Trump Promises Copyright Crackdown As DoJ Takes Aim At Streaming Pirates (torrentfreak.com) 107

An anonymous reader quotes a report from TorrentFreak: Yesterday, a panel discussion on the challenges associated with piracy from streaming media boxes took place on Capitol Hill. Hosted by the Information Technology and Innovation Foundation (ITIF), "Unboxing the Piracy Threat of Streaming Media Boxes" (video) went ahead with some big name speakers in attendance, not least Neil Fried, Senior Vice President, Federal Advocacy and Regulatory Affairs at the MPAA. ITIF and various industry groups tweeted many interesting comments throughout the event. Kevin Madigan from Center for the Protection of Intellectual Property told the panel that torrent-based content "is becoming obsolete" in an on-demand digital environment that's switching to streaming-based piracy. "There's a criminal enterprise going on here that's stealing content and making a profit," Fried told those in attendance. "The piracy activity out there is bad, it's hurting a lot of economic activity & creators aren't being compensated for their work," he added.

And then, of course, we come to President Trump. Not usually that vocal on matters of intellectual property and piracy, yesterday -- perhaps coincidentally, perhaps not -- he suddenly delivered one of his "something is coming" tweets. "The U.S. is acting swiftly on Intellectual Property theft," Trump tweeted. "We cannot allow this to happen as it has for many years!" Given Trump's tendency to focus on problems overseas causing issues for companies back home, a comment by Kevin Madigan during the panel yesterday immediately comes to mind. "To combat piracy abroad, USTR needs to work with the creative industries to improve enforcement and target the source of pirated material," Madigan said.


Elon Musk Sides With Trump On Trade With China, Citing 25 Percent Import Duty On American Cars (cnbc.com) 331

Elon Musk believes China isn't playing fair in the car trade with the U.S. since it puts a 25 percent import duty on American cars, while the U.S. only does 2.5 percent for Chinese cars. "I am against import duties in general, but the current rules make things very difficult," Musk tweeted. "It's like competing in an Olympic race wearing lead shoes." CNBC reports: Tesla's Elon Musk is complaining to President Donald Trump about China's car tariffs. "Do you think the US & China should have equal & fair rules for cars? Meaning, same import duties, ownership constraints & other factors," Musk said on Twitter in response to a Trump tweet about trade with China. He added that no American car company is "allowed to own even 50% of their own factory" in the Asian country, but China's auto firms can own their companies in the U.S. Trump responded to Musk's tweets later at his steel and aluminum tariff press conference Thursday. "We are going to be doing a reciprocal tax program at some point, so that if China is going to charge us 25% or if India is going to charge us 75% and we charge them nothing ... We're going to be at those same numbers. It's called reciprocal, a mirror tax," Trump said after reading Musk's earlier tweets out loud.

Scientists Prove That Truth is No Match For Fiction on Twitter (theguardian.com) 194

Researchers find fake news reaches users up to 20 times faster than factual content -- and real users are more likely to spread it than bots. From a report: "Falsehood flies, and the truth comes limping after it," wrote Jonathan Swift in 1710. Now a group of scientists say they have found evidence Swift was right -- at least when it comes to Twitter. In the paper, published in the journal Science, three MIT researchers describe an analysis of a vast amount of Twitter data: more than 125,000 stories, tweeted more than 4.5 million times in total, all categorised as being true or false by at least one of six independent fact-checking organisations. The findings make for unhappy reading. "Falsehood diffused significantly farther, faster, deeper and more broadly than the truth in all categories of information," they write, "and the effects were more pronounced for false political news than for false news about terrorism, natural disasters, science, urban legends or financial information."

How much further? "Whereas the truth rarely diffused to more than 1,000 people, the top 1% of false-news cascades routinely diffused to between 1,000 and 100,000 people," they write. In other words, true facts don't get retweeted, while too-good-to-be-true claims are viral gold. How much faster? "It took the truth about six times as long as falsehood to reach 1,500 people, and 20 times as long as falsehood to reach a cascade depth of 10" -- meaning that it was retweeted 10 times sequentially (so, for example, B reads A's feed and retweets a tweet, and C then reads B's feed and retweets the same tweet, all the way to J).


