Check out the new SourceForge HTML5 internet speed test! No Flash necessary and runs on all devices. ×
Government

California Launches Mandatory Data Collection For Police Use-of-Force (seattletimes.com) 83

An anonymous Slashdot reader quotes the AP: All 800 police departments in California must begin using a new online tool launched Thursday to report and help track every time officers use force that causes serious injuries... The tool, named URSUS for the bear on California's flag, includes fields for the race of those injured and the officers involved, how their interaction began and why force was deemed necessary.

"It's sort of like TurboTax for use-of-force incidents," said Justin Erlich, a special assistant attorney general overseeing the data collection and analysis. Departments must report the data under a new state law passed last November. Though some departments already tracked such data on their own, many did not... "As a country, we must engage in an honest, transparent, and data-driven conversation about police use of force," California Attorney General Kamala Harris said in a news release.

It's an open source tool developed by Bayes Impact, and California plans to share the code with other interested law enforcement agencies across the country. Only three other states currently require their police departments to track data about use-of-force incidents, "but their systems aren't digital, and in Colorado's case, only capture shootings."
Security

97% of the Top Companies Have Leaked Credentials Online (onthewire.io) 21

Apparently lots of people have been use both their work email address and work password on third-party sites -- suggesting a huge vulnerability. Trailrunner7 quotes On The Wire: The last few years have seen a number of large-scale breaches at popular sites and companies, including LinkedIn, Adobe, MySpace, and Ashley Madison, and many of the credentials stolen during those incidents have ended up online in various places... [R]esearch from Digital Shadows found that the most significant breach for the global 1,000 companies it looked at was the LinkedIn incident... Digital Shadows found more than 1.6 million credentials online for the 1,000 companies it studied. Adobe's breach was next on the list, with more than 1.3 million credentials.
"For Ashley Madison alone, there were more than 200,000 leaked credentials from the top 1,000 global companies," the researchers report, noting they also found many leaked credentials from breaches at other dating and gaming sites, as well as Myspace. Their conclusion? "The vast majority of organizations have credentials exposed online..."
Security

Why the Silencing of KrebsOnSecurity Opens a Troubling Chapter For the Internet (arstechnica.com) 195

An anonymous reader quotes a report from Ars Technica: For the better part of a day, KrebsOnSecurity, arguably the world's most intrepid source of security news, has been silenced, presumably by a handful of individuals who didn't like a recent series of exposes reporter Brian Krebs wrote. The incident, and the record-breaking data assault that brought it on, open a troubling new chapter in the short history of the Internet. The crippling distributed denial-of-service attacks started shortly after Krebs published stories stemming from the hack of a DDoS-for-hire service known as vDOS. The first article analyzed leaked data that identified some of the previously anonymous people closely tied to vDOS. It documented how they took in more than $600,000 in two years by knocking other sites offline. A few days later, Krebs ran a follow-up piece detailing the arrests of two men who allegedly ran the service. A third post in the series is here. On Thursday morning, exactly two weeks after Krebs published his first post, he reported that a sustained attack was bombarding his site with as much as 620 gigabits per second of junk data. That staggering amount of data is among the biggest ever recorded. Krebs was able to stay online thanks to the generosity of Akamai, a network provider that supplied DDoS mitigation services to him for free. The attack showed no signs of waning as the day wore on. Some indications suggest it may have grown stronger. At 4 pm, Akamai gave Krebs two hours' notice that it would no longer assume the considerable cost of defending KrebsOnSecurity. Krebs opted to shut down the site to prevent collateral damage hitting his service provider and its customers. The assault against KrebsOnSecurity represents a much greater threat for at least two reasons. First, it's twice the size. Second and more significant, unlike the Spamhaus attacks, the staggering volume of bandwidth doesn't rely on misconfigured domain name system servers which, in the big picture, can be remedied with relative ease. The attackers used Internet-of-things devices since they're always-connected and easy to "remotely commandeer by people who turn them into digital cannons that spray the internet with shrapnel." "The biggest threats as far as I'm concerned in terms of censorship come from these ginormous weapons these guys are building," Krebs said. "The idea that tools that used to be exclusively in the hands of nation states are now in the hands of individual actors, it's kind of like the specter of a James Bond movie." While Krebs could retain a DDoS mitigation service, it would cost him between $100,000 and $200,000 per year for the type of protection he needs, which is more than he can afford. What's especially troubling is that this attack can happen to many other websites, not just KrebsOnSecurity.
Crime

