DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
Security

British Cops Will Scan Every Fan's Face At the Champions League Final (vice.com) 53

Using a new facial recognition surveillance system, British police will scan every fan's face at the UEFA Champions League on June 3rd and compare them to a police database of some 500,000 "persons of interest." "According to a government tender issued by South Wales Police, the system will be deployed during the day of the game in Cardiff's main train station, as well as in and around the Principality Stadium situated in the heart of Cardiff's central retail district." From the report: Cameras will potentially be scanning the faces of an estimated 170,000 visitors plus the many more thousands of people in the vicinity of the bustling Saturday evening city center on match day, June 3. Captured images will then be compared in real time to 500,000 custody images stored in the police information and records management system alerting police to any "persons of interest," according to the tender. The security operation will build on previous police use of Automated Facial Recognition, or AFR technology by London's Metropolitan Police during 2016's Notting Hill Carnival.
Piracy

Pirate Site Blockades Violate Free Speech, Mexico's Supreme Court Rules (torrentfreak.com) 23

New submitter happyfeet2000 quotes a report from TorrentFreak: Broad pirate sites blockades are disproportional, Mexico's Supreme Court of Justice has ruled. The government can't order ISPs to block websites that link to copyright-infringing material because that would also restrict access to legitimate content and violate the public's freedom of expression. The ruling is a win for local ISP Alestra, which successfully protested the government's blocking efforts. Alestra was ordered to block access to the website mymusiic.com by the government's Mexican Institute of Industrial Property (IMPI). The website targeted a Mexican audience and offered music downloads, some of which were shared without permission. "The ISP was not pleased with the order and appealed it in court," reports TorrentFreak. "Among other things, the defense argued that the order was too broad, as it also restricted access to music that might not be infringing." The Supreme Court of Justice of the Nation heard the case and ruled that the government's order is indeed disproportional.
Government

FCC Announces Plan To Reverse Title II Net Neutrality (theverge.com) 123

An anonymous reader quotes a report from The Verge: The Federal Communications Commission is cracking open the net neutrality debate again with a proposal to undo the 2015 rules that implemented net neutrality with Title II classification. FCC chairman Ajit Pai called the rules "heavy handed" and said their implementation was "all about politics." He argued that they hurt investment and said that small internet providers don't have "the means or the margins" to withstand the regulatory onslaught. "Earlier today I shared with my fellow commissioners a proposal to reverse the mistake of Title II and return to the light touch framework that served us so well during the Clinton administration, Bush administration, and first six years of the Obama administration," Pai said today. His proposal will do three things: first, it'll reclassify internet providers as Title I information services; second, it'll prevent the FCC from adapting any net neutrality rules to practices that internet providers haven't thought up yet; and third, it'll open questions about what to do with several key net neutrality rules -- like no blocking or throttling of apps and websites -- that were implemented in 2015. Pai will publish the full text of his proposal tomorrow, and it will be voted on by the FCC on May 18th.
Government

Energy Star Program For Homes And Appliances Is On Trump's Chopping Block (npr.org) 235

Appliance manufacturers and home builders are in Washington, D.C., today to celebrate a popular energy efficiency program, even as it's slated for elimination in President Trump's proposed budget. NPR adds: You probably know the program's little blue label with the star -- the Environmental Protection Agency says 90 percent of U.S. households do. [...] The 25-year-old Energy Star program appears to be targeted simply because it's run by the federal government. It's one of 50 EPA programs that would be axed under Trump's budget plan, which would shrink the agency's funding by more than 30 percent. Critics of Energy Star say the government should get involved in the marketplace only when absolutely necessary. But that argument doesn't hold sway for the program's legions of supporters, which span nonprofits, companies and trade groups.
The Courts

Mylan's Epic EpiPen Price Hike Wasn't About Greed -- It's Worse, Lawsuit Claims (arstechnica.com) 144

