aggregator

Many Google Services on Android Devices and iPhones Store Location Data, Even if Location Sharing is Disabled From Privacy Settings: AP

Slashdot - Your Rights Online - Pn, 2018-08-13 16:00
Google wants to know where you go so badly that it records your movements even when you explicitly tell it not to. An Associated Press investigation found that many Google services on Android devices and iPhones store your location data even if you've used privacy settings that say they will prevent it from doing so. The Associated Press reports that it has confirmed its findings with computer science researchers at Princeton. From the report: For the most part, Google is upfront about asking permission to use your location information. An app like Google Maps will remind you to allow access to location if you use it for navigating. If you agree to let it record your location over time, Google Maps will display that history for you in a "timeline" that maps out your daily movements. Storing your minute-by-minute travels carries privacy risks and has been used by police to determine the location of suspects -- such as a warrant that police in Raleigh, North Carolina, served on Google last year to find devices near a murder scene. So the company will let you "pause" a setting called Location History. Google says that will prevent the company from remembering where you've been. Google's support page on the subject states: "You can turn off Location History at any time. With Location History off, the places you go are no longer stored." That isn't true. Even with Location History paused, some Google apps automatically store time-stamped location data without asking. For example, Google stores a snapshot of where you are when you merely open its Maps app. Automatic daily weather updates on Android phones pinpoint roughly where you are. And some searches that have nothing to do with location, like "chocolate chip cookies," or "kids science kits," pinpoint your precise latitude and longitude -- accurate to the square foot -- and save it to your Google account. The privacy issue affects some two billion users of devices that run Google's Android operating software and hundreds of millions of worldwide iPhone users who rely on Google for maps or search. Storing location data in violation of a user's preferences is wrong, said Jonathan Mayer, a Princeton computer scientist and former chief technologist for the Federal Communications Commission's enforcement bureau.

Read more of this story at Slashdot.

Reddit Blocked In China

Slashdot - Your Rights Online - Pn, 2018-08-13 15:00
An anonymous reader quotes a report from Quartz: Many Reddit users in China who tried to access the social network this weekend were slightly annoyed to find the company's site and app weren't working. But in China, it's second nature for internet users to turn on their VPNs, and in almost no time at all, they were surfing the "front page of the internet" again. According to users' posts, the crackdown appeared to have started on Friday (Aug. 10). By today (Aug. 13), more people said they were able to access Reddit again. Many, however, report that Reddit remains behind the Great Firewall for them. Comparitech, a tool that checks if a domain is blocked in China, continues to show that reddit.com is not accessible via regular internet access, but reachable over VPN. It's unclear if geography is a factor for why some people are and aren't able to access the site.

Read more of this story at Slashdot.

11-Year-Old Changes Election Results On Florida's Website: Defcon 2018

Slashdot - Your Rights Online - Pn, 2018-08-13 09:17
UnknowingFool writes: At this year's DEFCON, a group of 50 children aged 8 to 16 participated in a hack of 13 imitation election websites. One 11-year-old boy changed the voting results in 10 minutes. A 11 year-old-girl was also able to change the voting results in 30 minutes. Overall, more than 30 of the 50 children were able to hack the websites in some form. The so-called "DEFCON Voting Machine Hacking Village" allowed kids the chance to manipulate vote tallies, party names, candidate names and vote count totals. The 11-year-old girl was able to triple the number of votes found on the website in under 15 minutes. The National Association of Secretaries of State said in a statement that it is "ready to work with civic-minded members of the DEFCON community wanting to become part of a proactive team effort to secure our elections." But the organization expressed skepticism over the hackers' abilities to access the actual state websites. "It would be extremely difficult to replicate these systems since many states utilize unique networks and custom-built databases with new and updated security protocols," it read. "While it is undeniable websites are vulnerable to hackers, election night reporting websites are only used to publish preliminary, unofficial results for the public and the media. The sites are not connected to vote counting equipment and could never change actual election results."

Read more of this story at Slashdot.

