aggregator

White House Reportedly Orders Hospitals To Bypass CDC During COVID-19 Data Collection

Slashdot - Your Rights Online - Śr, 2020-07-15 03:30
The Trump administration is now ordering hospitals to send coronavirus patient data to a database in Washington, DC as part of a new initiative that may bypass the Centers for Disease Control and Prevention (CDC), according to a report from The New York Times published on Tuesday. The Verge reports: As outlined in a document (PDF) posted to the website of the Department of Health and Human Services (HHS), hospitals are being ordered to send data directly to the administration, effective tomorrow, a move that has alarmed some within the CDC, according to The Times. The database that will collect and store the information is referred to in the document as HHS Protect, which was built in part by data mining and predictive analytics firm Palantir. The Silicon Valley company is known most for its controversial contract work with the US military and other clandestine government agencies as well as for being co-founded and initially funded by Trump ally Peter Thiel. "A unique link will be sent to the hospital points of contact. This will direct the [point of care] to a hospital-specific secure form that can then be used to enter the necessary information. After completing the fields, click submit and confirm that the form has been successfully captured," reads the HHS instructions. "A confirmation email will be sent to you from the HHS Protect System. This method replaces the emailing of individual spreadsheets previously requested." While the White House's official reasoning is that this plan will help make data collection on the spread of COVID-19 more centralized and efficient, some current and former public health officials fear the bypassing of the CDC may be an effort to politicize the findings and cut experts out of the loop with regard to federal messaging and guidelines, The Times reports.

Read more of this story at Slashdot.

German Court Bans Tesla Ad Statements Related To Autonomous Driving

Slashdot - Your Rights Online - Śr, 2020-07-15 00:10
An anonymous reader quotes a report from Reuters: Germany has banned Tesla from repeating what a court says are misleading advertising statements relating to the capabilities of the firm's driver assistance systems and to autonomous driving, a Munich judge ruled on Tuesday. Tesla can appeal the ruling. The case was brought by Germany's Wettbewerbszentrale, an industry sponsored body tasked with policing anti-competitive practices. The Munich court agreed with the industry body's assessment and banned Tesla Germany from including "full potential for autonomous driving" and "Autopilot inclusive" in its German advertising materials. It said such claims amounted to misleading business practices, adding that the average buyer might be given the impression that the car could drive without human intervention and might suggest such a system was now legal on German roads.

Read more of this story at Slashdot.

California Investigating Google For Potential Antitrust Violations

Slashdot - Your Rights Online - Wt, 2020-07-14 03:25
California has opened its own antitrust probe into Google, leaving just one state that has yet to do so. "In September, attorneys general from 48 states, Puerto Rico and the District of Columbia announced an antitrust investigation into Google focused on the company's dominance of the advertising technology market," reports Politico. "Over the past 10 months, that investigation -- led by Texas -- has expanded into other aspects of the company's business, including its conduct in the search market." From the report: California -- which houses Google's headquarters in Mountain View -- was the most notable holdout in the multi-state group, and Democratic Attorney General Xavier Becerra has repeatedly declined to answer questions about why the state wasn't a participant. The California antitrust probe is a separate investigation from the multi-state effort, two of the individuals said. All of the individuals spoke on condition of anonymity to talk openly about a confidential probe. Alabama is now the only state that is not investigating the company. It was not immediately clear what aspect of Google's business California is targeting. Google has previously been in California's crosshairs over antitrust concerns. In the early 2010s, California was among five states that investigated Google alongside the Federal Trade Commission over allegations the tech giant biased its search results to favor its own products. The FTC opted against filing an antitrust suit and closed its probe in January 2013. California and the other states, which included Texas, New York, Oklahoma and Ohio, later closed their probes in 2014. California has its own antitrust laws, the Cartwright Act and the Unfair Competition Act, that are sometimes interpreted more broadly than the U.S. federal antitrust law. Unlike federal antitrust law, California's laws do allow government enforcers to seek restitution or civil penalties for violations.

