DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Also, Slashdot's Facebook page has a chat bot now. Message it for stories and more. Check out the new SourceForge HTML5 Internet speed test! ×
The Courts

Uber Must Provide Waymo With Data Regarding Its Otto Acquisition, Rules Court (thetechportal.com) 5

An appeals court today has ruled that Anthony Levandowski, the Uber executive accused of taking documents from Google's Waymo, can't use the Fifth Amendment to prevent Uber from turning over documents in the case. "The court has now directed Uber to provide data associated with its Otto acquisition to Waymo," reports The Tech Portal. From the report: Following the case, Levandowski invoked the fifth amendment, so as to prevent any other information which could implicate him from coming to the surface. Meanwhile, Waymo has been claiming that Levandowski and Uber signed an agreement with each other just a few days after the former quit his job at Google. The company has also asked Uber to provide it with a log containing details of the cab aggregator's legal involvement with Levandowski. Levandowski has been opposing the motion, stating that it would violate his fifth amendment. However, a new court ruling has quashed these hopes. With this ruling, Waymo can technically also request Uber for a copy of the due diligence report. The United States Court of Appeals for the Federal Circuit said: "Mr. Levandowski argues that he is entitled to relief under the Fifth Amendment because production of the unredacted privilege log could potentially incriminate him. We are not persuaded that the district court erred in its ruling requiring defendants to produce an unredacted privilege log."
Math

Oregon Fines Man For Writing a Complaint Email Stating 'I Am An Engineer' (vice.com) 303

pogopop77 quotes a report from Motherboard: In September 2014, Mats Jarlstrom, an electronics engineer living in Beaverton, Oregon, sent an email to the state's engineering board. The email claimed that yellow traffic lights don't last long enough, which "puts the public at risk." "I would like to present these facts for your review and comments," he wrote. This email resulted not with a meeting, but with a threat from The Oregon State Board of Examiners for Engineering and Land Surveying [stating]: "ORS 672.020(1) prohibits the practice of engineering in Oregon without registration -- at a minimum, your use of the title 'electronics engineer' and the statement 'I'm an engineer' create violations." In January of this year, Jarlstrom was officially fined $500 by the state for the crime of "practicing engineering without being registered." Since the engineering board in Oregon said Jarlstrom should not be free to publish or present his ideas about the fast-turning yellow traffic lights, due to his "practice of engineering in Oregon without registration," he and the Institute for Justice sued them in federal court for violating his First Amendment rights. "I'm not practicing engineering, I'm just using basic mathematics and physics, Newtonian laws of motion, to make calculations and talk about what I found," he said. Sam Gedge, an attorney for the Institute for Justice, told Motherboard: "Mats has a clear First Amendment right to talk about anything from taxes to traffic lights. It's an instance of a licensing board trying to suppress speech."
Crime

Murdered Woman's Fitbit Nails Cheating Husband (nydailynews.com) 65

BarbaraHudson writes: A murdered woman's Fitbit data shows she was still alive an hour after her husband claims she was murdered and he was tied up, contradicting her husband's description of events. New York Daily News reports: "Richard Dabate, 40, was charged this month with felony murder, tampering with physical evidence and making false statements following his wife Connie's December 2015 death at their home in Ellington, Tolland County. Dabate called 911 reporting that his wife was the victim of a home invasion, alleging that she was shot dead by a 'tall, obese man' with a deep voice like actor Vin Diesel's, sporting 'camouflage and a mask,' according to an arrest warrant. Dabate alleged her death took place more than an hour before her Fitbit-tracked movements revealed."
EU