Cops Are Raiding Homes of Innocent People Based Only On IP Addresses (fusion.net) 237

Kashmir Hill has a fascinating story today on what can go wrong when you solely rely on IP address in a crime investigation -- also highlighting how often police resort to IP addresses. In the story she follows a crime investigation that led police to raid a couple's house at 6am in the morning, because their IP address had been associated with the publication of child porn on notorious 4chan porn. The problem was, Hill writes: the couple -- David Robinson and Jan Bultmann -- weren't the ones who had uploaded the child porn. All they did was voluntarily use one of their old laptops as a Tor exit relay, a software used by activists, dissidents, privacy enthusiasts as well as criminals, so that people who want to stay anonymous when surfing the web could do so. Hill writes: Robinson and Bultmann had [...] specifically operated the riskiest node in the chain: the exit relay which provides the IP address ultimately associated with a user's activity. In this case, someone used Tor to make the porn post, and his or her traffic had been routed through the computer in Robinson and Bultmann's house. The couple wasn't pleased to have helped someone post child porn to the internet, but that's the thing about privacy-protective tools: They're going to be used for good and bad purposes, and to support one, you might have to support the other.Robinson added that he was a little let down because police didn't bother to look at the public list which details the IP addresses associated with Tor exit relays. Hill adds: The police asked Robinson to unlock one MacBook Air, and then seemed satisfied these weren't the criminals they were looking for and left. But months later, the case remains open with Robinson and Bultmann's names on police documents linking them to child pornography. "I haven't run an exit relay since. The police told me they'd be back if it happened again," Robinson said; he's still running a Tor node, just not the end point anymore. "I have to take the threat seriously because I don't want my wife or I to wake up with guns in our faces."Technologist Seth Schoen, and EFF Executive Director Cindy Cohn in a white paper aimed at courts and cops. "For many reasons, connecting an individual to a crime linked to an IP address, without any additional investigation, is irresponsible and threatens the civil liberties of innocent people."
Piracy

Hackers Seed Torrent Trackers With Malware Disguised as Popular Downloads (grahamcluley.com) 63

An anonymous reader writes: Cybercriminals are spreading malware via torrent distribution networks, using an automated tool to disguise the downloads as trending audio, video and other digital content in an attempt to infect more unsuspecting victims. Researchers at InfoArmor say they have uncovered a malicious torrent distribution network that relies on a tool called RAUM to infect computers with malware. The network begins with a torrent parser, which collects information about some of the most popular torrent files circulating around the web. Computer criminals then apply their RAUM tool to create a series of malicious files. Some are fake copies of those popular torrent files that in reality hide notorious malware such as CryptXXX, Cerber, or Dridex. Others are weaponized torrent files, while others still are parsed torrent files that rely on a high download rating, a reputation which the attackers artificially inflate by abusing compromised users' accounts to set up new seeds.
Patents

'Corporate Troll' Wins $3 Million Verdict Against Apple For Ring-Silencing Patent (arstechnica.com) 84

An anonymous reader quotes a report from Ars Technica: A non-practicing entity called MobileMedia Ideas LLC won a patent lawsuit against Apple today, with a Delaware federal jury finding that Apple should pay $3 million for infringing MobileMedia's patent RE39,231, which relates to ring-silencing features on mobile phones. MobileMedia is an unusual example of the kind of pure patent-licensing entity often derided as a "patent troll." It is majority-owned by MPEG-LA, a patent pool that licenses common digital video technologies like H-264, MPEG-2, and MPEG-4. Minority stakes in MobileMedia are owned by Sony and Nokia, which both contributed the patents owned by the company. MobileMedia also has the same CEO as MPEG-LA, Larry Horn. The battle ended up being a long one, as MobileMedia first filed the case in 2010. It went to trial in 2012, and the jury found that Apple infringed three patents. After reviewing post-trial motions, the judge knocked out some, but not all, of the infringed patent claims. Then came an appeal in which a panel of Federal Circuit judges upheld (PDF) some of the lower court's judges and overturned others. A $3 million verdict is hardly going to make an impact on Apple, and it doesn't represent a huge win for MobileMedia, which was reportedly seeking $18 million in royalties from the trial. Still, getting a verdict in its favor does represent some validation of MobileMedia's business model, which was a striking example of technology corporations using the "patent troll" business model as a kind of proxy war. Nokia and Sony were able to use MobileMedia and the licensing talent at MPEG-LA to wage a patent attack on Apple without engaging directly in court. In all, after years of back-and-forth, the ring-silencing patent was the one that MobileMedia had left. While Apple didn't win the case against one of the first "corporate trolls," it was able to severely pare down the scale of the attack and show that it's willing to fight a long legal war of attrition to make its point.
Music