Read more of this story at Slashdot.

US Threatens To Restrict WeChat Following TikTok Backlash

Slashdot - Your Rights Online - Wt, 2020-07-14 02:45
Amid intense scrutiny over TikTok as a potential national security risk in the U.S., WeChat, the essential tool for Chinese people's day-to-day life, is also taking heat from Washington. TechCrunch reports: White House trade advisor Peter Navarro told Fox Business on Sunday that "[TikTok] and WeChat are the biggest forms of censorship on the Chinese mainland, and so expect strong action on that." Navarro alleged that "all of the data that goes into those mobile apps that kids have so much fun with and seem so convenient, it goes right to servers in China, right to the Chinese military, the Chinese communist party, and the agencies which want to steal our intellectual property." It's unclear how the U.S. restriction will play out, if it will at all, though some WeChat users are already speculating workarounds to stay in touch with their family and friends back home. In the case that the Tencent-owned messenger is removed by Apple App Store or Google Play, U.S.-based users could switch to another regional store to download the app. If it were an IP address ban, they could potentially access the app through virtual private networks (VPNs), tools that are familiar to many in China to access online services blocked by Beijing's Great Firewall.

Read more of this story at Slashdot.

iPhone User Sues Microsoft's LinkedIn For Spying Through Apple's 'Clipboard'

Slashdot - Your Rights Online - N, 2020-07-12 18:34
"Microsoft's LinkedIn was sued by a New York-based iPhone user on Friday for allegedly reading and diverting users' sensitive content from Apple Inc's Universal Clipboard application," reports Reuters. According to Apple's website, Universal Clipboard allows users to copy text, images, photos, and videos on one Apple device and then paste the content onto another Apple device. According to the lawsuit filed in San Francisco federal court by Adam Bauer, LinkedIn reads the Clipboard information without notifying the user. LinkedIn did not immediately respond to Reuters request for comment. According to media reports from last week, 53 apps including TikTok and LinkedIn were reported to be reading users' Universal Clipboard content, after Apple's latest privacy feature started alerting users whenever the clipboard was accessed with a banner saying "pasted from Messages..." A LinkedIn executive had said on Twitter last week that the company released a new version of its app to end this practice... According to the complaint, LinkedIn has not only been spying on its users, it has been spying on their nearby computers and other devices, and it has been circumventing Apple's Universal Clipboard timeout.

Read more of this story at Slashdot.

Wells Fargo Tells Employees: Delete TikTok from Company Phones

Slashdot - Your Rights Online - N, 2020-07-12 15:34
An anonymous reader quotes Engadget: Wells Fargo does not want TikTok on its employees' phones. According to The Information, the financial institution sent its employees a note, telling them to remove the app from corporate devices immediately... A Wells Fargo spokesperson confirmed the company's move to The Information, explaining that it came to the decision due to concerns about TikTok's privacy practices: "We have identified a small number of Wells Fargo employees with corporate-owned devices who had installed the TikTok application on their device. Due to concerns about TikTok's privacy and security controls and practices, and because corporate-owned devices should be used for company business only, we have directed those employees to remove the app from their devices."

Read more of this story at Slashdot.

Why Did a Tech Executive Install 1,000 Security Cameras Around San Francisco?

