EU

Company Gets 45,000 Bad Facebook Reviews After Teenaged Hacker's Unjust Arrest (bleepingcomputer.com) 171

An anonymous reader quotes BleepingComputer: Over 45,000 users have left one-star reviews on a company's Facebook page after the business reported a security researcher to police and had him arrested in the middle of the night instead of fixing a reported bug. The arrest took place this week in Hungary after an 18-year-old found a flaw in the online ticket-selling system of Budapesti Közlekedési Központ, Budapest's public transportation authority. The young man discovered that he could access BKK's website, press F12 to enter the browser's developer tools mode, and modify the page's source code to alter a ticket's price. Because there was no client or server-side validation put in place, the BKK system accepted the operation and issued a ticket at a smaller price...

The teenager -- who didn't want his name revealed -- reported the issue to BKK, but the organization chose to contact the police and file a complaint, accusing the young man of hacking their systems... BKK management made a fatal mistake when they brazenly boasted in a press conference about catching the hacker and declaring their systems "secure." Since then, other security flaws in BKK's system have surfaced on Twitter. As details of the case emerged, public outrage grew against BKK and its manager Kálmán Dabóczi, especially after it was revealed that BKK was paying around $1 million per year for maintenance of its IT systems, hacked in such a ludicrously simple manner.

The Almighty Buck

Norway, the Country Where No Salaries Are Secret (bbc.com) 202

In Norway, there are no such secrets. Anyone can find out how much anyone else is paid -- and it rarely causes problems. From a report: In the past, your salary was published in a book. A list of everyone's income, assets and the tax they had paid, could be found on a shelf in the public library. These days, the information is online, just a few keystrokes away. The change happened in 2001, and it had an instant impact. "It became pure entertainment for many," says Tom Staavi, a former economics editor at the national daily, VG. "At one stage you would automatically be told what your Facebook friends had earned, simply by logging on to Facebook. It was getting ridiculous." Transparency is important, Staavi says, partly because Norwegians pay high levels of income tax -- an average of 40.2 percent compared to 33.3 percent in the UK, according to Eurostat, while the EU average is just 30.1 percent. "When you pay that much you have to know that everyone else is doing it, and you have to know that the money goes to something reasonable," he says. "We [need to] have trust and confidence in both the tax system and in the social security system."
Social Networks

Nearly 90,000 Sex Bots Invaded Twitter in 'One of the Largest Malicious Campaigns Ever Recorded on a Social Network' (gizmodo.com) 53

An anonymous reader shares a report: Last week, Twitter's security team purged nearly 90,000 fake accounts after outside researchers discovered a massive botnet peddling links to fake "dating" and "romance" services. The accounts had already generated more than 8.5 million posts aimed at driving users to a variety of subscription-based scam websites with promises of -- you guessed it -- hot internet sex. The accounts were first identified by ZeroFOX, a Baltimore-based security firm that specializes in social-media threat detection. The researchers dubbed the botnet "SIREN" after sea-nymphs described in Greek mythology as half-bird half-woman creatures whose sweet songs often lured horny, drunken sailors to their rocky deaths. ZeroFOX's research into SIREN offers a rare glimpse into how efficient scammers have become at bypassing Twitter's anti-spam techniques. Further, it demonstrates how effective these types of botnets can be: The since-deleted accounts collectively generated upwards of 30 million clicks -- easily trackable since the links all used Google's URL shortening service.
Security

It's Trivially Easy to Hack into Anybody's Myspace Account (vice.com) 68

If you are one of the almost half a billion people who at some point used to be on Myspace, the hottest social network of the early 2000s, you should know that almost anyone can hack into your account. From a report: Myspace offers a mechanism to recover an account for people who have lost access to their old associated email address. A security researcher has discovered that it's relatively easy to abuse this mechanism to hack into anyone's account. All a wannabe hacker needs is the target's full name, username, and date of birth. Security researcher Leigh-Anne Galloway disclosed the vulnerability on Monday. She says she informed Myspace about the vulnerability almost three months ago and the site hasn't acknowledged or fixed it.
Government

