aggregator

Senate Votes To Reinstate ZTE Ban That's Nearly Shut Down the Company

Slashdot - Your Rights Online - Wt, 2018-06-19 03:40
The U.S. Senate has voted to reinstate a ban on ZTE that prevents the Chinese telecom company from buying U.S. components and using U.S. software. As The Verge notes, "it's still not clear if the reversal will make it into law: it has to clear a conference with the House, and then avoid a veto from President Trump, who advocated for cutting a deal that would lift the ban." From the report: ZTE was hit with the trade ban by the U.S. Commerce Department in April after failing to following through with a punishment for violating sanctions on Iran and North Korea. That ban essentially shut down ZTE, which relies on U.S. parts like Qualcomm processors. Shortly thereafter, Trump said he would cut a deal to revive the company, and a deal was reached -- with additional penalties that the department said were uniquely stringent -- earlier this month. But senators on both sides of the aisle immediately threatened to stop the deal and reinstate the ban, citing ZTE as a national security risk. And ultimately, a bipartisan group worked to get legislation introduced. The Senate voted 85 to 10 in support of reinstating the ban. It was included as an amendment on the National Defense Authorization Act, a must-pass piece of legislation that has already moved through the House.

Read more of this story at Slashdot.

The Supreme Court Will Decide If Apple's App Store Is a Monopoly

Slashdot - Your Rights Online - Wt, 2018-06-19 03:00
The Supreme Court will review a 2011 class-action lawsuit against Apple, accusing the company of operating an illegal monopoly by not allowing iPhone users to download mobile apps outside of its own App Store, reducing consumer choice. The case, being referred to as Apple Inc. v. Pepper., could have wide-reaching implications for consumers as well as other companies like Amazon. Wired reports: The dispute is over whether Apple, by charging app developers a 30 percent commission fee and only allowing iOS apps to be sold through its own store, has inflated the price of iPhone apps. Apple, supported by the Trump administration, argues that the plaintiffs in the case -- iPhone consumers -- don't have the right to sue under current antitrust laws in the U.S. The case marks a rare instance in which the court has agreed not only to hear an antitrust case, but also one where no current disagreement exists in the circuit courts. The outcome could change decades of antitrust legal precedent -- either strengthening or weakening consumer protections against monopolistic power. The case also represents a huge source of revenue for Apple; the company raked in an estimated $11 billion last year in App Store commissions alone. The lawsuit centers around another Supreme Court case from 1977, Illinois Brick Co. v. Illinois, "which established what is known as the Illinois Brick Doctrine," reports Wired. "That rule says you can't sue for antitrust damages if you're not the direct purchaser of a good or service."

Read more of this story at Slashdot.

iOS 12 Will Automatically Share Your iPhone Location With 911 Centers

Slashdot - Your Rights Online - Wt, 2018-06-19 02:30
Apple has revealed a new feature that's coming to the next version of iOS. With iOS 12, iPhone owners will be able to automatically share their location data when they dial 911. PhoneDog reports: Apple explains that it'll use RapidSOS's IP-based data pipeline to securely share an iPhone owner's HELO (Hybridized Emergency Location) info when they call 911 call centers. This system will integrate with many 911 call centers' existing software. HELO data estimates a 911 caller's location data using cell towers as well as features like GPS and Wi-Fi access points. Apple began using HELO in 2015, but by utilizing RapidSOS's tech, too, it should make it much easier and faster for a 911 call center to locate a caller.

Read more of this story at Slashdot.

