aggregator

Trump Administration Tells Supreme Court To Wipe Out Decision Upholding Net Neutrality

Slashdot - Your Rights Online - So, 2018-08-04 01:00
Repealing net neutrality wasn't enough for the Trump administration. Today, the administration asked the U.S. Supreme Court to vacate a 2016 appeal court ruling that had upheld Obama era net neutrality rules that barred ISPs from blocking, throttling, or prioritizing content. Reuters reports: The request was made even though the Federal Communications Commission voted along party lines to toss out the 2015 rules late last year, rendering the fight over their legality moot. In a filing to the Supreme Court, the Trump administration said the question for the court was "whether the now-superseded 2015 order was invalid because it exceeded the FCC's statutory authority, was arbitrary and capricious, was promulgated without adequate public notice, or violated the First Amendment."

Read more of this story at Slashdot.

FCC Sides With Google Fiber Over Comcast With New Pro-Competition Rule

Slashdot - Your Rights Online - Pt, 2018-08-03 22:20
An anonymous reader quotes a report from Ars Technica: The Federal Communications Commission today approved new rules that could let Google Fiber and other new [ISPs] gain faster access to utility poles. The FCC's One Touch Make Ready (OTMR) rules will let companies attach wires to utility poles without waiting for the other users of the pole to move their own wires. Google Fiber says its deployment has stalled in multiple cities because Comcast and AT&T take a long time to get poles ready for new attachers. One Touch Make Ready rules let new attachers make all of the necessary wire adjustments themselves. Comcast urged the FCC to "reject 'one-touch make-ready' proposals, which inure solely to the benefit of new entrants while unnecessarily risking harm to existing attachers and their customers." FCC Chairman Ajit Pai rejected this argument, saying that startups are unnecessarily delayed when they have to wait for incumbent ISPs before hanging wires. Here's what Pai had to say: "For a competitive entrant, especially a small company, breaking into the market can be hard, if not impossible, if your business plan relies on other entities to make room for you on those poles. Today, a broadband provider that wants to attach fiber or other equipment to a pole first must wait for, and pay for, each existing attacher to sequentially move existing equipment and wires. This can take months, and the bill for multiple truck rolls adds up. For companies of any size, pole-attachment problems represent one of the biggest barriers to broadband deployment."

Read more of this story at Slashdot.

GE Engineer With Ties To China Accused of Stealing Power Plant Technology

Slashdot - Your Rights Online - Pt, 2018-08-03 20:20
An anonymous reader quotes a report from TheStreet: General Electric stock was little changed on Friday, August 3, as a GE engineer with ties to China who has been accused of stealing proprietary power-turbine technology has been released on bond. Xiaoqing Zheng, 56, has been in custody since Wednesday when the FBI raided his home in Niskayuna, New York, near Albany. A federal judge on Thursday set a $100,000 bond; Zheng offered his family's home as collateral and was released on Friday. He was ordered to wear an electronic monitoring device and limit his travel, according to multiple media reports. Zheng, who is a U.S. citizen, was hired by GE in 2008 to work as a principal engineer for the company's power division, according to an affidavit by an FBI agent filed in federal court in Albany. Zheng is "suspected of taking/stealing, on multiple occasions via sophisticated means, data files from GE's laboratories that contain GE's trade secret information involving turbine technology," the FBI said in its affidavit. He also took "elaborate means" to conceal the removal of GE data files. "The primary focus of this affidavit is Zheng's action in 2018 in which he encrypted GE data files containing trade secret information, and thereafter sent the trade secret information from his GE work computer to Zheng's personal e-mail address hidden in the binary code of a digital photograph via a process known as steganography," the FBI said. "Additionally, the secondary focus of this affidavit is Zheng's actions in 2014 in which he downloaded more than 19,000 files from GE's computer network onto an external storage device, believed by GE investigators to have been a personal thumb drive." Zheng's attorney disputed the allegations, saying Zheng "transmitted information on his own patents to himself and to no one else."

Read more of this story at Slashdot.

