aggregator

After hunting down torrent sites for more than a decade, Hollywood now has a more complex piracy threat to deal with. From a report: Piracy remains a major threat for the movie industry, MPA Stan McCoy said yesterday during a panel session at the St. Petersburg International Economic Forum. Much like Hollywood, copyright infringers are innovators who constantly change their "business models" and means of obtaining content. Where torrents were dominant a few years ago, illegal streaming devices are now the main threat, with McCoy describing their rise as Piracy 3.0. "Piracy is not a static challenge. The pirates are great innovators in their own right. So even as we innovate in trying to pursue these issues, and pursue novel ways of fighting piracy, the pirates are out there coming up with new business models of their own," McCoy said. "If you think of old-fashioned peer-to-peer piracy as 1.0, and then online illegal streaming websites as 2.0, in the audio-visual sector, in particular, we now face challenge number 3.0, which is what I'll call the challenge of illegal streaming devices."

Read more of this story at Slashdot.

Police should be allowed to unmask anonymous callers who have made serious threats over the phone, the Federal Communications Commission has proposed. From a report: The proposal would allow law enforcement, and potentially the person who's been called, to learn the phone number of an anonymous caller if they receive a "serious and imminent" threat that poses "substantial risk to property, life, safety, or health." Specifics are still up in the air. The FCC is asking (PDF), for instance, whether unveiled caller ID information should only be provided to law enforcement officials investigating a threat, to ensure that this exemption isn't abused.

Read more of this story at Slashdot.

Los Angeles—On Tuesday, June 6, at 9:30 am, the Electronic Frontier Foundation (EFF) and the ACLU Foundation of Southern California will argue that license plate data, collected by police indiscriminately on millions of drivers each day, are not investigative records that police can shield from public scrutiny.

Automated License Plate Readers (ALPRs) are high-speed cameras mounted on light poles and police cars that continuously scan the plates of every passing car. They collect not only the license plate number but also the time, date, and location of each plate scanned, along with a photograph of the vehicle and sometimes its occupants. Police departments store this data for years. Location data like this, especially when stored over time, can reveal sensitive information about the history of a person’s movements, associations, and habits.

EFF submitted public records requests to Los Angeles law enforcement agencies asking for a week’s worth of data collected by the hundreds of ALPR cameras around the city and county of Los Angeles. When the agencies refused, EFF teamed up with ACLU to sue for access to the records. A lower court ruled all license plate data could be withheld from disclosure as “records of law enforcement investigations.”

EFF co-counsel Peter Bibring, director of police practices at the ACLU SoCal, will argue that ALPR data are not investigative records because they are collected indiscriminately on all drivers within view of the cameras—the vast majority of whom are innocent citizens going about their daily lives. The data should be released so the public can understand and scrutinize how this intrusive technology is used.

What: Hearing in ACLU of SoCal and EFF v. Superior Court of Los Angeles

When: Tuesday, June 6, 9:30 am

Where: California Supreme Court
             Ronald Reagan State Office Building
             300 South Spring Street, Third Floor, North Tower
             Los Angeles, California

For more information on this case:
https://www.eff.org/foia/automated-license-plate-readers

For more information on ALPRs:
https://www.eff.org/sls/tech/automated-license-plate-readers

Contact: Jennifer Lynch

MIT officials said U.S. President Donald Trump badly misunderstood their research when he cited it on Thursday to justify withdrawing the United States from the Paris Climate Agreement. From a report: Trump announced during a speech at the White House Rose Garden that he had decided to pull out of the landmark climate deal, in part because it would not reduce global temperatures fast enough to have a significant impact. "Even if the Paris Agreement were implemented in full, with total compliance from all nations, it is estimated it would only produce a two-tenths of one degree Celsius reduction in global temperature by the year 2100," Trump said. "Tiny, tiny amount." That claim was attributed to research conducted by MIT, according to White House documents seen by Reuters. The Cambridge, Massaschusetts-based research university published a study in April 2016 titled "How much of a difference will the Paris Agreement make?" showing that if countries abided by their pledges in the deal, global warming would slow by between 0.6 degree and 1.1 degrees Celsius by 2100. "We certainly do not support the withdrawal of the U.S. from the Paris agreement," said Erwan Monier, a lead researcher at the MIT Joint Program on the Science and Policy of Global Change, and one of the study's authors. "If we don't do anything, we might shoot over 5 degrees or more and that would be catastrophic," said John Reilly, the co-director of the program, adding that MIT's scientists had had no contact with the White House and were not offered a chance to explain their work.