Oracle Accused of Defrauding Investors On Cloud Sales Growth

Slashdot - Your Rights Online - N, 2018-08-12 23:21
An anonymous reader quotes a report from Bloomberg: Oracle is named in a lawsuit alleging the company's executives lied to shareholders when they explained why cloud sales were growing. The investor leading the case, the City of Sunrise Firefighters' Pension Fund, claimed Oracle engaged in coercion and threats to sell its cloud-computing products, creating an unsustainable model that fell apart, according to the suit seeking class-action status and filed Friday in San Jose, California. The Florida-based firefighter pension fund and other investors lost money when Oracle's stock plummeted in March after reporting a disappointing earnings report and outlook, according to the lawsuit. The suit claimed that Oracle's executives lied in forward-looking statements, which are never guaranteed, during earnings calls and at investor conferences in 2017 when they said customers were rapidly adopting their cloud-based products and cloud sales would accelerate. The firefighter pension, which manages about $143 million for 235 participants, alleged that Oracle used software license audits and weakened existing maintenance programs to compel customers to buy the cloud products.

Read more of this story at Slashdot.

AWS Error Exposed GoDaddy Business Secrets

Slashdot - Your Rights Online - N, 2018-08-12 21:19
Internal information belonging to hosting provider GoDaddy has been exposed via an error in Amazon's AWS bucket configuration. According to cybersecurity firm UpGuard, a set of documents were left in an Amazon S3 bucket which was available to the public. ZDNet reports: The information involved in the security breach appeared to describe GoDaddy's architecture, as well as "high-level configuration information for tens of thousands of systems and pricing options for running those systems in Amazon AWS, including the discounts offered under different scenarios," according to UpGuard. Configuration files for hostnames, operating systems, workloads, AWS regions, memory, CPU specifications, and more were included in the exposed cache, which described at least 24,000 systems. "Essentially, this data mapped a very large scale AWS cloud infrastructure deployment, with 41 different columns on individual systems, as well as summarized and modeled data on totals, averages, and other calculated fields," the cybersecurity firm said. The open bucket, called "abbottgodaddy," also included what the company believes to be business information relating to GoDaddy and Amazon AWS' relationship, including rate negotiations. This information should have been kept confidential. The open bucket, called "abbottgodaddy," also included what the company believes to be business information relating to GoDaddy and Amazon AWS' relationship, including rate negotiations. This information should have been kept confidential.

Read more of this story at Slashdot.

Researchers Use Machine-Learning Techniques To De-Anonymize Coders

Slashdot - Your Rights Online - N, 2018-08-12 18:16
At the DefCon hacking conference on Friday, Rachel Greenstadt, an associate professor of computer science at Drexel University, and Aylin Caliskan, Greenstadt's former PhD student and now an assistant professor at George Washington University, presented a number of studies they've conducted using machine learning techniques to de-anonymize the authors of code samples. "Their work could be useful in a plagiarism dispute, for instance, but it could also have privacy implications, especially for the thousands of developers who contribute open source code to the world," reports Wired. From the report: First, the algorithm they designed identifies all the features found in a selection of code samples. That's a lot of different characteristics. Think of every aspect that exists in natural language: There's the words you choose, which way you put them together, sentence length, and so on. Greenstadt and Caliskan then narrowed the features to only include the ones that actually distinguish developers from each other, trimming the list from hundreds of thousands to around 50 or so. The researchers don't rely on low-level features, like how code was formatted. Instead, they create "abstract syntax trees," which reflect code's underlying structure, rather than its arbitrary components. Their technique is akin to prioritizing someone's sentence structure, instead of whether they indent each line in a paragraph. The method also requires examples of someone's work to teach an algorithm to know when it spots another one of their code samples. If a random GitHub account pops up and publishes a code fragment, Greenstadt and Caliskan wouldn't necessarily be able to identify the person behind it, because they only have one sample to work with. (They could possibly tell that it was a developer they hadn't seen before.) Greenstadt and Caliskan, however, don't need your life's work to attribute code to you. It only takes a few short samples.