EU Lawmakers Include Spotify and iTunes In Geoblocking Ban (reuters.com) 44

An anonymous reader quotes a report from Reuters: European Union lawmakers voted on Tuesday to ban online retailers from treating consumers differently depending on where they live and expanded their proposed law to include music streaming services such as Spotify and Apple's iTunes. Ending so-called geoblocking is a priority for the European Commission as it tries to create a single market for digital services across the 28-nation bloc, but many industries argue that they tailor their prices to specific domestic markets. The proposal, which will apply to e-commerce websites such as Amazon, Zalando and eBay, as well as for services provided in a specific location like car rental, forbids online retailers from automatically re-routing customers to their domestic website without their consent. In a blow for the book publishing and music industries, European Parliament members voted to include copyright-protected content such as music, games, software and e-books in the law. That would mean music streaming services such as Spotify and iTunes would not be able to prevent, for example, a French customer buying a cheaper subscription in Croatia, if they have the required rights.
The Courts

Uber Gets Sued Over Alleged 'Hell' Program To Track Lyft Drivers (techcrunch.com) 33

An anonymous reader quotes a report from TechCrunch: Uber has another lawsuit on its hands. This time, it's about Uber's alleged use of a program called "Hell." The plaintiff, Michael Gonzales, drove for Lyft during the time Uber allegedly used the software. He's seeking $5 million in a class action lawsuit. As the story goes, Uber allegedly tracked Lyft drivers using a secret software program internally referred to as "Hell." It allegedly let Uber see how many Lyft drivers were available to give rides, and what their prices were. Hell could allegedly also determine if people were driving for both Uber and Lyft. The lawsuit, filed in the U.S. District Court for the Northern District of California, alleges Uber broadly invaded the privacy of the Lyft drivers, specifically violated the California Invasion of Privacy Act and Federal Wiretap Act and engaged in unfair competition. Uber has not confirmed nor outright denied the claims.
Operating Systems

NSA's DoublePulsar Kernel Exploit a 'Bloodbath' (threatpost.com) 170

msm1267 quotes a report from Threatpost: A little more than two weeks after the latest ShadowBrokers leak of NSA hacking tools, experts are certain that the DoublePulsar post-exploitation Windows kernel attack will have similar staying power to the Conficker bug, and that pen-testers will be finding servers exposed to the flaws patched in MS17-010 for years to come. MS17-010 was released in March and it closes a number of holes in Windows SMB Server exploited by the NSA. Exploits such as EternalBlue, EternalChampion, EternalSynergy and EternalRomance that are part of the Fuzzbunch exploit platform all drop DoublePulsar onto compromised hosts. DoublePulsar is a sophisticated memory-based kernel payload that hooks onto x86 and 64-bit systems and allows an attacker to execute any raw shellcode payload they wish. "This is a full ring0 payload that gives you full control over the system and you can do what you want to it," said Sean Dillon, senior security analyst at RiskSense. Dillon was the first to reverse-engineer a DoublePulsar payload, and published his analysis last Friday. "This is going to be on networks for years to come. The last major vulnerability of this class was MS08-067, and it's still found in a lot of places," Dillon said. "I find it everywhere. This is the most critical Windows patch since that vulnerability." Dan Tentler, founder and CEO of Phobos Group, said internet-net wide scans he's running have found about 3.1 percent of vulnerable machines are already infected (between 62,000 and 65,000 so far), and that percentage is likely to go up as scans continue. "This is easily describable as a bloodbath," Tentler said.
Government

Ontario Launches Universal Basic Income Pilot (www.cbc.ca) 488

Reader epiphani writes: The Ontario Government will pilot universal basic income in a $50M program supporting 4,000 households over a 3 year period. While Slashdot has vigorously debated universal basic income in the past, and even Elon Musk has predicted it's necessity, experts continue to debate and gather data on the approach in the face of increasing automation. Ontario's plan will study three communities over three years, with participants receiving up to $17,000 annually if single, and $24,000 for families.
Government

The EPA Won't Be Shutting Down Its Open Data Website After All (mashable.com) 43

An anonymous reader shares an article: Scientists and data experts are closely tracking the websites of federal agencies, noting changes to pages dealing with climate change and energy since President Donald Trump took office. On Monday, they noticed an alarming message posted to the Environmental Protection Agency's (EPA) open data website, indicating it would shut down on Friday, April 28. [...] By Monday afternoon, visitors to Open Data received a different pop-up notification, which clarifies that data on the site will still be available come Friday.
Security

