Get HideMyAss! VPN, PC Mag's Top 10 VPNs of 2016 for 55% off for a Limited Time ×
China

China Bans Internet News Reporting As Media Crackdown Widens (bloomberg.com) 24

Earlier this month we learned that China had banned the use of social media as a news source. The local government feared that if news outlets were to report using signals coming from social media, there was a chance that fake, non-credible, and rumors would slip through the filter. It was absurd, to say the least, considering the government itself has been reportedly caught of posting a copious amount of misleading information on domestic social media platforms. In the latest wrinkle to the whole situation, the world's largest nation is now banning internet news reporting. Long time reader schwit1 shares a Bloomberg report on the same: China's top internet regulator ordered major online companies including Sina Corp. and Tencent Holdings Ltd. to stop original news reporting, the latest effort by the government to tighten its grip over the country's web and information industries. The Cyberspace Administration of China imposed the ban on several major news portals, including Sohu.com Inc. and NetEase Inc., Chinese media reported in identically worded articles citing an unidentified official from the agency's Beijing office. The companies have "seriously violated" internet regulations by carrying plenty of news content obtained through original reporting, causing "huge negative effects," according to a report that appeared in The Paper on Sunday. The agency instructed the operators of mobile and online news services to dismantle "current-affairs news" operations on Friday, after earlier calling a halt to such activity at Tencent, according to people familiar with the situation. Like its peers, Asia's largest internet company had developed a news operation and grown its team. Henceforth, they and other services can only carry reports provided by government-controlled print or online media, the people said, asking not to be identified because the issue is politically sensitive.
Microsoft

Microsoft Can't Shield User Data From Government, Says Government (bloomberg.com) 83

Microsoft is now arguing in court that their customers have a right to know when the government is reading their e-mail. But "The U.S. said federal law allows it to obtain electronic communications without a warrant or without disclosure of a specific warrant if it would endanger an individual or an investigation," according to Bloomberg. An anonymous reader quotes their report: The software giant's lawsuit alleging that customers have a constitutional right to know if the government has searched or seized their property should be thrown out, the government said in a court filing... The U.S. says there's no legal basis for the government to be required to tell Microsoft customers when it intercepts their e-mail... The Justice Department's reply Friday underscores the government's willingness to fight back against tech companies it sees obstructing national security and law enforcement investigations...

Secrecy orders on government warrants for access to private e-mail accounts generally prohibit Microsoft from telling customers about the requests for lengthy or even unlimited periods, the company said when it sued. At the time, federal courts had issued almost 2,600 secrecy orders to Microsoft alone, and more than two-thirds had no fixed end date, cases the company can never tell customers about, even after an investigation is completed.

United States

New Illinois Law Limits Police Use Of Cellphone-Tracking Stingray (go.com) 27

An anonymous Slashdot reader quotes a report from ABC News: A new Illinois law limits how police can use devices that cast a wide net in gathering cellphone data... [Stingray] gathers phone-usage data on targets of criminal investigations, but it also gathers data on other cellphones -- hundreds or even thousands of them -- in the area. The new law requires police to delete the phone information of anyone who wasn't an investigation target within 24 hours. It also prohibits police from accessing data for use in an investigation not authorized by a judge.

A dozen other states have adopted such regulations, and Congress is considering legislation that would strengthen federal guidelines already in place... Privacy advocates worry that without limits on how much data can be gathered or how long it can be stored, law enforcement could use the technology to build databases that track the behavior and movement of people who are not part of criminal investigations.