Y Combinator Announces Funding For UBI-Supporting Political Candidates (latimes.com) 194

Most people "feel like they have great potential that is being wasted," argues Y Combinator president Sam Altman -- a Stanford dropout whose company's investments are now worth $65 billion, including Airbnb, Reddit, and Dropbox. Now an anonymous reader quote the Los Angeles Times: A wealthy young Silicon Valley venture capitalist hopes to recruit statewide and congressional candidates and launch an affordable-housing ballot measure in 2018 because he says California's leaders are failing to address flaws in the state's governance that are killing opportunities for future generations. Sam Altman, 32, will roll out an effort to enlist candidates around a shared set of policy priorities -- including tackling how automation is going to affect the economy and the cost of housing in California -- and is willing to put his own money behind the effort. "I think we have a fundamental breakdown of the American social contract and it's desperately important that we fix it," he said. "Even if we had a very well-functioning government, it would be a challenge, and our current government functions so badly it is an extra challenge..."

Altman lays out 10 principles including lowering the cost of housing, creating single-payer healthcare, increasing clean energy use, improving education, reforming taxes and rebuilding infrastructure. He has few specific policy edicts, and floats proposals that will generate controversy, such as creating a universal basic income for all Americans in an effort to equalize opportunity, public funding for the media and increasing taxes on property that is owned by foreigners, is unoccupied or has been "flipped" by investors seeking a quick return on an investment.

Altman argues that he wants to "ensure that everyone benefits from the coming changes," and specifically highlights the idea of a Universal Basic Income. Altman writes that "If it turns out to be a good policy, I could imagine passing a law that puts it into effect when the GDP per capita doubles. This could help cushion the transition to a post-automation world."
United States

White House Releases Sensitive Personal Info From Voters Concerned About Privacy (vox.com) 327

Huge_UID shares an article from Vox: The White House just responded to concerns it would release voters' sensitive personal information by releasing a bunch of voters' sensitive personal information. Last month, the White House's "election integrity" commission sent out requests to every state asking for all voters' names, party IDs, addresses, and even the last four digits of their Social Security numbers, among other information. The White House then said this information would be made available to the public. A lot of people did not like the idea, fearing that their personal information could be made public. So some sent emails to the White House, demanding that it rescind the request. This week, the White House decided to make those emails from concerned citizens public through the commission's new website... It didn't censor any of the personal information -- such as names, email addresses, actual addresses, and phone numbers -- included in those emails.
Some of the emails also included the commenter's place of employment -- though at least one commenter helpfully informed the White House that their voter info was available at Goatse. But the voting comission is now also facing new lawsuits from the ACLU, Public Citizen, and the Lawyers' Committee for Civil Rights Under Law, McClatchy reported on Monday, noting that "Trump's voting commission has told states to hold off on sharing the data until after a judge's ruling in a lawsuit."
The Internet

Reddit Is Testing Country-Specific Home Pages That Highlight 'Geo Popular' Content (ndtv.com) 49

Reader joshtops writes: Reddit is exploring a new way to make its front page more relevant to its readers. The social aggregation and discussion website is testing tailored home pages based on a reader's location in select places, Gadgets 360 spotted. The company has confirmed to us that it is indeed testing "geo popular" home pages. As part of the test, readers in Australia, Canada, India, Ireland, Mexico, New Zealand, and United Kingdom could see a banner when they visit Reddit.com informing them of the new home page. It's unclear if registered and signed in users are also a part of the experiment. Testing from India, in one case we found several stories from r/India and r/cricket (no surprise given the sport's popularity in the country) subreddits populate the home page. Reddit is also letting people switch the home page to any of the aforementioned country's home pages. Users also have the option to switch to the global -- universal -- home page. In a statement, a Reddit spokesperson told Gadgets 360, "We've been testing new geo-based popular feeds as a way to surface more relevant content to users based on their location," reserving any timeframe for when -- and if -- Reddit plans to roll-out this feature to all its users. "We'll be adjusting as we receive feedback from users," the spokesperson added, reaffirming that users will be "able to toggle locations to see popular posts in other geographical areas or globally."
Australia

