aggregator

No EV Tax Credit If You Earn More Than $100,000 Says US Senate

Slashdot - Your Rights Online - Cz, 2021-08-12 02:02
An anonymous reader quotes a report from Ars Technica: On Tuesday night, the US Senate passed an amendment that would limit the plug-in vehicle federal tax credit. Currently, tax payers are eligible for a tax credit of up to $7,500 based on the size of the vehicle's battery for the first 200,000 plug-in vehicles from a given automaker. But Republican Senator Deb Fischer of Nebraska introduced a non-binding amendment to the $3.5 trillion budget bill that would means-test this tax credit, restricting it to tax payers with incomes below $100,000. Perhaps more significantly, Sen. Fischer's amendment also restricts the tax credit to EVs that cost less than $40,000. Consequently, the only battery EVs that will still be eligible for the tax credit will be the Hyundai Ioniq Electric ($34,250), Hyundai Kona EV ($38,565), Mini Cooper SE ($30,750), and the Nissan Leaf S Plus ($39,220). Chevrolet's Bolt EV and Bolt EUV are both below the price threshold, but in 2019 the automaker sold its 200,000th plug-in vehicle, at which point the tax credit began to phase out. The amendment passed, 51-48. Senator Fischer took to Twitter to say that "everyday Americans are living paycheck to paycheck because of the sharp rise in costs due to #Bideninflation. We shouldn't be subsidizing luxury vehicles for the rich using money from hard-working taxpayers." (Inflation is mostly being driven by high prices for used cars, which in turn is a result of the chip shortage.)

Read more of this story at Slashdot.

NYPD Secretly Spent $159 Million On Surveillance Tech Since 2007

Slashdot - Your Rights Online - Cz, 2021-08-12 01:20
The New York City Police Department has spent over $159 million on surveillance systems and maintenance since 2007 without public oversight, according to newly released documents. Engadget reports: The Legal Aid Society (LAS) and the Surveillance Technology Oversight Project (STOP) obtained the documents from the NYPD, which include contracts with vendors. They show that the NYPD has spent millions on facial recognition, predictive policing tech and other surveillance systems. The NYPD made the purchases through a Special Expenses Fund. It didn't need to gain the approval of the NYC Council or other city officials before signing the contracts, as Wired reports. STOP and other privacy groups lobbied for the Public Oversight of Surveillance Technology (POST) Act, which passed last year and requires the NYPD to disclose details about its public surveillance infrastructure. The Special Expenses Fund was shut down after the legislation passed. LAS and STOP threatened legal action if the NYPD didn't detail its surveillance practices. Among the documents are contracts for Palantir, American Science and Engineering (which provides x-ray vans that can detect weapons in vehicles 1,500 feet away) and Idemia Solutions, which provides biometric services such as facial recognition. The NYPD also signed a contract with KeyW Corporation for Stingray cell tower simulators.

Read more of this story at Slashdot.

US Lawmakers Introduce Bill To Rein In Apple, Google App Stores

Slashdot - Your Rights Online - Cz, 2021-08-12 00:00
An anonymous reader quotes a report from Reuters: A bipartisan trio of senators introduced a bill that would rein in app stores of companies they said exert too much market control, including Apple and Alphabet's Google. Democratic Senators Richard Blumenthal and Amy Klobuchar teamed up with Republican Senator Marsha Blackburn to sponsor the bill, which would bar big app stores from requiring app providers to use their payment system. It would also prohibit them from punishing apps that offer different prices or conditions through another app store or payment system. "I found this predatory abuse of Apple and Google so deeply offensive on so many levels," Blumenthal said in an interview Wednesday. "Their power has reached a point where they are impacting the whole economy in stifling and strangling innovation." Blumenthal said he expected companion legislation in the House of Representatives "very soon."

Read more of this story at Slashdot.

