Frequent contributor Bennett Haselton writes with some strong cautions on a Facebook "feature" that lets you search for random phone numbers and find the accounts of users who have registered that number on their Facebook profile. This has privacy implications that are more serious than searching by email address. Especially in light of the expanding emphasis that Facebook is putting both on search qua search and on serving as a VoIP intermediary (not to mention the stream of robocalls that the FCC is unable to stop), this might make you think twice about where your phone number ends up. Read on for Bennett's description of the problem and some possible solutions.

iComp writes with a story about how it will cost you $100 to message Mark Zuckerberg on Facebook. "Got something you'd like to say to Mark Zuckerberg? The Facebook CEO still maintains a profile on the social networking site he founded, but beginning on Friday, sending him a personal message could cost you. Mashable was the first to notice that some users who weren't otherwise on the Behoodied One's Friends list were being asked to pony up before they could send a message to his Inbox, to the tune of $100 a pop. As El Reg reported in December, Facebook has been conducting a limited test of a feature that requires users to pay a fee to send messages to people with whom they have no direct connection. The idea is that the type of users who like to send spam, hate speech, and otherwise frivolous messages typically aren't willing to pay for the privilege. Impose a fee – however small – and they probably won't bother."

iComp sends word of a Chinese businessman who pleaded guilty to selling pirated software the retail value of which totaled more than $100 million. The software came from over 200 different companies, and was sold to buyers in 61 different countries over a 3-year period. The man was arrested by the U.S. Department of Homeland Security on the island of Saipan in 2011, after undercover agents had been working on the case for 18 months (PDF). "Li trolled black market Internet forums in search of hacked software, and people with the know-how to crack the passwords needed to run the program. Then he advertised them for sale on his websites. Li transferred the pirated programs to customers by sending compressed files via Gmail, or sent them hyperlinks to download servers, officials said. ... Agents lured Li from China to the U.S. territory of Saipan under the premise of discussing a joint illicit business venture. At an island hotel, Li delivered counterfeit packaging and, prosecutors said, "Twenty gigabytes of proprietary data obtained unlawfully from an American software company." Officials did not identify the company in court documents."

New submitter Fnordulicious writes "Although Canada's anti-spam legislation is already in place, the rules to implement it have been under development for more than a year. This weekend the proposed rules from the Department of Industry were published in the Canada Gazette. Kady O'Malley reports on the CBC Inside Politics Blog that Canadian ISPs will not be allowed to secretly monitor activity except in the case that the activity is illegal and represents an 'imminent risk to the security of its network.' In addition, consent would be required for monitoring of legal activities 'that are merely unauthorized or suspicious.'"

New submitter GavrocheLeGnou writes "The french ISP 'Free.fr' is now blocking ads from Adsense and other providers by default for all its subscribers. The option can be turned off globally, but there's no whitelist (Google translation of French original). From the article: 'Because the service doesn’t offer a whitelist (contrary to Adblock, a service I’ve used for years), this means that it is an all or nothing choice, activated by default to block everything. And since it is not only internet, but TV and phone lines running through the FreeBox, it’s possible that, if left unchecked, Free could beginning blocking TV ads, or phone calls from known spam hotlines. While this seems like a potentially beneficial service, there’s no doubt that it’s biting at the heels of several sectors who rely on advertisement to make money, let alone the advertisers themselves who pay to reach an audience, and are blocked at the door.'"

jfruh writes "Those Nigerian spam scams of the last decade may have just been the first step in a looming African cyber-crime wave. Africa has the world's fastest-growing middle class, whose members are increasingly tech-savvy and Internet connected — and the combination of ambitious, educated people, a ceiling on advancement due to corruption and lack of infrastructure, and lax law enforcement is a perfect petri dish for increased cybercrime."

An anonymous reader writes "A new trojan for Android has been discovered that can help carry out Distributed Denial of Service (DDoS) attacks. The malware is also capable of receiving commands from criminals as well as sending text messages for spamming purposes. The threat, detected as "Android.DDoS.1.origin" by Russian security firm Doctor Web, likely spreads via social engineering tricks. The malware disguises itself as a legitimate app from Google, according to the firm."

