Forgot your password?
typodupeerror

Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

Privacy

Dutch Court Says Government Can Receive Bulk Data from NSA 41

Posted by Unknown Lamer
from the convenient-loophole dept.
jfruh (300774) writes Dutch law makes it illegal for the Dutch intelligence services to conduct mass data interception programs. But, according to a court in the Hague, it's perfectly all right for the Dutch government to request that data from the U.S.'s National Security Agency, and doing so doesn't violate any treaties or international law.
Security

Dropbox Head Responds To Snowden Claims About Privacy 116

Posted by samzenpus
from the protect-ya-neck dept.
First time accepted submitter Carly Page writes When asked for its response to Edward Snowden's claims that "Dropbox is hostile to privacy", Dropbox told The INQUIRER that users concerned about privacy should add their own encryption. The firm warned however that if users do, not all of the service's features will work. Head of Product at Dropbox for Business Ilya Fushman says: "We have data encrypted on our servers. We think of encryption beyond that as a users choice. If you look at our third-party developer ecosystem you'll find many client-side encryption apps....It's hard to do things like rich document rendering if they're client-side encrypted. Search is also difficult, we can't index the content of files. Finally, we need users to understand that if they use client-side encryption and lose the password, we can't then help them recover those files."
Verizon

Verizon's Offer: Let Us Track You, Get Free Stuff 63

Posted by samzenpus
from the do-your-worst dept.
mpicpp points out a new program from Verizon that is perfect if you don't mind being tracked. Are you comfortable having your location and Web browsing tracked for marketing purposes? If so, Verizon's got a deal for you. The wireless giant announced a new program this week called 'Smart Rewards' that offers customers credit card-style perks like discounts for shopping, travel and dining. You accrue points through the program by doing things like signing onto the Verizon website, paying your bill online and participating in the company's trade-in program. Verizon emphasizes that the data it collects is anonymized before it's shared with third parties. The program is novel in that offers Verizon users some compensation for the collection of their data, which has become big business for telecom and tech companies. Some privacy advocates have pushed data-collecting companies to reward customers for their personal information in the interest of transparency.
Government

VP Biden Briefs US Governors On H-1B Visas, IT, and Coding 180

Posted by Soulskill
from the at-least-he-was-wearing-pants dept.
theodp writes: Back in 2012, Computerworld blasted Vice President Joe Biden for his ignorance of the H-1B temporary work visa program. But Joe's got his H-1B story and he's sticking to it, characterizing the visa program earlier this month in a speech to the National Governors Association as "apprenticeships" of sorts that companies provide to foreign workers to expand the Information Technology industry only after proving there are no qualified Americans to fill the jobs. Biden said he also learned from his talks with tech's top CEOs that 200,000 of the jobs that companies provide each year to highly-skilled H-1B visa holders could in fact be done by Americans with no more than a two-year community college degree.
United States

The Secret Government Rulebook For Labeling You a Terrorist 196

Posted by Soulskill
from the suspect-wears-a-funny-hat dept.
Advocatus Diaboli sends this report: The Obama administration has quietly approved a substantial expansion of the terrorist watchlist system, authorizing a secret process that requires neither "concrete facts" nor "irrefutable evidence" to designate an American or foreigner as a terrorist, according to a key government document obtained by The Intercept. ...The heart of the document revolves around the rules for placing individuals on a watchlist. "All executive departments and agencies," the document says, are responsible for collecting and sharing information on terrorist suspects with the National Counterterrorism Center. It sets a low standard—"reasonable suspicion"—for placing names on the watchlists, and offers a multitude of vague, confusing, or contradictory instructions for gauging it. In the chapter on "Minimum Substantive Derogatory Criteria"—even the title is hard to digest—the key sentence on reasonable suspicion offers little clarity.
Government