Now Microsoft is Protesting After Amazon Won a $10 Billion NSA Cloud Contract

Slashdot - Your Rights Online - Śr, 2021-08-11 20:07
An anonymous reader shares a report: After spending years battling over the Defense Department's $10 billion JEDI cloud services contract, Microsoft and Amazon are fighting over another government deal. Now it's the National Security Agency offering a contract that could pay up to $10 billion as it shifts away from on-premises servers to a commercial provider. However, as Washington Technology reported first, this time around, Amazon Web Services won the $10 billion contest, and it's Microsoft's turn to file a protest with the Government Accountability Office. Washington Technology reports that Microsoft's claim is the NSA didn't conduct a proper evaluation while considering a provider for its new project, code-named WildandStormy. In a statement to NextGov, an NSA spokesperson confirmed the award and protests, saying, "The Agency will respond to the protest in accordance with appropriate federal regulations." The NSA is pursuing a "Hybrid Compute Initiative" to meet its processing and analytical requirements while also holding onto intelligence data (although it might not need as much storage as it used to). AWS already holds many government cloud contracts, but the JEDI process revealed Microsoft as a formidable competitor.

Read more of this story at Slashdot.

Researchers Create 'Master Faces' To Bypass Facial Recognition

Slashdot - Your Rights Online - Śr, 2021-08-11 15:00
An anonymous reader quotes a report from Motherboard: Researchers have demonstrated a method to create "master faces," computer generated faces that act like master keys for facial recognition systems, and can impersonate several identities with what the researchers claim is a high probability of success. In their paper (PDF), researchers at the Blavatnik School of Computer Science and the School of Electrical Engineering in Tel Aviv detail how they successfully created nine "master key" faces that are able to impersonate almost half the faces in a dataset of three leading face recognition systems. The researchers say their results show these master faces can successfully impersonate over 40 percent of the population in these systems without any additional information or data of the person they are identifying. The researchers tested their methods against three deep face recognition systems -- Dlib, FaceNet, and SphereFace. Lead author Ron Shmelkin told Motherboard that they used these systems because they are capable of recognizing "high-level semantic features" of the faces that are more sophisticated than just skin color or lighting effects. The researchers used a StyleGAN to generate the faces and then used an evolutionary algorithm and neural network to optimize and predict their success. The evolutionary strategy then creates iterations, or generations, of candidates of varying success rates. The researchers then used the algorithm to train a neural network, to classify the best candidates as the most promising ones. This is what teaches it to predict candidates' success and, in turn, direct the algorithm to generate better candidates with a higher probability of passing. The researchers even predict that their master faces could be animated using deepfake technology to bypass liveness detection, which is used to determine whether a biometric sample is real or fake.

Read more of this story at Slashdot.

US Prisons Mull AI To Analyze Inmate Phone Calls

Slashdot - Your Rights Online - Śr, 2021-08-11 04:02
A key House of Representatives panel has pressed for a report to study the use of artificial intelligence to analyze prisoners' phone calls. "But prisoners' advocates and inmates' families say relying on AI to interpret communications opens up the system to mistakes, misunderstandings and racial bias," reports Reuters. From the report: The call for the Department of Justice (DOJ) to further explore the technology, to help prevent violent crime and suicide, accompanies an $81 billion-plus spending bill to fund the DOJ and other federal agencies in 2022 that the Appropriations Committee passed last month. The technology can automatically transcribe inmates' phone calls, analyzing their patterns of communication and flagging certain words or phrases, including slang, that officials pre-program into the system. A House Democratic aide said in an emailed statement they were encouraging the DOJ "to engage with stakeholders in the course of examining the feasibility of utilizing such a system." Several state and local facilities across the country have already started using the tech, including in Alabama, Georgia and New York. The House panel wants the DOJ to look into potentially leveraging the technology for federal use and to identify gaps or shortcomings in the information it produces. Privacy groups say the technology could amplify racial bias in the justice system and unfairly subject prisoners to unaccountable artificial intelligence. Proponents dispute such criticisms, saying the tech is a vital time-saving tool for law enforcement and does not target specific groups.

Read more of this story at Slashdot.

