aggregator

CBS Sues Man For Copyright Over Screenshots of 59-year-old TV Show

Slashdot - Your Rights Online - Śr, 2017-11-01 23:20
CBS has sued a photographer for copyright infringement for publishing a still image from a 59-year-old television show. From a report: The lawsuit against New York photojournalist Jon Tannen, filed on Friday, is essentially a retaliatory strike. Tannen sued CBS Interactive in February, claiming that the online division of CBS had used two of his photographs without permission. Now, CBS has sued Tannen back, claiming that he "hypocritically" used CBS' intellectual property "while simultaneously bringing suit against Plaintiff's sister company, CBS Interactive Inc., claiming it had violated his own copyright." "Without any license or authorization from Plaintiff, Defendant has copied and published via social media platforms images copied from the Dooley Surrenders episode of GUNSMOKE," write CBS lawyers. CBS is asking for $150,000 in damages for willful infringement.

Read more of this story at Slashdot.

Facebook, Twitter and Google Berated by Senators on Russia

Slashdot - Your Rights Online - Śr, 2017-11-01 21:20
From a BBC report: Russian operatives, likely working from St Petersburg, provoked angry Americans to take to the streets, a US Senate committee heard on Wednesday. The May 2016 protest, arranged by a group named Heart of Texas, was one example of Kremlin-backed efforts to destabilise the American electoral process. Lawyers for three technology companies -- Facebook, Twitter and Google -- were told they were grossly underestimating the scale of the problem. "You just don't get it," said California Senator Dianne Feinstein. "What we're talking about is a cataclysmic change. What we're talking about is the beginning of cyber-warfare." She added: "We are not going to go away, gentlemen. This is a very big deal." [...] Several senators suggested that more hearings and consultation would be needed, expressing their frustration that the companies were not being represented by higher-ranking executives. "I'm disappointed that you're here, and not your CEOs," said independent senator Angus King. From a FastCompany report: Senator Mark Warner (D-VA) had one specific and simple question for Facebook's Colin Stretch. He wanted to know about 30,000 fake accounts Facebook discovered earlier this year that were trying to influence the French election. At the time, Facebook bragged that it was able to discover these accounts and swiftly took them down. Warner wanted to know if Facebook, after discovering these accounts, cross-checked to see if these same accounts also tried to tamper with the U.S. election. "Your leadership bragged about how proactively you were in the French election process," said Warner, "Did you check those accounts [with the U.S. election]?" Stretch couldn't give a straight answer. "The system that ran to take down those accounts -- which were fake accounts of all type and any purpose -- is now active worldwide," he said. Warner wasn't amused. "Just answer my question," he said. "Have you reviewed the accounts you took down in France that were Russian-related to see if they played any role in the American election?" Once again, Facebook couldn't answer.

Read more of this story at Slashdot.

Estonia Is Enhancing the Security of Its Digital Identities

Slashdot - Your Rights Online - Śr, 2017-11-01 16:40
Estonia is upgrading the security of ID cards and digital IDs used by citizens, residents and e-residents. A new certificates update has been developed based on advanced elliptic-curve cryptography, which is more secure and faster than the SSL certificates previously used. From a report: This certificate update will protect users from a potential security vulnerability that the Estonian government announced last month had been identified by a group of security researchers. It has now been confirmed that the vulnerability is contained in software that had previously been installed on the embedded chip used in ID cards around the world, including those issued by Estonia between 16 October 2014 and 25 October 2017. Although the problem is international, minimising the risk and developing a solution has been a top priority for Estonia since the government was informed. However, there has still been no reported incidents of any Estonian digital ID or ID card being misused in the way described by the researchers. Considerable resources and expertise would be required for this so the risk for most people affected has always been low.

Read more of this story at Slashdot.

Russia's Anti-VPN Law Goes Into Effect

Slashdot - Your Rights Online - Śr, 2017-11-01 15:00
An anonymous reader quotes a report from The Register: A Russian law that bans the use or provision of virtual private networks (VPNs) will come into effect Wednesday. The legislation will require ISPs to block websites that offer VPNs and similar proxy services that are used by millions of Russians to circumvent state-imposed internet censorship. It was signed by President Vladimir Putin on July 29 and was justified as a necessary measure to prevent the spread of extremism online. Its real impact, however, will be to make it much harder for ordinary Russians to access websites ISPs are instructed to block connections to by Russian regulator Roskomnadzor, aka the Federal Service for Supervision of Communications, Information Technology and Mass Media. The law is just one part of a concerted effort by the Russian government to restrict access to information online. While Russia does not appear to be going the same route as China -- which has a country wide, constantly maintained censorship apparatus, known as the Great Firewall of China -- it is clearly following its lead. At the same time as Putin signed the VPN legislation, he signed another that will come into effect in January. That law, like a similar one passed by the Chinese government earlier this year, will require operators of messaging services to verify their users' identities through phone numbers. And it will require operators to introduce systems to cut off any users that are deemed by the Russian government to be spreading illegal content.

