aggregator

Credit Karma Glitch Exposed Users To Other People's Accounts

Slashdot - Your Rights Online - Cz, 2019-08-15 01:30
Users of credit monitoring site Credit Karma have took to Reddit and Twitter to complain that they were served other people's account information when they logged in. TechCrunch has confirmed several screenshots that show other people's accounts, including details about their credit card accounts and their current balance. When contacted, a Credit Karma spokesperson said these users "experienced a technical malfunction that has now been fixed," and that there's "no evidence of a data breach." The company didn't say for how long customers were experiencing issues. TechCrunch reports: One user told TechCrunch that after they were served another person's full credit report, they messaged the user on LinkedIn "to let him know his data was compromised." Another user told us this: "The reports are split into two sections: Credit Factors -- things like number of accounts, inquiries, utilization; and Credit Reports -- personal information like name, address, etc.. The Credit Reports section was my own information, but the Credit Factors section definitely wasn't. It listed four credit card accounts (I have more like 20 on my report), a missed payment (I'm 100% on time with payments), a Honda auto loan (never had one with Honda), student loan financing (mine are paid off and too old to appear on my report), and cards with an issuer that I have no relationship with (Discover)." Another user who was affected said they could read another person's Credit Factors -- including derogatory credit marks -- but that the Credit Report tab with that user's personal information, like names and addresses, was blank. One user said that the login page was pulled offline for a brief period. "We'll be right back," the login page read instead.

Read more of this story at Slashdot.

Capital One Hacker Stole 'Terabytes' of Data From More Than 30 Companies, Court Docs Reveal

Slashdot - Your Rights Online - Śr, 2019-08-14 19:23
Paige A. Thompson, the hacker accused of breaching US bank Capital One, is also believed to have stolen data from more than 30 other companies, US prosecutors said in new court documents filed today and obtained by ZDNet. From the report: "The government's investigation over the last two weeks has revealed that Thompson's theft of Capital One's data was only one part of her criminal conduct," US officials said in a memorandum for extending Thompson's detention period. "The servers seized from Thompson's bedroom during the search of Thompson's residence, include not only data stolen from Capital One, but also multiple terabytes of data stolen by Thompson from more than 30 other companies, educational institutions, and other entities." US prosecutors said the "data varies significantly in both type and amount," but, based on currently available information, "much of the data appears not to be data containing personal identifying information."

Read more of this story at Slashdot.

Major Breach Found in Biometrics System Used By Banks, UK Police and Defence Firms

Slashdot - Your Rights Online - Śr, 2019-08-14 18:42
The fingerprints of over 1 million people, as well as facial recognition information, unencrypted usernames and passwords, and personal information of employees, was discovered on a publicly accessible database for a company used by the likes of the UK Metropolitan police, defence contractors and banks, The Guardian reported Wednesday. From the report: Suprema is the security company responsible for the web-based Biostar 2 biometrics lock system that allows centralised control for access to secure facilities like warehouses or office buildings. Biostar 2 uses fingerprints and facial recognition as part of its means of identifying people attempting to gain access to buildings. Last month, Suprema announced its Biostar 2 platform was integrated into another access control system -- AEOS. AEOS is used by 5,700 organisations in 83 countries, including governments, banks and the UK Metropolitan police. The Israeli security researchers Noam Rotem and Ran Locar working with vpnmentor, a service that reviews virtual private network services, have been running a side project to scans ports looking for familiar IP blocks, and then use these blocks to find holes in companies' systems that could potentially lead to data breaches. In a search last week, the researchers found Biostar 2's database was unprotected and mostly unencrypted. They were able to search the database by manipulating the URL search criteria in Elasticsearch to gain access to data.

Read more of this story at Slashdot.