The McFlurry Machine Company Just Got Hit With a McRestraining Order

Slashdot - Your Rights Online - Śr, 2021-08-11 01:20
"A lawsuit between the company that makes McFlurry machines and a company that manufactures a third-party diagnostic tool for them is part of a broader 'right to repair' battle," writes Slashdot reader ttyler. Gizmodo reports: If you've been to a McDonald's at any point in the last century, you're likely familiar with the harrowing experience of being denied the frosty treat that you crave because the McFlurry machine is broken yet again. As it turns out, being broken is sort of a hallmark of McFlurry machines: Not only are they inherently fragile -- needing to withstand both cold ice cream temperatures and the heating cycles that blast them during the cleaning process -- but they're also powered by janky software and "flawed code that caused the machines to malfunction," according to a lawsuit filed against the company that produces the machines in May. That company, Taylor, is a particularly egregious purveyor that serves as a perfect example of the exact business model right-to-repair advocates are trying to abolish: sell businesses a persnickety machine that's likely to break down, prevent them from understanding exactly where the malfunction is occurring, and then help yourself to a healthy cut of the distributors' profit from the resultant repairs. It's a racket that's so widely understood, it prompted the creation of a new company, Kytch, which manufactures a diagnostic tool specifically designed to help McDonald's franchise owners fix their own McFlurry machines. In a recent legal victory, a judge awarded a temporary restraining order against Taylor after Kytch had alleged in a complaint that the McFlurry machine manufacturer had gotten its hands on a Kytch Solution Devices with the express intention of learning its trade secrets. The complaint also alleged that Taylor had told McDonald's and its franchisees to stop using Kytch machines on the grounds that they were dangerous, and that the company had begun development on its own version of the Kytch system at the same time. As a result of the court order, Taylor now has 24 hours to turn over all its Kytch Solution Devices. "Defendants must not use, copy, disclose, or otherwise make available in any way information, including formula, pattern, compilation, program, device, method, technique, or process obtained by any of them," the court document said.

Read more of this story at Slashdot.

Oregon Law Allows Students To Graduate Without Proving They Can Write Or Do Math

Slashdot - Your Rights Online - Wt, 2021-08-10 22:43
An anonymous reader quotes a report from Oregon Live: For the next five years, an Oregon high school diploma will be no guarantee that the student who earned it can read, write or do math at a high school level. Gov. Kate Brown had demurred earlier this summer regarding whether she supported the plan passed by the Legislature to drop the requirement that students demonstrate they have achieved those essential skills. But on July 14, the governor signed Senate Bill 744 into law. Through a spokesperson, the governor declined again Friday to comment on the law and why she supported suspending the proficiency requirements. Charles Boyle, the governor's deputy communications director, said the governor's staff notified legislative staff the same day the governor signed the bill. Boyle said in an emailed statement that suspending the reading, writing and math proficiency requirements while the state develops new graduation standards will benefit "Oregon's Black, Latino, Latina, Latinx, Indigenous, Asian, Pacific Islander, Tribal, and students of color." "Leaders from those communities have advocated time and again for equitable graduation standards, along with expanded learning opportunities and supports," Boyle wrote. The requirement that students demonstrate freshman- to sophomore-level skills in reading, writing and, particularly, math led many high schools to create workshop-style courses to help students strengthen their skills and create evidence of mastery. Most of those courses have been discontinued since the skills requirement was paused during the pandemic before lawmakers killed it entirely. The state's four-year graduation rate is 82.6%, up more than 10 points from six years ago. However, it still lags behind the national graduation rate averages, which is 85 percent. Oregon's graduation rates currently rank nearly last in the country. But it's complicated because states use different methodologies to calculate their graduation rates, making some states appear better than others.

Read more of this story at Slashdot.

Firefox 91 Pushes Privacy With Stronger New Cookie-clearing Option

Slashdot - Your Rights Online - Wt, 2021-08-10 18:44
WIth the release of Firefox 91 on Tuesday, Mozilla has introduced a bigger hammer for smashing the cookies that websites, advertisers and tracking companies can use to record your online behavior. From a report: The new feature, called enhanced cookie clearing, is designed to block tracking not just from a website, but also from third parties whose code appears on the site. The technology is designed to let you clear cookies for a particular website but also the more aggressive "supercookies" designed to evade lesser privacy protections. The feature is an option if you enable Firefox's strict mode for cookie handling, which partitions website data into separate storage containers. "You can easily recognize and remove all data a website has stored on your computer, without having to worry about leftover data from third parties embedded in that website," Mozilla said in a blog post.

