China

Ecuador is Fighting Crime Using Chinese Surveillance Technology (scmp.com) 26

Ecuador has introduced a security system using monitoring technology from China, including facial recognition, as it tries to bring down its crime rate and improve emergency management, according to state-run Xinhua news agency. From a report: A network of cameras has been installed across the South American nation's 24 provinces -- keeping watch on its population of 16.4 million people -- using a system known as the ECU911 Integrated Security Service, Xinhua reported. Used by the country's police, armed forces and fire brigade, it went into operation in November 2016 and has an emergency response and monitoring system.
Security

Tinder's Lack of Encryption Lets Strangers Spy on Your Swipes (wired.com) 43

Tinder's mobile apps still lack the standard encryption necessary to keep your photos, swipes, and matches hidden from snoops, a security firm reports. From Wired: On Tuesday, researchers at Tel Aviv-based app security firm Checkmarx demonstrated that Tinder still lacks basic HTTPS encryption for photos. Just by being on the same Wi-Fi network as any user of Tinder's iOS or Android app, the researchers could see any photo the user did, or even inject their own images into his or her photo stream. And while other data in Tinder's apps are HTTPS-encrypted, Checkmarx found that they still leaked enough information to tell encrypted commands apart, allowing a hacker on the same network to watch every swipe left, swipe right, or match on the target's phone nearly as easily as if they were looking over the target's shoulder. The researchers suggest that lack of protection could enable anything from simple voyeuristic nosiness to blackmail schemes.
Twitter

Hawaii Governor Didn't Correct False Missile Alert Sooner Because He Didn't Know His Twitter Password (washingtonpost.com) 174

An anonymous reader shares a WashingtonPost report: Minutes after the Hawaii Emergency Management Agency mistakenly sent a missile alert at 8:07 a.m. on Jan. 13 -- terrifying residents and visitors across the state -- some officials, such as Rep. Tulsi Gabbard, rushed to Twitter to reassure everyone it was a mistake. But one Twitter account was deafeningly silent for 17 minutes: that of Hawaii Gov. David Ige. Though Ige was informed by the state's adjutant general that the alert was false two minutes after it was sent, he waited until 8:24 a.m. to tweet, "There is NO missile threat." On Monday, after he gave the State of the State address in which he avoided the subject of the missile alert fiasco, reporters demanded an explanation for that long silence. Ige's answer: He couldn't log in to Twitter. "I have to confess that I don't know my Twitter account log-ons and the passwords, so certainly that's one of the changes that I've made," Ige said.
Transportation

Tesla Owner Attempts Autopilot Defense During DUI Stop (arstechnica.com) 127

It turns out driving drunk is still illegal, even with a driver-assistance system active. "On Saturday, January 13, police discovered a man in his Tesla vehicle on the San Francisco-Oakland Bay Bridge," reports Ars Technica. "The San Francisco Chronicle reports that 'the man had apparently passed out in the stopped car while stuck in the flow of busy bridge traffic at 5:30pm, according to the California Highway Patrol." From the report: When police woke the man up, he assured officers that everything was fine because the car was "on autopilot." No one was injured in the incident, and the California Highway Patrol made a snarky tweet about it. Needless to say, other Tesla owners -- and people who own competing systems like Cadillac's Super Cruise -- should not follow this guy's example. No cars on the market right now have fully driverless technology available. Autopilot, Supercruise, and other products are driver assistance products -- they're designed to operate with an attentive human driver as a backup. Driving drunk using one of these systems is just as illegal as driving drunk in a conventional car.
Power

Trump Administration Approves Tariffs of 30 Percent On Imported Solar Panels (axios.com) 386