Read more of this story at Slashdot.

Faces Are Being Scanned At US Airports With No Safeguards on Data Use

Slashdot - Your Rights Online - N, 2018-08-12 03:34
schwit1 writes: The program makes boarding an international flight a breeze: Passengers step up to the gate, get their photo taken and proceed onto the plane. There is no paper ticket or airline app. Thanks to facial recognition technology, their face becomes their boarding pass.... The problem confronting thousands of travelers, is that few companies participating in the program, called the Traveler Verification Service, give explicit guarantees that passengers' facial recognition data will be protected. And even though the program is run by the Department of Homeland Security, federal officials say they have placed no limits on how participating companies -- mostly airlines but also cruise lines -- can use that data or store it, opening up travelers' most personal information to potential misuse and abuse such as being sold or used to track passengers' whereabouts. The Department of Homeland Security is now using the data to track foreigners overstaying their visas, according to the Times. "After passengers' faces are scanned at the gate, the scan is sent to Customs and Border Protection and linked with other personally identifying data, such as date of birth and passport and flight information." But the face scans are collected by independent companies, and Border Protection officials insist they have no control over how that data gets used.

Read more of this story at Slashdot.

Short-Sellers Sue Tesla After Musk's 'Going Private' Tweets

Slashdot - Your Rights Online - So, 2018-08-11 20:41
An anonymous reader quotes the BBC: Elon Musk's bombshell announcement that he is thinking of taking the electric car company Tesla private has landed him a lawsuit from unhappy investors.... His comments caused the share price to shoot up 11% to nearly $380, though it has since fallen back. Short-sellers, who bet on share price falls, allege he misled the market.... Short-sellers, who make a profit by borrowing shares, selling them and then buying them back at an expected lower price, claim to have lost millions thanks to Mr Musk's comments. Plaintiff Kalman Isaacs alleges the announcement was aimed at "completely decimating" short-sellers. His lawsuit, and another filed by William Chamberlain, accuse Mr Musk and Tesla of violating federal securities laws and artificially inflating Tesla's share price. Neither Mr Musk nor Tesla have commented on the lawsuit, which was filed in a federal court in San Francisco. Tesla "is holding early discussions with banks about the feasibility and structure of a possible deal," Bloomberg reported yesterday -- and Ars Technica points out that if Mr. Isaacs had simply kept his short positions open through Friday, "he would be at least $60,000 richer." But Isaacs' hopes to be the lead plaintiff for a class-action lawsuit "representing all Tesla shareholders who traded after Musk's tweet on Tuesday or at any time on Wednesday."

Read more of this story at Slashdot.

Seattle Airport Employee Steals Airplane, Crashes It Into the Ground

Slashdot - Your Rights Online - So, 2018-08-11 19:49
An anonymous reader quotes the Los Angeles Times: An airline worker stole an empty Alaska Airlines plane from Seattle-Tacoma International Airport in Washington on Friday night, and the National Guard scrambled two fighter jets to chase the aircraft, which crashed on a sparsely populated island in Puget Sound, officials said. No passengers were aboard the 76-seat Horizon Air Q400 turboprop plane, which was stolen by a 29-year-old Horizon Air ground service agent from Pierce County, according to airline and law enforcement officials.... The man was described as suicidal, and it appeared impossible that he could have survived the crash.... The plane made an unauthorized takeoff from the airport around 8 p.m. and crashed on Ketron Island, about five miles southwest of Tacoma, after the renegade pilot bantered erratically with air-traffic controllers who pleaded with him to land the plane, according to officials and dispatch audio. "This is probably jail time for life, huh?" said the man, identified on the radio as Rich, according to dispatch audio reviewed by the Seattle Times.... At another point, the employee said: "I'm gonna land it, in a safe kind of manner. I think I'm gonna try to do a barrel roll, and if that goes good, I'm just gonna nose down and call it a night...." "Oh, my God! Oh, my God! He's OK? He's OK," one woman said in a video posted on Facebook, which showed at least one military jet in pursuit. It's not clear how long afterward the plane crashed.