It Took a Couple Decades, But the Music Business Looks Like It's Okay Again (recode.net) 125

According to latest number from RIAA, music sales in the first half of the year were up 8.4 percent, to $3.4 billion -- the best performance the music industry has seen since its peak days back in the CD era. Recode adds: That boom is fueled entirely by the growth of paid subscription services. This year's numbers include Apple Music, which didn't exist a year ago but has 17 million worldwide subscribers today, as well as Spotify, which has been growing faster than Apple and has 40 million global subs. Digital downloads via stores like iTunes, meanwhile, are falling behind. Those sales dropped 17 percent to $1 billion. And some people still buy CDs, but soon that business will be a footnote: Those sales dropped 14 percent and now make up just 20 percent of U.S. sales. All good, right? Not according to Cary Sherman, who runs the RIAA, the labels' American trade group. He has a Medium post complaining that YouTube doesn't pay enough for all the music it streams, almost all of which is free.
Robotics

UK Standards Body Issues Official Guidance On Robot Ethics (digitaltrends.com) 68

An anonymous reader quotes a report from Digital Trends: The British Standards Institution, which is the U.K.'s national standards body charged with creating the technical standards and certification for various products and services, has just produced its first set of official ethics guidelines relating to robots. "The expert committee responsible for this thought there was really a need for a set of guidelines, setting out the ethical principles surrounding how robots are used," Dan Palmer, head of market development at BSI, told Digital Trends. "It's an area of big public debate right now." The catchily-named BS 8611 guidelines start by echoing Asimov's Three Laws in stating that: "Robots should not be designed solely or primarily to kill or harm humans." However, it also takes aim at more complex issues of transparency by noting that: "It should be possible to find out who is responsible for any robot and its behavior." There's even discussion about whether it's desirable for a robot to form an emotional bond with its users, an awareness of the possibility robots could be racist and/or sexist in their conduct, and other contentious gray areas. In all, it's an interesting attempt to start formalizing the way we deal with robots -- and the way roboticists need to think about aspects of their work that extend beyond technical considerations. You can check it out here -- although it'll set you back 158 pounds ($208) if you want to read the BSI guidelines in full. (Is that ethical?) "Robots have been used in manufacturing for a long time," Palmer said. "But what we're seeing now are more robots interacting with people. For instance, there are cases in which robots are being used to give care to people. These are usages that we haven't seen before -- [which is where the need for guidelines comes in.]"
Businesses

GoPro Launches Karma Drone and Voice-Controlled Hero5 Cameras (cnet.com) 14

The long-awaited GoPro drone has officially launched. Dubbed Karma, GoPro's new drone works with the Hero5 and Hero5 Session, two new flagship cameras. The Hero5 features a 2-inch touch display, 12-megapixel photos with RAW support, built-in GPS, electronic image stabilization, waterproofing up to 33 feet (10 meters), and voice control. The GoPro Hero5 Session on the other hand consists of a tiny cube camera that is capable of 4K video recording at 30 fps and 10-megapixel photos. It too is waterproof up to 33 feet (10 meters) and offers support for voice commands. You can say, "GoPro, start recording," and it will start recording. They are also both cloud-connected, meaning they can auto-upload photos and video to an account when the camera is charging (requires a paid subscription to GoPro's new cloud service). While the Karma works with the Hero5 and Hero5 Session, it also works with the Hero4 cameras. CNET reports: The Karma's small, too. Like fold-it-up-and-stick-it-in-a-regular-backpack small. In fact, it even comes with the backpack. And of course it's made with the new Hero5 Black and Hero5 Session cameras, but will also work with the Hero4 cameras. So you're not stuck with a camera that's permanently attached to a drone, you're getting a camera you can use on its own or in the drone. Perhaps its greatest asset is the three-axis camera stabilizer on the drone. Not only will it keep your video looking smooth in the air, but it can be removed and attached to the included Karma Grip. GoPro says the grip can then be used handheld, perfect for running, riding, skating, etc. alongside your friends, or mounted on other gear. Karma arrives on October 23 for $799 without a camera, $999 with a Hero5 Session and $1,099 with the Hero5 Black.
Games

