×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

  • Lavabit Loses Contempt Appeal

    After being forced to turn over encryption keys (being held in contempt of court for several weeks after initially refusing to comply), secure mail provider Lavabit halted all operations last year. With the assistance of the EFF, an appeal was mounted. Today, the appeals court affirmed the district court decision and rejected the appeal. From Techdirt: "The ruling does a decent job explaining the history of the case, which also details some of the (many, many) procedural mistakes that Lavabit made along the way, which made it a lot less likely it would succeed here. ... The procedural oddities effectively preclude the court even bothering with the much bigger and important question of whether or not a basic pen register demand requires a company to give up its private keys. The hail mary attempt in the case was to argue that because the underlying issues are of 'immense public concern' (and they are) that the court should ignore the procedural mistakes. The court flatly rejects that notion: 'exhuming forfeited arguments when they involve matters of “public concern” would present practical difficulties. For one thing, identifying cases of a “public concern” and “non-public concern” –- divorced from any other consideration –- is a tricky task governed by no objective standards..... For another thing, if an issue is of public concern, that concern is likely more reason to avoid deciding it from a less-than-fully litigated record....'"

    128 comments | 4 days ago

  • 52 Million Photos In FBI's Face Recognition Database By Next Year

    Advocatus Diaboli writes "The EFF has been investigating the FBI's Next-Generation Identification (NGI) scheme, an enormous database of biometric information. It's based on the agency's fingerprint database, which already has 100 million records. But according to the documents EFF dug up, the NGI database will include 52 million images of people's faces by 2015. At least 4.3 million images will have been taken outside any sort of criminal context. 'Currently, if you apply for any type of job that requires fingerprinting or a background check, your prints are sent to and stored by the FBI in its civil print database. However, the FBI has never before collected a photograph along with those prints. This is changing with NGI. Now an employer could require you to provide a 'mug shot' photo along with your fingerprints. If that's the case, then the FBI will store both your face print and your fingerprints along with your biographic data.'"

    108 comments | 5 days ago

  • Why No Executive Order To Stop NSA Metadata Collection?

    An anonymous reader links to this editorial at Ars Technica which argues that "As chief executive, Obama has the power to reform the NSA on his own with the stroke of a pen. By not putting this initiative into an executive order, he punted to Congress on an issue that affects the civil liberties of most anybody who picks up a phone. Every day Congress waits on the issue is another day Americans' calling records are being collected by the government without suspicion that any crime was committed. 'He does not need congressional approval for this,' said Mark Jaycoxx, an Electronic Frontier Foundation staff attorney."

    312 comments | about two weeks ago

  • Adam Carolla Joins Fight Against Podcast Patent Troll

    First time accepted submitter tor528 (896250) writes "Patent troll Personal Audio has sued top podcasters including Adam Carolla and HowStuffWorks, claiming that they own the patent for delivery of episodic content over the Internet. Adam Carolla is fighting back and has started a Fund Anything campaign to cover legal fees. From the Fund Anything campaign page: 'If Adam Carolla loses this battle, then every other Podcast will be quickly shut down. Why? Because Patent Trolls like Personal Audio would use a victory over Carolla as leverage to extort money from every other Podcast.. As you probably know, Podcasts are inherently small, owner-operated businesses that do not have the financial resources to fight off this type of an assault. Therefore, Podcasts as we know them today would cease to exist.' James Logan of Personal Audio answered Slashdotters' questions in June 2013. Links to the patent in question can be found on Personal Audio's website. The EFF filed a challenge against Personal Audio's podcasting patent in October 2013."

    126 comments | about a month ago

  • L.A. Police: All Cars In L.A. Are Under Investigation

    An anonymous reader writes with a link to an article by the EFF's Jennifer Lynch, carried by Gizmodo, which reports that the L.A. Police Department and L.A. Sheriff's Department "took a novel approach in the briefs they filed in EFF and the ACLU of Southern California's California Public Records Act lawsuit seeking a week's worth of Automatic License Plate Reader (ALPR) data. They have argued that 'All [license plate] data is investigatory.' The fact that it may never be associated with a specific crime doesn't matter. This argument is completely counter to our criminal justice system, in which we assume law enforcement will not conduct an investigation unless there are some indicia of criminal activity. In fact, the Fourth Amendment was added to the U.S. Constitution exactly to prevent law enforcement from conducting mass, suspicionless investigations under "general warrants" that targeted no specific person or place and never expired.

