Censorship

UK GHCQ Is Allowed To Hack (bbc.co.uk) 70

An anonymous reader writes: A security tribunal has just decreed that hacking by the UK security agency GCHQ is legal. [The case was launched after revelations by Edward Snowden about the extent of US and UK spying. Campaigners Privacy International claimed GCHQ's hacking operations were too intrusive]. The legal challenge that they were violating European law was rejected.
Privacy

Austrian Minister Calls For a Constitutional Right To Pay In Cash 183

New submitter sittingnut writes: Bloomberg reports that Austrian Deputy Economy Minister Harald Mahrer has called for a constitutional right to use cash to protect their privacy. According to the report, Mahrer said, "We don't want someone to be able to track digitally what we buy, eat and drink, what books we read and what movies we watch. We will fight everywhere against rules," including caps on cash purchases. EU finance ministers at a meeting in Brussels last Friday urged the European Commission, the EU's executive arm, to "explore the need for appropriate restrictions on cash payments exceeding certain thresholds," " to crack down on "illicit cash movements."
Piracy

Pirate Bay Browser Streaming Technology Is a Security and Privacy Nightmare (softpedia.com) 70

An anonymous reader writes: Last week the Pirate Bay added support for streaming video torrents inside the browser in real-time. Kickass Torrents followed the next week. The technology they used is called Torrents Time. A security researcher has discovered that this technology which is a mix of client and server side code is actually a security and user privacy disaster. Attackers can carry out XSS attacks on TPB and KAT, the app runs on Mac as root, attackers can hijack downloads and force malicious code on the user's PC, and advertisers can collect info on any user that has Torrents Time installed.
Australia

Dallas Buyers Club LLC Abandons Fight Against Australian Pirates (theage.com.au) 37

New submitter aphelion_rock writes: It's a happy day for Aussie pirates: The Hollywood studio behind the film Dallas Buyers Club has abandoned its fight to extract huge sums of cash from alleged copyright infringers. Dallas Buyers Club LLC had until midday Thursday to lodge a second appeal against an August Federal Court decision which effectively prevented it from engaging in so-called 'speculative invoicing' in Australia.
Security

ZDNet Writer Downplays Windows 10's Phoning-Home Habits 259

jones_supa writes: Gordon F. Kelly of Forbes whipped up a frenzy over Windows 10 when a Voat user found out in a little experiment that the operating system phones home thousands of times a day. ZDNet's Ed Bott has written a follow-up where he points out how the experiment should not be taken too dramatically. 602 connection attempts were to 192.168.1.255 using UDP port 137, which means local NetBIOS broadcasts. Another 630 were DNS requests. Next up was 1,619 dropped connection attempts to address 94.245.121.253, which is a Microsoft Teredo server. The list goes on with NTP, random HTTP requests, and various cloud hosts which probably are reached by UWP apps. He summarizes by saying that a lot of connections are not at all about telemetry. However, what kind of telemetry and data-mined information Windows specifically sends still remains largely a mystery; hopefully curious people will do analysis on the operating system and network traffic sent by it.
EU

Google Expands 'Right To Be Forgotten' To All Global Search Results (thestack.com) 93

An anonymous reader writes: Google has confirmed that it will be updating its 'right to be forgotten' so that any hidden content under the ruling is removed from all versions of its search engine in countries where it has been approved. Until now Google had only been removing results from the originating country and European versions of its search engine, such as google.co.uk and google.de. The EU had previously asked for an extension of the rule to include all versions of Google. Last year, French data protection authority CNIL threatened the tech giant with a sanction should it not remove data from all of its global platforms – such as google.com – in addition to its European sites. Now, Google's new extension of the 'right to be forgotten' is expected to come into force over the next few weeks.
Encryption

Federal Bill Could Override State-Level Encryption Bans (thestack.com) 137

An anonymous reader writes: A new bill has been proposed in Congress today by Representatives Ted Lieu (D-Calif.) and Blake Farenthold (R-Tex.) which looks to put a stop to any pending state-level legislation that could result in misguided encryption measures. The Ensuring National Constitutional Rights of Your Private Telecommunications Act of 2016 comes as a response to state-level encryption bills which have already been proposed in New York state and California. These near-identical proposals argued in favour of banning the sale of smartphones sold in the U.S. that feature strong encryption and cannot be accessed by the manufacturer. If these bills are passed, current smartphones, including iPhone and Android models, would need to be significantly redesigned for sale in these two states. Now Lieu and Farenthold are making moves to prevent the passing of the bills because of their potential impact on trade [PDF] and the competitiveness of American firms.
Privacy

Most IT Pros Have Seen Embarrassing Information About Their Colleagues 143

An anonymous reader writes: Often working in isolation, IT teams are still considered to be supporting players in many workplaces, yet the responsibility being placed on them is huge. In the event of a cyber attack, network outage or other major issue, they will typically drop everything to fix the problem at hand. Almost all the respondents (95%) to a new AlienVault survey said that they have fixed a user or executive's personal computer issue during their work hours. In addition, over three-quarters (77%) said that they had seen and kept secret potentially embarrassing information relating to their colleagues' or executives' use of company-owned IT resources.
Facebook