Read more of this story at Slashdot.

Verizon Wants To Ban States From Protecting Your Privacy

Slashdot - Your Rights Online - Śr, 2017-11-01 01:20
DSLReports that Verizon sent a letter and white paper last week to the FCC, insisting that "the FCC has ample authority to pre-empt state efforts to protect consumer privacy, and should act to prevent states from doing so." Verizon's letter reads in part: "Allowing every State and locality to chart its own course for regulating broadband is a recipe for disaster. It would impose localized and likely inconsistent burdens on an inherently interstate service, would drive up costs, and would frustrate federal efforts to encourage investment and deployment by restoring the free market that long characterized Internet access service." From the report: But there's several things Verizon is ignoring here. One being that the only reason states are trying to pass privacy laws is because Verizon lobbyists convinced former Verizon lawyer and FCC boss Ajit Pai that it was a good idea to kill the FCC's relatively modest rules. It's also worth noting that ISPs like Verizon (and the lawmakers paid to love them) have cried about protecting "states rights" when states try to pass protectionist laws hamstringing competitors, but in this case appears eager to trample those same state rights should states actually try and protect consumers. Verizon makes it abundantly clear it's also worried that when the FCC votes to kill net neutrality rules later this year, states will similarly try to pass their own rules protecting consumers, something Verizon clearly doesn't want. "States and localities have given strong indications that they are prepared to take a similar approach to net neutrality laws if they are dissatisfied with the result of the Restoring Internet Freedom proceeding," complains Verizon, again ignoring that its lawsuits are the reason that's happening.

Read more of this story at Slashdot.

Vendor Tracks LinkedIn Profile Changes To Alert Client Employers

Slashdot - Your Rights Online - Wt, 2017-10-31 23:20
dcblogs shares a report from TechTarget: IT managers have long had the ability and right to monitor employee behavior on internal networks. Now, HR managers are getting similar capabilities thanks to cloud-based services -- but for tracking employee activity outside of their employer's network. A controversy and court fight is swelling over its potential impact on employee privacy. A San Francisco-based startup, hiQ Labs Inc., offers products based on its analysis of publicly available LinkedIn data. One is Keeper, which identifies employees at risk of being recruited away, and another is Skill Mapper, which analyzes employee skills. The profile data is collected by software bots. The clients of hiQ's service may learn whether a LinkedIn member is a flight risk thanks to an individual risk score: high (red), medium (yellow) or low (green), according to court papers. LinkedIn is in court fighting this, but so far it's losing. A federal judge recently took exception to the use of the CFAA in this case "to punish hiQ for accessing publicly available data." The judge warned such an interpretation "could profoundly impact open access to the internet."

Read more of this story at Slashdot.

New VibWrite System Uses Finger Vibrations To Authenticate Users

Slashdot - Your Rights Online - Wt, 2017-10-31 22:40
An anonymous reader quotes a report from Bleeping Computer: Rutgers engineers have created a new authentication system called VibWrite. The system relies on placing an inexpensive vibration motor and receiver on a solid surface, such as wood, metal, plastic, glass, etc.. The motor sends vibrations to the receiver. When the user touches the surface with one of his fingers, the vibration waves are modified to create a unique signature per user and per finger. Rutgers researchers say that VibWrite is more secure when users are asked to draw a pattern or enter a code on a PIN pad drawn on the solid surface. This also generates a unique fingerprint, but far more complex than just touching the surface with one finger. During two tests, VibWrite verified users with a 95% accuracy and a 3% false positive rate. The only problem researchers encountered in the live trials was that some users had to draw the pattern or enter the PIN number several times before they passed the VibWrite authentication test. Besides improvements to the accuracy with which VibWrite can detect finger vibrations, researchers also plan to look into how VibWrite will behave in outdoor environments to account for varying temperatures, humidity, winds, wetness, dust, dirt, and other conditions. This new novel user authentication system is described in full in a research paper entitled "VibWrite: Towards Finger-input Authentication on Ubiquitous Surfaces via Physical Vibration."

Read more of this story at Slashdot.

