aggregator

Ex-Uber Engineer Pleads Guilty To Stealing Trade Secrets From Google

Slashdot - Your Rights Online - So, 2020-03-21 01:30
Anthony Levandowski, former Google engineer and a pioneer of self-driving car tech, agreed to plead guilty Thursday to stealing trade secrets from the internet giant. CNET reports: Levandowski left Google in 2016 to start his own self-driving truck company, which was quickly acquired by Uber for $680 million. These actions set off a chain of events that led to Google's autonomous vehicle unit, Waymo, suing Uber over alleged theft of self-driving car trade secrets. That lawsuit settled in February 2018 with Uber agreeing to pay Waymo $245 million. The prosecutors indicted Levandowski in August in a suit that involves 33 counts of theft and attempted theft of trade secrets from Google. The activities allegedly took place as he prepared to leave the search giant to build out Uber's self-driving car operation. Levandowski pleaded guilty to one count of trade secret theft in an agreement in which federal prosecutors agree to drop the remaining charges, according to a filing with the U.S. District Court of the Northern District of California. The plea carries a maximum sentence of 10 years in prison and a maximum fine of $250,000. "I downloaded these files with the intent to use them for my own personal benefit, and I understand that I was not authorized to take the files for this purpose," Levandowski said in the filing. No sentencing date has yet been scheduled.

Read more of this story at Slashdot.

Coronavirus Disruption Risks Damaging the 2020 United States Census

Slashdot - Your Rights Online - Pt, 2020-03-20 15:00
An anonymous reader quotes a report from The Economist: When the 2020 United States census, scheduled for April 1st, was planned, the areas of most concern were mapped. They include places like Deep East Texas, an area of 10,000 square miles north-east of Houston with a population of roughly 385,000 people. In large parts of the region most people do not have internet access. Many live in places only accessible with four-wheel drives. Counting everybody in Deep East Texas was never going to be easy. Now it looks like it may be near impossible. "The coronavirus has certainly complicated matters," says Lonnie Hunt, the director of the Deep East Texas Council of Governments (detcog), an intergovernmental agency. To help ensure an accurate count, detcog had hired a dozen census coordinators to go out to community events -- sports matches, church services, school sports days -- with information to persuade people to send their returns in, and internet hotspots and iPads with which to do it on the spot. Most of those events are now being cancelled. With people staying indoors, they probably will not encounter any of the workers meant to explain to them the importance of the census and get them to fill it in. The virus may represent the biggest threat to the United States census in its 230-year history. So far the Census Bureau has only made modest changes. On March 18th the agency announced that all field operations are to be suspended until April 1st. On other surveys officials will make phone calls instead of visits. It has asked administrators of "group quarters" -- institutions like nursing homes, prisons and college dormitories -- to "choose a way to count their residents that requires less in-person contact." But more radical adjustments may be needed. Terri Ann Lowenthal, a former director of the House committee that oversees the census, notes that the count takes ten years to plan, and "yet now the Census Bureau is being forced to make shifts basically on the fly." On March 17th Brazil announced it would delay its census by a year. American officials might have to consider that, too.

Read more of this story at Slashdot.

California Governor Issues Statewide Order To 'Stay At Home' To Prevent Spread of the Coronavirus

Slashdot - Your Rights Online - Pt, 2020-03-20 03:57
All residents in the state of California are being ordered to "stay at home" to prevent the spread of the coronavirus. "We need to bend the curve in the state of California," Governor Gavin Newsom said in a press conference. "There's a social contract here, people I think recognize the need to do more. They will adjust and adapt as they have." Newsom added: "Home isolation is not my preferred choice... but it is a necessary one. This is not a permanent state, it is a moment in time." As of publication, 19 people in California have died and another 958 have tested positive for the disease. "The state projects that 25.5 million people in California will be infected with the coronavirus over an eight-week period," reports Los Angeles Times, citing a letter Newsom sent to President Trump on Wednesday. Newsom is requesting $1 billion in federal funds to support the state's medical response to the virus. He's also requesting the deployment of the U.S. Navy's Mercy Hospital Ship to the Port of Los Angeles through Sept. 1. "The economic disruption caused by this public health crisis will have immediate and devastating effects on our entire country, including too many families in California," Newsom wrote. "The magnitude of this crisis is extraordinary and federal-state-local government coordination will be more critical than ever before."

