Contributor Bennett Haselton writes with a interesting take on the recent release of racy celebrity photos: "Lawyers for Olympic gymnast McKayla Maroney succeeded in getting porn sites to take down her stolen nude photos, on the grounds that she was under 18 in the pictures, which meant they constituted child pornography. If true, that means that under current laws, Maroney could in theory be prosecuted for taking the original pictures. Maybe the laws should be changed?" Read on for the rest.

An anonymous reader writes Processor firm Intel has withdrawn its advertising from Gamasutra in response to the site's decision to carry feminist articles. The articles had drawn the ire of the self-described "Gater" movement, a grass-roots campaign to discredit prominent female games journalists. Intel was apparently so inundated with criticism for sponsoring the Gamasutra site that it had no choice but to withdraw support. An Intel spokesperson explained that "We take feedback from our customers very seriously especially as it relates to contextually relevant content and placements" and as such Gamasutra was no longer an appropriate venue for their products."

Nerval's Lobster writes A look at some of the Shellshock-related reports from the past week makes it seem as if attackers are flooding networks with cyberattacks targeting the vulnerability in Bash that was disclosed last week. While the attackers haven't wholesale adopted the flaw, there have been quite a few attacks—but the reality is that attackers are treating the flaw as just one of many methods available in their tool kits. One way to get a front-row seat of what the attacks look like is to set up a honeypot. Luckily, threat intelligence firm ThreatStream released ShockPot, a version of its honeypot software with a specific flag, "is_shellshock," that captures attempts to trigger the Bash vulnerability. Setting up ShockPot on a Linux server from cloud host Linode.com is a snap. Since attackers are systematically scanning all available addresses in the IPv4 space, it's just a matter of time before someone finds a particular ShockPot machine. And that was definitely the case, as a honeypot set up by a Dice (yes, yes, we know) tech writer captured a total of seven Shellshock attack attempts out of 123 total attacks. On one hand, that's a lot for a machine no one knows anything about; on the other, it indicates that attackers haven't wholesale dumped other methods in favor of going after this particular bug. PHP was the most common attack method observed on this honeypot, with various attempts to trigger vulnerabilities in popular PHP applications and to execute malicious PHP scripts.

darthcamaro writes Amazon, Rackspace and IBM have all patched their public clouds over the last several days due to a vulnerability in the Xen hypervisor. According to a new report, the Xen project was first advised of the issue two weeks ago, but instead of the knee jerk type reactions we've seen with Heartbleed and now Shellshock, the Xen project privately fixed the bug and waited until all the major Xen deployments were patched before any details were released. Isn't this the way that all open-source projects should fix security issues? And if it's not, what is?

As reported by Bloomberg News, The Washington Post, and other outlets, the Liberian patient whose diagnosis of Ebola infection marks him as the first such case to have been first diagnosed within the United States may have had contact with more people than previously estimated, and 80 people in the Dallas area are now believed to have come into contact with him. While Bloomberg reports that this larger group of potential contacts is "being monitored for symptoms," the Washington Post's slightly later story says that, in keeping with the best current knowledge about Ebola's spread, "Dallas County Health and Human Services Director Zachary Thompson said that these [newly identified contacts] are not being watched or monitored and are not showing any symptoms of the illness. Only the immediate family members of the victim are being regularly monitored for Ebola symptoms; they've been ordered to stay at home and avoid contact with others."

rastos1 writes A law has come into effect that permits UK citizens to make copies of CDs, MP3s, DVDs, Blu-rays and e-books. Consumers are allowed to keep the duplicates on local storage or in the cloud. While it is legal to make back-ups for personal use, it remains an offence to share the data with friends or family. Users are not allowed to make recordings of streamed music or video from Spotify and Netflix, even if they subscribe to the services. Thirteen years after iTunes launched, it is now legal to use it to rip CDs in the UK. Just as interesting are the ways that the new UK law explicitly, if imperfectly, protects parody.

SpacemanukBEJY.53u (3309653) writes Earlier this week, an indictment was unsealed outlining a long list of charges against a group of men that stole intellectual property from gaming companies such as Epic Games, Valve, Activision and Microsoft. An Australian member of the group, Dylan Wheeler, describes how it was betrayed by an informant working for the FBI, which bought a hardware mockup of an Xbox One that the group built using source code stolen from Microsoft's Game Developer Network Portal. The device, which the FBI paid $5,000 for, was supposed to be sent to the Seychelles, but never arrived, which indicated the hacking collective had a mole.