Read more of this story at Slashdot.

Samsung Leader Jay Y. Lee Granted Parole, To Leave Prison On Friday

Slashdot - Your Rights Online - Wt, 2021-08-10 00:20
Samsung vice chairman Jay Y. Lee, in jail after convictions for bribery, embezzlement and other charges, has qualified for parole and is expected to leave prison this Friday, South Korea's justice ministry said. Reuters reports: "The decision to grant Samsung Electronics vice chairman Jay Y. Lee parole was the result of a comprehensive review of various factors such as public sentiment and good behavior during detention," the ministry said in a statement on Monday. Convicted of bribing a friend of former President Park Geun-hye, Lee, 53, has served 18 months of a revised 30 month sentence. He initially served one year of a five-year sentence from August 2017 which was later suspended. That court decision was then overturned and while the sentence was shortened, he was sent back to jail in January this year. Lee still needs the Justice Minister to approve his return to work as the law bars persons with certain convictions from working for companies related to those convictions for five years. He is likely to get that, legal experts say, due to circumstances such as the amount deemed embezzled having been repaid. The Federation of Korean Industries, a big business lobby, welcomed the decision, adding: "If the investment clock, currently at standstill, is not wound up quickly, we could lag behind global companies such as Intel and TSMC and lose the Korean economy's bread and butter at a moment's notice."

Read more of this story at Slashdot.

Uber Asked Contractor To Allow Video Surveillance In Employee Homes, Bedrooms

Slashdot - Your Rights Online - Pn, 2021-08-09 23:00
An anonymous reader quotes a report from Ars Technica: Teleperformance, one of the world's largest call center companies, is reportedly requiring some employees to consent to video monitoring in their homes. Employees in Colombia told NBC News that their new contract granted the company the right to use AI-powered cameras to observe and record their workspaces. The contract also requires employees to share biometric data like fingerprints and photos of themselves, and workers have to agree to share data and images that may include children under 18. Teleperformance employs over 380,000 people in 83 countries to provide call center services for a range of companies, including Amazon, Apple, and Uber. A company spokesperson told NBC that it is "constantly looking for ways to enhance the Teleperformance Colombia experience for both our employees and our customers, with privacy and respect as key factors in everything we do." Amazon and Apple said that they did not ask Teleperformance for this extra monitoring, and an Apple spokesperson said the company forbids video monitoring of employees by suppliers. A recent Apple audit reportedly found Teleperformance in compliance with this requirement. But Uber apparently requested the ability to monitor some workers. Uber said it wouldn't observe the entire workforce, but the company did not specify which employees would be subject to the new policies. The ride sharing company asked for the monitoring of Teleperformance's remote employees because call center staff have access to customers credit cards and trip details, an Uber spokesperson told NBC News.

Read more of this story at Slashdot.

Apple Says It Will Reject Government Demands To Use New Child Abuse Image Detection System for Surveillance

Slashdot - Your Rights Online - Pn, 2021-08-09 22:18
Apple defended its new system to scan iCloud for illegal child sexual abuse materials (CSAM) on Monday during an ongoing controversy over whether the system reduces Apple user privacy and could be used by governments to surveil citizens. From a report: Last week, Apple announced it has started testing a system that uses sophisticated cryptography to identify when users upload collections of known child pornography to its cloud storage service. It says it can do this without learning about the contents of a user's photos stored on its servers. Apple reiterated on Monday that its system is more private than those used by companies like Google and Microsoft because its system uses both its servers and software running on iPhones. Privacy advocates and technology commentators are worried Apple's new system, which includes software that will be installed on people's iPhones through an iOS update, could be expanded in some countries through new laws to check for other types of images, like photos with political content, instead of just child pornography. Apple said in a document posted to its website on Sunday governments cannot force it to add non-CSAM images to a hash list, or the file of numbers that correspond to known child abuse images Apple will distribute to iPhones to enable the system.

Read more of this story at Slashdot.

Is Big Tech Pressuring Its Call-Center Workers to Install Cameras in Their Homes?

