aggregator

Equifax Web Site Designer Fined $50,000 And Confined To Home Over Insider Trading

Slashdot - Your Rights Online - So, 2018-10-20 16:34
An anonymous reader writes: A 44-year-old, Georgia-based programmer -- who'd been working at Equifax since 2003 -- has been sentenced to eight months of home confinement and a $50,000 fine for insider trading. Working as Equifax's Production Development Manager of Software Engineering in August of 2017, he'd been asked to create a web site where customers could query a database to see if they were affected by a yet-to-be-announced security breach for a high-profile client. Guessing correctly that it was his own employer's breach, he'd used his wife's brokerage account to purchase $2,166.11 in "put" options betting that Equifax's stock price would tumble -- and when it did, he'd scored a hefty profit of $75,167.68. "As part of his SEC settlement, he must also forfeit $75,979, the ill-gotten funds, plus interest," ZDNet reports, noting that the transactions "came to light after Equifax started internal investigations into several reported cases of employee insider trading." Another federal complaint also alleges that another Equifax executive avoided $117,000 in losses by selling all $1 million of his stock options -- the same day he'd performed a web search about how Experian's stock was affected by a 2015 security breach, but two weeks before Equifax's breach was announced. That case is still ongoing.

Read more of this story at Slashdot.

HealthCare.gov Portal Suffers Data Breach Exposing 75,000 Customers

Slashdot - Your Rights Online - So, 2018-10-20 15:00
An anonymous reader quotes a report from Gizmodo: Sensitive information belonging to roughly 75,000 individuals was exposed after a government healthcare sign-up system got hacked, the Centers for Medicare & Medicaid Services (CMS) said on Friday. The agency said that "anomalous system activity" was detected last week in the Direct Enrollment system, which Americans use to enroll in healthcare plans via the insurance exchange established under the Affordable Care Act -- also known as Obamacare. A breach was declared on Wednesday. It's unclear why the agency, which is part of the U.S. Department of Health and Human Services, chose to not announce the incident sooner. Officials said the hacked portal is used by insurance agents and brokers to help Americans sign up for coverage and that no other systems were involved. The affected system has been disabled. CMS said it hoped to restore it before the end of next week. "I want to make clear to the public that HealthCare.gov and the Marketplace Call Center are still available, and open enrollment will not be negatively impacted," CMS Administrator Seema Verma said in a statement. "We are working to identify the individuals potentially impacted as quickly as possible so that we can notify them and provide resources such as credit protection."

Read more of this story at Slashdot.

Ajit Pai Killed Rules That Could Have Helped Florida Recover From Hurricane

Slashdot - Your Rights Online - So, 2018-10-20 04:10
sharkbiter shares a report from Ars Technica: The Federal Communications Commission chairman slammed wireless carriers on Tuesday for failing to quickly restore phone service in Florida after Hurricane Michael, calling the delay "completely unacceptable." But FCC Chairman Ajit Pai's statement ignored his agency's deregulatory blitz that left consumers without protections designed to ensure restoration of service after disasters, according to longtime telecom attorney and consumer advocate Harold Feld. The Obama-era FCC wrote new regulations to protect consumers after Verizon tried to avoid rebuilding wireline phone infrastructure in Fire Island, New York, after Hurricane Sandy hit the area in October 2012. But Pai repealed those rules, claiming that they prevented carriers from upgrading old copper networks to fiber. Pai's repeal order makes zero mentions of Fire Island and makes reference to Verizon's response to Hurricane Sandy only once, in a footnote. Among other things, the November 2017 FCC action eliminated a requirement that telcos turning off copper networks must provide Americans with service at least as good as those old copper networks. This change lets carriers replace wireline service with mobile service only, even if the new mobile option wouldn't pass a "functional test" that Pai's FCC eliminated. Additionally, "in June 2018, Chairman Pai further deregulated telephone providers to make it easier to discontinue service after a natural disaster," Feld wrote. In response to Pai's deregulation, Feld wrote: "The situation in Florida shows what happens when regulators abandon their responsibilities to protect the public based on unenforceable promises from companies eager to cut costs for maintenance and emergency preparedness. This should be a wake-up call for the 37 states that have eliminated traditional oversight of telecommunications services and those states considering similar deregulation: critical communications services cannot be left without some kind of public oversight."

