Security

Privacy Alert: Your Laptop Or Phone Battery Could Track You Online 37 37

Mark Wilson writes: Is the battery in your smartphone being used to track your online activities? It might seem unlikely, but it's not quite as farfetched as you might first think. This is not a case of malware or hacking, but a built-in component of the HTML5 specification. Originally designed to help reduce power consumption, the Battery Status API makes it possible for websites and apps to monitor the battery level of laptops, tablets, and phones. A paper published by a team of security researchers suggests that this represents a huge privacy risk. Using little more than the amount of power remaining in your battery, it is possible for people to be identified and tracked online. As reported by The Guardian, a paper entitled The Leaking Battery by Belgian and French privacy and security experts say that the API can be used in device fingerprinting.
The Internet

EFF Coalition Announces New 'Do Not Track' Standard For Web Browsing 36 36

An anonymous reader writes: The Electronic Frontier Foundation, privacy company Disconnect, and several other organizations are publishing a new DNT standard. Partners in the coalition include: publishing site Medium, analytics service Mixpanel, AdBlock, and private search engine DuckDuckGo. Thought it's still a voluntary policy, the EFF hopes the new proposed standard will provide users better privacy online. "We are greatly pleased that so many important Web services are committed to this powerful new implementation of Do Not Track, giving their users a clear opt-out from stealthy online tracking and the exploitation of their reading history," said EFF Chief Computer Scientist Peter Eckersley. "These companies understand that clear and fair practices around analytics and advertising are essential not only for privacy but for the future of online commerce."
Businesses

Tesla Presses Its Case On Fuel Standards 259 259

An anonymous reader writes: Tesla is preparing their case to leave federal mileage and emissions regulations intact, or make them even more strict. In addition, the company is fighting other car makers from loosening more stringent regulations in California. The WSJ reports: "Tougher regulations could benefit Tesla, while challenging other auto makers that make bigger profits on higher-margin trucks and sport-utility vehicles. Tesla's vice president of development, Dairmuid O'Connell, plans to argue to auto executives and other industry experts attending a conference on the northern tip of Michigan that car companies can meet regulations as currently written. 'We are about to hear a lot of rhetoric that Americans don't want to buy electric vehicles,' Mr. O'Connell said in an interview ahead of a Tuesday presentation in Traverse City, Mich. 'From an empirical standpoint, the [regulations] are very weak, eminently achievable and the only thing missing is the will to put compelling products on the road.'"
Social Networks

Girls Catfish ISIS On Social Media For Travel Money 213 213

MarkWhittington writes: Yahoo Travel reported that three women in Chechnya took ISIS for $3,300 before getting caught. They are now under investigation for Internet fraud, which seems to be illegal even when committed against the most fearsome terrorist army in modern times. The scam seems to be a combination of the Nigerian Prince con, in which a mark is fooled into giving the con artist large sums of money and catfishing, in which the mark strikes up an online romance with someone he thinks is an attractive woman (or man depending on the gender and preference of the mark.)
United States

DoD Ditches Open Source Medical Records System In $4.3B Contract 174 174

dmr001 writes: The US Department of Defense opted not to use the Department of Veterans Affairs' open source VistA electronic health record system in its project to overhaul its legacy systems, instead opting for a consortium of Cerner, Leidos and Accenture. The initial $4.3 billion implementation is expected to be the first part of a $9 billion dollar project. The Under Secretary for Acquisition stated they wanted a system with minimum modifications and interoperability with private sector systems, though much of what passes for inter-vendor operability in the marketplace is more aspirational than operable. The DoD aims to start implementation at 8 sites in the Pacific Northwest by the end of 2016, noting that "legacy systems are eating us alive in terms of support and maintenance," consuming 95% of the Military Health Systems IT budget.
China

China To Impose Export Control On High Tech Drones and Supercomputers 66 66

hackingbear writes: Following similar hi-tech export restriction policies in the U.S. (or perhaps in response to the U.S. ban on China,) China will impose export control on some drones and high performance computers starting on August 15th, according to an announcement published on Friday by China's Ministry of Commerce and the General Administration of Customs. The ban includes (official documents in Chinese) drone that can take off in wind speed exceeding 46.4km/hour or can continuously fly for over 1 hour as well as electronic components specifically designed or modified for supercomputers with speed over 8 petaflops. Companies must acquire specific permits before exporting such items. Drones and supercomputers are the two areas where China is the leader or among the top players. China is using its rapidly expanding defense budget to make impressive advances in (military) drone technology, prompting some to worry that the United States' global dominance in the market could soon be challenged. The tightening of regulations comes two weeks after an incident in disputed Kashmir in which the Pakistani army claimed to have shot down an Indian "spy drone", reportedly Chinese-made. China's 33-petaflops Tianhe-2, currently the fastest supercomputer in the world, while still using Intel Xeon processors, makes use of the home-grown interconnect, arguably the most important component of modern supercomputers.
Robotics

Hitchhiking Robot's Cross-Country Trip Ends In Philadelphia 207 207

An anonymous reader writes: A hitchhiking robot that successfully traveled across Canada in 26 days last year and parts of Europe, has met its demise in Philly. Created as a "social experiment," hitchBOT started its journey in the U.S. in Marblehead, Massachusetts, on July 17 with its thumb raised up and tape wrapped around its head that read "San Francisco or bust." After about two weeks in the U.S., someone in Philadelphia damaged the robot beyond repair. "Sadly, sadly it's come to an end," said Frauke Zeller, one of its co-creators. The Independent reports: "The robot was designed to be a talking travel companion and could toss out factoids and carry limited conversation. A GPS in the robot tracked its location, and a camera randomly snapped photos about every 20 minutes to document its travels."
Privacy