Valve Bans Developer From Steam After It Sues Customers Over Bad Reviews (arstechnica.com) 194

From an ArsTechnica report: A game developer has been banned from Steam after users claimed that it had attempted to sue 100 users of the platform for $18 million -- for the crime of leaving bad reviews. Digital Homicide, which has released dozens of small games mostly available for a couple of quid each, had its titles removed from Valve's popular digital distribution platform on Friday night. Its boss, James Romine, was granted a subpoena by a court in Arizona apparently allowing him to demand the release of "identification and associated data" of anonymous Steam users. The lawsuit listed in turn the misdemeanours of dozens of John/Jane Does, which include counts of "harassment," "stalking," and "cyber-bullying." In a brief e-mail sent to Vice's Motherboard at the end of last week, Valve's marketing veep Doug Lombardi confirmed that "Valve has stopped doing business with Digital Homicide for being hostile to Steam customers."
Open Source

Netflix Releases 'Meridian' Test Footage To All Including Competitors, Open Sources Some Tools (variety.com) 40

Netflix has released 'Meridian' to not just all its 83 million subscribers, but to everyone. The company produced the title as test footage to evaluate anything from the performance of video codecs to the way Netflix streams look like on 4K TVs. But the company decided to make it to open to all -- be it hardware manufacturers, codec developers, or even competitors like Amazon and Hulu. From a report on Variety:Netflix is using a Creative Commons license for the release of "Meridian," which is new for an industry that isn't used to sharing a lot of resources. "They are in the business of exploiting content, not of giving it away," Chris Fetner, the company's director for content partner operations said. But for Netflix, it's just par of the course. Thanks to its Silicon Valley DNA, Netflix has long collaborated with other companies on cloud computing-focused open source projects. Now, it wants to nudge Hollywood to do the same -- and "Meridian" is only the beginning. This week, Netflix is also open-sourcing a set of tools tackling a common problem for studios and video services.
The Courts

'Unpatent' Begins Crowdfunding Challenges To Bad Patents (unpatent.co) 109

"Unpatent is a crowdfunding platform that eliminates bad patents," reads their web site. "We do that by crowdsourcing the prior art -- that is all the evidence that makes clear that a patent was not novel -- and filing reexamination requests to the patent office." An anonymous Slashdot reader reports: "Everyone in the world can back the crowdfunding campaign against the patent," explains their site, which includes a special section with "Featured stupid patents". The first $16,000 raised covers the lawyers and fees at the U.S. Patent and Trademark Office, and "The rest is distributed to those who find valid prior art...any evidence that a patent is not novel. We review all the prior art pieces and reward those that may invalidate a claim... Then, we file an ex partes reexamination to the USPTO."

Their team includes Lee Cheng, the legal officer at Newegg, "worldwide renowned as the patent trolls' nightmare," as well as Lus Cuende, who created his own Linux distro when he was 15 and is now CTO of Stampery, a company using the Bitcoin blockchain to notarize data.

They're currently targeting the infamous US8738435 covering "personalized content relating to offered products and services," which in February the EFF featured as their "stupid patent of the month." Its page on Unpatent.co argues that "Taking something so obvious such as personalizing content and offers...and writing the word online everywhere shouldn't grant you a monopoly over it." Unpatent's slogan? "We invalidate patents that shouldn't exist."
Space

