Government

Critics Call White House Social Media Bias Survey A 'Data Collection Ploy' (sfgate.com) 199

An anonymous reader quotes the Washington Post: Venky Ganesan, a partner at technology investor Menlo Ventures, told The Washington Post that the White House's new survey about bias on social media is "pure kabuki theatre" and an attempt to curry political points with conservatives. He said the Trump administration's repeated accusations that tech companies censor conservative voices are unfounded because even though most Silicon Valley executives are liberal or libertarian, they wouldn't let politics get in the way of their primary goal: making money...

The Internet Association, a trade association representing Facebook, Google and other tech companies, also pushed back on President Trump's repeated accusations that their products are biased against conservatives. The association says the platforms are open and enable the speech of all Americans -- including the president himself. "That's why the president uses Twitter so much," said Michael Beckerman, the Internet Association's chief executive. "He actually used Twitter for this particular announcement, which is perhaps ironic."

The article adds that the Trump administration "declined to tell The Washington Post what it planned to do with the data it's amassing." But on Twitter the New York Times technology columnist Kevin Roose argued that the survey "is just going to be used to assemble a voter file, which Trump will then pay Facebook millions of dollars to target with ads about how biased Facebook is."

Vice also believes it's a "craven data collection ploy" and "an elaborate way of getting people to subscribe to the White House's email list," adding "If this whole enterprise feels shady, that's because it is... The site isn't even hosted on a government server, but was created with Typeform, a Spain-based web tool that lets anyone set up simple surveys." Mashable also notes that the site "also just so happens to have an absolutely bonkers privacy policy" which includes allowing the White House to edit everything that's submitted.

Click here to read even more reactions.
Electronic Frontier Foundation

Censorship 'Can't Be The Only Answer' To Anti-Vax Misinformation, Argues EFF (eff.org) 313

Despite the spread of anti-vaccine misinformation, "censorship cannot be the only answer," argues the EFF, adding that "removing entire categories of speech from a platform does little to solve the underlying problems."

"Tech companies and online platforms have other ways to address the rapid spread of disinformation, including addressing the algorithmic 'megaphone' at the heart of the problem and giving users control over their own feeds... " Anti-vax information is able to thrive online in part because it exists in a data void in which available information about vaccines online is "limited, non-existent, or deeply problematic." Because the merit of vaccines has long been considered a decided issue, there is little recent scientific literature or educational material to take on the current mountains of disinformation. Thus, someone searching for recent literature on vaccines will likely find more anti-vax content than empirical medical research supporting vaccines. Censoring anti-vax disinformation won't address this problem.

Even attempts at the impossible task of wiping anti-vax disinformation from the Internet entirely will put it beyond the reach of researchers, public health professionals, and others who need to be able to study it and understand how it spreads. In a worst-case scenario, well-intentioned bans on anti-vax content could actually make this problem worse. Facebook, for example, has over-adjusted in the past to the detriment of legitimate educational health content...

Platforms must address one of the root causes behind disinformation's spread online: the algorithms that decide what content users see and when. And they should start by empowering users with more individualized tools that let them understand and control the information they see.... Users shouldn't be held hostage to a platform's proprietary algorithm. Instead of serving everyone "one algorithm to rule them all" and giving users just a few opportunities to tweak it, platforms should open up their APIs to allow users to create their own filtering rules for their own algorithms. News outlets, educational institutions, community groups, and individuals should all be able to create their own feeds, allowing users to choose who they trust to curate their information and share their preferences with their communities.

Government

California's Politicians Rush To Gut Internet Privacy Law With Pro-Tech Giant Amendments (theregister.co.uk) 59

The right for Californians to control the private data that tech companies hold on them may be undermined today at a critical committee hearing in Sacramento. The Register reports: The Privacy And Consumer Protection Committee will hold a special hearing on Tuesday afternoon to discuss and vote on nine proposed amendments to the California Consumer Privacy Act (CCPA) -- which was passed last year in the U.S. state but has yet to come into force. Right now, the legislation is undergoing tweaks at the committee stage. Privacy advocates are warning that most of the proposals before the privacy committee are influenced by the very industry that the law was supposed to constrain: big tech companies like Google, Facebook, and Amazon.

