tsu doh nimh writes "Security experts have long opined that one way to make software more secure is to hold software makers liable for vulnerabilities in their products. This idea is often dismissed as unrealistic and one that would stifle innovation in an industry that has been a major driver of commercial growth and productivity over the years. But a new study released this week presents perhaps the clearest economic case yet for compelling companies to pay for information about security vulnerabilities in their products. Stefan Frei, director of research at NSS Labs, suggests compelling companies to purchase all available vulnerabilities at above black-market prices, arguing that even if vendors were required to pay $150,000 per bug, it would still come to less than two-tenths of one percent of these companies' annual revenue (PDF). To ensure that submitted bugs get addressed and not hijacked by regional interests, Frei also proposes building multi-tiered, multi-region vulnerability submission centers that would validate bugs and work with the vendor and researchers. The questions is, would this result in a reduction in cybercrime overall, or would it simply hamper innovation? As one person quoted in the article points out, a majority of data breaches that cost companies tens of millions of dollars have far more to do with other factors unrelated to software flaws, such as social engineering, weak and stolen credentials, and sloppy server configurations."
An anonymous reader writes "This week CBS New's 60 Minutes program had a broadcast segment devoted to the NSA, and additional online features. It revealed that the first secret Snowden stole was the test and answers for a technical examination to get a job at NSA. When working at home, Snowden covered his head and screen with a hood so that his girlfriend couldn't see what he was doing. NSA considered the possibility that Snowden left malicious software behind and removed every computer and cable that Snowden had access to from its classified network, costing tens of millions of dollars. Snowden took approximately 1.7 million classified documents. Snowden never approached any of multiple Inspectors General, supervisors, or Congressional oversight committee members about his concerns. Snowden's activity caught the notice of other System Administrators. There were also other interesting details, such as the NSA has a highly competitive intern program for High School students that are given a Top Secret clearance and a chance to break codes that have resisted the efforts of NSA's analysts — some succeed. The NSA is only targeting the communications, as opposed to metadata, of less than 60 Americans. Targeting the actual communications of Americans, rather than metadata, requires a probable cause finding and a specific court order. NSA analysts working with metadata don't have access to the name, and can't listen to the call. The NSA's work is driven by requests for information by other parts of the government, and there are about 31,000 requests. Snowden apparently managed to steal a copy of that document, the 'crown jewels' of the intelligence world. With that information, foreign nations would know what the US does and doesn't know, and how to exploit it."
First time accepted submitter Tigger's Pet writes "The BBC report that 'Google's former top patent lawyer has been put in charge of America's patent and trademark office (USPTO). Michelle Lee was made deputy director of the USPTO this week and will run the agency while it seeks a new boss. Ms Lee joined the patent office after leaving Google in June 2012 but said the opinions of her former employer would not guide her work.' Maybe she will use her knowledge from some of the insanity she has seen to actually tackle the current situation of patents, patent-trolling and lawsuits, so that companies can concentrate on true development which benefits all their users, not just the lawyers."
New submitter StirlingArcher writes "I've always built/maintained my parents' PC's, but as Mum has got older her PC seems to develop problems more readily. I would love to switch her to Linux, but she struggles with change and wants to stay with Vista and MS Office. I've done the usual remove Admin rights, use a credible Internet Security package. Is there anything more dramatic that I could do, without changing the way she uses her PC or enforcing a new OS on her again? One idea was to use a Linux OS and then run Vista in a VM, which auto-boots and creates a backup image every so often. Thanks for any help!"
theodp writes "Code.org, backed by Bill Gates and Mark Zuckerberg, boasts in a blog post that thanks to this week's Hour of Code, which featured a Blockly tutorial narrated by Gates and Zuckerberg, 'More students have participated in computer science in U.S. schools in the last three days than in the last 100 years.' Taking note of the impressive numbers being put up on the Hour of Code Leaderboards ('12,522,015 students have done the Hour of Code and written 406,022,512 lines of code'), the Seattle Times adds that 'More African American and Hispanic kids learned about the subject in two days than in the entire history of computer science,' and reports that the cities of Chicago and New York have engaged Code.org to offer CS classes in their schools. So, isn't it a tad hyperbolic to get so excited over kids programming with blocks? 'Yes, we can all agree that this week's big Hour of Code initiative is a publicity stunt,' writes the Mercury News' Mike Cassidy, 'but you know what? A publicity stunt is exactly what we need.'"