Wall Street IT Engineer Hacks Employer To See If He'll Be Fired (bleepingcomputer.com) 195

An anonymous reader writes: A Wall Street engineer was arrested for planting credentials-logging malware on his company's servers. According to an FBI affidavit, the engineer used these credentials to log into fellow employees' accounts. The engineer claims he did so only because he heard rumors of an acquisition and wanted to make sure he wouldn't be let go. In reality, the employee did look at archived email inboxes, but he also stole encryption keys needed to access the protected source code of his employer's trading platform and trading algorithms.

Using his access to the company's Unix network (which he gained after a promotion last year), the employee then rerouted traffic through backup servers in order to avoid the company's traffic monitoring solution and steal the company's source code. The employee was caught after he kept intruding and disconnecting another employee's RDP session. The employee understood someone hacked his account and logged the attacker's unique identifier. Showing his total lack of understanding for how technology, logging and legal investigations work, the employee admitted via email to a fellow employee that he installed malware on the servers and hacked other employees.

Government

CIA, FBI Launch Manhunt For WikiLeaks Source (cbsnews.com) 198

An anonymous reader quotes CBS: CBS News has learned that a manhunt is underway for a traitor inside the Central Intelligence Agency. The CIA and FBI are conducting a joint investigation into one of the worst security breaches in CIA history, which exposed thousands of top-secret documents that described CIA tools used to penetrate smartphones, smart televisions and computer systems. Sources familiar with the investigation say it is looking for an insider -- either a CIA employee or contractor -- who had physical access to the material... Much of the material was classified and stored in a highly secure section of the intelligence agency, but sources say hundreds of people would have had access to the material. Investigators are going through those names.
Homeland security expert Michael Greenberger told one CBS station that "My best guest is that when this is all said and done we're going to find out that this was done by a contractor, not by an employee of the CIA."
Biotech

Can Parents Sue If Their Kid Is Born With the 'Wrong' DNA? (gizmodo.com) 266

Long-time reader randomErr quotes Gizmodo: It's a nightmare scenario straight out of a primetime drama: a child-seeking couple visits a fertility clinic to try their luck with in-vitro fertilization, only to wind up accidentally impregnated by the wrong sperm. In a fascinating legal case out of Singapore, the country's Supreme Court ruled that this situation doesn't just constitute medical malpractice. The fertility clinic, the court recently ruled, must pay the parents 30% of upkeep costs for the child for a loss of 'genetic affinity.' In other words, the clinic must pay the parents' child support not only because they made a terrible medical mistake, but because the child didn't wind up with the right genes...

"It's suggesting that the child itself has something wrong with it, genetically, and that it has monetary value attached to it," Todd Kuiken, a senior research scholar with the Genetic Engineering and Society Center at North Carolina State University, told Gizmodo. "They attached damages to the genetic makeup of the child, rather than the mistake. That's the part that makes it uncomfortable. This can take you in all sort of fucked up directions."

Government

WikiLeaks Releases New CIA Secret: Tapping Microphones On Some Samsung TVs (fossbytes.com) 100

FossBytes reports: The whistleblower website Wikileaks has published another set of hacking tools belonging to the American intelligence agency CIA. The latest revelation includes a user guide for CIA's "Weeping Angel" tool... derived from another tool called "Extending" which belongs to UK's intelligence agency MI5/BTSS, according to Wikileaks. Extending takes control of Samsung F Series Smart TV. The highly detailed user guide describes it as an implant "designed to record audio from the built-in microphone and egress or store the data."

According to the user guide, the malware can be deployed on a TV via a USB stick after configuring it on a Linux system. It is possible to transfer the recorded audio files through the USB stick or by setting up a WiFi hotspot near the TV. Also, a Live Liston Tool, running on a Windows OS, can be used to listen to audio exfiltration in real-time. Wikileaks mentioned that the two agencies, CIA and MI5/BTSS made collaborative efforts to create Weeping Angel during their Joint Development Workshops.