The 'World's Worst' Smart Padlock Is Even Worse Than Previously Thought

Slashdot - Your Rights Online - Wt, 2018-06-19 00:00
Last week, cybersecurity company PenTest Partners managed to unlock TappLock's smart padlock within two seconds. They "found that the actual code and digital authentication methods for the lock were basically nonexistent," reports The Verge. "All someone would need to unlock the lock is its Bluetooth Low Energy MAC address, which the lock itself broadcasts." The company also managed to snap the lock with a pair of 12-inch bolt cutters. Today, Naked Security reports that it gets much worse: "Tapplock's cloud-based administration tools were as vulnerable as the lock, as Greek security researcher Vangelis Stykas found out very rapidly." From the report: Stykas found that once you'd logged into one Tapplock account, you were effectively authenticated to access anyone else's Tapplock account, as long as you knew their account ID. You could easily sniff out account IDs because Tapplock was too lazy to use HTTPS (secure web connections) for connections back to home base -- but you didn't really need to bother, because account IDs were apparently just incremental IDs anyway, like house numbers on most streets. As a result, Stykas could not only add himself as an authorized user to anyone else's lock, but also read out personal information from that person's account, including the last location (if known) where the Tapplock was opened. Incredibly, Tapplock's back-end system would not only let him open other people's locks using the official app, but also tell him where to find the locks he could now open! Of course, this gave him an unlocking speed advantage over Pen Test Partners -- by using the official app Stykas needed just 0.8 seconds to open a lock, instead of the sluggish two seconds needed by the lock-cracking app.

Read more of this story at Slashdot.

Amazon Shareholders To Jeff Bezos: Stop Marketing Facial Recognition Tool

Slashdot - Your Rights Online - Pn, 2018-06-18 20:01
A group of Amazon shareholders are calling on the company to stop pitching its facial recognition tool to local law enforcement agencies, writing in a letter to CEO Jeff Bezos that the technology could pose a privacy threat and a financial risk. From a report: The letter comes amid mounting criticism of the tool, called Rekognition, from privacy activists and civil rights organizations, including the American Civil Liberties Union. The groups have raised concerns that the tool could be used to build a system to automate the widespread identification and tracking of anyone. Rekognition is already being used by at least one law enforcement agency, the Washington County Sheriff's Office in Oregon, according to a customer testimonial page. "While Rekognition may be intended to enhance some law enforcement activities, we are deeply concerned it may ultimately violate civil and human rights," the shareholders said in the letter to Bezos, a copy of which was provided to NBC News by the ACLU.

Read more of this story at Slashdot.

Australia Discontinues Its National Biometric ID Project

Slashdot - Your Rights Online - Pn, 2018-06-18 16:00
The Australian Criminal Intelligence Commission's (ACIC) biometrics project, which adds facial recognition to a national crime database, is being discontinued following reports of delays and budget blowouts. From a report: This announcement comes after the project was suspended earlier this month and NEC Australia staff were escorted out of the building by security on Monday June 4. [...] ACIC contracted the NEC for the $52 million Biometric Identification Services project with the view of replacing the fingerprint identification system that is currently in place. The aim of the project, which was supposed to run until 2021, was to include palm print, foot prints and facial recognition to aid in police investigations. The Australian government stated that it wanted to provide Australians with a single digital identity by 2025.

Read more of this story at Slashdot.

Was the Stanford Prison Experiment a Sham?

Slashdot - Your Rights Online - N, 2018-06-17 18:16
Frosty Piss writes: The Stanford Prison Experiment was conducted in 1971 by psychology professor Philip Zimbardo using college students to investigate the psychological effects of perceived power by focusing on the struggle between prisoners and prison officers. In the study, volunteers were randomly assigned to be either "guards" or "prisoners" in a mock prison, with Zimbardo serving as the superintendent. The results seemed to show that the students quickly embraced their assigned roles, with some guards enforcing authoritarian measures and ultimately subjecting some prisoners to psychological torture, while many of the prisoners passively accepted psychological abuse and, by the officers' request, actively harassed other prisoners who tried to stop it. After Berkeley graduate Douglas Korpi appeared to have a nervous breakdown while playing the role of an inmate, the experiment was shut down. There's just one problem: Korpi's breakdown was a sham. Dr. Ben Blum took to Medium to publish his claims. "Blum's expose -- based on previously unpublished recordings of Zimbardo, a Stanford psychology professor, and interviews with the participants -- offers evidence that the 'guards' were coached to be cruel," reports New York Post. "One of the men who acted as an inmate told Blum he enjoyed the experiment because he knew the guards couldn't actually hurt him." "There were no repercussions. We knew [the guards] couldn't hurt us, they couldn't hit us. They were white college kids just like us, so it was a very safe situation," said Douglas Korpi, who was 22-years-old when he acted as an inmate in the study. The Berkeley grad now admits the whole thing was fake. Zimbardo also "admitted that he was an active participant in the study, meaning he had influence over the results," reports New York Post. According to an audio recording from the Stanford archive, you can hear Zimbardo encouraging the guards to act "tough."

