "To our knowledge this represents the first reference on the criminal underground of actors selling or distributing lists of 2018 voter registration data," said researchers from Anomali Labs and Intel471, the two companies who spotted the forum ad. The two companies said they've reviewed a sample of the database records and determined the data to be valid with a "high degree of confidence." Researchers say the data contains details such as full name, phone numbers, physical addresses, voting history, and other voting-related information. It is worth noting that some states consider this data public and offer it for download for free, but not all states have this policy.

Read more of this story at Slashdot.

Twitter is Being Investigated Over Data Collection In Its Link-Shortening System

Slashdot - Your Rights Online - Pn, 2018-10-15 05:02
New submitter DavidDoherty writes: The Ireland Data Protection Commission is investigating Twitter because the company refused to provide their t.co (URL shortening service owned and used by Twitter) web link tracking data to UK professor, Michael Veale. "Their refusal to comply with the request is potentially a violation of the EU's allowance for requests under GDPR. The privacy expert said that Twitter refused to cite an exception to GDPR for requests that required 'disproportionate effort.'" By contrast, Veale believed that twitter was distorting the law in order to limit the information they handed over to the authorities. A new GDPR regulation, which was first enforced in May, requires that tech companies aim towards a more transparent relationship with user data and provide their customers with data privacy rights.

Read more of this story at Slashdot.

Software Freedom Conservancy Shares Thoughts on Microsoft Joining Open Invention Network's Patent Non-Aggression Pact

Slashdot - Your Rights Online - Pn, 2018-10-15 00:10
Earlier this week, Microsoft announced that it was joining the open-source patent consortium Open Invention Network (OIN). The press release the two shared this week was short on details on how the two organizations intend to work together and what does the move mean to, for instance, the billions of dollars Microsoft earns each year from its Android patents (since Google is a member of OIN, too.) Software Freedom Conservancy (SFC), a non-profit organization that promotes open-source software, has weighed in on the subject: While [this week's] announcement is a step forward, we call on Microsoft to make this just the beginning of their efforts to stop their patent aggression efforts against the software freedom community. The OIN patent non-aggression pact is governed by something called the Linux System Definition. This is the most important component of the OIN non-aggression pact, because it's often surprising what is not included in that Definition especially when compared with Microsoft's patent aggression activities. Most importantly, the non-aggression pact only applies to the upstream versions of software, including Linux itself. We know that Microsoft has done patent troll shakedowns in the past on Linux products related to the exfat filesystem. While we at Conservancy were successful in getting the code that implements exfat for Linux released under GPL (by Samsung), that code has not been upstreamed into Linux. So, Microsoft has not included any patents they might hold on exfat into the patent non-aggression pact. We now ask Microsoft, as a sign of good faith and to confirm its intention to end all patent aggression against Linux and its users, to now submit to upstream the exfat code themselves under GPLv2-or-later. This would provide two important protections to Linux users regarding exfat: (a) it would include any patents that read on exfat as part of OIN's non-aggression pact while Microsoft participates in OIN, and (b) it would provide the various benefits that GPLv2-or-later provides regarding patents, including an implied patent license and those protections provided by GPLv2 (and possibly other GPL protections and assurances as well).

Read more of this story at Slashdot.

In an Open Letter, Microsoft Employees Urge the Company To Not Bid on the US Military's Project JEDI

