aggregator

It's Surprisingly Easy To Make Government Records Public on Google Books

Slashdot - Your Rights Online - Cz, 2018-04-12 23:30
From a report on FastCompany: While working on a recent story about hate speech spread by telephone in the '60s and '70s, I came across an interesting book that had been digitized by Google Books. Unfortunately, while it was a transcript of a Congressional hearing, and therefore should be in the public domain and not subject to copyright, it wasn't fully accessible through Google's archive. It's not surprising that Google might be cautious about making documents available, since its book search project resulted in over a decade of controversy over copyrights, with authors and publishers arguing that the search giant was exceeding its rights, and users clamoring to see the full texts of books, especially those that are in public domain. But, as it turns out, Google provides a form where anyone can ask that a book scanned as part of Google Books be reviewed to determine if it's in the public domain. And, despite internet companies sometimes earning a mediocre-at-best reputation for responding to user inquiries about free services, I'm happy to report that Google let me know within a week after filling out the form that the book would now be available for reading and download.

Read more of this story at Slashdot.

Uber's 2016 Breach Affected More Than 20 Million US Users

Slashdot - Your Rights Online - Cz, 2018-04-12 22:50
An anonymous reader quotes a report from Bloomberg: A data breach in 2016 exposed the names, phone numbers and email addresses of more than 20 million people who use Uber's service in the U.S., authorities said on Thursday, as they chastised the ride-hailing company for not revealing the lapse earlier. The Federal Trade Commission said Uber failed to disclose the leak last year as the agency investigated and sanctioned the company for a similar data breach that happened in 2014. "After misleading consumers about its privacy and security practices, Uber compounded its misconduct," said Maureen Ohlhausen, the acting FTC chairman. She announced an expansion of last year's settlement with the company and said the new agreement was "designed to ensure that Uber does not engage in similar misconduct in the future." In the 2016 breach, intruders in a data-storage service run by Amazon.com Inc. obtained unencrypted consumer personal information relating to U.S. riders and drivers, including 25.6 million names and email addresses, 22.1 million names and mobile phone numbers, and 607,000 names and driver's license numbers, the FTC said in a complaint. Under the revised settlement, Uber could be subject to civil penalties if it fails to notify the FTC of future incidents, and it must submit audits of its data security, the agency said.

Read more of this story at Slashdot.

A Wanted Man in China Has Been Caught Because of Facial Recognition Software

Slashdot - Your Rights Online - Cz, 2018-04-12 18:05
An anonymous reader writes: The man was reportedly caught after facial recognition software running on cameras at a concert identified him, reports AbacusNews. That's despite there being over 50,000 people attending the concert, which took place in Nanchang, China. Law enforcement in the country has increasingly been turning to facial recognition software to surveil the public for persons of interest.

Read more of this story at Slashdot.

Reddit Continues To Protect Racist Language In Favor of Free Speech

Slashdot - Your Rights Online - Cz, 2018-04-12 15:00
In a thread about Reddit's 2017 transparency report, a user asked CEO Steve Huffman whether posts containing racism or racial slurs violate Reddit's terms. Huffman revealed that said speech are permissible on the site. "On Reddit, the way in which we think about speech is to separate behavior from beliefs," Huffman clarified. "This means on Reddit there will be people with beliefs different from your own, sometimes extremely so." Digital Trends reports: It's unclear if Huffman's comments are representative of Reddit's company policy, but protection of hate speech can -- and do -- lead to online harassment and cyberbullying. A recent study from Pew revealed that as many as 40 percent of Americans have experienced some form of harassment online. And even if hate speech may still be protected content on Reddit, Huffman was quick to point out that any threat of violence is not tolerated on the site. "When users actions conflict with our own content policies, we take action," he said. This distinction is consistent with Reddit's prior policies for enforcement. "Going forward, we will take action against any content that encourages, glorifies, incites, or calls for violence or physical harm against an individual or a group of people; likewise we will also take action against content that glorifies or encourages the abuse of animals," the updated terms read, noting that "context is key."

Read more of this story at Slashdot.

