Remember that MIT professor accused of hiding the work he did for the Chinese government? (He was arrested for not disclosing it on federal grant applications, with a U.S. attorney announcing "It is not illegal to collaborate with foreign researchers. It is illegal to lie about it.")

All charges have been dropped. Mass Live reports: Chen, 56, was arrested a year ago for failing to disclose millions of dollars in contracts, appointments and awards from the Chinese government when he applied for a grant from the Department of Energy. Among other charges, he was accused of wire fraud and making a false statement on a tax return, according to prosecutors. He pleaded not guilty to the full slate of charges. On Thursday, U.S. Attorney Rachael Rollins said the federal government would drop its case against Chen. After assessing new evidence, Rollins said in a statement her office found it could not meet the burden of proof in a trial. "As prosecutors, we have an obligation in every matter we pursue to continually examine the facts while being open to receiving and uncovering new information," Rollins said. "Today's dismissal is a result of that process and is in the interests of justice...." Prosecutors had claimed Chen used the U.S. government's money to benefit the Chinese government, while failing to disclose any relationship with Chinese leaders. Colleagues protested Chen's arrest, saying grant disclosure violations had been treated as a serious crime, such as espionage or intellectual property theft, the New York Times reported. Recently, Department of Energy officials said they would awarded a grant to him even if he had disclosed his ties to China.
MIT Technology Review adds: From the start, Chen had maintained his innocence, while MIT had indicated that he was working to establish a research collaboration on behalf of the institution and that the funding in question was actually for the university rather than Chen personally. MIT also paid for his defense....

"The government finally acknowledged what we said all along: Professor Gang Chen is an innocent man," Robert Fisher, Chen's defense attorney, said in a statement. "Our defense was never based on any legal technicalities. Gang did not commit any of the offenses he was charged with. Full stop. He was never in a talent program. He was never an overseas scientist for Beijing. He disclosed everything that he was supposed to disclose and never lied to the government or anyone else."

For his part, Chen said, "While I am relieved that my ordeal is over, I am mindful that this terribly misguided China Initiative continues to bring unwarranted fear to the academic community, and other scientists still face charges."

"I will have more to share soon," the scientist added.

An anonymous reader quotes a report from Bloomberg: Former Theranos Chief Executive Officer Elizabeth Holmes is exploring a "mental disease" defense for her criminal fraud trial, in one of Silicon Valley's most closely watched cases. That possibility was revealed Wednesday when the judge overseeing the case ruled that government prosecutors can examine Holmes. The ruling was in response to the failed blood-testing startup founder's plan to introduce evidence of "mental disease or defect" or other mental condition "bearing on the issue of guilt," according to the filing. Holmes may be seeking to introduce the evidence to challenge the requirement that prosecutors prove her intent to do something wrong or illegal.

Holmes intends to use testimony from Mindy Mechanic, a clinical psychologist at California State University at Fullerton, according to the filing. Mechanic is an expert on the psychosocial consequences of trauma, with a focus on violence against women, and often provides expert testimony in cases involving "interpersonal violence," according to her faculty profile on the school's website. Barbara McQuade, a former federal prosecutor who now teaches at the University of Michigan law school, said mounting a so-called insanity defense won't be easy, as the defendant must meet a high standard of proof. "Contrary to what you may see in the movies, an insanity defense in federal cases is rare and hard to fake," McQuade said in an email. Holmes must show that, at the time she committed the alleged offenses, a severe mental defect made her "unable to appreciate the nature and quality or the wrongfulness of (her) acts." In his ruling, U.S. District Judge Edward J. Davila rejected Holmes's argument that she shouldn't have to submit to a psychological examination by government experts. The judge ruled that such an examination is fair given Holmes's intent to use testimony from Mechanic.

Security engineer Ivan writes: For some reason Apple allows "subscription scam" apps on the App Store. These are apps that are free to download and then ask you to subscribe right on launch. It's called the freemium business model, except these apps ask you to subscribe for "X" feature(s) immediately when you launch them, and keep doing so, annoyingly, over and over until you finally subscribe. By subscribing you get a number of "free days" (trial) and then they charge you weekly/monthly/yearly for very basic features like scanning QR Codes.