Read more of this story at Slashdot.

Should Online Courses Film Students Taking Tests?

Slashdot - Your Rights Online - So, 2018-08-11 16:34
Recently the Palm Beach Post noted that 20% of the academic credit awarded at Florida Atlantic University is for online courses. So how can they stop cheaters? Where once it was enough for a professor to roam the aisles of a classroom, checking for cheat sheets and keeping an eye out for students signaling one another, proctoring today's tests often requires web cams and biometric IDs. A field of more than a dozen test-proctoring services has emerged in the past decade. Typically, the company gets some sort of visual on the test taker via a web cam and then asks the student to show the camera his or her ID. Other security layers can include software that recognizes faces or even keystroking patterns. The next step is to monitor the student during the test. In the online proctoring world, that is done in one of three ways: * A remote but live proctor who watches in real time. * A record-and-review method in which a proctor watches the testing session, but not in real time. * An automated system, in which the software is programmed to spot abnormalities and flag them. Honorlock -- one of the record-and-review outfits -- expected to proctor roughly 100,000 tests in the 2017-2018 school year, and promises schools that their solution also searches the web for copies of the test and automatically files takedown notices for any leaked copies, according to a link shared by Slashdot reader Presto Vivace. Besides filming students during tests, it also includes patented technology that "detects and prevents searching for test answers online from any secondary device." And it even verifies the identity of test takers using "any government issued" i.d. (like a driver's license or passport) or student ID which includes a photo. One student complained on Reddit that "This seems crazy invasive and should probably be illegal," adding "is there anything passive aggressive you want me to say into the mic?" But what do Slashdot readers think? Should professors be remotely detecting searches on handheld devices, using photo IDs to verify identities -- and filming students taking tests?

Read more of this story at Slashdot.

Monsanto Ordered To Pay $289 Million In Roundup Cancer Trial

Slashdot - Your Rights Online - So, 2018-08-11 05:30
An anonymous reader shares a report from the BBC involving glyphosate, the world's most common weedkiller: Chemical giant Monsanto has been ordered to pay $289 million in damages to a man who claimed herbicides containing glyphosate had caused his cancer. In a landmark case, a Californian jury found that Monsanto knew its Roundup and RangerPro weedkillers were dangerous and failed to warn consumers. It's the first lawsuit to go to trial alleging a glyphosate link to cancer. Monsanto denies that glyphosate causes cancer and says it intends to appeal against the ruling. The claimant in the case, groundskeeper Dewayne Johnson, is among more than 5,000 similar plaintiffs across the US. Mr Johnson was diagnosed with non-Hodgkin's lymphoma in 2014. His lawyers said he regularly used a form of RangerPro while working at a school in Benicia, California. Jurors found on Friday that the company had acted with "malice" and that its weedkillers contributed "substantially" to Mr Johnson's terminal illness.

Read more of this story at Slashdot.

FCC Proposes To Maintain US Broadband Standard of 25Mbps Down, 3Mbps Up

Slashdot - Your Rights Online - So, 2018-08-11 03:30
The FCC is proposing to maintain the U.S. broadband standard at the current level of 25Mbps downstream and 3Mbps upstream. FCC Chairman Ajit Pai has kept the standard at these speeds since 2017, despite calls to raise it from Democratic Commissioner Jessica Rosenworcel. This week, Pai proposed keeping the standard the same for another year. Ars Technica reports: The FCC raised the standard from 4Mbps/1Mbps to 25Mbps/3Mbps in January 2015 under then-Chairman Tom Wheeler. Ajit Pai, who was then a commissioner in the FCC's Republican minority, voted against raising the speed standard. As FCC chairman since 2017, Pai has kept the standard at 25Mbps/3Mbps despite calls to raise it from Democratic Commissioner Jessica Rosenworcel. This week, he proposed keeping the standard the same for another year. "This inquiry fundamentally errs by proposing to keep our national broadband standard at 25Mbps," Rosenworcel said yesterday. "It is time to be bold and move the national broadband standard from 25 Megabits to 100 Megabits per second. When you factor in price, at this speed the United States is not even close to leading the world. That is not where we should be and if in the future we want to change this we need both a more powerful goal and a plan to reach it. Our failure to commit to that course here is disappointing. I regretfully dissent." While Pai's proposal isn't yet finalized, keeping the current speed standard would likely mean that Pai's FCC will conclude that broadband deployment is already happening fast enough throughout the US. Pai could use that conclusion in attempts to justify further deregulation of the broadband industry.

