Submission + - Is Freedom of Political Expression About To Be Curtailed? 1

superwiz writes: Alan Dershowitz, a Constitutional scholar and a Harvard Law professor, made a public prediction that freedom of political expression guaranteed by the 1st Amendment to the US Constitution would come under attack "soon". He made his prediction in 2008 in this speech:

https://www.youtube.com/watch?v=SPbr5ak6FaU&t=970.

And he outlined the reason for it quite simple: until recently public speech was only the domain of few privileged individuals. But as it becomes the domain of everyone more and more, the elites have more to gain by suppressing it. His outline starts at

https://www.youtube.com/watch?v=SPbr5ak6FaU&t=1070.

Variety of sources reported today that Sen. McCain (R) joined Sens. Mark Warner(D) and Amy Klobuchar(D) in introducing legislature which would require disclosure of political ad buys on the Internet if the amount spent on the ads was $500 or greater. Ostensibly this law was introduced in response to "Russian interfering in the US election" in the form of a $100,000 ad buy on Facebook.

The language used to justify the legislature is somewhat misleading in that it attempts to paint "social media" as a new type of "media", claiming that it simply tries to bring new media inline with the old media. But it completely ignores the "social" part of the "social media", which makes it more akin to a town square than to the old broadcast media such as radio and TV.

A more cynical point of view is that every law has instances of potential overreach in enforcement. So it is plausible to expect that this law can be used as an instrument to quash or de-anonymize political posts of opponents by future political operatives. The very low threshold requiring deanonymizing ($500) puts a huge burden of proof on any social media company (such as Slashdot) to prove that its comments section does not get hijacked by astro-turfing. The counter argument, of course, is that the law doesn't require reporting sources of free posts. Any law, however, will have as chilling an effect as its worst successful application.

If this law passes, should we expect to see prohibition on AC posts after the 1st time a judge declares that politically-bent comments on Slashdot are no different from paid advertisements? Can Slashdot, or even some of the smaller sites, withstand such legal assaults on its format by well-funded future political campaigns?

Submission + - Facebook security boss says its corporate network is run "like a college campus" (zdnet.com)

An anonymous reader writes: Facebook's security chief has told employees that the social media giant needs to improve its internal security practices to be more akin to a defense contractor, according to a leaked recording obtained by ZDNet.

Alex Stamos made the comments to employees at a late-July internal meeting where he argued that the company had not done enough to respond to the growing threats that the company faces, citing both technical challenges and cultural issues at the company.

"The threats that we are facing have increased significantly and the quality of the adversaries that we are facing," he said. "Both technically and from a cultural perspective I don't feel like we have caught up with our responsibility."

"The way that I explain to [management] is that we have the threat profile of a Northrop Grumman or a Raytheon or another defense contractor, but we run our corporate network, for example, like a college campus, almost," he said.

Submission + - Senators Announce New Bill That Would Regulate Online Political Ads (theverge.com)

An anonymous reader writes: As tech companies face continued scrutiny over Russian activity on their ad platforms, Senators today announced legislation meant to regulate political ads on the internet. The new bill, called the Honest Ads Act, would require companies like Facebook and Google to keep copies of political ads and make them publicly available. Under the act, the companies would also be required to release information on who those ads were targeted to, as well as information on the buyer and the rates charged for the ads. The new rules would bring disclosure rules more in line with how political ads are regulated in mediums like print and TV, and apply to any platform with more than 50 million monthly viewers. The companies would be required to keep and release data on anyone spending more than $500 on political ads in a year. It’s unclear how well the bill will fare. Companies like Facebook have been successfully fighting regulations for years. But this latest attempt has some bipartisan support: the act, sponsored by Sen. Amy Klobuchar (D-MN) and Sen. Mark Warner (D-VA) is also co-sponsored by Sen. John McCain (R-AZ). “Americans deserve to know who’s paying for the online ads,” Klobuchar said at a press conference announcing the legislation.

Submission + - Canadian Spy Agency open-sources it's "Assembly Line" malware fighting tool. (www.cbc.ca)

Pig Hogger writes:

Canada's electronic spy agency says it is taking the "unprecedented step" of releasing one of its own cyber defence tools to the public, in a bid to help companies and organizations better defend their computers and networks against malicious threats.
The Communications Security Establishment (CSE) rarely goes into detail about its activities — both offensive and defensive — and much of what is known about the agency's activities have come from leaked documents obtained by U.S. National Security Agency whistleblower Edward Snowden and published in recent years.
But as of late, CSE has acknowledged it needs to do a better job of explaining to Canadians exactly what it does. Today, it is pulling back the curtain on an open-source malware analysis tool called Assemblyline that CSE says is used to protect the Canadian government's sprawling infrastructure each day.
"It's a tool that helps our analysts know what to look at, because it's overwhelming for the number of people we have to be able to protect things," Scott Jones, who heads the agency's IT security efforts, said in an interview with CBC News.

