Learn to Build 14 Websites with 28 Hours of Instruction on HTML, JavaScript, MySQL & More for $14 ×

Supreme Court Gives FBI More Hacking Power (theintercept.com) 132

An anonymous reader cites an article on The Intercept (edited and condensed): The Supreme Court on Thursday approved changes that would make it easier for the FBI to hack into computers, many of them belonging to victims of cybercrime. The changes, which will take immediate effect in December unless Congress adopts competing legislation, would allow the FBI go hunting for anyone browsing the Internet anonymously in the U.S. with a single warrant. Previously, under the federal rules on criminal procedures, a magistrate judge couldn't approve a warrant request to search a computer remotely if the investigator didn't know where the computer was -- because it might be outside his or her jurisdiction. The rule change would allow a magistrate judge to issue a warrant to search or seize an electronic device if the target is using anonymity software like Tor."Unbelievable," said Edward Snowden. "FBI sneaks radical expansion of power through courts, avoiding public debate." Ahmed Ghappour, a visiting professor at University of California Hastings Law School, has described it as "possibly the broadest expansion of extraterritorial surveillance power since the FBI's inception."

In Internet Age, Pirate Radio Arises As Surprising Challenge (ap.org) 117

K7DAN writes: Just as the demise of terrestrial radio has been greatly exaggerated, so has the assumed parallel death of pirate radio. Due to the failure of licensed stations to meet the needs of many niche communities, pirate radio continues to increase in popularity. Helping facilitate this growth is the weakening power of the FCC to stop it, reports the Associated Press. Rogue stations can cover up to several square miles thanks largely in part to cheaper technology. The appeal? "The DJs sound like you and they talk about things that you're interested in," said Jay Blessed, an online DJ who has listened to various unlicensed stations since she moved from Trinidad to Brooklyn more than a decade ago. "You call them up and say, 'I want to hear this song,' and they play it for you," Blessed said. "It's interactive. It's engaging. It's communal." It's upsetting many congressional members who are urging the FCC to do more about the "unprecedented growth of pirate radio operations." They're accusing said pirates of undermining licensed minority stations while ignoring consumer protection laws that guard against indecency and false advertising.

Top Security Experts Say Anti-Encryption Bill Authors Are 'Woefully Ignorant' (dailydot.com) 85

blottsie writes from a report on the Daily Dot: In a Wall Street Journal editorial titled "Encryption Without Tears," Sens. Richard Burr and Dianne Feinstein pushed back on widespread condemnation of their Compliance with Court Orders Act, which would require tech companies to provide authorities with user data in an "intelligible" format if served with a warrant. But security experts Bruce Schneir, Matthew Green, and others say the lawmakers entirely misunderstand the issue. "On a weekly basis we see gigabytes of that information dumped to the Internet," Green told the Daily Dot. "This is the whole problem that encryption is intended to solve." He added: "You can't hold out the current flaws in the Internet as a justification for why the Internet shouldn't be made secure." "These criticisms of Burr and Feinstein's analogy emphasize an important point about digital security: The differences between the levels of encryption protecting certain types of data -- purchase records on Amazon's servers versus photos on an iPhone, for example -- lead to different levels of risk," writes Eric Geller of the Daily Dot.

Child Porn Suspect Jailed Indefinitely For Refusing To Decrypt Hard Drives (arstechnica.com) 725

An anonymous reader quotes a report from Ars Technica: A Philadelphia man suspected of possessing child pornography has been in jail for seven months and counting after being found in contempt of a court order demanding that he decrypt two password-protected hard drives. The suspect, a former Philadelphia Police Department sergeant, has not been charged with any child porn crimes. Instead, he remains indefinitely imprisoned in Philadelphia's Federal Detention Center for refusing to unlock two drives encrypted with Apple's FileVault software in a case that once again highlights the extent to which the authorities are going to crack encrypted devices. The man is to remain jailed "until such time that he fully complies" with the decryption order. The government successfully cited a 1789 law known as the All Writs Act to compel (PDF) the suspect to decrypt two hard drives it believes contain child pornography. The All Writs Act was the same law the Justice Department asserted in its legal battle with Apple.

Uber's New Policy Fines Riders Who Are Two Minutes Late 169

Uber says it has revised some of its policies to better compensate its drivers. As part of which, the company is testing charging customers a fee if they make a driver wait for more than two minutes (current waiting time is five minutes). Furthermore, the taxi aggregator says it is changing the ride cancellation grace period from five minutes to two minutes, adding that the fees can range from $5 to $10, depending on your city. Our very own Logan Abbott aka Whipslash faced this issue today. Though he tells us that the company refunded his money after he emailed and filed a complaint. The Verge reports:The feature was built in response to drivers' complaints about waiting for passengers, Uber said. In a statement released to The Verge and TechCrunch, Uber noted that these updated terms would ensure that "the whole system runs more smoothly and the Uber experience improves for everyone." Reduced wait times and the ability to charge for idle time, as well as compensation if riders cancel after two minutes, obviously benefit drivers, earning them a few extra dollars and allowing them to move onto the next fare sooner. But how this will make the passenger experience smoother is unclear. Traffic, wrong turns, and faulty GPS all contribute to making pick-up times unreliable. This can leave passengers out in the cold, waiting for drivers to arrive. Uber explained that if a driver is more than five minutes late for an estimated arrival, users can cancel the ride with no penalty.