Huawei Technicians Helped African Governments Spy on Political Opponents

Slashdot - Your Rights Online - Śr, 2019-08-14 18:02
phalse phace writes: A WSJ investigation appears to have uncovered multiple instances where the African governments in Uganda and Zambia, with the help of Huawei technicians, used Huawei's communications equipment to spy on and censor political opponents and its citizens. From the report, writes phalse phace: Huawei Technologies dominates African markets, where it has sold security tools that governments use for digital surveillance and censorship. But Huawei employees have provided other services, not disclosed publicly. Technicians from the Chinese powerhouse have, in at least two cases, personally helped African governments spy on their political opponents, including intercepting their encrypted communications and social media, and using cell data to track their whereabouts, according to senior security officials working directly with the Huawei employees in these countries. It should be noted that while the findings "show how Huawei employees have used the company's technology and other companies' products to support the domestic spying of those governments," the investigation didn't turn up evidence of spying by or on behalf of Beijing in Africa. Nor did it find that Huawei executives in China knew of, directed or approved the activities described. It also didn't find that there was something particular about the technology in Huawei's network that made such activities possible. Details of the operations, however, offer evidence that Huawei employees played a direct role in government efforts to intercept the private communications of opponents.

Read more of this story at Slashdot.

FBI Seeks To Monitor Facebook, Oversee Mass Social Media Data Collection

Slashdot - Your Rights Online - Śr, 2019-08-14 12:00
The FBI is planning to aggressively harvest information from Facebook and Twitter. Citing the The Wall Street Journal, ZDNet reports that the FBI "has recently sought proposals from third-party vendors for technological solutions able to harvest publicly-available information in bulk from Facebook, Twitter, and other social media outlets." From the report: The law enforcement agency says the data collected will be used "to proactively identify and reactively monitor threats to the United States and its interests." Law enforcement has requested the means to "obtain the full social media profile of persons-of-interest and their affiliation to any organization or groups," to keep track of users based on their neighborhood, and keyword searches, among other tool functions. Vendors have until August 27 to submit their proposals. While the FBI believes that such tools can work in harmony with privacy safeguards and civil liberties, the mass collection of names, photos, and IDs -- when combined with information from other sources -- may do just the opposite.

Read more of this story at Slashdot.

FAA Bans Recalled MacBook Pros From Flights

Slashdot - Your Rights Online - Śr, 2019-08-14 04:02
The U.S. Federal Aviation Administration has banned select MacBook Pro laptops on flights after Apple recently said that some units had batteries that posed a fire risk. In a statement, the FAA said it was "aware of the recalled batteries that are used in some Apple MacBook Pro laptops" and stated that it alerted major U.S. airlines about the recall. Bloomberg reports: The watchdog also reminded airlines to follow 2016 safety instructions for goods with recalled batteries, which means that the affected Apple laptops should not be taken on flights as cargo or in carry-on baggage by passengers. The Apple laptops in question are some 15-inch MacBook Pros sold between September 2015 and February 2017. Apple issued the recall in June, saying it had "determined that, in a limited number of older generation 15-inch MacBook Pro units, the battery may overheat and pose a fire safety risk." This week, four airlines with cargo operations managed by Total Cargo Expertise -- TUI Group Airlines, Thomas Cook Airlines, Air Italy, and Air Transat -- implemented a ban, barring the laptops from being brought onto the carriers' planes as cargo, according to an internal notice obtained by Bloomberg News. A spokesperson for TUI Group Airlines said airport staff and flight attendants will start making announcements about these MacBook Pros at the gate and before takeoff. Laptops that have replaced batteries won't be impacted, the spokesperson said. The company also posted a notice on its website banning the recalled computers on board, in both cargo and passenger areas of its planes. It's unclear what efforts will, if any, be made at U.S. airports.

Read more of this story at Slashdot.

