aggregator

Comey, Who Investigated Hillary Clinton For Using Personal Email For Official Business, Used His Personal Email For Official Business

Slashdot - Your Rights Online - Cz, 2018-06-14 22:06
An anonymous reader shares a report: Former FBI Director James Comey, who led the investigation into Hillary Clinton's use of personal email while secretary of state, also used his personal email to conduct official business, according to a report from the Justice Department on Thursday. The report also found that while Comey was "insubordinate" in his handling of the email investigation, political bias did not play a role in the FBI's decision to clear Clinton of any criminal wrongdoing. The report from the office of the inspector general "identified numerous instances in which Comey used a personal email account (a Gmail account) to conduct FBI business." In three of the five examples, investigators said Comey sent drafts he had written from his FBI email to his personal account. In one instance, he sent a "proposed post-election message for all FBI employees that was entitled 'Midyear thoughts,'" the report states. In another instance, Comey again "sent multiple drafts of a proposed year-end message to FBI employees" from his FBI account to his personal email account.

Read more of this story at Slashdot.

Cops Are Confident iPhone Hackers Have Found a Workaround to Apple's New Security Feature

Slashdot - Your Rights Online - Cz, 2018-06-14 21:22
Joseph Cox, and Lorenzo Franceschi-Bicchierai, reporting for Motherboard: Apple confirmed to The New York Times Wednesday it was going to introduce a new security feature, first reported by Motherboard. USB Restricted Mode, as the new feature is called, essentially turns the iPhone's lightning cable port into a charge-only interface if someone hasn't unlocked the device with its passcode within the last hour, meaning phone forensic tools shouldn't be able to unlock phones. Naturally, this feature has sent waves throughout the mobile phone forensics and law enforcement communities, as accessing iPhones may now be substantially harder, with investigators having to rush a seized phone to an unlocking device as quickly as possible. That includes GrayKey, a relatively new and increasingly popular iPhone cracking tool. But forensics experts suggest that Grayshift, the company behind the tech, is not giving up yet. "Grayshift has gone to great lengths to future proof their technology and stated that they have already defeated this security feature in the beta build. Additionally, the GrayKey has built in future capabilities that will begin to be leveraged as time goes on,' a June email from a forensic expert who planned to meet with Grayshift, and seen by Motherboard, reads, although it is unclear from the email itself how much of this may be marketing bluff. "They seem very confident in their staying power for the future right now," the email adds. A second person, responding to the first email, said that Grayshift addressed USB Restricted Mode in a webinar several weeks ago.

Read more of this story at Slashdot.

Nearly Half the Patents on Marine Genes Belong To Just One Company

Slashdot - Your Rights Online - Cz, 2018-06-14 13:34
A creature as majestic as a whale, you might think, should have no owner. Yet it turns out that certain snippets of the DNA that makes a sperm whale a sperm whale are actually the subjects of patents -- meaning that private entities have exclusive rights to their use for research and development. From a report: The same goes for countless other marine species. And new research shows that a single German chemical company owns 47 percent of patented marine gene sequences. A just-published paper in Science Advances finds that 862 separate species of marine life have genetic patents associated with them. "It's everything from microorganisms to fish species," says lead author Robert Blasiak, a conservation researcher at the University of Stockholm who was shocked to find out how many genetic sequences in the ocean were patented. "Even iconic species" -- like plankton, manta rays, and yes, sperm whales. Of some 13,000 genetic sequences targeted by patents, nearly half are the intellectual property of a company called Baden Aniline and Soda Factory (BASF).

Read more of this story at Slashdot.

Uber Seeks Patent For AI That Determines Whether Passengers Are Drunk

Slashdot - Your Rights Online - Cz, 2018-06-14 09:00
In an effort to "reduce undesired consequences," Uber is seeking a patent that would use artificial intelligence to separate sober passengers from drunk ones. The pending application details a technology that would be used to spot "uncharacteristic user activity," including passenger location, number of typos entered into the mobile app, and even the angle the smartphone is being held. CNET reports: Uber said it had no immediate plans to implement the technology described in the proposed patent, pointing out the application was filed in 2016. "We are always exploring ways that our technology can help improve the Uber experience for riders and drivers," a spokesperson said. "We file patent applications on many ideas, but not all of them actually become products or features."

Read more of this story at Slashdot.