Slashdot - Your Rights Online - N, 2018-10-14 16:00
On Tuesday, Microsoft expressed its intent to bid on the Joint Enterprise Defense Infrastructure (JEDI) contract -- a contract that represents a $10 billion project to build cloud services for the Department of Defense. The contract is massive in scope and shrouded in secrecy, which makes it nearly impossible to know what technologies Microsoft would be building for the Department of Defense. At an industry day for JEDI, DoD Chief Management Officer John H. Gibson II explained the program's impact, saying, "We need to be very clear. This program is truly about increasing the lethality of our department." This has ruffled a few feathers inside the Redmond-based software giant. In an open letter published Saturday, an unspecified number of Microsoft employees stated their disapproval. They wrote: Many Microsoft employees don't believe that what we build should be used for waging war. When we decided to work at Microsoft, we were doing so in the hopes of "empowering every person on the planet to achieve more," not with the intent of ending lives and enhancing lethality. For those who say that another company will simply pick up JEDI where Microsoft leaves it, we would ask workers at that company to do the same. A race to the bottom is not an ethical position. Like those who took action at Google, Salesforce, and Amazon, we ask all employees of tech companies to ask how your work will be used, where it will be applied, and act according to your principles. We need to put JEDI in perspective. This is a secretive $10 billion project with the ambition of building "a more lethal" military force overseen by the Trump Administration. The Google workers who protested these collaborations and forced the company to take action saw this. We do too. So we ask, what are Microsoft's A.I. Principles, especially regarding the violent application of powerful A.I. technology? How will workers, who build and maintain these services in the first place, know whether our work is being used to aid profiling, surveillance, or killing? Earlier this year Microsoft published "The Future Computed," examining the applications and potential dangers of A.I. It argues that strong ethical principles are necessary for the development of A.I. that will benefit people, and defines six core principles: "fair, reliable and safe, private and secure, inclusive, transparent, and accountable." With JEDI, Microsoft executives are on track to betray these principles in exchange for short-term profits. If Microsoft is to be accountable for the products and services it makes, we need clear ethical guidelines and meaningful accountability governing how we determine which uses of our technology are acceptable, and which are off the table. Microsoft has already acknowledged the dangers of the tech it builds, even calling on the federal government to regulate A.I. technologies. But there is no law preventing the company from exercising its own internal scrutiny and standing by its own ethical compass. Further reading: Google Drops Out of Pentagon's $10 Billion Cloud Competition.

Read more of this story at Slashdot.

Climate Change Report Actually Understates Threats

Slashdot - Your Rights Online - N, 2018-10-14 03:13
"Dire as it is, the latest IPCC report is actually too optimistic," writes Slashdot reader Dan Drollette. "It ignores the risk of self-reinforcing climate feedbacks pushing the planet into chaos beyond human control. So says a team of climate experts, including the winner of the 1995 Nobel for his work on depletion of the ozone layer." From their article: These cascading feedbacks include the loss of the Arctic's sea ice, which could disappear entirely in summer in the next 15 years. The ice serves as a shield, reflecting heat back into the atmosphere, but is increasingly being melted into water that absorbs heat instead. Losing the ice would tremendously increase the Arctic's warming, which is already at least twice the global average rate. This, in turn, would accelerate the collapse of permafrost, releasing its ancient stores of methane, a super climate pollutant 30 times more potent in causing warming than carbon dioxide. By largely ignoring such feedbacks, the IPCC report fails to adequately warn leaders about the cluster of six similar climate tipping points that could be crossed between today's temperature and an increase to 1.5 degrees -- let alone nearly another dozen tipping points between 1.5 and 2 degrees. These wildcards could very likely push the climate system beyond human ability to control. As the UN Secretary General reminded world leaders last month, "We face an existential threat. Climate change is moving faster than we are.⦠If we do not change course by 2020, we risk missing the point where we can avoid runaway climate change, with disastrous consequences." In related news, a court in The Hague "has upheld a historic legal order on the Dutch government to accelerate carbon emissions cuts, a day after the world's climate scientists warned that time was running out to avoid dangerous warming. Appeal court judges ruled that the severity and scope of the climate crisis demanded greenhouse gas reductions of at least 25% by 2020 -- measured against 1990 levels -- higher than the 17% drop planned by Mark Rutte's liberal administration. The ruling -- which was greeted with whoops and cheers in the courtroom -- will put wind in the sails of a raft of similar cases being planned around the world, from Norway to New Zealand and from the UK to Uganda." Meanwhile, a new article in GQ cites estimates that more than 70 percent of global emissions come from just 100 companies, complaining that "there is no 'free market' incentive to prevent disaster."

Read more of this story at Slashdot.

Are Universal Basic Incomes 'A Tool For Our Further Enslavement'?

