Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Judge Rejects Settlement In Facebook Sponsored Stories Case

samzenpus posted more than 2 years ago | from the no-deal dept.

Facebook 47

angry tapir writes "A U.S. District Court judge has rejected a proposed settlement in a lawsuit that alleges Facebook violated users' rights by using their names and recommendations of advertisers to be publicized through a Sponsored Stories program. The lawsuit, which seeks class-action status, was filed in the Northern District of California by five Facebook members on behalf of as many as 100 million users of the social networking site."

cancel ×

47 comments

Sorry! There are no comments related to the filter you selected.

Why is it legal at all? (4, Interesting)

ka9dgx (72702) | more than 2 years ago | (#41053397)

Why should Facebook get to use my picture to promote things I've never heard of? They get to display ads, isn't that enough?

Re:Why is it legal at all? (3, Insightful)

gr8_phk (621180) | more than 2 years ago | (#41053411)

Why should Facebook get to use my picture to promote things I've never heard of? They get to display ads, isn't that enough?

Hence the lawsuit.

Re:Why is it legal at all? (-1)

Anonymous Coward | more than 2 years ago | (#41053513)

Like asking "why should poor people who already cannot afford their own lives start having children they know they can't afford?"

I have no idea. It makes zero sense. But they do it anyway. Maybe they hate children and want them to suffer in poverty?

Re:Why is it legal at all? (1)

andydread (758754) | more than 2 years ago | (#41054273)

Like asking "why should poor people who already cannot afford their own lives start having children they know they can't afford?" I have no idea. It makes zero sense. But they do it anyway. Maybe they hate children and want them to suffer in poverty?

yep hope you don't ever have kids. If you do hope none of them have sex until they are married. If the do then the answer is right in your back yard. Think!

Re:Why is it legal at all? (2)

Teun (17872) | more than 2 years ago | (#41054563)

Why should in this day and age having sex result in getting children?

I mean like here last year there were on every 1000 teenagers 5 that had a baby, in the USofA it's 64 or so.
Because I'm pretty sure our teenagers have the same sex drive as in other 1st. world countries this has a lot to do with education.
Have you instructed your kids on the subject?

Re:Why is it legal at all? (0)

ColdWetDog (752185) | more than 2 years ago | (#41054695)

Why should in this day and age having sex result in getting children?

I mean like here last year there were on every 1000 teenagers 5 that had a baby, in the USofA it's 64 or so.

Because I'm pretty sure our teenagers have the same sex drive as in other 1st. world countries this has a lot to do with education.

Have you instructed your kids on the subject?

Blasphemer. Philistine.

I bet you live in a country that has "Social Democracy" emblazoned somewhere. We here in America trust in God**.

We really do.

** Which may explain our teenage pregnancy rate, poor health statistics, increasing financial disparities and the fact that we can pound the everloving crap out of everyone else on the planet without breaking a sweat (as long as they don't stoop to IEDs and Kalashnikovs).

Re:Why is it legal at all? (1)

Teun (17872) | more than 2 years ago | (#41056077)

Who's the blasphemer, I live in a Constitutional Monarchy, don't you insult the Queen!

Re:Why is it legal at all? (5, Interesting)

lookatmyhorse (2566527) | more than 2 years ago | (#41053445)

once you upload the photo, doesn't it become FB property?

Re:Why is it legal at all? (0)

Anonymous Coward | more than 2 years ago | (#41053477)

I do believe that's what this lawsuit is determining.

Our picture is just a license (1)

Cutting_Crew (708624) | more than 2 years ago | (#41055443)

just like software companies are trying to say that we don't OWN anything that we buy from them and therefore first sale doctrine doesn't apply, we too should have the right to only offer up pictures to facebook as a LICENSE - something that facebook doesn't own.. and if they want to use our picture to sell to someone else we should get royalties.

Re:Why is it legal at all? (5, Funny)

Anonymous Coward | more than 2 years ago | (#41053507)

Then change your photo to a can of coke, but keep liking and posting stories about pepsi. Once the marketing droids at pepsi keep seeing a can of coke sponsoring their product, they'll soon stop doing it. Of course substitute mcdonalds/ford/verizon or whatever evil corp has a similar competitor you choose, and you might have to get more creative with the photos too (turds for microsoft phones for example - oh, wait...), but you get the idea.