Earlier this month a U.S. judge threw out evidence gathered with Stingray for the first time, saying that without a search warrant, "the government may not turn a citizen's cell phone into a tracking device." The ACLU has identified 66 agencies in 24 states using Stingray technology, "but because many agencies continue to shroud their purchase and use of stingrays in secrecy, this map dramatically underrepresents the actual use of stingrays by law enforcement agencies nationwide."
Democrats

Clinton Campaign: Russia Leaked Emails to Help Trump (washingtonpost.com) 523

An anonymous Slashdot reader quotes the Washington Post: A top official with Hillary Clinton's campaign on Sunday accused the Russian government of orchestrating the release of damaging Democratic Party records in order to help the campaign of Republican Donald Trump -- and some cyber security experts in the U.S. and overseas agree. The extraordinary charge came as some national security officials have been growing increasingly concerned about possible efforts by Russia to meddle in the election, according to several individuals familiar with the situation.

Late last week, hours before the records were released by the website Wikileaks, the White House convened a high-level security meeting to discuss reports that Russia had hacked into systems at the Democratic National Committee... Officials from various intelligence and defense agencies, including the National Security Council, the Department of Defense, the FBI and the Department of Homeland Security, attended the White House meeting Thursday, on the eve of the email release.

Clinton's campaign manager told ABC News "some experts are now telling us that this was done by the Russians for the purpose of helping Donald Trump." Donald Trump's son later responded, "They'll say anything to be able to win this."
EU

EU To Give Free Security Audits To Apache HTTP Server and Keepass (softpedia.com) 65

An anonymous reader writes: The European Commission announced on Wednesday that its IT engineers would provide a free security audit for the Apache HTTP Server and KeePass projects. The two projects were selected following a public survey that included several open-source projects deemed important for both the EU agencies and the wide public.

The actual security audit will be carried out by employees of the IT departments at the European Commission and the European Parliament. This is only a test pilot program that's funded until the end of the year, but the EU said it would be looking for funding to continue it past its expiration date in December 2016.

Security

Can Iris-Scanning ID Systems Tell the Difference Between a Live and Dead Eye? (ieee.org) 89

the_newsbeagle writes: Iris scanning is increasingly being used for biometric identification because it's fast, accurate, and relies on a body part that's protected and doesn't change over time. You may have seen such systems at a border crossing recently or at a high-security facility, and the Indian government is currently collecting iris scans from all its 1.2 billion citizens to enroll them in a national ID system. But such scanners can sometimes be spoofed by a high-quality paper printout or an image stuck on a contact lens.

Now, new research has shown that post-mortem eyes can be used for biometric identification for hours or days after death, despite the decay that occurs. This means an eye could theoretically be plucked from someone's head and presented to an iris scanner. The same researcher who conducted that post-mortem study is also looking for solutions, and is working on iris scanners that can detect the "liveness" of an eye. His best method so far relies on the unique way each person's pupil responds to a flash of light, although he notes some problems with this approach.

Government

Almost Half Of All TSA Employees Have Been Cited For Misconduct (mercurynews.com) 123

Slashdot reader schwit1 writes: Almost half of all TSA employees have been cited for misconduct, and the citations have increased by almost 30 percent since 2013... It also appears that the TSA has been reducing the sanctions it has been giving out for this bad behavior.
Throughout the U.S., the airport security group "has instead sought to treat the misconduct with 'more counseling and letters that explain why certain behaviors were not acceptable'," according to a report from the House Homeland Security Commission, titled "Misconduct at TSA Threatens the Security of the Flying Public". It found 1,206 instances of "neglect of duty", and also cited the case of an Oakland TSA officer who for two years helped smugglers slip more than 220 pounds of marijuana through airport security checkpoints, according to the San Jose Mercury News.

The newspaper adds that "The misconduct ranges from salacious (federal air marshals spending government money on hotel rooms for romps with prostitutes) to downright dangerous (an officer in Orlando taking bribes to smuggle Brazilian nationals through a checkpoint without questioning)." Their conclusion? "The TSA's job is to make airline passengers feel safer and, not incidentally, actually make us safer. It's failing on both."
The Almighty Buck

Maximizing Economic Output With Linear Programming...and Communism (medium.com) 485