Read more of this story at Slashdot.

IT Security Report Finds 97 Percent Have Suspicious Network Activity

Slashdot - Your Rights Online - Pt, 2020-03-20 02:50
According to a 13-page study from IT security vendor Positive Technologies, a whopping 97% of surveyed companies with at least 1,000 employees show evidence of suspicious activity in their network traffic and that 81% of the companies were being subject to malicious activity. TechRepublic reports: "In one in every three companies, there were traces of scans of its internal network, which could potentially mean that hackers are gathering intelligence inside the infrastructure. This includes network scans, multiple failed attempts to connect to hosts, and traces of collecting intelligence on active network sessions on a specific host or in the entire domain." Another alarming statistic from the research showed that 94% of the participating companies in the study suffered from noncompliance with their corporate security policies within their IT infrastructure systems, leaving them more vulnerable to successful cyberattacks, according to the report. Noncompliance with IT security policies "has a direct impact on security deterioration, by practically opening the door for the hackers to exploit," the report continued. Also worrisome is that 81% of the participating companies are transmitting their sensitive data in clear text, or text that is not encrypted or meant to be encrypted, according to the research. By using only risky clear text, companies can enable potential hackers to search their network traffic for logins and passwords which are moving between and across corporate networks. Meanwhile, some 67% of the companies allow the use of remote access software, such as RAdmin, TeamViewer, and Ammyy Admin, which can also be compromised by attackers to move along the network while remaining undetected by security tools, the report states. In addition, workers in 44% of the companies use BitTorrent for data transfer, which dramatically can increase the risk of malware infection. Ultimately, 92% of these network security threats were detected inside the perimeters of the companies that were surveyed, according to the report, which reveals the depth of the problems and the need for constant internal network monitoring.

Read more of this story at Slashdot.

NASA's SLS Moon Rocket Is 44 Percent Over Budget and 3 Years Behind Schedule, Report Says

Slashdot - Your Rights Online - Cz, 2020-03-19 01:40
schwit1 shares a report from UPI: Construction on NASA's mobile launcher program for the new Space Launch System moon rocket is 44 percent over budget and three years behind schedule, a new report said. The space agency has built one massive rolling platform to move its moon rockets, with another on the way. Crews are adapting the first launcher to be mated with the SLS rocket for its first launch, planned later this year. But the first launcher cost $308 million more than a budget set in 2014, for a total of $693 million, according to the report released Tuesday from NASA's Office of Inspector General. Construction of the first platform "lacked coordination and competition with design contractors, coupled with ... design errors and integration challenges that drove the project's cost increases and schedule delays," the report said.

Read more of this story at Slashdot.

Medical Company Threatens To Sue Volunteers That 3D-Printed Valves for Life-Saving Coronavirus Treatments

Slashdot - Your Rights Online - Śr, 2020-03-18 17:29
A medical device manufacturer has threatened to sue a group of volunteers in Italy that 3D printed a valve used for life-saving coronavirus treatments. From a report: The valve typically costs about $11,000 from the medical device manufacturer, but the volunteers were able to print replicas for about $1. A hospital in Italy was in need of the valves after running out while treating patients for COVID-19. The hospital's usual supplier said they could not make the valves in time to treat the patients. That launched a search for a way to 3D print a replica part, and Cristian Fracassi and Alessandro Ramaioli, who work at Italian startup Isinnova, offered their company's printer for the job. However, when the pair asked the manufacturer of the valves for blueprints they could use to print replicas, the company declined and threatened to sue for patent infringement. Fracassi and Ramaioli moved ahead anyway by measuring the valves and 3D printing three different versions of them.

Read more of this story at Slashdot.