Slashdot - Your Rights Online - Pn, 2021-08-09 05:34
NBC News reports: Colombia-based call center workers who provide outsourced customer service to some of the nation's largest companies are being pressured to sign a contract that lets their employer install cameras in their homes to monitor work performance, an NBC News investigation has found. Six workers based in Colombia for Teleperformance, one of the world's largest call center companies, which counts Apple, Amazon and Uber among its clients, said that they are concerned about the new contract, first issued in March. The contract allows monitoring by AI-powered cameras in workers' homes, voice analytics and storage of data collected from the worker's family members, including minors. Teleperformance employs more than 380,000 workers globally, including 39,000 workers in Colombia. "The contract allows constant monitoring of what we are doing, but also our family," said a Bogota-based worker on the Apple account who was not authorized to speak to the news media. "I think it's really bad. We don't work in an office. I work in my bedroom. I don't want to have a camera in my bedroom." The worker said that she signed the contract, a copy of which NBC News has reviewed, because she feared losing her job. She said that she was told by her supervisor that she would be moved off the Apple account if she refused to sign the document. She said the additional surveillance technology has not yet been installed. The concerns of the workers, who all spoke on the condition of anonymity because they were not authorized to speak to the media, highlight a pandemic-related trend that has alarmed privacy and labor experts: As many workers have shifted to performing their duties at home, some companies are pushing for increasing levels of digital monitoring of their staff in an effort to recreate the oversight of the office at home... "Surveillance at home has really been normalized in the context of the pandemic," said Veena Dubal, a labor law professor at the University of California, Hastings. "Companies see a lot of benefit in putting in software to do all kinds of monitoring they would have otherwise expected their human managers to do, but the reality is that it's much more intrusive than surveillance conducted by a boss." An Uber spokesperson confirmed to NBC News that it Uber actually requested the monitoring of its workers, the article reports. Interviewed by NBC News, an Uber spokespreson "said that its customer service agents have access to private and sensitive user information, including credit card details and trip data, and that protecting that information is a priority for Uber. "As a result, Uber requested Teleperformance to monitor staff working on its accounts to verify that only a hired employee is accessing the data; that outsourced staff weren't recording screen data on another device such as a phone; and that no unauthorized person was near the computer."

Read more of this story at Slashdot.

US Lawmakers Propose a $2.5 Billion Pilot Guaranteed Income Program

Slashdot - Your Rights Online - N, 2021-08-08 19:41
Amid fears that technology may be quietly eliminating many basic jobs, late last month several U.S. lawmakers "proposed legislation that would dole out regular stimulus checks — or guaranteed income — through monthly payments of up to $1,200 for adults and $600 for children," according to a local news report from WCCO TV: The program, if the legislation were to pass, would not immediately begin sending out $1,200 checks to most Americans. Instead, it would create a $2.5 billion grant program to fund pilot guaranteed income programs across the country. The programs would be studied from 2023 to 2027 and then the national program would begin in 2028, Minneapolis' WCCO-TV reported. Then the legislation would provide $1,200 per month to people making $75,000 or less per year. The heads of households with an income of up to $112,500 would receive $1,200 under the program. And $600 would be provided for each minor child. Though it's a long way from becoming law, one of the legislators proposing it says "We need a paradigm shift in how we measure and evaluate our economy. If my district, New York's 16th, was a country, it would have the 8th worst inequality in the world. Our barometers for economic success, as well as our policies, must be centered around meeting basic levels of care and dignity for all of our people." The bill proposes that a new Office of Guaranteed Income Programs be established in the U.S. Treasury Department to oversee all the payments. Though it seems like this would cost something like a trillion dollars a year...

Read more of this story at Slashdot.

Will a New Gig Worker Exception Proposed in Massachusetts Change the Future of Work?