Slashdot - Your Rights Online - N, 2018-10-14 00:37
Douglas Rushkoff, long-time open source advocate (and currently a professor of Digital Economics at the City University of New York, Queens College), is calling Universal Basic Incomes "no gift to the masses, but a tool for our further enslavement." Uber's business plan, like that of so many other digital unicorns, is based on extracting all the value from the markets it enters. This ultimately means squeezing employees, customers, and suppliers alike in the name of continued growth. When people eventually become too poor to continue working as drivers or paying for rides, UBI supplies the required cash infusion for the business to keep operating. When it's looked at the way a software developer would, it's clear that UBI is really little more than a patch to a program that's fundamentally flawed. The real purpose of digital capitalism is to extract value from the economy and deliver it to those at the top. If consumers find a way to retain some of that value for themselves, the thinking goes, you're doing something wrong or "leaving money on the table." Walmart perfected the softer version of this model in the 20th century. Move into a town, undercut the local merchants by selling items below cost, and put everyone else out of business. Then, as sole retailer and sole employer, set the prices and wages you want. So what if your workers have to go on welfare and food stamps. Now, digital companies are accomplishing the same thing, only faster and more completely.... Soon, consumers simply can't consume enough to keep the revenues flowing in. Even the prospect of stockpiling everyone's data, like Facebook or Google do, begins to lose its allure if none of the people behind the data have any money to spend. To the rescue comes UBI. The policy was once thought of as a way of taking extreme poverty off the table. In this new incarnation, however, it merely serves as a way to keep the wealthiest people (and their loyal vassals, the software developers) entrenched at the very top of the economic operating system. Because of course, the cash doled out to citizens by the government will inevitably flow to them.... Under the guise of compassion, UBI really just turns us from stakeholders or even citizens to mere consumers. Once the ability to create or exchange value is stripped from us, all we can do with every consumptive act is deliver more power to people who can finally, without any exaggeration, be called our corporate overlords... if Silicon Valley's UBI fans really wanted to repair the economic operating system, they should be looking not to universal basic income but universal basic assets, first proposed by Institute for the Future's Marina Gorbis... As appealing as it may sound, UBI is nothing more than a way for corporations to increase their power over us, all under the pretense of putting us on the payroll. It's the candy that a creep offers a kid to get into the car or the raise a sleazy employer gives a staff member who they've sexually harassed. It's hush money. Rushkoff's conclusion? "Whether its proponents are cynical or simply naive, UBI is not the patch we need."

Read more of this story at Slashdot.

Facebook Says Russian Firms 'Scraped' Data, Some for Facial Recognition

Slashdot - Your Rights Online - So, 2018-10-13 23:34
An anonymous reader quotes the New York Times: On the same day Facebook announced that it had carried out its biggest purge yet of American accounts peddling disinformation, the company quietly made another revelation: It had removed 66 accounts, pages and apps linked to Russian firms that build facial recognition software for the Russian government. Facebook said Thursday that it had removed any accounts associated with SocialDataHub and its sister firm, Fubutech, because the companies violated its policies by scraping data from the social network. "Facebook has reason to believe your work for the government has included matching photos from individuals' personal social media accounts in order to identify them," the company said in a cease-and-desist letter to SocialDataHub that was dated Tuesday and viewed by The New York Times... As Facebook is taking a closer look at its own products amid increasing scrutiny and public outcry, it is increasingly finding examples of companies that have been exploiting its global social network for questionable ends.... Artur Khachuyan, the 26-year-old chief executive of SocialDataHub and Fubutech, said in an interview Friday that Fubutech scraped data from the web, particularly Google search and the Russian search engine Yandex, to build a database of Russian citizens and their images that the government can use for facial recognition. "We don't know exactly what they do with it," he said.... At one point in a 30-minute phone interview, he said the Russian Defense Ministry was a client but later said he could not name Fubutech's government clients. The two Russian companies have been around for over four years, "relying in part on Facebook data," the Times reports. "At the top of the SocialDataHub's website, there is a single line: 'We know everything about everybody.'"

Read more of this story at Slashdot.

A Future Where Everything Becomes a Computer Is As Creepy As You Feared

Slashdot - Your Rights Online - So, 2018-10-13 15:00
schwit1 shares a report from The New York Times: More than 40 years ago, Bill Gates and Paul Allen founded Microsoft with a vision for putting a personal computer on every desk. [...] In recent years, the tech industry's largest powers set their sights on a new target for digital conquest. They promised wild conveniences and unimaginable benefits to our health and happiness. There's just one catch, which often goes unstated: If their novelties take off without any intervention or supervision from the government, we could be inviting a nightmarish set of security and privacy vulnerabilities into the world. And guess what. No one is really doing much to stop it. The industry's new goal? Not a computer on every desk nor a connection between every person, but something grander: a computer inside everything, connecting everyone. Cars, door locks, contact lenses, clothes, toasters, refrigerators, industrial robots, fish tanks, sex toys, light bulbs, toothbrushes, motorcycle helmets -- these and other everyday objects are all on the menu for getting "smart." Hundreds of small start-ups are taking part in this trend -- known by the marketing catchphrase "the internet of things" -- but like everything else in tech, the movement is led by giants, among them Amazon, Apple and Samsung. [American cryptographer and computer security professional Bruce Schneier] argues that the economic and technical incentives of the internet-of-things industry do not align with security and privacy for society generally. Putting a computer in everything turns the whole world into a computer security threat. [...] Mr. Schneier says only government intervention can save us from such emerging calamities. "I can think of no industry in the past 100 years that has improved its safety and security without being compelled to do so by government."