Slashdot - Your Rights Online - N, 2020-07-12 01:34
The New York Times explains why Chris Larsen installed over a thousand surveillance cameras around San Francisco to monitor 135 city blocks: It sounds sinister. A soft-spoken cryptocurrency mogul is paying for a private network of high-definition security cameras around the city. Zoom in and you can see the finest details: the sticker on a cellphone, the make of a backpack, the color of someone's eyes... While violent crime is not high in the city, property crime is a constant headache. Anyone who lives here knows you shouldn't leave anything — not a pile of change, not a scarf — in a parked car... locals are tired of the break-ins. So how do they reconcile "defund the police" with "stop the smash and grabs"? Mr. Larsen believes he has the answer: Put security cameras in the hands of neighborhood groups. Put them everywhere. He's happy to pay for it.... Here is what he is doing: Writing checks for nearly $4 million to buy cameras that record high-definition video of the streets and paying to have them maintained by a company called Applied Video Solutions. The rest is up to locals in neighborhood coalitions like Community Benefit Districts, nonprofits formed to provide services to the area. Here is how the project works: Neighbors band together and decide where to put the cameras. They are installed on private property at the discretion of the property owner, and in San Francisco many home and business owners want them. The footage is monitored by the neighborhood coalition. The cameras are always recording... As proponents of Mr. Larsen's network see things, they get the safety of a surveillance state without the state... It is arguably more compelling evidence in court because the video is monitored by a third-party intermediary who can testify that it is a continuous feed. It is time stamped. And because the network covers many blocks, the footage can tell a broader story than a single camera about an event that might be moving from block to block, in the case of, for example, a fight.... "This has underscored the importance of not just cameras but of communitywide camera coverage," Mr. Larsen said. "Body cams show some pretty core weaknesses because we don't have universal access to police body cam footage, and there's a fundamental conflict of interest if the video shows something bad for the department." The answer is more cameras, he said, and then keep that footage in the hands of citizens. He argued that trust will come in the form of full city camera coverage, so police can play a smaller, more subtle role. Individual vigilantism will not work, he argued, but strong neighborhoods with continuous video feeds on every corner will. "That's the winning formula," Mr. Larsen said. "Pure coverage." The locally-stored footage is erased after 30 days. Thought it's not covered by the city's newly-enacted ban on facial recognition software, Larsen says "We're strongly opposed to facial recognition technology. Facial recognition is too powerful given the lack of laws and protections to make it acceptable."

Read more of this story at Slashdot.

TikTok Pulls Out of Hong Kong

Slashdot - Your Rights Online - So, 2020-07-11 23:34
AmiMoJo quotes TechCrunch: TikTok announced that it would pull out of Hong Kong, which is facing an unprecedented wave of control from the Beijing government after the promulgation of the national security law. "In light of recent events, we've decided to stop operations of the TikTok app in Hong Kong," said a TikTok spokesperson. The company declined further comment on the decision... ByteDance, founded by Chinese serial entrepreneur Zhang Yiming, has been working to disassociate TikTok from its Chinese ownership and Beijing censorship. Efforts have ranged from keeping an overseas data center for TikTok that's supposedly out of reach by the Chinese authority, giving outside experts a glimpse into its moderation process, through to hiringDisney's Kevin Mayer as the app's new global face.

Read more of this story at Slashdot.

'Guilty' Verdict for Russian Who Stole 117M Dropbox and LinkedIn Login Codes in 2012

Slashdot - Your Rights Online - So, 2020-07-11 20:34
In 2012 "Russian hacker" Yevgeniy Nikulin breached the internal networks of LinkedIn, Dropbox, and Formspring, and then sold their user databases on the black market, reports ZDNet. (He stole 117 million login codes, according to Bloomberg.) Nikulin was arrested in 2016 (while on vacation in the Czech Republic), and after an extradition battle spent years in U.S. prisons while awaiting his trial, which Bloomberg calls "an ongoing constitutional violation that deeply distressed U.S. District Judge William Alsup." Yesterday a jury finally found Nikulin guilty: It was the first trial in Northern California since the coronavirus pandemic shut Bay Area courtrooms in mid-March... The trial started in early March but was interrupted by the coronavirus pandemic and a shelter-in-place order for the Bay Area on March 16, when almost all in-person court hearings were postponed nationwide... Forced by circumstances to twice delay the trial, Alsup stood firm on a July 7 start. The judge, Nikulin and lawyers wore masks. Witnesses testified from behind a glass panel... Nikulin is scheduled to be sentenced Sept. 29. The Justice Department said he faces as long as 10 years in prison for each count of selling stolen usernames and passwords, installing malware on protected computers and as many as five years for each count of conspiracy and computer hacking. He also faces a mandatory two year sentence for identity theft, according to prosecutors.