An anonymous reader writes "I work for a European ISP, and lately we're receiving quite a few complaints from customers about not being able to send emails because of UCEProtect's listings. After checking with their site, we found out that our whole AS (!) was blacklisted. Their 'immediate removal policy' asks for money, around 90 euros Per IP for end users and 300 euros for ISPs, and their site has bold statements like 'YOU ARE LOSING YOUR RIGHT TO EXPRESSDELIST YOUR IP IF YOU ARE STUPID AND CLAIMING THIS WOULD BE BLACKMAIL...' Could this be considered extortion-blackmail ? Has anyone else on Slashdot dealt with this service before?"

Spy Handler writes "According to PC Mag, 'Facebook is testing a feature that will let select users pay $1 to send messages to people with whom they have no connection on the social network. The $1 fee will open a thread with a non-Facebook friend. If that person replies to your note, you won't have to pay again to respond to them.' Facebook explained the test thus: 'Several commentators and researchers have noted that imposing a financial cost on the sender may be the most effective way to discourage unwanted messages and facilitate delivery of messages that are relevant and useful. This test is designed to address situations where neither social nor algorithmic signals are sufficient. For example, if you want to send a message to someone you heard speak at an event but are not friends with, or if you want to message someone about a job opportunity, you can use this feature to reach their Inbox. For the receiver, this test allows them to hear from people who have an important message to send them.'"

jfruh writes "You may remember the tale of the blogger who found that an infographic he'd put on his site was the front end of an SEO spam job. Well, he's since followed the money to figure out just who's behind this maneuver: the for-profit college industry. He discovered that the contact info of someone who expresses interest in online degree programs can be worth up to $250 to an industry with a particularly sleazy reputation."

First time accepted submitter veganboyjosh writes "I got an instant message from an uncle the other day, asking me what was in the link I sent him. I hadn't sent him a link so I figured that his account had been hacked and he'd received a malicious link from some bot address with my name in the 'From' box. This was confirmed when he told me the address the link had come from. When I tried explaining what the link was, that his account had been hacked, and that he should change the password to his @aol.com email account, his response was 'No, I think your account was hacked, since the email came from you.' I went over it again, with a real-life analog of someone calling him on the phone and pretending to be me, but I'm not sure if that sunk in or not. This uncle is far from tech savvy. He's in his 60s, and uses Facebook several times a week. He knows I'm online much more and kind of know my way around. After his initial response, I didn't have it in me to get into the whole 'Never click a link from an unfamiliar email address' bit; to him, this wasn't an unfamiliar email address, it was mine. How do I explain this to him, and what else should I feel responsible for telling him?"

jfruh writes "Over the past couple of years, you may have noticed a rash of often high-quality infographics by third parties appearing on your favorite websites. These images are offered to Web publishers free of charge, with the only request being a link back to the creator's own site. But when one blogger got an odd email from a the creator of infographic he put on his site two years ago, he did some digging and discovered that he had inadvertently helped some shady characters do SEO spamming."

Frequent contributor Bennett Haselton writes: "Hotmail and Yahoo Mail are apparently sharing a secret blacklist of domain names such that any mention of these domains will cause a message to be bounced back to the sender as spam. I found out about this because — surprise! — some of my new proxy site domains ended up on the blacklist. Hotmail and Yahoo are stonewalling, but here's what I've dug up so far — and why you should care." Read on for much more on how Bennett figured out what's going on, and why it's a hard problem to solve.

TCPALaw writes "ccAdvertising, a company purported to have 'a long, long, long history of pumping spam out of every telecommunications orifice, and even boasting of voter suppression' has asked the FCC to declare spam filters illegal. Citing Free Speech rights, the company claims wireless carriers should be prohibited from employing spam filters that might block ccAdvertising's political spam. Without stating it explicitly, the filing implies that network neutrality must apply to spam, so the FCC must therefore prohibit spam filters (unless political spam is whitelisted). In an earlier filing, the company suggests it is proper that recipients 'bear some cost' of unsolicited political speech sent to their cell phones. The public can file comments with the FCC on ccAdvertising's filing online."