I've been trying to monitor apps that have these characteristics: 1. They have In-App purchases for their subscriptions. 2. They have bad reviews, specially with words like "scam" or "fraud". 3. Their "good" reviews are generic, potentially bot-generated. This weekend I focused on 5 apps from 2 different developers and to my surprise they are very similar, not only their UI/UX but also their code is shared and their patterns are absolutely the same. A side from being classic subscription scam apps, I wanted to examine how they work internally and how they communicate with their servers and what type of information are they sending.

Google is banning app developer DO Global and removing their apps from the Google Play Store after it discovered the company was committing ad fraud. "As of today, 46 apps from DO Global, which is partly owned by internet giant Baidu, are gone from the Play store," reports BuzzFeed. "BuzzFeed News also found that DO Global apps no longer offer ad inventory for purchase via Google's AdMob network, suggesting the ban has also been extended to the internet giant's ad products." From the report: Prior to the app removals, DO Global had roughly 100 apps in the Play store with over 600 million installs. Their removal from the Play store marks one of the biggest bans, if not the biggest, Google has ever instituted against an app developer. DO Global was a subsidiary of Baidu until it was spun out last summer; Baidu retains a 34% stake. BuzzFeed News reported last week that at least six apps from DO included code that made them fraudulently click on ads even when a user was not using the app. The apps were also listed in the Play store under the generic developer names "Pic Tools Group" and "Photo Artist Studio," hosted their privacy policies on Tumblr, and did not disclose they were owned by DO. It's a violation of Play store policy to conceal ownership information, and to commit ad fraud. The ad fraud was detected by Check Point security, which responded to a request from BuzzFeed News to examine apps uncovered during its investigation.

Google removed those six apps, and claimed its internal systems had also flagged most of them for removal. Another 40 DO apps disappeared from the Play store this week, including 20 using the Do Global Games developer name, and 14 listed under Applecheer Studio. The apps listed different addresses and contact information in the store, making it difficult for the average user to see they were all owned by the same major developer.

judgecorp writes "Syed Hussain, already serving time for helping to plot attacks against UK targets, got another four months for refusing to divulge the password of a USB stick the police and GCHQ wanted to examine. The USB was believed to contain data about a suspected fraud unconnected with national security, and Hussain claimed to have forgotten it under stress, He later remembered it and it turned out to be a password he had used on other systems investigated by the police."

SpuriousLogic sends in a CNN report that begins "The Supreme Court has passed up a chance to examine how far states can go to restrict unsolicited e-mails in efforts to block spammers from bombarding computer users. The high court without comment Monday rejected Virginia's appeal to keep its Computer Crimes Act in place. It was one of the toughest laws of its kind in the nation, the only one to ban noncommercial — as well as commercial — spam e-mail to consumers in that state. The justices' refusal to intervene also means the conviction of prolific commercial spammer Jeremy Jaynes will not be reinstated." Jaynes remains behind bars because of a federal securities fraud conviction unrelated to the matter of spamming.

Hugh Pickens writes "The NY Times reports that Kate Stoeckle and Louisa Strauss, who graduated this year from the Trinity School in Manhattan, took on a freelance science project to check 60 samples of seafood using a simplified genetic fingerprinting technique called DNA Bar Coding to see whether the fish New Yorkers buy is what they think they are getting, and found that one-fourth of the fish samples with identifiable DNA were mislabeled: A piece of sushi sold as the luxury treat white tuna turned out to be Mozambique tilapia, a much cheaper fish that is often raised by farming. Roe supposedly from flying fish was actually from smelt." (More below.)

coondoggie writes "In an effort to buttress its enforcement and better understand the scourge that is identity theft, the Federal Trade Commission said today its plans to conduct a wide-ranging study of victims of the crime. The FTC is looking for people harmed by the crime and said the survey will examine the remedies available to victims under the Fair and Accurate Credit Transactions Act of 2003 (FACT Act). Among other things, the FACT Act gave consumers the right to place fraud alerts on their credit files if they are, or suspect they may become, victims of identity theft; block information on their credit reports that resulted from identity theft; and obtain copies of their credit reports free of charge."