Read more of this story at Slashdot.

Smart Home Makers Hoard Your Data, But Won't Say If the Police Come For It

Slashdot - Your Rights Online - So, 2018-10-20 02:10
An anonymous reader quotes a report from TechCrunch: Thermostats know the temperature of your house, and smart cameras and sensors know when someone's walking around your home. Smart assistants know what you're asking for, and smart doorbells know who's coming and going. And thanks to the cloud, that data is available to you from anywhere -- you can check in on your pets from your phone or make sure your robot vacuum cleaned the house. Because the data is stored or accessible by the smart home tech makers, law enforcement and government agencies have increasingly sought out data from the companies to solve crimes. And device makers won't say if your smart home gadgets have been used to spy on you. We asked some of the most well-known smart home makers on the market if they plan on releasing a transparency report, or disclose the number of demands they receive for data from their smart home devices. For the most part, we received fairly dismal responses. Amazon did not respond to requests for comment, but a spokesperson for the company said last year that it would not reveal the figures for its Echo smart speakers. Facebook said that its transparency report section will include "any requests related to Portal," its new hardware screen with a camera and a microphone. A spokesperson for the company did not comment on if the company will break out the hardware figures separately. Google also declined to comment, but did point TechCruch to Nest's transparency report. Apple, the last of the big tech giants, said that there's no need to disclose its smart home figures because there would be nothing to report, adding that user requests made to HomePod are given a random identifier that cannot be tied to a person. TechCrunch also asked a number of smaller smart home players, like August, iRobot, Arlo, Ring, Honeywell, Canary, Samsung, and Ecobee.

Read more of this story at Slashdot.

3D Printers Have 'Fingerprints', a Discovery That Could Help Trace 3D-Printed Guns: Study

Slashdot - Your Rights Online - Pt, 2018-10-19 22:50
Like fingerprints, no 3D printer is exactly the same. That's the takeaway from a new University at Buffalo-led study that describes what's believed to be the first accurate method for tracing a 3D-printed object to the machine it came from. From the study: The advancement, which the research team calls "PrinTracker," could ultimately help law enforcement and intelligence agencies track the origin of 3D-printed guns, counterfeit products and other goods. "3D printing has many wonderful uses, but it's also a counterfeiter's dream. Even more concerning, it has the potential to make firearms more readily available to people who are not allowed to possess them," says the study's lead author Wenyao Xu, PhD, associate professor of computer science and engineering in UB's School of Engineering and Applied Sciences. [...] To understand the method, it's helpful to know how 3D printers work. Like a common inkjet printer, 3D printers move back-and-forth while "printing" an object. Instead of ink, a nozzle discharges a filament, such as plastic, in layers until a three-dimensional object forms. Each layer of a 3D-printed object contains tiny wrinkles -- usually measured in submillimeters -- called in-fill patterns. These patterns are supposed to be uniform. However, the printer's model type, filament, nozzle size and other factors cause slight imperfections in the patterns. The result is an object that does not match its design plan.

Read more of this story at Slashdot.

DHS Seized Aftermarket Apple Laptop Batteries From Independent Repair Expert

Slashdot - Your Rights Online - Pt, 2018-10-19 21:30
Louis Rossmann says US Customs and Border Patrol seized $1,000 worth of laptop batteries, claiming they were counterfeit. From a report: Earlier this year, Louis Rossmann, the highest-profile iPhone and Mac repair professional in the United States, told Motherboard that determining "the difference between counterfeiting and refurbishing is going to be the next big battle" between the independent repair profession and Apple. At the time, his friend and fellow independent repair pro, Jessa Jones, had just had a shipment of iPhone screens seized by Customs and Border Patrol. Rossmann was right: His repair parts were also just seized by the US government. Last month, US Customs and Border Protection (CBP) seized a package containing 20 Apple laptop batteries en route to Rossman's store in New York City. The laptop batteries were en route from China to Rossmann Repair Group -- a NYC based repair store that specializes in Apple products. "Apple and customs seized batteries to a computer that, at [the Apple Store], they no longer service because they claim it's vintage," Rossmann, the owner and operator of Rossmann Repair Group, said in a YouTube video. "They will not allow me to replace batteries, because when I import batteries that are original they'll tell me the they're counterfeit and have them stolen from by [CBP]." CBP seized the batteries on September 6, then notified Rossmann via a letter dated October 5. Rossmann produced the letter in its entirety in his video.