Read more of this story at Slashdot.

The Trump administration has rolled out a new questionnaire for U.S. visa applicants worldwide that asks for social media handles for the last five years and biographical information going back 15 years. From a report: The new questions, part of an effort to tighten vetting of would-be visitors to the United States, was approved on May 23 by the Office of Management and Budget despite criticism from a range of education officials and academic groups during a public comment period. Critics argued that the new questions would be overly burdensome, lead to long delays in processing and discourage international students and scientists from coming to the United States. Under the new procedures, consular officials can request all prior passport numbers, five years' worth of social media handles, email addresses and phone numbers and 15 years of biographical information including addresses, employment and travel history.

Read more of this story at Slashdot.

Economists Djavad Salehi-Isfahani and Mohammad H. Mostafavi-Dehzooeifrom for the Economic Research Forum have released a new report on the results of a basic income scheme launched in Iran in 2011. "In 2011, in response to heavy cuts to oil and gas subsidies, Iran implemented a program that guaranteed citizens cash payments of 29 percent of the nation's median income, which amounts to about $1.50 every day (about $16,000 per year in the U.S.)," reports The Outline. Here are the key findings: The report found no evidence for the idea that people will work less under a universal income, and found that in some cases, like in the service industry, people worked more, expanding their businesses or pursuing more satisfying lines of work. The researchers did find that young people -- specifically people in their twenties -- worked less, but noted that Iran never had a high level of employment among young people, and that they were likely enrolling in school with the added income. The evidence presented in the paper is compelling, but the anecdotal belief that handing people money will make them lazy is hard to shake. "The findings in this paper do not settle this question," the report's authors point out. "What we have accomplished is at the very least to shift the burden of proof on this issue to those who claim cash transfer [sic] make poor people lazy, and to show the need for better data and more research."

Read more of this story at Slashdot.

After President Trump announced his intent to withdraw the U.S. from the Paris Climate Accord, 61 mayors across the country have pledged to adopt the historic agreement themselves. The group of mayors, who represent 36 million Americans and some of the largest U.S. cities, outlined a plan to align with the other 194 nations that adopted the accord. From a statement provided by the climate mayors: We will continue to lead. We are increasing investments in renewable energy and energy efficiency. We will buy and create more demand for electric cars and trucks. We will increase our efforts to cut greenhouse gas emissions, create a clean energy economy, and stand for environmental justice. And if the President wants to break the promises made to our allies enshrined in the historic Paris Agreement, we'll build and strengthen relationships around the world to protect the planet from devastating climate risks. The world cannot wait -- and neither will we.

Read more of this story at Slashdot.

Tesla has fired a female engineer who accused the company of ignoring her complaints of sexual harassment and paying her less than her male counterparts. AJ Vandermeyden, who went public with her discrimination lawsuit against Tesla in February, was dismissed from the company this week. The Guardian reports: Vandermeyden had claimed she was taunted and catcalled by male employees and that Tesla failed to address her complaints about the harassment, unequal pay and discrimination. "It's shocking in this day and age that this is still a fight we have to have," she said at the time. In a statement to the Guardian, Tesla confirmed the company had fired Vandermeyden, saying it had thoroughly investigated the employee's allegations with the help of "a neutral, third-party expert" and concluded her complaints were unmerited. "Despite repeatedly receiving special treatment at the expense of others, Ms Vandermeyden nonetheless chose to pursue a miscarriage of justice by suing Tesla and falsely attacking our company in the press," a Tesla spokesperson said. "After we carefully considered the facts on multiple occasions and were absolutely convinced that Ms Vandermeyden's claims were illegitimate, we had no choice but to end her employment at Tesla."

Read more of this story at Slashdot.

