aggregator

Apple is not in talks "at any level" to settle its wide-ranging legal dispute with mobile chip maker Qualcomm, Reuters reported Wednesday, citing a source familiar with the matter. From the report: In the past, Apple used Qualcomm's modem chips in its flagship iPhone models to help them connect to wireless data networks. But early last year, Apple sued Qualcomm in federal court in San Diego, alleging that the chip company's practice of taking a cut of the selling price of phones as a patent license fee was illegal. The case is to go to trial early next year and has spawned related legal actions in other courts around the world. In July, Qualcomm's chief executive, Steve Mollenkopf, told investors on the company's quarterly earnings call that the two companies were in talks to resolve the litigation.

Read more of this story at Slashdot.

Facebook CEO Mark Zuckerberg has rejected a request to appear before an international parliamentary delving into the questions around fake news. From a report: The rebuff came after Damian Collins, the head of the U.K. parliament's media committee, joined forces with his Canadian counterpart in hopes of pressuring Zuckerberg to testify, as he did before the U.S Congress. Facebook rejected the invitation to appear before the so-called "international grand committee" session Nov. 27, arguing it wasn't possible for Zuckerberg to appear before all parliaments.

Read more of this story at Slashdot.

hackingbear writes: In the opening of China's first import-themed trade fair, President Xi Jinping promised tougher penalties for intellectual property theft, a key concern of the Trump administration, in front of leaders and executives from 3,600 companies from more than 170 countries. China has been steadily advancing intellectual property protection over the years. In addition to filing twice as many patents as the U.S. in 2017, up nearly 14 folds from 2001, it is also increasingly being selected as a key venue for patent litigation by non-Chinese companies, as litigants feel they are treated fairly as foreign plaintiffs won the majority of their patent cases in 2015 (though that likely attracts patent trolls). China's journey from piracy to protection models the journeys of the U.S. which had blatantly violated intellectual properties in building its modern industry.

Read more of this story at Slashdot.

An anonymous reader quotes a report from Ars Technica: If you talk to experts on election security (I studied with several of them in graduate school) they'll tell you that we're nowhere close to being ready for online voting. "Mobile voting is a horrific idea," said election security expert Joe Hall when I asked him about a West Virginia experiment with blockchain-based mobile voting back in August. But on Tuesday, The New York Times published an opinion piece claiming the opposite. "Building a workable, scalable, and inclusive online voting system is now possible, thanks to blockchain technologies," writes Alex Tapscott, whom the Times describes as co-founder of the Blockchain Research Institute. Tapscott is wrong -- and dangerously so. Online voting would be a huge threat to the integrity of our elections -- and to public faith in election outcomes. Tapscott focuses on the idea that blockchain technology would allow people to vote anonymously while still being able to verify that their vote was included in the final total. Even assuming this is mathematically possible -- and I think it probably is -- this idea ignores the many, many ways that foreign governments could compromise an online vote without breaking the core cryptographic algorithms. For example, foreign governments could hack into the computer systems that governments use to generate and distribute cryptographic credentials to voters. They could bribe election officials to supply them with copies of voters' credentials. They could hack into the PCs or smartphones voters use to cast their votes. They could send voters phishing emails to trick them into revealing their voting credentials -- or simply trick them into thinking they've cast a vote when they haven't.

Read more of this story at Slashdot.

The cybercrime wing of Pakistan's Federal Investigation Agency has said data from "almost all" Pakistani banks was stolen in a recent security breach. FIA Cybercrimes Director retired Capt Mohammad Shoaib told Geo News that hackers based outside the country had breached the security systems of several local banks. "The hackers have stolen large amounts of money from people's accounts," he added. From a report: He said the FIA has written to all banks, and a meeting of the banks' heads and security managements is being called. The meeting will look into ways the security infrastructure of banks can be bolstered. "Banks are the custodians of the money people have stored in them," Shoaib said. "They are also responsible if their security features are so weak that they result in pilferage." It wasn't immediately clear when exactly the security breach took place. According to Shoaib, more than 100 cases are being investigated by the agency in connection with the breach.

Read more of this story at Slashdot.