Read more of this story at Slashdot.

Crestron Touchscreens Could Spy On Hotel Rooms, Meetings

Slashdot - Your Rights Online - So, 2018-08-11 01:30
An anonymous reader quotes a report from Wired: The connected devices you think about the least are sometimes the most insecure. That's the takeaway from new research to be presented at the DefCon hacking conference Friday by Ricky Lawshae, an offensive security researcher at Trend Micro. Lawshae discovered over two dozen vulnerabilities in Crestron devices used by corporations, airports, sports stadiums, and local governments across the country. While Crestron has released a patch to fix the issues, some of the weaknesses allowed for hackers to theoretically turn the Crestron Android touch panels used in offices and hotel rooms into spy devices. Lawshae quickly noticed that these devices have security authentication protections disabled by default. For the most part, the Crestron devices Lawshae analyzed are designed to be installed and configured by third-party technicians, meaning an IT engineer needs to voluntarily turn on security protections. The people who actually use Crestron's devices after they're installed might not even know such protections exist, let alone how crucial they are. Crestron devices do have special engineering backdoor accounts which are password-protected. But the company ships its devices with the algorithm that is used to generate the passwords in the first place. That information can be used by non-privileged users to reverse engineer the password itself, a vulnerability simultaneously identified by both Lawshae and Jackson Thuraisamy, a vulnerability researcher at Security Compass. There were also over two dozen other vulnerabilities that could be exploited to do things like transform them into listening devices. In addition to being able to remotely record audio via the microphones to a downloadable file, Lawshae was also able to remotely stream video from the webcam and open a browser and display a webpage to an unsuspecting room full of meeting attendees. "Crestron has issued a fix for the vulnerabilities, and firmware updates are now available," reports Wired.

Read more of this story at Slashdot.

Google Boots Open Source Anti-Censorship Tool From Chrome Store

Slashdot - Your Rights Online - So, 2018-08-11 00:50
Google has removed the open-source Ahoy! extension from the Chrome store with little explanation. The tool facilitated access to more than 1,700 blocked sites in Portugal by routing traffic through its own proxies. TorrentFreak reports: After servicing 100,000 users last December, Ahoy! grew to almost 185,000 users this year. However, progress and indeed the project itself is now under threat after arbitrary action by Google. "Google decided to remove us from Chrome's Web Store without any justification," team member Henrique Mouta informs TF. "We always make sure our code is high quality, secure and 100% free (as in beer and as in freedom). All the source code is open source. And we're pretty sure we never broke any of the Google's marketplace rules." Henrique says he's tried to reach out to Google but finding someone to help has proven impossible. Even re-submitting Ahoy! to Google from scratch hasn't helped the situation. "I tried and resubmitted the plugin but it was refused after a few hours and without any justification," Henrique says. "Google never reached us or notified us about the removal from Chrome Web Store. We never got a single email justifying what happened, why have we been removed from the store, or/and what are we breaching and how can we fix it." TorrentFreak reached out to Google asking why this anti-censorship tool has been removed from its Chrome store. Despite multiple requests, the search giant failed to respond to us or the Ahoy! team. Thankfully, the Ahoy! extension is still available on Firefox.

Read more of this story at Slashdot.