Mylan engaged in a campaign to squash a rival to its EpiPen allergy treatment and artificially inflate the price of the drug to maintain a market monopoly, French drugmaker Sanofi said in a lawsuit. From a report: With the lofty prices and near-monopoly over the market, Mylan could dangle deep discounts to drug suppliers -- with the condition that they turn their backs on Sanofi's Auvi-Q -- the lawsuit alleges. Suppliers wouldn't dare ditch EpiPens, the most popular auto-injector. And with the high prices, the rebates wouldn't put a dent in Mylan's hefty profits, Sanofi speculates. Coupled with a smear campaign and other underhanded practices, Mylan effectively pushed Sanofi out of the US epinephrine auto-injector market, Sanofi alleges. The lawsuit, filed Monday in a federal court in New Jersey, seeks damages under US Antitrust laws.
Government

The Cheap Energy Revolution Is Here, and Coal Won't Cut It (bloomberg.com) 369

An anonymous reader shares a report: Wind and solar are about to become unstoppable, natural gas and oil production are approaching their peak, and electric cars and batteries for the grid are waiting to take over. This is the world Donald Trump inherited as U.S. president. And yet his energy plan is to cut regulations to resuscitate the one sector that's never coming back: coal. Clean energy installations broke new records worldwide in 2016, and wind and solar are seeing twice as much funding as fossil fuels, according to new data released Tuesday by Bloomberg New Energy Finance (BNEF). That's largely because prices continue to fall. Solar power, for the first time, is becoming the cheapest form of new electricity in the world. But with Trump's deregulations plans, what "we're going to see is the age of plenty -- on steroids," BNEF founder Michael Liebreich said. "That's good news economically, except there's one fly in the ointment, and that's climate."
Businesses

Amazon Wants To Put a Camera and Microphone in Your Bedroom (vice.com) 183

On Wednesday, Amazon announced the Echo Look, the latest gadget in the company's new Echo-powered hardware lineup. Motherboard explains: The newly announced Echo Look is a virtual assistant with a microphone and a camera that's designed to go somewhere in your bedroom, bathroom, or wherever the hell you get dressed. Amazon is pitching it as an easy way to snap pictures of your outfits to send to your friends when you're not sure if your outfit is cute, but it's also got a built-in app called StyleCheck that is worth some further dissection. [...] "All photos and video captured with your Echo Look are securely stored in the AWS cloud and locally in the Echo Look app until a customer deletes them," a spokesperson for the company said. "You can delete the photos or videos associated with your account anytime in the Echo Look App." Motherboard also asked if Echo Look photos, videos, and the data gleaned from them would be sold to third parties; the company did not address that question.
Databases

Five Years Later, Legal Megaupload Data Is Still Trapped On Dead Servers (arstechnica.com) 79

An anonymous reader quotes a report from Ars Technica: It's been more than five years since the government accused Megaupload and its founder Kim Dotcom of criminal copyright infringement. While Dotcom himself was arrested in New Zealand, U.S. government agents executed search warrants and grabbed a group of more than 1,000 servers owned by Carpathia Hosting. That meant that a lot of users with gigabytes of perfectly legal content lost access to it. Two months after the Dotcom raid and arrest, the Electronic Frontier Foundation filed a motion in court asking to get back data belonging to one of those users, Kyle Goodwin, whom the EFF took on as a client. Years have passed. The U.S. criminal prosecution of Dotcom and other Megaupload executives is on hold while New Zealand continues with years of extradition hearings. Meanwhile, Carpathia's servers were powered down and are kept in storage by QTS Realty Trust, which acquired Carpathia in 2015. Now the EFF has taken the extraordinary step of asking an appeals court to step in and effectively force the hand of the district court judge. Yesterday, Goodwin's lawyers filed a petition for a writ of mandamus (PDF) with the U.S. Court of Appeals for the 4th Circuit, which oversees Virginia federal courts. "We've been asking the court for help since 2012," said EFF attorney Mitch Stolz in a statement about the petition. "It's deeply unfair for him to still be in limbo after all this time."
The Courts

