aggregator

SEC Charges App Annie With Securities Fraud in $10 Million Settlement

Slashdot - Your Rights Online - Śr, 2021-09-15 02:40
The Securities and Exchange Commission announced Tuesday that it's charging App Annie, the mobile app data provider, with securities fraud, accusing the company of "engaging in deceptive practices" and misrepresenting the origins of its data. From a report: App Annie will pay a $10 million settlement, according to the announcement, although the company has not admitted to any of the SEC's findings. According to the SEC, the company, which sells estimates on app downloads, usage and revenue, assured app businesses that the performance data they shared with App Annie would only be used in an anonymized way and run through an algorithm to generate performance estimates. But the SEC accuses App Annie and its former CEO and Chairman Bertrand Schmitt of reneging on that promise and using actual performance data to tweak its estimate models between 2014 and 2018. Then, the SEC alleges, the company sold that confidential data to trading firms, and misled those customers into thinking that the data was compliant with federal securities laws.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=SEC+Charges+App+Annie+With+Securities+Fraud+in+%2410+Million+Settlement%3A+https%3A%2F%2Fbit.ly%2F2XqT1b1"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F21%2F09%2F14%2F2110206%2Fsec-charges-app-annie-with-securities-fraud-in-10-million-settlement%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/21/09/14/2110206/sec-charges-app-annie-with-securities-fraud-in-10-million-settlement?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotYourRightsOnline/~4/jswKIM5vzcY" height="1" width="1" alt=""/

China Uses Anti-fraud App To Track Access To Overseas Financial News Sites

Slashdot - Your Rights Online - Wt, 2021-09-14 18:47
Chinese police are using a new anti-fraud app installed on more than 200m mobile phones to identify and question people who have viewed overseas financial news sites, according to individuals summoned by the authorities. From a report: The app was launched in March by the public security ministry's National Anti-Fraud Center and blocks suspicious phone calls and reports malware. Police said it was needed to combat a surge in fraud, often perpetrated by overseas operations managed by Chinese and Taiwanese nationals. The ministry recommended that the app was downloaded but numerous local government agencies made it mandatory for their employees and individuals with whom they work, such as students and tenants. One Shanghai-based user told the Financial Times he was contacted by police after accessing a US financial news service. He was also asked whether he had contacts abroad and regularly visited overseas websites. The user, who asked not to be identified, said police seemed genuinely concerned about foreign scams. "But the questions they raised about whether I have contacted foreigners made me feel like they don't want me accessing foreign websites," he added. "I deleted the app after the meeting."pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=China+Uses+Anti-fraud+App+To+Track+Access+To+Overseas+Financial+News+Sites%3A+https%3A%2F%2Fbit.ly%2F3944yPQ"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F21%2F09%2F14%2F1648207%2Fchina-uses-anti-fraud-app-to-track-access-to-overseas-financial-news-sites%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/21/09/14/1648207/china-uses-anti-fraud-app-to-track-access-to-overseas-financial-news-sites?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotYourRightsOnline/~4/vbtA66rWa7M" height="1" width="1" alt=""/