In most cases, the amendments seek to add carefully worded exemptions to the law that would benefit business at the cost of consumer rights. But most upsetting to privacy folk is the withdrawal of an amendment by Assembly member Buffy Wicks (D-15th District) that incorporated changes that would enhance consumer data privacy rights. Wicks' proposal would have given consumers more of a say of what is done with their personal data and more power to sue companies that break the rules. But the Assembly member pulled the measure the day before the hearing because it was not going to get the necessary votes. If a measure is voted down it cannot be reintroduced in that legislative session.

Privacy

Corporate Surveillance: When Employers Collect Data on Their Workers (cnbc.com) 54

An anonymous reader quotes CNBC: The emergence of sensor and other technologies that let businesses track, listen to and even watch employees while on company time is raising concern about corporate levels of surveillance... Earlier this year, Amazon received a patent for an ultrasonic bracelet that can detect a warehouse worker's location and monitor their interaction with inventory bins by using ultrasonic sound pulses. The system can track when and where workers put in or remove items from the bins. An Amazon spokesperson said the company has "no plans to introduce this technology" but that, if implemented in the future, could free up associates' hands, which now hold scanners to check and fulfill orders.

Walmart last year patented a system that lets the retail giant listen in on workers and customers. The system can track employee "performance metrics" and ensure that employees are performing their jobs efficiently and correctly by listening for sounds such as rustling of bags or beeps of scanners at the checkout line and can determine the number of items placed in bags and number of bags. Sensors can also capture sounds from guests talking while in line and determine whether employees are greeting guests. Walmart spokesman Kory Lundberg said the company doesn't have any immediate plans to implement the system.

Logistics company UPS has been using sensors in their delivery trucks to track usage to make sure drivers are wearing seat belts and maintenance is up to date.

Companies are also starting to analyze digital data, such as emails and calendar info, in the hopes of squeezing more productivity out of their workers. Microsoft's Workplace Analytics lets employers monitor data such as time spent on email, meeting time or time spent working after hours. Several enterprises, including Freddie Mac and CBRE, have tested the system.

A senior staff attorney for the EFF argues that new consumer privacy laws may not apply to employees. The article also cites a recent survey by Accenture in which 62% of executives "said their companies are using new technologies to collect data on people -- from the quality of work to safety and well-being" -- even though "fewer than a third said they feel confident they are using the data responsibly."

Yet the leader of Accenture's talent and organization practice argues that workforce data "could boost revenue by 6.4%. This has encouraged workers to be open to responsible use of data, but they want to know that they will get benefits and return on their time."
Twitter

Starz Goes on Twitter Meta-Censorship Spree To Cover Up TV-Show Leaks (torrentfreak.com) 55

American entertainment giant Starz is continuing to remove tweets that link to a TorrentFreak news report about leaked TV-shows. From a report: Last week we posted a news article documenting how several TV-show episodes had leaked online before their official release. Due to the leaks, complete seasons of unreleased TV-shows such as "The Spanish Princess," "Ramy," and "The Red Line," surfaced on pirate sites. In most cases, there were visible signs revealing that the leaks were sourced from promotional screeners. The leaks also hit Starz, as three then-unreleased episodes from its TV series "American Gods" appeared online as well. The American entertainment company was obviously not happy with that, but its response was rather unconventional.

Soon after the news was published, Starz issued a takedown request through The Social Element Agency, requesting Twitter to remove our tweet to our own article. Twitter was quick to comply and removed the tweet that supposedly infringed Starz copyrights. We disagreed. The article in question never linked to any infringing material. It did include a screenshot from a leaked episode, showing the screener watermarks, but those watermarks were central to the story, as we explained in a follow-up piece. The good news is that many legal scholars, journalists, and lawyers agree with our stance. The Electronic Frontier Foundation (EFF), for example, responded that Starz has no right to silence TorrentFreak and also shared that opinion on Twitter, where many others chimed in as well. That's when things started to spiral out of control. Starz takedown efforts only encouraged more people to share the original story about the leaks, which is a classic example of the 'Streisand Effect'. However, Starz didn't budge and issued takedown notices against those tweets as well.