Australia To Compel Technology Firms To Provide Access To Encrypted Missives (reuters.com) 230

Australia on Friday proposed new laws to compel companies such as U.S. social media giant Facebook and device manufacturer Apple to provide security agencies access to encrypted messages. From a report: The measures will be the first in an expected wave of global legislation as pressure mounts on technology companies to provide such access after several terror suspects used encrypted applications ahead of attacks. Australia, a staunch U.S. ally, is on heightened alert for attacks by home-grown radicals since 2014 and authorities have said they have thwarted several plots, although Prime Minister Malcolm Turnbull said law enforcement needed more help. "We need to ensure the internet is not used as a dark place for bad people to hide their criminal activities from the law," Turnbull told reporters in Sydney. "The reality is, however, that these encrypted messaging applications and voice applications are being used obviously by all of us, but they're also being used by people who seek to do us harm."
Cloud

Border Patrol Says It's Barred From Searching Cloud Data On Phones (nbcnews.com) 74

According to a letter obtained by NBC News, U.S. border officers aren't allowed to look at any data stored only in the "cloud" -- including social media data -- when they search U.S. travelers' phones. "The letter (PDF), sent in response to inquiries by Sen. Ron Wyden, (D-Ore.), and verified by Wyden's office, not only states that CBP doesn't search data stored only with remote cloud services, but also -- apparently for the first time -- declares that it doesn't have that authority in the first place." From the report: In April, Wyden and Sen. Rand Paul, R-Ky., introduced legislation to make it illegal for border officers to search or seize cellphones without probable cause. Privacy advocates and former Homeland Security lawyers have said they are alarmed by how many phones are being searched. The CBP letter, which is attributed to Kevin McAleenan, the agency's acting commissioner, is dated June 20, four months after Wyden asked the Department of Homeland Security (PDF), CBP's parent agency, to clarify what he called the "deeply troubling" practice of border agents' pressuring Americans into providing passwords and access to their social media accounts. McAleenan's letter says officers can search a phone without consent and, except in very limited cases, without a warrant or even suspicion -- but only for content that is saved directly to the device, like call histories, text messages, contacts, photos and videos.
Businesses

Europe Says Employers Must Warn Job Applicants Before Checking Them Out on Social Media (cnn.com) 221

Europe has a message for employers: Think twice before you check the social media profiles of job applicants. From a report: European officials have issued new guidelines that warn bosses about the legal hazards of scrolling through the social media profiles of potential hires. The rules require employers to issue a disclaimer before they check applicants' online accounts, including Facebook, Instagram, Snapchat, Twitter and LinkedIn. If applicants don't see the warning, the company could be in breach of European Union data protection rules. Employers are also barred from compiling social media data as part of the hiring process unless it is "necessary and relevant" for a particular job. The guidelines are part of a lengthy document clarifying data protection laws that apply to employers across 28 EU countries.
Facebook

Mark Zuckerberg Hits the Road To Meet Regular Folks -- With a Few Conditions (foxbusiness.com) 254

Mark Zuckerberg is trying to understand America, so he's embarked on a journey to meet people like hockey moms and steelworkers who don't typically cross his path. But there are rules to abide by if you are an ordinary person about to meet an extraordinary entrepreneur. From a report: Rule One: You probably won't know Mr. Zuckerberg is coming. Rule Two: If you do know he's coming, keep it to yourself. Rule Three: Be careful what you reveal about the meeting. While the Facebook CEO has built a social network that inspired people around the world to share the most intimate details about their personal lives, his team goes to extraordinary lengths to keep his movements under wraps and control how he is perceived. Midway through a "personal challenge" to travel to 30 states he'd never visited, the 33-year old aims "to talk to more people about how they're living, working and thinking about the future," he wrote in January on his Facebook page. Among those people was Kyle McKasson, manager of the Wilton Candy Kitchen, a century-old shop on the town square in Wilton, Iowa. He was at work one Monday afternoon in June when two men and a woman dressed in jeans and button-down shirts entered the store, which is a regular stop on Iowa's presidential campaign circuit.
Education