Popcorn Time, the 'Netflix For Piracy,' Is Back Online

Slashdot - Your Rights Online - Śr, 2020-03-18 00:00
Popcorn Time, the highly popular and extremely-easy-to-use "Netflix for piracy" service, came back Tuesday after a years-long hiatus. The move comes as people around the world are quarantined or being asked to stay in their homes during the coronavirus pandemic. Motherboard reports: Popcorn Time allows people to stream movies using BitTorrent, without actually downloading the movies or worrying about finding a tracker to use. Essentially, it removes any torrenting learning curve, allowing people to (illegally) stream movies and television shows from an easy-to-use app. Because it's so simple to use, Popcorn Time became instantly popular upon its release in 2014 and was immediately targeted by the movie industry. The service was shut down multiple times by court order, police raids, and IP blocks all over the world between 2014 and now; the open source app was forked several times and has worked intermittently, but has been largely offline over the last few years. Within the last couple days, a new version of Popcorn Time popped up on Popcorntime.app, version 4.0. The new app works just as well as earlier versions of the app, is free, and implores people to use virtual private networks to avoid having their use of the app detected by their internet service providers. The app has been released while many around the world are quarantined, and also comes at a time when piracy is becoming more popular, generally speaking. Other versions of Popcorn Time are also currently active, but the user interface of this one and its release appear to be closely affiliated with earlier Popcorn Time projects, based on domain redirects and urls.

Read more of this story at Slashdot.

US Government, Tech Industry Discussing Ways To Use Smartphone Location Data To Combat Coronavirus

Slashdot - Your Rights Online - Wt, 2020-03-17 22:40
The U.S. government is in active talks with Facebook, Google and a wide array of tech companies and health experts about how they can use location data gleaned from Americans' phones to combat the novel coronavirus, including tracking whether people are keeping one another at safe distances to stem the outbreak. From a report: Public-health experts are interested in the possibility that private-sector companies could compile the data in anonymous, aggregated form, which they could then use to map the spread of the infection, according to three people familiar with the effort, who requested anonymity because the project is in its early stages. Analyzing trends in smartphone owners' whereabouts could prove to be a powerful tool for health authorities looking to track coronavirus, which has infected more than 180,000 people globally. But it's also an approach that could leave some Americans uncomfortable, depending on how it's implemented, given the sensitivity when it comes to details about their daily whereabouts.

Read more of this story at Slashdot.

SoftBank-owned Patent Troll, Using Monkey Selfie Law Firm, Sues To Block Covid-19 Testing, Using Theranos Patents

Slashdot - Your Rights Online - Wt, 2020-03-17 16:00
Mike Masnick, reporting for TechDirt: It's a story involving patents, patent trolling, Covid-19, Theranos, and even the company that brought us all WeWork: SoftBank. Oh, and also Irell & Manella, the same law firm that once claimed it could represent a monkey in a copyright infringement dispute. You see, Irell & Manella has now filed one of the most utterly bullshit patent infringement lawsuits you'll ever see. They are representing "Labrador Diagnostics LLC" a patent troll which does not seem to exist other than to file this lawsuit, and which claims to hold the rights to two patents (US Patents 8,283,155 and 10,533,994) which, you'll note, were originally granted to Elizabeth Holmes and Theranos -- the firm that shut down in scandal over medical testing equipment that appears to have been oversold and never actually worked. Holmes is still facing federal charges of wire fraud over the whole Theranos debacle. However, back in 2018, the remains of Theranos sold its patents to Fortress Investment Group. Fortress Investment Group is a SoftBank-funded massive patent troll. You may remember the name from the time last fall when Apple and Intel sued the firm, laying out how Fortress is a sort of uber-patent troll, gathering up a bunch of patents and then shaking down basically everyone. Lovely, right? So, this SoftBank-owned patent troll, Fortress, bought up Theranos patents, and then set up this shell company, "Labrador Diagnostics," which decided that right in the midst of the Covid-19 pandemic it was going to sue one of the companies making Covid-19 tests, saying that its test violates those Theranos patents, and literally demanding that the court bar the firm from making those Covid-19 tests.

Read more of this story at Slashdot.