Re:Why is it legal at all? (0)

Anonymous Coward | more than 2 years ago | (#41055531)

Wasn't that the premise of one of their commercials? An employee of coca-cola who was caught buying a pepsi? A can of coke recommending a Pepsi product sounds like a great marketing strategy.

Re:Why is it legal at all? (1)

vux984 (928602) | more than 2 years ago | (#41056059)

Wasn't that the premise of one of their commercials? An employee of coca-cola who was caught buying a pepsi? A can of coke recommending a Pepsi product sounds like a great marketing strategy.

That's pretty much been Pepsi's marketing premise for over 20 years now. Its either... "Hey look a Celebrity is drinking pepsi" or "Hey look, a Coke employee is drinking pepsi".

Coke commercials have been far more imaginative and entertaining over the years, and have never once mentioned pepsi.

You can tell which brand is the leader and which is the wannabe. :p

Re:Why is it legal at all? (1)

mug funky (910186) | more than 2 years ago | (#41065161)

if my friends and family can handle it, i might change my pic to goatse.

but then, what i say has little clout :(

Re:Why is it legal at all? (4, Interesting)

realityimpaired (1668397) | more than 2 years ago | (#41053535)

Facebook operates in different jurisdictions, however... and in some of those jurisdicitons, you can't give away copyright like that. In other areas (some of which overlap the first group), they can't use your image or your name without your permission.

The US has some seriously fucked up laws, when it comes to privacy, and I'm glad that the judge is calling them to task on it. Sadly, I'm not certain that the lawsuit will be as successful as it would be if it were filed in Canada, Germany, or any of the other areas where this kind of thing is *really* illegal.

Re:Why is it legal at all? (1)

mwvdlee (775178) | more than 2 years ago | (#41053959)

I don't know about US law, but in Dutch law there are certain inalienable with regards to portrait photographs. I.e. rights that cannot be transferred in any legal way, not even by release to public domain. One of these is that a portrait photograph cannot be used outside it's intended purpose withour explicit consent of both the photographer and the photographed person. In practice this means most advertisers can use pictures without problem as long as they don't claim the photographed individual endorses their product. It also means that your local neo-nazi party cannot use your public domain portrait in their advertising unless you give them explicit permission.

Re:Why is it legal at all? (1)

icebraining (1313345) | more than 2 years ago | (#41054245)

No. Also, property is often not enough, here in Europe we have image rights, which are independent of copyright.

Re:Why is it legal at all? (1)

Calydor (739835) | more than 2 years ago | (#41054675)

Which becomes a very big issue when you upload a photo you do not hold copyright for in the first place.

Re:Why is it legal at all? (1)

gmhowell (26755) | more than 2 years ago | (#41063143)

once you upload the photo, doesn't it become FB property?

I haven't checked in quite a while, but I don't think so. What they do get in exchange for you being allowed to post a photo, is the non-exclusive and universal publishing rights to the photo. They can use your photo for damn near anything they want. The only they can't do is give or sell the rights to someone else.

Re:Why is it legal at all? (2, Insightful)

Anonymous Coward | more than 2 years ago | (#41053465)

Because you agreed to it in exchange for the valuable consideration of access to their services.

Although they really should have sent you a dollar, because at the rate the stock is falling, you won't really be able to call that "valuable consideration" much longer.

Re:Why is it legal at all? (4, Interesting)

vlm (69642) | more than 2 years ago | (#41053995)

Because you agreed to it in exchange for the valuable consideration of access to their services.

The phrase usually used is "sufficient consideration" which is a whole nother kettle of fish.

Here's a typical Canadian release form:

http://www.capic.org/download_pdfs/Form-en-2--Model-Agreement.pdf [capic.org]

From talking to photographers its a widespread belief that you need to pay a Canadian model "a hundred dollars" more or less, otherwise historically judges have voided contracts for $1 or whatever. Pr0n is more expensive, I'm just talking about random glamour shots for marketing purposes, etc.

isn't that enough? (2)

Errol backfiring (1280012) | more than 2 years ago | (#41053571)

Off course that is not enough. It's facebook. All your data are belong to them.