Uber Drivers Are Employees, Not Contractors, Says Dutch Court

Slashdot - Your Rights Online - Wt, 2021-09-14 02:45
An anonymous reader quotes a report from Reuters: Uber drivers are employees, not contractors, and so entitled to greater workers' rights under local labor laws, a Dutch court ruled on Monday, handing a setback to the U.S. company's European business model. It was another court victory for unions fighting for better pay and benefits for those employed in the gig economy and followed a similar decision this year about Uber in Britain. The Amsterdam District Court sided with the Federation of Dutch Trade Unions (FNV), which had argued that Uber's roughly 4,000 drivers in the capital are employees of a taxi company and should be granted benefits in line with the taxi sector. The court found drivers who transport passengers via the Uber app are covered by the collective labour agreement for taxi transportation. "The legal relationship between Uber and these drivers meets all the characteristics of an employment contract," the ruling said. Uber drivers are in some cases entitled to back pay, the court said. The judges also ordered Uber to pay a fine of 50,000 euros ($58,940) for failing to implement the terms of the labor agreement for taxi drivers. Uber said it would appeal against the decision and "has no plans to employ drivers in the Netherlands." They added: "We are disappointed with this decision because we know that the overwhelming majority of drivers wish to remain independent. Drivers don't want to give up their freedom to choose if, when and where to work." Last November, Uber, Lyft and other gig economy companies scored a decisive win in California when a majority of the state's voters passed a company-sponsored ballot measure that cemented workers' status as contractors, albeit with some benefits.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Uber+Drivers+Are+Employees%2C+Not+Contractors%2C+Says+Dutch+Court%3A+https%3A%2F%2Fbit.ly%2F3tDMBRz"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F21%2F09%2F13%2F2111201%2Fuber-drivers-are-employees-not-contractors-says-dutch-court%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://tech.slashdot.org/story/21/09/13/2111201/uber-drivers-are-employees-not-contractors-says-dutch-court?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotYourRightsOnline/~4/IiYAU8cog_g" height="1" width="1" alt=""/

Biden To Tap Privacy Hawk For FTC Post

Slashdot - Your Rights Online - Pn, 2021-09-13 18:51
President Biden will nominate Georgetown University law professor Alvaro Bedoya to be a Democratic commissioner at the Federal Trade Commission, people familiar with the matter told Axios. From a report: Bedoya, founding director of the Center on Privacy amp; Technology at Georgetown, will bring a bevy of experience on privacy issues to the FTC's work on tech. If confirmed, Bedoya will solidify the Democratic majority at the FTC with current commissioner Rohit Chopra set to leave the agency as Biden's nominee to lead the Consumer Financial Protection Bureau. Bedoya previously was chief counsel of the Senate Judiciary privacy subcommittee and worked on issues including mobile location data and facial recognition.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Biden+To+Tap+Privacy+Hawk+For+FTC+Post%3A+https%3A%2F%2Fbit.ly%2F2XdF9B9"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F21%2F09%2F13%2F1652208%2Fbiden-to-tap-privacy-hawk-for-ftc-post%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/21/09/13/1652208/biden-to-tap-privacy-hawk-for-ftc-post?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotYourRightsOnline/~4/88PWEbPlhp4" height="1" width="1" alt=""/

Epic Files Appeal After Loss To Apple in App Store Case

Slashdot - Your Rights Online - Pn, 2021-09-13 18:10
Epic Games filed a notice of appeal Sunday following a judge's decision in its antitrust lawsuit against Apple. From a report: U.S. District Judge Yvonne Gonzalez Rogers mostly sided with Apple, rejecting Epic's claims that the iPhone maker is a monopoly. She also didn't rule that Apple needs to restore Fortnite, Epic's hit game at the center of the lawsuit, to the App Store or Epic's Apple developer account. She also rejected the need for third-party App Stores and didn't force Apple to lower its App Store revenue cut of 15% to 30%. The judge, however, said that Apple has engaged in some anticompetitive conduct and she ordered the Cupertino, California-based technology giant to allow all app and game developers to steer consumers to outside payment methods on the web. All developers for the first time could be able to include a button in their apps to let users pay for transactions online, circumventing Apple's fees. She also ordered Epic to pay at least $4 million in damages to Apple for breach of contract, which included collecting payments outside of Apple's in-app-purchase system.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Epic+Files+Appeal+After+Loss+To+Apple+in+App+Store+Case%3A+https%3A%2F%2Fbit.ly%2F3nuaKJi"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fapple.slashdot.org%2Fstory%2F21%2F09%2F13%2F1610234%2Fepic-files-appeal-after-loss-to-apple-in-app-store-case%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://apple.slashdot.org/story/21/09/13/1610234/epic-files-appeal-after-loss-to-apple-in-app-store-case?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotYourRightsOnline/~4/5KdDINQlJSo" height="1" width="1" alt=""/