An anonymous reader quotes a report from MIT Technology Review: An aggressive new cybersecurity and data protection law in China that goes into effect today will have global ripple effects, and could serve as a model for other governments. But the Chinese government has also left many parts of the law vague -- likely an intentional move meant to allow the country to stake out its own sense of "cyber sovereignty" while waiting to see how the U.S., Europe, and others decide to regulate the flow of data across international borders. The new law is a resounding announcement from China that it intends to be a global player in controlling perhaps the most precious commodity of the digital economy: data. It's hard to know how the law will actually change things because the most controversial aspects of it are so vague. Among them is a requirement that certain companies submit their products to the government for cybersecurity checks, which may even involve reviewing source code. How often it would be required, and how the government will determine which products must be reviewed is unknown. This could come into play as part of China's broader regulatory push to expand law enforcement's power to access data during criminal investigations. Another vague directive calls for companies to store certain data within the country's borders, in the interest of safeguarding sensitive information from espionage or other foreign meddling. The government has delayed the implementation of this change until the end of 2018, however.

Read more of this story at Slashdot.

Krystalo quotes a report from VentureBeat: Google has paid security researchers millions of dollars since launching its bug bounty program in 2010. The company today expanded its Android Security Rewards program because "no researcher has claimed the top reward for an exploit chain in two years." Right. Well, the program has only been around for two years -- a Google spokesperson confirmed that nobody has ever claimed the top reward. The Android team is making two bug bounty increases today. The reward for a remote exploit chain or exploit leading to TrustZone or Verified Boot compromise has quadrupled from $50,000 to $200,000. The reward for a remote kernel exploit has quintupled from $30,000 to $150,000. Want to make six figures? Just figure out how to hack Android.

Read more of this story at Slashdot.

schwit1 quotes a report from Miami Herald: A Hollywood man must serve 180 days in jail for refusing to give up his iPhone password to police, a Broward judge ruled Tuesday -- the latest salvo in intensifying legal battles over law-enforcement access to smartphones. Christopher Wheeler, 41, was taken into custody in a Broward Circuit Court, insisting he had already provided the pass code to police investigating him for child abuse, although the number did not work. "I swear, under oath, I've given them the password," a distraught Wheeler, his hands handcuffed behind his back, told Circuit Judge Michael Rothschild, who earlier in May found the man guilty of contempt of court. As Wheeler was jailed Tuesday, the same issue was unfolding in Miami-Dade for a man accused of extorting a social-media celebrity over stolen sex videos. That man, Wesley Victor, and his girlfriend had been ordered by a judge to produce a passcode to phones suspected of containing text messages showing their collusion in an extortion plot. Victor claimed he didn't remember the number. He prevailed. On Tuesday, Miami-Dade Circuit Judge Charles Johnson ruled that there was no way to prove that Victor actually remembered his passcode, more than 10 months after his initial arrest. Johnson declined to hold the man in contempt of court. Wheeler will eventually be allowed to post bond pending an appeal. If he gives up a working pass code, he'll be allowed out of jail, Judge Rothschild told him.

Read more of this story at Slashdot.

It's official. President Donald Trump announced today that the United States will withdraw from the Paris climate agreement, following through on a pledge he made during the presidential campaign. Trump said the Paris agreement "front loads costs on American people. In order to fulfill my solemn duty to protect America and its citizens, the United States will withdraw from the Paris climate accord but begin negotiations to reenter either the Paris accord or an entirely new transaction on terms that are fair to the United States," the president said. "We are getting out. But we will start to negotiate, and we will see if we can make a deal that's fair. And if we can, that's great." Trump said that the United States will immediately "cease all implementation of the non-binding Paris accord" and what he said were "draconian financial" and other burdens imposed on the country by the accord. This means that Elon Musk will leave Trump's Business Advisory Council. On Wednesday, Musk said he did "all he could to advise directly to Trump." (Update: Elon Musk is staying true to his words. Following the announcement, Musk tweeted, "Am departing presidential councils. Climate change is real. Leaving Paris is not good for America or the world.) Twenty-five companies, including Adobe, Apple, Facebook, Google, HP, Microsoft, Salesforce, Morgan Stanley, Intel signed on to a letter which was published on the New York Times and Wall Street Journal today arguing in favor of climate pact. Update: Former president Barack Obama said the U.S. "joins a small handful of nations that reject the future."

Read more of this story at Slashdot.