AT&T will alert a little more than a dozen customers within the next week or so that their service will be terminated due to copyright infringement, news outlet Axios reported, citing sources familiar with its plans. From the report: It's the first time AT&T has discontinued customer service over piracy allegations since having shaped its own piracy policies last year, which is significant given it just became one of America's major media companies. AT&T owns a content network after its purchase of Time Warner earlier this year, an entity now called WarnerMedia. Content networks are typically responsible for issuing these types of allegations to internet service providers (ISPs) for them to address with their customers.

Read more of this story at Slashdot.

Oracle's Internet Intelligence division has confirmed today the findings of a recently published academic paper that accused China of "hijacking the vital internet backbone of western countries." From a report: The research paper was authored by researchers from the US Naval War College and Tel Aviv University and it made quite a few waves online after it was published. Researchers accused China Telecom, one of China's biggest state-owned internet service providers, of hijacking and detouring internet traffic through its normally-closed internet infrastructure. Some security experts contested the research paper's findings because it didn't come from an authoritative voice in the world of internet BGP hijacks, but also because the paper touched on many politically sensitive topics, such as China's cyber-espionage activities and how China used BGP hijacks as a way to circumvent the China-US cyber pact of 2015. But today, Doug Madory, Director of Oracle's Internet Analysis division (formerly Dyn), confirmed that China Telecom has, indeed, engaged in internet traffic "misdirection." "I don't intend to address the paper's claims around the motivations of these actions," said Madori. "However, there is truth to the assertion that China Telecom (whether intentionally or not) has misdirected internet traffic (including out of the United States) in recent years."

Read more of this story at Slashdot.

China's Tencent will soon require gamers to prove their ages and identities against police records, according to a new official statement yesterday. Under the new system, users will need to register their Chinese national IDs in order to play any games from Tencent. The Verge reports: Ten mobile games will get the new verification system by the end of the year, and all games offered by Tencent, including PlayerUnknown's Battlegrounds and League of Legends, will get the system by 2019. Tencent has been criticized by state-run People's Daily, which called Arena of Valor "poison," after reports that students were ditching their homework to play the mobile game. Tencent has also faced direct regulatory pressure this summer, after President Xi Jinping pointed out that too many children were nearsighted and said the government was taking action. Beijing officially ruled to ban new games, cementing an unofficial pause that started back in March, costing Tencent up to $1.5 billion in lost revenue as it was unable to launch games it had been developing. In September, Tencent imposed the new verification system on Arena of Valor and created a feature that blurs the screen if minors look too closely at it. The new system simply enforces rules that Tencent had in place since last year: barring gamers who are 12 and under from playing more than an hour a day and establishing a curfew of 9PM. Those who are 13 to 18 can play up to two hours a day. Still, the system won't prevent minors from borrowing the phones of their parents and other adults.

Read more of this story at Slashdot.

An anonymous reader quotes a report from TechCrunch: An unexpected declaration by whistleblower Edward Snowden filed in court [last] week adds a new twist in a long-running lawsuit against the NSA's surveillance programs. The case, filed by the EFF a decade ago, seeks to challenge the government's alleged illegal and unconstitutional surveillance of Americans, who are largely covered under the Fourth Amendment's protections against warrantless searches and seizures. It's a big step forward for the case, which had stalled largely because the government refused to confirm that a leaked document was authentic or accurate. News of the surveillance broke in 2006 when an AT&T technician Mark Klein revealed that the NSA was tapping into AT&T's network backbone. He alleged that a secret, locked room -- dubbed Room 641A -- in an AT&T facility in San Francisco where he worked was one of many around the U.S. used by the government to monitor communications -- domestic and overseas. President George W. Bush authorized the NSA to secretly wiretap Americans' communications shortly after the September 11 terrorist attacks in 2001. Much of the EFF's complaint relied on Klein's testimony until 2013, when Snowden, a former NSA contractor, came forward with new revelations that described and detailed the vast scope of the U.S. government's surveillance capabilities, which included participation from other phone giants -- including Verizon (TechCrunch's parent company). Snowden's signed declaration, filed on October 31, confirms that one of the documents he leaked, which the EFF relied heavily on for its case, is an authentic draft document written by the then-NSA inspector general in 2009, which exposed concerns about the legality of the Bush's warrantless surveillance program -- Stellar Wind -- particularly the collection of bulk email records on Americans. "I read its contents carefully during my employment," he said in his declaration. "I have a specific and strong recollection of this document because it indicated to me that the government had been conducting illegal surveillance."

Read more of this story at Slashdot.