Education

EFF Says Google Chromebooks Are Still Spying On Students (softpedia.com) 84

schwit1 quotes a report from Softpedia: In the past two years since a formal complaint was made against Google, not much has changed in the way they handle this. Google still hasn't shed its "bad guy" clothes when it comes to the data it collects on underage students. In fact, the Electronic Frontier Foundation says the company continues to massively collect and store information on children without their consent or their parents'. Not even school administrators fully understand the extent of this operation, the EFF says. According to the latest status report from the EFF, Google is still up to no good, trying to eliminate students privacy without their parents notice or consent and "without a real choice to opt out." This, they say, is done via the Chromebooks Google is selling to schools across the United States.
Botnet

Developer of BrickerBot Malware Claims He Destroyed Over Two Million Devices (bleepingcomputer.com) 88

An anonymous reader writes: In an interview today, the author of BrickerBot, a malware that bricks IoT and networking devices, claimed he destroyed over 2 million devices, but he never intended to do so in the first place. His intentions were to fight the rising number of IoT botnets that were used to launch DDoS attacks last year, such as Gafgyt and Mirai. He says he created BrickerBot with 84 routines that try to secure devices so they can't be taken over by Mirai and other malware. Nevertheless, he realized that some devices are so badly designed that he could never protect them. He says that for these, he created a "Plan B," which meant deleting the device's storage, effectively bricking the device. His identity was revealed after a reporter received an anonymous tip about a HackForum users claiming he was destroying IoT devices since last November, just after BrickerBot appeared. When contacted, BrickerBot's author revealed that the malware is a personal project which he calls "Internet Chemotherapy" and he's "the doctor" who will kill all the cancerous unsecured IoT devices.
Crime

DOJ: Russian 'Superhacker' Gets 27 Years In Prison (thedailybeast.com) 50

According to the Justice Department, a 32-year-old Russian "superhacker" has been sentenced to 27 years in prison for stealing and selling millions of credit-card numbers, causing more than $169 million worth of damages to business and financial institutions. The Daily Beast reports: Roman Valeryevich Seleznev, 32, aka Track2, son of a prominent Russian lawmaker, was convicted last year on 38 counts of computer intrusion and credit-card fraud. "This investigation, conviction and sentence demonstrates that the United States will bring the full force of the American justice system upon cybercriminals like Seleznev who victimize U.S. citizens and companies from afar," said Acting Assistant Attorney General Kenneth Blanco said in a statement. "And we will not tolerate the existence of safe havens for these crimes -- we will identify cybercriminals from the dark corners of the Internet and bring them to justice."
Biotech

Theranos Used Shell Company To Secretly Buy Outside Lab Equipment, Says Report (arstechnica.com) 42

An anonymous reader quotes a report from Ars Technica: On Friday, the Wall Street Journal reported that the company "allegedly misled company directors" regarding its lab tests and used a shell company to buy commercial lab gear. These are just a few of the new revelations made by the Journal, which also include fake demonstrations for potential investors. The new information came from unsealed depositions by 22 former Theranos employees or members of its board of directors. They were deposed by Partner Fund Management LP, a hedge fund currently suing Theranos in Delaware state court. Theranos is also facing multiple lawsuits in federal court in California and Arizona, among others. The Journal, which did not publish the new filings, quoted former Theranos director Admiral Gary Roughead (Ret.), as saying that he was not aware that the company was using "extensive commercial analyzers" until it was reported in the press. The Journal described the filings as "some of the first substantive details to emerge from several court proceedings against the company, though they include only short excerpts from the depositions."
Microsoft

Microsoft Improves Gmail Experience For Windows 10 Insiders, But There Are Privacy Concerns (betanews.com) 70