Researcher Makes Legit-Looking iPhone Lightning Cables That Will Hijack Your Computer

Slashdot - Your Rights Online - Śr, 2019-08-14 02:45
A researcher known as MG has modified Lightning cables with extra components to let him remotely connect to the computers that the cables are connected to. "It looks like a legitimate cable and works just like one. Not even your computer will notice a difference. Until I, as an attacker, wirelessly take control of the cable," MG said. Motherboard reports: One idea is to take this malicious tool, dubbed O.MG Cable, and swap it for a target's legitimate one. MG suggested you may even give the malicious version as a gift to the target -- the cables even come with some of the correct little pieces of packaging holding them together. MG typed in the IP address of the fake cable on his own phone's browser, and was presented with a list of options, such as opening a terminal on my Mac. From here, a hacker can run all sorts of tools on the victim's computer. The cable comes with various payloads, or scripts and commands that an attacker can run on the victim's machine. A hacker can also remotely "kill" the USB implant, hopefully hiding some evidence of its use or existence. MG made the cables by hand, painstakingly modifying real Apple cables to include the implant. "In the end, I was able to create 100 percent of the implant in my kitchen and then integrate it into a cable. And these prototypes at Def con were mostly done the same way," he said. MG did point to other researchers who worked on the implant and graphical user interface. He is selling the cables for $200 each.

Read more of this story at Slashdot.

Websites Can Discriminate Against You Even If You Don't Use Them, California Supreme Court Rules

Slashdot - Your Rights Online - Śr, 2019-08-14 01:20
Nearly four years ago, a lone bankruptcy lawyer sued Square, the payment processor run by Twitter CEO Jack Dorsey, challenging the app's terms of use -- despite never signing up. As of yesterday, the case will proceed, thanks to an opinion issued by the California Supreme Court that could have wide-reaching implications for online businesses. Gizmodo reports: The first thing you need to know is that, for whatever reason, Square's Prohibited Goods and Services policies include "bankruptcy attorneys or collection agencies," which you'll recall is plaintiff Robert White's line of work. California, where this case was tried and where a plurality of online services are headquartered, is also home to a state law -- the Unruh Civil Rights Act -- which provides broad protections against discrimination of many kinds, including occupation. But the question remained as to whether White needed to have entered into an agreement with Square (by agreeing to the terms of service) in order to have experienced said discrimination barring his "full and equal access" to the service. For the time being at least: no. "In general, a person suffers discrimination under the Act when the person presents himself or herself to a business with an intent to use its services but encounters an exclusionary policy or practice that prevents him or her from using those services," Justice Goodwin Liu wrote in court's unanimous opinion. "We conclude that this rule applies to online businesses and that visiting a website with intent to use its services is, for purposes of standing, equivalent to presenting oneself for services at a brick-and-mortar store." The Supreme Court noted that the merits of White's case -- beyond his having standing -- were outside its purview, and that "mere awareness of a business's discriminatory policy or practice is not enough for standing under the Act," but that "entering into an agreement with the business is not required."

Read more of this story at Slashdot.

Amazon's Facial Recognition Misidentified 1 in 5 California Lawmakers as Criminals

Slashdot - Your Rights Online - Śr, 2019-08-14 00:05
The ACLU tested Rekognition, Amazon's facial recognition technology, on photographs of California lawmakers. It matched 26 of them to mugshots. From a report: In a recent test of Amazon's facial recognition software, the American Civil Liberties Union of Northern California revealed that it mistook 26 California lawmakers as people arrested for crimes. The ACLU used Rekognition, Amazon's facial recognition software, to evaluate 120 photos of lawmakers against a database of 25,000 arrest photos, ACLU attorney Matt Cagle said at a press conference on Tuesday. One in five lawmaker photographs were falsely matched to mugshots, exposing the frailties of an emerging technology widely adopted by law enforcement. The ACLU used the default Rekognition settings, which match identity at 80 percent confidence, Cagle said. Assembly member Phil Ting was among those whose picture was falsely matched to an arrest photo. He's also an active advocate for limiting facial recognition technology: in February, he introduced a bill, co-sponsored by the ACLU, that bans the use of facial recognition and other biometric surveillance on police-worn body cameras.