A better question... (0)

Anonymous Coward | more than 2 years ago | (#41053923)

Why did you give your picture to Facebook?

Re:Why is it legal at all? (1)

Baloroth (2370816) | more than 2 years ago | (#41053939)

Obviously, what they are doing wasn't legal, not in the way they were doing it. Facebook wouldn't have proposed a ~$20 million settlement deal if they thought what they were doing was legal.

Re:Why is it legal at all? (2, Insightful)

Anonymous Coward | more than 2 years ago | (#41054125)

Why should Facebook get to use my picture to promote things I've never heard of?

Because you agreed that it was alright for them to do.

I don't know why you'd agree to something like that. It seems foolish to me, but you get to make your own choices.

Re:Why is it legal at all? (1)

dontmakemethink (1186169) | more than 2 years ago | (#41055293)

The bigger question is how people still see ads at all. Is their ad blocker malfunctioning?

Re:Why is it legal at all? (2)

IAmGarethAdams (990037) | more than 2 years ago | (#41058689)

If you've never heard of something, why did you say you Like it on Facebook?

How much good will is worth (5, Insightful)

Anonymous Coward | more than 2 years ago | (#41053483)

So, let me get this straight... with Facebook, we are the product since they have no tangible property other than what we feed it. The proposed class-action involves an estimated 10 x10^7 people. To make everyone happy, Facebook proposes that they pay $10 x 10^6 to third-party organizations that promote privacy. Not only are they not compensating the people, they are paying roughly a dime a head to a third party organization that has no bearing on Facebooks policies and practices.

Us:"I don't like they way you're treating my data and my posted stories of my life"
Facebook:"Would it make you feel better if I gave this guy you've never met 10 cents?"

Re:How much good will is worth (1)

DerekLyons (302214) | more than 2 years ago | (#41054607)

That's essentially what Google has been trying to do with books... so it should be OK for Facebook to do it.

Re:How much good will is worth (2, Insightful)

Anonymous Coward | more than 2 years ago | (#41055187)

The difference is that what Google's trying to do is beneficial to society - create a giant collection of knowledge, free. Many groups have hailed it as an essential step in accessibility of previously unavailable texts.

Facebook is selling your face as ads.

Re:How much good will is worth (1)

flimflammer (956759) | more than 2 years ago | (#41058297)

This is exactly the reason why I think class actions are for the most part scams. Unless you're one of the named plaintiffs who initiated the class action or their lawyer, those involved will rarely ever see something out of it. I remember getting an email over some class action related to Netflix regarding privacy issues. The proposed settlement by the 3-4 named plaintiffs was some $30k for them, their lawyer was $2 million or more, and some amount I don't recall for a charity. No one else got anything at all. They even made it difficult to opt out because by default everyone is opted in for some stupid reason. I had to scour the webpage they created for it, and it was buried real deep that I had to send a written request to some PO box or something.

Class actions are hardly even an effective punishment most times, because the end amount, added all up, is usually just a slap on the wrist.

Reason for rejection (5, Informative)

Samantha Wright (1324923) | more than 2 years ago | (#41053499)

TFS doesn't mention any details at all, so here's what the proposed settlement is (agreed to, I think, by both sides):

The judge feels that Facebook's 100 million affected users may not be getting adequate compensation from this arrangement—and is pondering whether it's even possible to provide so many people with compensation.

Re:Reason for rejection (5, Funny)

Impy the Impiuos Imp (442658) | more than 2 years ago | (#41053595)

It's not about privacy. This isn't like Facebook lied about a product which was killing people. It's smarmy lawyers seeing a company making a mistake and getting erections at the fabulous wealth it will bring them by using a system built by lawyers for lawyers to enrich themselves acting as the functional equivalent of parasites on a host body.

Re:Reason for rejection (2)

Samantha Wright (1324923) | more than 2 years ago | (#41053629)

And I think that's why the judge is raising such a fuss. It's like Facebook is withholding a feature update, pending a $20 million dollar payout to various friends (and enemies?) in the legal industry. Kinda hard to ignore!