Read more of this story at Slashdot.

DuckDuckGo Restored in India, Responds to Favicon Concerns

Slashdot - Your Rights Online - So, 2020-07-11 16:34
DuckDuckGo made the news twice this week. First its service was reinstated across India last Saturday, after being unreachable for nearly three days, for reasons which remain unclear. "We have contacted the Indian government but have not yet received a response," a DuckDuckGo spokesperson told The Verge. "We are bewildered on why the Indian government would instruct Indian ISPs to block DuckDuckGo, but are optimistic that this will be resolved soon." But at roughly the same time the search engine faced another controversy about how DuckDuckGo fetches favicons, according to one cybersecurity blog: First submitted as an issue in July 2019, GitHub user Tritonio flagged the offending script, saying: "This seems to be leaking all(?) the domains that users visit to your servers." The script in the Android version of the DuckDuckGo application showed that favicon fetching was routed through DuckDuckGo systems, rather than made via direct website requests. Daniel "tagawa" Davis, communications manager at DuckDuckGo, said at the time that the "internal" favicon service was used to simplify the favicon location process, but as the service is rooted in DuckDuckGo's existing systems, the script adhered to the company's privacy policy which pledges not to collect or store any personal user information. The case was then closed. However, when the issue became public on the GitHub tracker this week, this assurance was not enough for everyone. Some users requested that the case be re-examined, citing potential information leaks caused by the script choice, considered by some as an inherent 'design' flaw or human error. In response to the discussion concerning the favicon telemetry, founder and CEO Gabriel Weinberg said he was "happy to commit us to move to doing this locally in the browser" and will address it as a matter of priority. He added that as DuckDuckGo's services are encrypted and "throw away PII [personally identifiable information] like IP addresses by design", no information was collected, stored, or leaked. The company's slogan is "Privacy Simplified". It is this concept, Weinberg told The Daily Swig, that led to the rapid decision in changing how favicons are managed. Weinberg acknowledged that there is an ongoing security debate concerning which option for fetching favicons is more secure, and arguments can be made for each choice — but added they both offer "basically a similar amount" of privacy... You can ask a browser to connect to a website and fetch the favicon — potentially making multiple requests in the process — or you can use the firm's encrypted service... "It's a known anonymous service," Weinberg told us. "You're already connected to DuckDuckGo because you're using the app. It's not that it is leaking any more information, because you conduct a search with us which has the favicons anyway." DuckDuckGo's service is also faster and uses less bandwidth as the service is running server-side and favicons are cached, Weinberg says.

Read more of this story at Slashdot.

US Secret Service Creates New Cyber Fraud Task Force

Slashdot - Your Rights Online - So, 2020-07-11 12:00
The U.S. Secret Service announced the creation of the Cyber Fraud Task Force (CFTF) after the merger of its Financial Crimes Task Forces (FCTFs) and Electronic Crimes Task Forces (ECTFs) into a single unified network. Bleeping Computer reports: CFTF's main goal is to investigate and defend American individuals and businesses from a wide range of cyber-enabled financial crimes, from business email compromise (BEC) scams and ransomware attacks to data breaches and the illegal sale of stolen personal information and credit cards on the Internet and the dark web. Consolidating the two task forces into CFTF will allow the Secret Service to boost its agents' ability to prevent, detect, and mitigate financially-motivated cybercrime by improving coordination, sharing of resources and expertise, and best practices dissemination. "The creation of the new Cyber Fraud Task Force (CFTF), will offer a specialized cadre of agents and analysts, trained in the latest analytical techniques and equipped with the most cutting-edge technologies," said Michael D'Ambrosio, U.S. Secret Service Assistant Director. At the moment, the Secret Service has already operationalized CFTFs in 42 domestic offices and in 2 international locations (London and Rome). The Department of Homeland Security federal law enforcement agency also plans to increase the number of CFTF locations through its network of more than 160 offices across the U.S. and around the globe.