Read more of this story at Slashdot.

$3 Million Fortnite Winner Becomes Latest Swatting Target

Slashdot - Your Rights Online - Wt, 2019-08-13 23:20
An anonymous reader quotes a report from Ars Technica: Kotaku reports that Kyle "Bugha" Giersdorf was streaming a Fortnite game late Sunday when he abruptly left his desk and abandoned the game with the livestream still running. The cause? His father coming to tell him that armed police were at the front door. Fortunately, Bugha returned unharmed to the stream several minutes later. "That was definitely a new one," he can be heard saying on a recording of the stream. "I got swatted." The comparatively quick and peaceful resolution of the issue was in part due to sheer good luck. "I was lucky because the one officer, yeah, he lives in our neighborhood," Bugha explained on the stream. Bugha won $3 million for his first-place finish in the first-ever Fortnite World Cup in July and even appeared on The Tonight Show to talk about his win with host Jimmy Fallon. He is also all of 16 years old, and so a threat against him also involved his parents, whose personal information may have been easy to find. "Swatting" occurs when someone places a hoax emergency call to a police department, hoping to mobilize an emergency response (i.e., a SWAT team) to the victim's home. Bugha was lucky in that the officers who responded to his address were of a mood to ask questions first. Not all swatting victims are so lucky. In 2017, a Kansas man named Andrew Finch was killed during a swatting event even though he was not the intended target. The man behind the hoax call was sentenced to 20 years in prison earlier this year for his role in Finch's death.

Read more of this story at Slashdot.

Facebook Paid Contractors To Transcribe Users' Audio Chats

Slashdot - Your Rights Online - Wt, 2019-08-13 22:01
Facebook has been paying hundreds of outside contractors to transcribe clips of audio from users of its services, Bloomberg reported Tuesday, citing people with knowledge of the work. From the report: The work has rattled the contract employees, who are not told where the audio was recorded or how it was obtained -- only to transcribe it, said the people, who requested anonymity for fear of losing their jobs. They're hearing Facebook users' conversations, sometimes with vulgar content, but do not know why Facebook needs them transcribed, the people said. Facebook confirmed that it had been transcribing users' audio and said it will no longer do so, following scrutiny into other companies. "Much like Apple and Google, we paused human review of audio more than a week ago," the company said Tuesday. The company said the users who were affected chose the option in Facebook's Messenger app to have their voice chats transcribed. The contractors were checking whether Facebook's artificial intelligence correctly interpreted the messages, which were anonymized. [...] The social networking giant, which just completed a $5 billion settlement with the U.S. Federal Trade Commission after a probe of its privacy practices, has long denied that it collects audio from users to inform ads or help determine what people see in their news feeds.

Read more of this story at Slashdot.

Ring Told People To Snitch On Their Neighbors In Exchange For Free Stuff

Slashdot - Your Rights Online - Wt, 2019-08-13 02:12
popcornfan679 shares a report from Motherboard: Ring, Amazon's home security company, has encouraged people to form their own "Digital Neighborhood Watch" groups that report crime in exchange for free or discounted Ring products, according to an internal company slide presentation obtained by Motherboard. The slide presentation -- which is titled "Digital Neighborhood Watch" and was created in 2017, according to Ring -- tells people that if they set up these groups, report all suspicious activity to police, and post endorsements of Ring products on social media, then they can get discount codes for Ring products and unspecified Ring "swag." A Ring spokesperson said the program described in the slide presentation was rolled out in 2017, before Ring was acquired by Amazon. They said it was discontinued that same year. "This particular idea was not rolled out widely and was discontinued in 2017," Ring said. "We will continue to invent, iterate, and innovate on behalf of our neighbors while aligning with our three pillars of customer privacy, security, and user control." "Some of these ideas become official programs, and many others never make it past the testing phase," Ring continued, adding that the company "is always exploring new ideas and initiatives."

Read more of this story at Slashdot.