'Every Message Was Copied to the Police': the Daring Sting Behind the An0m Phone

Slashdot - Your Rights Online - N, 2021-09-12 23:17
The Guardian tells the story of "a viral sensation in the global underworld," the high-security An0m phones, which launched with "a grassroots marketing campaign, identifying so-called influencers mdash; 'well-known crime figures who wield significant power and influence over other criminal associates', according to a US indictment mdash; within criminal subcultures." An0m could not be bought in a shop or on a website. You had to first know a guy. Then you had to be prepared to pay the astronomical cost: $1,700 for the handset, with a $1,250 annual subscription, an astonishing price for a phone that was unable to make phone calls or browse the internet. Almost 10,000 users around the world had agreed to pay, not for the phone so much as for a specific application installed on it. Opening the phone's calculator allowed users to enter a sum that functioned as a kind of numeric open sesame to launch a secret messaging application. The people selling the phone claimed that An0m was the most secure messaging service in the world. Not only was every message encrypted so that it could not be read by a digital eavesdropper, it could be received only by another An0m phone user, forming a closed loop system entirely separate from the information speedways along which most text messages travel. Moreover, An0m could not be downloaded from any of the usual app stores. The only way to access it was to buy a phone with the software preinstalled... [U]sers could set an option to wipe the phone's data if the device went offline for a specified amount of time. Users could also set especially sensitive messages to self-erase after opening, and could record and send voice memos in which the phone would automatically disguise the speaker's voice. An0m was marketed and sold not so much to the security conscious as the security paranoid... An0m was not, however, a secure phone app at all. Every single message sent on the app since its launch in 2018 mdash; 19.37m of them mdash; had been collected, and many of them read by the Australian federal police (AFP) who, together with the FBI, had conceived, built, marketed and sold the devices. On 7 June 2021, more than 800 arrests were made around the world.... Law enforcement agencies ultimately saw An0m as a creative workaround for unbreakable encryption, according to the Guardian. "Why debate tech companies on privacy issues through costly legal battles if you can simply trick criminals into using your own monitored network?" The Guradian's story was shared by jd (Slashdot user #1,658), who sees an ethical question. "As the article notes, what's to stop a tyrant doing the same against rivals or innocent protestors?"pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status='Every+Message+Was+Copied+to+the+Police'%3A+the+Daring+Sting+Behind+the+An0m+Phone%3A+https%3A%2F%2Fbit.ly%2F3Ees9eU"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F21%2F09%2F12%2F2114248%2Fevery-message-was-copied-to-the-police-the-daring-sting-behind-the-an0m-phone%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/21/09/12/2114248/every-message-was-copied-to-the-police-the-daring-sting-behind-the-an0m-phone?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotYourRightsOnline/~4/vRGKACkiUIA" height="1" width="1" alt=""/

Boeing's Directors Are Now Facing an Investor Lawsuit Over Fatal 737 Max Crashes

Slashdot - Your Rights Online - N, 2021-09-12 21:04
Alain Williams (Slashdot reader #2972) brings this report from the BBC: Boeing's board of directors must face a lawsuit from shareholders over two fatal crashes involving its 737 Max plane, a U.S. judge has ruled. Morgan Zurn said the first crash was a "red flag" about a key safety system on the aircraft "that the board should have heeded but instead ignored". She said the real victims were the dead and their families but investors had also lost billions of dollars... In her ruling the Delaware judge said: "While it may seem callous in the face of [the families'] losses, corporate law recognizes another set of victims: Boeing as an enterprise, and its stockholders...." The crashes have already cost Boeing about $20bn in fines, cancelled orders and other costs. pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Boeing's+Directors+Are+Now+Facing+an+Investor+Lawsuit+Over+Fatal+737+Max+Crashes%3A+https%3A%2F%2Fbit.ly%2F3El8QB1"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F21%2F09%2F12%2F192255%2Fboeings-directors-are-now-facing-an-investor-lawsuit-over-fatal-737-max-crashes%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/21/09/12/192255/boeings-directors-are-now-facing-an-investor-lawsuit-over-fatal-737-max-crashes?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotYourRightsOnline/~4/-uKc3MyQomo" height="1" width="1" alt=""/