Re:Reason for rejection (4, Interesting)

Trepidity (597) | more than 2 years ago | (#41053751)

While that's generally true, in the U.S. it's also really the only way to actually enforce a wide range of things. The European approach is to make it hard to bring class-action suits, and instead to regulate businesses' conduct directly. So for example there is an EU directive on data privacy, and there are national regulators who will go after violations.

The American approach instead is to use the adversarial court system as the primary means of regulation. If there were a suspected auto defect, for example, a European government would investigate it, and then based on the results of their investigation would issue orders to fix the problem (if real) and/or fines. In the American system, instead, it is up to people who allege they have been harmed to bring a lawsuit and prove their case in court.

Re:Reason for rejection (2)

DerekLyons (302214) | more than 2 years ago | (#41054655)

The American approach instead is to use the adversarial court system as the primary means of regulation. If there were a suspected auto defect, for example, a European government would investigate it, and then based on the results of their investigation would issue orders to fix the problem (if real) and/or fines. In the American system, instead, it is up to people who allege they have been harmed to bring a lawsuit and prove their case in court.

You should have picked a better example - because product recalls due to lawsuits are pretty rare. Generally, they're either voluntary (by the manufacturer), suggested (without a lawsuit) by a third party (such as a consumer watchdog group), or imposed by the regulatory agencies you claim don't exist.

Re:Reason for rejection (0)

Anonymous Coward | more than 2 years ago | (#41059695)

And in practice, the main difference is that in the EU, fines (like the fines against Microsoft) go into the public coffers, where they indirectly alleviate the tax burden on everyone, while in the US, they go into the coffers of law firms that bring class action lawsuits. While it's not the worst system you could have, it's a hefty price to pay to essentially get private law firms to do the job of the public's prosecutor.

Re:Reason for rejection (1)

Anonymous Coward | more than 2 years ago | (#41053677)

I noticed this practice a few years ago, when I had an active facebook account. I noticed that Facebook said "Hey, your friends used ____ app, you should too!" and given the friends that it showed, it seemed highly unlikely that those particular friends would have used this particular app; so I took a screenshot and inquired with those individuals -- they said they had NOT in fact, used that app.

This really makes me mad, and I think it's wrong and it's one of the many reasons I LEFT facebook -- however I don't know how to put a dollar value on personal damages here. I mean -- I'm ok, as a person. It wasn't directly injurious to me (other than that it probably told other people I used some app -- which would have been a lie), but I feel like Facebook should at least be facing punitive damages for engaging in this dishonest practice, and given their size, it would need to be a substantial sum in order for it to be felt at all. While I would love to see some of that $$$ in my pocket, I don't think I can rightfully claim it, and would be ok with the money being given to privacy orgs, the EFF, etc.

Re:Reason for rejection (1)

turkeyfeathers (843622) | more than 2 years ago | (#41053961)

The judge feels that Facebook's 100 million affected users may not be getting adequate compensation from this arrangement—and is pondering whether it's even possible to provide so many people with compensation.

Of course it is... shut down Facebook. I'd consider that a fair deal.

But That's Usually How It Works (1)

Greyfox (87712) | more than 2 years ago | (#41054345)

Why is the judge worried about user compensation? The way a class action usually works (We all know it, sing along!) is the lawyers get 300 million dollars and the users get a $10 gift certificate to Hot Topic.

Re:But That's Usually How It Works (1)

Samantha Wright (1324923) | more than 2 years ago | (#41054471)

Once in a while, a judge comes along who either hasn't been informed of how such things work, or hasn't been cut into the deal and happens to not like the lawyers who stand to profit from the arrangement. I imagine the usual tactic goes something like "but think of the children!" followed by the suit mysteriously being dropped... possibly to be refiled elsewhere.

Lawyers should be sanctioned (5, Interesting)

crow (16139) | more than 2 years ago | (#41053611)

Clearly, this is a case where the lawyers are out to get their fees, with no regard for their clients' interests. The judge should make it clear that if the lawyers propose or accept a settlement that is not clearly within their clients' interests, then legal fees will not be included.