Read more of this story at Slashdot.

Justice Department Charges Russian Woman With Interference in Midterm Elections

Slashdot - Your Rights Online - Pt, 2018-10-19 20:50
The Justice Department on Friday charged a Russian woman for her role in a conspiracy to interfere with the 2018 U.S. election, marking the first criminal case prosecutors have brought against a foreign national for interfering in the upcoming midterms. From a report: Elena Khusyaynova, 44, was charged with conspiracy to defraud the United States. Prosecutors said she managed the finances of "Project Lakhta," a foreign influence operation they said was designed "to sow discord in the U.S. political system" by pushing arguments and misinformation online about a whole host of divisive political issues, including immigration, the Confederate flag, gun control, and the NFL national anthem protests. The charges against Khusyaynova came just as the Office of the Director of National Intelligence warned that it was concerned about "ongoing campaigns" by Russia, China and Iran to interfere with the upcoming Midterm elections and even the 2020 race -- an ominous warning that comes just weeks before voters head to the polls.

Read more of this story at Slashdot.

WikiLeaks Founder Julian Assange Sues Ecuador For 'Violating His Rights'

Slashdot - Your Rights Online - Pt, 2018-10-19 18:50
Julian Assange is suing Ecuador's government for violating his "fundamental rights and freedoms," despite the fact he is still being sheltered in the country's UK embassy. From a report: It comes after Ecuador cut off communications for Mr Assange, who has been living inside the country's London embassy for more than six years. Baltasar Garzon, a lawyer for WikiLeaks, has arrived in Ecuador to launch the case, which is expected to be heard next week in a domestic court. WikiLeaks claims Mr Assange's access to the outside world has been "summarily cut off" and says Ecuador has threatened to remove the protection he has had since being given political asylum. The site said Ecuador's government has refused to allow a visit by Human Rights Watch general counsel Dinah PoKempner and prevented several meetings with Mr Assange's lawyers. A statement said: "Ecuador's measures against Julian Assange have been widely condemned by the human rights community."

Read more of this story at Slashdot.

Is Repair As Important As Innovation?

Slashdot - Your Rights Online - Pt, 2018-10-19 15:00
An anonymous reader shares an excerpt from The Economist: Events about making new things are ten a penny. Less common are events about keeping things as good as new. Maintenance lacks the glamour of innovation. It is mostly noticed in its absence -- the tear in a shirt, the mould on a ceiling, the spluttering of an engine. Not long ago David Edgerton of Imperial College London, who also spoke at the festival, drove across the bridge in Genoa that collapsed in August, killing 43 people (pictured). 'We're encouraged to pride ourselves on all being innovators and entrepreneurs,' he said. Maintenance is often dismissed as mere drudgery. But in fact, as he pointed out, repairing things is often trickier than making them. It is also more difficult for economists to measure. The discipline's most prominent statistic, GDP, is gross (as opposed to net) because it leaves out the cost of wear and tear. To calculate these costs, statisticians must estimate the lifespan of a country's assets and make assumptions about the way they deteriorate. [...] And how much do economies spend fighting decay? No one knows, partly because most maintenance is performed in-house, not purchased on the market. The best numbers are collected by Canada, where firms spent 3.3% of GDP on repairs in 2016, more than twice as much as the country spends on research and development. In closing, the report mentions the tyrannies of the ancient East where people were forced to maintain fragile irrigation systems. "In those societies, to repair was to repress," the report says. "But some people today have the opposite concern. They see maintenance and repair as a right they are in danger of losing to companies that hoard spare parts and information too jealously."

Read more of this story at Slashdot.

Internet Provider Groups Sue Vermont Over Net Neutrality Law

Slashdot - Your Rights Online - Pt, 2018-10-19 02:03
An anonymous reader quotes a report from Reuters: Five industry groups representing major internet providers and cable companies filed suit on Thursday seeking to block a Vermont law barring companies that do not abide by net neutrality rules from receiving state contracts. The lawsuit was filed in U.S. District Court in Vermont by groups representing major providers like AT&T, Comcast and Verizon. It followed a lawsuit by four of the groups earlier this month challenging a much broader California law mandating providers abide by net neutrality rules. The trade associations are also challenging an executive order on the issue signed by Vermont Governor Phil Scott. The Vermont lawsuit was filed by the American Cable Association; CTIA -- The Wireless Association; NCTA -- The Internet & Television Association; USTelecom -- The Broadband Association and the New England Cable & Telecommunications Association. The lawsuit argues that states cannot regulate "indirectly through their spending, procurement, or other commercial powers what they are forbidden from regulating directly."

