Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Slashdot Deals: Cyber Monday Sale Extended! Courses ranging from coding to project management - all eLearning deals 20% off with coupon code "CYBERMONDAY20". ×

Submission + - John Doe Lawsuits Baseless, So Says DC Federal Judge (courthousenews.com)

ihtoit writes: Four people accused of sharing illegal copies of the movie "Elf-Man" persuaded a federal judge there is not enough evidence to support copyright infringement claims against them.
          Elf-Man LLC, producer of the direct-to-DVD release "Elf-Man" sued Eric Cariveau et al. in Federal Court a year ago, accusing them of sharing a peer-to-peer file of the movie.
          Elf-Man claims the defendants illegally copied and distributed the movie online.
          "Despite the industry's efforts to capitalize on internet technology and reduce costs to end viewers through legitimate and legal means of online viewing such as through Netflix, Hulu, and Amazon Prime, there are still those that use this technology to steal motion pictures and undermine the efforts of creators through their illegal copying and distribution of motion pictures," Elf-Man's attorney Maureen VanderMay wrote in the complaint.
          U.S. District Judge Robert Lasnik granted Elf-Man's motion to initiate discovery on the IP addresses of defendants, but noted that "the risk of false positives is very real."
          "It is not clear that plaintiff could ... make factual contentions regarding an Internet subscriber's infringing activities based solely on the fact that he or she pays the Internet bill," Lasnik wrote in the order.
          Elf-Man named 18 individual defendants in its first amended complaint. A default judgment was ordered against two of them; claims against the Doe defendants were dismissed. Claims against four other named defendants were also dismissed on the grounds of their implausibility.

Submission + - Nations Largest Cocaine Smuggler Revealed: The DEA (chrisinmaryville.net) 1

Trachman writes: An investigation conducted in Mexico found the American government allowed that country’s largest drug cartel, Sinaloa, to operate without fear of persecution, effectively making DEA the largest cocaine supplier in the USA, controlling 80% of the market. DEA/ATF working together have also supplied weapons to Sinaloa to reduce competition, as we remember from ATF gunwalking scandal http://en.wikipedia.org/wiki/ATF_gunwalking_scandal.

The business has been elevated to the next level when DEA has started working together with NSA to weed out competition by parallel construction of incriminating evidence http://en.wikipedia.org/wiki/Parallel_construction.

Submission + - BitTorrent's Bram Cohen Unveils New Steganography Tool DissidentX (forbes.com)

Sparrowvsrevolution writes: For the last year Bram Cohen, who created the breakthrough file-sharing protocol BitTorrent a decade ago, has been working on a tool he calls DissidentX, a steganography tool that's available now but is still being improved with the help of a group of researchers at Stanford. Like any stego tool, DissidentX can camouflage users' secrets in an inconspicuous website, a corporate document, or any other, pre-existing file from a Rick Astley video to a digital copy of Crime and Punishment. But it uses a new form of steganography based on cryptographic hashes to make the presence of a hidden message far harder for an eavesdropper to detect than in traditional stego. And it also makes it possible to encode multiple encrypted messages to different keys in the same cover text.

Submission + - Apple Launches Customer Tracking Program in 254 Stores

cagraham writes: Apple is launching its iBeacon program across all their US stores today, reports Venturebeat. Customers who enter Apple stores — provided they have an iPhone 4S or later — will receive a notification asking if Apple can track them in the store. Some of the messages a customer might receive include notifications about their phone upgrade eligibility, or prompts to purchase accessories, depending on their location. This marks the first wide-scale usage of iBeacon, which is also compatible with Android 4.3 devices.

British Intelligence Responds To Slashdot About Man-in-Middle Attack 256

Nerval's Lobster writes "The GCHQ agency, Britain's equivalent of the National Security Agency, reportedly used fake LinkedIn and Slashdot pages to load malware onto computers at Belgian telecommunications firm Belgacom. In an emailed statement to Slashdot, the GCHQ's Press and Media Affairs Office wrote: 'We have no comment to make on this particular story.' It added: 'All GCHQ's work is carried out in accordance with a strict legal and policy framework which ensure that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Intelligence and Security Committee.' Meanwhile, LinkedIn's representatives suggested they had no knowledge of the reported hack. 'We have read the same stories, and we want to clarify that we have never cooperated with any government agency,' a spokesperson from the social network wrote in an email to Slashdot, 'nor do we have any knowledge, with regard to these actions, and to date, we have not detected any of the spoofing activity that is being reported.' An IT security expert with extensive knowledge of government intelligence operations, but no direct insight into the GCHQ, hypothesized to Slashdot that carrying out a man-in-the-middle attack was well within the capabilities of British intelligence agencies, but that such a 'retail' operation also seemed somewhat out of character. 'Based on what we know they've done, they are doing industrialized, large scale traffic sweeping and net hacking,' he said. 'They operate a wholesale, with statistical techniques. By "statistical" I mean that they send something that may or may not work.' With that in mind, he added, it's plausible that the GCHQ has software that operates in a similar manner to the NSA's EGOTISTICAL GIRAFFE, and used it to redirect Belgacom employees to a fake download. 'However, the story has been slightly garbaged into it being fake [LinkedIn and Slashdot] accounts, as opposed to network spoofing.'" Update: You can read the official statement from Slashdot's parent company, Dice Holdings, here on our blog.

Submission + - DNI James Clapper Admits He Lied To Congress (threatpost.com)

Gunkerty Jeb writes: In a highly unusual move, James Clapper, the director of national intelligence, said Tuesday that he misspoke when he told a Congressional committee in March that the National Security Agency does not assemble dossiers on Americans. Clapper said at the time that the agency does not do so “wittingly”, but in a letter to the chair of the Senate Select Committee on Intelligence, Clapper admitted this statement was “erroneous”.