Read more of this story at Slashdot.

US Government Finds New Malware From North Korea

Slashdot - Your Rights Online - N, 2018-06-17 17:15
Days after the historic North Korea-United States summit, the Department of Homeland Security issued a report on Thursday warning of a new variant of North Korean malware to look out for. Called Typeframe, the malware is able to download and install additional malware, proxies and trojans; modify firewalls; and connect to servers for additional instructions. Engadget reports: Since last May, the DHS has issued a slew of alerts and reports about North Korea's malicious cyber activity. The department also pointed out that North Korea has been hacking countries around the world since 2009. And of course, don't forget that the U.S. also labeled that country as the source of Wannacry cyberattack, which notably held data from the UK's National Health Service hostage, and wreaked havoc across Russia and Ukraine. CNN was first to report the news.

Read more of this story at Slashdot.

America's Nuclear Reactors Can't Survive Without Government Handouts

Slashdot - Your Rights Online - N, 2018-06-17 03:34
Slashdot reader Socguy shares an article from FiveThirtyEight: There are 99 nuclear reactors producing electricity in the United States today. Collectively, they're responsible for producing about 20% of the electricity we use each year. But those reactors are, to put it delicately, of a certain age. The average age of a nuclear power plant in this country is 38 years old (compared with 24 years old for a natural gas power plant). Some are shutting down. New ones aren't being built. And the ones still operational can't compete with other sources of power on price... without some type of public assistance, the nuclear industry is likely headed toward oblivion.... [I]t's the cost of upkeep that's prohibitive. Things do fall apart -- especially things exposed to radiation on a daily basis. Maintenance and repair, upgrades and rejuvenation all take a lot of capital investment. And right now, that means spending lots of money on power plants that aren't especially profitable... Combine age and economic misfortune, and you get shuttered power plants. Twelve nuclear reactors have closed in the past 22 years. Another dozen have formally announced plans to close by 2025. A professor of engineering and public policy at Carnegie Mellon University points out that nuclear power is America's single largest source of carbon emissions-free electricity -- though since 1996, only one new plant has opened in America, and at least 10 other new reactor projects have been canceled in the past decade. The article also describes two more Illinois reactors that avoided closure only after the state legislature offered new subsidies. "But as long as natural gas is cheap, the industry can't do without the handouts."

Read more of this story at Slashdot.

After a Decade, 77-Year-Old Gets Back $110,000 Lost In 'Nigerian Prince' Scam

Slashdot - Your Rights Online - N, 2018-06-17 01:34
Slashdot reader grep -v '.*' * shares a surprising story. The Kansas City Star profiles the victim of a three-year con that started with an email to a Yahoo inbox back in 2005. A decade ago, Fred Haines was wandering the Wichita airport looking for a Nigerian man hauling two chests full of cash. After an hour of waiting and asking around, he finally came to the realization that the $65 million Nigerian fortune he thought he was inheriting was not coming after all. What is now coming, though, is the $110,000 he had been scammed out of, thanks to the work of the Kansas Attorney General's Office. From 2005 to 2008, swindlers hoodwinked Haines, a self-employed handyman in Wichita, into spending thousands in pursuit of an imaginary inheritance from a Nigerian government official -- a con known as the Nigerian Prince Scam. Haines re-mortgaged his house three times in the process. Last year, in a settlement with the Department of Justice, Western Union admitted it knew some of its employees had conspired with scam artists to bilk people out of money and had failed to fix the problem. The company set aside $586 million to create a fund to refund victims across the U.S. and Canada... All victims who'd sent money to hucksters using the service were able to request refunds, but only those who had complained to law enforcement or Western Union were notified directly of the settlement. "It got to the point where they were showing me that the president of Nigeria had sent me a letter. It had his picture on it and everything," Haines said. "I looked it up on the computer to see what the Nigerian president looked like, and it was him." Once, he received an email claiming to be from Robert Mueller, who was then the FBI director. The email was addressed to Haines, code-name "B-DOG," and it was signed with the FBI's address and official seal. "I wish you can remove doubt and suspicious and go ahead I assured you that you will never regret this fund release," the email said in part. Haines is one of 344 victims who recovered a total of $1,758,988 through the Kansas Attorney General's office -- though when the office sent out 25,000 letters to possible scam victims, many of them were now skeptical of the promise of unclaimed money, and "Some were even angry when employees called to follow up on those who hadn't responded."