The Pirate Bay Turns 15

Slashdot - Your Rights Online - Pt, 2018-08-10 21:28
Sometime about 15 years ago, a group of hackers and activists launched The Pirate Bay, a notorious torrent search engine. TorrentFreak: While the exact launch date is a bit of a mystery, even to the site's founders, August 10 was previously chosen as its anniversary. What we do know is that the site was brought online in 2003 by now-disbanded pro-culture organization Piratbyran, which is Swedish for Bureau of Piracy. The group was formed by political activists and hackers in the same year, many of whom had already launched other web projects challenging political, moral, and power structures. One of the group's unwritten goals was to offer a counterweight to the propaganda being spread by local anti-piracy outfit Antpiratbyran. With BitTorrent as the up-and-coming file-sharing technology, they saw fit to start their own file-sharing site to promote sharing of information. The Pirate Bay first came online in Mexico where Gottfrid Svartholm, aka Anakata, hosted the site on a server owned by the company he was working for at the time. After a few months, the site moved to Sweden where it was hosted on a Pentium III 1GHz laptop with 256MB RAM.

Read more of this story at Slashdot.

Nintendo's Offensive, Tragic, and Totally Legal Erasure of ROM Sites

Slashdot - Your Rights Online - Pt, 2018-08-10 20:50
"The damage that removing ROMs from the internet could do to video games as a whole is catastrophic." From a report: In July, Nintendo sued two popular ROM sites, LoveROMS and LoveRetro.co, for what it called "brazen and mass-scale infringement of Nintendo's intellectual property rights." Both sites have since shut down. On Wednesday, another big, 18-year-old ROM site, EmuParadise, said it would no longer be able to allow people to download old games due to "potentially disastrous consequences." Nintendo owns the intellectual property for its games, and when people pirate them instead of buying a Nintendo Super NES Classic Edition or a downloading a copy from one of its digital storefronts, it can argue it's losing money. According to Nintendo's official site, ROMs and video game emulation also represent "the greatest threat to date to the intellectual property rights of video game developers," and "have the potential to significantly damage" tens of thousands of jobs. Even when a Nintendo game isn't for sale, it's still the company's intellectual property, and it can enforce its copyright if it wants. But the damage that removing ROMs from the internet could do to video games as a whole is catastrophic. Many game developers and people who have otherwise made video games a major part of their lives, especially those who grew up in low-income households or outside a Western country, wouldn't have been inspired to take that path if it wasn't for ROMs. Entire chapters of video game history would be lost if ROMs and emulation didn't preserve games where publishers failed to. And perhaps most importantly, denying people access to ROMs makes the process of educating them in game development much more difficult, potentially hobbling future generations of video game makers.

Read more of this story at Slashdot.

Lawsuit Threat Shuts Down ROM Downloads On Major Emulation Site 'EmuParadise'

Slashdot - Your Rights Online - Pt, 2018-08-10 03:25
Following Nintendo's recent lawsuits against ROM sites LoveROMs and LoveRetro, a major ROM repository called EmuParadise announced it will preemptively cease providing downloadable versions of copyrighted classic games. While no lawsuits have been filed yet, the site's founder, MasJ, writes in an announcement post: "It's not worth it for us to risk potentially disastrous consequences. I cannot in good conscience risk the futures of our team members who have contributed to the site through the years. We run EmuParadise for the love of retro games and for you to be able to revisit those good times. Unfortunately, it's not possible right now to do so in a way that makes everyone happy and keeps us out of trouble." Ars Technica reports: EmuParadise will continue to operate as a repository for legal downloads of classic console emulators, as well as a database of information on thousands of classic games. "But you won't be able to get your games from here for now," as MasJ writes. Since founding EmuParadise in 2000, MasJ says EmuParadise has faced threatening letters, server shutdowns, and numerous DMCA takedown requests for individual games. Through it all, he says he was encouraged by "thousands of emails from people telling us how happy they've been to rediscover and even share their childhood with the next generations in their families."

Read more of this story at Slashdot.