How Criminals Recruit Telecom Employees To Help Them Hijack SIM Cards

Slashdot - Your Rights Online - Pt, 2018-08-03 18:18
An anonymous reader writes: Sources who work for some of America's major cellphone carriers tell us how criminals are trying to recruit them to get help hacking victims. Normally, criminals approach them online, offering to pay them in Bitcoin (the equivalent of $100 for example). In exchange, the employee has to log into a company portal and process a so-called SIM swap. From the report: How criminals find the employees in the first place can vary. Some SIM hijackers I spoke to told me they approach them through shared friends in real life, others told me they just comb LinkedIn, Reddit or social media sites. AT&T and Sprint did not respond to requests for comment about whether or not it had any knowledge of insiders helping criminals. A T-Mobile spokesperson said in a statement that the company is "aware of these ongoing and ever-changing attempts to take advantage of consumers across the wireless industry and we'll keep fighting to ensure our customers' safety." A Verizon spokesperson said the company doesn't share details of internal security processes or investigations, but the company "has systems in place that work to detect employee/vendor misconduct."

Read more of this story at Slashdot.

Easier Streaming Services Put Dent in Illegal Downloading

Slashdot - Your Rights Online - Pt, 2018-08-03 16:40
Music piracy is falling out of favour as streaming services become more widespread, new figures show. From a report: One in 10 people in the UK use illegal downloads, down from 18% in 2013, according to YouGov's Music Report. The trend looks set to continue -- with 22% of those who get their music illegitimately saying they do not expect to be doing so in five years. "It is now easier to stream music than to pirate it," said one survey participant. Another respondent said: "Spotify has everything from new releases to old songs, it filled the vacuum, there was no longer a need for using unverified sources."

Read more of this story at Slashdot.

Browser Firm That Required Users To Confirm Their Real Life Identity Shut Down After Its Employees Were Threatened

Slashdot - Your Rights Online - Cz, 2018-08-02 20:35
New submitter nleskovic shares a report: When Authenticated Reality launched last year, it seemed that the company had struck gold in terms of market demand and fit. The Austin-based startup had developed a Web browser that would require users to prove they are who they say they are. Users would have to sign up for an account -- scanning their driver's license and taking a photo -- in order to download the browser, which would sit "on top" of the Internet, said Chris Ciabarra, Authenticated Reality's co-founder, in an interview last year. "Everybody knows who everybody is," he said. So, when Facebook announced this week that its site was, once again, home to inauthentic pages and accounts designed to influence the outcome of the upcoming midterm Congressional elections, I contacted Ciabarra to find out how the company was doing. But, he said Wednesday that he had shut down the startup just a month after its debut. He said people who had heard about Authenticated Reality from media reports were visiting the firm's offices in California and threatening employees. (The addresses were listed on the website.) "It was getting kind of scary," he told me. "They were thinking we were taking their freedom away because they had to sign up using a driver's license. They thought we were trying to follow them."

Read more of this story at Slashdot.

White House Proposal Rolls Back Fuel Economy Standards, No Exception For California

Slashdot - Your Rights Online - Cz, 2018-08-02 19:50
The Trump administration has proposed a rollback of Obama-era fuel efficiency and emissions standards, while simultaneously taking aim at California's unique ability to set more stringent rules. From a report: Under the Obama administration, the Environmental Protection Agency called for the fuel economy standards for new vehicles to ratchet up over time. The increasingly strict standards were designed to combat climate change by reducing greenhouse gas emissions. On Thursday, the EPA and the National Highway Traffic Safety Administration released a new proposed rule that would instead freeze the standards at their 2020 levels for six years. "Cars and trucks are just part of the basic fiber of the American economy and the American experience, so we take what we're doing very, very seriously," Bill Wehrum, EPA assistant administrator, told reporters on Thursday. The agencies say that increasing fuel efficiency requirements contributes to an increase in the cost of new cars and trucks, which may discourage consumers from buying new vehicles. Because newer vehicles have advanced safety features, the administration argues, increasing fuel economy requirements therefore harms highway safety, as well as having economic effects.