Electronic Frontier Foundation

EFF: Facebook Should Notify Users Who Interact With Fake Police 'Sock Puppet' Accounts (eff.org) 100

An anonymous reader quotes a senior investigative researcher at the EFF: Despite Facebook's repeated warnings that law enforcement is required to use "authentic identities" on the social media platform, cops continue to create fake and impersonator accounts to secretly spy on users. By pretending to be someone else, cops are able to sneak past the privacy walls users put up and bypass legal requirements that might require a warrant to obtain that same information...

EFF is now calling on Facebook to escalate the matter with law enforcement in the United States. Facebook should take the following actions to address the proliferation of fake/impersonator Facebook accounts operated by law enforcement, in addition to suspending the fake accounts.

- As part of its regular transparency reports, Facebook should publish data on the number of fake/impersonator law enforcement accounts identified, what agencies they belonged to, and what action was taken.

- When a fake/impersonator account is identified, Facebook should alert the users and groups that interacted with the account whether directly or indirectly.

The article also suggests updating Facebook's Terms of Service to explicitly prohibit fake/impersonator profiles by law enforcement groups, and updating Facebook pages of law enforcement groups to inform visitors when those groups have a written policy allowing fake/impersonator law enforcement accounts. "These four changes are relatively light lifts that would enhance transparency and establish real consequences for agencies that deliberately violate the rules..."

"Facebook's practice of taking down these individual accounts when they learn about them from the press (or from EFF) is insufficient to deter what we believe is a much larger iceberg beneath the surface."
EU

Europe Passes Controversial Online Copyright Reforms (venturebeat.com) 380

EU lawmakers today endorsed an overhaul of the bloc's two-decade old copyright rules, which will force Google and Facebook to pay publishers for use of news snippets and make them filter out protected content. From a report: The set of copyright rules known as the Directive on Copyright in the Digital Single Market, but more succinctly as the EU Copyright Directive, has been debated and discussed for several years. While it is broadly uncontroversial in many regards, there are two facets to the directive that has caused the internet to freak out. Article 11, which has been dubbed the "link tax," stipulates that websites pay publishers a fee if they display excerpts of copyrighted content -- or even link to it. This obviously could have big ramifications for services such as Google News. Then there is Article 13, dubbed the "upload filter," which would effectively make digital platforms legally liable for any copyright infringements on their platform, which has stoked fears that it would stop people from sharing content -- such as GIF-infused memes -- on social networks. In a statement, EFF said, "In a stunning rejection of the will five million online petitioners, and over 100,000 protestors this weekend, the European Parliament has abandoned common-sense and the advice of academics, technologists, and UN human rights experts, and approved the Copyright in the Digital Single Market Directive in its entirety."
Electronic Frontier Foundation

The US Desperately Needs a 'Fiber For All' Plan (eff.org) 204

The Electronic Frontier Foundation has published a new report calling for a "fiber for all" plan to combat the broadband access crisis in the United States. Government data and independent analysis show we are falling behind the rest of the developed world in this area, and "the U.S. is the only country that believes having no plan will solve this issue," writes Ernesto Falcon from the EFF. "We are the only country to completely abandon federal oversight of an uncompetitive, highly concentrated market that sells critical services to all people, yet we expect widely available, affordable, ultra-fast services. But if you live in a low-income neighborhood or in a rural market today, you know very well this is not working and the status quo is going to cement in your local broadband options to either one choice or no choice." From the report: Very small ISPs and local governments with limited budgets are at the frontline of deploying fiber to the home to fix these problems, but policymakers from the federal, state, and local level need to step up and lead. At least 19 states still have laws that prohibit local governments from deploying community broadband projects. Worst yet, both AT&T and Verizon are actively asking the FCC to make it even harder for small private ISPs to deploy fiber, so that the big incumbents can raise prices and suppress competition, a proposal EFF has urged the FCC to reject.