cold fjord writes "The Washington Examiner reports, 'Oregon ... signed up just 44 people for insurance through November, despite spending more than $300 million on its state-based exchange. The state's exchange had the fewest sign-ups in the nation, according to a new report today by the Department of Health and Human Services. The weak number of sign-ups undercuts two major defenses of Obamacare from its supporters. One defense was that state-based exchanges were performing a lot better than the federal healthcare.gov website servicing 36 states. But Oregon's website problems have forced the state to rely on paper applications to sign up participants. Another defense of the Obama administration has attributed the troubled rollout of Obamacare to the obstruction of Republican governors who wanted to see the law fail as well as a lack of funding. But Oregon is a Democratic state that embraced Obamacare early and enthusiastically.'"
Hugh Pickens DOT Com writes "Suzanne Goldenberg writes at The Guardian that researchers at the University of Toronto's department of chemistry have identified a newly discovered greenhouse gas, perfluorotributylamine (PFTBA), in use by the electrical industry since the mid-20th century, that is 7,000 times more powerful than carbon dioxide at warming the Earth. 'We claim that PFTBA has the highest radiative efficiency of any molecule detected in the atmosphere to date,' says Angela Hong. Concentrations of PFTBA in the atmosphere are low – 0.18 parts per trillion in the Toronto area – compared to 400 parts per million for carbon dioxide but PFTBA is long-lived. There are no known processes that would destroy or remove PFTBA in the lower atmosphere so it has a very long lifetime, possibly hundreds of years, and is destroyed in the upper atmosphere. 'It is so much less than carbon dioxide, but the important thing is on a per molecule basis, it is very very effective in interacting with heat from the Earth.' PFTBA has been in use since the mid-20th century for various applications in electrical equipment, such as transistors and capacitors. 'PFTBA is just one example of an industrial chemical that is produced but there are no policies that control its production, use or emission,' says Hong. 'It is not being regulated by any type of climate policy.'"
Velcroman1 writes "Banking giant JPMorgan Chase has filed a patent application for an electronic commerce system that sounds remarkably like Bitcoin — but never mentions the controversial, Internet-only currency. The patent application was filed in early August but made publicly available only at the end of November; it describes a 'method and system for processing Internet payments using the electronic funds transfer network.' The system would allow people to pay bills anonymously over the Internet through an electronic transfer of funds — just like Bitcoin. It would allow for micropayments without processing fees — just like bitcoin. And it could kill off wire transfers through companies like Western Union — just like Bitcoin. There are 18,126 words in the patent application. 'Bitcoin' is not one of them."
Hugh Pickens DOT Com writes "The Tulsa World reports that in their zeal to tout their faith in the public square, conservatives in Oklahoma may have unwittingly opened the door to a wide range of religious groups, including satanists who are now seeking to put their own statue next to a Ten Commandments monument on the Statehouse steps. The Republican-controlled Legislature in Oklahoma authorized the privately funded Ten Commandments monument in 2009, and it was placed on the Capitol grounds last year despite criticism from legal experts who questioned its constitutionality. But the New York-based Satanic Temple saw an opportunity and notified the state's Capitol Preservation Commission that it wants to donate a monument too. 'We believe that all monuments should be in good taste and consistent with community standards,' Lucien Greaves wrote in letter to state officials. 'Our proposed monument, as an homage to the historic/literary Satan, will certainly abide by these guidelines.' Brady Henderson, legal director for ACLU Oklahoma, said if state officials allow one type of religious expression, they must allow alternative forms of expression, although he said a better solution might be to allow none at all on state property. 'We would prefer to see Oklahoma's government officials work to faithfully serve our communities and improve the lives of Oklahomans instead of erecting granite monuments to show us all how righteous they are,' says Henderson. 'But if the Ten Commandments, with its overtly Christian message, is allowed to stay at the Capitol, the Satanic Temple's proposed monument cannot be rejected because of its different religious viewpoint.'"