Reader tsu doh nimh writes: OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data, KrebsOnSecurity reports. "A breach that allowed intruders to decrypt customer data could be extremely damaging for affected customers. After OneLogin customers sign into their account, the service takes care of remembering and supplying the customer's usernames and passwords for all of their other applications."

Read more of this story at Slashdot.

Headed on a trip? You may soon be able to ditch your boarding pass in favor of your fingers or face. From a report: Delta announced, on Wednesday, a new biometric identification pilot program that will eventually let you use your fingerprints instead of a plane ticket (Editor's note: the link could be paywalled; alternative source). That followed a JetBlue announcement hours earlier that it is testing a program in Boston that will match pictures of customers' faces with the passport database maintained by U.S. Custom and Border Protections. Delta's program, which kicked off at Washington's Reagan National Airport, is in partnership with Clear, a company that already lets customers skip to the front of security lines without identification.

Read more of this story at Slashdot.

Two anonymous readers share a report: Shifting from his previous blanket denials, President Vladimir V. Putin of Russia said on Thursday that "patriotically minded" private Russian hackers could have been involved in cyberattacks last year to help the presidential campaign of Donald J. Trump (Editor's note: the link could be paywalled; alternative source). While Mr. Putin continued to deny any state role, his comments to reporters in St. Petersburg were a departure from the Kremlin's previous position: that Russia had played no role whatsoever in the hacking of the Democratic National Committee and that, after Mr. Trump's victory, the country had become the victim of anti-Russia hysteria among crestfallen Democrats. Raising the possibility of attacks by what he portrayed as free-spirited Russian patriots, Mr. Putin said that hackers "are like artists" who choose their targets depending how they feel "when they wake up in the morning."

Read more of this story at Slashdot.

An anonymous reader quotes a report from The Hill: A group of Democratic senators is asking the FBI to investigate an alleged cyberattack on the Federal Communications Commission (FCC) website earlier this month. In a letter to acting FBI Director Andrew McCabe sent Wednesday, the senators asked the bureau to "investigate the source" of the distributed denial-of-service (DDoS) attack. "Any cyberattack on a federal network is very serious," Democratic Sens. Brian Schatz (Hawaii), Al Franken (Minn.), Patrick Leahy (Vt.), Ed Markey (Mass.), and Ron Wyden (Ore.) wrote. "This particular attack may have denied the American people the opportunity to contribute to what is supposed to be a fair and transparent process, which in turn may call into question the integrity of the FCC's rulemaking proceedings," they wrote. In the Wednesday letter to McCabe, the senators asked to be briefed by the FBI on the matter by June 23. "We ask that the FBI prioritize this matter and investigate the source of this attack," they wrote. On May 8, the FCC claimed that it was a victim of "multiple" DDoS attacks. The alleged attacks occurred after comedian John Oliver spurred millions of Americans to file comments with the FCC in favor of net neutrality. "Many had attributed the website's slowdown to the volume of comments produced by Oliver's segment, but the FCC instead blamed malicious actors days later," reports The Hill.

Read more of this story at Slashdot.

Mats Jarlstrom, an electrical engineer fined by the Oregon engineering board for calling himself an "engineer" and talking about traffic lights, has been granted the temporary right by a judge to both publicly call himself an "engineer" and talk about traffic lights. Jason Koebler reports via Motherboard: Last month, Jarlstrom sued the engineering board for violating his First Amendment rights, and Tuesday a federal judge gave Jarlstrom the temporary right to call himself an engineer, pending the results of his case. "Plaintiff Jarlstrom may study, communicate publicly about, and communicate privately his theories relating to traffic lights throughout the pendency of this litigation as long as [his] communications occur outside the context of a paid employment or contractual relationship," Anna Brown, a federal district court judge for the district of Oregon, ordered. He "may describe himself publicly and privately using the word 'engineer' throughout the pendency of this litigation." Jarlstrom's attorneys say this is a promising sign and a "critical first step in protecting Oregonians' First Amendment rights."