The Department of Homeland Security Needs Its Own Edward Snowden 177

Posted by Soulskill
from the any-volunteers? dept.
blottsie writes: Out of all the U.S. government agencies, the Department of Homeland Security is one of the least transparent. As such, the number of Freedom of Information Act requests it receives have doubled since 2008. But the DHS has only become more adamant about blocking FOIA requests over the years. The problem has become so severe that nothing short of an Edward Snowden-style leak may be needed to increase transparency at the DHS.
AI

Researchers Design Bot To Conduct National Security Clearance Interviews 98

Posted by Unknown Lamer
from the why-do-you-say-you-are-not-a-threat-to-national-security? dept.
meghan elizabeth (3689911) writes Advancing a career in the U.S. government might soon require an interview with a computer-generated head who wants to know about that time you took ketamine. A recent study by psychologists at the National Center for Credibility Assessment, published in the journal Computers and Human Behavior, asserts that not only would a computer-generated interviewer be less "time consuming, labor intensive, and costly to the Federal Government," people are actually more likely to admit things to the bot. Eliza finds a new job.
Firefox

Firefox 33 Integrates Cisco's OpenH264 177

Posted by Unknown Lamer
from the monty-does-it-better dept.
NotInHere (3654617) writes As promised, version 33 of the Firefox browser will fetch the OpenH264 module from Cisco, which enables Firefox to decode and encode H.264 video, for both the <video> tag and WebRTC, which has a codec war on this matter. The module won't be a traditional NPAPI plugin, but a so-called Gecko Media Plugin (GMP), Mozilla's answer to the disliked Pepper API. Firefox had no cross-platform support for H.264 before. Note that only the particular copy of the implementation built and blessed by Cisco is licensed to use the h.264 patents.
Google

Privacy Lawsuit Against Google Rests On Battery Drain Claims 155

Posted by Soulskill
from the discovery-will-be-powered-by-bing dept.
Jason Koebler writes: According to plaintiffs in a class-action lawsuit against Google, personal information about you and your browsing, email, and app-using habits that is regularly sent between apps on you Android phone is harming your battery life. As odd as it sounds, this minor yet demonstrable harm is what will allow their lawsuit to go forward. A federal judge ruled that the claim "requires a heavily and inherently fact-bound inquiry." That means there's a good chance we're about to get a look into the ins and outs of Google's advertising backbone: what information is shared with whom, and when.
Electronic Frontier Foundation

EFF Releases Wireless Router Firmware For Open Access Points 56

Posted by Soulskill
from the secure-is-as-secure-does dept.
klapaucjusz writes: The EFF has released an experimental router firmware designed make it easy to deploy open (password-less) access points in a secure manner. The EFF's firmware is based on the CeroWRT fork of OpenWRT, but appears to remove some of its more advanced routing features. The EFF is asking for help to further develop the firmware. They want the open access point to co-exist on the same router as your typical private and secured access point. They want the owner to be able to share bandwidth, but with a cap, so guests don't degrade service for the owner. They're also looking to develop a network queueing, a minimalist web UI, and an auto-update mechanism. The EFF has also released the beta version of a plug-in called Privacy Badger for Firefox and Chrome that will prevent online advertisers from tracking you.
Privacy

Black Hat Presentation On Tor Cancelled, Developers Working on Bug Fix 50

Posted by Soulskill
from the you-can't-say-that-on-television dept.
alphadogg writes A presentation on a low-budget method to unmask users of a popular online privacy tool Tor will no longer go ahead at the Black Hat security conference early next month. The talk was nixed by the legal counsel with Carnegie Mellon's Software Engineering Institute after a finding that materials from researcher Alexander Volynkin were not approved for public release, according to a notice on the conference's website. Tor project leader Roger Dingledine said, "I think I have a handle on what they did, and how to fix it. ... Based on our current plans, we'll be putting out a fix that relays can apply that should close the particular bug they found. The bug is a nice bug, but it isn't the end of the world." Tor's developers were "informally" shown materials about the bug, but never saw any details about what would be presented in the talk.
United Kingdom