Brave Browser Files GDPR Complaint Against Google

Slashdot - Your Rights Online - Wt, 2020-03-17 09:00
Brave has filed a formal complaint against Google with the lead GDPR enforcer in Europe. The complaint comes after Dr. Johnny Ryan, Brave's chief policy and industry relations officer, promised to take Google to court if it didn't stop abusing its power by sharing user data collected by dozens of its distinct services, and creating a "free for all" data warehouse. Cointelegraph reports: Now, the complaint is with the Irish Data Protection Commission. It accuses Google of violating Article 5(1)b of the GDPR. Dublin is Google's European headquarters and, as Dr. Ryan explained to Cointelegraph, the Commission "is responsible for regulating Google's data protection across the European Economic Area." Article 5(1)b of the GDPR requires that data be "collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes." According to Dr. Ryan: "Enforcement of Brave's GDPR 'purpose limitation' complaint against Google would be tantamount to a functional separation, giving everyone the power to decide what parts of Google they chose to reward with their data." In addition to filing a formal complaint with the Irish Data Protection Commission, Brave has reportedly written to the European Commission, German Bundeskartellamt, UK Competition & Markets Authority, and French Autorite de la concurrence. If none of these regulatory bodies take action against Google, Brave has suggested that it may take the tech giant to court itself.

Read more of this story at Slashdot.

Israel Takes Step Toward Monitoring Phones of Virus Patients

Slashdot - Your Rights Online - Pn, 2020-03-16 23:45
Israel has long been known for its use of technology to track the movements of Palestinian militants. Now, Prime Minister Benjamin Netanyahu wants to use similar technology to stop the movement of the coronavirus. From a report: Netanyahu's Cabinet on Sunday authorized the Shin Bet security agency to use its phone-snooping tactics on coronavirus patients, an official confirmed, despite concerns from civil-liberties advocates that the practice would raise serious privacy issues. The official spoke on condition of anonymity pending an official announcement. Netanyahu announced his plan in a televised address late Saturday, telling the nation that the drastic steps would protect the public's health, though it would also "entail a certain degree of violation of privacy." Israel has identified more than 200 cases of the coronavirus. Based on interviews with these patients about their movements, health officials have put out public advisories ordering tens of thousands of people who may have come into contact with them into protective home quarantine. The new plan would use mobile-phone tracking technology to give a far more precise history of an infected person's movements before they were diagnosed and identify people who might have been exposed.

Read more of this story at Slashdot.

Apple Fined Record $1.23 Billion in France for Price-Fixing Scheme

Slashdot - Your Rights Online - Pn, 2020-03-16 17:20
France's competition agency has announced a $1.23 billion fine against Apple, claiming the tech giant conspired with distributors of gadgets such as the iPad to fix prices and limit competition. From a report: The decision came from France's L'Autorite de la concurrence and is its largest fine ever. The agency said Apple tightly restricted supplies and effectively required distributors such as Tech Data and Ingram Micro to charge the same prices for devices that could also be purchased through its own online and physical retail stores. "It is the heaviest sanction pronounced against an economic player, in this case Apple, whose extraordinary size has been duly taken into account," said agency director Isabelle de Silva in a statement. The agency also respectively levied fines of $84.7 million and $69 million against Tech Data and Ingram Micro for their roles in agreeing to terms that hurt other smaller distributors.

Read more of this story at Slashdot.