India Makes It Compulsory For Phones To Have a 'Panic Button' (cio.com) 94

Reader itwbennett writes: Starting in January 2017, all feature phones sold in India will need to have a panic button that will alert "police, designated friends and relatives, for immediate response in case of distress or security related issues," said Minister of Communications, Ravi Shankar Prasad, on Twitter late Tuesday. The measure is one of many responses by the Indian government to the growing women safety issues in the country. Furthermore, starting in January 2018, mobile phones will also be required to have GPS systems to help pinpoint the location of the affected person in the event of harassment or distress, said Prasad.Mashable has more details.

Federal Judge Rules Amazon Must Refund Parents Duped By In-App Purchases (gizmodo.com) 127

An anonymous reader shares a Gizmodo report: A federal judge has ruled Amazon is liable for billing unwitting parents after their children made unauthorized charges in apps. The court will decide exactly how much money Amazon owes customers in the coming months. The federal judge's decision asserts that Amazon received several complaints from customers about in-app purchases that they were unaware of, mostly incurred by children. The decision points out that Amazon promoted apps as free but failed to inform parents about in-app charges that could be incurred.

A Complete Guide To The New 'Crypto Wars' (dailydot.com) 68

blottsie writes: The latest debate over encryption did not begin with a court order demanding Apple help the FBI unlock a dead terrorist's iPhone. The new "Crypto Wars," chronicled in a comprehensive timeline by Eric Geller of the Daily Dot, dates back to at least 2003, with the introduction of "Patriot Act II." The battle over privacy and personal security versus crime-fighting and national security has, however, become a mainstream debate in recent months. The timeline covers a wide-range of incidents where the U.S. and other allied governments have tried to restrict citizens' access to strong encryption. The timeline ends with the director of national intelligence blaming NSA whistleblower Edward Snowden for advancing the spread of user-friendly, widely available strong encryption.

FBI Director Suggests iPhone Hacking Method May Remain Secret (reuters.com) 109

An anonymous reader quotes a report from Reuters: FBI Director James Comey said on Tuesday that his agency was still assessing whether a vulnerability used to unlock an iPhone linked to one of the San Bernardino killers would go through a government review to determine if it should be disclosed to Apple or the public. "We are in the midst of trying to sort that out," Comey said. "The threshold (for disclosure) is, are we aware of the vulnerability, or did we just buy a tool and don't have sufficient knowledge of the vulnerability to implicate the process?" The White House has a procedure for reviewing technology security flaws and deciding which ones should be made public. Although officials say the process leans toward disclosure, it is not set up to handle or reveal flaws that are discovered and owned by private companies, sources have told Reuters, raising questions about the effectiveness of the so-called Vulnerabilities Equities Process.

Swedish ISP Vows to Protect Users From a Piracy Witch Hunt (torrentfreak.com) 45

Ernesto Van der Sar, reporting for TorrentFreak: Swedish Internet service provider Bahnhof says it will do everything in its power to prevent copyright holders from threatening its subscribers. The provider is responding to a recent case in which a competing ISP was ordered to expose alleged BitTorrent pirates, reportedly without any thorough evidence. At the birth ground of The Pirate Bay, media outfit Crystalis Entertainment received permission from the court to identify several BitTorrent users, based on their IP-addresses. The case, which could be the first of many, was filed against the local ISP TeliaSonera who handed over the requested information without putting up much of a fight. This prompted the competing Internet provider Bahnhof to issue a warning. The company notes that the copyright holder in question doesnâ(TM)t have a very strong case, and it criticizes Telia for caving in too easily.

Uber Will Pay $100 Million To Settle Suits With Drivers Seeking Employee Status (latimes.com) 83

An anonymous reader writes: Two lawsuits posing a threat to Uber's on-demand business model have been settled. Uber has agreed to pay up to $100 million to drivers who sought to be classified as employees of the company. The initial sum paid will be $84 million, which will settle cases in California and Massachusetts to some 385,000 drivers. If the company goes public or gets purchased, Uber said it will pay drivers an additional $16 million. The company is currently valued at $62.5 billion. In addition, new policy changes will force the company to no longer be able to deactivate drivers' accounts at will. They will also stop deactivating drivers who turn down rides frequently. Appeal panels will be created to help drivers form an association so they can contest terminations. The last policy change requires Uber to clearly inform riders that tips are not included in Uber's fares. Drivers will now be able to solicit tips from passengers. "If we chose not to settle this case, we faced risks," plaintiff attorney Liss-Riordan said in a prepared statement. "We faced the risk that a jury in San Francisco (where Uber is everywhere and quite popular) may not side with the drivers over Uber." The settlement still needs to be approved by Judge Edward Chen of the District Court of Northern California, which will probably be a months-long process. The company seems to be waist-deep in legal trouble lately. Two weeks ago, Uber agreed to a settlement of $10 million for misleading advertising about the quality of its background checks for drivers. One week prior, it was reported the CEO of Uber will go to court over price fixing claims in New York.
Your Rights Online