UK Users Overwhelmingly Spurn Broadband Filters 113

Posted by timothy
from the but-it's-a-free-service dept.
nk497 (1345219) writes "Broadband customers are overwhelmingly choosing not to use parental-control systems foisted on ISPs by the government — with takeup in the single-digits for three of the four major broadband providers. Last year, the government pushed ISPs to roll out network-level filters, forcing new customers to make an "active" decision about whether they want to use them or not. Only 5% of new BT customers signed up, 8% opted in for Sky and 4% for Virgin Media. TalkTalk rolled out a parental-control system two years before the government required it and has a much better takeup, with 36% of customers signing up for it. The report, from regulator Ofcom, didn't bother to judge if the filters actually work, however."
Piracy

For Now, UK Online Pirates Will Get 4 Warnings -- And That's It 138

Posted by timothy
from the on-high-alert dept.
New submitter Tmackiller writes with an excerpt from VG247.com: The British government has decriminalised online video game, music and movie piracy, scrapping fuller punishment plans after branding them unworkable. Starting in 2015, persistent file-sharers will be sent four warning letters explaining their actions are illegal, but if the notes are ignored no further action will be taken. The scheme, named the Voluntary Copyright Alert Programme (VCAP), is the result of years of talks between ISPs, British politicians and the movie and music industries. The UK's biggest providers – BT, TalkTalk, Virgin and Sky – have all signed up to VCAP, and smaller ISPs are expected to follow suit. VCAP replaces planned anti-piracy measures that included cutting users' internet connections and creating a database of file-sharers. Geoff Taylor, chief executive of music trade body the BPI, said VCAP was about "persuading the persuadable, such as parents who do not know what is going on with their net connection." He added: "VCAP is not about denying access to the internet. It's about changing attitudes and raising awareness so people can make the right choice." Officials will still work to close and stem funding to file-sharing sites, but the news appears to mean that the British authorities have abandoned legal enforcement of online media piracy. Figures recently published by Ofcom said that nearly a quarter of all UK downloads were of pirated content." Tmackiller wants to know "Will this result in more private lawsuits against file sharers by the companies involved?"
Privacy

A New Form of Online Tracking: Canvas Fingerprinting 182

Posted by Unknown Lamer
from the subverting-features-for-evil-and-profit dept.
New submitter bnortman (922608) was the first to write in with word of "a new research paper discussing a new form of user fingerprinting and tracking for the web using the HTML 5 <canvas> ." globaljustin adds more from an article at Pro Publica: Canvas fingerprinting works by instructing the visitor's Web browser to draw a hidden image. Because each computer draws the image slightly differently, the images can be used to assign each user's device a number that uniquely identifies it. ... The researchers found canvas fingerprinting computer code ... on 5 percent of the top 100,000 websites. Most of the code was on websites that use the AddThis social media sharing tools. Other fingerprinters include the German digital marketer Ligatus and the Canadian dating site Plentyoffish. ... Rich Harris, chief executive of AddThis, said that the company began testing canvas fingerprinting earlier this year as a possible way to replace cookies ...
Facebook

The Loophole Obscuring Facebook and Google's Transparency Reports 18

Posted by samzenpus
from the fuzzy-math dept.
Jason Koebler writes The number of law enforcement requests coming from Canada for information from companies like Facebook and Google are often inaccurate thanks to a little-known loophole that lumps them in with U.S. numbers. For example, law enforcement and government agencies in Canada made 366 requests for Facebook user data in 2013, according to the social network's transparency reports. But that's not the total number. An additional 16 requests are missing, counted instead with U.S. requests thanks to a law that lets Canadian agencies make requests with the U.S. Department of Justice.
Government