An anonymous reader quotes a report from the Electronic Frontier Foundation: The Electronic Frontier Foundation (EFF) launched a virtual reality (VR) experience on its website today that teaches people how to spot and understand the surveillance technologies police are increasingly using to spy on communities. Spot the Surveillance, which works best with a VR headset but will also work on standard browsers, places users in a 360-degree street scene in San Francisco. In the scene, a young resident is in an encounter with police. Users are challenged to identify surveillance tools by looking around the scene. The experience takes approximately 10 minutes to complete. The surveillance technologies featured in the scene include a body-worn camera, automated license plate readers, a drone, a mobile biometric device, and pan-tilt-zoom cameras. The project draws from years of research gathered by EFF in its Street-Level Surveillance project, which shines a light on how police use, and abuse, technology to spy on communities.

Read more of this story at Slashdot.

Tim Berners-Lee has launched a global campaign to save the web from the destructive effects of abuse and discrimination, political manipulation, and other threats that plague the online world. A report adds: In a talk at the opening of the Web Summit in Lisbon on Monday, the inventor of the web called on governments, companies and individuals to back a new "Contract for the Web" that aims to protect people's rights and freedoms on the internet. The contract outlines central principles that will be built into a full contract and published in May 2019, when half of the world's population will be able to get online. More than 50 organisations have already signed the contract, which is published by Berners-Lee's World Wide Web Foundation alongside a report that calls for urgent action. "For many years there was a feeling that the wonderful things on the web were going to dominate and we'd have a world with less conflict, more understanding, more and better science, and good democracy," Berners-Lee told the Guardian. "But people have become disillusioned because of all the things they see in the headlines. Humanity connected by technology on the web is functioning in a dystopian way. We have online abuse, prejudice, bias, polarisation, fake news, there are lots of ways in which it is broken. This is a contract to make the web one which serves humanity, science, knowledge and democracy." Under the principles laid out in the document, which Berners-Lee calls a "Magna Carta for the web", governments must ensure that its citizens have access to all of the internet, all of the time, and that their privacy is respected so they can be online "freely, safely and without fear." Berners-Lee, added, "We're at a 50/50 moment for the web. We've created something amazing together, but half the world is still not online, and our online rights and freedoms are at risk. The web has done so much for us, but now we need to stand up #ForTheWeb." You can watch his talk here (skip the first 10 minutes).

Read more of this story at Slashdot.

The U.S. Supreme Court on Monday refused a request by the Trump administration and the telecommunications industry to wipe away a lower court decision that had upheld Obama-era net neutrality rules aimed at ensuring a free and open internet. The justices' action, however, does not undo the 2017 repeal of the policy. A report adds: The Federal Communications Commission's 2015 order to impose net neutrality rules and strictly regulate broadband was already reversed by Trump's pick for FCC chairman, Ajit Pai. But AT&T and broadband industry lobby groups were still trying to overturn court decisions that upheld the FCC order. A win for the broadband industry could have prevented future administrations from imposing a similarly strict set of rules. The Trump administration supported the industry's case, asking the US Supreme Court to vacate the Obama-era ruling. But the Supreme Court today said it has denied petitions filed by AT&T and broadband lobby groups NCTA, CTIA, USTelecom, and the American Cable Association. Four of nine justices must agree to hear a case, but only three voted to grant the petitions. Further reading: Reuters and Variety.

Read more of this story at Slashdot.

Last Thursday, U.S. Attorney General Jeff Sessions announced charges against Chinese state-owned Fujian Jinhua Integrated Circuit Co. and privately owned United Microelectronics Corporation of Taiwan for stealing an estimated $8.75 billion worth of trade secrets from U.S. semiconductor giant Micron. On Saturday, Fujian Jinhua Integrated Circuit Co denied the charges. "Behavior to steal another firm's technology does not exist," Fujian Jinhua said in a statement. "Micron regards the development of Fujian Jinhua as a threat and adopts various means to hamper and destroy the development of Fujian Jinhua." The company "always attaches great importance to the protection of intellectual property rights," Fujian Jinhua added. Reuters reports: The move to block Fujian Jinhua escalated what until now had been a business dispute into the realm of an international trade conflict between the United States and China. The world's top two economies are already waging a tariff war over their trade disputes, with U.S. duties in place on $250 billion worth of Chinese goods and Chinese duties on $110 billion of U.S. goods. The U.S. moves could seriously damage the ambitions of Fujian Jinhua, a firm of strategic importance to China.