FDA Approves AI-Powered Software To Detect Diabetic Retinopathy

Slashdot - Your Rights Online - Cz, 2018-04-12 09:00
The U.S. Food and Drug Administration (FDA) has just approved an AI-powered device that can be used by non-specialists to detect diabetic retinopathy in adults with diabetes. Engadget reports: Diabetic retinopathy occurs when the high levels of blood sugar in the bloodstream cause damage to your retina's blood vessels. It's the most common cause of vision loss, according to the FDA. The approval comes for a device called IDx-DR, a software program that uses an AI algorithm to analyze images of the eye that can be taken in a regular doctor's office with a special camera, the Topcon NW400. The photos are then uploaded to a server that runs IDx-DR, which can then tell the doctor if there is a more than mild level of diabetic retinopathy present. If not, it will advise a re-screen in 12 months. The device and software can be used by health care providers who don't normally provide eye care services. The FDA warns that you shouldn't be screened with the device if you have had laser treatment, eye surgery or injections, as well as those with other conditions, like persistent vision loss, blurred vision, floaters, previously diagnosed macular edema and more.

Read more of this story at Slashdot.

Instagram Will Soon Let You Download a Copy of Your Data

Slashdot - Your Rights Online - Cz, 2018-04-12 00:00
An Instagram spokesperson has confirmed to TechCrunch that the site will soon let users download a copy of what they've shared on Instagram, including their photos, videos and messages. The new data portability tool could make it much easier for users to leave Instagram and go to a competing image social network. It will also help the site comply with the upcoming European GDPR privacy law that requires data portability, assuming the feature launches before May 25th. From the report: Instagram has historically made it very difficult to export your data. You can't drag, or tap and hold on images to save them. And you can't download images you've already posted. That's despite Instagram now being almost 8 years old and having over 800 million users. For comparison, Facebook launched its Download Your Information tool in 2010, just six years after launch. We're awaiting more info on whether you'll only be able to download your photos, videos, and messages; or if you'll also be able to export your following and follower lists, Likes, comments, Stories, and the captions you share with posts. It's also unclear whether photos and videos will export in the full fidelity that they're uploaded or displayed in, or whether they'll be compressed. Instagram told me "we'll share more details very soon when we actually launch the tool. But at a high level it allows you to download and export what you have shared on Instagram" so we'll have to wait for more clarity.

Read more of this story at Slashdot.

The US Military Desperately Wants To Weaponize AI

Slashdot - Your Rights Online - Śr, 2018-04-11 21:20
Artificial intelligence is a transformative technology, and US generals already see it as the next big weapon in their arsenal. From a report: War-machine learning: Michael Griffin, Undersecretary of Defense for Research and Engineering, signaled how keen the military is to make use of AI at the Future of War 2018 conference held in Washington, DC, yesterday. Saber rattling: "There might be an artificial intelligence arms race, but we're not yet in it," Griffin said. In reference to China and Russia, he added, "I think our adversaries -- and they are our adversaries -- understand very well the possible future utility of machine learning, and I think it's time we did as well."

Read more of this story at Slashdot.

Mark Zuckerberg Denies Knowledge of Non-Consensual Shadow Profiles Facebook Has Been Building of Non-Users For Years

Slashdot - Your Rights Online - Śr, 2018-04-11 20:00
It has been widely reported that Facebook builds profile of people even if they have never signed up for its services. However, in a hearing with the House Energy & Commerce Committee on Wednesday, when New Mexico Representative Ben Lujan asked Facebook CEO Mark Zuckerberg if he was aware of the so-called practice of building "shadow profiles", Zuckerberg denied knowledge of it. Here's the exchange: Lujan: Facebook has detailed profiles on people who have never signed up for Facebook, yes or no? Zuckerberg: Congressman, in general we collect data on people who have not signed up for Facebook for security purposes to prevent the kind of scraping you were just referring to [reverse searches based on public info like phone numbers]. Lujan: So these are called shadow profiles, is that what they've been referred to by some? Zuckerberg: Congressman, I'm not, I'm not familiar with that. Lujan: I'll refer to them as shadow profiles for today's hearing. On average, how many data points does Facebook have on each Facebook user? Zuckerberg: I do not know off the top of my head. Lujan: Do you know how many points of data Facebook has on the average non-Facebook user? Zuckerberg: Congressman, I do not know off the top of my head but I can have our team get back to you afterward. Lujan: It's been admitted by Facebook that you do collect data points on non-[Facebook users]. My question is, can someone who does not have a Facebook account opt out of Facebook's involuntary data collection? Zuckerberg: Anyone can turn off and opt out of any data collection for ads, whether they use our services or not but in order to prevent people from scraping public information ... we need to know when someone is repeatedly trying to access our services.

