schwit1 writes with news of a Circuit Court decision from Virginia where a judge has ruled that a criminal defendant cannot use Fifth Amendment protections to safeguard a phone that is locked using his or her fingerprint. According to Judge Steven C. Fucci, while a criminal defendant can't be compelled to hand over a passcode to police officers for the purpose of unlocking a cellular device, law enforcement officials can compel a defendant to give up a fingerprint. The Fifth Amendment states that "no person shall be compelled in any criminal case to be a witness against himself," which protects memorized information like passwords and passcodes, but it does not extend to fingerprints in the eyes of the law, as speculated by Wired last year. Frucci said that "giving police a fingerprint is akin to providing a DNA or handwriting sample or an actual key, which the law permits. A passcode, though, requires the defendant to divulge knowledge, which the law protects against, according to Frucci's written opinion."

HughPickens.com writes We know that about 10 million more people have insurance coverage this year as a result of the Affordable Care Act but until now it has been difficult to say much about who was getting that Obamacare coverage — where they live, their age, their income and other such details. Now Kevin Quealy and Margot Sanger-Katz report in the NYT that a new data set is providing a clearer picture of which people gained health insurance under the Affordable Care Act. The data is the output of a statistical model based on a large survey of adults and shows that the law has done something rather unusual in the American economy this century: It has pushed back against inequality, essentially redistributing income — in the form of health insurance or insurance subsidies — to many of the groups that have fared poorly over the last few decades. The biggest winners from the law include people between the ages of 18 and 34; blacks; Hispanics; and people who live in rural areas. The areas with the largest increases in the health insurance rate, for example, include rural Arkansas and Nevada; southern Texas; large swaths of New Mexico, Kentucky and West Virginia; and much of inland California and Oregon.

Despite many Republican voters' disdain for the Affordable Care Act, parts of the country that lean the most heavily Republican (according to 2012 presidential election results) showed significantly more insurance gains than places where voters lean strongly Democratic. That partly reflects underlying rates of insurance. In liberal places, like Massachusetts and Hawaii, previous state policies had made insurance coverage much more widespread, leaving less room for improvement. But the correlation also reflects trends in wealth and poverty. Many of the poorest and most rural states in the country tend to favor Republican politicians.

Trailrunner7 writes The maintainers of the Drupal content management system are warning users that any site owners who haven't patched a critical vulnerability in Drupal Core disclosed earlier this month should consider their sites to be compromised. The vulnerability, which became public on Oct. 15, is a SQL injection flaw in a Drupal module that's designed specifically to help prevent SQL injection attacks. Shortly after the disclosure of the vulnerability, attackers began exploiting it using automated attacks. One of the factors that makes this vulnerability so problematic is that it allows an attacker to compromise a target site without needing an account and there may be no trace of the attack afterward.

AlbanX writes The Australian Government has introduced a bill that would require telecommunications carriers and service providers to retain the non-content data of Australian citizens for two years so it can be accessed — without a warrant — by local law enforcement agencies. Despite tabling the draft legislation into parliament, the bill doesn't actually specify the types of data the Government wants retained. The proposal has received a huge amount of criticism from the telco industry, other members of parliament and privacy groups. (The Sydney Morning Herald has some audio of discussion about the law.)

wiredmikey writes: The White House's unclassified computer network was recently breached by intruders, a U.S. official said Tuesday. While the White House has not said so, The Washington Post reported that the Russian government was thought to be behind the act. Several recent reports have linked Russia to cyber attacks, including a report from FireEye on Tuesday that linked Russia back to an espionage campaign dating back to 2007. Earlier this month, iSight Partners revealed that a threat group allegedly linked with the Russian government had been leveraging a Microsoft Windows zero-day vulnerability to target NATO, the European Union, and various private energy and telecommunications organizations in Europe. The group has been dubbed the "Sandworm Team" and it has been using weaponized PowerPoint files in its recent attacks. Trend Micro believes the Sandworm team also has their eyes set on compromising SCADA-based systems.

Memetic writes: The UK weather forecasting service is replacing its IBM supercomputer with a Cray XC40 containing 17 petabytes of storage and capable of 16 TeraFLOPS. This is Cray's biggest contract outside the U.S. With 480,000 CPUs, it should be 13 times faster than the current system. It will weigh 140 tons. The aim is to enable more accurate modeling of the unstable UK climate, with UK-wide forecasts at a resolution of 1.5km run hourly, rather than every three hours, as currently happens. (Here's a similar system from the U.S.)

McGruber writes: Back on February 4, "Science Guy" Bill Nye debated Creationist Kenneth Alfred "Ken" Ham. That high-profile debate helped boost support for Ham's $73 million "Ark Encounter" project, allowing Ham to announce on February 25 that a municipal bond offering had raised enough money to begin construction. Nye said he was "heartbroken and sickened for the Commonwealth of Kentucky" after learning that the project would move forward. Nye said the ark would eventually draw more attention to the beliefs of Ham's ministry, which preaches that the Bible's creation story is a true account, and as a result, "voters and taxpayers in Kentucky will eventually see that this is not in their best interest."