The Trump administration just approved tariffs of 30% on imported solar panels. Axios explains why it matters: "Most of the American solar industry has opposed tariffs on panels, saying they would raise prices and hurt the sector. A small group of solar panel manufacturers argued -- successfully -- that an influx of cheap imports, largely from China or Chinese-owned companies, was hurting domestic manufacturing. It's also part of President Trump's broader trade agenda against China." From the report: The tariffs would last for four years and decline in increments of 5% from 30%: 25%, 20% and finally 15% in the fourth year. The tariffs are lower than the 35% the U.S. International Trade Commission had initially recommended last year, per Bloomberg. This is actually the third, and broadest, set of tariffs the U.S. government has issued on solar imports in recent years. The Obama administration issued two earlier rounds of tariffs on a narrower set of imports. Monday's action also imposed import tariffs on washing machines, a much lower profile issue than solar energy.
Government

Montana Becomes First State To Implement Net Neutrality After FCC Repeal (thehill.com) 131

An anonymous reader quotes a report from The Hill: Montana Gov. Steve Bullock (D) signed an executive order on Monday requiring internet service providers with state contracts to abide by net neutrality principles. The order makes his state the first to push back on the Federal Communications Commission's decision to repeal the open internet rules last month. The order says that in order to receive a contract with the state government, internet service providers must not engage in blocking or throttling web content or create internet fast lanes. Those practices were all banned under the Obama-era 2015 net neutrality order. Bullock's office said the executive order goes into effect immediately, but there will be a six-month grace period for companies to ensure that they're in compliance. The governor said on Monday that he is encouraging his counterparts and legislators in other states to follow suit, promising to personally email a copy of his order to any who ask for it. Further reading: The New York Times
China

China, Unhampered by Rules, Races Ahead in Gene-Editing Trials (wsj.com) 154

U.S. scientists helped devise the Crispr biotechnology tool. First to test it in humans are Chinese doctors (Editor's note: the link may be paywalled; alternative link). WSJ reports: In a hospital west of Shanghai, Wu Shixiu since March has been trying to treat cancer patients using a promising new gene-editing tool. U.S. scientists helped devise the tool, known as Crispr-Cas9, which has captured global attention since a 2012 report said it can be used to edit DNA. Doctors haven't been allowed to use it in human trials in America. That isn't the case for Dr. Wu and others in China. In a quirk of the globalized technology arena, Dr. Wu can forge ahead with the tool because he faces few regulatory hurdles to testing it on humans. [...] There is little doubt China was first out of the block testing Crispr on humans. Nine trials in China are listed in a U.S. National Library of Medicine database. The Wall Street Journal found at least two other hospital trials, including one beginning in 2015 -- a year earlier than previously reported. Journal reporting found at least 86 Chinese patients have had their genes edited.
Piracy

iTunes Snafu Made 'Thor: Ragnarok' Available Almost a Month Early (engadget.com) 46

An anonymous reader shares a report: When you check out the 'Thor: Ragnarok' page on iTunes, it says pre-orders of digital copies are expected to arrive on February 20th. But as TorrentFreak reports, some people got their hands on the Marvel film about a month early due to some sort of snafu with iTunes and Movies Anywhere. According to TorrentFreak, a Reddit user said in a now-deleted post that their legal purchase of the film on Vudu landed them an iTunes copy of it the next day. "I pre-ordered Thor Ragnarok on Vudu yesterday and it links it to my iTunes also. But curiously it showed up in my iTunes library this morning (pre-orders shouldn't). And now I can watch the full movie in HD," they wrote. "I obviously downloaded it right away. I know its supposed to come out February 20th." Others then responded that going that same purchase route made the movie available to them in iTunes as well.
Android

Yale Privacy Lab and Exodus Privacy's F-Droid Android App Store is a Replacement for Google Play That Features Only FOSS Apps That Don't Do Any Tracking (wired.com) 58

Google Play, the marquee Android apps store, is filled with apps that are riddled with hidden trackers that siphon a smorgasbord of data from all sensors, in all directions, unknown to the Android user. Not content with the strides Google has made to curtail the issue, Yale Privacy Lab has collaborated with Exodus Privacy to detect and expose trackers with the help of the F-Droid app store. From a report on Wired: F-Droid is the best replacement for Google Play, because it only offers FOSS apps without tracking, has a strict auditing process, and may be installed on most Android devices without any hassles or restrictions. F-Droid doesn't offer the millions of apps available in Google Play, so some people will not want to use it exclusively. It's true that Google does screen apps submitted to the Play store to filter out malware, but the process is still mostly automated and very quick -- too quick to detect Android malware before it's published, as we've seen. Installing F-Droid isn't a silver bullet, but it's the first step in protecting yourself from malware.
Facebook