Uber Must Provide Waymo With Data Regarding Its Otto Acquisition, Rules Court (thetechportal.com) 31

An appeals court today has ruled that Anthony Levandowski, the Uber executive accused of taking documents from Google's Waymo, can't use the Fifth Amendment to prevent Uber from turning over documents in the case. "The court has now directed Uber to provide data associated with its Otto acquisition to Waymo," reports The Tech Portal. From the report: Following the case, Levandowski invoked the fifth amendment, so as to prevent any other information which could implicate him from coming to the surface. Meanwhile, Waymo has been claiming that Levandowski and Uber signed an agreement with each other just a few days after the former quit his job at Google. The company has also asked Uber to provide it with a log containing details of the cab aggregator's legal involvement with Levandowski. Levandowski has been opposing the motion, stating that it would violate his fifth amendment. However, a new court ruling has quashed these hopes. With this ruling, Waymo can technically also request Uber for a copy of the due diligence report. The United States Court of Appeals for the Federal Circuit said: "Mr. Levandowski argues that he is entitled to relief under the Fifth Amendment because production of the unredacted privilege log could potentially incriminate him. We are not persuaded that the district court erred in its ruling requiring defendants to produce an unredacted privilege log."
Math

Oregon Fines Man For Writing a Complaint Email Stating 'I Am An Engineer' (vice.com) 664

pogopop77 quotes a report from Motherboard: In September 2014, Mats Jarlstrom, an electronics engineer living in Beaverton, Oregon, sent an email to the state's engineering board. The email claimed that yellow traffic lights don't last long enough, which "puts the public at risk." "I would like to present these facts for your review and comments," he wrote. This email resulted not with a meeting, but with a threat from The Oregon State Board of Examiners for Engineering and Land Surveying [stating]: "ORS 672.020(1) prohibits the practice of engineering in Oregon without registration -- at a minimum, your use of the title 'electronics engineer' and the statement 'I'm an engineer' create violations." In January of this year, Jarlstrom was officially fined $500 by the state for the crime of "practicing engineering without being registered." Since the engineering board in Oregon said Jarlstrom should not be free to publish or present his ideas about the fast-turning yellow traffic lights, due to his "practice of engineering in Oregon without registration," he and the Institute for Justice sued them in federal court for violating his First Amendment rights. "I'm not practicing engineering, I'm just using basic mathematics and physics, Newtonian laws of motion, to make calculations and talk about what I found," he said. Sam Gedge, an attorney for the Institute for Justice, told Motherboard: "Mats has a clear First Amendment right to talk about anything from taxes to traffic lights. It's an instance of a licensing board trying to suppress speech."
Crime

Murdered Woman's Fitbit Nails Cheating Husband (nydailynews.com) 130

BarbaraHudson writes: A murdered woman's Fitbit data shows she was still alive an hour after her husband claims she was murdered and he was tied up, contradicting her husband's description of events. New York Daily News reports: "Richard Dabate, 40, was charged this month with felony murder, tampering with physical evidence and making false statements following his wife Connie's December 2015 death at their home in Ellington, Tolland County. Dabate called 911 reporting that his wife was the victim of a home invasion, alleging that she was shot dead by a 'tall, obese man' with a deep voice like actor Vin Diesel's, sporting 'camouflage and a mask,' according to an arrest warrant. Dabate alleged her death took place more than an hour before her Fitbit-tracked movements revealed."
EU

EU Lawmakers Include Spotify and iTunes In Geoblocking Ban (reuters.com) 65

An anonymous reader quotes a report from Reuters: European Union lawmakers voted on Tuesday to ban online retailers from treating consumers differently depending on where they live and expanded their proposed law to include music streaming services such as Spotify and Apple's iTunes. Ending so-called geoblocking is a priority for the European Commission as it tries to create a single market for digital services across the 28-nation bloc, but many industries argue that they tailor their prices to specific domestic markets. The proposal, which will apply to e-commerce websites such as Amazon, Zalando and eBay, as well as for services provided in a specific location like car rental, forbids online retailers from automatically re-routing customers to their domestic website without their consent. In a blow for the book publishing and music industries, European Parliament members voted to include copyright-protected content such as music, games, software and e-books in the law. That would mean music streaming services such as Spotify and iTunes would not be able to prevent, for example, a French customer buying a cheaper subscription in Croatia, if they have the required rights.
The Courts