Three Women Suing Microsoft for Bias Want To Add 8,630 Peers

Slashdot - Your Rights Online - Wt, 2017-10-31 18:42
A reader shares a report: A lawsuit accusing Microsoft of discriminating against women in technical and engineering roles is poised to grow a lot bigger if it wins class-action status. With the technology sector awash in challenges to white male dominance, the three women spearheading the case against Microsoft told a Seattle federal judge they want to represent about 8,630 peers who have worked for the company since 2012. The women said their expert consultants have determined that discrimination at the Redmond, Washington-based company cost female employees more than 500 promotions and $100 million to $238 million in pay, according to Oct. 27 court filings. They also accused the software maker of maintaining "an abusive, toxic 'boy's club' atmosphere, where women are ignored, abused, or degraded." Microsoft said it strongly disagrees with the allegations, saying the filings "mischaracterize data and other information."

Read more of this story at Slashdot.

Apple Is Designing iPhones, iPads That Would Drop Qualcomm Components

Slashdot - Your Rights Online - Wt, 2017-10-31 15:00
An anonymous reader quotes a report from The Wall Street Journal (Warning: source may be paywalled; alternative source): Apple, locked in an intensifying legal fight with Qualcomm, is designing iPhones and iPads for next year that would jettison the chipmaker's components, according to people familiar with the matter. Apple is considering building the devices only with modem chips from Intel and possibly MediaTek because San Diego, Calif.-based Qualcomm has withheld software critical to testing its chips in iPhone and iPad prototypes, according to one of the people. Apple's planned move for next year involve the modem chips that handle communications between wireless devices and cellular networks. Qualcomm is by far the biggest supplier of such chips for the current wireless standard. The Apple plans indicate the battle with Qualcomm could spill beyond the courtroom feud over patents into another important Qualcomm business where it has the potential to send ripples through the smartphone supply chain.

Read more of this story at Slashdot.

Facebook Says 126 Million Americans May Have Seen Russia-Linked Political Posts

Slashdot - Your Rights Online - Wt, 2017-10-31 02:50
Facebook said on Monday that Russia-based operatives published about 80,000 posts on the social network over a two-year period in an effort to sway U.S. politics and that about 126 million Americans may have seen the posts during that time. Reuters reports: Facebook's latest data on the Russia-linked posts - possibly reaching around half of the U.S. population of voting age - far exceeds the company's previous disclosures. It was included in written testimony provided to U.S. lawmakers, and seen by Reuters, ahead of key hearings with social media and technology companies about Russian meddling in elections on Capitol Hill this week. Twitter separately has found 2,752 accounts linked to Russian operatives, a source familiar with the company's written testimony said. That estimate is up from a tally of 201 accounts that Twitter reported in September. Google, owned by Alphabet, said in a statement on Monday it had found $4,700 in Russia-linked ad spending during the 2016 U.S. election cycle, and that it would build a database of election ads. Facebook's general counsel, Colin Stretch, said in the written testimony that the 80,000 posts from Russia's Internet Research Agency were a tiny fraction of content on Facebook, equal to one out of 23,000 posts.

Read more of this story at Slashdot.

Calgary Police Cellphone Surveillance Device Must Remain Top Secret, Judge Rules

Slashdot - Your Rights Online - Wt, 2017-10-31 02:10
Freshly Exhumed writes from a report via CBC.ca: To protect police investigative techniques that may or may not have been used in a Calgary Police Service investigation, their controversial cellphone surveillance device will remain so secretive not even the make and model can be released to the public, according to a court ruling released Monday. The MDI (Mobile Device Identifier) technology -- colloquially called a StingRay after Harris Corporation's IMSI device, which mimics cell towers and intercepts data from nearby phones -- is controversial in part because in at least one Canadian case, prosecutors have taken watered down plea deals rather than disclose information related to the device.

Read more of this story at Slashdot.

A Surge of Sites and Apps Are Exhausting Your CPU To Mine Cryptocurrency

Slashdot - Your Rights Online - Wt, 2017-10-31 01:30
Dan Goodin, writing for ArsTechnica: The Internet is awash with covert crypto currency miners that bog down computers and even smartphones with computationally intensive math problems called by hacked or ethically questionable sites. The latest examples came on Monday with the revelation from antivirus provider Trend Micro that at least two Android apps with as many as 50,000 downloads from Google Play were recently caught putting crypto miners inside a hidden browser window. The miners caused phones running the apps to run JavaScript hosted on Coinhive.com, a site that harnesses the CPUs of millions of PCs to mine the Monero crypto currency. In turn, Coinhive gives participating sites a tiny cut of the relatively small proceeds. Google has since removed the apps, which were known as Recitiamo Santo Rosario Free and SafetyNet Wireless App. Last week, researchers from security firm Sucuri warned that at least 500 websites running the WordPress content management system alone had been hacked to run the Coinhive mining scripts. Sucuri said other Web platforms -- including Magento, Joomla, and Drupal -- are also being hacked in large numbers to run the Coinhive programming interface.