Amazon and Google Now Require Continuous Data From Other Smarthome Devices

Slashdot - Your Rights Online - Pn, 2020-03-16 06:34
An anonymous reader quotes CNET: For years, smart speakers from Amazon, Google and Apple have traded data back and forth with other devices in the home. This is how their voice assistants turn on the smart lights. But in early 2019, something changed: Amazon and Google began requiring continuous status-change updates from devices -- requiring, for instance, partnered smart bulbs to send data to Amazon or Google any time they are turned on or off... Before automatic status updates, if you asked your voice assistant to turn on the lights, Alexa or Google Assistant had to ping the smart bulbs to check whether they were already on, receive the status, then send the appropriate command. With status updates in place, the first two steps of that process were excised... It was a seemingly small change and one that received modest media coverage, but some smart home developers are increasingly uncomfortable with the change... After probing further, it appears that not only do status updates make users and their data more vulnerable to attack, but it also gives these tech giants access to more home occupancy data than ever before. Despite the discomfort of numerous partners, Google and Amazon have shown no willingness to alter course... "[Status update] data gives platforms [like Google and Amazon] a privileged position that no one manufacturer enjoys," said Brad Russell, the Research Director of smart home devices at research firm Parks Associates Inc. While Amazon says it doesn't sell the data it gathers to third parties or use it for targeted advertising, that data is still of tremendous value to the company. In much the same way it can tell how many times per year Alexa users ask for the time, then create a product based on that data, Amazon can now tell where you spend your time in your house, when you're awake and when you're sleeping and countless other life patterns you're only vaguely aware of yourself. Google, too, profits from this data, though it seems more reluctant to admit it.

Read more of this story at Slashdot.

Live Coronavirus Map Used to Spread Malware

Slashdot - Your Rights Online - N, 2020-03-15 21:34
Malware distributors "have started disseminating real-time, accurate information about global infection rates tied to the Coronavirus/COVID-19 pandemic in a bid to infect computers with malicious software," reports security researcher Brian Krebs: In one scheme, an interactive dashboard of Coronavirus infections and deaths produced by Johns Hopkins University is being used in malicious Web sites (and possibly spam emails) to spread password-stealing malware. Late last month, a member of several Russian language cybercrime forums began selling a digital Coronavirus infection kit that uses the Hopkins interactive map as part of a Java-based malware deployment scheme. The kit costs $200 if the buyer already has a Java code signing certificate, and $700 if the buyer wishes to just use the seller's certificate. "It loads [a] fully working online map of Corona Virus infected areas and other data," the seller explains. "Map is resizable, interactive, and has real time data from World Health Organization and other sources. Users will think that PreLoader is actually a map, so they will open it and will spread it to their friends and it goes viral...!" The sales thread claims the customer's payload can be bundled with the Java-based map into a filename that most Webmail providers allow in sent messages... The seller says the user/victim has to have Java installed for the map and exploit to work, but that it will work even on fully patched versions of Java... It's unclear how many takers this seller has had, but earlier this week security experts began warning of new malicious Web sites being stood up that used interactive versions of the same map to distract visitors while the sites tried to foist the password-stealing AZORult malware.

Read more of this story at Slashdot.

Two Men Used Drones to Smuggle Drugs, Cell Phones Into Prison

Slashdot - Your Rights Online - N, 2020-03-15 20:34
"The United States Department of Justice has charged two New Jersey men with using drones to sneak drugs and other contraband into a federal prison..." reports CNN: The two men, Nicolo Denichilo, 38, and Adrian Goolcharran, 35, smuggled items including marijuana, steroids, cell phones, SIM cards, and syringes into the prison in Fort Dix, New Jersey, according to the US Attorney's Office, District of New Jersey. The prison, known as FCI Fort Dix, is a "low security federal correctional institution" that houses more than 3,000 inmates, according to its website... The Fort Dix prison officials also discovered an inmate near the drone drop site in possession of more than 30 cell phones and 50 SIM cards, among other phone equipment, the statement said... [A]uthorities said they obtained evidence of at least seven drone deliveries since July 2018 at the prison.

Read more of this story at Slashdot.