Clapper, the top U.S. intelligence official, has been quite vocal in his defense of the NSA’s now-public surveillance programs such as PRISM and the metadata collection program. In statements published shortly after the leak of classified documents by Edward Snowden about those collection efforts Clapper said that they both have been repeatedly authorized by Congress and the executive and judicial branches over the years. The collection of road swaths of Internet data under Section 702 of the Foreign Intelligence Surveillance Act through PRISM is one of the aspects of the agency’s efforts that has many people worried.

Submission + - RMS urges W3C to reject DRM in HTML5 on principle (fsf.org)

gnujoshua writes: In a new article, GNU Project founder, Richard M. Stallman speaks out against the proposal to include hooks for DRM in HTML5. While others have been making similar arguments, RMS strikes home the point that while companies can still push Web DRM themselves, the stance taken by the W3C is still — both practically and politically — vitally important:

[...] the W3C cannot prevent companies from grafting DRM onto HTML. They do this through nonfree plug-ins such as Flash, and with nonfree Javascript code, thus showing that we need control over the Javascript code we run and over the C code we run. However, where the W3C stands is tremendously important for the battle to eliminate DRM. On a practical level, standardizing DRM would make it more convenient, in a very shallow sense. This could influence people who think only of short-term convenience to think of DRM as acceptable, which could in turn encourage more sites to use DRM. On the political level, making room for DRM in the specifications of the World Wide Web would constitute an endorsement in principle of DRM by the W3C. Standardization by the W3C could facilitate DRM that is harder for users to break than DRM implemented in Javascript code. If the DRM is implemented in the operating system, this could result in distribution of works that can't be played at all on a free operating system such as GNU/Linux.

Submission + - Mozilla: government spyware disguising itself as Firefox (pcpro.co.uk)

nk497 writes: Mozilla has sent a cease-and-desist order to Gamma International, after it was revealed the controversial creator of spyware for governments was disguising itself as Firefox on PCs. "We cannot abide a software company using our name to disguise online surveillance tools that can be – and in several cases actually have been – used by Gamma’s customers to violate citizens’ human rights and online privacy," Mozilla said.

Mozilla stressed that the two software packages remained separate and that FinSpy did not affect Firefox itself or the way the browser operated. "Gamma’s software is entirely separate, and only uses our brand and trademarks to lie and mislead as one of its methods for avoiding detection and deletion," Mozilla added.

Submission + - Internet Privacy At Risk But Not Dead (Yet)

snydeq writes: For more than a decade we've been hearing that online privacy is dead, and it's hard to argue with the evidence. Law enforcement agencies routinely obtain location and call data from wireless carriers, government agencies can access data from cloud storage with minimal judicial oversight, and then there's CISPA, by which Congress wants to enable private companies to share even more customer data with Uncle Sam. And that says nothing about the increasing online tracking and data mining being done by private entities. 'Despite this gloomy assessment, all hope is not lost. While threats to our personal privacy expand daily, so do potential solutions — whether it's new privacy legislation, enhanced regulation, stealth computing technology, or the emergence of a consumer-driven data economy.'

Submission + - FSS Protest Against Adding DRM APIs To HTLM5 (i-programmer.info)

mikejuk writes: The Free Software Foundation is urging its members to sign a petition to protest moves to incorporate Digital Rights Management technologies into the next generation of core web technologies.
The call is to back the latest drive on the Defective By Design website with the headline "Tell W3C: We don't want Hollyweb" This aims to collect 50,000 signatures to a petition that asks the World Wide Web Consortium (W3C) and its member organizations to reject a proposal which would incorporate support for DRM into HTML5. Given that its editors are from Google, Microsoft and Netflix and the fact that the BBC is a keen supporter, this specification is being seen as an attempt to
"sneak digital restrictions into every interaction we have online."
So if you don't want DRM in HTML5 — go and sign.

Submission + - Congress To Debate CISPA Behind Closed Doors (ibtimes.com)

redletterdave writes: Congress will reportedly meet next week to conduct a markup of the controversial Cyber Intelligence Sharing and Protection Act (CISPA), but just like last year, the House Intelligence Committee reportedly plans to hold its debates behind closed doors, away from the public eye.

Submission + - Prosecutor in Aaron Swartz Case Lied About Search Warrant (huffingtonpost.com)

runeghost writes: "Federal prosecutor Stephen Heymann engaged in prosecutorial misconduct by withholding key evidence from the defense team of Aaron Swartz, the late Internet activist's legal team alleged in a letter to an internal Justice Department ethics unit."

Assistant U.S. Attorney Heymann appears to have lied to the court and ignored his duty to disclose exculpatory evidence, so as to avoid invalidating the government's case against Aaron Swartz.


Submission + - ACTA and SOPA make a return via TAFTA (techdirt.com)

poetmatt writes: Techdirt notes that a new trade agreement is being released which will reintroduce the same IP maximalist issues from ACTA, SOPA and TPP previously, this time named TAFTA.

FTA: "More details are starting to come out as the main EU negotiator for ACTA, Karel de Gucht, came to DC to see about getting things kicked off, on an agreement that's being called TAFTA — the Trans Atlantic "Free Trade" Agreement. Of course, instead of recognizing the lessons from previous failed efforts to push for broken maximalist policies, it appears that the plan is to try, try again.

Bell Labs Unix -- Reach out and grep someone.