Read more of this story at Slashdot.

Steam Spy Announces It's Shutting Down, Blames Valve's New Privacy Settings

Slashdot - Your Rights Online - Śr, 2018-04-11 12:00
Steam Spy, the world's most comprehensive game ownership and play estimator available to the public, announced that it "won't be able to operate anymore" thanks to recent changes to Valve's privacy policy. "Valve just made a change to their privacy settings, making games owned by Steam users hidden by default," the site's operators announced on its official Twitter account. "Steam Spy relied on this information being visible by default." The creator of the website, Sergey Galyonkin, suggested that the site will only remain as an "archive" from here on out. Ars Technica reports: Indeed, Steam's new private-by-default setting is the kind of proactive, data-protective move that sites like Facebook have faced repeated scrutiny about over the past decade. However, as of press time, we could not confirm exactly how these updated settings will work, thanks to the service's "edit privacy settings" page currently appearing blank. (This can be found in the Steam interface by selecting the word "profile" under the menu that appears when mousing over your username.) Valve pointed out that Steam will also receive a long, long, long-awaited "invisible" function for Steam's online-status toggle, which will allow players to actively communicate with Steam friends while hiding from the general public, and that it will also specifically let players hide both game ownership and gameplay time counts from friends. The company explained that Tuesday's changes came "directly from user feedback," which Steam Spy founder Sergey Galyonkin questioned via his site's Twitter feed: "They said it was by users feedback which makes me as a person born in the Soviet Union very suspicious :)" After Epic Games founder Tim Sweeney applauded Valve's privacy-minded policy change, Galyonkin responded with his own opinion on why so much data was open on Steam in the first place: "This was always a compromise between being able to play with other people and privacy," he wrote in response. "It seems they moved towards privacy now."

Read more of this story at Slashdot.

Zuckerberg: Facebook Doesn't Use Your Mic For Ad Targeting

Slashdot - Your Rights Online - Śr, 2018-04-11 09:00
During today's joint hearing before the Senate Judiciary and Commerce Committees, CEO Mark Zuckerberg fully denied the idea that Facebook listens in on your conversations via microphones to display relevant ads. Engadget reports: Senator Gary Peters (D-MI) asked him to answer "yes or no" whether Facebook used audio from personal devices to fill out its ad data, and Zuckerberg said no. The CEO explained that users can upload videos with audio in them, but not the kind of background spying that you've probably heard people talk about. Peters: "I have heard constituents say Facebook is mining audio from their mobile devices for the purpose of ad targeting. This speaks to the lack of trust we are seeing. I understand there are technical and logistical issues for that to happen. For the record, I hear it all the time, does Facebook use audio obtained from mobile devices to enrich personal information about its users?" Zuckerberg: "We do not. Senator, Let me be clear on this. You are talking about the conspiracy theory passed around that we listen to what is going on on your microphone and use that. We do not do that. We do allow people to take videos on their device and share those. Videos also have audio. We do, while you are taking a video, record that and use that to make the service better by making sure that you have audio. That is pretty clear."

Read more of this story at Slashdot.

Facebook Data Collected By Quiz App Included Private Messages

Slashdot - Your Rights Online - Śr, 2018-04-11 03:00
In addition to the public profile data of up to 87 million Facebook users, political data firm Cambridge Analytica also reportedly harvested people's private messages, too (Warning: source may be paywalled; alternative source). The New York Times reports: On Monday, Facebook began informing people whose data may have been compromised by Cambridge Analytica through an app developed by the researcher Aleksandr Kogan. In its notifications, Facebook said that while the information harvested was largely limited to what was on people's public profiles, "a small number of people" also shared information from their Facebook timeline, posts and messages. Facebook did not specify how many people's messages were gathered and said it was taking as broad a view as possible when notifying people that their data may have been taken.

Read more of this story at Slashdot.