Amazon Admits Its AI Alexa is Creepily Laughing at People (theverge.com) 170

Over the past few days, users with Alexa-enabled devices have reported hearing strange, unprompted laughter. The Verge: Amazon responded to the creepiness in a statement to The Verge, saying, "We're aware of this and working to fix it." As noted in media reports and a trending Twitter moment, Alexa laughs without being prompted to wake. People on Twitter and Reddit reported that they thought it was an actual person laughing near them, which can be scary when you're home alone. Many responded to the cackling sounds by unplugging their Alexa-enabled devices.

Microsoft Confirms Windows 10 'S Mode' (bleepingcomputer.com) 90

An anonymous reader shares a report: Microsoft head honcho Joe Belfiore confirmed today that Windows 10 S won't be a separate Windows version anymore and that Microsoft will ship an "S Mode" with Windows 10 starting 2019. "Next year 10S will be a "mode" of existing versions, not a distinct version," Belfiore said today on Twitter.

Coinbase Announces Cryptocurrency-Focused Index Fund (marketwatch.com) 26

In an interview with CNBC on its "Fast Money" segment, Coinbase's President and COO Asiff Hirji said the digital-currency platform would launch a cryptocurrency-focused index fund. Details are scarce but Hirji said it will be intended to give retail investors broad exposure to virtual currencies, and would be targeted to accredited investors on Day 1. He also said the index fund would be market-cap weighted.

UPDATE: Coinbase has since issued a blog post detailing the announcement. They are also introducing Coinbase Index, which "is a measure of the financial performance of all assets listed on GDAX, weighted by their market capitalization."

Researcher Admits Study That Claimed Uber Drivers Earn $3.37 An Hour Was Not Correct (fortune.com) 101

Last week, an MIT study using data from more than 1,100 Uber and Lyft drivers concluded they're earning a median pretax profit of just $3.37 per hour. Uber was less than pleased by their findings and used a blog post to highlight problems with the researchers' methodology. "Now the lead researcher behind the draft paper has admitted that Uber's criticism was actually pretty valid -- while also asking Uber and Lyft to make more data available, in order to improve his analysis," reports Fortune. From the report: The issue with the draft paper from MIT's Center for Energy and Environmental Policy Research (CEEPR), Uber's chief economist Jonathan Hall said, was this: The researchers asked drivers how much money they made on average each week from such services, but then asked "How much of your total monthly income comes from driving" -- without specifying that such income must relate to on-demand services. Of course, many people driving for Uber and Lyft also earn money from regular jobs and other income sources. And this, Hall alleged, skewed the researchers' results.

"Hall's specific criticism is valid," wrote Stephen Zoepf, the executive director of Stanford's Center for Automotive Research, who led the MIT study, on Monday. "In re-reading the wording of the two questions, I can see how respondents could have interpreted the two questions in the manner Hall describes." Zoepf said he would be updating the CEEPR paper, but in the meantime he recalculated the figures using a methodology suggested by Hall, and found that the median profit was $8.55 per hour, rather than $3.37, and only 8% of drivers lose money on on-demand platforms. Using another methodology, he added, the median rises to $10 per hour and only 4% of drivers lose money.


Uber Challenges Study Suggesting Its Drivers Earn $3.37 Per Hour (reuters.com) 271

An MIT study using data from more than 1,100 Uber and Lyft drivers concluded they're earning a median pretax profit of just $3.37 per hour. But now Reuters reports: Uber Chief Executive Dara Khosrowshahi criticized the MIT study in a tweet on Friday as "Mathematically Incompetent Theories (at least as it pertains to ride-sharing)," and linked to a response by Uber chief economist Jonathan Hall that challenged the study's methodology. Hall's rebuttal to the study said the likely misinterpretation of a survey question and the study's "inconsistent logic" produced a wage result that was below similar studies elsewhere. He said the study used a "flawed methodology" compared with a survey that found drivers' average hour earnings were $15.68. "The earnings figures suggested in the paper are less than half the hourly earnings numbers reported in the very survey the paper derives its data from," wrote Hall.