Read more of this story at Slashdot.

Police Surveilled Protests With Help From Twitter-Affiliated Startup Dataminr

Slashdot - Your Rights Online - So, 2020-07-11 05:30
An anonymous reader quotes a report from The Intercept: Leveraging close ties to Twitter, controversial artificial intelligence startup Dataminr helped law enforcement digitally monitor the protests that swept the country following the killing of George Floyd, tipping off police to social media posts with the latest whereabouts and actions of demonstrators, according to documents reviewed by The Intercept and a source with direct knowledge of the matter. The monitoring seems at odds with claims from both Twitter and Dataminr that neither company would engage in or facilitate domestic surveillance following a string of 2016 controversies. Twitter, up until recently a longtime investor in Dataminr alongside the CIA, provides the company with full access to a content stream known as the "firehose" -- a rare privilege among tech firms and one that lets Dataminr, recently valued at over $1.8 billion, scan every public tweet as soon as its author hits send. Both companies denied that the protest monitoring meets the definition of surveillance. Dataminr's Black Lives Matter protest surveillance included persistent monitoring of social media to tip off police to the locations and activities of protests, developments within specific rallies, as well as instances of alleged "looting" and other property damage. According to the source with direct knowledge of Dataminr's protest monitoring, the company and Twitter's past claims that they don't condone or enable surveillance are "bullshit," relying on a deliberately narrowed definition. "It's true Dataminr doesn't specifically track protesters and activists individually, but at the request of the police they are tracking protests, and therefore protesters," this source explained. According to internal materials reviewed by The Intercept, Dataminr meticulously tracked not only ongoing protests, but kept comprehensive records of upcoming anti-police violence rallies in cities across the country to help its staff organize their monitoring efforts, including events' expected time and starting location within those cities. A protest schedule seen by The Intercept shows Dataminr was explicitly surveilling dozens of protests big and small, from Detroit and Brooklyn to York, Pennsylvania, and Hampton Roads, Virginia. Company documents also show the firm instructed members of its staff to look for instances of "lethal force used against protesters by police or vice-versa," "property damage," "widespread arson or looting against government or commercial infrastructure," "new instances of officer-involved shootings or death with potential interpretation of racial bias," and occasions when a "violent protests spreads to new major American city." Staff were also specifically monitoring social media for posts about "Officers involved in Floyd's death" -- all of which would be forwarded to Dataminr's governmental customers through a service named "First Alert." [...] First Alert also scans other popular platforms like Snapchat and Facebook, the latter being particularly useful for protest organizers trying to rapidly mobilize their communities. On at least one occasion, according to MPD records, Dataminr was able to point police to a protest's Facebook event page before it had begun.

Read more of this story at Slashdot.

Canadian Genetic Non-Discrimination Act Upheld

Slashdot - Your Rights Online - So, 2020-07-11 04:30
Long-time Slashdot reader kartis writes: Canada's Supreme Court upheld the Genetic Non-Discrimination Act (GINA) which prohibits under criminal penalty, employers or insurers from demanding or using genetic information. This was a result of a private member's bill in Parliament, which meant it passed without the government's support, and in fact both the Federal government and Quebec government (which had gotten it declared unconstitutional as outside federal powers) argued that it extended criminal powers into a provincial jurisdiction. Well, the Supreme Court has surprisingly upheld it in a 5-4 decision, which means great things for Canadians' privacy, and also suggests a wider ability for federal privacy legislation than many jurists had thought.

Read more of this story at Slashdot.