Read more of this story at Slashdot.

mspohr shares an excerpt from an article written by Cory Doctorow via The Guardian: The inequality of badly-run or corrupt states is boosted by the power of technology -- but it's also easier than ever to destabilize these states, thanks to technology. The question is: which future will prevail?" [The article discusses two sides to the issue:] Here's the bad news: technology -- specifically, surveillance technology -- makes it easier to police disaffected populations, and that gives badly run, corrupt states enough stability to get themselves into real trouble. Here's the good news: technology -- specifically, networked technology -- makes it easier for opposition movements to form and mobilize, even under conditions of surveillance, and to topple badly run, corrupt states. Long before the internet radically transformed the way we organize ourselves, theorists were predicting we'd use computers to achieve ambitious goals without traditional hierarchies -- but it was a rare pundit who predicted that the first really successful example of this would be an operating system (GNU/Linux), and then an encyclopedia (Wikipedia). [Cory also has a new novel, Walkaway , which explores these ideas further.] The future will see a monotonic increase in the ambitions that loose-knit groups can achieve. My new novel, Walkaway, tries to signpost a territory in our future in which the catastrophes of the super-rich are transformed into something like triumphs by bohemian, anti-authoritarian "walkaways" who build housing and space programs the way we make encyclopedias today: substituting (sometimes acrimonious) discussion and (sometimes vulnerable) networks for submission to the authority of the ruling elites.

Read more of this story at Slashdot.

The Electronic Frontier Foundation is suing the FBI for records "about the extent to which it directs and trains Best Buy employees to conduct warrantless searches of people's devices." The lawsuit stems around an incident in 2011 where a gynecology doctor took his computer for repairs at Best Buy's Geek Squad. The repair technician was a paid FBI informant that found child pornography on the doctor's computer, ultimately resulting in the doctor being charged with possessing child pornography. From the EFF's report: A federal prosecution of a doctor in California revealed that the FBI has been working for several years to cultivate informants in Best Buy's national repair facility in Brooks, Kentucky, including reportedly paying eight Geek Squad employees as informants. According to court records in the prosecution of the doctor, Mark Rettenmaier, the scheme would work as follows: Customers with computer problems would take their devices to the Geek Squad for repair. Once Geek Squad employees had the devices, they would surreptitiously search the unallocated storage space on the devices for evidence of suspected child porn images and then report any hits to the FBI for criminal prosecution. Court records show that some Geek Squad employees received $500 or $1,000 payments from the FBI. At no point did the FBI get warrants based on probable cause before Geek Squad informants conducted these searches. Nor are these cases the result of Best Buy employees happening across potential illegal content on a device and alerting authorities. Rather, the FBI was apparently directing Geek Squad workers to conduct fishing expeditions on people's devices to find evidence of criminal activity. Prosecutors would later argue, as they did in Rettenmaier's case, that because private Geek Squad personnel conducted the searches, there was no Fourth Amendment violation. The judge in Rettenmaier's case appeared to agree with prosecutors, ruling earlier this month that because the doctor consented both orally and in writing to the Geek Squad's search of his device, their search did not amount to a Fourth Amendment violation. The court, however, threw out other evidence against Rettenmaier after ruling that FBI agents misstated key facts in the application for a warrant to search his home and smartphone. We disagree with the court's ruling that Rettenmaier consented to a de-facto government search of his devices when he sought Best Buy's help to repair his computer. But the court's ruling demonstrates that law enforcement agents are potentially exploiting legal ambiguity about when private searches become government action that appears intentionally designed to try to avoid the Fourth Amendment.

Read more of this story at Slashdot.

The Federal Trade Commission announced that refunds are now available for parents whose children made in-app purchases without their knowledge. Amazon dropped its appeal of last year's ruling by a federal judge who sided with the Federal Trade Commission in the agency's lawsuit again Amazon. According to a TechCrunch report, "the FTC's original complaint said that Amazon should be liable for millions of dollars it charged customers, because of the way its Appstore software was designed -- that is, it allowed kids to spend unlimited amounts of money in games and other apps without requiring parental consent." CNNMoney reports: According to the FTC, more than $70 million in charges may be eligible for refunds on in-app purchases made between November 2011 and May 2016. In 2014, Apple and Google refunded customers whose children made purchases in their mobile app stores, and the companies were forced to be more explicit about in-app purchases. Both firms no longer call apps "free" when they are free to download but have upgrades you can buy. Amazon sent eligible consumers an email to receive a refund. If you didn't get one and think you should be eligible, you can click here, or go to the Message Center to find out more information.

Read more of this story at Slashdot.