The MIT study's lead author, Stephen Zoepf, told Reuters in an email on Saturday, "I can see how the question on revenue might have been interpreted differently by respondents" and called Hall's rebuttal thoughtful. "I'm re-running the analysis this weekend using Uber's more optimistic assumptions and should have new results and a public response acknowledging the discrepancy by Monday," he wrote.

Saturday Uber's CEO tweeted a thank-you to MIT, "for listening and revisiting this study and its findings. Right thing to do."

23,000 HTTPS Certs Axed After CEO Emails Private Keys (arstechnica.com) 72

An anonymous reader quotes Ars Technica: A major dust-up on an Internet discussion forum is touching off troubling questions about the security of some browser-trusted HTTPS certificates when it revealed the CEO of a certificate reseller emailed a partner the sensitive private keys for 23,000 TLS certificates. The email was sent on Tuesday by the CEO of Trustico, a UK-based reseller of TLS certificates issued by the browser-trusted certificate authorities Comodo and, until recently, Symantec...

In communications earlier this month, Trustico notified DigiCert that 50,000 Symantec-issued certificates Trustico had resold should be mass revoked because of security concerns. When Jeremy Rowley, an executive vice president at DigiCert, asked for proof the certificates were compromised, the Trustico CEO emailed the private keys of 23,000 certificates, according to an account posted to a Mozilla security policy forum. The report produced a collective gasp among many security practitioners who said it demonstrated a shockingly cavalier treatment of the digital certificates that form one of the most basic foundations of website security... In a statement, Trustico officials said the keys were recovered from "cold storage," a term that typically refers to offline storage systems. "Trustico allows customers to generate a Certificate Signing Request and Private Key during the ordering process," the statement read. "These Private Keys are stored in cold storage, for the purpose of revocation."

"There's no indication the email was encrypted," reports Ars Technica, and the next day DigiCert sent emails to Trustico's 23,000+ customers warning that their certificates were being revoked, according to Bleeping Computer.

In a related development, Thursday Trustico's web site went offline, "shortly after a website security expert disclosed a critical vulnerability on Twitter that appeared to make it possible for outsiders to run malicious code on Trustico servers."
The Courts

Playboy Drops Its Copyright Case Against Boing Boing (eff.org) 18

An anonymous reader quotes the EFF: Playboy Entertainment has given up on its lawsuit against Happy Mutants, LLC, the company behind Boing Boing. Earlier this month, a federal court dismissed Playboy's claims but gave Playboy permission to try again with a new complaint, if it could dig up some new facts. The deadline for filing that new complaint passed this week, and today Playboy released a statement suggesting that it is standing down...

It's hard to understand why Playboy brought this case in the first place, turning its legal firepower on a small news and commentary website that hadn't uploaded or hosted any infringing content. We're also a little perplexed as to why Playboy seems so unhappy that the Boing Boing post is still up when the links they complain about have been dead for almost two years.


EU Warns Tech Giants To Remove Terror Content in 1 Hour -- or Else (bloomberg.com) 153

The European Union issued internet giants an ultimatum to remove illegal online terrorist content within an hour, or risk facing new EU-wide laws. From a report: The European Commission on Thursday issued a set of recommendations for companies and EU nations that apply to all forms of illegal internet material, "from terrorist content, incitement to hatred and violence, child sexual abuse material, counterfeit products and copyright infringement. Considering that terrorist content is most harmful in the first hours of its appearance online, all companies should remove such content within one hour from its referral as a general rule.â The commission last year called upon social media companies, including Facebook, Twitter and Google owner Alphabet, to develop a common set of tools to detect, block and remove terrorist propaganda and hate speech. Thursday's recommendations aim to "further step up" the work already done by governments and push firms to "redouble their efforts to take illegal content off the web more quickly and efficiently."

Twitter Asks For Help Fixing Its Toxicity Problem (engadget.com) 155

Engadget: Twitter has come under a lot of fire in recent years for issues ranging from not doing enough to stop harassment on its platform to allowing foreign actors to sow political discord. In the past, the company has tweaked its tools, giving individuals more options when it comes to controlling what they're exposed to online, as well as updated its guidelines a handful of times. But today, Twitter announced it's trying out another route -- asking people outside of the company to propose ways that it can promote healthy, open and civil conversations online. Twitter CEO Jack Dorsey tweeted today that the company isn't proud of how some have taken advantage of its service, specifically calling out troll armies, misinformation campaigns and bots. And he added that Twitter has been accused of apathy, censorship and political bias as it has attempted to fix its problems.