So, would you trust your files to some spookware, no matter how open-source it is?

Submission + - Almost Half of Tech Workers Worry About Losing Their Jobs Because of Ageism (siliconbeat.com)

An anonymous reader writes: More than 40 percent of tech workers worry about losing their jobs because of age, a new survey shows. Jobs site Indeed also found that 18 percent of those who work in the tech industry worry “all the time” about losing their jobs because of ageism. The release of the survey Thursday comes amid other news about diversity — or lack thereof — in tech workplaces. Often when we report about diversity issues, readers wonder about older workers. The Indeed survey offers insight into the age of the tech workforce: It’s young. Indeed concluded from surveying more than 1,000 respondents in September that the tech workforce is composed of about 46 percent millennials, with 36 percent of respondents saying the average employee age at their company is 31 to 35, and 17 percent saying that the average worker age at their company is 20 to 30. What about Generation X and baby boomers? Twenty-seven percent of respondents said the average age of employees at their company is 36 to 40, while 26 percent of respondents said the workers at their companies are 40 and older.

Submission + - Discovery of 50km cave raises hopes for human colonisation of moon. (theguardian.com)

Zorro writes: The discovery, by Japan’s Seismological and Engineering Explorer (Selene) probe, comes as several countries vie to follow the US in sending manned missions to the moon.

The chasm, 50km (31 miles) long and 100 metres wide, appears to be structurally sound and its rocks may contain ice or water deposits that could be turned into fuel, according to data sent back by the orbiter, nicknamed Kaguya after the moon princess in a Japanese fairy tale.

Submission + - Google Chrome May Add a Permission to Stop In-Browser Cryptocurrency Miners (bleepingcomputer.com)

An anonymous reader writes: Google Chrome engineers are considering adding a special browser permission that will thwart the rising trend of in-browser cryptocurrency miners. Discussions on the topic of in-browser miners have been going on the Chromium project's bug tracker since mid-September when Coinhive, the first such service, launched.

Here's my current thinking," Ojan Vafai, a Chrome engineering working on the Chromium project, wrote in one of the recent bug reports. "If a site is using more than XX% CPU for more than YY seconds, then we put the page into "battery saver mode" where we aggressively throttle tasks and show a toast [notification popup] allowing the user to opt-out of battery saver mode. When a battery saver mode tab is backgrounded, we stop running tasks entirely. I think we'll want measurement to figure out what values to use for XX and YY, but we can start with really egregious things like 100% and 60 seconds. I'm effectively suggesting we add a permission here, but it would have unusual triggering conditions [...]. It only triggers when the page is doing a likely bad thing."

An earlier suggestion had Google create a blacklist and block the mining code at the browser level. That suggestion was shut down as being too impractical and something better left to extensions.

Submission + - New "broadp0wn" security vulnerability in Broadcom WIFI chipsets on smartphones (wired.com) 1

Boutzev writes: There is information circulating about a new vulnerability in Broadcom WIFI chipsets, used in smartphones from major vendors (Apple, Samsung). The issue (called "broadp0wn) is apparently remotely exploitable. This is unrelated to the recently released KRACK vulnerability in the WPA2 protocol. From wired.com:

IF YOU HAVEN'T updated your iPhone or Android device lately, do it now. Until very recent patches, a bug in a little-examined Wi-Fi chip would have allowed a hacker to invisibly hack into any one of a billion devices. Yes, billion with a b.
A vulnerability that pervasive is rare, for good reason. Apple and Google pile millions of dollars into securing their mobile operating systems, layering on hurdles for hackers and paying bounties for information about vulnerabilities in their software. But a modern computer or smartphone is a kind of silicon Frankenstein, with components sourced from third-party companies whose code Apple and Google don't entirely control. And when security researcher Nitay Artenstein dug into the Broadcom chip module that helps power every iPhone and most modern Android devices, he found a flaw that had the potential to completely undermine the expensive security of all of them.

Submission + - Millions Download Botnet-Building Malware From Google Play (helpnetsecurity.com)

Orome1 writes: Researchers have discovered a new batch of malicious apps on Google Play, some of which have been downloaded and installed on some 2.6 million devices. The apps posed as legitimate offerings that modify the look of the characters in Minecraft: Pocket Edition (PE). In the background, though, they set out to rope the devices into a botnet. The malware, dubbed Sockbot, was found hiding in eight apps on Google Play, all offered by a single developer account.

Slashdot Top Deals