Slashdot - Your Rights Online - N, 2021-08-08 13:34
"Last year, Uber, Lyft, DoorDash and Instacart succeeded in getting Californians to vote in favor of a ballot measure exempting them from classifying drivers and delivery workers as employees," remembers CNN. So after their success with Californian's Proposition 22, "the companies are in the early stages of taking a similar approach in Massachusetts..." The Coalition to Protect Workers' Rights, an alliance that includes labor advocates and community groups, argued this week that the Massachusetts measure would "permanently create a 'second class' status" for the workers... [T]he proposed Massachusetts ballot initiative presents a minimum earnings guarantee of "120 percent of minimum wage" based on "engaged time," meaning the only time counted is when a driver is fulfilling a ride or delivery request but not the time they spend waiting for a gig. (An analysis from UC Berkeley Labor Center had estimated the pay guarantee under Prop 22 for Uber and Lyft drivers would be equivalent to a wage of $5.64 per hour, instead of $15.60 or 120% of a $13 minimum wage, given such loopholes.) Workers would also receive $0.26 reimbursement per engaged mile to cover vehicle upkeep and gas. (The UC Berkeley Labor Center previously pointed out that Prop 22's $0.30 reimbursement is lower than the IRS' estimated $0.58 per mile cost of owning and operating a vehicle.) While the proposal includes a health care contribution from a company for certain qualifying workers, that too is based on "engaged time" and only a small portion of workers would likely qualify, according to the Coalition to Protect Workers' Rights, due to minimum engaged time requirements... Some workers could also earn paid sick time, paid family and medical leave, and in lieu of worker's compensation, benefits for medical and disability in cases of on-the-job injuries. Workers would have the ability to appeal if their accounts are deactivated, and would receive training on public safety issues. It would also let gig companies avoid contributions to unemployment or Social Security, and deny app-based workers more robust legal protections around discrimination, including when it comes to compensation. Lyft, Uber and other members of the coalition, want their proposition included on November 2022 ballots, TechCrunch reports. (Though the question still has to pass a legal review and receive enough signatures from voters.) But a Boston Globe columnist argues the measure isn't just about gig-working conditions. "It's about the future of work in America." If voters side with the tech giants, the labor landscape will be transformed, immuring a giant and growing body of workers in a world with fewer benefits and protections. And where ride-hailing drivers go, nurses, restaurant workers, executive assistants, programmers, and others will surely follow. The tech giants who rule the world are already dreaming of the day when those workers, too, will be classified as mobile, independent contractors, with fewer benefits and less security than employees. "If they get away with this, every industry is going to line up to ask for an exception," said labor attorney Shannon Liss-Riordan, who has battled the gig companies for years. "And before you know it, the entire fabric of workplace protections will be gone..." Plenty of people are fine with the fact that that means there will always be a bunch of drivers milling around unpaid and unprotected, waiting for us to summon them. But if blue Massachusetts follows liberal California and approves the formal creation of a second-class workforce, the rest of the country will follow, as will other industries. "This is a question of whether we are going to be a society that recognizes the dignity of work," Liss-Riordan said.

Read more of this story at Slashdot.

Russia May Be Spreading Vaccine Misinformation to Undermine Efforts to Immunize People

Slashdot - Your Rights Online - N, 2021-08-08 00:34
The New York Times reports on what's apparently a new Russia-aligned disinformation campaign to "undermine the effort to immunize people" — and more. (Alternate URL here) Both Russia and China have worked to promote their own vaccines through messaging that undermines American and European vaccination programs, according to the State Department's Global Engagement Center. But in addition to overt messaging promoting their own vaccines, Moscow has also spread conspiracy theories. Last year, the department began warning about how Russia was using fringe websites to promote doubts around vaccinations... The aim of various Russian groups continues to be to exacerbate tensions in Western societies, a key foreign policy goal of Moscow, according to American officials briefed on the disinformation efforts... In recent weeks, the nature of Russian disinformation has also begun to shift, some officials and outside experts said. Recent postings spreading false information have suggested that the Biden administration is intent on mandating that Americans get vaccines that are failing against the coronavirus. The campaign also comes as President Biden warned President Vladimir V. Putin of Russia last month to rein in ransomware attacks emanating out of Russia and aimed at critical American infrastructure. Though the ransomware attacks are separate from the disinformation campaigns, the warning was the latest effort by United States officials to prod Russia to rein in destructive digital incursions... The Biden administration is actively monitoring Russian misinformation and is trying to counter it by encouraging the public to get vaccinated and promoting the safety and efficacy of Western vaccines, according to an administration official who spoke on condition of anonymity to discuss potentially sensitive information... Much of the disinformation efforts are posted on websites with little to no moderation... Measuring the impact of the disinformation efforts is difficult, given the deep divisions over vaccinations that already exist in the United States and Europe; exploiting splits among Americans is a typical Russian tactic. Even on the hard-right discussion forums, some users have fingered the cartoons as being Russian in origin, though the postings have continued.