Slashdot reader mkwan writes: Economies are just a collection of processes that convert raw materials and labour into useful goods and services. By representing these processes as a series of equations and solving a humongous linear programming problem, it should be possible to maximize an economy's GDP. The catch? The economy needs to go communist.
"[P]oorest members would receive a basic income that gradually increases as the economy becomes more efficient, plateauing at a level where they can afford everything they want to consume," argues the article, while "The middle classes wouldn't see much change. They would continue to work in a regular job for a regular -- but steadily increasing -- wage... Without the ability to own real-estate, companies, or intellectual property, it would be almost impossible to become rich, especially since the only legal source of income would be from a government job."
Security

Microsoft Rewrites Wassenaar Arms Control Pact To Protect The Infosec Industry (theregister.co.uk) 20

The Wassenaar Arrangement "is threatening to choke the cyber-security industry, according to a consortium of cyber-security companies...supported by Microsoft among others," reports SC Magazine. "'Because the regulation is so overly broad, it would require cyber responders and security researchers to obtain an export license prior to exchanging essential information to remediate a newly identified network vulnerability, even when that vulnerability is capable of being exploited for purposes of surveillance,' wrote Alan Cohn from the CRC on a Microsoft blog." Reporter Darren Pauli contacted Slashdot with this report: If the Wassenaar Arrangement carries through under its current state, it will force Microsoft to submit some 3800 applications for arms export every year, company assistant general counsel Cristin Goodwin says... The Wassenaar Arrangement caught all corners of the security industry off guard, but its full potentially-devastating effects will only be realised in coming months and years... Goodwin and [Symantec director of government affairs] Fletcher are calling on the industry to lobby their agencies to overhaul the dual-use software definition of the Arrangement ahead of a closed-door meeting in September where changes can be proposed.
AT&T

FCC Calls On Phone Companies To Offer Free Robocall Blocking (fastcompany.com) 120

The FCC chairman on Friday pressed major U.S. phone companies to take immediate steps to develop technology that blocks unwanted automated calls available to consumers at no charge. Chairman Tom Wheeler, in letters to CEOs of Verizon Communications, AT&T, Sprint, US Cellular, Level 3 Communications, Frontier Communications, Bandwidth.com, and T-Mobile, said that so-called robocalls, automated pre-recorded telephone calls often from telemarketers or scam artists continue because the industry isn't taking any action. Wheeler demands answers with "concrete, actionable solutions to address these issues" within 30 days. A report on FastCompany adds: Wheeler also urged carriers to create a list of institutions like government agencies and banks that are commonly impersonated by scammers and filter out overseas callers impersonating them through falsified caller ID data
Government

Texas Man Who Acted As Russian Agent Gets 10 Years' Prison (go.com) 83

An anonymous reader quotes a report from ABC News: A Texas man who acted as a secret agent for the Russian government and illegally exported cutting-edge military technology to Russia has been sentenced to 10 years in prison. Alexander Fishenko learned his punishment Thursday in federal court in New York. He pleaded guilty in September to crimes including acting as a Russian agent. The 50-year-old Fishenko is a U.S. and Russian citizen. He owned Houston-based Arc Electronics Inc. Prosecutors say he led a scheme that evaded strict export controls for micro-electronics commonly used in missile guidance systems, detonation triggers and radar systems. Prosecutors say his company shipped about $50 million worth of technologies to Russia between 2002 and 2012. In other Russian-related news, a Russian government-owned news site Sputnik has reported that the Kremlin is building a nuclear space bomber that should be flight-ready by 2020.
DRM

EFF Is Suing the US Government To Invalidate the DMCA's DRM Provisions (boingboing.net) 92