In July, the Kentucky Tourism Development Finance Authority unanimously approved $18.25 million worth of tax incentives to keep the ark park afloat. The funds are from a state program that allows eligible tourism attractions a rebate of as much as 25 percent of the investment in the project. Since then, the Ark Park's employment application has became public: "Nestled among the requirements for all job applicants were three troubling obligatory documents: 'Salvation testimony,' 'Creation belief statement,' and a 'Confirmation of your agreement with the AiG statement of faith.' (AiG is Answers in Genesis, Ham's ministry and Ark Encounter's parent company.)"

That caused the Kentucky Tourism, Arts and Heritage Cabinet to halt its issuance of tax incentives for the ark park. Bob Stewart, secretary of the cabinet, wrote to Ham that "the Commonwealth does not provide incentives to any company that discriminates on the basis of religion and we will not make any exception for Ark Encounter, LLC." Before funding could proceed, Stewart explained, "the Commonwealth must have the express written assurance from Ark Encounter, LLC that it will not discriminate in any way on the basis of religion in hiring." The ark park has not yet sunk. It is "still pending before the authority" and a date has not yet been set for the meeting where final approval will be considered.

jones_supa writes: The OpenBSD developers have decided to remove support for loadable kernel modules from the BSD distribution's next release. Several commits earlier this month stripped out the loadable kernel modules support. Phoronix's Michael Larabel has not yet found an official reason for the decision to drop support. He wagers that it is due to security or code quality/openness ideals.

itwbennett writes Working closely with VISA, Apple solved many complex security issues making in-person payments safer than ever. But it's that close relationship with the credit card companies that may be Apple Pay's downfall. A competing solution called CurrentC has recently gained a lot of press as backers of the project moved to block NFC payments (Apple Pay, Google Wallet, etc.) at their retail terminals. The merchants designing or backing CurrentC reads like a greatest hits list of retail outfits and leading the way is the biggest of them all, Walmart. The retailers have joined together to create a platform that is independent of the credit card companies and their profit-robbing transaction fees. Hooking directly to your bank account rather than a credit or debit card, CurrentC will use good old ACH to transfer money from your account to the merchant's bank account at little to no cost.

SmartAboutThings writes According to some reports from the industry, Microsoft is working on a version of its software for servers that run on chips based on ARM Holdings's technology. Windows Server now runs on Intel hardware, but it seems that Redmond wants to diversify its strategy. An ARM-based version of Windows Server could help challenge Intel's dominance and make a place for ARM in the server market, not only in mobile chips. According to the article, though, Microsoft "hasn’t yet decided whether to make the software commercially available."

linuxwrangler writes A flight from LAX to London was delayed after a passenger reported seeing "Al-Quida Free Terror Nettwork" as an available hotspot name and reported it to a flight attendant. The flight was taken to a remote part of the airport and delayed for several hours but "after further investigation, it was determined that no crime was committed and no further action will be taken." That seems an awfully low threshold for disrupting air traffic, since wireless access points can be had for just a few dollars these days.

An anonymous reader writes CVS and Rite Aid have reportedly shut off the NFC-based contactless payment option at point of sale terminals in thousands of stores. The move will make it impossible to pay for products using Apple Pay or Google Wallet. Rite Aid posted at their stores: "Please note that we do not accept Apple Pay at this time. However we are currently working with a group of large retailers to develop a mobile wallet that allows for mobile payments attached to credit cards and bank accounts directly from a smart phone. We expect to have this feature available in the first half of 2015."

An anonymous reader writes: Verizon Wireless, the nation's largest wireless carrier, is now also a real-time data broker. According to a security researcher at Stanford, Big Red has been adding a unique identifier to web traffic. The purpose of the identifier is advertisement targeting, which is bad enough. But the design of the system also functions as a 'supercookie' for any website that a subscriber visits. "Any website can easily track a user, regardless of cookie blocking and other privacy protections. No relationship with Verizon is required. ...while Verizon offers privacy settings, they don’t prevent sending the X-UIDH header. All they do, seemingly, is prevent Verizon from selling information about a user." Just like they said they would.

New submitter weilawei writes: Last night, FTDI, a Scottish manufacturer of USB-to-serial ICs, posted a response to the ongoing debacle over its allegedly intentional bricking of competitors' chips. In their statement, FTDI CEO Fred Dart said, "The recently release driver release has now been removed from Windows Update so that on-the-fly updating cannot occur. The driver is in the process of being updated and will be released next week. This will still uphold our stance against devices that are not genuine, but do so in a non-invasive way that means that there is no risk of end user's hardware being directly affected." This may have resulted from a discussion with Microsoft engineers about the implications of distributing potentially malicious driver software.

If you design hardware, what's your stance on this? Will you continue to integrate FTDI chips into your products? What alternatives are available to replace their functionality?

An anonymous reader writes As many expected, Michigan Governor Michigan Governor Rick Snyder signed a bill that bans Tesla Motors from selling cars directly to buyers online in the state. When asked what Tesla's next step will be, Diarmuid O'Connell, vice president of business development, said it was unclear if the company would file a lawsuit. "We do take at their word the representations from the governor that he supports a robust debate in the upcoming session," O'Connell said. "We've entered an era where you can buy products and services with much greater value than a car by going online."