Either Face the Book or Face the Corner! (-1)

Anonymous Coward | more than 2 years ago | (#41053731)

Nobody Seems To Notice and Nobody Seems To Care - Government & Stealth Malware

In Response To Slashdot Article: Former Pentagon Analyst: China Has Backdoors To 80% of Telecoms 87

How many rootkits does the US[2] use officially or unofficially?

How much of the free but proprietary software in the US spies on you?

Which software would that be?

Visit any of the top freeware sites in the US, count the number of thousands or millions of downloads of free but proprietary software, much of it works, again on a proprietary Operating System, with files stored or in transit.

How many free but proprietary programs have you downloaded and scanned entire hard drives, flash drives, and other media? Do you realize you are giving these types of proprietary programs complete access to all of your computer's files on the basis of faith alone?

If you are an atheist, the comparison is that you believe in code you cannot see to detect and contain malware on the basis of faith! So you do believe in something invisible to you, don't you?

I'm now going to touch on a subject most anti-malware, commercial or free, developers will DELETE on most of their forums or mailing lists:

APT malware infecting and remaining in BIOS, on PCI and AGP devices, in firmware, your router (many routers are forced to place backdoors in their firmware for their government) your NIC, and many other devices.

Where are the commercial or free anti-malware organizations and individual's products which hash and compare in the cloud and scan for malware for these vectors? If you post on mailing lists or forums of most anti-malware organizations about this threat, one of the following actions will apply: your post will be deleted and/or moved to a hard to find or 'deleted/junk posts' forum section, someone or a team of individuals will mock you in various forms 'tin foil hat', 'conspiracy nut', and my favorite, 'where is the proof of these infections?' One only needs to search Google for these threats and they will open your malware world view to a much larger arena of malware on devices not scanned/supported by the scanners from these freeware sites. This point assumed you're using the proprietary Microsoft Windows OS. Now, let's move on to Linux.

The rootkit scanners for Linux are few and poor. If you're lucky, you'll know how to use chkrootkit (but you can use strings and other tools for analysis) and show the strings of binaries on your installation, but the results are dependent on your capability of deciphering the output and performing further analysis with various tools or in an environment such as Remnux Linux. None of these free scanners scan the earlier mentioned areas of your PC, either! Nor do they detect many of the hundreds of trojans and rootkits easily available on popular websites and the dark/deep web.

Compromised defenders of Linux will look down their nose at you (unless they are into reverse engineering malware/bad binaries, Google for this and Linux and begin a valuable education!) and respond with a similar tone, if they don't call you a noob or point to verifying/downloading packages in a signed repo/original/secure source or checking hashes, they will jump to conspiracy type labels, ignore you, lock and/or shuffle the thread, or otherwise lead you astray from learning how to examine bad binaries. The world of Linux is funny in this way, and I've been a part of it for many years. The majority of Linux users, like the Windows users, will go out of their way to lead you and say anything other than pointing you to information readily available on detailed binary file analysis.

Don't let them get you down, the information is plenty and out there, some from some well known publishers of Linux/Unix books. Search, learn, and share the information on detecting and picking through bad binaries. But this still will not touch the void of the APT malware described above which will survive any wipe of r/w media. I'm convinced, on both *nix and Windows, these pieces of APT malware are government in origin. Maybe not from the US, but most of the 'curious' malware I've come across in poisoned binaries, were written by someone with a good knowledge in English, some, I found, functioned similar to the now well known Flame malware. From my experience, either many forum/mailing list mods and malware developers/defenders are 'on the take', compromised themselves, and/or working for a government entity.

Search enough, and you'll arrive at some lone individuals who cry out their system is compromised and nothing in their attempts can shake it of some 'strange infection'. These posts receive the same behavior as I said above, but often they are lone posts which receive no answer at all, AT ALL! While other posts are quickly and kindly replied to and the 'strange infection' posts are left to age and end up in a lost pile of old threads.

If you're persistent, the usual challenge is to, "prove it or STFU" and if the thread is not attacked or locked/shuffled and you're lucky to reference some actual data, they will usually attack or ridicule you and further drive the discussion away from actual proof of APT infections.