Cory Doctorow, writes for BoingBoing: The Electronic Frontier Foundation has just filed a lawsuit that challenges the Constitutionality of Section 1201 of the DMCA, the "Digital Rights Management" provision of the law, a notoriously overbroad law that bans activities that bypass or weaken copyright access-control systems, including reconfiguring software-enabled devices (making sure your IoT light-socket will accept third-party lightbulbs; tapping into diagnostic info in your car or tractor to allow an independent party to repair it) and reporting security vulnerabilities in these devices. EFF is representing two clients in its lawsuit: Andrew "bunnie" Huang, a legendary hardware hacker whose NeTV product lets users put overlays on DRM-restricted digital video signals; and Matthew Green, a heavyweight security researcher at Johns Hopkins who has an NSF grant to investigate medical record systems and whose research plans encompass the security of industrial firewalls and finance-industry "black boxes" used to manage the cryptographic security of billions of financial transactions every day. Both clients reflect the deep constitutional flaws in the DMCA, and both have standing to sue the US government to challenge DMCA 1201 because of its serious criminal provisions (5 years in prison and a $500K fine for a first offense).Doctorow has explained aspects of this for The Guardian today. You should also check Huang's blog post on this.
Blackberry

BlackBerry CEO 'Disturbed' By Apple's Hard Line On Encryption (theinquirer.net) 199

An anonymous reader writes: BlackBerry CEO John Chen said he is "disturbed" by Apple's tough approach to encryption and user privacy, warning that the firm's attitude is harmful to society. Earlier this year, Chen said in response to Apple resisting the government's demands to unlock an iPhone belonging to one of the San Bernardino shooters: "We are indeed in a dark place when companies put their reputations above the greater good." During BlackBerry's Security Summit in New York this week, Chen made several more comments about Apple's stance on encryption. "One of our competitors, we call it 'the other fruit company,' has an attitude that it doesn't matter how much it might hurt society, they're not going to help," he said. "I found that disturbing as a citizen. I think BlackBerry, like any company, should have a basic civil responsibility. If the world is in danger, we should be able to help out." He did say there was a lot of "nonsense" being reported about BlackBerry and its approach to how it handles user information. "Of course, there need to be clear guidelines. The guidelines we've adopted require legal assets. A subpoena for certain data. But if you have the data, you should give it to them," he said. "There's some complete nonsense about what we can and can't do. People are mad at us that we let the government have the data. It's absolute garbage. We can't do that." Chen also warned that mandatory back doors aren't a good idea either, hinting at the impending Investigatory Powers Bill. "There's proposed legislation in the U.S., and I'm sure it will come to the EU, that every vendor needs to provide some form of a back door. That is not going to fly at all. It just isn't," he said.
Advertising

China Bans Ad Blocking (adexchanger.com) 103

An anonymous reader writes: Two weeks ago, China released its first ever set of digital ad regulations that impacted Chinese market leaders like Baidu and Alibaba. "But hidden among (the new regulations) is language that would seem to all but ban ad blocking," wrote Adblock Plus (ABP) operations manager Ben Williams in a blog post Wednesday. The new regulations prohibit "the use of network access, network devices, applications, and the disruption of normal advertising data, tampering with or blocking others doing advertising business (or) unauthorized loading the ad." There is also a clause included that addresses tech companies that "intercept, filter, cover, fast-forward and [impose] other restrictions" on online ad campaigns. ABP general counsel Kai Recke said in an email to AdExchanger that the Chinese State Administration for Industry and Commerce (SAIC) has much more control over the market than its otherwise equal U.S. counterpart, the Federal Communications Commission (FCC). "After all it looks like the Chinese government tries to get advertising more under their control and that includes that they want to be the only ones to be allowed to remove or alter ads," said Recke. "Ad-block users are a distinct audience and they require a distinct strategy and ways to engage them," said ABP CEO Till Faida at AdExchanger's Clean Ads I/O earlier this year. "They have different standards they've expressed for accessing them, and advertising has to reflect that."
The Internet

Engineer Gets Tired Of Waiting For Telecom Companies To Wire His town -- So He Does It Himself (backchannel.com) 106