Almost Half of Employees Have Access To More Data Than They Need

Slashdot - Your Rights Online - Pn, 2019-08-12 23:35
A new study of over 700 full-time US employees reveals that that 48 percent of employees have access to more company data than they need to perform their jobs, while 12 percent of employees say they have access to all company data. From a report: The survey by business app marketplace GetApp also asked employees what classifications of data protection are in place at their company. No more than a third of businesses were found to use any one individual data classification. The lowest in use are Proprietary (15 percent) and Highly Confidential (18 percent). The most commonly used are Confidential -- 33 percent of businesses use this classification, Internal -- 30 percent, Public -- 29 percent and Restricted/Sensitive -- 25 percent.

Read more of this story at Slashdot.

US Significantly Weakens Endangered Species Act

Slashdot - Your Rights Online - Pn, 2019-08-12 22:10
The Trump administration on Monday announced that it would change the way the Endangered Species Act is applied, significantly weakening the nation's bedrock conservation law credited with rescuing the bald eagle [Editor's note: the link may be paywalled; alternative source], the grizzly bear and the American alligator from extinction. From a report: The changes will make it harder to consider the effects of climate change on wildlife when deciding whether a given species warrants protection. They would most likely shrink critical habitats and, for the first time, would allow economic assessments to be conducted when making determinations. The rules also make it easier to remove a species from the endangered species list and weaken protections for threatened species, a designation that means they are at risk of becoming endangered. Overall, the new rules would very likely clear the way for new mining, oil and gas drilling, and development in areas where protected species live. Interior Secretary David Bernhardt said the changes would modernize the Endangered Species Act and increase transparency in its application. "The act's effectiveness rests on clear, consistent and efficient implementation," he said in a statement Monday. Commerce Secretary Wilbur Ross said in a statement the revisions "fit squarely within the president's mandate of easing the regulatory burden on the American public, without sacrificing our species' protection and recovery goals." The new rules are expected to appear in the Federal Register this week and will go into effect 30 days after that.

Read more of this story at Slashdot.

Amazon Ring Alert Leads To Capture of 'Extremely Dangerous' Escaped Convict

Slashdot - Your Rights Online - Pn, 2019-08-12 00:51
ABC News describes how Amazon's surveillance doorbell cameras today led to the capture of an "extremely dangerous" inmate: Homicide suspect Curtis Watson, 44, escaped from work detail on a tractor at the West Tennessee State Penitentiary in Henning, Tennessee, about 50 miles northeast of Memphis, on Wednesday. The tractor was later found about a mile away from the prison. Around 3:30 a.m. Sunday morning, police received a tip from Henning residents Harvey and Anne Taylor that they believed they had video surveillance of Watson outside their home, Tennessee Bureau of Investigation Director David Rausch told reporters in a news conference. The couple was woken up by an alarm from their Ring video doorbell system that alerted them someone was in their backyard, Harvey Taylor said. When they pulled up the screen, they saw a man looking in the refrigerator in their carport, but couldn't see his face. Once Watson closed the refrigerator door, Ann Taylor recognized Watson from his beard, and the couple called 911... Within 30 minutes of receiving the Taylors' call, law enforcement officers from multiple agencies descended on the area, "which then kept it contained and controlled from that point forward," Rausch said.

Read more of this story at Slashdot.