Read more of this story at Slashdot.

Congress Passes Bill Forcing Tech Companies To Disclose Foreign Software Probes

Slashdot - Your Rights Online - Cz, 2018-08-02 15:00
An anonymous reader quotes a report from Reuters: The U.S. Congress is sending President Donald Trump legislation that would force technology companies to disclose if they allowed countries like China and Russia to examine the inner workings of software sold to the U.S. military. Companies would be required to address any security risks posed by the foreign source code reviews to the satisfaction of the Pentagon, or lose the contract. The legislation also creates a database, searchable by other government agencies, of which software was examined by foreign states that the Pentagon considers a cyber security risk. It makes the database available to public records requests, an unusual step for a system likely to include proprietary company secrets. The final version of the bill was approved by the Senate in a 87-10 vote on Wednesday after passing the House last week. The spending bill is expected to be signed into law by Trump.

Read more of this story at Slashdot.

Top Genetic Testing Firms Promise Not To Share Data Without Consent

Slashdot - Your Rights Online - Cz, 2018-08-02 09:00
Ancestry, 23andMe and several other top genetic testing companies pledged on Tuesday not to share users' DNA data with others without consent. "Under the new guidelines, the companies said they would obtain consumers "separate express consent" before turning over their individual genetic information to businesses and other third parties, including insurers," reports The Washington Post. "They also said they would disclose the number of law-enforcement requests they receive each year." From the report: The new commitments come roughly three months after local investigators used a DNA-comparison service to track down a man police believed to be the Golden State Killer, who allegedly raped and killed dozens of women in California in the 1970s and 1980s. Investigators identified the suspect using a decades-old DNA sample obtained from the crime scene, which they uploaded to GEDmatch, a crowdsourced database of roughly a million distinct DNA sets shared by volunteers. Investigators said they did not need a court order before using GEDmatch, sparking fresh fears that users' biological data might be too easy to access -- and could end up in the wrong hands -- without additional regulation on the fast-growing, already popular industry.

Read more of this story at Slashdot.

Inspector General Says NSA Still Hasn't Implemented Its Post-Snowden Internal Security Measures

Slashdot - Your Rights Online - Cz, 2018-08-02 05:30
An anonymous reader quotes a report form Techdirt: In the immediate aftermath of an NSA contractor springing numerous leaks back in 2013, the NSA vowed this would never happen again. It has happened again and it hasn't just been documents. It's also been software exploits, which contributed to a worldwide plague of ransomware. The NSA was going to make sure no one could just walk out of work with thousands of sensitive documents. It laid out a plan to exercise greater control over access and fail safe procedures meant to keep free-spirited Snowdens in check. The NSA is the world's most powerful surveillance agency. It is also a sizable bureaucracy. Over the past half-decade, the NSA has talked tough about tighter internal controls. But talk is cheap -- at least labor-wise. Actual implementation takes dedication and commitment. The NSA just doesn't have that in it, according to a recent Inspector General's report: "The nation's cyber spy agency is suffering from substantial cyber vulnerabilities, according to a first-of-its-kind unclassified audit overview from the agency's inspector general released Wednesday. Those vulnerabilities include computer system security plans that are inaccurate or incomplete, removable media that aren't properly scanned for viruses, and an inadequate process for tracking the job duties of National Security Agency cyber defenders to ensure they're qualified for the highest-level work they do, according to the overview."

Read more of this story at Slashdot.

Canada's Ontario Government Ends Basic Income Project

Slashdot - Your Rights Online - Cz, 2018-08-02 04:05
Lisa MacLeod, Progressive Conservative member and Children, Community and Social Services Minister of the Legislative Assembly of Ontario, said Tuesday that she would end the city's basic income pilot project, calling it expensive and "clearly not the answer for Ontario families." Few details are available as to how the project will come to an end, but MacLeod said her government will end the program "ethically" for anyone who is currently enrolled. Slashdot reader kenh shares an excerpt from a CBC.ca report: Close to 4,000 people were enrolled in the basic income pilot program in Thunder Bay, Lindsay, Hamilton, Brantford and Brant County. The pilot project started in April 2017. It was originally set to last three years, and explore the effectiveness of providing a basic income to those living on low incomes -- whether they were working or not. Under the project, a single person could have received up to about $17,000 a year, minus half of any income he or she earned. "A couple could have received up to $24,000 per year." People with disabilities could have received an additional $6,000.