Read more of this story at Slashdot.

How To See If Your Personal Data Was Stolen In the Recent Facebook Hack

Slashdot - Your Rights Online - So, 2018-10-13 02:20
An anonymous reader quotes a report from Recode: Hackers stole personal data from 29 million Facebook users in a recent hack, including information like phone numbers, emails, gender, hometowns and even relationship data. Was your data stolen? (Mine was.) There's an easy way to check. Visit this Help Center page on Facebook's website and log in to your account. It will tell you whether or not your data was stolen, and which data in particular. Worth noting, while Facebook's alert says that no "payment card or credit card information" was stolen, Facebook product executive Guy Rosen did say that hackers would have been able to see the last four digits of a user's credit card through this hack. Facebook also says it will reach out to people directly if their data was stolen.

Read more of this story at Slashdot.

The UK Invited a Robot To 'Give Evidence' In Parliament For Attention

Slashdot - Your Rights Online - So, 2018-10-13 00:20
"The UK Parliament caused a bit of a stir this week with the news that it would play host to its first non-human witness," reports The Verge. "A press release from one of Parliament's select committees (groups of MPs who investigate an issue and report back to their peers) said it had invited Pepper the robot to 'answer questions' on the impact of AI on the labor market." From the report: "Pepper is part of an international research project developing the world's first culturally aware robots aimed at assisting with care for older people," said the release from the Education Committee. "The Committee will hear about her work [and] what role increased automation and robotics might play in the workplace and classroom of the future." It is, of course, a stunt. As a number of AI and robotics researchers pointed out on Twitter, Pepper the robot is incapable of giving such evidence. It can certainly deliver a speech the same way Alexa can read out the news, but it can't formulate ideas itself. As one researcher told MIT Technology Review, "Modern robots are not intelligent and so can't testify in any meaningful way." Parliament knows this. In an email to The Verge, a media officer for the Education Committee confirmed that Pepper would be providing preprogrammed answers written by robotics researchers from Middlesex University, who are also testifying on the same panel. "It will be clear on the day that Pepper's responses are not spontaneous," said the spokesperson. "Having Pepper appear before the Committee and the chance to question the witnesses will provide an opportunity for members to explore both the potential and limitations of such technology and the capabilities of robots." MP Robert Halfon, the committee's chair, told education news site TES that inviting Pepper was "not about someone bringing an electronic toy robot and doing a demonstration" but showing the "potential of robotics and artificial intelligence." He added: "If we've got the march of the robots, we perhaps need the march of the robots to our select committee to give evidence."

Read more of this story at Slashdot.

Cops Told 'Don't Look' at New iPhones To Avoid Face ID Lock-Out

Slashdot - Your Rights Online - Pt, 2018-10-12 23:40
As Apple continues to update its iPhones with new security features, law enforcement and other investigators are constantly playing catch-up, trying to find the best way to circumvent the protections or to grab evidence. From a report: Last month, Forbes reported the first known instance of a search warrant being used to unlock a suspect's iPhone X with their own face, leveraging the iPhone X's Face ID feature. But Face ID can of course also work against law enforcement -- too many failed attempts with the 'wrong' face can force the iPhone to request a potentially harder to obtain passcode instead. Taking advantage of legal differences in how passcodes are protected, US law enforcement have forced people to unlock their devices with not just their face but their fingerprints too. But still, in a set of presentation slides obtained by Motherboard this week, one company specialising in mobile forensics is telling investigators not to even look at phones with Face ID, because they might accidentally trigger this mechanism. "iPhone X: don't look at the screen, or else... The same thing will occur as happened on Apple's event," the slide, from forensics company Elcomsoft, reads. Motherboard obtained the presentation from a non-Elcomsoft source, and the company subsequently confirmed its veracity. The slide is referring to Apple's 2017 presentation of Face ID, in which Craig Federighi, Apple's senior vice president of software engineering, tried, and failed, to unlock an iPhone X with his own face. The phone then asked for a passcode instead. "This is quite simple. Passcode is required after five unsuccessful attempts to match a face," Vladimir Katalov, CEO of Elcomsoft, told Motherboard in an online chat, pointing to Apple's own documentation on Face ID. "So by looking into suspect's phone, [the] investigator immediately lose one of [the] attempts."

Read more of this story at Slashdot.