Facebook VP Says Company Won't Use Experts To Fix Fake News Because It is Worried About Criticism (theoutline.com) 148

Joshua Topolsky, writing for The Outline: According to Axios reporter Ina Fried, the vice president of global communications, marketing, and public policy (phew!) at Facebook shook off suggestions that the network should use outside media literacy watch dogs as opposed to outsourcing its "fake news" problem to a "statistically representative" group of its own users. While speaking at the tech conference DLD (Digital Life Design) in Munich, he revealed that the real motivation behind the company's decision was one based almost entirely on optics. This shouldn't come as much of a surprise, as the company has been totally ignorant and outrageously slow in accepting responsibility for what has been a disaster for its users. While Twitter is turning to media literacy groups such as Common Sense Media and the National Association for Media Literacy for solutions to its own troll and fake news epidemic, Facebook continues to cower behind a broken concept that the company is a neutral platform where all of its participants are equally weighted.
United Kingdom

Facebook Reopens Probe Into Russian Involvement in Brexit (techcrunch.com) 310

An anonymous reader quotes TechCrunch: Facebook has said it will conduct a wider investigation into whether there was Russian meddling on its platform relating to the 2016 Brexit referendum vote in the UK. Wednesday its UK policy director Simon Milner wrote to a parliamentary committee that's been conducting a wide-ranging enquiry into fake news -- and whose chair has been witheringly critical of Facebook and Twitter for failing to co-operate with requests for information and assistance on the topic of Brexit and Russia -- saying it will widen its investigation, per the committee's request. Though he gave no firm deadline for delivering a fresh report -- beyond estimating "a number of weeks".

It's not clear whether Twitter will also bow to pressure to conduct a more thorough investigation of Brexit-related disinformation. At the time of writing the company had not responded to our questions either. At the end of last year committee chair Damian Collins warned both companies they could face sanctions for failing to co-operate with the committee's enquiry -- slamming Twitter's investigations to date as "completely inadequate", and expressing disbelief that both companies had essentially ignored the committee's requests... Independent academic studies have suggested there was in fact significant tweet-based activity generated around Brexit by Russian bots."

Theresa May has said Russia's attempts to "sow discord" in the West could not go unchallenged, and warned Vladimir Putin, "We know what you are up to."

Facebook's response complained that a new investigation "requires detailed analysis of historic data by our security experts, who are also engaged in preventing live threats to our service."
Crime

Church Elder/'Jeopardy' Champion Charged With Computer Crimes (mlive.com) 102

Stephanie Jass, a record-setting, seven-time winner on Jeopardy, has been charged with two felonies for accessing the email accounts of two executives at the college where she worked as an assistant professor. An anonymous reader quotes MLive: Jass was able to access the accounts because of an April 24 issue with the college email system, hosted by Google. Frank Hribar, vice president for enrollment and student affairs, said there was network outage caused by loss of power. On April 25, users received a text message with a generic, standard passcode: "Please attempt to login to Gmail using this password. You should be prompted to change password after login..." Not everyone, however, was prompted to do so. Some did make the change using a tutorial. Some received an error and were unable to create a new password, the timeline states. Others did not alter the password at all. The method "worked just fine, had there not been manipulation of the system," said Hribar...

Jass, 47, of Tecumseh was charged in December with unauthorized access to a computer, program or network, and using a computer to commit a crime, both felonies... On May 5, the college deactivated Jass' email account and access to all other college software. The locks to her office door were changed and her desktop computer was confiscated, according to the timeline.