New Telemetry Suggests Shot-Down Drone Was Higher Than Alleged 480 480

AmiMoJo writes: The pilot of the drone shot down Sunday evening over a Kentucky property has now come forward with video seemingly showing that the drone wasn't nearly as close as the property owner made it out to be. The data also shows that it was well over 200 feet above the ground before the fatal shots fired. The shooter, meanwhile, continues to maintain that the drone flew 20 feet over a neighbour's house before ascending to "60 to 80 [feet] above me."
Privacy

One In Four Indiana Residents' E-Record Data Exposed in Hack 60 60

Reader chicksdaddy reports that a data breach involving four million patients and more than 230 different data holders (from private practices to large hospitals) hit Indiana especially hard. It's the home state of Medical Informatics Engineering, maker of electronic records system NoMoreClipBoard. While data exposed in the breach affected 3.9 million people, 1.5 millon of them are in Indiana. According to the Security Ledger, though: [The] breach affects healthcare organizations from across the country, with healthcare providers ranging from prominent hospitals to individual physicians' offices and clinics are among 195 customers of the NoMoreClipboard product that had patient information exposed in the breach. And, more than a month after the breach was discovered, some healthcare organizations whose patients were affected are still waiting for data from EMI on how many and which patients had information exposed.

'We have received no information from MIE regarding that,' said a spokeswoman for Fort Wayne Radiology Association (http://www.fwradiology.com/), one of hundreds of healthcare organizations whose information was compromised in the attack on MIE..
Privacy

Ask Slashdot: Can You Disable Windows 10's Privacy-Invading Features? 457 457

An anonymous reader writes: I really want to upgrade to Windows 10, but have begun seeing stories come out about the new Terms and how they affect your privacy. It looks like the default Windows 10 system puts copies of your data out on the "cloud", gives your passwords out, and targets advertising to you. The main reason I am looking to upgrade is that Bitlocker is not available on Windows 7 Pro, but is on Windows 10 Pro, and Microsoft no longer offers Anytime Upgrades to Windows 7 Ultimate. However, I don't want to give away my privacy for security. The other option is to wait until October to see what the Windows 10 Enterprise version offers, but it may not be available through retail. Are the privacy minded Slashdot readers not going with Windows 10?

For reference, I am referring to these articles.
(Not to mention claims that it steals your bandwidth.)
The Courts

ISPs Claim Title II Regulations Don't Apply To the Internet Because "Computers" 121 121

New submitter Gryle writes: ArsTechnica is reporting on an interesting legal tactic by ISPs in the net neutrality fight. In a 95-page brief the United States Telecom Association claims Internet access qualifies as information service, not a telecommunication service, because it involves computer processing. The brief further claims "The FCC's reclassification of mobile broadband internet access as a common-carrier service is doubly unlawful." (page 56)
Bitcoin

Japanese Police Arrest Mount Gox CEO Mark Karpeles 100 100

McGruber writes with the news as carried (paywalled) by the Wall Street Journal that Mark Karpeles, who headed bitcoin exchange Mt. Gox, has been arrested by Japanese police: In February 2014, Mount Gox filed for bankruptcy, saying it had lost 750,000 of its customers' bitcoins as well as 100,000 of its own, worth some $500 million at the time. A police spokesman said Mr. Karpelès is suspected of manipulating his own account at the company by making it appear that $1 million was added to it. The BBC reports the arrest as well, and notes that the coins missing from Mt. Gox represent 7% of all Bitcoins in circulation.
Music

"Happy Birthday" Public Domain After All? 168 168

New submitter jazzdude00021 writes: No song has had as contentious of copyright history as "Happy Birthday." The song is nearly ubiquitous at birthday parties in the USA, and even has several translations with the same tune. Due to copyrights held by Warner Music, public performances have historically commanded royalty fees. However, a new lawsuit has been brought to prove that "Happy Birthday" is, and always has been, in the public domain.The discovery phase for this lawsuit ended on July, 11 2014, yet this past week new evidence surfaced from Warner Music that may substantiate the claim that the lyrics were in the public domain long before the copyright laws changed in 1927.
Android

GasBuddy Has a New Privacy Policy (Spoiler: Not As Customer Friendly) 103 103

An anonymous reader writes: GasBuddy has been a popular iOS and Android app for the last 5 years used to find the cheapest place to get gas. According to the Google Play store, there are over 10 million installs (in additions to the installs from Apple and Amazon's appstores). Now that they have a large enough number of users, GasBuddy has updated their privacy policy to allow them to collect more information. Some highlights of the privacy policy changes include: only 10 days for new terms to take effect (previously users were given 30 days to review the changes); collection of "signal strength related to Wifi or Bluetooth functionality, temperature, battery level, and similar technical data"; and [a warning that the company] will not honor a web browser's "do not track" setting.
Communications

Questioning the Dispute Over Key Escrow 82 82

Nicola Hahn writes: The topic of key escrow encryption has once again taken center stage as former Secretary of Homeland Security Michael Chertoff has spoken out against key escrow both at this year's Aspen Security Forum and in an op-ed published recently by the Washington Post. However, the debate over cryptographic back doors has a glaring blind spot. As the trove of leaks from Hacking Team highlights, most back doors are implemented using zero-day exploits. Keep in mind that the Snowden documents reveal cooperation across the tech industry, on behalf of the NSA, to make products that were "exploitable." Hence, there are people who suggest the whole discussion over key escrow includes an element of theater. Is it, among other things, a public relations gambit, in the wake of the PRISM scandal, intended to cast Silicon Valley companies as defenders of privacy?