Uber Gets Sued Over Alleged 'Hell' Program To Track Lyft Drivers (techcrunch.com) 36

An anonymous reader quotes a report from TechCrunch: Uber has another lawsuit on its hands. This time, it's about Uber's alleged use of a program called "Hell." The plaintiff, Michael Gonzales, drove for Lyft during the time Uber allegedly used the software. He's seeking $5 million in a class action lawsuit. As the story goes, Uber allegedly tracked Lyft drivers using a secret software program internally referred to as "Hell." It allegedly let Uber see how many Lyft drivers were available to give rides, and what their prices were. Hell could allegedly also determine if people were driving for both Uber and Lyft. The lawsuit, filed in the U.S. District Court for the Northern District of California, alleges Uber broadly invaded the privacy of the Lyft drivers, specifically violated the California Invasion of Privacy Act and Federal Wiretap Act and engaged in unfair competition. Uber has not confirmed nor outright denied the claims.
Operating Systems

NSA's DoublePulsar Kernel Exploit a 'Bloodbath' (threatpost.com) 183

msm1267 quotes a report from Threatpost: A little more than two weeks after the latest ShadowBrokers leak of NSA hacking tools, experts are certain that the DoublePulsar post-exploitation Windows kernel attack will have similar staying power to the Conficker bug, and that pen-testers will be finding servers exposed to the flaws patched in MS17-010 for years to come. MS17-010 was released in March and it closes a number of holes in Windows SMB Server exploited by the NSA. Exploits such as EternalBlue, EternalChampion, EternalSynergy and EternalRomance that are part of the Fuzzbunch exploit platform all drop DoublePulsar onto compromised hosts. DoublePulsar is a sophisticated memory-based kernel payload that hooks onto x86 and 64-bit systems and allows an attacker to execute any raw shellcode payload they wish. "This is a full ring0 payload that gives you full control over the system and you can do what you want to it," said Sean Dillon, senior security analyst at RiskSense. Dillon was the first to reverse-engineer a DoublePulsar payload, and published his analysis last Friday. "This is going to be on networks for years to come. The last major vulnerability of this class was MS08-067, and it's still found in a lot of places," Dillon said. "I find it everywhere. This is the most critical Windows patch since that vulnerability." Dan Tentler, founder and CEO of Phobos Group, said internet-net wide scans he's running have found about 3.1 percent of vulnerable machines are already infected (between 62,000 and 65,000 so far), and that percentage is likely to go up as scans continue. "This is easily describable as a bloodbath," Tentler said.
Government

Ontario Launches Universal Basic Income Pilot (www.cbc.ca) 501

Reader epiphani writes: The Ontario Government will pilot universal basic income in a $50M program supporting 4,000 households over a 3 year period. While Slashdot has vigorously debated universal basic income in the past, and even Elon Musk has predicted it's necessity, experts continue to debate and gather data on the approach in the face of increasing automation. Ontario's plan will study three communities over three years, with participants receiving up to $17,000 annually if single, and $24,000 for families.
Government

The EPA Won't Be Shutting Down Its Open Data Website After All (mashable.com) 43

An anonymous reader shares an article: Scientists and data experts are closely tracking the websites of federal agencies, noting changes to pages dealing with climate change and energy since President Donald Trump took office. On Monday, they noticed an alarming message posted to the Environmental Protection Agency's (EPA) open data website, indicating it would shut down on Friday, April 28. [...] By Monday afternoon, visitors to Open Data received a different pop-up notification, which clarifies that data on the site will still be available come Friday.
Security

Wall Street IT Engineer Hacks Employer To See If He'll Be Fired (bleepingcomputer.com) 196

An anonymous reader writes: A Wall Street engineer was arrested for planting credentials-logging malware on his company's servers. According to an FBI affidavit, the engineer used these credentials to log into fellow employees' accounts. The engineer claims he did so only because he heard rumors of an acquisition and wanted to make sure he wouldn't be let go. In reality, the employee did look at archived email inboxes, but he also stole encryption keys needed to access the protected source code of his employer's trading platform and trading algorithms.