Read more of this story at Slashdot.

Prosecution of UK News Photographer Collapses After Recording Disproves Police Testimony

Slashdot - Your Rights Online - N, 2018-06-17 00:34
Slashdot reader Andy Smith writes: Slashdot reported last September how I was arrested while standing in a field near a road accident, as I photographed the scene for a newspaper. I was initially given a police warning for "obstruction", but the warning was then cancelled and I was prosecuted for resisting arrest and breach of the peace. These are serious charges and I was facing a prison sentence. Fortunately we had one very strong piece of evidence: A recording of my arrest. Not only did the recording prove that two police officers' testimony was false, but it caught one of them boasting about how he had conspired with a prosecutor to arrest and prosecute me. Yesterday the case was dropped, and now the two police officers and the prosecutor face a criminal investigation.

Read more of this story at Slashdot.

'Open Source Security' Loses in Court, Must Pay $259,900 To Bruce Perens

Slashdot - Your Rights Online - So, 2018-06-16 22:34
Bruce Perens co-founded the Open Source Initiative with Eric Raymond -- and he's also Slashdot reader #3872. Now he's just won a legal victory in court. "Open Source Security, maker of the grsecurity Linux kernel patches, has been directed to pay Bruce Perens and his legal team almost $260,000 following a failed defamation claim," reports The Register. Slashdot reader Right to Opine writes: The order requires Spengler and his company to pay $259,900.50, with the bill due immediately rather than allowing a wait for the appeal of the case. The Electronic Frontier Foundation's attorneys will represent Perens during OSS/Spengler's appeal of the case. Perens was sued for comments on his blog and here on Slashdot that suggested that OSS's Grsecurity product could be in violation of the GPL license on the Linux kernel. The court had previously ruled that Perens' statements were not defamatory, because they were statements by a non-attorney regarding an undecided issue in law. It is possible that Spengler is personally liable for any damages his small company can't pay, since he joined the case as an individual in order to preserve a claim of false light (which could not be brought by his company), removing his own corporate protection.

Read more of this story at Slashdot.

Two Teenaged Gamers Plead 'Not Guilty' For Fatal Kansas Swatting Death

Slashdot - Your Rights Online - So, 2018-06-16 18:34
Two more men entered pleas in federal court for their roles in a SWAT call that led to a fatal police shooting in Kansas: not guilty. An anonymous reader quotes Reuters: Shane Gaskill, 19, of Wichita, Kansas, and Casey Viner, 18, from a suburb of Cincinnati, pleaded not guilty on Wednesday and remained free on $10,000 bond, court records showed. Both of the suspects live with their parents, local media reported. In the so-called "swatting" incident, in which someone falsely reports an emergency requiring a police response, Viner got upset at Gaskill over a video game they played online, federal prosecutors said, and Viner contacted a known "swatter"...and asked him to make the false report to police at an address that had been provided by Gaskill. Viner did not know that Gaskill no longer lived at the address, but Gaskill knew, prosecutors said. After media reports of the shooting, Gaskill urged [swatter Tyler] Barriss to delete their communications and Viner wiped his phone, according to the indictment... Barriss and Viner face federal charges of conspiracy and several counts of wire fraud. Viner and Gaskill were charged with obstruction of justice and conspiracy to obstruct justice, and Gaskill was also charged with wire fraud and additional counts of obstruction of justice. In a jailhouse interview in January, Barriss told a local news team that "Whether you hang me from a tree, or you give me 5, 10, 15 years... I don't think it will ever justify what happened... I hope no one ever does it, ever again. I hope it's something that ceases to exist." In April, while still in jail, Barriss gained access to the internet then posted "All right, now who was talking shit? >:) Your ass is about to get swatted."

Read more of this story at Slashdot.