Apple Must Pay Patent Troll More Than $500 Million In iMessage Case

Slashdot - Your Rights Online - Śr, 2018-04-11 02:20
A federal court in Texas today has ordered Apple to pay $502.6 million to a patent troll called VirnetX, the latest twist in a dispute now in its eighth year. "VirnetX claimed that Apple's FaceTime, VPN on Demand and iMessage features infringe four patents related to secure communications, claims that Apple denied," reports Bloomberg. From the report: The dispute has bounced between the district court, patent office and Federal Circuit since 2010. There have been multiple trials, most recently one involving earlier versions of the Apple devices. A jury in that case awarded $302 million that a judge later increased to $439.7 million. Kendall Larsen, CEO of VirnetX, said the damages, which were based on sales of more than 400 million Apple devices, were "fair." "The evidence was clear," Larsen said after the verdict was announced. "Tell the truth and you don't have to worry about anything." For VirnetX, the jury verdict in its favor could be a short-lived victory. The Patent Trial and Appeal Board has said the patents are invalid, in cases that are currently before the U.S. Court of Appeals for the Federal Circuit in Washington. The Federal Circuit, which handles all patent appeals, declined to put this trial on hold, saying it was so far along that a verdict would come before a final validity decision.

Read more of this story at Slashdot.

Democratic Senators Propose 'Privacy Bill of Rights' To Prevent Websites From Sharing Or Selling Sensitive Info Without Opt-In Consent

Slashdot - Your Rights Online - Śr, 2018-04-11 00:00
Democratic Senators Edward J. Markey (D-Mass.) and Richard Blumenthal (D-Conn.) today proposed a "privacy bill of rights" that would prevent Facebook and other websites from sharing or selling sensitive information without a customer's opt-in consent. The proposed law would protect customers' web browsing and application usage history, private messages, and any sensitive personal data such as financial and health information. Ars Technica reports: Markey teamed with Sen. Richard Blumenthal (D-Conn.) to propose the Customer Online Notification for Stopping Edge-provider Network Transgressions (CONSENT) Act. You can read the full legislation here. "Edge providers" refers to websites and other online services that distribute content over consumer broadband networks. Facebook and Google are the dominant edge providers when it comes to advertising and the use of customer data to serve targeted ads. No current law requires edge providers to seek customers' permission before using their browsing histories to serve personalized ads. The online advertising industry uses self-regulatory mechanisms in which websites let visitors opt out of personalized advertising based on browsing history, and websites can be punished by the Federal Trade Commission (FTC) if they break their privacy promises. The Markey/Blumenthal bill's stricter opt-in standard would require edge providers to "obtain opt-in consent from a customer to use, share, or sell the sensitive customer proprietary information of the customer." Edge providers would not be allowed to impose "take-it-or-leave-it" offers that require customers to consent in order to use the service. The FTC and state attorneys general would be empowered to enforce the new opt-in requirements. The bill would require edge providers to notify users about all collection, use, and sharing of their information. The bill also requires edge providers "to develop reasonable data security practices" and to notify customers about data breaches that affect them.

Read more of this story at Slashdot.

Twitter Says It Will Comply With Honest Ads Act To Combat Russia Social Media Meddling

Slashdot - Your Rights Online - Wt, 2018-04-10 23:20
An anonymous reader quotes a report from The Verge: Twitter today pledged to support a proposed Senate bill that would require technology platforms that sell advertising space to disclose the source of and amount of money paid for political ads. Called the Honest Ads Act, the bipartisan bill was first introduced back in October by Sen. Amy Klobuchar (D-MN), Sen. Mark Warner (D-VA), and Sen. John McCain (R-AZ). As part of its transparency efforts, Twitter says it's launched a new platform called the Ads Transparency Center, or ATC, that will "go beyond the requirements of the Honest Ads Act and eventually provide increased transparency to all advertisements on Twitter." Twitter says the platform will increase transparency for political and so-called issue ads, which target specific topics like immigration and gun control, by providing even more information on the origin of an ad that is required by the Honest Ads Act. "We have a dedicated team that is fully resourced to implementing the ATC and are committed to launching it this summer," the company states. "Twitter is moving forward on our commitment to providing transparency for online ads. We believe the Honest Ads Act provides an appropriate framework for such ads and look forward to working with bill sponsors and others to continue to refine and advance this important proposal."

Read more of this story at Slashdot.