Read more of this story at Slashdot.

Are the Ultra-Wealthy Renouncing US Citizenship to Avoid Taxes?

Slashdot - Your Rights Online - So, 2021-08-07 22:35
"In 2017, it emerged that Silicon Valley billionaire Peter Thiel had been able to gain New Zealand citizenship six years earlier," reports the Associated Press, "despite never having lived in the country." Thiel was approved after a top lawmaker decided his entrepreneurial skills and philanthropy were valuable to the nation. Thiel didn't even have to leave California for the ceremony — he was granted citizenship during a private ceremony held at the New Zealand Consulate in Santa Monica. But he's not the only one, Axios reports. "A lot of people who take this drastic step are tech zillionaires: Eric Schmidt, the former Alphabet CEO, has applied to become a citizen of Cyprus..." The number of Americans who renounced their citizenship in favor of a foreign country hit an all-time high in 2020: 6,707, a 237% increase over 2019... The people who flee tend to be ultra-wealthy, and many of them are seeking to reduce their tax burden... Only the U.S. and Eritrea tax people based on citizenship rather than residency. For most countries, if you are a citizen but don't reside there, you aren't taxed in that country. The IRS publishes a quarterly list of the names of people who have renounced their citizenship or given up their green cards... But the Wall Street Journal discovered that the lists aren't up to date: A lot of people who were reported to have renounced citizenship in 2020 actually did so years earlier. Axios also points out that U.K. prime minister Boris Johnson was actually born in America, but only lived there as a small child, and subsequently renounced his U.S. citizenship.

Read more of this story at Slashdot.

US Developer's Workstation Exposed State Department's Network Data, Researchers Find

Slashdot - Your Rights Online - So, 2021-08-07 19:34
Long-time Slashdot reader chicksdaddy writes: Sensitive systems and data for the U.S. Department of State could have been exposed by a third party development workstation running the eXide software, according to researchers for the hacking crew Sakura Samurai. According to a report in Forbes, the researchers took advantage of a new State Department Vulnerability Disclosure Program to look for security flaws in one of 8 wild-carded State Department domains included in the program. Using automated tools to do reconnaissance on one of the subdomains the State Department had included in its VDP, researcher Jackson Henry discovered a vulnerable workstation running the open source, web based eXide IDE. It was linked to a third party doing work for the State Department and contained a number of serious security holes including Cross Site Scripting (XSS), Remote File Inclusion (RFI), and Server Side Request Forgery (SSRF) flaws. All are powerful weapons in the hands of a sophisticated cyber adversary. After reporting their findings to the State Department on April 27th, researcher Jackson Henry and Sakura Samurai received acknowledgement of their report on April 29th. The vulnerable endpoint in question was taken offline by the State Department by May 13th. Henry and Sakura Samurai then began working with the State Department on public disclosure of the vulnerabilities, while also communicating with the developers responsible for the open source project to get the flaws fixed, according to communications shared with Forbes. The discovery of flaws buried in an open source development tool underscores the risks that federal agencies face as more and more government business shifts to the web. "The State Department can't audit every open source package it uses," Henry said. "That's why the VDP is such a big thing (and) a step in the right direction." It is also an endorsement of the benefits of a quiet security revolution within the federal government in recent months, as agencies have responded to Binding Operational Directive 20-01, a new requirement from the CISA, the Cybersecurity and Infrastructure Security Agency, that Executive Branch agencies publish and maintain public vulnerability disclosure programs, or VDPs — a kind of front door for bug hunters and "white hat" cybersecurity professionals.

Read more of this story at Slashdot.