This is why we need to push our elected officials and regulators for a fiber-for-all-people plan to ensure everyone can obtain the next generation of broadband access. Otherwise, the next generation of applications and services won't be usable in most of the United States. They will be built instead for markets with better, faster, cheaper, and more accessible broadband. This dire outcome was the central thesis to a recently published book by Professor Susan Crawford (appropriately named Fiber) and EFF agrees with its findings. If American policymakers do not remedy the failings in the US market and actively pursue ways to drive fiber deployment with the goal of universal coverage, then a staggering number of Americans will miss out on the latest innovations that will occur on the Internet because it will be inaccessible or too expensive. As a result, we will see a worsening of the digital divide as advances in virtual reality, cloud computing, gaming, education, and things we have not invented yet are going to carry a monopoly price tag for a majority of us -- or just not be accessible here. This does not have to be so, but it requires federal, state, and local governments to get to work on policies that promote fiber infrastructure to all people.
Most of the talk lately has been about 5G networks, but the less-spoken truth about these networks is that they need dense fiber networks to make them work. "One estimate on the amount of fiber investment that needs to occur is as much as $150 billion -- including fiber to the home deployments -- in the near future, and we are far below that level of commitment to fiber," the report says.
Databases

Massive Database Leak Exposes China's 'Digital Surveillance State' (eff.org) 72

Long-time Slashdot reader retroworks shared this EFF article: Although relatively little news gets out of Xinjiang to the rest of the world, we've known for over a year that China has been testing facial-recognition tracking and alert systems across Xinjiang and mandating the collection of biometric data -- including DNA samples, voice samples, fingerprints, and iris scans -- from all residents between the ages of 12 and 65... Earlier this month, security researcher Victor Gevers found and disclosed an exposed database live-tracking the locations of about 2.6 million residents of Xinjiang, China, offering a window into what a digital surveillance state looks like in the 21st century...

Over a period of 24 hours, 6.7 million individual GPS coordinates were streamed to and collected by the database, linking individuals to various public camera streams and identification checkpoints associated with location tags such as "hotel," "mosque," and "police station." The GPS coordinates were all located within Xinjiang. This database is owned by the company SenseNets, a private AI company advertising facial recognition and crowd analysis technologies. A couple of days later, Gevers reported a second open database tracking the movement of millions of cars and pedestrians. Violations like jaywalking, speeding, and going through a red-light are detected, trigger the camera to take a photo, and ping a WeChat API, presumably to try and tie the event to an identity.

China may have a working surveillance program in Xinjiang, but it's a shockingly insecure security state. Anyone with an Internet connection had access to this massive honeypot of information... Even poorly-executed surveillance is massively expensive, and Beijing is no doubt telling the people of Xinjiang that these investments are being made in the name of their own security. But the truth, revealed only through security failures and careful security research, tells a different story: China's leaders seem to care little for the privacy, or the freedom, of millions of its citizens.

EFF also reports that a Chinese cybersecurity firm also recently discovered 468 exposed MongoDB servers on the internet, including databases containing detailed information about remote access consoles owned by China General Nuclear Power Group.

Meanwhile, ZDNet suggests that SenseNets may actually be "a government contractor, helping authorities track the Muslim minority, rather than a private company selling its product to another private entity. Otherwise, it would be hard to explain how SenseNets has access to ID card information and camera feeds from police stations and other government buildings."
The Courts

Judge Says Washington State Cyberstalking Law Violates Free Speech (engadget.com) 155

A federal judge has blocked Washington State's 2004 cyberstalking law after ruling that a key provision violated First Amendment protections for free speech due to vague terms. "Its prohibitions against speech meant to 'harass, intimidate, torment or embarrass' weren't clearly defined, according to the judge, and effectively criminalized a 'large range' of language guarded under the Constitution," reports Engadget. "You could theoretically face legal action just by criticizing a public figure." From the report: The ruling came after a retired Air Force Major, Richard Rynearson III, sued to have the law overturned. He claimed that Kitsap County threatened to prosecute him under the cyberstalking law for criticizing an activist involved with a memorial to Japanese victims of U.S. internment camps during World War II. While Rynearson would use "invective, ridicule, and harsh language," the judge said, his language was neither threatening nor obscene.