China's Surveillance State Will Soon Track Cars

Slashdot - Your Rights Online - Cz, 2018-06-14 03:05
China is establishing an electronic identification system to track cars nationwide, according to a report on WSJ, which cites records and people briefed on the matter. From a report: Under the plan being rolled out July 1, a radio-frequency identification chip for vehicle tracking will be installed on cars when they are registered. Compliance will be voluntary this year but will be made mandatory for new vehicles at the start of 2019, the people said. Authorities have described the plan as a means to improve public security and to help ease worsening traffic congestion, documents show, a major concern in many Chinese cities partly because clogged roads contribute to air pollution. But such a system, implemented in the world's biggest automotive market, with sales of nearly 30 million vehicles a year, will also vastly expand China's surveillance network, experts say. That network already includes widespread use of security cameras, facial recognition technology and internet monitoring.

Read more of this story at Slashdot.

Turkey Bans Periscope

Slashdot - Your Rights Online - Cz, 2018-06-14 00:00
stikves writes: According to online reports, a recent court order has banned Periscope across Turkey. The cited reason is the alleged violation of copyrights of a local company named "Periskop." This adds to the list of online services no longer available in Turkey, including Wikipedia, PayPal and WordPress, among others. While access from Turkey to the domain periscope.tv and to the Twitter account "periscopeco" is banned, users can still access Periscope services under the name Scope TR and Twitter account "scopetr." Lawyers from Twitter, Apple and Google requested rejection of the case, "saying it was impossible for a company like Twitter, operating in the U.S., to be aware of the existence of the same brand name in Turkey," reports Stockholm Center for Freedom.

Read more of this story at Slashdot.

Spanish Soccer League App In Google Play Wants To Use Phone Mics To Enforce Copyrights

Slashdot - Your Rights Online - Śr, 2018-06-13 22:40
The official app for the Spanish soccer league La Liga, which has more than 10 million downloads from Google Play, was recently updated to seek access to users' microphone and GPS settings. "When granted, the app processes audio snippets in an attempt to identify public venues that broadcast soccer games without a license," reports Ars Technica. From the report: According to a statement issued by La Liga officials, the functionality was added last Friday and is enabled only after users click "eyes" to an Android dialog asking if the app can access the mic and geolocation of the device. The statement says the audio is used solely to identify establishments that broadcast games without a license and that the app takes special precautions to prevent it from spying on end users. [La Liga's full statement with the "appropriate technical measures to protect the user's privacy" is embedded in Ars' report.] [E]ven if the app uses a cryptographic hash or some other means to ensure that stored or transmitted audio fragments can't be abused by company insiders or hackers (a major hypothetical), there are reasons users should reject this permission. For one, allowing an app to collect the IP address, unique app ID, binary representation of audio, and the time that the audio was converted could provide a fair amount of information over time about a user. For another, end users frequenting local bars and restaurants shouldn't be put in the position of policing the copyrights of sports leagues, particularly with an app that uses processed audio from their omnipresent phone.

Read more of this story at Slashdot.

Britain's Dixons Carphone Discovers Data Breach Affecting 5.9 Million Payment Cards

Slashdot - Your Rights Online - Śr, 2018-06-13 21:20
Mark Wilson shares a report from BetaNews: Another week, another cyberattack. This time around, it's the Dixons Carphone group which says it has fallen victim to not one but two major breaches. The bank card details of 5.9 million customers have been accessed by hackers in the first breach. In the second, the personal records of 1.2 million people have been exposed. Dixons Carphone says that it is investigating an attack on its card processing system at Currys PC World and Dixons Travel in which there was an attempt to compromise 5.9 million cards. The company stressed that the vast majority -- 5.8 million -- of these cards were protected by chip and PIN, and that the data accessed did not include PINS, CVVs or any other authentication data that could be used to make payments or identify the card owners. The report goes on to mention that 105,000 non-EU issued payment cards, which were not chip and PIN protected, were also affected. The company says it will be contacting those customers affected by the breaches.

Read more of this story at Slashdot.

UK Watchdog Issues $334K Fine For Yahoo's 2014 Data Breach

Slashdot - Your Rights Online - Śr, 2018-06-13 02:03
An anonymous reader quotes a report from The Register: Yahoo's U.K. limb has finally been handed a $334,300 (250,000 GBP) fine for the 2014 cyber attack that exposed data of half a million Brit users. Today, the Information Commissioner's Office issued Yahoo U.K. Services Ltd a $334,300 (250,000 GBP) fine following an investigation that focused on the 515,121 U.K. accounts that the London-based branch of the firm had responsibility for. The ICO said "systemic failures" had put user data at risk as the U.K. arm of Yahoo did not take appropriate technical and organizational measures to prevent a data breach of this size. In particular, the watchdog said there should have been proper monitoring systems in place to protect the credentials of Yahoo employees who could access customer's data, and to ensure that instructions to transfer very large quantities of personal data from Yahoo's servers would be flagged for investigation. It also noted that, as a data controller, Yahoo U.K. services Ltd had a responsibility to ensure its processors -- in this case Yahoo, whose U.S. servers held the data on U.K. users -- complied with data protection standards.