A Mysterious Grey-Hat Is Patching People's Outdated MikroTik Routers

Slashdot - Your Rights Online - Pt, 2018-10-12 23:00
An anonymous reader quotes a report from ZDNet: A Russian-speaking grey-hat hacker is breaking into people's MikroTik routers and patching devices so they can't be abused by cryptojackers, botnet herders, or other cyber-criminals, ZDNet has learned. The hacker, who goes by the name of Alexey and says he works as a server administrator, claims to have disinfected over 100,000 MikroTik routers already. "I added firewall rules that blocked access to the router from outside the local network," Alexey said. "In the comments, I wrote information about the vulnerability and left the address of the @router_os Telegram channel, where it was possible for them to ask questions." But despite adjusting firewall settings for over 100,000 users, Alexey says that only 50 users reached out via Telegram. A few said "thanks," but most were outraged. The vigilante server administrator says he's been only fixing routers that have not been patched by their owners against a MikroTik vulnerability that came to light in late April.

Read more of this story at Slashdot.

Google CEO Tells Senators That Censored Chinese Search Engine Could Provide 'Broad Benefits'

Slashdot - Your Rights Online - Pt, 2018-10-12 22:20
Google CEO Sundar Pichai has refused to answer a list of questions from U.S. lawmakers about the company's secretive plan for a censored search engine in China. From a report: In a letter newly obtained by The Intercept, Pichai told a bipartisan group of six senators that Google could have "broad benefits inside and outside of China," but said he could not share details about the censored search engine because it "remains unclear" whether the company "would or could release a search service" in the country. Pichai's letter contradicts the company's search engine chief, Ben Gomes, who informed staff during a private meeting that the company was aiming to release the platform in China between January and April 2019. Gomes told employees working on the Chinese search engine that they should get it ready to be "brought off the shelf and quickly deployed." [...] In his letter to the senators, dated August 31, Pichai did not mention the word "censorship" or address human rights concerns. He told the senators that "providing access to information to people around the world is central to our mission," and said he believed Google's tools could "help to facilitate an exchange of information and learning." The company was committed to "promoting access to information, freedom of expression, and user privacy," he wrote, while also "respecting the laws of jurisdictions in which we operate."

Read more of this story at Slashdot.

Apple Rebukes Australia's 'Dangerously Ambiguous' Anti-Encryption Bill

Slashdot - Your Rights Online - Pt, 2018-10-12 21:00
Apple has strongly criticized Australia's anti-encryption bill, calling it "dangerously ambiguous" and "alarming to every Australian." From a report: The Australian government's draft law -- known as the Access and Assistance Bill -- would compel tech companies operating in the country, like Apple, to provide "assistance" to law enforcement and intelligence agencies in accessing electronic data. The government claims that encrypted communications are "increasingly being used by terrorist groups and organized criminals to avoid detection and disruption," without citing evidence. But critics say that the bill's "broad authorities that would undermine cybersecurity and human rights, including the right to privacy" by forcing companies to build backdoors and hand over user data -- even when it's encrypted. Now, Apple is the latest company after Google and Facebook joined civil and digital rights groups -- including Amnesty International -- to oppose the bill, amid fears that the government will rush through the bill before the end of the year. In a seven-page letter to the Australian parliament, Apple said that it "would be wrong to weaken security for millions of law-abiding customers in order to investigate the very few who pose a threat." The company adds, "We appreciate the government's outreach to Apple and other companies during the drafting of this bill. While we are pleased that some of the suggestions incorporated improve the legislation, the unfortunate fact is that the draft legislation remains dangerously ambiguous with respect to encryption and security. This is no time to weaken encryption. Rather than serving the interests of Australian law enforcement, it will just weaken the security and privacy of regular customers while pushing criminals further off the grid."

Read more of this story at Slashdot.

The FBI Is Now Investigating Facebook's Security Breach Where Attackers Accessed 30 Million Users' Personal Information

Slashdot - Your Rights Online - Pt, 2018-10-12 19:45
An online attack that forced Facebook to log out 90 million users last month directly affected 29 million people on the social network [alternative source], the company said Friday as it released new details about the scope of an incident that has regulators and law enforcement on high alert. The company said the FBI is actively investigating the hack, and asked Facebook not to disclose any potential culprits. From a report: Through a series of interrelated bugs in Facebook's programming, unnamed attackers stole the names and contact information of 15 million users, Facebook said. The contact information included a mix of phone numbers and email addresses. An additional 14 million users were affected more deeply, by having additional details taken related to their profiles such as their recent search history, gender, educational background, geolocation data, birth dates, and lists of people and pages they follow. Facebook said last month that it detected the attack when it noticed an uptick in user activity. An investigation soon found that the activity was linked to the theft of security codes that, under normal circumstances, allow Facebook users to navigate away from the site while remaining logged in. The bugs that allowed the attack to occur gave hackers the ability to effectively take over Facebook accounts on a widespread basis, Facebook said when it disclosed the breach. The attackers began with a relatively small number of accounts that they directly controlled, exploiting flaws in the platform's "View As" feature to gain access to other users' profiles.