Facial Recognition Deployed on Children at Hundreds of US Summer Camps

Slashdot - Your Rights Online - N, 2019-08-11 20:34
The Washington Post describes a parent whose phone "rings 10 times a day with notifications from the summer camp's facial-recognition service, which alerts him whenever one of his girls is photographed enjoying their newfound independence." Cory Doctorow reports: You can also call your kid if you think they look unhappy or if you are unsatisfied with them in any way and nag them. So kids mob photographers with big, fake smiles and beg to be photographed so their parents won't harass them. The companies have "privacy policies" that grossly overreach, giving them perpetual licenses to distribute all the photos they take forever, for any purpose. They claim to have super-secure data-centers, but won't describe what makes them so sure their data centers are more secure than, say, the NSA's, Equifax, or any of the other "super secure" data centers that have been breached and dumped in recent memory. And while parents enjoy all this looking at their kids while they're away in theory, they also report a kind of free-floating anxiety because they know just enough about their kids' lives at camp to worry, but not enough to assuage their worries. One overseer of two camps tells the Post that more concerned parents call her in two hours than used to call in an entire month. One company adds that their service is now being used by over 160,000 parents -- and for children as young as six. At least one camp takes over 1,000 photos each day -- scanning each one with facial recognition technology -- and the Post reports that facial-recognition technology has now already been deployed at "hundreds" of summer camps all across the United States.

Read more of this story at Slashdot.

DARPA Hopes To Develop an AI Tool That Can Detect Deepfakes

Slashdot - Your Rights Online - N, 2019-08-11 17:34
America's Defense Department "is looking to build tools that can quickly detect deepfakes and other manipulated media amid the growing threat of 'large-scale, automated disinformation attacks,'" reports Nextgov: The Defense Advanced Research Projects Agency on Tuesday announced it would host a proposers day for an upcoming initiative focused on curbing the spread of malicious deepfakes, shockingly realistic but forged images, audio and videos generated by artificial intelligence. Under the Semantic Forensics program, or SemaFor, researchers aim to help computers use common sense and logical reasoning to detect manipulated media. As global adversaries enhance their technological capabilities, deepfakes and other advanced disinformation tactics are becoming a top concern for the national security community... Industry has started developing tech that use statistical methods to determine if a video or image has been manipulated, but existing tools "are quickly becoming insufficient" as manipulation techniques continue to advance, according to DARPA. "Detection techniques that rely on statistical fingerprints can often be fooled with limited additional resources," officials said in a post on FedBizOpps... Beyond simply detecting errors, officials also want the tools to attribute the media to different groups and determine whether the content was manipulated for nefarious purposes. Using that information, the tech would flag posts for human review. "A comprehensive suite of semantic inconsistency detectors would dramatically increase the burden on media falsifiers, requiring the creators of falsified media to get every semantic detail correct, while defenders only need to find one, or a very few, inconsistencies," DARPA officials said. But that's easier said than done. Today, even the most advanced machine intelligence platforms have a tough time understanding the world beyond their training data.

Read more of this story at Slashdot.

Antitrust Issues? Amazon Pressured Sellers Offering Cheaper Prices on Walmart.com

Slashdot - Your Rights Online - N, 2019-08-11 09:34
"Amazon's determination to offer shoppers the best deals is prompting merchants selling products on its marketplace to raise their prices on competing websites," reports Bloomberg: Amazon constantly scans rivals' prices to see if they're lower. When it discovers a product is cheaper on, say, Walmart.com, Amazon alerts the company selling the item and then makes the product harder to find and buy on its own marketplace -- effectively penalizing the merchant. In many cases, the merchant opts to raise the price on the rival site rather than risk losing sales on Amazon. Pricing alerts reviewed by Bloomberg show Amazon doesn't explicitly tell sellers to raise prices on other sites, and the goal may be to push them to lower their prices on Amazon. But in interviews, merchants say they're so hemmed in by rising costs levied by Amazon and reliant on sales on its marketplace, that they're more likely to raise their prices elsewhere. Antitrust experts say the Amazon policy is likely to attract scrutiny from Congress and the Federal Trade Commission, which recently took over jurisdiction of the Seattle-based company. An analyst specializing in antitrust litigation tells Bloomberg that the policy "could end up being considered illegal conduct because people who prefer to shop on Walmart end up having to pay a higher price."

Read more of this story at Slashdot.

Should Some Sites Be Liable For The Content They Host?