ConfusedVorlon writes "The BBC reports on the sad case of Simon Bunce. Mr. Bunce had his identity stolen, and credit cards were made to capitalize on the theft. Some of those cards were used at sites offering child pornography, and as a result Mr. Bunce was swept up in Operation Ore. The poor man was prosecuted for his 'crime', and was eventually found innocent, but in the meantime he lost his job. It took him six months to find another at a quarter of the salary. 'The police's computer technicians take several months to examine [his computers and records], and Mr Bunce could not afford to wait to repair the damage done to his reputation. "I knew there'd been a fundamental mistake made and so I had to investigate it." Recent surveys suggest that as many as one in four Britons have been affected by it. In 2007 more than 185,000 cases of identity theft were identified by Cifas, the UK's fraud prevention service, an increase of almost 8% on 2006.'"

mikesd81 writes, "The AP has an article on PhishTank, OpenDNS's service for fighting e-mail fraud. The free service seeks to tap the wisdom of the Internet community in identifying phishing emails and sites." From the article: "Users simply submit to PhishTank.com the messages they believe are scams. Others then examine the message and the site to which it links and decide whether it is or isn't a scam. When an item gets enough votes and the margin is wide enough, it is either dropped or classified as a phishing message. To prevent scammers from trying to game the system, votes are weighed based on how long, how often, and how accurate one has rated other messages." Update: 10/05 18:24 GMT by kd : David Ulevitch wrote to mention: "PhishTank, unlike any other anti-phishing service, provides a full API and open access to the data for any developer to use to secure their applications. Before PhishTank, someone from the SpamAssassin project or maybe the Squid Cache would have to fork over a lot of money for phishing data to groups like the Anti Phishing Working Group or Symantec. It's now available for free, and I believe in a far more accurate and usable form."

The Open Voting Foundation's disclsosure that only one switch need be flipped to allow the machine to boot from an unverified external flash drive instead of the built-in, verified EEPROM drew more than 600 comments; some of the most interesting ones are below, in today's Backslash story summary.

Finin writes "In February 2005, Google was sued by Lane's Gifts & Collectibles in a class-action lawsuit over click fraud. The company alleged that Google had been improperly billing for pay-per-click ads that were not viewed by legitimate potential customers. As part of a settlement earlier this year, Google agreed to have an independent expert examine their click fraud detection methods, policies, and procedures and make a determination of whether or not they were reasonable measures to protect advertisers. The report of the expert, NYU Information Systems Professor Alexander Tuzhilin (a Professor of Information Systems at NYU), is now available." Update 07/26/2006 at 12:52 GMT by SM: Fixed the link to Tuzhilin's report.

anaesthetica writes "According to the Washington Post, an increasing tide of fraud in internet dating is prompting lawyers and lawmakers to examine possible regulations and consumer protections. Wire fraud scamming, plane ticket ripoffs, fraud perpetrated to fund trysts, fake "date bait" messages -- these are just a few of the issues the courts are beginning to deal with. Dating websites were immunized from lawsuits over false statements by the recent Communications Decency Act. Other attempts to regulate internet dating, such as the 2005 'mail-order bride' legislation, are already being challenged in court, but an increasing number of states are sponsoring their own legislation."

Ben Rothke writes "Thousands of computer security books have been published that deal with every conceivable security issue and technology. But Insider Threat is one of the first to deal with one of the most significant threats to an organizations, namely that of the trusted insider. The problem is that within information technology, many users have far too much access and trust than they should truly have." Read the rest of Ben's review.

Kevin Mitnick has been crazy-busy with media tours and book promotion stuff, and apologizes for taking so long to answer your questions. But answer he has, at length and in detail, with a brief intro at the start to correct a story in which he says he was misquoted. He has some other things on which he wants to set the record straight, too. Lots of them. Strong stuff here.

The country that helped invent the most technologically advanced information network in world history can't eliminate bureaucratic lines, create simple ballots, or tally up the votes that will determine the future of its own government. We need technological reforms, not merely political ones. Government has failed to use technology to deal with issues such as fund-raising and civic information in the Information Age, and citizens are paying the price.