Officials had contended that the law held up because it targeted conduct, not the speech itself. They also maintained that Rynearson hadn't shown evidence of a serious threat -- just that the prosecutor's office would see how Rynearson behaved and take action if necessary. A county court had already tossed out the activist's restraining order against Rynearson over free speech. It's not clear whether Washington will appeal the decision. If the ruling stays, though, it could force legislators to significantly narrow the scope if it wants a cyberstalking law to remain in place. This might also set a precedent that could affect legislation elsewhere in the country.
The Electronic Frontier Foundation praises the judge's decision, adding: "This is all valuable speech that is protected by the First Amendment, and no state law should be allowed to undermine these rights. We are pleased that the judge has agreed."
Facebook

Former Facebook Employees Say The Company's Prioritization Of Privacy is About Optics (buzzfeednews.com) 50

Last May, Facebook promised to launch a "Clear History" feature that it said would give users more control over their data. 9 months later it's nowhere to be found and now a report claims that it's a key example of the company's "reactionary" way of dealing with privacy concerns. From a report: Thus far, Facebook's public discussions of Clear History appear to have been more about communications strategy than charting a new course. In a Facebook post looking back on 2018, Zuckerberg pointed to the tool as one that would "give people more transparency" while Sandberg highlighted it to show Facebook's willingness to change during a speech at the World Economic Forum in Davos, Switzerland, last month.

Still, nine months after its initial announcement, Clear History is nowhere to be found. "We want to make sure this works the way it should for everyone on Facebook, which is taking longer than expected," the company said in a statement to BuzzFeed News. It's unclear if new high-profile hires, like Nate Cardozo (formerly of EFF) and Robyn Greene (formerly of New America's Open Technology Institute), will work with Facebook's new privacy unit or if they will be involved with Clear History. It has reached out to groups like Access Now, the Electronic Frontier Foundation (EFF), and the Center for Democracy and Technology (CDT), as well as academics. Sources confirmed that CDT and EFF were advising Facebook on its Clear History tool, but could not disclose specifics of their meetings due to nondisclosure agreements. Access Now's Masse confirmed Facebook had reached out on a number of issues, including Clear History, in the last few months, but called the conversations "punctual and limited." "Despite repeated statements and apologies from the company, we are not seeing a shift in Facebook data practices or an attitude that would suggest that they take data protection seriously," she said.

Movies

Star of Film 'Downfall' and Widespread 'Hitler Finds Out...' Meme, Dead At 77 (theguardian.com) 50

The Guardian reports: Bruno Ganz, the Swiss actor who played Adolf Hitler in the film Downfall, has died in Zurich at the age of 77, his agent announced. The actor became internationally renowned for his 2004 portrayal of the German dictator's final days inside his Berlin bunker. In a Guardian review of Downfall Rob Mackie described Ganz as "the most convincing screen Hitler yet: an old, bent, sick dictator with the shaking hands of someone with Parkinson's, alternating between rage and despair in his last days in the bunker...." It is widely believed to be the cinematic footage most often shared online, as well as the cause of one of the world's most productive internet memes.
They're referring to "One climactic scene featuring a Ganz tour de force" that was "relentlessly parodied in widespread 'Hitler Finds Out...' videos, featuring anachronistic subtitles depicting his rage and fury over topical, mundane, or banal events and trivial gossip," explains long-time Slashdot reader Freshly Exhumed:

The spread of the meme was aided inestimably by the Streisand Effect caused when the production company, Constantin Films began sending DMCA takedown notices to YouTube. Eventually the company relented as the parodies constituted strong fair use cases.
When the director of the film was asked about the parodies, he admitted that "I think I've seen about 145 of them! Of course, I have to put the sound down when I watch. Many times the lines are so funny, I laugh out loud, and I'm laughing about the scene that I staged myself! You couldn't get a better compliment as a director."
Wireless Networking

Countries With Zero Rating Have More Expensive Wireless Broadband Than Countries Without It 160

A comprehensive multi-year study by the non-profit Epicenter.works, comparing the 30 member countries of the European Union (EU) on net neutrality enforcement, has found that zero rating business practices by wireless carriers have increased the cost of wireless data compared to countries without zero rating. From a report: This directly contradicts all of the assertions by major wireless carriers that their zero rating practices are "free data" for consumers. Based on the evidence, zero rating not only serves as a means to enhance ISPs' power over the Internet, but it's also how they charge consumers more money for wireless service. Zero rating was originally going to be banned by the FCC under the General Conduct Rule, but when the FCC changed leadership the agency promptly green lighted and encouraged the industry to engage in zero rating practices before it began its repeal of net neutrality.
United States