French Gov't Gives Facebook 3 Months To Stop Tracking Non-User Browsers 176

Reader iamthecheese writes RT reports that France's National Commission of Information and Freedoms found Facebook tracking of non-user browsers to be illegal. Facebook has three months to stop doing it. The ruling points to violations of members and non-members privacy in violation of an earlier ruling. The guidance, published last October, invalidates safe harbor provisions. If Facebook fails to comply the French authority will appoint someone to decide upon a sanction. Related: A copy of the TPP leaked last year no longer requires signing countries to have a safe harbor provision.
Security

President Obama Unveils $19 Billion Plan To Overhaul U.S. Cybersecurity 185

erier2003 writes: President Obama on Tuesday unveiled an expansive plan to bolster government and private-sector cybersecurity by establishing a federal coordinator for cyber efforts, proposing a commission to study future work, and asking Congress for funds to overhaul dangerously obsolete computer systems. His newly signed executive orders contain initiatives to better prepare college students for cybersecurity careers, streamline federal computer networks, and certify Internet-connected devices as secure. The Cybersecurity National Action Plan also establishes a Federal Privacy Council (to review how the government stores Americans' personal information), creates the post of Chief Information Security Officer, and establishes a Commission on Enhancing National Cybersecurity.
Crime

Hackers Leak List of FBI Employees (vice.com) 128

puddingebola writes: The hackers responsible for the leaking of DHS employees made good on their threat to reveal the names of 20,000 FBI employees. From the article: "The hacker provided Motherboard with a copy of the data on Sunday. The list includes names, email addresses (many of which are non-public) and job descriptions, such as task force deputy director, security specialist, special agent, and many more. The list also includes roughly 1,000 FBI employees in an intelligence analysis role."
GNU is Not Unix

Talos Secure Workstation Is Free-Software Centric — and $3100 [Updated] 117

jones_supa writes: These days, the motivation to use open source software for many people is to avoid backdoors placed by intelligence organizations and to avoid software that has hidden privacy-intruding characteristics. For the operating system and userspace software, open choices are already available. The last remaining island has been the firmware included in various ROM chips in a computer. Libreboot has introduced an open BIOS, but it is not available for newer systems featuring the Intel ME or AMD PSP management features. Talos' Secure Workstation fills this need, providing a modern system with 8-core POWER8 CPU, 132 GB RAM, and open firmware. The product is currently in a pre-release phase where Raptor Engineering is trying to understand if it's possible to do a production run of the machine. If you are interested, it's worth visiting the official website. Adds an anonymous reader about the new system, which rings in at a steep $3100: "While the engineers found solace in the POWER8 architecture with being more open than AMD/Intel CPUs, they still are searching for a graphics card that is open enough to receive the FSF Respect Your Freedom certification." Update: 02/08 18:44 GMT by T : See also Linux hacker and IBM employee Stewart Smith's talk from the just-completed linux.conf.au on, in which he walks through "all of the firmware components and what they do, including the boot sequence from power being applied up to booting an operating system." Update: 02/08 23:30 GMT by T :FSF Licensing & Compliance Manager Joshua Gay wrote to correct the headline originally appeared with this story, which said that the Talos workstation described was "FSF Certified"; that claim was an error I introduced. "The FSF has not certified this hardware," says Gay, "nor is it currently reviewing the hardware for FSF certification." Sorry for the confusion.
Bitcoin

Ask Slashdot: Time To Get Into Crypto-currency? If So, Which? 269

Qbertino writes: With the ever-looming cyberpunk future in close proximity, I'm starting to wonder if it isn't time to get myself familiar with crypto currency as a means of trade. Bitcoin is all the hype, but the blockchain has flaws, in that it isn't as anonymous as one would hope for — you can track past transactions. Rumors of Bitcoin showing cracks are popping up and also there are quite a few alternatives out there. So I have some questions: Is getting into dealing with crypto currency worthwhile already? Is Bitcoin the way to go, or will it falter under wide use / become easily trackable once NSA and the likes adapt their systems to doing exactly that? What digital currency has the technical and mind-share potential to supersede bitcoin? Are there feasible cryptocurrencies that have the upsides of Bitcoin (such as a mathematical limit to their amount) but are fully anonymous in transactions? What do the economists and digi-currency nerds here have to contribute on that? What are your experiences with handling and holding cryptocurrency? And does Bitcoin own the market or is it still flexible enough for an technology upgrade?
Microsoft

Even With Telemetry Disabled, Windows 10 Talks To Dozens of Microsoft Servers (voat.co) 580

An esteemed reader writes: Curious about the various telemetry and personal information being collected by Windows 10, one user installed Windows 10 Enterprise and disabled all of the telemetry and reporting options. Then he configured his router to log all the connections that happened anyway. Even after opting out wherever possible, his firewall captured Windows making around 4,000 connection attempts to 93 different IP addresses during an 8 hour period, with most of those IPs controlled by Microsoft. Even the enterprise version of Windows 10 is checking in with Redmond when you tell it not to — and it's doing so frequently.
Government

Everything You Need To Know About the Big New Data-Privacy Bill In Congress 29

erier2003 writes with this excerpt from The Daily Dot: The United States and the European Union have agreed to a transatlantic data-sharing arrangement to protect U.S. companies' overseas activities and European citizens' privacy, but another initiative—one that's still working its way through Congress—could be just important to U.S.–E.U. relations and transnational privacy rights. The Judicial Redress Act is considered essential to a broader agreement between the U.S. and Europe over the sharing of data in criminal and terrorism investigations. The negotiations over the newly announced E.U.–U.S. Privacy Shield may have received more attention, but the concerns at the heart of this bill are no less important.

Slashdot Top Deals