Senator Wyden Reflects on 9/11's Legacy: Mass Surveillance

Slashdot - Your Rights Online - So, 2021-09-11 21:11
"After 9/11, I took the threat of terrorism seriously, still do," U.S. Senator Ron Wyden tells Fast Company. "But also I was concerned about how the new surveillance authorities might be abused..." From Fast Company's report: After the 9/11 attacks, one big concern was connecting the dots. Failing to do so was why we missed the warning signs of the attacks and how we would prevent the next ones, the thinking went. One solution, according to the Pentagon, was a project to gather as much data as possible, to look for signs of future bad behavior. It was called Total Information Awareness... Since the 1970s, Congress has been charged with preventing further abuse of the government's surveillance powers, particularly when it comes to spying on Americans. And few in Congress have questioned these powers as vigorously as Sen. Ron Wyden... Sen. Wyden: Total Information Awareness was an ominous sounding idea to put together as much data on Americans as possible, and when used with what was then so-called predictive technology, identify who to watch as a way to stop terrorism. In the fight in Congress, here's the lesson that goes to the concerns we had 20 years ago: Total Information Awareness made it clear that the threat is not just surveillance through the aggressive collection, amalgamating, and mining of information through existing authorities. The bigger problem now is the amount of data on Americans that's available commercially or on social media... the threat to people's privacy is just as great. And the job of getting people's attention is still very, very challenging... This is a national security issue: The personal data of Americans that the data brokers are selling is a gold mine for foreign intelligence services who can exploit it, to target supercharged hacking, blackmail, and influence campaigns. So I'm leading an effort right now that encompasses the biggest online advertising companies, to ask if they're sharing Americans' web browsing and location data with foreign companies.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Senator+Wyden+Reflects+on+9%2F11's+Legacy%3A++Mass+Surveillance%3A+https%3A%2F%2Fbit.ly%2F3l995pG"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Fyro.slashdot.org%2Fstory%2F21%2F09%2F11%2F197248%2Fsenator-wyden-reflects-on-911s-legacy-mass-surveillance%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://yro.slashdot.org/story/21/09/11/197248/senator-wyden-reflects-on-911s-legacy-mass-surveillance?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotYourRightsOnline/~4/yzH2Ln03Uw8" height="1" width="1" alt=""/

Security Weaknesses in Mozilla VPN Found and Addressed by Audit

Slashdot - Your Rights Online - So, 2021-09-11 19:34
"Recently, browsing leader Mozilla shared the result of an independent security audit on its VPN service," reports Fossbytes. "Upon inspection, a few vulnerabilities were discovered in the VPN, one of which was reportedly a major risk." In a blog post, Mozilla shared that Cure53, a Berlin-based cybersecurity firm, had identified and fixed the security vulnerabilities in its VPN... The most severe issue, labeled "FVP-02-014," made the user vulnerable to cross-site WebSocket hijacking. Moreover, the medium-risk vulnerabilities revolved around "VPN leak via captive portal detection" and "Auth code leak" by injecting the port. However, these sophisticated terms shouldn't worry you anymore as Cure53 has already addressed these weaknesses. There has also been no mention of any Mozilla VPN users falling victim to these either. The Firefox developer's public post that outlines the security flaws detected by the German firm provides users an insight into the potential risks of using a VPN. Moreover, these audits also help Mozilla iron out any issues that its one-year-old VPN service might have.pdiv class="share_submission" style="position:relative;" a class="slashpop" href="http://twitter.com/home?status=Security+Weaknesses+in+Mozilla+VPN+Found+and+Addressed+by+Audit%3A+https%3A%2F%2Fbit.ly%2F3ljbcr0"img src="https://a.fsdn.com/sd/twitter_icon_large.png"/a a class="slashpop" href="http://www.facebook.com/sharer.php?u=https%3A%2F%2Ftech.slashdot.org%2Fstory%2F21%2F09%2F11%2F0011202%2Fsecurity-weaknesses-in-mozilla-vpn-found-and-addressed-by-audit%3Futm_source%3Dslashdot%26utm_medium%3Dfacebook"img src="https://a.fsdn.com/sd/facebook_icon_large.png"/a /div/ppa href="https://tech.slashdot.org/story/21/09/11/0011202/security-weaknesses-in-mozilla-vpn-found-and-addressed-by-audit?utm_source=rss1.0moreanonamp;utm_medium=feed"Read more of this story/a at Slashdot./pimg src="http://feeds.feedburner.com/~r/Slashdot/slashdotYourRightsOnline/~4/IBM-_ziyxU4" height="1" width="1" alt=""/