In a First, Judge Throws Out Evidence Obtained from FBI Malware (vice.com) 158

An anonymous reader cites an article on Motherboard: For the first time, a judge has thrown out evidence obtained via a piece of FBI malware. The move comes from a cased affected by the FBI's seizure of a dark web child pornography site in February 2015, and the subsequent deployment of a network investigative technique (NIT) -- the agency's term for a hacking tool -- in order to identify the site's visitors. "Based on the foregoing analysis, the Court concludes that the NIT warrant was issued without jurisdiction and thus was void ab initio," Judge William G. Young of the District of Massachusetts writes in an order. "It follows that the resulting search was conducted as though there were no warrant at all. Since warrantless searches are presumptively unreasonable, and the good-faith exception is inapplicable, the evidence must be excluded," it continues. Young's order came in response to a motion to suppress from the lawyers of Alex Levin, who was arrested as part of the investigation into the child pornography site Playpen. After seizing the site, the FBI ran Playpen from a government facility from February 20 to March 4, 2015, and used a NIT to obtain over a thousand IP addresses for US-based users of the site, and at least 3000 for users abroad, according to Motherboard's investigations.

Changes Are Coming To the EU's Cookie Directive, But It's Not Going Away (softpedia.com) 120

An anonymous reader writes: The European Commission is listening to suggestions regarding EU laws on privacy and electronic communications (e-Privacy), among which is also the EU Cookie Directive that has made the lives of EU Internet users a living hell. The EU Commission has started an open consultation on this topic and is inviting users and businesses to provide their opinion. From the consultation's text, which is nothing more than a survey, one could argue that the EU isn't intent on removing the directive at all, but only making small adjustments. In its current implementation, most companies ask users if they're OK with storing cookies on their PCs and then collecting their data. One of the questions the Commission asked and is currently looking for an answer is whether companies should be allowed to deny users access to a website if they don't want to accept using cookies. The EU wants Internet companies to build alternative (usable) websites for people that don't want to use cookies at all, and so respect their decision for privacy.

Almost Nothing About the 'Apple Harvests Gold From iPhones' Story Is True (vice.com) 45

Jason Koebler, reporting for Motherboard: You may have seen a viral headline floating around over the last few days: Apple recycled $40 million worth of gold last year, which was extracted from iPhones. Almost none of what was reported is true. [...] Here is the truth: Apple paid independent recyclers to recycle old electronics -- which were almost never Apple products, by the way -- because it's required by law to do so. Far from banking $40 million on the prospect, Apple likely ended up taking an overall monetary loss. This is not because Apple is a bad actor or is hiding anything, it's simply how the industry works. All electronics manufacturers that sell products in the United States are required to do e-waste recycling under laws enacted in 25 states. The laws are different in each state, but none of them require Apple to recycle Apple products. Instead, they usually require manufacturers to recycle a certain amount of pounds of e-waste, which is linked to either their market share or to the overall weight of products they sell. That's why you see Apple noting that it recycled "71 percent of the total weight of products we sold seven years earlier."

Can Switzerland Become a Safe Haven For the World's Data? (dailydot.com) 103

An anonymous reader shares an interesting article on Daily Dot which lists a number of reasons why Switzerland should be deemed as the nation for storing all of your data. The article reads: As United States and European Union regulators debate a sweeping new data-privacy agreement, Switzerland is presenting itself as a viable neutral location for storing the world's data thanks to strict privacy laws and ideal infrastructure. The Swiss constitution guarantees data privacy under Article 13. The country's laws protecting privacy are similar to those enacted by the E.U. Swiss data protections are also, in some cases, much stricter than those of the E.U., according to Nicola Benz, attorney at Swiss law firm Froriep. And since Switzerland is not part of the E.U., data stored there remains outside the reach of the union's authorities. [...] The country's tight privacy laws could make the small nation more attractive to privacy-focused start-ups. And it already has that momentum. After the former NSA contractor Edward Snowden 2013 revelations about the National Security Agency's secret surveillance activities, Switzerland witnessed something of a boom in its data-center business. Phil Zimmermann, creator of the popular PGP encryption protocol and founder of Silent Circle, even left the U.S. for Switzerland last year, citing the overreach of American authorities. Andy Yen, CEO of Swiss-based encrypted email service Protonmail, said that the country has robust processes in how it carries out data requests from authorities. Data requests have to go through a court like in most countries, said Yen, but "the person that's having their data requested needs to be notified eventually about the request happening and there's an opportunity to fight it in an open court. This is quite different than the U.S., where things can go through a so-called FISA court."

Slashdot Top Deals