The market is ripe for an ambitious company or individual to begin demanding companies and organizations who release firmware and design hardware to release signed and hashed packages and pour this information into the cloud, so everyone's BIOS is checked, all firmware on routers, NICs, and other devices are checked, and malware identified and knowledge reported and shared openly.

But even this will do nothing to stop backdoored firmware (often on commercial routers and other networked devices of real importance for government use - which again opens the possibility of hackers discovering these backdoors) people continue to use instead of refusing to buy hardware with proprietary firmware/software.

Many people will say, "the only safe computer is the one disconnected from any network, wireless, wired, LAN, internet, intranet" but I have seen and you can search yourself for and read about satellite, RF, temperature, TEMPEST (is it illegal in your part of the world to SHIELD your system against some of these APT attacks, especially TEMPEST? And no, it's not simply a CRT issue), power line and many other attacks which can and do strike computers which have no active network connection, some which have never had any network connection. Some individuals have complained they receive APT attacks throughout their disconnected systems and they are ridiculed and labeled as a nutter. The information exists, some people have gone so far as to scream from the rooftops online about it, but they are nutters who must have some serious problems and this technology with our systems could not be possible.

I believe most modern computer hardware is more powerful than many of us imagine, and a lot of these systems swept from above via satellite and other attacks. Some exploits take advantage of packet radio and some of your proprietary hardware. Some exploits piggyback and unless you really know what you're doing, and even then... you won't notice it.

Back to the Windows users, a lot of them will dismiss any strange activity to, "that's just Windows!" and ignore it or format again and again only to see the same APT infected activity continue. Using older versions of sysinternals, I've observed very bizarre behavior on a few non networked systems, a mysterious chat program running which doesn't exist on the system, all communication methods monitored (bluetooth, your hard/software modems, and more), disk mirroring software running[1], scans running on different but specific file types, command line versions of popular Windows freeware installed on the system rather than the use of the graphical component, and more.

[1] In one anonymous post on pastebin, claiming to be from an intel org, it blasted the group Anonymous, with a bunch of threats and information, including that their systems are all mirrored in some remote location anyway.

[2] Or other government, US used in this case due to the article source and speculation vs. China. This is not to defend China, which is one messed up hell hole on several levels and we all need to push for human rights and freedom for China's people. For other, freer countries, however, the concentration camps exist but you wouldn't notice them, they originate from media, mostly your TV, and you don't even know it. As George Carlin railed about "Our Owners", "nobody seems to notice and nobody seems to care".

[3] http://www.stallman.org/ [stallman.org]

Try this yourself on a wide variety of internet forums and mailing lists, push for malware scanners to scan more than files, but firmware/BIOS. See what happens, I can guarantee it won't be pleasant, especially with APT cases.

So scan away, or blissfully ignore it, but we need more people like RMS[3] in the world. Such individuals tend to be eccentric but their words ring true and clear about electronics and freedom.

I believe we're mostly pwned, whether we would like to admit it or not, blind and pwned, yet fiercely holding to misinformation, often due to lack of self discovery and education, and "nobody seems to notice and nobody seems to care".

##

Schneier has covered it before: power line fluctuations (differences on the wire in keys pressed).

There's thermal attacks against cpus and temp, also:

ENF (google it)

A treat (ENF Collector in Java):

sourceforge dot net fwdslash projects fwdslash nfienfcollector

No single antimalware scanner exists which offers the ability to scan (mostly proprietary) firmware on AGP/PCI devices (sound cards, graphics cards, usb novelty devices excluding thumb drives), BIOS/CMOS.

If you boot into ultimate boot cd you can use an archane text interface to dump BIOS/CMOS and examine/checksum.

The real attacks which survive disk formats and wipes target your PCI devices and any firmware which may be altered/overwritten with something special. It is not enough to scan your hard drive(s) and thumb drives, the real dangers with teeth infect your hardware devices.

When is the last time you:

Audited your sound card for malware?
Audited your graphics card for malware?
Audited your network card for malware?

Google for:

* AGP and PCI rootkit(s)
* Network card rootkit(s)
* BIOS/CMOS rootkit(s)

Our modern PC hardware is capable of much more than many can imagine.