Read more of this story at Slashdot.

Google Categorically Refuses To Remove the Pirate Bay's Homepage

Slashdot - Your Rights Online - Cz, 2018-08-02 02:03
An anonymous reader quotes a report from TorrentFreak: This year alone, at least 15 separate takedown notices ask Google to remove ThePirateBay.org from its index. Most of these are sent by the reporting agency Digimarc, on behalf of book publishers such as Penguin Random House, Kensington Publishing, and Recorded Books. This year alone, at least 15 separate takedown notices ask Google to remove ThePirateBay.org from its index. Most of these are sent by the reporting agency Digimarc, on behalf of book publishers such as Penguin Random House, Kensington Publishing, and Recorded Books. Over the years, The Pirate Bay's homepage has been targeted more than 70 times. While there's no shortage of reports, TPB's homepage is still in Google's index. Since TPB's homepage is not infringing, Google categorically refuses to remove it from its search results. While the site itself has been downranked, due to the high number of takedown requests Google receives for it, ThePirateBay.org remains listed. Google did remove The Pirate Bay's homepage in the past, by accident, but that was swiftly corrected. "Google received a (Digital Millennium Copyright Act) take-down request that erroneously listed Thepiratebay.org, and as a result, this URL was accidentally removed from the Google search index," Google said at the time. "We are now correcting the removal, and you can expect to see Thepiratebay.org back in Google search results this afternoon," the company added.

Read more of this story at Slashdot.

US Indicts Ukrainian Hackers Who Stole Millions of Credit and Debit Card Numbers

Slashdot - Your Rights Online - Śr, 2018-08-01 21:20
Three Ukrainians associated with the hacking group FIN7 have been arrested in Europe in connection with hacks of more than 100 U.S. companies that led to tens of millions of dollars in losses, Reuters reported Wednesday, citing U.S. officials and court documents. From the report: Fin7 has been linked to breaches affecting hotels bearing the name of U.S. President Donald Trump, Whole Foods, Chipotle, Saks Fifth Avenue and Lord & Taylor, according to cyber security firm Trend Micro. The suspects, Fedir Hladyr, Dmytro Fedorov and Andrii Kolpakov, were arrested in Europe between January and June of this year, the Justice Department said on Wednesday. Hladyr is in U.S. custody and U.S. authorities are seeking extradition of the other two, the department said. The three were arrested in connection with computer hacks to steal customer payment card data and other information from more than 100 U.S. companies, the department said.

Read more of this story at Slashdot.

A Hacker Broke Into a Few of Reddit's Systems and Managed To Access Some User Data, Company Says

Slashdot - Your Rights Online - Śr, 2018-08-01 19:30
A hacker broke into a few of Reddit's systems and managed to access some user data, including some current email addresses and a 2007 database backup containing old salted and hashed passwords, Reddit said Wednesday. From the announcement: Since then we've been conducting a painstaking investigation to figure out just what was accessed, and to improve our systems and processes to prevent this from happening again. Reddit says the incident occurred between June 14 and June 18 when the hacker "compromised a few of our employees' accounts with our cloud and source code hosting providers." Interestingly, even as Reddit employees maintain 2FA on their accounts, the attacker managed to get access to their data. "We learned that SMS-based authentication is not nearly as secure as we would hope, and the main attack was via SMS intercept," the company said. The company says it has a reason to believe the attacker had access to the following data: All Reddit data from 2007 and before including account credentials and email addresses. What was accessed: A complete copy of an old database backup containing very early Reddit user data -- from the site's launch in 2005 through May 2007. In Reddit's first years it had many fewer features, so the most significant data contained in this backup are account credentials (username + salted hashed passwords), email addresses, and all content (mostly public, but also private messages) from way back then. How to tell if your information was included: We are sending a message to affected users and resetting passwords on accounts where the credentials might still be valid. If you signed up for Reddit after 2007, you're clear here.