Read more of this story at Slashdot.

FCC Tells Court It Has No 'Legal Authority' To Impose Net Neutrality Rules

Slashdot - Your Rights Online - Pt, 2018-10-12 19:00
The Federal Communications Commission opened its defense of its net neutrality repeal yesterday, telling a court that it has no authority to keep the net neutrality rules in place. From a report: Chairman Ajit Pai's FCC argued that broadband is not a "telecommunications service" as defined in federal law, and therefore it must be classified as an information service instead. As an information service, broadband cannot be subject to common carrier regulations such as net neutrality rules, Pai's FCC said. The FCC is only allowed to impose common carrier regulations on telecommunications services. "Given these classification decisions, the Commission determined that the Communications Act does not endow it with legal authority to retain the former conduct rules," the FCC said in a summary of its defense filed yesterday in the US Court of Appeals for the District of Columbia Circuit. The FCC is defending the net neutrality repeal against a lawsuit filed by more than 20 state attorneys general, consumer advocacy groups, and tech companies. The FCC's opponents in the case will file reply briefs next month, and oral arguments are scheduled for February.

Read more of this story at Slashdot.

Senators Demand Google Hand Over Internal Memo Urging Google+ Cover-up

Slashdot - Your Rights Online - Pt, 2018-10-12 17:25
An anonymous reader writes: Three Republican senators have sent a letter to Google demanding the company hand over an internal memo based on which Google decided to cover up a Google+ data leak instead of going public as most companies do. The existence of this internal memo came to light on Monday in a Wall Street Journal article that forced Google to go public with details about a Google+ API bug that could have been used to harvest data on Google users. According to the report, the internal memo, signed by Google's legal and policy staff, advised Google top execs not to disclose the existence of the API bug fearing "immediate regulatory interest." Google's legal staff also feared that the bug would bring Google "into the spotlight alongside or even instead of Facebook despite having stayed under the radar throughout the Cambridge Analytica scandal," and would "almost [guarantee] Sundar will testify before Congress," akin to Facebook's CEO. In a letter sent today to Google, three GOP senators want to see this internal memo for themselves by October 30, and also with on-the-record answers to seven questions in regards to what, why, and how Google handled the Google+ API data leak.

Read more of this story at Slashdot.

To Deter Foreign Hackers, Some States May Also Be Deterring Voters

Slashdot - Your Rights Online - Pt, 2018-10-12 16:40
A number of states are blocking web traffic from foreign countries to their voter registration websites, making the process harder for some U.S. citizens who live overseas to vote, despite the practice providing no real security benefits. From a report: On its face, the "geo-targeting" of foreign countries may seem like a solid plan: election officials around the country are concerned about foreign interference after Russia's efforts leading up to the 2016 election, so blocking traffic to election websites from outside the United States might seem like an obvious defense starting point. But cybersecurity experts and voting rights advocates say it's an ineffective solution that any hacker could easily sidestep using a virtual private network, or VPN, a commonly-used and easily-available service. Such networks allow for a computer user to use the Internet and appear in a different location than they actually are.

Read more of this story at Slashdot.

Pro-Privacy Search Engine DuckDuckGo Hits 30 Million Daily Searches, Up 50% In a Year

Slashdot - Your Rights Online - Pt, 2018-10-12 15:00
An anonymous reader quotes a report from TechCrunch: Some nice momentum for privacy-focused search engine DuckDuckGo which has just announced it's hit 30 million daily searches a year after reaching 20 million -- a year-on-year increase of 50%. Hitting the first 10 million daily searches took the search engine a full seven years, and then it was another two to get to 20 million. So as growth curves go it must have required patience and a little faith in the run up. It also recently emerged that DDG had quietly picked up $10 million in VC funding, which is only its second tranche of external investment. The company told us this financing would be used to respond to an expanding opportunity for pro-privacy business models, including by tuning its search engine for more local markets and expanding its marketing channels to "have more of a global focus."

Read more of this story at Slashdot.