The police report "indicates Jass accessed emails while using an internet network at First Presbyterian Church of Tecumseh, where she served as an elder."
Microsoft

Microsoft Fights Search Warrants for Overseas Emails in the Supreme Court (microsoft.com) 67

Microsoft's Chief Legal Officer writes about "the landmark Microsoft case that will decide whether the U.S. government can use a search warrant to force a company to seize a customer's private emails stored in Ireland and import them to the United States." On Thursday, 289 different groups and individuals from 37 countries signed 23 different legal briefs supporting Microsoft's position that Congress never gave law enforcement the power to ignore treaties and breach Ireland's sovereignty in this way. How could it? The government relies on a law that was enacted in 1986, before anyone conceived of cloud computing... When the U.S. government requires a tech company to execute a warrant for emails stored overseas, the provider must search a foreign datacenter and make a copy abroad, and then import that copy to the United States. This creates a complex issue with huge international consequences. It shouldn't be resolved by taking the law to a place it was never intended to go...

The U.S. Department of Justice's attempt to seize foreign customers' emails from other countries ignores borders, treaties and international law, as well as the laws those countries have in place to protect the privacy of their own citizens... It's also a path that will lead to the doorsteps of American homes by putting the privacy of U.S. citizens' emails at risk. If the U.S. government obtains the power to search and seize foreign citizens' private communications physically stored in other countries, it will invite other governments to do the same thing. If we ignore other countries' laws, how can we demand that they respect our laws?

Amicus briefs supporting Microsoft have been filed in the U.S. Supreme Court by Ireland, France, and the European Commission and European privacy regulators. Microsoft even notes that on this issue, "Fox News agreed with the American Civil Liberties Union."
Iphone

iPhone X Purchase Leads To Police, Battering Ram, and Handcuffs (cbslocal.com) 405

An anonymous reader quotes CBS SFBayArea: On one recent morning, Rick Garcia and his wife Shannon Knuth woke up to a posse of San Francisco police officers at their front door. "I peered through the peephole and I saw a police officer and a battering ram," Garcia said. "We heard 'SFPD' and 'warrant,' and I was like 'what's going on?'" Knuth remembers. It felt like a nightmare yet it was real. Garcia says that within seconds he was dragged into the hallway of his apartment complex, handcuffed, then whisked away to the Taraval Station.... Meanwhile Knuth, who had just got out of the shower, was ordered to sit on the couch... After rifling through the apartment Knuth says the officers finally told her what they were looking for: Her husband's iPhone X.

According to the warrant, it was stolen but Knuth showed them the receipt which proved her husband bought it. Once the officers realized their mistake they called the police station and a squad car brought Garcia home. "They gathered their pry bar and their battering ram and they left," he said. So how could a mistake like that happen? It's still unclear but it turns out Garcia and Knuth bought the iPhone at an Apple store at Stonestown Galleria just a few weeks after 300 iPhone Xs were stolen from a UPS truck in the mall parking lot.

One former police chief says the way it was handled "kind of boggles the mind...

"This was clearly an incident that should have just been a knock and talk, a couple detectives come to the door, knock on the door and they would have gathered the same info that they gathered after they put him in handcuffs and hauled him off to jail."
United States

Apple and Google Are Rerouting Their Employee Buses as Attacks Resume (mashable.com) 292

Slashdot reader sqorbit writes: Apple runs shuttle buses for it's employees in San Francisco. It seems someone who is not happy with Apple has decided to take out their anger on these buses. In an email obtained by Mashable, Apple states "Due to recent incidents of broken windows along the commute route, specifically on highway 280, we're re-routing coaches for the time being. This change in routes could mean an additional 30-45 minutes of commute time in each direction for some riders." It has been reported that at least four buses have had windows broken, some speculating that it might caused by rubber bullets.
"Around four years ago, people started attacking the shuttle buses that took Google employees to and from work, as a way of protesting the tech-company-driven gentrification taking place around San Francisco," remembers Fortune, adding "it seems to be happening again."

At least one Google bus was also attacked, according to the San Francisco Chronicle, which adds that the buses "were not marked with company logos, and the perpetrators are suspected of broadly targeting technology shuttle buses rather than a specific company."

Slashdot Top Deals