Do you:

* Know your router's firmware may easily be replaced on a hacker's whim?
* Shield all cables against leakage and attacks
* Still use an old CRT monitor and beg for TEMPEST attacks?
* Use TEMPEST resistant fonts in all of your applications including your OS?
* Know whether or not your wired keyboard has keypresses encrypted as they pass to your PC from the keyboard?
* Use your PC on the grid and expose yourself to possible keypress attacks?
* Know your network card is VERY exploitable when plugged into the net and attacked by a hard core blackhat or any vicious geek with the know how?
* Search out informative papers on these subjects and educate your friends and family about these attacks?
* Contact antimalware companies and urge them to protect against many or all these attacks?

Do you trust your neighbors? Are they all really stupid when it comes to computing or is there a geek or two without a conscience looking to exploit these areas?

The overlooked threat are the potential civilian rogues stationed around you, especially in large apartment blocks who feed on unsecured wifi to do their dirty work.

With the recent news of Russian spies, whether or not this news was real or a psyop, educate yourself on the present threats which all antimalware scanners fail to protect against and remove any smug mask you may wear, be it Linux or OpenBSD, or the proprietary Windows and Mac OS you feel are properly secured and not vulnerable to any outside attacks because you either don't need an antivirus scanner (all are inept to serious attacks) or use one or several (many being proprietary mystery machines sending data to and from your machine for many reasons, one is to share your information with a group or set database to help aid in threats), the threats often come in mysterious ways.

Maybe the ancients had it right: stone tablets and their own unique language(s) rooted in symbolism.

#

I'm more concerned about new rootkits which target PCI devices, such as the graphics card and the optical drives, also, BIOS. Where are the malware scanners which scan PCI devices and BIOS for mismatches? All firmware, BIOS and on PCI devices should be checksummed and saved to match with others in the cloud, and archived when the computer is first used, backing up signed firmware.

When do you recall seeing signed router firmware upgrades with any type of checksum to check against? Same for PCI devices and optical drives and BIOS.

Some have begun with BIOS security:

http://www.biosbits.org/ [biosbits.org]

Some BIOS has write protection in its configuration, a lot of newer computers don't.

#

"Disconnect your PC from the internet and don't add anything you didn't create yourself. It worked for the NOC list machine in Mission Impossible"

The room/structure was likely heavily shielded, whereas most civvies don't shield their house and computer rooms. There is more than meets the eye to modern hardware.

Google:

subversion hack:
tagmeme(dot)com/subhack/

network card rootkits and trojans
pci rootkits
packet radio
xmit "fm fingerprinting" software
"specific emitter identification"
forums(dot)qrz(dot)com

how many malware scanners scan bios/cmos and pci/agp cards for malware? zero, even the rootkit scanners. have you checksummed/dumped your bios/cmos and firmware for all your pci/agp devices and usb devices, esp vanity usb devices in and outside the realm of common usb devices (thumbdrives, external hdds, printers),

Unless your computer room is shielded properly, the computers may still be attacked and used, I've personally inspected computers with no network connection running mysterious code in the background which task manager for windows and the eqiv for *nix does not find, and this didn't find it all.

Inspect your windows boot partition in *nix with hexdump and look for proxy packages mentioned along with command line burning programs and other oddities. Computers are more vulnerable than most would expect.

You can bet all of the malware scanners today, unless they are developed by some lone indy coder in a remote country, employ whitelisting of certain malware and none of them scan HARDWARE devices apart from the common usb devices.

Your network cards, sound cards, cd/dvd drives, graphics cards, all are capable of carrying malware to survive disk formatting/wiping.

Boot from a Linux live cd and use hexdump to examine your windows (and *nix) boot sectors to potentially discover interesting modifications by an unknown party.

#
eof

This is 6Oatsex (-1)

Anonymous Coward | more than 2 years ago | (#41054247)

it there. Bring 7olatile world of The Cathedral

why do the lawyers get all the money (1)

swschrad (312009) | more than 2 years ago | (#41055829)

when they were not the ones aggrieved by this heinous theft of personal property? the lion's share of a class action should go to members of the class.

Re:why do the lawyers get all the money (0)

Anonymous Coward | more than 2 years ago | (#41064733)

That's the law, son.

Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?