Orome1 writes "QR codes are very handy for directing users to specific sites by simply scanning them with their smartphones. But the ease with which this technology works has also made it a favorite of malware peddlers and online crooks, who have taken to including QR codes that lead to malicious sites in spam emails. They have also begun using the same tactic in the physical world, by printing out the malicious QR codes on stickers and affixing them on prominent places in locations where there is a lot of foot traffic. According to Symantec Hosted Services director Warren Sealey, these locations include airports and city centers, where the crooks stick them over genuine QR codes included in advertisements and notices, and most likely anywhere a person might look and be tempted to scan them."

An anonymous reader writes "Dutch hosting provider Antagonist announced their in-house developed technology that automatically detects and fixes vulnerabilities in their customers' websites. The service is aimed at popular software such as WordPress, Drupal and Joomla. 'As soon as a vulnerability is detected, we inform the customer. We also explain how the customer can resolve the issue. In case the customer does not respond to our first notice within the next two weeks, we automatically patch the vulnerability.' Antagonist plans to license the technology to other hosting providers as well."

angry tapir writes "WordPress has said it will accept payment in bitcoins, opening up the blogging platform to payments from users in countries not supported by PayPal or credit card companies. WordPress is free, open-source software, but the company Automattic offers paid-for features such as blog designs, custom domains, hosting partnerships and anti-spam measures."

jfruh writes "Nationwide pizza chain Papa John's is finding itself on the receiving end of a $250 million text spam lawsuit. From the article: 'Seattle law firm Heyrich Kalish McGuigan, representing three Papa John's customers, alleged that the pizza delivery service has sent 500,000 unwanted text messages to customers. If the court finds that Papa John's violated the U.S. Telephone Consumer Protection Act, the pizza maker could have to pay damages of $500 per text message, or US$250 million, one of the largest damage awards under the 1991 law, the law firm said. "Many customers complained to Papa John's that they wanted the text messages to stop, and yet thousands of spam text messages were sent week after week," Donald Heyrich, attorney for the plaintiffs said in a statement. "This should be a wake-up call to advertisers. Consumers do not want spam on their cell phones."'

Nerval's Lobster writes "Hurricane Sandy may have plunged part of New York City into darkness, drowned its basements and subway tunnels in saltwater, and even set part of a neighborhood on fire, but it couldn't stop New Yorkers from standing in line for hours to purchase the iPad Mini. Hundreds of people lined up in front of Apple's Fifth Avenue store for the chance to get their hands on the 7.9-inch device. According to CNET, which was on the scene and running a live-blog ahead of the store's 10 AM EST opening, 'many people in line are not fluent in English and are either Asian immigrants or visitors.' That opening was originally supposed to take place at 8 AM, and likely delayed because of the obvious citywide transportation issues. But for those in New York City who manage to get their sweaty hands on a new iPad Mini, there's an unusual wrinkle in the situation: power is still out below 39th Street in Manhattan, as well as portions of Brooklyn and Queens. (Apple's Fifth Avenue store is well above that power line.) While some private homes and businesses in electrified areas have set out power strips for strangers to charge their phones, it's hard to imagine a crowd of New Yorkers standing idly by while someone spends a significant amount of time charging a new tablet. Fortunately, many of those without power have found refuge with friends and family, if they haven't left the city altogether."

coondoggie writes "Just two weeks after it challenged the public to come up with a better technological way to stop incessant robocalling, the Federal Trade Commission pulled the plug on five mass calling companies it said were allegedly responsible for millions of illegal pre-recorded calls from 'Rachel' and others from 'Cardholder Services.' 'At the FTC, Rachel from Cardholder Services is public enemy number one,' said FTC Chairman Jon Leibowitz at the announcement of the cases."