Pluto Is Emitting X-Rays (digitaltrends.com) 106

An anonymous reader quotes a report from Digital Trends: Scientists have noticed the tiny trans-Neptunium object emitting X-rays, which, if it is confirmed, is both a baffling and exciting discovery. Carey Lisse and Ralph McNutt from Johns Hopkins University Applied Physics Laboratory and a team of colleagues detected the X-rays by pointing the Chandra X-Ray Obervatory telescope in Pluto's direction four different times between February 2014 and August 2015. Seven photons of X-ray light were detected during these observations, confirming the team's hypothesis that the dwarf planet is detectable on the X-ray spectrum, potentially due to the presence of an atmosphere. Their findings have been published in the scientific journal Icarus. Why is this such a big deal? First of all, it would challenge what scientists have previously believed to be true of Pluto's nature. Until now, the popular description of the dwarf planet is as a tiny ball of frozen rock slowly meandering around the sun some 3.6-billion miles away. One of the possible explanations for why Pluto is emanating X-rays would be that the high energy particles emitted by the sun are stripping away and reacting with Pluto's atmosphere, producing the X-rays that are visible to Chandra. There are other potential explanations, such as haze particles in Pluto's atmosphere scattering the sun's X-rays are possible, though unlikely given the temperature of the X-rays observed. It is also possible that these X-rays are actually bright auroras produced by the atmosphere, but that would require Pluto to have a magnetic field -- something that would have been detected during New Horizon's flyby, yet no evidence of one was found.
Government

'Government Abuse' of the Internet Makes Some People More Equal Than Others, Says Study (washingtonpost.com) 39

An anonymous reader quotes a report from Washington Post: When the Arab Spring spread across the Middle East and North Africa, the internet was considered to have been one of the main facilitators of the revolutions, and while the Arab Spring has since become a source of frustration to many of those who fought for it, the assumption that the internet will facilitate future uprisings has rarely been questioned. A new study, however, now raises doubts about to what extent the internet plays a role in fostering democracy. In fact, it may make some people more equal than others. To voice discontent online, groups first need access to the internet, but too often, that is precisely what they lack, according to the report which was published by the academic journal Science. Those findings could force Western governments and nongovernmental organizations engaged in pro-democracy initiatives to rethink how they spread their message. Comparing the accessibility of internet in certain regions and taking into account the existence of minority communities, the authors found "a strong and persistent political bias in the allocation of internet coverage across ethnic groups worldwide [...] an effect that cannot be explained by economic or geographic factors." Around 500 minority groups worldwide were included in the study, with consistent findings of what the authors called "digital discrimination." The 10 worst-affected minorities mostly come from Russia and Malaysia, said researcher Nils B. Weidmann.
Government

AP, Vice, USA Today Sue FBI For Info On Phone Hack of San Bernardino Shooter (usatoday.com) 49

Three news organizations filed a lawsuit Friday seeking information about how the FBI was able to break into the locked iPhone of one of the gunmen in the December terrorist attack in San Bernardino. From a USA Today report: The Justice Department spent more than a month this year in a legal battle with Apple over it could force the tech giant to help agents bypass a security feature on Syed Rizwan Farook's iPhone. The dispute roiled the tech industry and prompted a fierce debate about the extent of the government's power to pry into digital communications. It ended when the FBI said an "outside party" had cracked the phone without Apple's help. The news organizations' lawsuit seeks information about the source of the security exploit agents used to unlock the phone, and how much the government paid for it. It was filed in federal court in Washington by USA TODAY's parent company, Gannett, the Associated Press and Vice Media. The FBI refused to provide that information to the organizations under the Freedom of Information Act. The lawsuit charges that "there is no lawful basis" for the FBI to keep the records secret.
Government

FBI Director James Comey: Cover Up Your Webcam (thehill.com) 168

An anonymous reader quotes a report from The Hill: The head of the FBI on Wednesday defended putting a piece of tape over his personal laptop's webcam, claiming the security step was a common sense one that most should take. "There's some sensible things you should be doing, and that's one of them," Director James Comey said during a conference at the Center for Strategic and International Studies. "You go into any government office and we all have the little camera things that sit on top of the screen," he added. "They all have a little lid that closes down on them. "You do that so that people who don't have authority don't look at you. I think that's a good thing." Comey was pilloried online earlier this year, after he revealed that he puts a piece of tap over his laptop camera to keep away prying eyes. The precaution is a common one among security advocates, given the relative ease of hacking laptop cameras. But many found it ironic for Comey, who this year launched a high profile battle against Apple to gain access to data locked inside of the iPhone used by one of the San Bernardino, Calif., terrorists. Many viewed that fight as a referendum on digital privacy.
EU

EU Commission Proposes Mandatory Piracy Filters For Online Services (torrentfreak.com) 62