Gurb, 75 kilometers north of Barcelona, is a quiet farming community of 2,500. It has suddenly become a popular place, thanks to being the birthplace of Guifi.net, one of the world's "most important experiments in telecommunications." It was built by an engineer who got tired of waiting for Telefonica, the Spanish telecom giant, to provide internet access to the people of his community. At first he wanted an internet access for himself, but it soon became clear that he also wanted to help his neighbors. Guifi has grown from a single wifi node in 2004, to 30,000 working nodes today, including some fiber connections, with thousands more in the planning stages. An article on Backchannel today documents the tale of Guifi. From the article: The project is a testament to tireless efforts -- in governance, not just in adding hardware and software -- by Ramon Roca (the engineer who started it) and his colleagues. They've been unwavering in their commitment to open access, community control, network neutrality, and sustainability. In 2004, he bought some Linksys WiFI hackable routers with a mission to get himself and his neighbors connected to the Internet. This is how he did it: Roca turned on a router with a directional antenna he'd installed at the top of a tall building near the local government headquarters, the only place in town with Internet access -- a DSL line Telefonica had run to municipal governments throughout the region. The antenna was aimed, line of sight, toward Roca's home about six kilometers away. Soon, neighbors started asking for connections, and neighbors of neighbors, and so on. Beyond the cost of the router, access was free. Some nodes were turned into "supernodes" -- banks of routers in certain locations, or dedicated gear that accomplishes the same thing -- that could handle much more traffic in more robust ways. The network connected to high-capacity fiber optic lines, to handle the growing demand, and later connected to a major "peering" connection to the global Internet backbone that provides massive bandwidth. Guifi grew, and grew, and grew. But soon it became clear that connecting more and more nodes wasn't enough, so he created a not-for-profit entity, the Guifi.net Foundation. The foundation, thanks to its cause and a cheerful community, has received over a million Euros to date -- from various sources including several levels of government. But as the article notes, a million Euros is a drop in the bucket next to the lavish subsidies and favors that state-approved monopolies such as Telefonica have enjoyed for decades. The article adds: The Guifi Foundation isn't the paid provider of most Internet service to end-user (home and business) customers. That role falls to more than 20 for-profit internet service providers that operate on the overall platform. The ISPs share infrastructure costs according to how much demand they put on the overall system. They pay fees to the foundation for its services -- a key source of funding for the overall project. Then they offer various kinds of services to end users, such as installing connections -- lately they've been install fiber-optic access in some communities -- managing traffic flows, offering email, handling customer and technical support, and so on. The prices these ISPs charge are, to this American (Editor's note: the author is referring to himself) who's accustomed to broadband-cartel greed, staggeringly inexpensive: 18 to 35 Euros (currently about $26-$37) a month for gigabit fiber, and much less for slower WiFi. Community ownership and ISP competition does wonders for affordability. Contrast this with the U.S. broadband system, where competitive dial-up phone access -- phone companies were obliged to let all ISPs use the lines as the early commercial Internet flourished in the 1990s -- gave way to a cartel of DSL and cable providers. Except in a few places where there's actual competition, we pay way more for much less.Read the story in its entirety here.
Cloud

Amazon Isn't Saying If Echo Has Been Wiretapped (zdnet.com) 85

An anonymous reader writes from a report via ZDNet: Since announcing how many government data requests and wiretap orders it receives, Amazon has so far issued two transparency reports. The two reports outline how many subpoenas, search warrants, and court orders the company received to cloud service, Amazon Web Services. The cloud makes up a large portion of all the data Amazon gathers, but the company does also collect vast amounts of data from its retail businesses, mobile services, book purchases, and requests made to Echo. The company's third report is due to be released in a few weeks but an Amazon spokesperson wouldn't comment on whether or not the company will expand its transparency report to include information regarding whether or not the Amazon Echo has been wiretapped. There are reportedly more than three million Amazon Echo speakers out in the wild. Gizmodo filed a freedom of information (FOIA) request with the FBI earlier this year to see if the agency had wiretapped an Echo as part of a criminal investigation. The FBI didn't confirm or deny wiretapping the Echo. Amazon was recently awarded a patent for drone docking and recharging stations that would be built on tall, existing structures like lampposts, cell towers, or church steeples.
Government