The Future of Cryptocurrency Is Being Decided in Biden's Infrastructure Bill

Slashdot - Your Rights Online - So, 2021-08-07 03:30
Two competing amendments to the Senate's infrastructure bill may shape the future of cryptocurrency in the United States as senators fight over who must be subject to new tax reporting requirements. Motherboard reports: One proposal wants to exempt miners, hardware manufacturers, and developers, putting the focus on centralized cryptocurrency exchanges and trading apps. But the Biden administration has thrown its weight behind another amendment that would grant exemption only to those behind so-called proof-of-work cryptocurrencies such as Bitcoin, but not other networks said to be more environmentally friendly because they don't consume as much electricity to validate transactions. The infrastructure bill, which promises public spending on major projects like new roads and bridge repairs, wouldn't appear to have anything to do with cryptocurrency. But the Congress figured that "crypto brokers" could be squeezed for $28 billion in taxes over a decade to foot part of the bill. The proposal immediately caused a furor, with crypto influencers prompting their followers to call their senators and industry stakeholders applying pressure. The definition of brokers in the original bill -- any person who (for consideration) is responsible for regularly providing any service effectuating transfers of digital assets on behalf of another person -- was so broad that it meant pretty much anyone that makes a cryptocurrency tick -- node operators, miners, validators, or services that stake digital assets -- would have to report to the I.R.S. the information on their "customers." Cryptocurrencies such as Bitcoin are designed to be non-custodial and pseudonymous, so that requirement would be nearly impossible to satisfy for much of the industry, Olya Veramchuk, director of tax solutions at blockchain firm Lukka, told Motherboard. On Wednesday, three senators -- Ron Wyden (D., Ore.), Pat Toomey (R., Pa.), and Cynthia Lummis (R., Wyo.) -- put forward an amendment to narrow the definition of a crypto broker down to those who are custodial and actually hold information on their customers, such as cryptocurrency exchanges like Coinbase or trading apps like Robinhood, granting exemption to everyone else. But an amendment proposed by Senators Rob Portman (R. Oh) and Mark Warner (D., Va) on Thursday, favored by the Biden administration, grants an exemption from the tax reporting obligation to only a segment of the crypto industry, resting on a major technical difference in blockchain design between proof-of-network and proof-of-stake. [...] The vote on rival amendments is expected to take place on Saturday. A proof-of-work model is when a network, such as Bitcoin and Dogecoin, requires miners to take care of the task of validating transactions using huge amounts of electricity for a reward in the form of newly-minted coins. "Others, like Polkadot and Cardano, require 'staking' (hence, proof-of-stake) -- which is a process of pledging funds to the network and getting semi-randomly called to validate transactions," notes Motherboard. "Validators are rewarded with newly-minted coins."

Read more of this story at Slashdot.

PSA: Apple Can't Run CSAM Checks On Devices With iCloud Photos Turned Off

Slashdot - Your Rights Online - So, 2021-08-07 02:10
An anonymous reader quotes a report from iMore: Apple announced new on-device CSAM detection techniques yesterday and there has been a lot of confusion over what the feature can and cannot do. Contrary to what some people believe, Apple cannot check images when users have iCloud Photos disabled. Apple's confirmation of the new CSAM change did attempt to make this clear, but perhaps didn't make as good a job of it as it could. With millions upon millions of iPhone users around the world, it's to be expected that some could be confused. "Using another technology called threshold secret sharing, the system ensures the contents of the safety vouchers cannot be interpreted by Apple unless the iCloud Photos account crosses a threshold of known CSAM content," says Apple. "The threshold is set to provide an extremely high level of accuracy and ensures less than a one in one trillion chance per year of incorrectly flagging a given account." The key part there is the iCloud Photos bit because CSAM checks will only be carried out on devices that have that feature enabled. Any device with it disabled will not have its images checked. That's also a fact that MacRumors had confirmed, too. Something else that's been confirmed -- Apple can't delve into iCloud backups and check the images that are stored there, either. That means the only time Apple will run CSAM checks on photos is when it's getting ready to upload them to iCloud Photos.

Read more of this story at Slashdot.