Read more of this story at Slashdot.

eBay Files Lawsuit Against Amazon Over 'Seller Recruitment'

Slashdot - Your Rights Online - Pt, 2018-10-19 00:00
An anonymous reader quotes a report from BBC: EBay has filed a lawsuit against Amazon, accusing the U.S. retail giant of using illegal tactics to recruit sellers. It says Amazon representatives abused eBay's internal email system to contact sellers -- a violation of the marketplace's policies. Amazon declined to comment on the case, which follows a letter from eBay demanding an end to the activity. It had previously said that it was investigating the claims. In the lawsuit filed in Santa Clara County, California, eBay says Amazon representatives created eBay accounts to solicit sellers, often sending messages within minutes of setting up their profiles. The activity dates back to at least 2015 and involved dozens of Amazon representatives, who each sent hundreds of emails, it says. EBay was alerted to the issue a few weeks ago by a seller and asked Amazon to stop.

Read more of this story at Slashdot.

US Announces Plans To Withdraw From 144-Year-Old Postal Treaty

Slashdot - Your Rights Online - Cz, 2018-10-18 15:00
JoeyRox writes: The Trump Administration announced today that it's intending to withdraw from the Universal Postal Union, an international postage rate system overseen by the United Nations. "The decision was borne out of frustration with discounts imposed by the Universal Postal Union (UPU) that allow China and some other nations to ship products into the U.S. at cheaper rates than American companies receive to ship domestically," reports The Hill. "The administration argues the system undercuts U.S. manufacturers and allows China to flood the market with cheap goods." The U.S. is hoping to renegotiate the rates, known as terminal dues, but was frustrated with opposition from other nations in the UPU. According to the report, "The withdrawal would not take effect for one year, allowing the U.S. some time to broker a new deal." "The 144-year-old UPU sets fees that postal services charge to deliver mail and packages from foreign carriers," reports The Hill. "For decades, developing nations have been allowed to pay lower rates than wealthier nations. China has fallen under the developing nation category, a designation the U.S. says it no longer deserves because of its booming economy." The Trump administration wants to move to a system of "self-declared rates" that would allow the U.S. Postal Service to set its own prices for shipping international packages of all sizes. As it stands, the P.O. is only allowed to use self-declared rates on packages exceeding 4.4 pounds.

Read more of this story at Slashdot.

The Future of the Cloud Depends On Magnetic Tape

Slashdot - Your Rights Online - Cz, 2018-10-18 05:30
An anonymous reader quotes a report from Bloomberg: Although the century-old technology has disappeared from most people's daily view, magnetic tape lives on as the preferred medium for safely archiving critical cloud data in case, say, a software bug deletes thousands of Gmail messages, or a natural disaster wipes out some hard drives. The world's electronic financial, health, and scientific records, collected on state-of-the-art cloud servers belonging to Amazon.com, Microsoft, Google, and others, are also typically recorded on tape around the same time they are created. Usually the companies keep one copy of each tape on-site, in a massive vault, and send a second copy to somebody like Iron Mountain. Unfortunately for the big tech companies, the number of tape manufacturers has shrunk over the past three years from six to just two -- Sony and Fujifilm -- and each seems to think that's still one too many. The Japanese companies have said the tape business is a mere rounding error as far as they're concerned, but each has spent millions of dollars arguing before the U.S. International Trade Commission to try to ban the other from importing tapes to America. [...] The tech industry worries that if Sony or Fujifilm knocks the other out of the U.S., the winner will hike prices, meaning higher costs for the big cloud providers; for old-line storage makers, including IBM, HPE, and Quantum; and, ultimately, for all those companies' customers. [...] Although Sony and Fujifilm have each assured the trade commission that they could fill the gap if their rival's products were shut out of the U.S., the need for storage continues to grow well beyond old conceptions. Construction is slated to begin as soon as next year on the Square Kilometer Array, a radio telescope with thousands of antennas in South Africa and Australia meant to detect signals emitted more than 13 billion years ago. It's been estimated the project could generate an exabyte (1 billion gigabytes) of raw data every day, the equivalent of 300 times the material in the U.S. Library of Congress and a huge storage headache all by itself.