Oracle Criticized For Questioning Google's Supporters In Java API Copyright Case

Slashdot - Your Rights Online - N, 2020-03-15 09:34
America's Supreme Court will soon decide whether Google infringed on a copyright that Oracle says it holds on the APIs of Java. But this week Oracle's executive vice president also wrote a blog post arguing that Google "sought the support of outside groups to bolster its position" by using friend-of-the-court briefs to "create the impression that this case is of great import and controversy, and a ruling in Oracle's favor will impede innovation." "Upon closer inspection, what these briefs reveal is a significantly different picture, one where Google is the outlier, with very little meaningful support outside the purview of its financial fingerprints." As we discussed in a previous post, this case is not about innovation, it is about theft. Google copied verbatim more than 11,000 lines of software code, and now attempts post hoc to change the rules in order to excuse its conduct... As those of us that have watched Google over the past few decades know, Google's view boils down to the self-absorbed position that the work it is doing is of such consequence that the rules shouldn't apply to them. The problem for Google is that very few outside of its self-generated atmosphere agree. Let's be clear, it is not commonplace or foundational in the software industry to steal other developer's software code. Rather, what is commonplace is a confluence of interests where code is licensed to facilitate its widespread deployment, with the owner choosing the terms... Java embraced choice, with three different licensing alternatives, including a freely deployed open source license, and a commercial license designed to maintain interoperability. And it turns out that nobody except Google found it necessary to steal despite Java's enormous popularity. It is not in dispute in this matter that Google destroyed Java interoperability so it is unbelievable that many of its amici take the position that Google needs to prevail in order to protect interoperability... Out of 26 briefs, we found: - 7 briefs representing 13 entities that received "substantial contributions" from Google; - 8 briefs filed by entities or individuals that have financial ties to Google through grants, dues, cy pres settlement proceeds or employment of individual amici; - 2 briefs filed by companies with a clear commercial interest in Google prevailing; - 1 brief filed by several former U.S. government employees all of whom worked for a small government agency run by a former Google executive, despite the U.S. government itself filing a brief in favor of Oracle; - 4 separate briefs representing a total of 7 individuals; - A few other briefs where Google financial ties are likely; - 1 brief submitted by a serial copyright infringer repeatedly sanctioned by the Courts; What masqueraded as a mass show of support for Google, may not be much more than an exercise in transactional interests. The groups Oracle is criticizing include the American Library Association, EFF, and the Python Software Foundation, as well as a brief by 83 computer scientists which included Doug Lea, a former memeber of the executive committee of the Java Community Process. Oracle's blog post also makes the argument that besides Microsoft and IBM, "not a single brief from the other 98 of the Top 100 tech companies was filed." There was a response on Twitter from Joshua Bloch, who worked on the Java platform at Sun before leaving in 2004 to become Google's chief Java architect for the next 8 years. He called Oracle's blog post "nonsense." For example, Doug Lea -- who is in no small measure responsible for Java's success -- accepted one small grant from Google fourteen years ago, and promptly doled it out to deserving undergrads who were testing java.util.concurrent. Have you no shame, Oracle? We are not Google shills. We are scientists and engineers. Some of us laid the theoretical groundwork for the profession, some designed the computers you grew up on, and some wrote the software you use every day. We depend on the right to reimplement each others' APIs, and we are truly afraid that your irresponsible lawsuit may deprive us of that right, which we've enjoyed throughout our long careers.

Read more of this story at Slashdot.

How One Man Lost His Life Savings in a SIM Hack

Slashdot - Your Rights Online - N, 2020-03-15 00:11
Long-time Slashdot reader smooth wombat quotes CNN: Robert Ross was sitting in his San Francisco home office in October 2018 when he noticed the bars on his phone had disappeared and he had no cell coverage. A few hours later, he had lost $1 million⦠"I was at home at my desk and I noticed a notification on my iPhone for a withdrawal request from one of my financial institutions, and I thought, 'That's weird. I didn't make a withdrawal request,'" Ross recalled. "Then I looked back at my phone and I saw that I had no service...." Ross was the victim of a SIM hack, an attack that occurs when hackers take over a victim's phone number by transferring it to a SIM card they control. By taking over his cellphone number, a hacker was able to gain access to his email address and ultimately his life-savings, Ross said in an interview with CNN Business... An arrest was made in Ross' case, and the suspect has pleaded not guilty... He is suing AT&T for what he alleges was a failure by the company to protect his "sensitive and confidential account data" that resulted in "massive violations" of his privacy and "the theft of more than $1 million," according to the lawsuit.

Read more of this story at Slashdot.