Facebook Launches Bug Bounty Program To Report Data Thieves

Slashdot - Your Rights Online - Wt, 2018-04-10 18:00
Facebook on Tuesday launched a data abuse bug bounty program, just hours ahead of CEO Mark Zuckerberg's testimony to the Senate judiciary and commerce committees in Washington, DC. The bug bounty program is asking for people to report any apps that abuse data on Facebook, and it offers a reward based on how severe the abuse is. From a report: "While there is no maximum, high impact bug reports have garnered as much as $40,000 for people who bring them to our attention," Collin Greene, Facebook's head of product security, said in a post. The new program comes almost a month after the New York Times and the UK's Observer and Guardian papers revealed that Cambridge Analytica, a voter profiling firm, took advantage of a Facebook app to siphon off personal information on 87 million people. The scandal has fanned the flames of a backlash against Facebook by lawmakers and users.

Read more of this story at Slashdot.

Biometric and App Logins Will Soon Be Pushed Across the Web

Slashdot - Your Rights Online - Wt, 2018-04-10 16:40
Soon, it will be much easier to log into more websites using a hardware key plugged into your laptop, a dedicated app, or even the fingerprint scanner on your phone. Motherboard: On Tuesday, a spread of organizations and businesses, including top browser vendors such as Microsoft and Google, announced a new standards milestone that will streamline the process for web developers to add extra login methods to their sites, potentially keeping consumers' accounts and data more secure. "For users, this will be a natural transition. People everywhere are already using their fingers and faces to 'unlock' their mobile phones and PCs, so this will be natural to them -- and more convenient," Brett McDowell, executive director at the FIDO Alliance, one of the organizations involved in setting up the standard, told Motherboard in an email. "What they use today to 'unlock' will soon allow them to 'login' to all their favorite websites and a growing number of native apps that already includes Bank of America, PayPal, eBay and Aetna," he added. Passwords continue to be one of the weaker points in online security. A hacker may phish a target's password and log into their account, or take passwords from one data breach and use them to break into accounts on another site. The login standard, called Web Authentication (WebAuthn), will let potentially any website or online service use apps, security keys, or biometrics as a login method instead of a password, or use those alternative approaches as a second method of verification. The key here is making it easy and open for developers to use, and for it to work across all different brands of browsers. The functionality is already available in Mozilla's Firefox, and will be rolled out to Microsoft's Edge and Google Chrome in the new few months. Opera has committed to supporting WebAuthn as well.

Read more of this story at Slashdot.

Oregon Becomes Second State To Pass a Net Neutrality Law

Slashdot - Your Rights Online - Wt, 2018-04-10 15:00
An anonymous reader quotes a report from KATU: Oregon Gov. Kate Brown signed a bill Monday withholding state business from internet providers who throttle traffic, making the state the second to finalize a proposal aimed at thwarting moves by federal regulators to relax net neutrality requirements. The bill stops short of actually putting new requirements on internet service providers in the state, but blocks the state from doing business with providers that offer preferential treatment to some internet content or apps, starting in 2019. The move follows a December vote by the Federal Communications Commission repealing Obama-era rules that prohibited such preferential treatment, referred to generally as throttling, by providers like AT&T, Comcast, and Verizon. Brown's signature makes the state the second to enact such legislation, according to the National Conference of State Legislatures. It also stakes out the state's claim to a moderate approach, compared to others: Five weeks to the day before Brown, Washington State Gov. Jay Inslee signed a bill in his state to directly regulate providers there. The prohibition, which restricts with whom the state may contract for internet services, applies to cities and counties, but exempts areas with only a single provider.

Read more of this story at Slashdot.

China Removes Four News Apps From Smartphone Stores To Tighten Control

Slashdot - Your Rights Online - Wt, 2018-04-10 09:00
The mobile apps for four popular news apps in China, including the most popular aggregator, Jinri Toutiao, were removed from a number of Chinese smartphone app stores following reports of a crackdown by the country's media watchdog, local media reported on Monday. From the report: Toutiao, with about 120 million daily active users, was not available on the app stores of smartphone manufacturers Xiaomi and Meizu on Monday afternoon. The apps for Tiantian Kuaibao, Netease News and Ifeng News were also not found on Xiaomi. China's authorities have asked several of the country's smartphone app stores to remove the four apps by 3pm on Monday as part of efforts to "regulate order in the broadcasting environment," according to Chinese news portal Sohu.com. The apps will be removed for between three days to three weeks, with Toutiao being offline for the longest period, according to the Sohu report. [...] China has shut down more than 13,000 websites in the last three years as Beijing sought to tighten its grip on the internet.