Read more of this story at Slashdot.

Apple Tries To Stop Developers Sharing Data On Users' Friends

Slashdot - Your Rights Online - Śr, 2018-06-13 01:20
Apple has updated its App Store guidelines to close a loophole that let app makers store and share data without many people's consent. The practice has "been employed for years," reports Bloomberg. "Developers ask users for access to their phone contacts, then use it for marketing and sometimes share or sell the information -- without permission from the other people listed on those digital address books." From the report: As Apple's annual developer conference got underway on June 4, the Cupertino, California-based company made many new pronouncements on stage, including new controls that limit tracking of web browsing. But the phone maker didn't publicly mention updated App Store Review Guidelines that now bar developers from making databases of address book information they gather from iPhone users. Sharing and selling that database with third parties is also now forbidden. And an app can't get a user's contact list, say it's being used for one thing, and then use it for something else -- unless the developer gets consent again. Anyone caught breaking the rules may be banned. While Apple is acting now, the company can't go back and retrieve the data that may have been shared so far. After giving permission to a developer, an iPhone user can go into their settings and turn off apps' contacts permissions. That turns off the data faucet, but doesn't return information already gathered.

Read more of this story at Slashdot.

Spanish Football League Defends Phone 'Spying'

Slashdot - Your Rights Online - Wt, 2018-06-12 20:08
An anonymous reader shares a report: Spanish football league La Liga has defended the privacy policy of its app after admitting it was accessing the microphone and GPS of Android users. It said it had been trying to track down venues illegally broadcasting matches, by matching audio data and phone location. The app, downloaded more than 10 million times on the Google Play Store, has been criticised by fans. La Liga said it wanted to "protect clubs and their fans from fraud." The broadcasting of football matches in public places without a paid licence cost the game an estimated 150 million euros ($177m) a year, it said. The new function was enabled on Friday, 8 June.

Read more of this story at Slashdot.

Vietnam Lawmakers Approve Cyber Law Clamping Down on Tech Firms, Dissent

Slashdot - Your Rights Online - Wt, 2018-06-12 16:50
Vietnamese legislators approved a cybersecurity law on Tuesday that tightens control of the internet and global tech companies operating in the Communist-led country, raising fears of economic harm and a further crackdown on dissent. From a report: The cyber law, which takes effect on Jan. 1, 2019, requires Facebook, Google and other global technology firms to store locally "important" personal data on users in Vietnam and open offices there. The vote in the National Assembly came a day after lawmakers delayed a decision on another controversial bill that had sparked violent protests in parts of the country on the weekend. Thousands of demonstrators in cities and provinces had denounced a plan to create new economic zones for foreign investment that has fueled anti-Chinese sentiment. Some protesters had also derided the cybersecurity bill, which experts and activists say could cause economic harm and stifle online dissent.

Read more of this story at Slashdot.

Facebook Offers Nearly 500 Pages of Answers To Congress' Questions From Zuckerberg's Testimony

Slashdot - Your Rights Online - Wt, 2018-06-12 15:00
An anonymous reader quotes a report from The Washington Post: Facebook pledged to continue refining its privacy practices and investigating its entanglement with Cambridge Analytica in nearly 500 pages of new information supplied to Congress and published Monday (Warning: source may be paywalled; alternative source) -- though the social giant sidestepped some of lawmakers' most critical queries. Much as it did during the hearing, Facebook told lawmakers on the Senate Judiciary Committee and the Senate Commerce Committee that it is reviewing all apps available on its platform that had access to large queries of data, a process that already has resulted in 200 suspensions. Facebook did acknowledge that its consultants embedded in 2016 presidential campaigns, including President Trump's team, "did not identify any issues involving the improper use of Facebook data in the course of their interactions with Cambridge Analytica." In another exchange, Facebook said it had provided "technical support and best practices guidance to advertisers, including Cambridge Analytica, on using Facebook's advertising tools." Facebook also pointed to new tools meant to address its privacy practices, including a feature called Clear History, which "will enable people to see the websites and apps that send us information when they use them, delete this information from their accounts, and turn off our ability to store it associated with their accounts going forward," the company said. The social network did continue to sidestep many of the lawmakers' questions and concerns. The Washington Post provides a couple examples: "Delaware Sen. Christopher A. Coons (Del.), for example, probed whether Facebook had ever learned of any application developer 'transferring or selling user data without user consent' and in violation of Facebook's policies. In response, Facebook only committed in writing that it would 'investigate all apps that it had access to large amounts of data.'" Facebook also didn't address Democratic Sen. Patrick J. Leahy's concerns. He asked Facebook to detail if the Obama campaign in 2012 had violated "any of Facebook's policies, and thereby get banned from the platform." Facebook said: "Both the Obama and Romney campaigns had access to the same tools, and no campaign received any special treatment from Facebook." You can view the nearly 500 pages of new information here.