Group Builds Massive New Library of Censored Articles Inside Minecraft

Slashdot - Your Rights Online - So, 2020-03-14 21:34
In countries where websites, blogs and a free press are strictly limited, Minecraft "is still accessible by everyone," notes the official official web site for Reporters Without Borders (an international nonprofit defending freedom of information): Reporters Without Borders used this backdoor to build "The Uncensored Library": A library that is now accessible on an open server for Minecraft players around the globe. The library is filled with books, containing articles that were censored in their country of origin. These articles are now available again within Minecraft hidden from government surveillance technology inside a computer game. The books can be read by everyone on the server, but their content cannot be changed. The library is growing, with more and more books being added to overcome censorship. On March 12 — the World Day Against Cyber Censorship — the Uncensored Library will open its doors, giving young people around the world access to independent information, through a medium they can playfully interact with. The campaign runs under the hashtag: #TruthFindsAWay... Additional to banned articles from journalists, visitors of The Uncensored Library can find the Reporters Sans Frontières World Press Freedom Index and reports on the current press freedom situation of 180 countries in the world. They spent three months working with the design studio BlockWorks to assemble 12.5 million blocks into a vast structure with a neoclassical architecture. You can see it in a short film at uncensoredlibrary.com, or access it in Minecraft at visit.uncensoredlibrary.com

Read more of this story at Slashdot.

900 Million Secrets From 8 Years of 'Whisper' App Were Left Exposed Online

Slashdot - Your Rights Online - So, 2020-03-14 18:34
Long-time Slashdot reader AmiMoJo shares a startling report from the Washington Post: Whisper, the secret-sharing app that called itself the "safest place on the Internet," left years of users' most intimate confessions exposed on the Web tied to their age, location and other details, raising alarm among cybersecurity researchers that users could have been unmasked or blackmailed. The data exposure, discovered by independent researchers and shown to The Washington Post, allowed anyone to access all of the location data and other information tied to anonymous "whispers" posted to the popular social app, which has claimed hundreds of millions of users. The records were viewable on a non-password-protected database open to the public Web. A Post reporter was able to freely browse and search through the records, many of which involved children: A search of users who had listed their age as 15 returned 1.3 million results. The cybersecurity consultants Matthew Porter and Dan Ehrlich, who lead the advisory group Twelve Security, said they were able to access nearly 900 million user records from the app's release in 2012 to the present day. The researchers alerted federal law-enforcement officials and the company to the exposure. Shortly after researchers and The Post contacted the company on Monday, access to the data was removed.

Read more of this story at Slashdot.

Should Google Notify Web Sites About Right-to-Be-Forgotten Requests?

Slashdot - Your Rights Online - So, 2020-03-14 17:34
An anonymous reader quotes VentureBeat: Sweden's Data Protection Authority (DPA) has slapped Google with a 75 million kronor ($8 million) fine for "failure to comply" with Europe's General Data Protection Regulation (GDPR) after the internet giant reportedly failed to adequately remove search result links under right-to-be-forgotten requests. In a notable twist, the DPA also demanded that Google refrain from informing website operators their URLs will be de-indexed... Rather than asking website operators to remove a web page, Google — and other search engines — are required to hide the page from European search results. Since the ruling took effect, Google has received millions of de-indexing requests, though it reports that fewer than 45% have been fulfilled... The crux of the Swedish DPA's complaint is that Google did not "properly remove" two search result listings after it was instructed to do so back in 2017. "In one of the cases, Google has done a too narrow interpretation of what web addresses needed to be removed from the search result listing," the DPA wrote in its statement. "In the second case, Google has failed to remove the search result listing without undue delay." But inadequate and tardy removals are only part of the issue, according to Sweden's DPA, which also argues that Google should keep website operators in the dark about removal requests... If Google's latest fine is upheld — the company has three weeks to appeal — it would rank among the seven largest GDPR penalties of all time. Google confirmed to VentureBeat that it does indeed intend to file an appeal. "We disagree with this decision on principle and plan to appeal," the spokesperson said.

Read more of this story at Slashdot.