Students Are Better Off Without a Laptop In the Classroom (scientificamerican.com) 247

Cindi May writes via Scientific American about new research that "suggests that laptops do not enhance classroom learning, and in fact students would be better off leaving their laptops in the dorm during class." From the report: Although computer use during class may create the illusion of enhanced engagement with course content, it more often reflects engagement with social media, YouTube videos, instant messaging, and other nonacademic content. This self-inflicted distraction comes at a cost, as students are spending up to one-third of valuable (and costly) class time zoned out, and the longer they are online the more their grades tend to suffer. To understand how students are using computers during class and the impact it has on learning, Susan Ravizza and colleagues took the unique approach of asking students to voluntarily login to a proxy server at the start of each class, with the understanding that their internet use (including the sites they visited) would be tracked. Participants were required to login for at least half of the 15 class periods, though they were not required to use the internet in any way once they logged in to the server. Researchers were able to track the internet use and academic performance of 84 students across the semester.

participants spent almost 40 minutes out of every 100-minute class period using the internet for nonacademic purposes, including social media, checking email, shopping, reading the news, chatting, watching videos, and playing games. This nonacademic use was negatively associated with final exam scores, such that students with higher use tended to score lower on the exam. Social media sites were the most-frequently visited sites during class, and importantly these sites, along with online video sites, proved to be the most disruptive with respect to academic outcomes. In contrast with their heavy nonacademic internet use, students spent less than 5 minutes on average using the internet for class-related purposes (e.g., accessing the syllabus, reviewing course-related slides or supplemental materials, searching for content related to the lecture). Given the relatively small amount of time students spent on academic internet use, it is not surprising that academic internet use was unrelated to course performance. Thus students who brought their laptops to class to view online course-related materials did not actually spend much time doing so, and furthermore showed no benefit of having access to those materials in class.

Communications

41 Percent of Adults In the US Have Been Harassed Online, Says Pew Study (techcrunch.com) 242

According to a new Pew Research Center study, 41 percent of adults said they have experienced harassment online, and 66 percent of people said they've seen it happen to others. What's the most common form of online harassment? According to the study, it's offensive name-calling. TechCrunch reports: It's worth noting that while men are slightly more likely than women to be harassed online (44 percent versus 37 percent), women are more likely to be sexually harassed online. For example, 53 percent of women surveyed reported receiving explicit images they did not request. Unsurprisingly, social media is where people are most likely to experience online harassment, with 58 percent of those harassed saying the most recent incident happened on a social media platform. Also unsurprising is the fact that more than half of people harassed don't know the person harassing them. Pew also explored "emergent" forms of online harassment, like doxing (posting someone's personal information online without consent), trolling (intentionally trying to provoke or upset someone), hacking (illegally accessing someone's accounts) and swatting (when you call 911 for a fake emergency and have the police show up at that person's house). "While many Americans are not aware of these behaviors, they have all been used to escalate abuse online," the report states.
The Courts

Twitter Users Blocked By Trump Sue, Claim @realDonaldTrump Is Public Forum (arstechnica.com) 429

An anonymous reader quotes a report from Ars Technica: A handful of Twitter users, backed by the Knight First Amendment Institute at Columbia University, sued President Donald Trump on Tuesday, claiming their constitutional rights are being violated because the president has blocked them from his @realDonaldTrump handle. The suit claims that Trump's Twitter feed is a public forum and an official voice of the president. Excluding people from reading or replying to his tweets -- especially because they tweeted critical comments -- amounts to a First Amendment breach, according to the lawsuit.