Reader BrianFagioli writes: Today, Microsoft announced a new Gmail experience for Windows 10. While only available for Windows Insiders as of today, it uses the same concept as the Outlook mobile app, but for the Mail and Calendar apps. Microsoft will provide you with an arguably improved experience as long as you are OK with storing all of your Gmail messages in Microsoft's cloud. What types of features will the new experience offer? Things such as tracking packages, getting updated on your favorite sports teams, and a focused inbox. "To power these new features, we'll ask your permission to sync a copy of your email, calendar and contacts to the Microsoft Cloud. This will allow new features to light up, and changes to update back and forth with Gmail -- such as creation, edit or deletion of emails, calendar events and contacts. But your experience in Gmail.com or apps from Google will not change in any way."
Microsoft

LinkedIn Apologizes For Trying To Connect Everyone In Real Life (vocativ.com) 71

LinkedIn has apologized for a vague new update that told some iPhone users its app would begin sharing their data with nearby users without further explanation. From a report: The update prompted outrage on Twitter after cybersecurity expert Rik Ferguson received a strange alert when he opened the resume app to read a new message: "LinkedIn would like to make data available to nearby Bluetooth devices even when you're not using the app." That gave Ferguson, vice president of research at the cybersecurity firm Trend Micro, a handful of concerns, he told Vocativ. Among them: "the lack of specificity, which data, when, under what conditions, to which devices, why does it need to happen when I'm not using the app, what are the benefits to me, where is the feature announcement and explanation, why wasn't it listed in the app update details." Reached for comment, LinkedIn said it's a mistake -- that some iPhone users were accidentally subject to undeveloped test feature the company is still working on.
Movies

Court Rules Fan Subtitles On TV and Movies Are Illegal (thenextweb.com) 137

A court has just ruled that making fan subtitles or translations is not protected by the law. From a report: A Dutch group called the Free Subtitles Foundation took anti-piracy group BREIN to court over "fansubbing." BREIN has previously been active in taking fan subtitles and translations offline, and the Foundation was hoping a Dutch court would come down on the side of fair use. The court didn't quite see it that way. It ruled that making subtitles without permission from the property owners amounted to copyright infringement. BREIN wasn't unsympathetic, but said it couldn't allow fansubbers to continue doing what they're doing.
Crime

US Prepares Charges To Seek Arrest of WikiLeaks' Julian Assange (cnn.com) 369

An anonymous reader quotes a report from CNN: U.S. authorities have prepared charges to seek the arrest of WikiLeaks founder Julian Assange, U.S. officials familiar with the matter tell CNN. The Justice Department investigation of Assange and WikiLeaks dates to at least 2010, when the site first gained wide attention for posting thousands of files stolen by the former U.S. Army intelligence analyst now known as Chelsea Manning. Prosecutors have struggled with whether the First Amendment precluded the prosecution of Assange, but now believe they have found a way to move forward. During President Barack Obama's administration, Attorney General Eric Holder and officials at the Justice Department determined it would be difficult to bring charges against Assange because WikiLeaks wasn't alone in publishing documents stolen by Manning. Several newspapers, including The New York Times, did as well. The investigation continued, but any possible charges were put on hold, according to U.S. officials involved in the process then.
The U.S. view of WikiLeaks and Assange began to change after investigators found what they believe was proof that WikiLeaks played an active role in helping Edward Snowden, a former NSA analyst, disclose a massive cache of classified documents.
Attorney General Jeff Sessions said at a news conference Thursday that Assange's arrest is a "priority." "We are going to step up our effort and already are stepping up our efforts on all leaks," he said. "This is a matter that's gone beyond anything I'm aware of. We have professionals that have been in the security business of the United States for many years that are shocked by the number of leaks and some of them are quite serious. So yes, it is a priority. We've already begun to step up our efforts and whenever a case can be made, we will seek to put some people in jail." Meanwhile, Assange's lawyer said they have "had no communication with the Department of Justice."

Slashdot Top Deals