Read more of this story at Slashdot.

Inventor Says Google Is Patenting His Public Domain Work

Slashdot - Your Rights Online - Wt, 2018-06-12 04:10
Rob Riggs writes: Jarek Duda, the inventor of a compression technique called asymmetric numeral systems (ANS), dedicated the invention to the public domain. Since 2014, Facebook, Apple, and Google have all created software based on his breakthrough. Google is now trying to patent a video encoding scheme using the compression technique. The inventor is fighting Google in the European courts and has won a preliminary ruling. The fight's not over and Google is also seeking a patent with the USPTO. A Google spokesperson says Duda came up with a theoretical concept that isn't directly patentable, "while Google's lawyers are seeking to patent a specific application of that theory that reflects additional work by Google's engineers," reports Ars Technica. "But Duda says he suggested the exact technique Google is trying to patent in a 2014 email exchange with Google engineers."

Read more of this story at Slashdot.

Sweden Tries To Halt Its March To Total Cashlessness

Slashdot - Your Rights Online - Wt, 2018-06-12 02:50
An anonymous reader quotes a report from Bloomberg: A key committee of Swedish lawmakers wants to force the country's biggest banks to handle cash in an effort to halt the nation's march toward complete cashlessness. Parliament's Riksbank committee, which is in the process of reviewing the central bank law, proposed making it mandatory for banks to offer cash withdrawals and handle daily receipts. The requirement would apply to banks that provide checking accounts and have more than 70 billion kronor ($8 billion) in deposits from the Swedish public, according to a report. The lawmakers said there needs to be "reasonable access to those services in all of Sweden," and that 99 percent of Swedes should have a maximum distance of 25 kilometers (16 miles) to the nearest cash withdrawal. The requirement doesn't state how banks should offer those services, and lenders can choose whether to use a third party, machines or over-the-counter services. The move is a response to Sweden's rapid transformation as it becomes one of the most cashless societies in the world. That's led to concerns that some people are finding it increasingly difficult to cope without access to mobile phones or bank cards. There are also fears around what would happen if the digital payments systems suddenly crashed.

Read more of this story at Slashdot.

Police Departments Are Training Dogs To Sniff Out Thumb Drives

Slashdot - Your Rights Online - Wt, 2018-06-12 01:30
A CNET report provides some insight on an elite K-9 search class that trains dogs to sniff out electronics, including phones, hard drives and microSD cards smaller than your thumb. From the report: Only one out of every 50 dogs tested qualifies to become an electronic storage detection, or ESD, dog, says Kerry Halligan, a K-9 instructor with the Connecticut State Police. That's because it's a lot harder to detect the telltale chemical in electronics than it is to sniff out narcotics, bombs, fire accelerants or people, she says. But Labrador retrievers like Harley, with their long snouts and big muzzles, can pick up even the faintest olfactory clues. These tech-seeking dogs are helping law enforcement find child pornography stashed in hidden hard drives, uncover concealed phones, nab white-collar evidence kept on hard drives and track calls stored on SIM cards. The most famous case occurred in 2015, when a Labrador retriever named Bear found a hidden flash drive containing child pornography in the home of former Subway spokesman Jared Fogle. The district attorney called the discovery vital to Fogle's conviction.

Read more of this story at Slashdot.