An anonymous reader quotes a report from TorrentFreak: During his State of the Union address today, EU Commission President Jean-Claude Juncker announced several plans (PDF) to modernize copyright law in Europe. One of the suggestions that has a lot of people worried is Article 13, which requires online services to police pirated content. This means that online services, which deal with large volumes of user-uploaded content, must use fingerprinting and filtering mechanisms to block copyright infringing files. While the Commission stresses that small content platforms won't be subject to the requirement, the proposal doesn't define what "small" means. It also fails to define what "appropriate" or "effective" content recognition systems are, creating a fair bit of uncertainty. Commenting on the proposal, Digital rights group EDRi says that it will put many European companies at risk while endangering users' right to free speech. "The text that was launched today includes a proposal to potentially filter all uploads to the Internet in Europe. The draft text would destroy users' rights and legal certainty for European hosting companies," EDRi notes. The Commission, however, notes that the changes are needed to reinforce the negotiating position of copyright holders, so they can sign licensing agreements with services that provide access to user uploaded content.
EU

10 Years in Prison For Online Pirates a Step Closer in the UK (torrentfreak.com) 136

The UK Government's Digital Economy Bill has moved a step closer to becoming law after its second reading in Parliament. With unanimous support, the current two-year maximum custodial sentence for online piracy is almost certain to increase to a decade, TorrentFreak reports. From the article: Due to UK copyright law allowing for custodial sentences of 'just' two years for online offenses, anti-piracy groups such as the Federation Against Copyright Theft have chosen to pursue their own private prosecutions. These have largely taken place under legislation designed for those who have committed fraud, rather than the more appropriate offense of copyright infringement. Physical pirates (CDs, DVDs) can be jailed for up to 10 years under current legislation. During the past few years, there have been lobbying efforts for this punishment to apply both on and offline. That resulted in a UK Government announcement last year indicating that it would move to increase the maximum prison sentence for online copyright infringement to ten years. They also urge Google to do something about growing incidents of piracy.
EU

New EU Rules Promise 100Mbps Broadband and Free Wi-Fi For All (arstechnica.com) 180

An anonymous reader writes: The European Commission has promised free Wi-Fi in every town, village, and city in the European Union, in the next four years. A new grant, with a total budget of 120 million euro, will allow public authorities to purchase state-of-the art equipment, for example a local wireless access point. If approved by the the European Parliament and national ministers the cash could be available before the end of next year. The commission has also set a target for all European households to have access to download speeds of at least 100Mbps by 2025, and has redefined Internet access as a so-called universal service, while removing obligations for old universal services such as payphones. It also envisions fully deploying 5G, the fifth generation of mobile communication systems, across the European Union by 2025. Commission president Jean-Claude Juncker made reference to many of these proposals while also promising to abolish roaming once and for all in his "State of the European Union" address on Wednesday morning.
AI

Robots Will Eliminate 6% of All US Jobs By 2021, Says Report (theguardian.com) 400

An anonymous reader quotes a report from The Guardian: By 2021, robots will have eliminated 6% of all jobs in the U.S., starting with customer service representatives and eventually truck and taxi drivers. That's just one cheery takeaway from a report released by market research company Forrester this week. These robots, or intelligent agents, represent a set of AI-powered systems that can understand human behavior and make decisions on our behalf. Current technologies in this field include virtual assistants like Alexa, Cortana, Siri and Google Now as well as chatbots and automated robotic systems. For now, they are quite simple, but over the next five years they will become much better at making decisions on our behalf in more complex scenarios, which will enable mass adoption of breakthroughs like self-driving cars. The Inevitable Robot Uprising has already started, with at least 45% of U.S. online adults saying they use at least one of the aforementioned digital concierges. Intelligent agents can access calendars, email accounts, browsing history, playlists, purchases and media viewing history to create a detailed view of any given individual. With this knowledge, virtual agents can provide highly customized assistance, which is valuable to shops or banks trying to deliver better customer service. The report predicts there will be a net loss of 7% of U.S. jobs by 2025 -- 16% of U.S. jobs will be replaced, while the equivalent of 9% jobs will be created. The report forecasts 8.9 million new jobs in the U.S. by 2025, some of which include robot monitoring professionals, data scientists, automation specialists, and content curators.

Slashdot Top Deals