Cellphones

Texting While Driving Now Legal In Colorado -- In Some Cases (kdvr.com) 45

Fines for texting and driving in Colorado have jumped to $300, but according to the fine print, the increased fine only applies to drivers who are texting in "a careless or imprudent manner." Therefore, drivers who are texting in any other manner are still within the law. FOX31 Denver reports: Before the new legislation, any texting while driving was illegal. Tim Lane of the Colorado District Attorney's Office confirmed the softening crackdown on all texting and driving. "The simple fact is that if you are texting while driving but not being careless, it's no longer illegal," he said. What constitutes "careless" driving is up to the discretion of each individual law enforcement officer. Cellphone use of any kind is still banned for drivers younger than 18. Teens caught with a phone in hand while driving will be slapped with a $50 fine.
Network

WikiLeaks Doc Dump Reveals CIA Tools For Hacking Air-Gapped PCs (bleepingcomputer.com) 54

An anonymous reader writes: "WikiLeaks dumped today the manuals of several hacking utilities part of Brutal Kangaroo, a CIA malware toolkit for hacking into air-gapped (offline) networks using tainted USB thumb drives," reports Bleeping Computer. The CIA uses these tools as part of a very complex attack process, that allows CIA operatives to infect offline, air-gapped networks. The first stage of these attacks start with the infection of a "primary host," an internet-connected computer at a targeted company. Malware on this primary host automatically infects all USB thumb drives inserted into the machine. If this thumb drive is connected to computers on an air-gapped network, a second malware is planted on these devices. This malware is so advanced, that it can even create a network of hacked air-gapped PCs that talk to each other and exchange commands. To infect the air-gapped computers, the CIA malware uses LNK (shortcut) files placed on the USB thumb drive. Once the user opens and views the content of the thumb drive in Windows Explorer, his air-gapped PC is infected without any other interaction.
Government

Victims Aren't Reporting Ransomware Attacks, FBI Report Concludes (bleepingcomputer.com) 69

Catalin Cimpanu, writing for BleepingComputer: Despite being an expanding threat, ransomware infections are rarely reported to law enforcement agencies, according to conclusions from the 2016 Internet Crime Report (PDF), released yesterday by the FBI's Internet Crime Complaint Center (IC3). During 2016, FBI IC3 officials said they received only 2,673 complaints regarding ransomware incidents, which ranked ransomware as the 22nd most reported cyber-crime in the US, having caused just over $2.4 million in damages (ranked 25th). The numbers are ridiculously small compared to what happens in the real world, where ransomware is one of today's most prevalent cyber-threats, according to multiple reports from cyber-security companies.
Security

Under Pressure, Western Tech Firms Including Cisco and IBM Bow To Russian Demands To Share Cyber Secrets (reuters.com) 99

An anonymous reader shares a Reuters report: Western technology companies, including Cisco, IBM and SAP, are acceding to demands by Moscow for access to closely guarded product security secrets, at a time when Russia has been accused of a growing number of cyber attacks on the West, a Reuters investigation has found. Russian authorities are asking Western tech companies to allow them to review source code for security products such as firewalls, anti-virus applications and software containing encryption before permitting the products to be imported and sold in the country. The requests, which have increased since 2014, are ostensibly done to ensure foreign spy agencies have not hidden any "backdoors" that would allow them to burrow into Russian systems. But those inspections also provide the Russians an opportunity to find vulnerabilities in the products' source code -- instructions that control the basic operations of computer equipment -- current and former U.S. officials and security experts said. [...] In addition to IBM, Cisco and Germany's SAP, Hewlett Packard Enterprise Co and McAfee have also allowed Russia to conduct source code reviews of their products, according to people familiar with the companies' interactions with Moscow and Russian regulatory records.
Google

Google Will Stop Reading Your Emails For Gmail Ads (bloomberg.com) 64

Google will soon stop scanning emails received by some Gmail users, a practice that has allowed it to show them targeted advertising but which stirred privacy worries. From a report: The decision didn't come from Google's ad team, but from its cloud unit, which is angling to sign up more corporate customers. Alphabet's Google Cloud sells a package of office software, called G Suite, that competes with market leader Microsoft. Paying Gmail users never received the email-scanning ads like the free version of the program, but some business customers were confused by the distinction and its privacy implications, said Diane Greene, Google's senior vice president of cloud. "What we're going to do is make it unambiguous," she said. Ads will continue to appear inside the free version of Gmail, as promoted messages. But instead of scanning a user's email, the ads will now be targeted with other personal information Google already pulls from sources such as search and YouTube.
Google

Google Will Now Hide Personal Medical Records From Search Results (betanews.com) 33