Firefox's Pocket Tries to Build a Facebook-Style Newsfeed That Respects Your Privacy

Slashdot - Your Rights Online - So, 2018-06-16 16:34
An anonymous reader quotes Ars Technica: Pocket, which lets you save articles and videos you find around the web to consume later, now has a home inside Firefox as the engine powering recommendations to 50 million people a month. By analyzing the articles and videos people save into Pocket, [Pocket founder and CEO Nate] Weiner believes the company can show people the best of the web -- in a personalized way -- without building an all-knowing, Facebook-style profile of the user. "We're testing this really cool personalization system within Firefox where it uses your browser history to target personalized [recommendations], but none of that data actually comes back to Pocket or Mozilla," Weiner said. "It all happens on the client, inside the browser itself. There is this notion today... I feel like you saw it in the Zuckerberg hearings. It was like, 'Oh, users. They will give us their data in return for a better experience.' That's the premise, right? And yes, you could do that. But we don't feel like that is the required premise. There are ways to build these things where you don't have to trade your life profile in order to actually get a good experience." Pocket can analyze which articles and videos from around the web are being shared as well as which ones are being read and watched. Over time, that gives the company a good understanding of which links lead to high-quality content that users of either Pocket or Firefox might enjoy. I use Firefox, but I don't use Pocket. Are there any Slashdot readers who want to share their experiences with read-it-later services, or thoughts about what Firefox is attempting?

Read more of this story at Slashdot.

The Silk Road's Alleged Right-Hand Man Will Finally Face a US Court

Slashdot - Your Rights Online - So, 2018-06-16 02:45
It's been nearly five years since the FBI surrounded Ross Ulbricht in the science fiction section of a San Francisco library, arrested him, and grabbed the laptop from which he had run the dark web drug bazaar known as the Silk Road. Ulbricht went on trial in a New York courtroom, and is currently serving a life sentence without parole. But even now, the Silk Road saga still hasn't ended: Half a decade after Ulbricht's arrest, his alleged advisor, mentor and right-hand man Roger Clark will finally face a US court, too. From a report: On Friday, the FBI, IRS, DHS, and prosecutors in the Southern District of New York announced the extradition of 56-year-old Canadian man Roger Clark from a Thai jail cell to New York to face newly unsealed charges for his role in Silk Road's operation. The indictment accuses Clark, who allegedly went by the pseudonyms Variety Jones, Cimon, and Plural of Mongoose in his role as Silk Road's consigliere, of crimes ranging from narcotics trafficking to money laundering. But even those charges don't capture the outsize role Clark is believed to have played in building and managing the Silk Road, from security audits to marketing, and even reportedly encouraging Ulbricht to use violence to maintain his empire. "As Ulbricht's right-hand man, Roger Clark allegedly advised him of methods to thwart law enforcement during the operation of this illegal ploy, pocketing hundreds of thousands of dollars in the process," writes FBI assistant director William Sweeney in a press statement. "Today's extradition of Roger Clark shows that despite alleged attempts to operate under the radar, he was never out of our reach."

Read more of this story at Slashdot.

US Files Criminal Charges Against Theranos's Elizabeth Holmes, Ramesh Balwani

Slashdot - Your Rights Online - So, 2018-06-16 00:00
John Carreyrou, reporting for WSJ: Federal prosecutors filed criminal charges against Theranos founder Elizabeth Holmes and the blood-testing company's former No. 2 executive, alleging that they defrauded investors out of hundreds of millions of dollars and also defrauded doctors and patients. The indictments of Ms. Holmes and Ramesh "Sunny" Balwani, Theranos's former president and chief operating officer who was also Ms. Holmes's boyfriend, are the culmination of a two-and-a-half-year investigation by the U.S. attorney's office in San Francisco, sparked by articles in The Wall Street Journal that raised questions about the company's technology and practices. Ms. Holmes, 34 years old, and Mr. Balwani, 53, were charged with two counts of conspiracy to commit wire fraud and nine counts of wire fraud in an indictment handed up Thursday and unsealed Friday.

Read more of this story at Slashdot.