Slashdot - Your Rights Online - N, 2019-08-11 03:34
America's lawmakers are scrutinizing the blanket protections in Section 230 of the Communications Decency Act, which lets online companies moderate their own sites without incurring legal liability for everything they host. schwit1 shared this article from the New York Times: Last month, Senator Ted Cruz, Republican of Texas, said in a hearing about Google and censorship that the law was "a subsidy, a perk" for big tech that may need to be reconsidered. In an April interview, Speaker Nancy Pelosi of California called Section 230 a "gift" to tech companies "that could be removed." "There is definitely more attention being paid to Section 230 than at any time in its history," said Jeff Kosseff, a cybersecurity law professor at the United States Naval Academy and the author of a book about the law, The Twenty-Six Words That Created the Internet .... Mr. Wyden, now a senator [and a co-author of the original bill], said the law had been written to provide "a sword and a shield" for internet companies. The shield is the liability protection for user content, but the sword was meant to allow companies to keep out "offensive materials." However, he said firms had not done enough to keep "slime" off their sites. In an interview with The New York Times, Mr. Wyden said he had recently told tech workers at a conference on content moderation that if "you don't use the sword, there are going to be people coming for your shield." There is also a concern that the law's immunity is too sweeping. Websites trading in revenge pornography, hate speech or personal information to harass people online receive the same immunity as sites like Wikipedia. "It gives immunity to people who do not earn it and are not worthy of it," said Danielle Keats Citron, a law professor at Boston University who has written extensively about the statute. The first blow came last year with the signing of a law that creates an exception in Section 230 for websites that knowingly assist, facilitate or support sex trafficking. Critics of the new law said it opened the door to create other exceptions and would ultimately render Section 230 meaningless. The article notes that while lawmakers from both parties are challenging the protections, "they disagree on why," with Republicans complaining that the law has only protected some free speech while still leaving conservative voices open to censorship on major platforms. The Times also notes that when Wyden co-authored the original bill in 1996, Google didn't exist yet, and Mark Zuckerberg was 11 years old.

Read more of this story at Slashdot.

Judges Begin Ruling Against Some Porn Purveyors' Use of Copyright Lawsuits

Slashdot - Your Rights Online - So, 2019-08-10 23:34
Slashdot reader pgmrdlm quotes Bloomberg: Pornography producers and sellers account for the lion's share of copyright-infringement lawsuits in the U.S. -- and judges may have seen enough. The courts are cracking down on porn vendors that file thousands of lawsuits against people for downloading and trading racy films on home computers, using tactics a judge called a "high tech shakedown." [Alternate link here.] In one case, two men were jailed in a scheme that netted $6 million in settlements. The pornography companies have "a business model that seeks to profit from litigation and threats of litigation rather than profiting from creative works," said Mitch Stoltz, a senior attorney with the Electronic Frontier Foundation, a San Francisco group that has waged a campaign against companies it thinks abuse the copyright system. Two companies that make and sell porn are responsible for almost half of the 3,404 copyright lawsuits filed in the U.S. in the first seven months of this year, according to an analysis by Bloomberg Law's Tommy Shen... The companies say they are protecting their movies from piracy and infringement under U.S. copyright law, as major movie studios have done for decades, and suggest that the content of their films is the reason for the wrath of the judges. But some of the tactics used in their infringement suits to identify targets and force settlements have critics -- and some jurists -- up in arms and may require congressional actions to fix. The suits don't initially name names. They identify the Internet Protocol addresses using peer-to-peer networks like BitTorrent to download or distribute the movies and then file suits against âoeJohn Doesâ and ask the courts to order internet service providers, like Verizon Communications Inc. or Comcast Corp., to identify the account subscribers. Those people are then contacted by the porn company lawyers. One lawyer notes that the lawsuits target users in wealthier areas, reports Bloomberg, which adds that in December one district judge even refused to grant the request for identities, ruling that the porn company "treats this court not as a citadel of justice, but as an ATM." And last month a federal judge cited that ruling when refusing to enter a judgment in another case.

Read more of this story at Slashdot.