Highest Court In Indiana Set To Decide If You Can Be Forced To Unlock Your Phone (eff.org) 190

The Electronic Frontier Foundation argues that police should not be allowed to force you to turn over your passcode or unlock your device. "The Fifth Amendment states that no one can be forced to be 'a witness against himself,' and we argue that the constitutional protection applies to forced decryption," writes the EFF. Last week, the non-profit digital rights group filed a brief making that case to the Indiana Supreme Court, which is set to decide if you can be forced to unlock your phone. From the report: The case began when Katelin Eunjoo Seo reported to law enforcement outside of Indianapolis that she had been the victim of a rape and allowed a detective to examine her iPhone for evidence. But the state never filed charges against Seo's alleged rapist, identified by the court as "D.S." (Courts often refer to minors using their initials.) Instead, the detective suspected that Seo was harassing D.S. with spoofed calls and texts, and she was ultimately arrested and charged with felony stalking. Along with a search warrant, the state sought a court order to force Seo to unlock her phone. Seo refused, invoking her Fifth Amendment rights. The trial court held her in contempt, but an intermediate appeals court reversed. When the Indiana Supreme Court agreed to get involved, it took the somewhat rare step of inviting amicus briefs. EFF got involved because, as we say in our brief filed along with the ACLU and the ACLU of Indiana, the issue in Seo is "no technicality; it is a fundamental protection of human dignity, agency, and integrity that the Framers enshrined in the Fifth Amendment."

Our argument to the Indiana Supreme Court is that compelling Seo to enter her memorized passcode would be inherently testimonial because it reveals the contents of her mind. Obviously, if she were forced to verbally tell a prosecutor her password, it would be a testimonial communication. By extension, the act of forced unlocking is also testimonial. First, it would require a modern form of written testimony, the entry of the passcode itself. Second, it would rely on Seo's mental knowledge of the passcode and require her to implicitly acknowledge other information such as the fact that it was under her possession and control. The lower appellate court in Seo added an intriguing third reason: "In a very real sense, the files do not exist on the phone in any meaningful way until the passcode is entered and the files sought are decrypted. . . . Because compelling Seo to unlock her phone compels her to literally recreate the information the State is seeking, we consider this recreation of digital information to be more testimonial in nature than the mere production of paper documents." Because entering a passcode is testimonial, that should be the end of it, and no one should be ordered to decrypt their device, at least absent a grant of immunity that satisfies the Fifth Amendment.
The case gets complicated when you factor in a case from 1976 called Fisher v. United States, where the Supreme Court recognized an exception to the Fifth Amendment privilege for testimonial acts of production. "State and federal prosecutors have invoked it in nearly every forced decryption case to date," writes the EFF. "In Seo, the State argued that all that compelling the defendant to unlock her phone would reveal is that she knows her own passcode, which would be a foregone conclusion once it 'has proven that the phone belongs to her.'"

"As we argue in our amicus brief, this would be a dangerous rule for the Indiana Supreme Court to adopt. If all the government has to do to get you to unlock your phone is to show you know the password, it would have immense leverage to do so in any case where it encounters encryption."
Electronic Frontier Foundation

Larry Lessig Will Headline Friday's 'Grand Re-opening of the Public Domain' Event (archive.org) 21

An anonymous reader quotes the Internet Archive's blog Please join us for a Grand Re-opening of the Public Domain, featuring a keynote address by Creative Commons' founder, Lawrence Lessig, on January 25, 2019. Co-hosted by the Internet Archive and Creative Commons, this celebration will feature legal thought leaders, lightning talks, demos, and the chance to play with these new public domain works. The event will take place at the Internet Archive in San Francisco....