Uber Eats, DoorDash, Grubhub Sue New York City Over Legislation on Commission Caps

Slashdot - Your Rights Online - Pt, 2021-09-10 16:00
Food-delivery companies DoorDash, Grubhub and Uber Eats have sued New York City over a legislation to license food-delivery apps and to permanently cap commissions they can charge restaurants. From a report: The three food-delivery companies filed a lawsuit in federal court in New York late on Thursday. The companies are seeking an injunction that would prevent New York from enforcing the fee-cap ordinance adopted last month, as well as unspecified monetary damages and a jury trial. The New York City Council approved in August a legislation which limits the amount that food-delivery companies can charge restaurants to use their platforms and requires them to obtain operating licenses that are valid for two years. read more "Those permanent price controls will harm not only Plaintiffs, but also the revitalization of the very local restaurants that the City claims to serve," the companies said in the lawsuit filed on Thursday. The suit argues that the legislation is unconstitutional because "it interferes with freely negotiated contracts between platforms and restaurants by changing and dictating the economic terms on which a dynamic industry operates."

Read more of this story at Slashdot.

Web Creator Tim Berners-Lee Joins ProtonMail's Advisory Board

Slashdot - Your Rights Online - Cz, 2021-09-09 23:15
The inventor of the World Wide Web, Tim Berners-Lee, has joined the advisory board of hosted email service provider ProtonMail. From a report: In a statement, ProtonMail CEO and founder Andy Yen said the addition of Berners-Lee to the company's advisory board was aligned with its goal to "create an internet where people are in control of their information at all times. Our vision is to build an internet where privacy is the default by creating an ecosystem of services accessible to everyone, everywhere, every day," Yen said. Yen said the company already had a past relationship with Berners-Lee, explaining that the idea of ProtonMail was initially conceived at CERN, the European Organization for Nuclear Research, where the World Wide Web was created. The addition of Berners-Lee comes almost immediately after ProtonMail received flak for giving a climate activist's IP address to French authorities to comply with a Swiss court order. Addressing the logging of the IP address in a blog post earlier this week, Yen said all companies have to comply with laws, such as court orders, if they operate within 15 miles of land. "No matter what service you use, unless it is based 15 miles offshore in international waters, the company will have to comply with the law," Yen said.

Read more of this story at Slashdot.

County IT Supervisor Mined Bitcoin At the Office, Prosecutors Say

Slashdot - Your Rights Online - Cz, 2021-09-09 15:00
An anonymous reader quotes a report from The New York Times: A Long Island man was charged on Wednesday with using his position as an I.T. supervisor for Suffolk County to mine cryptocurrency from government offices, costing the county thousands of dollars in electricity. Prosecutors said that Christopher Naples, 42, of Mattituck, L.I., had hidden 46 specialized devices used to mine Bitcoin and other cryptocurrencies in six rooms in the Suffolk County Center in Riverhead, including underneath floorboards and inside an unused electrical panel. Mr. Naples was charged with public corruption, grand larceny, computer trespass and official misconduct. If convicted of the top charge, he could face up to 15 years in prison. Mr. Naples had admitted that the devices belonged to him and that he had been operating them for at least several months before the district attorney's office was alerted to the scheme. Prosecutors said that at least 10 of Mr. Naples's machines had been running since February, costing Suffolk County more than $6,000. [...] [G]iven that 36 more machines had been discovered, it was likely that Mr. Naples had cost the county thousands more. [...] [O]ne room in which Mr. Naples had placed the devices had critically important computer servers and other equipment for the entire county, and that the temperature in that room in which the devices were placed had dropped 20 degrees shortly after they were disabled.

Read more of this story at Slashdot.