Mark Wilson, writing for BetaNews: Google has updated its search policies without any sort of fanfare. The search engine now "may remove" -- in addition to existing categories of information -- "confidential, personal medical records of private people" from search results. That such information was not already obscured from search results may well come as something of a surprise to many people. The change has been confirmed by Google, although the company has not issued any form of announcement about it.
China

Chinese Government Fabricates Social Media Posts for Strategic Distraction, not Engaged Argument (cnet.com) 68

Abstract of a study: The Chinese government has long been suspected of hiring as many as 2,000,000 people to surreptitiously insert huge numbers of pseudonymous and other deceptive writings into the stream of real social media posts, as if they were the genuine opinions of ordinary people. Many academics, and most journalists and activists, claim that these so-called "50c party" posts vociferously argue for the government's side in political and policy debates. As we show, this is also true of the vast majority of posts openly accused on social media of being 50c. Yet, almost no systematic empirical evidence exists for this claim, or, more importantly, for the Chinese regime's strategic objective in pursuing this activity. In the first large scale empirical analysis of this operation, we show how to identify the secretive authors of these posts, the posts written by them, and their content. We estimate that the government fabricates and posts about 448 million social media comments a year. In contrast to prior claims, we show that the Chinese regime's strategy is to avoid arguing with skeptics of the party and the government, and to not even discuss controversial issues. From a CNET article, titled, Chinese media told to 'shut down' talk that makes country look bad: Being an internet business in China appears to be getting tougher. Chinese broadcasters, including social media platform Weibo, streamer Acfun and media company Ifeng were told to shut down all audio and visual content that cast the country or its government in bad light, China's State Administration of Press, Publication, Radio, Film and Television posted on its website on Thursday, saying they violate local regulations. "[The service providers] broadcast large amounts of programmes that don't comply with national rules and propagate negative discussions about public affairs. [The agency] has notified all relevant authorities and ... will take measures to shut down these programmes and rectify the situation," reads the statement.
Businesses

Trump Plans To Dismantle Obama-Era 'Startup Visa' (arstechnica.com) 291

An anonymous reader quotes a report from Ars Technica: A regulation from the Obama administration that would have allowed foreign-born entrepreneurs who raise investor cash to build their startups in the U.S. won't be allowed to go into effect. The Department of Homeland Security will file an official notice to delay the International Entrepreneur Rule for eight months. The intention is to eliminate the rule entirely, according to sources briefed on the matter who spoke to The Wall Street Journal. The decision isn't final, and a DHS spokesperson told the WSJ that the department "cannot speculate" on the outcome of the review. The International Entrepreneur Rule, signed by former President Obama days before he left office in January, doesn't offer a visa but rather a type of "parole" that would allow immigrants to stay in the U.S. temporarily as long as they meet certain requirements. In order to qualify, a foreign entrepreneur has to raise at least $250,000 from well-known U.S. investors. The rule grants a stay in the U.S. of 30 months, which can be extended for an additional 30 months. Founders can't apply for a green card during that time. DHS has estimated about 3,000 entrepreneurs would qualify under the rule.
Advertising

Home Improvement Chains Accused of False Advertising Over Lumber Dimensions (consumerist.com) 511

per unit analyzer writes: According to Consumerist, an attorney has filed a class-action lawsuit charging Home Depot (PDF) and Menards (PDF) with deceptive advertising practices by selling "lumber products that were falsely advertised and labeled as having product dimensions that were not the actual dimensions of the products sold." Now granted, this may be news to the novice DIYer, but overall most folks who are purchasing lumber at home improvement stores know that the so-called trade sizes don't match the actual dimensions of the lumber. Do retailers need to educate naive consumers about every aspect of the items they sell? (Especially industry quirks such as this...) Furthermore, as the article notes, it's hard to see how the plaintiffs have been damaged when these building materials are compatible with the construction of the purchaser's existing buildings. i.e., An "actual" 2x4 would not fit in a wall previously built with standard 2x4s -- selling the something as advertised would actually cause the purchaser more trouble in many cases.
Government

The US Government Wants To Permanently Legalize the Right To Repair (vice.com) 140

An anonymous reader quotes a report from Motherboard: In one of the biggest wins for the right to repair movement yet, the U.S. Copyright Office suggested Thursday that the U.S. government should take actions to make it legal to repair anything you own, forever -- even if it requires hacking into the product's software. Manufacturers -- including John Deere, Ford, various printer companies, and a host of consumer electronics companies -- have argued that it should be illegal to bypass the software locks that they put into their products, claiming that such circumvention violated copyright law. Thursday, the U.S. Copyright Office said it's tired of having to deal with the same issues every three years; it should be legal to repair the things you buy -- everything you buy -- forever. "The growing demand for relief under section 1201 has coincided with a general understanding that bona fide repair and maintenance activities are typically non infringing," the report stated. "Repair activities are often protected from infringement claims by multiple copyright law provisions." "The Office recommends against limiting an exemption to specific technologies or devices, such as motor vehicles, as any statutory language would likely be soon outpaced by technology," it continued.
Government