    ALPR systems operate in just this way. The cameras are not triggered by any suspicion of criminal wrongdoing; instead, they automatically and indiscriminately photograph all license plates (and cars) that come into view. ... Taken to an extreme, the agencies' arguments would allow law enforcement to conduct around-the-clock surveillance on every aspect of our lives and store those records indefinitely on the off-chance they may aid in solving a crime at some previously undetermined date in the future. If the court accepts their arguments, the agencies would then be able to hide all this data from the public."

    405 comments | about a month ago

  • Is Weev Still In Jail Because the Government Doesn't Understand What Hacking Is?

    Daniel_Stuckey writes "Last March, weev, the notorious internet troll who seems to be equally celebrated and reviled, was convicted of accessing a computer without authorization and identity fraud, and sentenced to serve 41 months in prison.'He had to decrypt and decode, and do all of these things I don't even understand,' Assistant US Attorney Glenn Moramarco argued. Here, on a Wednesday morning in Philadelphia, before a packed courtroom, the federal prosecution argued that a hacker should spend three and a half years in prison for committing a crime it couldn't fully comprehend. Previously, Orin Kerr, a law professor at George Washington University and weev's defense attorney, had argued first and foremost that there was no criminal hacking to speak of. According to Kerr, what weev and Daniel Spitler (who pleaded guilty to avoid jail time) had done while working as an outfit called Goatse Security was entirely legal, even though it embarrassed public officials and some of the country's biggest corporations."

    246 comments | about a month ago

  • Russia Blocks Internet Sites of Putin Critics

    An anonymous reader writes in with news about Russias censorship of internet sites critical of President Vladimir Putin. "Russia blocked access to the internet sites of prominent Kremlin foes Alexei Navalny and Garry Kasparov on Thursday under a new law critics say is designed to silence dissent in President Vladimir Putin's third term. The prosecutor general's office ordered Russian internet providers to block Navalny's blog, chess champion and Putin critic Kasparov's internet newspaper and two other sites, grani.ru and ej.ru, state regulator Roskomnadzor said. The move was the latest evidence of what government opponents see as a crackdown on independent media and particularly the internet, a platform for dissenting views in a nation where state channels dominate the airwaves. Ej.ru editor Alexander Ryklin called it 'monstrous' and a 'direct violation of all the principles of freedom of speech,' More at EFF, and in earlier stories at the The Huffington Post, and Deutsche Welle, which notes, 'This year's report by Reporters Without Borders on World Day against Cyber Censorship condemns Russia as one of the "Enemies of the Internet." "Russia has adopted dangerous legislation governing the flow of news and information and freedom of expression online," it concludes.'"

    309 comments | about a month ago

  • US Drops Link Sharing Charges Against Barrett Brown

    In a followup to our story yesterday, Bismillah writes "It seems US prosecutors agree that just publishing a link doesn't amount to transmitting actual files. Brown is not out of the legal woods yet though, and still faces further charges. The EFF released this statement about the decision: 'We are relieved that federal prosecutors have decided to drop these charges against Barrett Brown. In prosecuting Brown, the government sought to criminalize a routine practice of journalism—linking to external sources—which is a textbook violation of free speech protected by the First Amendment. Although this motion is good news for Brown, the unnecessary and unwarranted prosecution has already done much damage; not only has it harmed Brown, the prosecution—and the threat of prosecution it raised for all journalists—has chilled speech on the Internet. We hope that this dismissal of charges indicates a change in the Department of Justice priorities. If not, we will be ready to step in and defend free speech.'"

    40 comments | about a month and a half ago

  • EFF Reports GHCQ and NSA Keeping Tabs On Wikileaks Visitors and Reporters

    sandbagger writes in with a story about U.S. and British government interest and involvement with journalists visiting the Wikileaks website. "The Intercept recently published an article and supporting documents indicating that the NSA and its British counterpart GCHQ surveilled and even sought to have other countries prosecute the investigative journalism website WikiLeaks. GCHQ also surveilled the millions of people who merely read the WikiLeaks website. The article clarifies the lengths that these two spy organizations go to track their targets and confirms, once again, that they do not confine themselves to spying on to those accused of terrorism. One document contains a summary of an internal discussion in which officials from two NSA offices discuss whether to categorize WikiLeaks as a "malicious foreign actor" for surveillance targeting purposes. This would be an important categorization because agents have significantly more authority to engage in surveillance of malicious foreign actors."