YouTube's New Moderators Mistakenly Pull Right-Wing Channels (bloomberg.com) 277

In December, said it would assign more than 10,000 people to moderate content in an attempt to curb its child exploitation problem. Today, Bloomberg reports that those new moderators mistakenly removed several videos and some channels from right-wing, pro-gun video producers and outlets in the midst of a nationwide debate on gun control. From the report: Some YouTube channels recently complained about their accounts being pulled entirely. On Wednesday, the Outline highlighted accounts, including Titus Frost, that were banned from the video site. Frost tweeted on Wednesday that a survivor of the shooting, David Hogg, is an actor. Jerome Corsi of right-wing conspiracy website Infowars said on Tuesday that YouTube had taken down one of his videos and disabled his live stream. Shutting entire channels would have marked a sweeping policy change for YouTube, which typically only removes channels in extreme circumstances and focuses most disciplinary action on specific videos. But YouTube said some content was taken down by mistake. The site didn't address specific cases and it's unclear if it meant to take action on the accounts of Frost and Corsi. "As we work to hire rapidly and ramp up our policy enforcement teams throughout 2018, newer members may misapply some of our policies resulting in mistaken removals," a YouTube spokeswoman wrote in an email. "We're continuing to enforce our existing policies regarding harmful and dangerous content, they have not changed. We'll reinstate any videos that were removed in error."

Net Neutrality Repeal Will Get a Senate Vote In the Spring, Democrats Say (arstechnica.com) 127

Congressional Democrats today introduced legislation that would prevent the repeal of net neutrality rules, but they still need more support from Republicans in order to pass the measure. According to Sen. Ed Markey (D-Mass.), they will force a vote on the Senate version of the resolution sometime this spring. Ars Technica reports: Democrats have been promising to introduce a Congressional Review Act (CRA) resolution ever since the Federal Communications Commission voted to repeal its net neutrality rules in December. But lawmakers had to wait for the FCC's repeal order to be published in the Federal Register, which only happened last week. The CRA resolution would nullify the FCC's repeal order, allowing net neutrality rules that were passed in 2015 to remain in place. The resolution has public support from 50 out of 100 senators (all Democrats, all Independents, and one Republican), putting it one vote shy of passage in the Senate.

"The grassroots movement to reinstate net neutrality is growing by the day, and we will get that one more vote needed to pass my CRA resolution," Markey said. "I urge my Republican colleagues to join the overwhelming majority of Americans who support a free and open Internet. The Internet is for all -- the students, teachers, innovators, hard-working families, small businesses, and activists, not just Verizon, Charter, AT&T, and Comcast and corporate interests."


Signal, WhatsApp Co-Founder Launch 'Open Source Privacy Technology' Nonprofit (thenextweb.com) 45

An anonymous reader quotes The Next Web:One of the first messaging services to offer end-to-end encryption for truly private conversations, Signal has largely been developed by a team that's never grown larger than three full-time developers over the years it's been around. Now, it's getting a shot in the arm from the co-founder of a rival app. Brian Acton, who built WhatsApp with Jan Koum into a $19 billion business and sold it to Facebook, is pouring $50 million into an initiative to support the ongoing development of Signal. Having left WhatsApp last fall, he's now free to explore projects whose ideals he agrees with, and that includes creating truly private online services.
"Starting with an initial $50,000,000 in funding, we can now increase the size of our team, our capacity, and our ambitions," wrote Signal founder Moxie Marlinspike (a former Twitter executive).

Acton will now also serve as the executive chairman of the newly-formed Signal Foundation, which according to its web site will "develop open source privacy technology that protects free expression and enables secure global communication."