WikiLeaks Releases 300K Turkey Government Emails In Response To Erdogan's Post-Coup Purges (rt.com) 230

An anonymous reader quotes a report from RT: Despite a massive cyberattack on its website, WikiLeaks has published the first batch of nearly 300,000 emails from the Turkish ruling AKP party's internal server and thousands of attached files in response to the Ankara government's widespread post-coup purges. Some 294,548 emails pertaining to Turkish president Recep Tayyip Erdogan's Justice and Development Party (AKP) were made public on Tuesday at 11:00pm Ankara time. WikiLeaks says that the release of almost 300,000 email bodies together with several thousand attached files, is just part one in the series and encompasses 762 mailboxes beginning with 'A' through to 'I.' All emails are attributed to "akparti.org.tr," the primary domain of the main political force in the country, and cover a period from 2010 up until July 6, 2016, just a week before the failed military coup. The NGO also revealed that one of the emails contained an Excel database of the cell phone numbers of AKP deputies. Prior to the release WikiLeaks suffered a "sustained attack" as it warned that Turkish government entities might try to interfere with the publication of the AKP material. The attacks are still continuing and users are experiencing difficulties in accessing the material. WikiLeaks reassured the public that they are "winning" the battle. A few hours after the release, WikiLeaks tweeted a screenshot showing the database to be blocked in Turkey, claiming that Ankara "ordered [the release] to be blocked nationwide." More than 200 people have died and over 1,400 injured from the attempted coup. Thousands of people have also been detained and/or lost their posts across the judiciary, military, interior ministry and civil service sectors. The Turkish president Erdogan is blaming the U.S.-based cleric Fethullah Gulen for orchestrating the attempted coup.
Government

Library of Congress Hit With a Denial-Of-Service Attack (fedscoop.com) 22

An anonymous reader writes: The Library of Congress (LOC) announced via Twitter Monday that they were the target of a denial-of-service attack. The attack was detected on July 17 and has caused other websites hosted by the LOC, including the U.S. Copyright Office, to go down. In addition, employees of the Library of Congress were unable to access their work email accounts and to visit internal websites. The outages continue to affect some online properties managed by the library. "In June 2015, the Government Accountability Office, or GAO, published a limited distribution report -- undisclosed publicly though it was sourced in a 2015 GAO testimony to the Committee on House Administration -- highlighting digital security deficiencies apparent at the Library of Congress, including poor software patch management and firewall protections," reports FedScoop.
EU

UK 'Emergency' Bulk Data Slurp Permissible In Pursuit Of 'Serious Crime' (theregister.co.uk) 48

An anonymous reader writes: Bulk collection of data from phone calls and emails by carriers acting under government orders could be permissible in the pursuit of 'serious crime'. That's the preliminary ruling in a case brought by Brexit chief minister David Davis against PM Theresa May before the European Union's highest court. The ruling suggests bulk collection and retention of customer data might not be in breach of the EU Charter of Fundamental Rights -- if it's done legally and with safeguards. Davis with Labour Party deputy leader Tom Watson and others brought their case to the European Court of Justice in February.
Censorship

Brazil Judge Orders Phone Carriers To Block WhatsApp Message App (reuters.com) 109

A Brazilian judge has ordered wireless phone carriers to block access to Facebook's WhatsApp indefinitely, starting on Tuesday, the third such incident against the popular phone messaging app in eight months. Reuters report: The decision by Judge Daniela Barbosa Assuncao de Souza in the southeastern state of Rio de Janeiro applies to Brazil's five wireless carriers. The reason for the order was not known due to legal secrecy in an ongoing case, and will only be lifted once Facebook surrenders data, Souza's office said. Sao Paulo-based representatives at WhatsApp, which is owned by Facebook Inc, as well as the Brazilian five carriers -- Telefonica Brasil SA, America Movil SAB's Claro, TIM Participacoes SA, Oi SA and Nextel Participacoes SA.

Slashdot Top Deals