Read more of this story at Slashdot.

Facebook Lured Advertisers By Inflating Ad-watch Times Up To 900 Percent

Slashdot - Your Rights Online - Cz, 2018-10-18 00:50
Zorro shares a report from The Mercury News: Not only did Facebook inflate ad-watching metrics by up to 900 percent (Warning: source may be paywalled, alternative source), it knew for more than a year that its average-viewership estimates were wrong and kept quiet about it, a new legal filing claims. A group of small advertisers suing the Menlo Park social media titan alleged in the filing that Facebook "induced" advertisers to buy video ads on its platform because advertisers believed Facebook users were watching video ads for longer than they actually were. That "unethical, unscrupulous" behavior by Facebook constituted fraud because it was "likely to deceive" advertisers, the filing alleged. The latest allegations arose out of a lawsuit that the advertisers filed against Mark Zuckerberg-led Facebook in federal court in 2016 over alleged inflation of ad-watching metrics. "Suggestions that we in any way tried to hide this issue from our partners are false," the company told The Wall Street Journal. "We told our customers about the error when we discovered it -- and updated our help center to explain the issue." "The plaintiffs are seeking class-action status to bring other advertisers into the legal action, plus unspecified damages," reports The Mercury News. "They also want the court to order a third-party audit of Facebook's video-ad metrics."

Read more of this story at Slashdot.

Apple Launches Portal For US Users To Download Their Data

Slashdot - Your Rights Online - Śr, 2018-10-17 23:30
An anonymous reader quotes a report from Bloomberg: Apple on Wednesday began allowing users in the U.S. to download a copy of all of the data that they have stored with the company from a single online portal. U.S. users will be able to download data such as all of their address book contacts, calendar appointments, music streaming preferences and details about past Apple product repairs. Previously, customers could get their data by contacting Apple directly. In May, when Apple first launched the online privacy portal, it only allowed U.S. users to either correct their data or delete their Apple accounts.

Read more of this story at Slashdot.

Seattle Startup Vets Takes on Google with Helm, a New $499 Personal Email Server

Slashdot - Your Rights Online - Śr, 2018-10-17 18:53
A Seattle-area startup is aiming to take on giants such as Google and change the way we do email with a new physical personal email server. From a report: Helm today unveiled its $499 device that lets consumers send and receive email from their own domain, in addition to saving contacts and calendar events. It's a bold bet that aims to provide comfort at a time when privacy and security issues related to personal data hosted by big tech companies in the cloud are top of mind. The idea comes from Giri Sreenivas and Dirk Sigurdson, two entrepreneurs who already sold a security startup and raised a $4 million seed round from top venture capital firms last year. The device is about the size of a router and looks like an upside-down book placed on a table. It connects to a home network and pairs with a mobile app that lets users create their own domain name, passwords, and recovery keys. Helm support standard protocols and works with regular email clients such as Outlook or the Mail app, with encryption protecting connection between the device and the apps.

Read more of this story at Slashdot.

Australian Federal Court Grants Publisher of GTA V Game Right To Search Homes of Five People Accused of Making Cheat Software

Slashdot - Your Rights Online - Śr, 2018-10-17 16:05
The publisher of video game Grand Theft Auto V has been granted the right to search the homes of five people accused of making cheat software. From a report: The court order allowed Rockstar Games and its parent company, Take-Two Interactive, to search two properties in Melbourne, Australia, for evidence related to a cheat known as Infamous. The Australian federal court has also frozen the assets of the five, who have not yet filed a defence. The cheat went offline six months ago. It allowed players who paid about $40 to manipulate the gaming environment, generate virtual currency and use a "god mode" feature that makes players invincible.

Read more of this story at Slashdot.