Signal's New PIN Feature Worries Cybersecurity Experts

Slashdot - Your Rights Online - Pt, 2020-07-10 23:24
Lorenzo Franceschi-Bicchierai, writing for Vice: Ever since NSA leaker Edward Snowden said "use Signal, use Tor," the end-to-end encrypted chat app has been a favorite of people who care about privacy and need a chat and calling app that is hard to spy on. One of the reasons security experts recommended Signal is because the app's developers collected -- and thus retained -- almost no information about its users. This means that, if subpoenaed by law enforcement, Signal would have essentially nothing to turn over. Signal demonstrated this in 2016, when it was subpoenaed by a court in Virginia. But a newly added feature that allows users to recover certain data, such as contacts, profile information, settings, and blocked users, has led some high-profile security experts to criticize the app's developers and threaten to stop using it. Signal will store that data on servers the company owns, protected by a PIN that the app has initially been asking users to add, and then forced them to. The purpose of using a PIN is, in the near future, to allow Signal users to be identified by a username, as opposed to their phone number, as Signal founder Moxie Marlinspike explained on Twitter (as we've written before, this is a laudable goal; tying Signal to a phone number has its own privacy and security implications). But this also means that unlike in the past, Signal now retains certain user data, something that many cybersecurity and cryptography experts see as too dangerous. Matthew Green, a cryptographer and computer science professor at Johns Hopkins University, said that this was "the wrong decision," and that forcing users to create a PIN and use this feature would force him to stop using the app.

Read more of this story at Slashdot.

Apple Advises Against MacBook Camera Covers Due To Display Cracking

Slashdot - Your Rights Online - Pt, 2020-07-10 22:45
Apple, in a new support document, is warning users against closing their MacBook lids with a cover over the camera. From a report: Placing a cover, sticker or tape over a laptop camera is a practice adopted by some privacy- and security-conscious individuals to protect against webcam hijacking. Now, however, Apple is explicitly advising against the tactic. In a support document published earlier in July, Apple urges users not to close their MacBook Pro or MacBook Air lids if there's a camera cover installed on it. "If you close your Mac notebook with a camera cover installed, you might damage your display because the clearance between the display and keyboard is designed to very tight tolerances," Apple notes. The support document also outlines some of the privacy and security functions of the camera, including the green indicator light that lets users know when the camera is active and the camera permission settings introduced in macOS Mojave.

Read more of this story at Slashdot.

Amazon Makes Employees Delete TikTok From Phones, Citing Security Risk [Update]

Slashdot - Your Rights Online - Pt, 2020-07-10 19:22
Amazon has asked its employees to delete the Chinese-owned video app TikTok from their cellphones, citing "security risks," according to a company email sent on Friday. From a report: In the email, which was obtained by The New York Times, Amazon officials said that employees must delete the app from any devices that "access Amazon email." Employees had to remove the app by Friday to remain able to obtain mobile access to their Amazon email, the note said. Amazon workers are still allowed to view TikTok from their laptop browser, the company added. Amazon and TikTok did not immediately respond to requests for comment. TikTok, which has been popular with young audiences in the United States, is owned by the Chinese tech company ByteDance. It has been under scrutiny in Washington for security reasons because of its ownership. Mike Pompeo, the Secretary of State, said on Monday that the Trump administration was considering blocking some Chinese apps, which he has called a threat to national security. Updated at 21:01GMT: In a statement, Amazon said the email was sent by accident. "This morning's email to some of our employees was sent in error. There is no change to our policies right now with regard to TikTok."

Read more of this story at Slashdot.