Read more of this story at Slashdot.

Call Me, Comrade: The Surprise Rise of North Korean Smartphones

Slashdot - Your Rights Online - Śr, 2018-08-01 17:20
Tia Han, reporting for NK News: 2018 marks the tenth year that cellphones have been legally available in North Korea. The number of users has been growing significantly since then, but overall use remains low: according to the country's state-run Sogwang outlet in January, more than 3.5 million -- out of a population of 25 million -- have mobile subscriptions. "We started providing the 3G service in December 2008, so this year marks the 10th year of the service," Han Jong Nye, from the Arirang Information and Technology Center in Future Scientist Street in Pyongyang, was quoted as having said in Sogwang in January. "The demand for mobile phones is growing larger and larger." [...] North Korean mobile users cannot access the worldwide internet, of course: use is limited to the country's state-run intranet. Reports suggest various kinds of applications are now accessible for mobile users -- from games to shopping -- several state-run North Korean outlets have reported on their recent technological development, often with a great deal of emphasis on their local origins. State media suggests that North Koreans are playing games, reading books, listening to music, doing karaoke, learning to cook, and even increasing crop output on their smartphones. [...] Since the majority of smartphone users do not have an access to the internet, according to one expert, users have to go to a technology service center where technicians install apps to their cell phone. "Most mobile users do not have data service even if they buy a smartphone, so they have to be happy with pre-loaded apps such as games and dictionaries," Yonho Kim, a non-resident fellow at Korea Economic Institute, told NK News.

Read more of this story at Slashdot.

Microsoft Launches Pilot Program To Provide Cybersecurity Protection To Political Campaigns and Election Authorities

Slashdot - Your Rights Online - Śr, 2018-08-01 16:40
An anonymous reader shares a report: Microsoft has launched a pilot program aimed at providing cybersecurity protection for political campaigns and election authorities. The pilot program -- named AccountGuard -- was launched at the end of July, Bleeping Computer has learned, and was set in motion for the 2018 US midterm elections. According to the pilot's website, AccountGuard "provides additional security and threat monitoring for Microsoft accounts belonging to participating US campaigns, political committees, campaign tech vendors, and their staff, who are likely to be at a higher risk in the lead up to elections." Microsoft is now running a website where participants in the 2018 US midterm elections can sign up for this increased protection. According to the portal, participation is offered on a non-partisan basis and is by invitation only. Users from the following organizations are eligible to participate: (1) US-based political campaigns (2) US-based political committees (3) Select campaign technology vendors (4) Select individuals may also participate, if invited by eligible campaigns and affiliated organizations Last month, Microsoft said they had detected and helped block hacking attempts -- the first known example of cyber interference in the midterm elections -- against three congressional candidates this year. On Tuesday, Facebook said it was blocking more than two dozen pages that it believed were part of an ongoing political influence campaign.

Read more of this story at Slashdot.

Google Plans To Launch Censored Search Engine In China, Leaked Documents Reveal

Slashdot - Your Rights Online - Śr, 2018-08-01 16:00
Google is planning to launch a censored version of its search engine in China that will blacklist websites and search terms about human rights, democracy, religion, and peaceful protest, The Intercept reported Wednesday, citing leaked documents and people familiar with the matter. From the report: The project -- code-named Dragonfly -- has been underway since spring of last year, and accelerated following a December 2017 meeting between Google's CEO Sundar Pichai and a top Chinese government official, according to internal Google documents and people familiar with the plans. Teams of programmers and engineers at Google have created a custom Android app, different versions of which have been named "Maotai" and "Longfei." The app has already been demonstrated to the Chinese government; the finalized version could be launched in the next six to nine months, pending approval from Chinese officials. The planned move represents a dramatic shift in Google's policy on China and will mark the first time in almost a decade that the internet giant has operated its search engine in the country. Google's search service cannot currently be accessed by most internet users in China because it is blocked by the country's so-called Great Firewall. The app Google is building for China will comply with the country's strict censorship laws, restricting access to content that Xi Jinping's Communist Party regime deems unfavorable. [...] When a person carries out a search, banned websites will be removed from the first page of results, and a disclaimer will be displayed stating that "some results may have been removed due to statutory requirements." Examples cited in the documents of websites that will be subject to the censorship include those of British news broadcaster BBC and the online encyclopedia Wikipedia.