After Chiding Apple On Privacy, Germany Says It Uses Pegasus Spyware

Slashdot - Your Rights Online - Cz, 2021-09-09 02:45
"Germany's Federal Criminal Police Office (BKA) purchased access to NSO Group's Pegasus spyware in 2019 after internal efforts to create similar iOS and Android surveillance tools failed," reports AppleInsider. The news comes less than a month after the Digital Agenda committee chairman of Germany's federal parliament, Manual Hoferlin, declared Apple to be on a "dangerous path" with plans to enact on-device child sexual assault material monitoring. He said the system undermines "secure and confidential communication" and represents the "biggest breach of the dam for the confidentiality of communication that we have seen since the invention of the Internet." From the report: The federal government revealed the agreement with NSO in a closed-door session with the German parliament's Interior Committee on Tuesday, reports Die Zeit. When the BKA began to use Pegasus is unclear. While Die Zeit says the tool was purchased in 2019 and is currently used in concert with a less effective state-developed Trojan, a separate report from Suddeutsche Zeitung, via DW.com, cites BKA Vice President Martina Link as confirming an acquisition in late 2020 followed by deployment against terrorism and organized crime suspects in March. Officials made the decision to adopt Pegasus in spite of concerns regarding the legality of deploying software that can grant near-unfettered access to iPhone and Android handsets. As noted in the report, NSO's spyware exploits zero-day vulnerabilities to gain access to smartphones, including the latest iPhones, to record conversations, gather location data, access chat transcripts and more. Germany's laws state that authorities can only infiltrate suspects' cellphone and computers under special circumstances, while surveillance operations are governed by similarly strict rules. BKA officials stipulated that only certain functions of Pegasus be activated in an attempt to bring the powerful tool in line with the country's privacy laws, sources told Die Zeit. It is unclear how the restrictions are implemented and whether they have been effective. Also unknown is how often and against whom Pegasus was deployed. According to Die Zeit, Germany first approached NSO about a potential licensing arrangement in 2017, but the plan was nixed due to concerns about the software's capabilities. Talks were renewed after the BKA's attempts to create its own spyware fell short.

Read more of this story at Slashdot.

Biden Offers Ambitious Blueprint for Solar Energy

Slashdot - Your Rights Online - Cz, 2021-09-09 02:01
The Biden administration on Wednesday released a blueprint for producing almost half of the nation's electricity from the sun by 2050 -- something that would require the country to double the amount of solar energy installed every year over the next four years and then double it again by 2030. From a report: The expansion of solar energy is part of President Biden's effort to fight climate change, but there would be little historical precedent for increasing solar energy, which contributed less than 4 percent of the country's electricity last year, that quickly. Such a large increase, laid out in an Energy Department report, is in line with what most climate scientists say is needed to stave off the worst effects of global warming. It would require a vast transformation in technology, the energy industry and the way people live. The Energy Department said its calculations showed that solar panels had fallen so much in cost that they could produce 40 percent of the country's electricity by 2035 -- enough to power all American homes -- and 45 percent by 2050. Getting there will mean trillions of dollars in investments by homeowners, businesses and the government. The electric grid -- built for hulking coal, natural gas and nuclear power plants -- would have to be almost completely remade with the addition of batteries, transmission lines and other technologies that can soak up electricity when the sun is shining and to send it from one corner of the country to another.

Read more of this story at Slashdot.

Facebook Users Liable For All Comments Under Their Posts, According To Australia High Court

Slashdot - Your Rights Online - Śr, 2021-09-08 23:20
An anonymous reader quotes a report from Gizmodo: Australia's High Court, roughly the equivalent of the U.S. Supreme Court, has ruled that Facebook users are responsible for the content of complete strangers who post defamatory comments on their posts. The ruling upholds a June 2019 ruling by the Supreme Court of New South Wales, home to Australia's largest city of Sydney. And it runs counter to how virtually everyone thinks about liability on the internet. The High Court's ruling on Wednesday is just a small part of a larger case brought against Australian news outlets, including the Sydney Morning Herald, The Age, and The Australian, among others, by a man who said he was defamed in the Facebook comments of the newspapers' stories in 2016. The question before the High Court was the definition of "publisher," something that isn't easily defined in Australian law. From Australia's ABC News: "The court found that, by creating a public Facebook page and posting content, the outlets had facilitated, encouraged and thereby assisted the publication of comments from third-party Facebook users, and they were, therefore, publishers of those comments."