Barence writes "The vice president of the European Commission's Competition unit has warned Nokia not to become a 'patent troll'. Nokia is in the process of selling its devices business to Microsoft, giving rise to fears that the remaining part of Nokia will make more aggressive use of its patents portfolio. Vice president Joaquin Almunia said that the commission had dismissed the possibility that 'Nokia would be tempted to behave like a patent troll' when it cleared the way for Microsoft to acquire Nokia's devices division – but warned that 'if Nokia were to take illegal advantage of its patents in the future, we will open an antitrust case.' 'I sincerely hope we will not have to,' said Almunia."
Hugh Pickens DOT Com writes "Lindsay Abrams reports at Salon that the Obama administration is offering wind farms 30 years of leeway to kill and harm bald and golden eagles. The new regulations, which were requested by the wind industry, will provide companies that seek a permit with legal protection, preventing them from having to pay penalties for eagle deaths (PDF). An investigation by the Associated Press earlier this year documented the illegal killing of eagles around wind farms, the Obama administration's reluctance to prosecute such cases and its willingness to help keep the scope of the eagle deaths secret. President Obama has championed the pollution-free energy, nearly doubling America's wind power in his first term as a way to tackle global warming. Scientists say wind farms in 10 states have killed at least 85 eagles since 1997, with most deaths occurring between 2008 and 2012, as the industry was greatly expanding. Most deaths — 79 — were golden eagles that struck wind turbines. However the scientists said their figure is likely to be 'substantially' underestimated, since companies report eagle deaths voluntarily and only a fraction of those included in their total were discovered during searches for dead birds by wind-energy companies. The National Audubon Society said it would challenge the decision."
theodp writes "Among the patents granted to Facebook this week by the USPTO is one for Inferring Household Income for Users of a Social Networking System. 'For example,' Facebook explains, 'an assumption might be made about a user that reads CNN.com and nytimes.com every day that the user is in a higher income bracket than another user that only reads TMZ.com and PerezHilton.com on the theory that a user who reads newspapers might be assumed to make more money than a user who only reads celebrity gossip blogs.' Advertisements such as those for travel packages, cars, and home mortgages, Facebook adds, 'are targeted to users based on income bracket,' which might also be inferred by 'gathering and analyzing different types of information about a user's geographic location.' Hey, what could go wrong?"
walterbyrd sends this news from Techworld: "A Microsoft storage patent that was used to get a sales ban on products from Google-owned Motorola Mobility in Germany has been invalidated by the German Federal Patent Court. Microsoft's FAT (File Allocation Table) patent, which concerns a 'common name space for long and short filenames' was invalidated on Thursday, a spokeswoman for the Federal Patent Court said in an email Friday. She could not give the exact reasons for the court's decision before the written judicial decision is released, which will take a few weeks."
An anonymous reader writes "The U.S. Centers for Disease Control have announced that measles cases in the U.S. spiked this year, rising to three times their recent average rate. It's partly due to a greater number of people traveling to the U.S. when they're infectious, but also because a frustrating number of people are either failing to have their children vaccinated, or are failing to do so in a timely manner. Dr. Thomas Friedman said, 'Around 90 percent of the people who have had measles in this country were not vaccinated either because they refused, or were not vaccinated on time.' Phil Plait adds, 'In all three of these outbreaks, someone who had not been vaccinated traveled overseas and brought the disease back with them, which then spread due to low vaccination rates in their communities. It's unclear how much religious beliefs themselves were behind the outbreaks in Brooklyn and North Carolina; it may have been due to widespread secular anti-vax beliefs in those tight-knit groups. But either way, a large proportion of the people in those areas were unvaccinated.'"
New submitter chrylis writes "SCOTUSblog is reporting that the U.S. Supreme Court has accepted an appeal in Alice v. CLS Bank, a case in which the Federal Circuit ruled haphazardly that the particular patents in question were invalid but did not address the issue of software patents generally. 'The case will provide a new test of the Patent Act’s most basic provision — Section 101, which broadly outlines what kinds of inventions are patentable. One of the long-standing exceptions to the types of inventions mentioned in that section is that an abstract idea can never be patented. That issue arises frequently these days, especially with rapidly developing technology in computer software. The EFF wrote a summary of the issues in the case when it was before the Federal Circuit this spring. The case files are also available."