"The @realDonaldTrump account is a kind of digital town hall in which the president and his aides use the tweet function to communicate news and information to the public, and members of the public use the reply function to respond to the president and his aides and exchange views with one another," according to the lawsuit (PDF) filed in New York federal court. "Defendants' viewpoint-based blocking of the Individual Plaintiffs from the @realDonaldTrump account infringes the Individual Plaintiffs' First Amendment rights. It imposes an unconstitutional restriction on their participation in a designated public forum," the suit says. "It imposes an unconstitutional restriction on their right to access statements that Defendants are otherwise making available to the public at large. It also imposes an unconstitutional restriction on their right to petition the government for redress of grievances."

Privacy

Russians Now Need a Passport To Watch Pornhub (vice.com) 89

An anonymous reader quotes a report from VICE News: Pornhub, the world's biggest porn site, now requires users in Russia to log in using social media accounts linked to their passports and cell phones. Monday's change is the latest chapter of an ongoing feud between Pornhub and the Russian government. The site was blocked in Russia last September for allegedly spreading information detrimental to the development of children, then reinstated in April after instituting a requirement that users specify their age. At the time, Pornhub asked the Russian state media regulation agency whether officials there would lift the ban if they were given free Pornhub Premium accounts. Pornhub announced the change on its own Vkontakte page page by saying "now you can simply log in through your favorite social network" instead of filling in your date of birth. But the government policy that Pornhub says prompted the change presumably wasn't aimed at making it easier for Russians to watch porn. Instead, it may be a means of surveillance; to open a Vkontakte account, users need to enter their cell phone numbers. And to legally purchase a SIM card in Russia, you need to disclose your passport information. "While this exact method is not a condition [from the Russian government], we found this is the best solution for our users to comply with Russian access laws," Pornhub Vice President Corey Price said. "Also to be clear, Pornhub does not log or store any of your personal information, this is just a check to see if users are over 18. On [Vkontakte's] end, all they will see is see the request from that user, they will not know what that user browsed on Pornhub."
Businesses

At Least $1.48 Billion in VC Funding Has Gone Up in Smoke This Year as the List of Dead Startups Grows (businessinsider.com) 166

An anonymous reader shares a report: We're halfway through 2017 and already a group of startups that together raised $1.48 billion have shut down. Some of these startups are: Beepi, the website that brought together car buyers and used-car sellers, shuttered in February. Quixey, a mobile search engine that was able to crawl apps, laid off most of its staff at the end of February. Yik Yak -- the anonymous social media app that was at the center of several college harassment scandals -- announced its closure on April 28, after struggling to keep users on its platform. Maple, a New York City-based food delivery service, closed down on May 8. Sprig, a San Francisco-centric service that delivered high-quality meals on demand, made its last delivery on May 26. Hello was the company behind the Sense sleep tracking sensor, which was designed to sit in users' rooms, rather than on their wrists. It closed in June after failing to find a buyer. Jawbone was a pioneer in wearable devices, with a focus on fitness trackers and portable speakers, but it struggled to pay its vendors.
Security

Company Accused of Selling User Data Shuts Down After $104 Million Settlement (bleepingcomputer.com) 35

Catalin Cimpanu, reporting for BleepingComputer: The Federal Trade Commission has shut down the operator of a large network of online loan sites that promised to find people the loans with the lowest rates, but actually sold users' data to third-parties, most of which weren't even lenders. The target of FTC's ire is a company named Blue Global Media, LLC and its CEO, Christopher Kay, against which the FTC filed an official complaint last Monday, July 3. According to the FTC, since 2012 Blue Global Media operated a network of 38 websites that promised users to match them with the best payday, personal, or auto loans using Blue Global Media's proprietary technology. Hoping to find loans with the smaller interest rate and friendlier terms, users entered a slew of personal details on Blue Global Media's websites, such as names, email addresses, home addresses, phone numbers, Social Security numbers, financial and banking information, driver's license, state ID numbers, income data, military status, home ownership info, and many other more.
China