Read more of this story at Slashdot.

An anonymous reader quotes Krebs on Security: A year after offering free credit monitoring to all Americans on account of its massive data breach that exposed the personal information of nearly 148 million people, Equifax now says it has chosen to extend the offer by turning to a credit monitoring service offered by a top competitor -- Experian. And to do that, it will soon be sharing with Experian contact information that affected consumers gave to Equifax in order to sign up for the service... Equifax says it will share the name, address, date of birth, Social Security number and self-provided phone number and email address with Experian for anyone who signed up for its original TrustedID Premier offering. That is, unless those folks affirmatively opt-out of having that information transferred from Equifax to Experian. But not to worry, Equifax says: Experian already has most of this data. "Experian currently has and is using this information (except phone number and email address) in the fulfillment of the Experian file monitoring which is part of your current service with TrustedID Premier," Equifax wrote in its email. Krebs also points out the big problem with all credit monitoring services: "while they might let you know when someone has stolen your identity, they're not likely to prevent that from occurring in the first place." The best mechanism for preventing identity thieves from creating and abusing new accounts in your name is to freeze your credit file with Experian, Equifax and TransUnion. This process is now free for all Americans, and simply blocks potential creditors from viewing your credit file. Since very few creditors are willing to grant new lines of credit without being able to determine how risky it is to do so, freezing your credit file with the Big Three is a great way to stop all sorts of ID theft shenanigans... All three big bureaus tout their credit lock services as an easier and faster alternative to freezes -- mainly because these alternatives aren't as disruptive to their bottom lines.... TransUnion and Equifax both offer free credit lock services, while Experian's is free for 30 days and $19.99 for each additional month. However, TransUnion says those who take advantage of their free lock service agree to receive targeted marketing offers. What's more, TransUnion also pushes consumers who sign up for its free lock service to subscribe to its "premium" lock services for a monthly fee with a perpetual auto-renewal. Unsurprisingly, the bureaus' use of the term credit lock has confused many consumers; this was almost certainly by design. But here's one basic fact consumers should keep in mind about these lock services: Unlike freezes, locks are not governed by any law, meaning that the credit bureaus can change the terms of these arrangements when and if it suits them to do so.

Read more of this story at Slashdot.

Tesla said in a regulatory filing Friday that the SEC and Justice Department are investigating their Model 3 production projections to see if they misled investors. CNBC reports: The filing confirms much of an Oct. 26 article in The Wall Street Journal that said FBI agents were looking at whether Tesla misled investors about production of its Model 3 sedans. The FBI is the principal investigative arm of the Justice Department. The SEC, which just settled its securities fraud investigation against CEO Elon Musk and the company, has separately subpoenaed Tesla for Musk's statements about production rates regarding its popular Model 3 sedan, the company said. DOJ prosecutors have also asked for the same information, although it stopped short of issuing a formal subpoena, the company said in a filing with the SEC. In an interview with Recode's Kara Swisher, Elon Musk denied the validity of the WSJ article. "The amount of untruthful stuff that is written is unbelievable. Take that Wall Street Journal front-page article about, like, 'The FBI is closing in.' That is utterly false. That's absurd," Musk told Swisher. "To print such a falsehood on the front page of a major newspaper is outrageous. Like, why are they even journalists? They're terrible. Terrible people."

Read more of this story at Slashdot.

chiefcrash shares a report from The New York Times about a man who wants to build a community based on the blockchain technology introduced by Bitcoin: An enormous plot of land in the Nevada desert -- bigger than nearby Reno -- has been the subject of local intrigue since a company with no history, Blockchains L.L.C., bought it for $170 million in cash this year. The man who owns the company, a lawyer and cryptocurrency millionaire named Jeffrey Berns, put on a helmet and climbed into a Polaris off-road vehicle last week to give a tour of the sprawling property and dispel a bit of the mystery. He imagines a sort of experimental community spread over about a hundred square miles, where houses, schools, commercial districts and production studios will be built. The centerpiece of this giant project will be the blockchain, a new kind of database that was introduced by Bitcoin. So far, he said, he has spent $300 million on the land, offices, planning and a staff of 70 people. And buying 67,000 largely undeveloped acres is a bit of old-fashioned, real estate risk-taking. Still, Mr. Berns said his ambition was not to be a real estate magnate or even to get rich -- or richer. He is promising to give away all decision-making power for the project and 90 percent of any dividends it generates to a corporate structure that will be held by residents, employees and future investors. That structure, which he calls a "distributed collaborative entity," is supposed to operate on a blockchain where everyone's ownership rights and voting powers will be recorded in a digital wallet. "In a keynote spectacle at Devcon4 in Prague, Berns announced some of their plans for the future, as well as some of their recent activities, such as buying two nuclear bomb shelters, a mountain fortress in Switzerland, and a bank," adds Slashdot reader chiefcrash.