Amazon Will Pay $135,000 To Settle Alleged US Sanction Violations

Slashdot - Your Rights Online - Pt, 2020-07-10 04:30
In a statement (PDF) issued this week, the U.S. Treasury Department notes that Amazon has agreed to pay $134,523 to settle potential liability over alleged sanctions violations. TechCrunch reports: The charges specifically pertain to goods and services sent to people located in Crimea, Iran and Syria, which are covered by Office of Foreign Assets Control (OFAC) sanctions, between November 2011 and October 2018. The Treasury Department also states that the retail giant failed to report "several hundred" transactions in a timely manner. The department adds: "Amazon also accepted and processed orders on its websites for persons located in or employed by the foreign missions of Cuba, Iran, North Korea, Sudan, and Syria. Additionally, Amazon accepted and processed orders from persons listed on OFAC's List of Specially Designated Nationals and Blocked Persons (the "SDN List") who were blocked pursuant to the Narcotics Trafficking Sanctions Regulations, the Weapons of Mass Destruction Proliferators Sanctions Regulations, the Transnational Criminal Organizations Sanctions Regulations, the Democratic Republic of the Congo Sanctions Regulations, the Venezuela Sanctions Regulations, the Zimbabwe Sanctions Regulations, the Global Terrorism Sanctions Regulations, and the Foreign Narcotics Kingpin Sanctions Regulations." The department doesn't believe there was anything malicious going on, rather an issue with Amazon's system, which failed to flag shipments to sanctioned areas.

Read more of this story at Slashdot.

Indian Army Personnel Banned From Using 89 Apps

Slashdot - Your Rights Online - Pt, 2020-07-10 02:01
schwit1 writes: Indian troops will not be allowed to use some of the world's most well-known applications. The move goes further than for civilians when the government banned 59 apps, including TikTok, from general use. According to India Today, the Indian Army on Wednesday asked its personnel to delete 89 apps from their phones, including apps such as Facebook, Truecaller, Instagram and games like PUBG. "The latest instruction comes as a bid to plug leakage of sensitive national security information from phones of armed forces personnel," the report says. "The Army has set July 15 as the deadline for the security forces personnel to remove the 89 apps from their phones." Apps like WhatsApp, Telegram, and YouTube are O.K. as long as the personnel don't reveal their army background on the platforms.

Read more of this story at Slashdot.

Police Are Buying Access To Hacked Website Data

Slashdot - Your Rights Online - Cz, 2020-07-09 03:25
Some companies are selling government agencies access to data stolen from websites in the hope that it can generate investigative leads, with the data including passwords, email addresses, IP addresses, and more. Motherboard reports: Motherboard obtained webinar slides by a company called SpyCloud presented to prospective customers. In that webinar, the company claimed to "empower investigators from law enforcement agencies and enterprises around the world to more quickly and efficiently bring malicious actors to justice." The slides were shared by a source who was concerned about law enforcement agencies buying access to hacked data. SpyCloud confirmed the slides were authentic to Motherboard. "We're turning the criminals' data against them, or at least we're empowering law enforcement to do that," Dave Endler, co-founder and chief product officer of SpyCloud, told Motherboard in a phone call. The sale highlights a somewhat novel use of breached data, and signals how data ordinarily associated with the commercial sector can be repurposed by law enforcement too. But it also raises questions about whether law enforcement agencies should be leveraging information originally stolen by hackers. By buying products from SpyCloud, law enforcement would also be obtaining access to hacked data on people who are not associated with any crimes -- the vast majority of people affected by data breaches are not criminals -- and would not need to follow the usual mechanisms of sending a legal request to a company to obtain user data.

Read more of this story at Slashdot.

MIT and Harvard Sue DHS and ICE Over International Student Rule

Slashdot - Your Rights Online - Śr, 2020-07-08 18:47
Shag writes: Two days after US Immigration and Customs Enforcement (ICE) said international students must leave the US if their fall classes will be taught entirely online, MIT and Harvard are suing ICE and the Department of Homeland Security. "ICE is unable to offer the most basic answers about how its policy will be interpreted or implemented," said former international student L. Rafael Reif, President of MIT. Massachusetts' state Attorney General has announced that her office will also challenge the ruling in court. Of course, MIT also develops various technologies for DHS.

Read more of this story at Slashdot.