China Tells Carriers To Block Access to Personal VPNs By February (bloomberg.com) 173

China's government has told telecommunications carriers to block individuals' access to virtual private networks by Feb. 1, people familiar with the matter said, thereby shutting a major window to the global internet. From a report: Beijing has ordered state-run telecommunications firms, which include China Mobile, China Unicom and China Telecom, to bar people from using VPNs, services that skirt censorship restrictions by routing web traffic abroad, the people said, asking not to be identified talking about private government directives. The clampdown will shutter one of the main ways in which people both local and foreign still manage to access the global, unfiltered web on a daily basis. China has one of the world's most restrictive internet regimes, tightly policed by a coterie of government regulators intent on suppressing dissent to preserve social stability. In keeping with President Xi Jinping's "cyber sovereignty" campaign, the government now appears to be cracking down on loopholes around the Great Firewall, a system that blocks information sources from Twitter and Facebook to news websites such as the New York Times and others.
Cellphones

Nest Founder 'Wakes Up In Cold Sweats' Fearing The Impact Of Mobile Technology (fastcodesign.com) 106

theodp writes: Fast Company's Co.Design reports that Tony Fadell, who founded Nest and was instrumental in the creation of the iPod and iPhone, spoke with a mix of pride and regret about his role in mobile technology's rise to omnipresence. "I wake up in cold sweats every so often thinking, what did we bring to the world?" Fadell said. "Did we really bring a nuclear bomb with information that can -- like we see with fake news -- blow up people's brains and reprogram them? Or did we bring light to people who never had information, who can now be empowered?"

Faddell added that addiction has been designed into our devices, and it's harming the newest generation. "And I know when I take [technology] away from my kids what happens," Fadell explained. "They literally feel like you're tearing a piece of their person away from them-they get emotional about it, very emotional. They go through withdrawal for two to three days." Products like the iPhone, Fadell believes, are more attuned to the needs of the individual rather than what's best for the family and the larger community. And pointing to YouTube owner Google, Fadell said, "It was like, [let] any kind of content happen on YouTube. Then a lot of the executives started having kids, [and saying], maybe this isn't such a good idea. They have YouTube Kids now."

The article suggests Fadell is describing a world where omnipresent (and distracting) screens are creating "a culture of self-aggrandizement," and he believes this is partly rooted in the origins of the devices. "A lot of the designers and coders who were in their 20s when we were creating these things didn't have kids."
Technology

Ask Slashdot: Are We Living In the Golden Age of Bailing? (nytimes.com) 248

An anonymous reader shares a report that makes a case of us living in an era where bailing has become just too common: It's clear we're living in a golden age of bailing. All across America people are deciding on Monday that it would be really fantastic to go grab a drink with X on Thursday. But then when Thursday actually rolls around they realize it would actually be more fantastic to go home, flop on the bed and watch Carpool Karaoke videos. So they send the bailing text or email: "So sorry! I'm gonna have to flake on drinks tonight. Overwhelmed. My grandmother just got bubonic plague..." Bailing is one of the defining acts of the current moment because it stands at the nexus of so many larger trends: the ambiguity of modern social relationships, the fraying of commitments (paywalled), what my friend Hayley Darden calls the ethic of flexibility ushered in by smartphone apps -- not to mention the decline of civilization, the collapse of morality and the ruination of all we hold dear. [...] Technology makes it all so easy. You just pull out your phone and bailing on a rendezvous is as easy as canceling an Uber driver. There are different categories of bailing. There is canceling on friends. This seems to follow a bail curve pattern. People feel free to bail on close friends, because they will understand, and on distant friends, because they don't matter so much, but they are less inclined to bail on medium-tier or fragile friends. Then there is professional bailing. This tends to have a hierarchical structure. A high-status person will frequently bail on a lower-status colleague, but if an intern bails on a senior executive, it is a sign of serious disrespect. What do you folks think?

Slashdot Top Deals