Join the creative, legal, library, and advocacy communities plus an amazing lineup of people who will highlight the significance of this new class of public domain works. Presenters include Larry Lessig, political activist and Harvard Law professor; Corynne McSherry, legal director of the Electronic Frontier Foundation; Cory Doctorow, science fiction author and co-editor of Boing Boing; Pam Samuelson, copyright scholar; and Jamie Boyle, the man who literally wrote the book on the public domain, and many others.

Attendees will also receive a discount on the world premiere of DJ Spooky's Quantopia: The Evolution of the Internet, a live concert commissioned by the Internet Archive "synthesizing data and art, both original and public domain materials, in tribute to the depth and high stakes of free speech and creative expression involved in our daily use of media."
Electronic Frontier Foundation

Electric Scooter Rental Service Bird Sent a 'Notice of Claimed Infringement' To a News Site For Reporting On Lawful Re-use of Scooters (eff.org) 114

Bird, an electric scooter rental company, sent a "Notice of Claimed Infringement" to news blog Boing Boing for reporting about people doing legal things that Bird does not like. EFF reports: Electric scooters have swamped a number of cities across the US, many of the scooters carelessly discarded in public spaces. Bird, though, has pioneered a new way to pollute the commons by sending a meritless takedown letter to a journalist covering the issue. The company cites the Digital Millennium Copyright Act and implies that even writing about the issue could be illegal. It's not.

Bird sent a "Notice of Claimed Infringement" over this article on Boing Boing, one of the Internet's leading sources of news and commentary. The article reports on the fact that large numbers of Bird scooters are winding up in impound lots, and that it's possible to lawfully purchase these scooters when cities auction them off, and then to lawfully modify those scooters so they work without the Bird app. The letter is necessarily vague about exactly how the post infringed any of Bird's rights, and with good reason: the post does no such thing, as we explain in a letter on behalf of Happy Mutants LLC, which owns and operates Boing Boing.

The post reports on lawful activity, nothing more. In fact, the First Amendment would have protected it even if reported on illegal conduct or advocated for people to break the law. (For instance, a person might lawfully advocate that an electric scooter startup should violate local parking ordinances. Hypothetically.) So, in a sense, it doesn't matter whether Bird is right or wrong when it claims that it's illegal to convert a Bird scooter to a personal scooter. Either way, Boing Boing was free to report on it.

Security

First-Ever UEFI Rootkit Tied To Sednit APT (threatpost.com) 168

Researchers hunting cyber-espionage group Sednit (an APT also known as Sofacy, Fancy Bear and APT28) say they have discovered the first-ever instance of a rootkit targeting the Windows Unified Extensible Firmware Interface (UEFI) in successful attacks. From a report: The discussion of Sednit was part of the 35C3 conference, and a session given by Frederic Vachon, a malware researcher at ESET who published a technical write-up on his findings earlier this fall [PDF]. During his session, Vachon said that finding a rootkit targeting a system's UEFI is significant, given that rootkit malware programs can survive on the motherboard's flash memory, giving it both persistence and stealth.

"UEFI rootkits have been researched and discussed heavily in the past few years, but sparse evidence has been presented of real campaigns actively trying to compromise systems at this level," he said. The rootkit is named LoJax. The name is a nod to the underlying code, which is a modified version of Absolute Software's LoJack recovery software for laptops. The purpose of the legitimate LoJack software is to help victims of a stolen laptop be able to access their PC without tipping off the bad guys who stole it. It hides on a system's UEFI and stealthily beacons its whereabouts back to the owner for possible physical recovery of the laptop.

Math

51st Known Mersenne Prime Number Found (mersenne.org) 65

chalsall (Slashdot reader #185), writes: The Great Internet Mersenne Prime Search (GIMPS) has discovered the largest known prime number, 2^82,589,933-1, having 24,862,048 digits. A computer volunteered by Patrick Laroche from Ocala, Florida made the find on December 7, 2018.

GIMPS has been on amazing lucky streak, finding triple the expected number of new Mersenne primes -- a dozen in the last fifteen years.

"This anomaly is not necessarily evidence that existing theories on the distribution of Mersenne primes is incorrect," notes GIMPS. "However, if the trend continues it may be worth further investigation. " They also report that the newly-discovered prime number "is more than one and a half million digits larger than the previous record prime number" -- and it's one of just 51 known Mersenne prime numbers ever discovered. "GIMPS, founded in 1996, has discovered the last 17..."