    82 comments | about 2 months ago

  • 3 Reasons To Hate Mass Surveillance; 3 Ways To Fight It

    This site's "Your Rights Online" section, sadly, has never suffered for material. The revelations we've seen over the last year-and-change, though, of widespread spying on U.S. citizens, government spying in the E.U. on international conferences, the UK's use of malware against citizens, and the use of modern technology to oppress government protesters in the middle east and elsewhere shows how persistent it is. It's been a banner year on that front, and the banner says "You are being spied on, online and off." A broad coalition of organizations is calling today "The Day We Fight Back" against the growing culture of heads-they-win, tails-you-lose surveillance, but all involved know this is not a one-day struggle. (Read more, below.)

    120 comments | about 2 months ago

  • With HTTPS Everywhere, Is Firefox Now the Most Secure Mobile Browser?

    Peter Eckersley writes "Over at EFF, we just released a version of our HTTPS Everywhere extension for Firefox for Android. HTTPS Everywhere upgrades your insecure web requests to HTTPS on many thousands of sites, and this means that Firefox on Android with HTTPS Everywhere is now by far the most secure browser against dragnet surveillance attacks like those performed by the NSA, GCHQ, and other intelligence agencies. Android users should install the Firefox app and then add HTTPS Everywhere to it. iPhone and iPad users will unfortunately have to switch to Android to get this level of security because Apple has locked Mozilla Firefox out of their platforms."

    279 comments | about 3 months ago

  • Spoiled Onions: Exposing Malicious Tor Exit Relays

    An anonymous reader points out this recently published study (PDF) on detecting malicious (or at least suspicious) Tor exit relays. From their conclusions: "After developing a scanner, we closely monitored all ~1000 exit relays over a period of four months. Wed discovered 25 relays which were either outright malicious or simply misconfigured. Interestingly, the majority of the attacks were coordinated instead of being isolated actions of independent individuals. Our results further suggest that the attackers made an active effort to remain under the radar and delay detection." One of the authors, Philipp Winter, wrote a followup blog post to help clarify what the paper's findings mean for Tor users, including this clarification: "First, it's important to understand that 25 relays in four months isn't a lot. It is ultimately a very small fraction of the Tor network. Also, it doesn't mean that 25 out of 1,000 relays are malicious or misconfigured (we weren't very clear on that in the paper). We have yet to calculate the churn rate of exit relays which is the rate at which relays join and leave the network. 1,000 is really just the approximate number of exit relays at any given point in time. So the actual number of exit relays we ended up testing in four months is certainly higher than that. As a user, that means that you will not see many malicious relays 'in the wild."

    65 comments | about 3 months ago

  • Driver Privacy Act Introduced In US Senate

    greatgreygreengreasy writes "In 2005, then-governor of North Dakota John Hoeven signed into law a bill 'ensuring drivers' ownership of their EDR (Electronic Data Recorder) data.' Now a U.S. senator, Hoeven (R-ND) has teamed up with Amy Klobuchar, D-MN, to introduce similar legislation at the Federal level. 'Under this legislation, EDR data could only be retrieved [for specific reasons].' The EFF has expressed concern in the past over the so-called black boxes and their privacy implications. This legislation, however, would not address the recent revelations by a Ford executive on their access to data, since in those cases, 'The vehicle owner or lessee consents to the data retrieval.' The bill has gained the support of about 20 senators so far."

    69 comments | about 3 months ago

  • UK Govt's Censorware Blocks Tech, Civil Liberties Websites

    A few days ago, we mentioned that the UK's ISP-level censorware software not only does a poor job of its stated job (blocking porn), but blocks at least some sex education sites, too; now, reader badger.foo writes to say that's not all: "It fell to the UK Tories to actually implement the Nanny State. Too bad Nanny Tory does not want kinds to read up on tech web sites such as slashdot.org, or civil liberties ones such as the EFF or Amnesty International. Read on for a small sample of what the filter blocks, from a blocked-by-default tech writer."

    148 comments | about 4 months ago

  • Evad3rs Announce iOS 7 Jailbreak For Latest Apple Devices

    hypnosec writes "Evad3rs, the famous iOS jailbreak team, has announced an iOS 7 jailbreak that will work in all iDevices including iPhone 5S, iPhone 5C and iPad Air running iOS 7.0 through to iOS 7.0.4. The iOS 7 jailbreak was announced without much of a hype, unlike the one for iOS 6. 'Merry Christmas! The iOS 7 jailbreak has been released at http://evasi0n.com/! All donations will go to @publicknowledge, @eff and @ffii,' tweeted evad3rs." Reader FrogBlastTheVentCore adds a note of caution: "They recommend restoring your device to iOS 7.0.4 if it has received OTA updates before attempting to jailbreak."