Read more of this story at Slashdot.

BlackBerry CEO Promises To Try To Break Customers' Encryption If the US Government Asks Him To

Slashdot - Your Rights Online - Wt, 2017-10-31 00:10
An anonymous reader writes from a report via Techdirt that claims the company has "chosen to proclaim its willingness to hack into its own customers' devices if the government asks." From the report: From a Forbes article: "[CEO John] Chen, speaking at a press Q&A during the BlackBerry Security Summit in London on Tuesday, claimed that it wasn't so simple for BlackBerry to crack its own protections. 'Only when the government gives us a court order we will start tracking it. Then the question is: how good is the encryption? 'Today's encryption has got to the point where it's rather difficult, even for ourselves, to break it, to break our own encryption... it's not an easily breakable thing. We will only attempt to do that if we have the right court order. The fact that we will honor the court order doesn't imply we could actually get it done.'" Oddly, this came coupled with Chen's assertions its user protections were better than Apple's and its version of the Android operating system more secure than the one offered by competitors. This proactive hacking offer may be pointed to in the future by DOJ and FBI officials as evidence Apple, et al aren't doing nearly enough to cooperate with U.S. law enforcement. Of course, Chen's willingness to try doesn't guarantee the company will be able to decrypt communications of certain users. Blackberry may be opening up to law enforcement but it won't be sharing anything more with its remaining users. From the Forbes article: "Chen also said there were no plans for a transparency report that would reveal more about the company's work with government. 'No one has really asked us for it. We don't really have a policy on whether we will do it or not. Just like every major technology company that deals with telecoms, we obviously have quite a number of requests around the world.'"

Read more of this story at Slashdot.

Indiana Is Purging Voters Using Software That's 99 Percent Inaccurate, Lawsuit Alleges

Slashdot - Your Rights Online - Pn, 2017-10-30 22:12
An anonymous reader quotes a report from The Daily Beast: More than 99 percent of voter fraud identified by a GOP-backed program is false, a study by Harvard, Yale, and Microsoft researchers found. Now Indiana is using the faulty program to de-register voters without warning. In July, Indiana rolled out a new law allowing county officials to purge voter registrations on the spot, based on information from a dubious database aimed at preventing voter fraud. That database, the Interstate Voter Registration Crosscheck Program, identifies people in different states who share the same name and birthdate. Crosscheck has long been criticized as using vague criteria that disproportionately target people of color. Now Indiana voters who share a name and birthdate with another American can have their registrations removed without warning -- a system ripe for abuse, a new lawsuit claims. Crosscheck's premise is simple. The program aims to crack down on people "double voting" in multiple states, by listing people who share a first name, last name, and birthdate. Indiana has used Crosscheck for years. But until July, the state had a series of checks on the program. If Crosscheck found that an Indiana resident's name and birthdate matched that of a person in another state, Indiana law used to require officials to ask that person to confirm their address, or wait until that person went two general election cycles without voting, before the person's name was purged from Indiana voter rolls. Under the state's new law, officials can scrub a voter from the rolls immediately. That's a problem for Indiana residents, particularly people of color, a Friday lawsuit from Common Cause and the American Civil Liberties Union argues.

Read more of this story at Slashdot.

How Kodi Took Over Piracy

Slashdot - Your Rights Online - Pn, 2017-10-30 21:31
A reader shares a report: For years, piracy persisted mainly in the realm of torrents, with sites like The Pirate Bay and Demonoid connecting internet denizens to premium content gratis. But a confluence of factors have sent torrent usage plummeting from 23 percent of all North American daily internet traffic in 2011 to under 5 percent last year. Legal crackdowns shuttered prominent torrent sites. Paid alternatives like Netflix and Hulu made it easier just to pay up. And then there were the "fully loaded" Kodi boxes -- otherwise vanilla streaming devices that come with, or make easily accessible, so-called addons that seek out unlicensed content -- that deliver pirated movies and TV shows with push-button ease. "Kodi and the plugin system and the people who made these plugins have just dumbed down the process," says Dan Deeth, spokesperson for network-equipment company Sandvine. "It's easy for anyone to use. It's kind of set it and forget it. Like the Ron Popeil turkey roaster." Kodi itself is just a media player; the majority of addons aren't piracy focused, and lots of Kodi devices without illicit software plug-ins are utterly uncontroversial. Still, that Kodi has swallowed piracy may not surprise some of you; a full six percent of North American households have a Kodi device configured to access unlicensed content, according to a recent Sandvine study. But the story of how a popular, open-source media player called XBMC became a pirate's paradise might. And with a legal crackdown looming, the Kodi ecosystem's present may matter less than its uncertain future.

Read more of this story at Slashdot.