FCC Proposes $120 Million Fine On Florida Robocall Scammer (reuters.com) 78

The FCC on Thursday proposed a $120 million fine on a Florida resident alleged to have made almost 100 million spoofed robocalls to trick consumers with "exclusive" vacation deals from well-known travel and hospitality companies. Reuters reports: The man, identified as Adrian Abramovich, allegedly made 96 million robocalls during a three-month period by falsifying caller identification information that matched the local area code and the first three digits of recipient's phone number, the FCC said. The calls, which were in violation of the U.S. telecommunications laws, offered vacation deals from companies such as Marriott International Inc, Expedia Inc, Hilton Inc and TripAdvisor Inc. Consumers who answered the calls were transferred to foreign call centers that tried to sell vacation packages, often involving timeshares. These call centers were not related to the companies, the FCC said.
Google

Alphabet Says Uber Knew About Stolen Self-Driving Car Files (cnet.com) 25

In a Wednesday filing with a California court, Alphabet said a former self-driving executive Anthony Levandowski hatched a plan with Uber to steal more than 14,000 proprietary documents, including designs for the sensors that help the car see its surroundings. CNET reports: Alphabet says Uber's former CEO, Travis Kalanick, knew about the files but told Levandowski to destroy them. Uber has argued that it did not encourage or condone Levandowski taking any files from Waymo or bringing them to Uber, and has noted that his employment agreement affirmed he wouldn't do that. The litigation between Alphabet and Uber has been reported as a primary reason Kalanick was forced to resign as Uber's CEO Tuesday.
Network

Lawsuit Accuses Comcast of Cutting Competitor's Wires To Put It Out of Business (arstechnica.com) 140

An anonymous reader quotes a report from Ars Technica: A tiny Internet service provider has sued Comcast, alleging that the cable giant and its hired contractors cut the smaller company's wires in order to take over its customer base. Telecom Cable LLC had "229 satisfied customers" in Weston Lakes and Corrigan, Texas when Comcast and its contractors sabotaged its network, the lawsuit filed last week in Harris County District Court said. Comcast had tried to buy Telecom Cable's Weston Lakes operations in 2013 "but refused to pay what they were worth," the complaint says. Starting in June 2015, Comcast and two contractors it hired "systematically destroyed Telecom's business by cutting its lines and running off its customers," the lawsuit says. Comcast destroyed or damaged the lines serving all Telecom Cable customers in Weston Lakes and never repaired them, the lawsuit claims. Telecom Cable owner Anthony Luna estimated the value of his business at about $1.8 million, which he is seeking to recover. He is also seeking other damages from Comcast and its contractors, including exemplary damages that under state statute could "amount to a maximum of twice the amount of economic damages, plus up to $750,000 of non-economic damages," the complaint says. CourtHouse News Service has a story about the lawsuit, and it posted a copy of the complaint.
Firefox

Chrome and Firefox Headless Modes May Spur New Adware & Clickfraud Tactics (bleepingcomputer.com) 79

From a report: During the past month, both Google and Mozilla developers have added support in their respective browsers for "headless mode," a mechanism that allows browsers to run silently in the OS background and with no visible GUI. [...] While this feature sounds very useful for developers and very uninteresting for day-to-day users, it is excellent news for malware authors, and especially for the ones dabbling with adware. In the future, adware or clickfraud bots could boot-up Chrome or Firefox in headless mode (no visible GUI), load pages, and click on ads without the user's knowledge. The adware won't need to include or download any extra tools and could use locally installed software to perform most of its malicious actions. In the past, there have been quite a few adware families that used headless browsers to perform clickfraud. Martijn Grooten, an editor at Virus Bulletin, also pointed Bleeping Computer to a report where miscreants had abused PhantomJS, a headless browser, to post forum spam. The addition of headless mode in Chrome and Firefox will most likely provide adware devs with a new method of performing surreptitious ad clicks.
The Courts

'Coal King' Is Suing John Oliver, Time Warner, and HBO (washingtonpost.com) 359

Reader Daetrin writes: Robert E. Murray, CEO of one of the largest coal mining companies in the US, is suing John Oliver, HBO, and Time Warner for defamation (alternative source) over a comedic report on the status of the coal industry in John Oliver's "Last Week Tonight". The report began with the decline of the coal mining industry, Trump's promises to revive it, and the plight of the workers involved, but was also highly critical of the business practices and safety record of Murray Energy Corporation and Robert Murray's leadership of the company. When the company was contacted about the piece before airing they responded with a cease and desist letter and threatened to sue. John Oliver continued with the segment anyway, saying "I didn't really plan for so much of this piece to be about you, but you kinda forced my hand on that one."

Slashdot Top Deals