Read more of this story at Slashdot.

UK's ICO Calls For Browser-Level Controls To Fix 'Cookie Fatigue'

Slashdot - Your Rights Online - Śr, 2021-09-08 15:00
An anonymous reader quotes a report from TechCrunch: In the latest quasi-throwback toward "do not track," the UK's data protection chief has come out in favor of a browser- and/or device-level setting to allow Internet users to set "lasting" cookie preferences -- suggesting this as a fix for the barrage of consent pop-ups that continues to infest websites in the region. European web users digesting this development in an otherwise monotonously unchanging regulatory saga, should be forgiven -- not only for any sense of deja vu they may experience -- but also for wondering if they haven't been mocked/gaslit quite enough already where cookie consent is concerned. Last month, UK digital minister Oliver Dowden took aim at what he dubbed an "endless" parade of cookie pop-ups -- suggesting the government is eyeing watering down consent requirements around web tracking as ministers consider how to diverge from European Union data protection standards, post-Brexit. (He's slated to present the full sweep of the government's data 'reform' plans later this month so watch this space.) Today the UK's outgoing information commissioner, Elizabeth Denham, stepped into the fray to urge her counterparts in G7 countries to knock heads together and coalesce around the idea of letting web users express generic privacy preferences at the browser/app/device level, rather than having to do it through pop-ups every time they visit a website. In a statement announcing "an idea" she will present this week during a virtual meeting of fellow G7 data protection and privacy authorities -- less pithily described in the press release as being "on how to improve the current cookie consent mechanism, making web browsing smoother and more business friendly while better protecting personal data" -- Denham said: "I often hear people say they are tired of having to engage with so many cookie pop-ups. That fatigue is leading to people giving more personal data than they would like. The cookie mechanism is also far from ideal for businesses and other organizations running websites, as it is costly and it can lead to poor user experience. While I expect businesses to comply with current laws, my office is encouraging international collaboration to bring practical solutions in this area. There are nearly two billion websites out there taking account of the world's privacy preferences. No single country can tackle this issue alone. That is why I am calling on my G7 colleagues to use our convening power. Together we can engage with technology firms and standards organizations to develop a coordinated approach to this challenge," she added.

Read more of this story at Slashdot.

WhatsApp Moderators Can Read Your Messages

Slashdot - Your Rights Online - Śr, 2021-09-08 03:25
Gizmodo highlights the findings of a new ProPublica report on WhatsApp's content moderation system. What they found was that there are at least 1,000 WhatsApp content moderators employed by Facebook's moderator contract firm Accenture to review user-reported content that's been flagged by its machine learning system. "They monitor for, among other things, spam, disinformation, hate speech, potential terrorist threats, child sexual abuse material (CSAM), blackmail, and "sexually oriented businesses,'" reports Gizmodo. "Based on the content, moderators can ban the account, put the user 'on watch,' or leave it alone." From the report: Most can agree that violent imagery and CSAM should be monitored and reported; Facebook and Pornhub regularly generate media scandals for not moderating enough. But WhatsApp moderators told ProPublica that the app's artificial intelligence program sends moderators an inordinate number of harmless posts, like children in bathtubs. Once the flagged content reaches them, ProPublica reports that moderators can see the last five messages in a thread. WhatsApp discloses, in its terms of service, that when an account is reported, it "receives the most recent messages" from the reported group or user as well as "information on your recent interactions with the reported user." This does not specify that such information, viewable by moderators, could include phone numbers, profile photos, linked Facebook and Instagram accounts, their IP address, and mobile phone ID. And, the report notes, WhatsApp does not disclose the fact that it amasses all users' metadata no matter their privacy settings. WhatsApp didn't offer much clarity on what mechanism it uses to receive decrypted messages, only that the person tapping the "report" button is automatically generating a new message between themselves and WhatsApp. That seems to indicate that WhatsApp is deploying a sort of copy-paste function, but the details are still unclear. Facebook told Gizmodo that WhatsApp can read messages because they're considered a version of direct messaging between the company and the reporter. They added that users who report content make the conscious choice to share information with Facebook; by their logic, Facebook's collection of that material doesn't conflict with end-to-end encryption. So, yes, WhatsApp can see your messages without your consent.