Activist Group Sues US Border Agency Over New, Vast Intelligence System 82

Posted by samzenpus
from the lets-see-what-you-have-there dept.
An anonymous reader writes with news about one of the latest unanswered FOIA requests made to the Department of Homeland Security and the associated lawsuit the department's silence has brought. The Electronic Privacy Information Center (EPIC) has sued the United States Customs and Border Protection (CBP) in an attempt to compel the government agency to hand over documents relating to a relatively new comprehensive intelligence database of people and cargo crossing the US border. EPIC's lawsuit, which was filed last Friday, seeks a trove of documents concerning the 'Analytical Framework for Intelligence' (AFI) as part of a Freedom of Information Act (FOIA) request. EPIC's April 2014 FOIA request went unanswered after the 20 days that the law requires, and the group waited an additional 49 days before filing suit. The AFI, which was formally announced in June 2012 by the Department of Homeland Security (DHS), consists of "a single platform for research, analysis, and visualization of large amounts of data from disparate sources and maintaining the final analysis or products in a single, searchable location for later use as well as appropriate dissemination."
Privacy

Researcher Finds Hidden Data-Dumping Services In iOS 95

Posted by samzenpus
from the don't-take-my-data-bro dept.
Trailrunner7 writes There are a number of undocumented and hidden features and services in Apple iOS that can be used to bypass the backup encryption on iOS devices and remove large amounts of users' personal data. Several of these features began as benign services but have evolved in recent years to become powerful tools for acquiring user data.

Jonathan Zdziarski, a forensic scientist and researcher who has worked extensively with law enforcement and intelligence agencies, has spent quite a bit of time looking at the capabilities and services available in iOS for data acquisition and found that some of the services have no real reason to be on these devices and that several have the ability to bypass the iOS backup encryption. One of the services in iOS, called mobile file_relay, can be accessed remotely or through a USB connection can be used to bypass the backup encryption. If the device has not been rebooted since the last time the user entered the PIN, all of the data encrypted via data protection can be accessed, whether by an attacker or law enforcement, Zdziarski said.
Update: 07/21 22:15 GMT by U L : Slides.
Communications

New York Judge OKs Warrant To Search Entire Gmail Account 150

Posted by samzenpus
from the we-want-everything dept.
jfruh writes While several U.S. judges have refused overly broad warrants that sought to grant police access to a suspect's complete Gmail account, a federal judge in New York State OK'd such an order this week. Judge Gabriel W. Gorenstein argued that a search of this type was no more invasive than the long-established practice of granting a warrant to copy and search the entire contents of a hard drive, and that alternatives, like asking Google employees to locate messages based on narrowly tailored criteria, risked excluding information that trained investigators could locate.
Businesses

California In the Running For Tesla Gigafactory 171

Posted by samzenpus
from the if-you-build-it dept.
An anonymous reader writes Thanks to some clean-energy tax incentives approved late this spring, California appears to be in the running again for Tesla's "Gigafactory". From the article: "The decision should have been made by now, and ground broken, according to the company's timeline, but is on hold, allowing California, which was not in the race initially — CEO Elon Musk has called California an improbable choice, citing regulations — to throw its hat in the ring. 'In terms of viability, California has progressed. Now it's a four-plus-one race,' said Simon Sproule, Tesla's vice president of global communication and marketing, referring to the four named finalists — Texas, Arizona, New Mexico and Nevada — for the prize. That's heartening. Having the Gigafactory would be a vindication of Gov. Jerry Brown's drive to make California the home of advanced manufacturing, of which Tesla's battery technology is a prime example. With its technology, 'Tesla may be in position to disrupt industries well beyond the realm of traditional auto manufacturing. It's not just cars,' a Morgan Stanley analyst told Quartz, an online business publication last year.
Privacy

Snowden Seeks To Develop Anti-Surveillance Technologies 129

Posted by samzenpus
from the snowden-brand dept.
An anonymous reader writes Speaking via a Google Hangout at the Hackers on Planet Earth Conference, Edward Snowden says he plans to work on technology to preserve personal data privacy and called on programmers and the tech industry to join his efforts. "You in this room, right now have both the means and the capability to improve the future by encoding our rights into programs and protocols by which we rely every day," he said. "That is what a lot of my future work is going to be involved in."

fortune: not found

Working...