Tanzania Orders All Unregistered Bloggers To Take Down Their Sites

Slashdot - Your Rights Online - Wt, 2018-06-12 00:10
The state-run Tanzania Communications Regulatory Authority (TCRA) ordered all unregistered bloggers and online forums on Monday to suspend their websites immediately or face criminal prosecution. Several sites, including popular online discussion platform Jamiiforums, have reportedly shut down to avoid prosecution. Reuters reports: Regulations passed in March made it compulsory for bloggers and owners of other online forums such as YouTube channels to register with the government and pay up to $900 for a license. Per capita income in Tanzania is slightly below $900 a year. Digital activists say the law is part of a crackdown on dissent and free speech by the government of President John Magufuli, who was elected in 2015. Government officials argue the new rules are aimed at tackling hate speech and other online crimes, including cyberbullying and pornography. "All unregistered online content providers must be licensed before June 15. Starting from today June 11 until June 15, they are prohibited from posting any new content on their blogs, forums or online radios and televisions," the regulator said in a statement on Monday. The statement said legal action would be taken against any unregistered websites posting new content. Anyone convicted of defying the new regulations faces a fine of at least 5 million shillings ($2,200), imprisonment for a minimum 12 months, or both.

Read more of this story at Slashdot.

US Sanctions Russians Over Military, Intelligence Hacking

Slashdot - Your Rights Online - Pn, 2018-06-11 20:50
The U.S. Treasury imposed sanctions on three Russian individuals and five companies on Monday, saying they had worked with Moscow's military and intelligence services on ways to conduct cyber attacks against the United States and its allies. From a report: "The United States is engaged in an ongoing effort to counter malicious actors working at the behest of the Russian Federation and its military and intelligence units to increase Russiaâ(TM)s offensive cyber capabilities," Treasury Secretary Steven Mnuchin said in a statement. "The entities designated today have directly contributed to improving Russia's cyber and underwater capabilities through their work with the FSB and therefore jeopardize the safety and security of the United States and our allies," Mnuchin said, using an acronym for Russia's Federal Security Service.

Read more of this story at Slashdot.

In the Trump Administration, Science Is Unwelcome. So Is Advice.

Slashdot - Your Rights Online - N, 2018-06-10 23:00
Anonymous readers share a report: As President Trump prepares to meet Kim Jong-un of North Korea to negotiate denuclearization, a challenge that has bedeviled the world for years, he is doing so without the help of a White House science adviser or senior counselor trained in nuclear physics. Mr. Trump is the first president since 1941 not to name a science adviser, a position created during World War II to guide the Oval Office on technical matters ranging from nuclear warfare to global pandemics. As a businessman and president, Mr. Trump has proudly been guided by his instincts. Nevertheless, people who have participated in past nuclear negotiations say the absence of such high-level expertise could put him at a tactical disadvantage in one of the weightiest diplomatic matters of his presidency. "You need to have an empowered senior science adviser at the table," said R. Nicholas Burns, who led negotiations with India over a civilian nuclear deal during the George W. Bush administration. "You can be sure the other side will have that." The lack of traditional scientific advisory leadership in the White House is one example of a significant change in the Trump administration: the marginalization of science in shaping United States policy. There is no chief scientist at the State Department, where science is central to foreign policy matters such as cybersecurity and global warming. Nor is there a chief scientist at the Department of Agriculture: Mr. Trump last year nominated Sam Clovis, a former talk-show host with no scientific background, to the position, but he withdrew his name and no new nomination has been made.

Read more of this story at Slashdot.

Mark Zuckerberg and the 2012 Facebook Moscow Hack

Slashdot - Your Rights Online - N, 2018-06-10 03:34
Long-time Slashdot reader theodp writes: As Facebook's privacy debacle rages on, it's interesting to look back at Mark Zuckerberg's 2012 visit to the Facebook Moscow Hack (photos, video), at which Facebook provided training in how to access the data of app users' friends and awarded prizes for apps that did so. In a 2012 video, Facebook's Simon Cross shows the Moscow crowd how they can "get a ton of other information" on Facebook users and their friends. "We now have an access token, so now let's make the same request again and see what happens," Cross explains (YouTube). "We've got a little bit more data, but now we can start doing really interesting stuff. We can get my friends. We can get some more information about one of my friends. Here's Connor, who you'll meet later. Say 'hello,' Connor. He's waving. And we can also get a ton of other information as well." Cross, ironically, was the spokesperson Facebook later tapped in 2015 to explain to the press why giving friends' data to apps was a horrible idea that had to be curtailed lest Facebook lose its users' trust. Cross told reporters that Mark Zuckerberg said one of Facebook's new slogans was 'People First', because "if people don't feel comfortable using Facebook and specifically logging in Facebook and using Facebook in apps, we don't have a platform, we don't have developers."

Read more of this story at Slashdot.