Using his access to the company's Unix network (which he gained after a promotion last year), the employee then rerouted traffic through backup servers in order to avoid the company's traffic monitoring solution and steal the company's source code. The employee was caught after he kept intruding and disconnecting another employee's RDP session. The employee understood someone hacked his account and logged the attacker's unique identifier. Showing his total lack of understanding for how technology, logging and legal investigations work, the employee admitted via email to a fellow employee that he installed malware on the servers and hacked other employees.

Government

CIA, FBI Launch Manhunt For WikiLeaks Source (cbsnews.com) 199

An anonymous reader quotes CBS: CBS News has learned that a manhunt is underway for a traitor inside the Central Intelligence Agency. The CIA and FBI are conducting a joint investigation into one of the worst security breaches in CIA history, which exposed thousands of top-secret documents that described CIA tools used to penetrate smartphones, smart televisions and computer systems. Sources familiar with the investigation say it is looking for an insider -- either a CIA employee or contractor -- who had physical access to the material... Much of the material was classified and stored in a highly secure section of the intelligence agency, but sources say hundreds of people would have had access to the material. Investigators are going through those names.
Homeland security expert Michael Greenberger told one CBS station that "My best guest is that when this is all said and done we're going to find out that this was done by a contractor, not by an employee of the CIA."
Biotech

Can Parents Sue If Their Kid Is Born With the 'Wrong' DNA? (gizmodo.com) 266

Long-time reader randomErr quotes Gizmodo: It's a nightmare scenario straight out of a primetime drama: a child-seeking couple visits a fertility clinic to try their luck with in-vitro fertilization, only to wind up accidentally impregnated by the wrong sperm. In a fascinating legal case out of Singapore, the country's Supreme Court ruled that this situation doesn't just constitute medical malpractice. The fertility clinic, the court recently ruled, must pay the parents 30% of upkeep costs for the child for a loss of 'genetic affinity.' In other words, the clinic must pay the parents' child support not only because they made a terrible medical mistake, but because the child didn't wind up with the right genes...

"It's suggesting that the child itself has something wrong with it, genetically, and that it has monetary value attached to it," Todd Kuiken, a senior research scholar with the Genetic Engineering and Society Center at North Carolina State University, told Gizmodo. "They attached damages to the genetic makeup of the child, rather than the mistake. That's the part that makes it uncomfortable. This can take you in all sort of fucked up directions."

Government

WikiLeaks Releases New CIA Secret: Tapping Microphones On Some Samsung TVs (fossbytes.com) 100

FossBytes reports: The whistleblower website Wikileaks has published another set of hacking tools belonging to the American intelligence agency CIA. The latest revelation includes a user guide for CIA's "Weeping Angel" tool... derived from another tool called "Extending" which belongs to UK's intelligence agency MI5/BTSS, according to Wikileaks. Extending takes control of Samsung F Series Smart TV. The highly detailed user guide describes it as an implant "designed to record audio from the built-in microphone and egress or store the data."

According to the user guide, the malware can be deployed on a TV via a USB stick after configuring it on a Linux system. It is possible to transfer the recorded audio files through the USB stick or by setting up a WiFi hotspot near the TV. Also, a Live Liston Tool, running on a Windows OS, can be used to listen to audio exfiltration in real-time. Wikileaks mentioned that the two agencies, CIA and MI5/BTSS made collaborative efforts to create Weeping Angel during their Joint Development Workshops.

Slashdot Top Deals