'Do Not Track,' the Privacy Tool Used By Millions of People, Doesn't Do Anything

Slashdot - Your Rights Online - Śr, 2018-10-17 05:30
An anonymous reader quotes a report from Gizmodo: When you go into the privacy settings on your browser, there's a little option there to turn on the "Do Not Track" function, which will send an invisible request on your behalf to all the websites you visit telling them not to track you. A reasonable person might think that enabling it will stop a porn site from keeping track of what she watches, or keep Facebook from collecting the addresses of all the places she visits on the internet, or prevent third-party trackers she's never heard of from following her from site to site. According to a recent survey by Forrester Research, a quarter of American adults use "Do Not Track" to protect their privacy. (Our own stats at Gizmodo Media Group show that 9% of visitors have it turned on.) We've got bad news for those millions of privacy-minded people, though: "Do Not Track" is like spray-on sunscreen, a product that makes you feel safe while doing little to actually protect you. Yahoo and Twitter initially said they would respect it, only to later abandon it. The most popular sites on the internet, from Google and Facebook to Pornhub and xHamster, never honored it in the first place. Facebook says that while it doesn't respect DNT, it does "provide multiple ways for people to control how we use their data for advertising." (That is of course only true so far as it goes, as there's some data about themselves users can't access.) From the department of irony, Google's Chrome browser offers users the ability to turn off tracking, but Google itself doesn't honor the request, a fact Google added to its support page some time in the last year. [...] "It is, in many respects, a failed experiment," said Jonathan Mayer, an assistant computer science professor at Princeton University. "There's a question of whether it's time to declare failure, move on, and withdraw the feature from web browsers." That's a big deal coming from Mayer: He spent four years of his life helping to bring Do Not Track into existence in the first place. Only a handful of sites actually respect the request -- the most prominent of which are Pinterest and Medium (Pinterest won't use offsite data to target ads to a visitor who's elected not to be tracked, while Medium won't send their data to third parties.)

Read more of this story at Slashdot.

Chrome 70 Arrives With Option To Disable Linked Sign-Ins, PWAs On Windows, and AV1 Decoder

Slashdot - Your Rights Online - Śr, 2018-10-17 02:30
Krystalo quotes a report from VentureBeat: Google today launched Chrome 70 for Windows, Mac, and Linux. The release includes an option to disable linking Google site and Chrome sign-ins, Progressive Web Apps on Windows, the ability for users to restrict extensions' access to a custom list of sites, an AV1 decoder, and plenty more. You can update to the latest version now using Chrome's built-in updater or download it directly from google.com/chrome. An anonymous Slashdot reader adds: "The most anticipated addition to today's release is a new Chrome setting panel option that allows users to control how the browser behaves when they log into a Google account," reports ZDNet. "Google added this new setting after the company was accused last month of secretly logging users into their Chrome browser accounts whenever they logged into a Google website." Chrome 70 also comes with support for the AV1 video format, TLS 1.3 final, per-site Chrome extension permissions, TouchID and fingerprint sensor authentication, the Shape Detection API (gives Chrome the ability to detect and identify faces, barcodes, and text inside images or webcam feeds), and, last but not least, 23 security fixes.

Read more of this story at Slashdot.

Amazon Worker Pushes Bezos To Stop Selling Facial Recognition Tech To Police

Slashdot - Your Rights Online - Śr, 2018-10-17 00:30
An anonymous reader quotes a report from The Hill: An Amazon employee is seeking to put new pressure on the company to stop selling its facial recognition technology to law enforcement. An anonymous worker, whose employment at Amazon was verified by Medium, published an op-ed on that platform on Tuesday criticizing the company's facial recognition work and urging the company to respond to an open letter delivered by a group of employees. The employee wrote that the government has used surveillance tools in a way that disproportionately hurts "communities of color, immigrants, and people exercising their First Amendment rights." "Ignoring these urgent concerns while deploying powerful technologies to government and law enforcement agencies is dangerous and irresponsible," the person wrote. "That's why we were disappointed when Teresa Carlson, vice president of the worldwide public sector of Amazon Web Services, recently said that Amazon 'unwaveringly supports' law enforcement, defense, and intelligence customers, even if we don't 'know everything they're actually utilizing the tool for.'" The op-ed comes one day after Amazon CEO Jeff Bezos defended technology companies working with the federal government on matters of defense during Wired's ongoing summit in San Francisco. "If big tech companies are going to turn their back on the U.S. Department of Defense, this country is going to be in trouble," Bezos said on Monday.

Read more of this story at Slashdot.