    110 comments | about 4 months ago

  • Google Cuts Android Privacy Feature, Says Release Was Unintentional

    An anonymous reader writes "Peter Eckersley at the EFF reports that the 'App Ops' privacy feature added to Android in 4.3 has been removed as of 4.4.2. The feature allowed users to easily manage the permission settings for installed apps. Thus, users could enjoy the features of whatever app they liked, while preventing the app from, for example, reporting location data. Eckersley writes, 'When asked for comment, Google told us that the feature had only ever been released by accident — that it was experimental, and that it could break some of the apps policed by it. We are suspicious of this explanation, and do not think that it in any way justifies removing the feature rather than improving it.1 The disappearance of App Ops is alarming news for Android users. The fact that they cannot turn off app permissions is a Stygian hole in the Android security model, and a billion people's data is being sucked through. Embarrassingly, it is also one that Apple managed to fix in iOS years ago.'"

    324 comments | about 4 months ago

  • Supreme Court To Review Software Patents

    New submitter chrylis writes "SCOTUSblog is reporting that the U.S. Supreme Court has accepted an appeal in Alice v. CLS Bank, a case in which the Federal Circuit ruled haphazardly that the particular patents in question were invalid but did not address the issue of software patents generally. 'The case will provide a new test of the Patent Act’s most basic provision — Section 101, which broadly outlines what kinds of inventions are patentable. One of the long-standing exceptions to the types of inventions mentioned in that section is that an abstract idea can never be patented. That issue arises frequently these days, especially with rapidly developing technology in computer software. The EFF wrote a summary of the issues in the case when it was before the Federal Circuit this spring. The case files are also available."

    115 comments | about 4 months ago

  • Patent Troll Bill Clears House With Huge Majority

    snydeq writes "The U.S. House of Representatives has passed the Innovation Act, dealing trolls a severe blow despite opposition from universities looking to protect patents, InfoWorld's Simon Phipps reports. The act cleared the House of Representatives with an overwhelming majority of 325 to 91 despite opposition from the organizations most likely to feed new patents to the trolls. 'So bravo to the Innovation Act. It's far from perfect, as the EFF documents and as I commented before the holiday. But it's a step in the right direction, and the tidal surge of support it's seeing suggests legislators' appetite for proper patent reform is finally growing strong enough for them to contemplate substantial change.'"

    138 comments | about 4 months ago

  • Twitter Implements Forward Secrecy For Connections

    Fnord666 writes with this excerpt from Tech Crunch "Twitter has enabled Perfect Forward Secrecy across its mobile site, website and API feeds in order to protect against future cracking of the service's encryption. The PFS method ensures that, if the encryption key Twitter uses is cracked in the future, all of the past data transported through the network does not become an open book right away. 'If an adversary is currently recording all Twitter users' encrypted traffic, and they later crack or steal Twitter's private keys, they should not be able to use those keys to decrypt the recorded traffic,' says Twitter's Jacob Hoffman-Andrews. 'As the Electronic Frontier Foundation points out, this type of protection is increasingly important on today's Internet.'" Of course, they are also using Elliptic Curve ciphers.

    38 comments | about 5 months ago

  • Time For a Warrant Canary Metatag?

    An anonymous reader writes "With the advent of national security letters and all the NSA issues of late perhaps the web needs to implement a warrant 'warrant canary' metatag. Something like this: <meta name="canary" content="2013-11-17" />. With this it would be possible to build into browsers or browser extensions a means of alerting users when a company has in fact received such a secret warrant. (Similar to the actions taken by Apple recently.) The advantage the metatag approach would have its that it would not require the user to search out a report by the company in question but would show the information upon loading of the page. Once the canary metatag was not found or when the date of the canary grows older than a given date a warning could be raised. Several others have proposed similar approaches including Conor Friedersdorf in The Atlantic and Cory Doctorow's Dead Man's Switch." What problems do you see with this approach?

    332 comments | about 5 months ago

Slashdot Account

Need an Account?

Forgot your password?

Don't worry, we never post anything without your permission.

Submission Text Formatting Tips

We support a small subset of HTML, namely these tags:

  • b
  • i
  • p
  • br
  • a
  • ol
  • ul
  • li
  • dl
  • dt
  • dd
  • em
  • strong
  • tt
  • blockquote
  • div
  • quote
  • ecode

"ecode" can be used for code snippets, for example:

<ecode>    while(1) { do_something(); } </ecode>
Sign up for Slashdot Newsletters
Create a Slashdot Account

Loading...