Guy Robs Someone At Gunpoint For Domain Name, Gets 20 Years In Jail

Slashdot - Your Rights Online - Pt, 2018-06-15 22:40
Yesterday, 43-year-old Iowa man Sherman Hopkins Jr. was sentenced to 20 years in prison for attempting to rob a domain name from another man at gunpoint in 2017. As Motherboard reports, "this may be the first time someone has attempted to steal a domain name at gunpoint." From the report: Last June, Hopkins broke into the home of 26 year-old Ethan Deyo in Cedar Rapids, Iowa one afternoon and demanded that Deyo to log on to his computer to transfer the domain name for "doitforstate.com" to another account. According to Deyo's bio on his personal website, he is a web entrepreneur who previously worked for the web hosting service GoDaddy. After seeing Hopkins enter the apartment, Deyo locked himself into his room and Hopkins kicked in the door. Hopkins kicked in the door and "pistol-whipped" Deyo, held a gun to his head and used a stun gun on him during the encounter. While he attempted to wrestle the gun away from Hopkins, Deyo was shot in the leg, but he eventually gained control of the firearm and shot Hopkins multiple times in the chest. It's unclear why Hopkins wanted the domain name or who he was transferring the domain name to.

Read more of this story at Slashdot.

Some Prominent Tech Companies Are Paying Big Money To Kill a California Privacy Initiative

Slashdot - Your Rights Online - Pt, 2018-06-15 20:45
An anonymous reader quotes a report from The Verge: As data-sharing scandals continue to mount, a new proposal in California offers a potential solution: the California Consumer Privacy Act would require companies to disclose the types of information they collect, like data used to target ads, and allow the public to opt out of having their information sold. Now, some of tech's most prominent companies are pouring millions of dollars into an effort to to kill the proposal. In recent weeks, Amazon, Microsoft, and Uber have all made substantial contributions to a group campaigning against the initiative, according to state disclosure records. The $195,000 contributions from Amazon and Microsoft, as well as $50,000 from Uber, are only the latest: Facebook, Google, AT&T, and Verizon have each contributed $200,000 to block the measure, while other telecom and advertising groups have also poured money into the opposition group. After Mark Zuckerberg was grilled on privacy during congressional hearings, Facebook said it would no longer support the group. Google did not back down, and the more recent contributions suggest other companies will continue fighting the measure.

Read more of this story at Slashdot.

6 Fitbit Employees Charged With Stealing Trade Secrets From Jawbone

Slashdot - Your Rights Online - Pt, 2018-06-15 17:20
Six current and former Fitbit employees were charged in a federal indictment Thursday filed in San Jose for allegedly being in possession of trade secrets stolen from competitor Jawbone, according to information from the Department of Justice. From a report: The indictment charges the six people -- Katherine Mogal, 52, of San Francisco; Rong Zhang, 45, of El Cerrito; Jing Qi Weiden, 39, of San Jose; Ana Rosario, 33, of Pacifica; Patrick Narron, 41, of Boulder Creek; and Patricio Romano, 37, of Calabasas -- with violating confidentiality agreements they had signed as former employees of Jawbone after they accepted employment with Fitbit, according to an announcement from Acting U.S. Attorney Alex G. Tse and Homeland Security Investigations Special Agent in Charge Ryan L. Spradlin. San Francisco-based companies Fitbit and Jawbone were competitors in making wearable fitness trackers until Jawbone, once valued at $3.2B, went out of business in 2017. Each of the defendants worked for Jawbone for at least one year between May 2011 and April 2015, and had signed a confidentiality agreement with the company, according to the Department of Justice.

Read more of this story at Slashdot.

A British Plumber May Show Uber the Future of Employment

Slashdot - Your Rights Online - Pt, 2018-06-15 08:30
A British plumber may show Uber the future of employment. From a report: The U.K.'s top judges ruled Wednesday that Pimlico Plumbers Ltd. should've treated one of its tradesman as a "worker," giving him the right to vacation pay and to sue the company in a decision that could have ramifications for other gig economy lawsuits. Supreme Court judges found that plumber Gary Smith, who worked for London-based Pimlico Plumbers between August 2005 and April 2011, wasn't self-employed or a client of the firm, giving him the right to sue the company under discrimination laws. "This is one of the most significant employment status decisions we have seen in the last five years," said James Murray, an employment lawyer at Kingsley Napley in London. Uber and other app-based firms will be watching the ruling with interest as they face similar legal challenges over the way they treat employees. Uber's appeal of a decision granting its drivers benefits including overtime and paid vacation is scheduled to be heard by another court October 30. Meanwhile Deliveroo, the food-delivery service, is currently battling the IWGB union over its riders' employment status and in May, taxi service Addison Lee lost an appeal over whether drivers were independent contractors or employees with rights to benefits.

Read more of this story at Slashdot.