Colorado Candidate For Governor Wants To Put His State On the Blockchain

Slashdot - Your Rights Online - Pt, 2018-08-10 02:03
An anonymous reader quotes a report from Gizmodo: The Democratic nominee for governor of Colorado, U.S. Representative Jared Polis, wants to add blockchain to the list of items voters consider this year. Polis currently represents Colorado's 2nd district in the House, and he won the Democratic gubernatorial nomination last month. He's held his seat in the House for about a decade and has been a fairly solid progressive. On Wednesday, Polis added a set of limited proposals regarding blockchain to his gubernatorial platform that at least give us an idea of what it means for a politician to campaign on blockchain. Polis told us he would like to resolve some of the "ambiguity" in federal rules, encourage fintech company investment, remove some licensing requirements for token securities, and exempt cryptocurrencies from state money transition laws. He says these companies are "trying to fit what they're doing into an obsolete, outdated, and often obsolete federal law." Polis also wants to explore how blockchain could be used for voting security. Polis isn't ready to necessarily endorse moving all voting to the blockchain system. He likes paper ballots and told us, "this would be more how the information is generated and stored from those paper ballots rather than doing so in a centralized database it would be done across a distributed ledger." The congressman also thinks that blockchain could be used to streamline the process for storing public records and making them available to the public. "We're talking more about everything from Colorado contracts, expenditures, titles, a lot of the data-intensive aspects of state government can be more secure and more accessible through distributed ledgers," he said.

Read more of this story at Slashdot.

Tribune Terminates $3.9 Billion Merger With Rival Sinclair

Slashdot - Your Rights Online - Pt, 2018-08-10 00:03
The merger that once seemed all but inevitable has fallen apart. According to The Wall Street Journal, Tribune Media has terminated its merger agreement with rival TV station-owner Sinclair Broadcast Group (Warning: source may be paywalled; alternative source). The company is also suing Sinclair for failing to make sufficient efforts to get their $3.9 billion deal approved by regulators. From the report: The suit, filed in Delaware Chancery Court, alleges that Sinclair breached the merger agreement by engaging in "unnecessarily aggressive and protracted negotiations" with regulators over their requirement that Sinclair divest stations in certain markets to obtain approval, Tribune said in a statement. The deal structures Sinclair proposed, which Tribune said were done to allow it to maintain control over stations, created risks for the deal in violation of the merger agreement. Tribune is seeking financial damages. The collapse of the deal and lawsuit mark a stunning turn of events for a deal that when it was announced in April of 2016 seemed certain to receive regulatory approval. "Our merger cannot be completed within an acceptable time frame, if ever, Tribune Media Chief Executive Peter Kern said in a statement. "This uncertainty and delay would be detrimental to our company and our shareholders. Accordingly, we have exercised our right to terminate the merger agreement, and, by way of our lawsuit, intend to hold Sinclair accountable." The merger hit the rocks last month when FCC commissioners voted to send the proposed sale to a judge. "FCC chairman Ajit Pai raised 'serious concerns' about Sinclair's selloff of 21 stations it had proposed in order to remain under station ownership limits post-merger," Engadget reported last month. "Had Sinclair declined to sell off some stations, its 173 broadcast stations in 81 markets, combined with Tribune's 42 stations in 33 markets would reach 72 percent of U.S. TV households."

Read more of this story at Slashdot.

Warning Over 'Panic' Hacks on Cities

Slashdot - Your Rights Online - Cz, 2018-08-09 19:23
Security flaws have been found in major city infrastructure such as flood defences, radiation detection and traffic monitoring systems. A team of researchers found 17 vulnerabilities, eight of which it described as "critical." From a report: The researchers warned of so-called "panic attacks," where an attacker could manipulate emergency systems to create chaos in communities. The specific flaws uncovered by the team have been patched. "If someone, supervillain or not, were to abuse vulnerabilities like the ones we documented in smart city systems, the effects could range from inconvenient to catastrophic," wrote Daniel Crowley, from IBM's cyber research division, X-Force Red. "While no evidence exists that such attacks have taken place, we have found vulnerable systems in major cities in the US, Europe and elsewhere." The team plans to explain the vulnerabilities at Black Hat -- a cyber-security conference -- on Thursday.

Read more of this story at Slashdot.