Facebook's Mandatory Anti-Malware Scan Is Invasive and Lacks Transparency (wired.com) 56

Louise Matsakis, writing for Wired: The internet is full of Facebook users frustrated with how the company handles malware threats. For nearly four years, people have complained about Facebook's anti-malware scan on forums, Twitter, Reddit, and on personal blogs. The problems appear to have gotten worse recently. While the service used to be optional, Facebook now requires it if it flags your device for malware. And according to screenshots reviewed by WIRED from people recently prompted to run the scan, Facebook also no longer allows every user to select what type of device they're on. The malware scans likely only impact a relatively small population of Facebook's billions of users, some of whose computers may genuinely be infected. But even a fraction of Facebook's users still potentially means millions of impacted people.

The mandatory scan has caused widespread confusion and frustration; WIRED spoke to people who had been locked out of their accounts by the scan, or simply baffled by it, on four different continents. The mandatory malware scan has downsides beyond losing account access. Facebook users also frequently report that the feature is poorly designed, and inconsistently implemented. In some cases, if a different user logs onto Facebook from the same device, they sometimes won't be greeted with the malware message. Similarly, if the "infected" user simply switches browsers, the message also appears to occasionally go away.


The Los Angeles Times Website Is Unintentionally Serving a Cryptocurrency Mining Script (itwire.com) 58

troublemaker_23 shares a report from iTWire: The Los Angeles Times website is serving a cryptocurrency mining script which appears to have been placed there by malicious attackers, according to a well-known security expert. British infosec researcher Kevin Beaumont, who has warned that Amazon AWS servers could be held to ransom due to lax security, tweeted that the newspaper's site was serving a script created by Coinhive. The Coinhive script mines for the monero cryptocurrency. The S3 bucket used by the LA Times is apparently world-writable and an ethical hacker appears to have left a warning in the repository, warning of possible misuse and asking the owner to secure the bucket.

23 Attorneys General Refile Challenge To FCC Net Neutrality Repeal (engadget.com) 41

An anonymous reader quotes a report from Reuters: A coalition of 22 state attorneys general and the District of Columbia on Thursday refiled legal challenges intended to block the Trump administration's repeal of landmark rules designed to ensure a free and open internet from taking effect. The Federal Communications Commission officially published its order overturning the net neutrality rules in the Federal Register on Thursday, a procedural step that allows for the filing of legal challenges. The states, along with web browser developer Mozilla and video-sharing website Vimeo, had filed petitions preserving their right to sue in January, but agreed to withdraw them last Friday and wait for the FCC's publication. The attorneys general argue that the FCC cannot make "arbitrary and capricious" changes to existing policies and that it misinterpreted and disregarded "critical record evidence on industry practices and harm to consumers and businesses." The White House Office of Management and Budget still must sign off on some aspects of the FCC reversal before it takes legal effect. That could take months.

President Trump: 'We Have To Do Something' About Violent Video Games, Movies (arstechnica.com) 866

An anonymous reader quotes a report from Ars Technica: In a White House meeting held with lawmakers on the theme of school safety, President Donald Trump offered both a direct and vague call to action against violence in media by calling out video games and movies. "We have to do something about what [kids are] seeing and how they're seeing it," Trump said during the meeting. "And also video games. I'm hearing more and more people say the level of violence on video games is shaping more and more people's thoughts." Trump followed this statement by referencing "movies [that] come out that are so violent with the killing and everything else." He made a suggestion for keeping children from watching violent films: "Maybe they have to put a rating system for that." The MPAA's ratings board began adding specific disclaimers about sexual, drug, and violent content in all rated films in the year 2000, which can be found in small text in every MPAA rating box.

Twitter Updates Developer Rules in the Wake of Bot Crackdown (mashable.com) 67

Twitter is getting serious about its bot problem. From a report: Hours after a massive bot purge that prompted the #TwitterLockOut hashtag to trend, the company is announcing new rules for developers meant to prevent bots from using third-party apps to spread spam. According to the new rules, developers that use Twitter's API will no longer be able to let users: Simultaneously post identical or substantially similar content to multiple accounts. Simultaneously perform actions such as Likes, Retweets, or follows from multiple accounts Use of any form of automation (including scheduling) to post identical or substantially similar content, or to perform actions such as Likes or Retweets, across many accounts that have authorized your app (whether or not you created or directly control those accounts) is not permitted.

Slashdot Top Deals