Read more of this story at Slashdot.

How Much VR User Data Is Oculus Giving To Facebook?

Slashdot - Your Rights Online - Wt, 2018-04-10 07:00
Facebook owns many other apps and services, including the Oculus virtual-reality platform, which collects incredibly detailed information about where users are looking and how they're moving. Since most of the discussion about how Facebook handles user information is focused on the social network itself, The Verge's Adi Robertson looks into the link between Facebook and Oculus: A VR platform like Oculus offers lots of data points that could be turned into a detailed user profile. Facebook already records a "heatmap" of viewer data for 360-degree videos, for instance, flagging which parts of a video people find most interesting. If it decided to track VR users at a more detailed level, it could do something like track overall movement patterns with hand controllers, then guess whether someone is sick or tired on a particular day. Oculus imagines people using its headsets the way they use phones and computers today, which would let it track all kinds of private communications. The Oculus privacy policy has a blanket clause that lets it share and receive information from Facebook and Facebook-owned services. So far, the company claims that it exercises this option in very limited ways, and none of them involve giving data to Facebook advertisers. "Oculus does not share people's data with Facebook for third-party advertising," a spokesperson tells The Verge. Oculus says there are some types of data it either doesn't share or doesn't retain at all. The platform collects physical information like height to calibrate VR experiences, but apparently, it doesn't share any of it with Facebook. It stores posts that are made on the Oculus forums, but not voice communications between users in VR, although it may retain records of connections between them. The company also offers a few examples of when it would share data with Facebook or vice versa. Most obviously, if you're using a Facebook-created VR app like Spaces, Facebook gets information about what you're doing there, much in the same way that any third-party app developer would. You can optionally link your Facebook account to your Oculus ID, in which case, Oculus will use your Facebook interests to suggest specific apps or games. If you've linked the accounts, any friend you add on Facebook will also become your friend on Oculus, if they're on the platform. Oculus does, however, share data between the two services to fight certain kinds of banned activity. "If we find someone using their account to send spam on one service, we can disable all of their accounts," an Oculus spokesperson says. "Similarly, if there's 'strange activity' on a specific Oculus account, they can share the IP address it's coming from with Facebook," writes Robertson. "The biggest problem is that there's nothing stopping Facebook and Oculus from choosing to share more data in the future."

Read more of this story at Slashdot.

Backpage Founders Charged With Money Laundering, Aiding Prostitution

Slashdot - Your Rights Online - Wt, 2018-04-10 04:30
Federal authorities have charged the two founders of classified site Backpage.com, along with five other employees, with laundering money and facilitating prostitution. According to The Washington Post, the Justice Department claims Backpage took "consistent and concerted action" to knowingly allow ads for illegal sex work. The indictment alleges that "virtually every dollar flowing into Backpage's coffers represents the proceeds of illegal activity." The Verge reports: Law enforcement agencies seized Backpage's servers last week, and co-founder Michael Lacey was charged in a sealed 93-count indictment, which has now been revealed. Lacey, as well as his co-founder James Larkin, were already charged with violating California money laundering laws, although a judge threw out state-level pimping charges. Beyond Lacey and Larkin, the Backpage indictment includes charges against the site's chief financial officer, operations manager, assistant operations manager, and marketing director. It also charges the executive vice president of one of Backpage's parent companies. Backpage CEO Carl Ferrer, who was previously charged with pimping in California, was not charged in this indictment. The Justice Department claims Backpage's owners tried to cover up the fact that most of its "adult services" ads involved prostitution, and that Backpage allowed child sex traffickers to keep ads on the site as long as they deleted age-related keywords. The indictment also claims that Backpage disguised payments for illegal services by having customers funnel money to foreign bank accounts or apparently unrelated companies, or by transferring funds into cryptocurrency. These federal chargers are reportedly unrelated to the Stop Enabling Sex Traffickers Act, a bill that would make website operators liable for illegal content posted to their sites. The bill is currently awaiting Trump's signature.

Read more of this story at Slashdot.