Patrick Laroche is one of thousands of volunteers using GIMPS' free software to hunt for prime numbers -- and is now eligible for a $3,000 "research discovery award," the group writes at mersenne.org. "GIMPS' next major goal is to win the $150,000 award administered by the Electronic Frontier Foundation offered for finding a 100 million digit prime number" -- of which $50,000 will be awarded to the discoverer, with another $50,000 going to a 501(c)(3) mathematics-related charity selected by GIMPS, and $50,000 retained by GIMPS to cover expenses and fund other awards.
Cloud

Cloudflare Under Fire For Allegedly Providing DDoS Protection For Terrorist Websites 98

Cloudflare is facing accusations that it's providing cybersecurity protection for at least seven terrorist organizations. "On Friday, HuffPost reported that it has reviewed numerous websites run by terrorist organizations and confirmed with four national security and counter-extremism experts that the sites are under the protection of Cloudflare's cybersecurity services," reports Gizmodo.

"Among Cloudflare's millions of customers are several groups that are on the State Department's list of foreign terrorist organizations, including al-Shabab, the Popular Front for the Liberation of Palestine, al-Quds Brigades, the Kurdistan Workers' Party (PKK), al-Aqsa Martyrs Brigade and Hamas -- as well as the Taliban, which, like the other groups, is sanctioned by the Treasury Department's Office of Foreign Assets Control (OFAC)," reports HuffPost.

"In the United States, it's a crime to knowingly provide tangible or intangible 'material support -- including communications equipment -- to a designated foreign terrorist organization or to provide service to an OFAC-sanctioned entity without special permission," the report continues. "Cloudflare, which is not authorized by the OFAC to do business with such organizations, has been informed on multiple occasions, dating back to at least 2012, that it is shielding terrorist groups behind its network, and it continues to do so." Gizmodo reports: The issue that HuffPost raises is whether Cloudflare is providing "material support" to sanctioned organizations. Some attorneys told HuffPost that it may be in violation of the law. Others, like the Electronic Frontier Foundation, argue that "material support" can and has been abused to silence speech. Cloudflare's general counsel, Doug Kramer, told Gizmodo over the phone that the company works closely with the U.S. government to ensure that it meets all of its legal obligations. He said that it is "proactive to screen for sanctioned groups and reactive to respond when its made aware of a sanctioned group" to which it may be providing services. HuffPost spoke with representatives from the Counter Extremism Project, who expressed frustration that they've sent four letters to Cloudflare over the last two years identifying seven terrorist-operated sites without receiving a reply. Kramer would not address any specific customers or situations when speaking with Gizmodo. He said that's simply company policy for reasons of protecting privacy.
Electronic Frontier Foundation

Can Democrats In Congress Restore America's Net Neutrality Rules? (nbcnews.com) 256

"Democrats are expected to use their upcoming control of the House to push for strong net neutrality rules," reports NBC News: "The FCC's repeal sparked an unprecedented political backlash, and we've channeled that internet outrage into real political power," said Evan Greer, deputy director of Fight for the Future, a digital rights-focused non-profit organization. "As we head into 2019, net neutrality supporters in the House of Representatives will be in a much stronger position to engage in FCC oversight...." Gigi Sohn, a former lawyer at the FCC who is now a fellow at the Georgetown Law Institute for Technology, Law and Policy, said she expects Democrats to use their new power to push for the restoration of strong net neutrality rules -- and for the topic to be on the lips of presidential hopefuls. "I have no doubt that bills to restore the 2015 rules will be introduced in both the Senate and the House relatively early on," Sohn said....

Jessica Rosenworcel, an FCC commissioner who has been a vocal supporter of net neutrality, noted that it has become a national issue -- and one that has broad approval from Americans. She pointed to a University of Maryland study that found 83 percent of people surveyed were against the FCC's move to undo the rules around net neutrality... Ernesto Falcon, legislative counsel at the Electronic Frontier Foundation...said he is "extraordinarily confident" that proponents of net neutrality will win. "It really just boils down to how one side of the polling is in this space," Falcon said.

Slashdot Top Deals