Read more of this story at Slashdot.

In 2011, Iran was able to use Google's search functionality to hack into a secret CIA communication network that was being used to contact agents and informants around the world -- a breach that appears to have triggered the exposure and execution of Agency sources in China and Iran, Yahoo News reported Friday.

Read more of this story at Slashdot.

TTL0 shares a report from The Times of Israel: Iranian infrastructure and strategic networks have come under attack in the last few days by a computer virus similar to Stuxnet but "more violent, more advanced and more sophisticated," and Israeli officials are refusing to discuss what role, if any, they may have had in the operation, an Israeli TV report said Wednesday. "Remember Stuxnet, the virus that penetrated the computers of the Iranian nuclear industry?" the report on Israel's Hadashot news asked. Iran "has admitted in the past few days that it is again facing a similar attack, from a more violent, more advanced and more sophisticated virus than before, that has hit infrastructure and strategic networks." The Iranians, the TV report went on, are "not admitting, of course, how much damage has been caused." On Sunday, Gholamreza Jalali, the head of Iran's civil defense agency, said Tehran had neutralized a new version of Stuxnet, Reuters reported. Stuxnet penetrated Iran's nuclear program, "taking control and sabotaging parts of its enrichment processes by speeding up its centrifuges," the report notes. We'll update this story when more details become available.

Read more of this story at Slashdot.

Two new zero-day vulnerabilities called "Bleeding Bit" have been revealed by security firm Armis, impacting Bluetooth Low-Energy (BLE) chips used in millions of Cisco, Meraki, and Aruba wireless access points (APs). "Developed by Texas Instruments (TI), the vulnerable BLE chips are used by roughly 70 to 80 percent of business wireless access points today by way of Cisco, Meraki and Aruba products," reports ZDNet. From the report: The first vulnerability, CVE-2018-16986, impacts Cisco and Meraki APs using TI BLE chips. Attacks can remotely send multiple benign BLE broadcast messages, called "advertising packets," which are stored on the memory of the vulnerable chip. As long as a target device's BLE is turned on, these packets -- which contain hidden malicious code to be invoked later on -- can be used together with an overflow packet to trigger an overflow of critical memory. If exploited, attackers are able to trigger memory corruption in the chip's BLE stack, creating a scenario in which the threat actor is able to access an operating system and hijack devices, create a backdoor, and remotely execute malicious code. The second vulnerability, CVE-2018-7080, is present in the over-the-air firmware download (OAD) feature of TI chips used in Aruba Wi-Fi access point Series 300 systems. The vulnerability is technically a leftover development backdoor tool. This oversight, the failure to remove such a powerful development tool, could permit attackers to compromise the system by gaining a foothold into a vulnerable access point. "It allows an attacker to access and install a completely new and different version of the firmware -- effectively rewriting the operating system of the device," the company says. "The OAD feature doesn't offer a security mechanism that differentiates a "good" or trusted firmware update from a potentially malicious update."

Read more of this story at Slashdot.

mspohr shares a report from Ars Technica: In September 2018, Shipping & Transit LLC (formerly known as ArrivalStar) filed for Chapter 7 bankruptcy -- voluntary liquidation -- but no one seems to have noticed until the Electronic Frontier Foundation pointed it out on October 31. The company claimed that it held the patent on vehicle tracking and related alerts. But about 15 months ago, judges began to rule against Shipping & Transit for the first time. That seems to have put a damper on its entire business model. Now, according to Shipping & Transit LLC's federal bankruptcy filings, its global patent holdings (34 in the United States and 29 elsewhere) are worth a whopping $2. Meanwhile, it owes more than $423,000 to numerous creditors, including banks, law firms, and something called the "West African Investment Trust," based in Geneva, Switzerland.

Read more of this story at Slashdot.