Read more of this story at Slashdot.

Unity Patents 'Methods and Apparatuses To Improve the Performance of a Video Game Engine Using An Entity Component System'

Slashdot - Your Rights Online - Śr, 2021-09-08 02:45
slack_justyb writes: Unity has filed a patent with the USPTO for "Methods and apparatuses to improve the performance of a video game engine using an Entity Component System (ECS)." ECS methods are something that some other open source game engines already use. One example is Bevy for Rust. Some are already commenting on the ramifications of this patent application and indicating that this could be a massive overstep by Unity to attempt to patent something already used by other lesser-known game engines.

Read more of this story at Slashdot.

Facebook Admits 'Trust Deficit' As It Looks To Launch Digital Wallet

Slashdot - Your Rights Online - Śr, 2021-09-08 00:02
Facebook says it's finally ready to launch its most ambitious new product in years: a digital wallet called Novi. But the man leading the charge says Washington could stand in its way. From a report: Facebook needs to convince regulators skeptical of its power that it's a good idea. "If there's one thing we need, it's the benefit of the doubt," Facebook's David Marcus said in an interview with Axios. "[W]e're starting with a trust deficit that we need to compensate." Much of Facebook's broader ambitions, like building a "meta-verse" and advancing its shopping platform, are tied to innovations in payments. Marcus -- head of F2, which stands for Facebook Financial -- visited Washington last week to meet with key regulatory stakeholders about Novi, a wallet app built on blockchain technology. Crypto-based payment systems, he says, will help to "really lower the bar for accessibility to a modern financial system." He was also there to discuss the Diem Association, a group made up of 26 corporate and non-profit members that is building a blockchain-based payments system that Novi will use. The group is meant to act as an unbiased third party that allows various digital wallets around the world to trade using the same type of digital coin, called a Diem. Marcus says Facebook is hoping to launch Novi in conjunction with Diem by years' end. While Novi is ready to launch now, it's unclear whether Diem will be ready this year, in part because it requires more regulatory buy-in. Regardless, "we plan to actually get it out (Novi) in the market this half, no matter what," he said.

Read more of this story at Slashdot.

ProtonMail Logged IP Address of French Activist After Order By Swiss Authorities

Slashdot - Your Rights Online - Pn, 2021-09-06 21:00
ProtonMail, a hosted email service with a focus on end-to-end encrypted communications, has been facing criticism after a police report showed that French authorities managed to obtain the IP address of a French activist who was using the online service. From a report: The company has communicated widely about the incident, stating that it doesn't log IP addresses by default and it only complies with local regulation -- in that case Swiss law. While ProtonMail didn't cooperate with French authorities, French police sent a request to Swiss police via Europol to force the company to obtain the IP address of one of its users. For the past year, a group of people have taken over a handful of commercial premises and apartments near Place Sainte Marthe in Paris. They want to fight against gentrification, real estate speculation, Airbnb and high-end restaurants. While it started as a local conflict, it quickly became a symbolic campaign. They attracted newspaper headlines when they started occupying premises rented by Le Petit Cambodge -- a restaurant that was targeted by the November 13th, 2015 terrorist attacks in Paris. On September 1st, the group published an article on Paris-luttes.info, an anticapitalist news website, summing up different police investigations and legal cases against some members of the group. According to their story, French police sent an Europol request to ProtonMail in order to uncover the identity of the person who created a ProtonMail account -- the group was using this email address to communicate. The address has also been shared on various anarchist websites. The next day, @MuArF on Twitter shared an abstract of a police report detailing ProtonMail's reply. According to @MuArF, the police report is related to the ongoing investigation against the group who occupied various premises around Place Sainte-Marthe. It says that French police received a message on Europol.

Read more of this story at Slashdot.