Read more of this story at Slashdot.

Judge Blocks Release of Blueprints For 3D-Printed Guns

Slashdot - Your Rights Online - Śr, 2018-08-01 04:10
U.S. District Judge Robert Lasnik issued a temporary restraining order Tuesday to stop the release of blueprints to make untraceable and undetectable 3D-printed plastic guns, saying they could end up in the wrong hands. Defense Distributed reached a settlement with the federal government in late June allowing them to freely publish the 3D files. NBC News reports: "There is a possibility of irreparable harm because of the way these guns can be made," he said. Congressional Democrats have urged President Donald Trump to reverse the decision to let Defense Distributed publish the plans. Trump said Tuesday that he's "looking into" the idea, saying making 3D plastic guns available to the public "doesn't seem to make much sense!" Eight Democratic attorneys general had filed a lawsuit Monday seeking to block the federal government's settlement with Defense Distributed. They also sought the restraining order, arguing the 3D guns would be a safety risk. Earlier today, Senate Democrats introduced two bills addressing 3D-printed guns. The first bill would make it illegal to publish 3D-printed gun blueprints. The second bill would require weapons to include at least one metal component with a serial number to make them traceable. Downloads of the 3D-printed gun blueprints have been suspended until Cody Wilson [the owner of Defense Distributed] reviews Lasnik's order. It is unclear how many times the blueprints were downloaded, but some news outlets say the online manuals have been downloaded thousands of times and posted elsewhere online.

Read more of this story at Slashdot.

Facebook Shuts Off Access To User Data For Hundreds of Thousands of Apps

Slashdot - Your Rights Online - Śr, 2018-08-01 02:03
In a blog post, Facebook said that it's shutting off access to its application programming interface for hundreds of thousands of inactive apps. This interface is what lets app developers access user data. The Verge reports: The company had set an August 1st deadline back in May, during its F8 developer conference, for developers and businesses to re-submit apps to an internal review, a process that involves signing new contracts around user data collection and verifying one's authenticity. The goal is to ensure third-party software on Facebook was in line with the company's data privacy rules and new restrictions put in place in the wake of the Cambridge Analytica scandal, in which a third-party developer siphoned user data and sold it to another firm in violation of Facebook's terms of service. Now, after it identified numerous apps that were either inactive or from developers who had not submitted the software for review, Facebook is cutting off those apps' access to its Platform API.

Read more of this story at Slashdot.

DHS Forms New Cyber Hub To Protect Critical US Infrastructure

Slashdot - Your Rights Online - Wt, 2018-07-31 22:04
The Department of Homeland Security announced on Tuesday the creation of a new center aimed at guarding the nation's banks, energy companies and other industries from major cyberattacks that could cripple critical infrastructure. From a report: The launch of the National Risk Management Center was unveiled by DHS Secretary Kirstjen Nielsen at a government-hosted cyber summit in New York City, at which Vice President Mike Pence and several other cabinet secretaries are expected to speak. In prepared remarks, Ms. Nielsen said that cyber threats now posed a greater threat to the country than physical attacks. DHS was founded 15 years ago to prevent another Sept. 11, 2001, Ms. Nielsen said, but "today I believe the next major attack is more likely to reach us online than on an airplane." The center's creation was motivated by a growing recognition in government that sophisticated cyberattacks, particularly those deployed by foreign adversaries, can not only harm a company or industry but can cause systemic failure across society, Chris Krebs, DHS's top cyber official, said in an interview.

Read more of this story at Slashdot.