Slashdot Mirror

An anonymous reader writes: Louisiana Governor Bobby Jindal has vetoed a plan to acquire license plate reading cameras in the state. Law enforcement agencies nationwide use such cameras to scan cars and compare them to a "hot list" of stolen or wanted vehicles. That data is kept for weeks, or even years In some cases. Jindal wrote in a signing statement: "Senate Bill No. 250 would authorize the use of automatic license plate reader camera surveillance programs in various parishes throughout the state. The personal information captured by these cameras, which includes a person’s vehicle location, would be retained in a central database and accessible to not only participating law enforcement agencies but other specified private entities for a period of time regardless of whether or not the system detects that a person is in violation of vehicle insurance requirements. Camera programs such as these that make private information readily available beyond the scope of law enforcement, pose a fundamental risk to personal privacy and create large pools of information belonging to law abiding citizens that unfortunately can be extremely vulnerable to theft or misuse. For these reasons, I have vetoed Senate Bill No. 250 and hereby return it to the Senate."

An anonymous reader writes: In 2011, an anonymous person on the internet posted a comment to the Freeport Journal Standard newspaper's website implying that a local political candidate was a pedophile. The candidate, Bill Hadley, took offense to this, and tried to get Comcast to tell him who the commenter was. Comcast refused, so Hadley took it to the courts. The Illinois Supreme Court has now ruled (PDF) that Comcast must divulge the commenter's identity. "Illinois' opinion was based in large part on a pair of earlier, lower-court decisions in the state, which held that the anonymity of someone who makes comments in response to online news stories isn't guaranteed if their opinions are potentially defamatory, according to Don Craven, an attorney for the Illinois Press Association."

Cutting_Crew writes: An article published last week at Ars Technica looked at the SteamVR virtual reality headset created by Valve. Contained in the article is a quote from game designer Alex Schwartz, who said in reference to the device, "The jump between a regular game and playing a room scale VR experience is X times 100. It’s like saying, 'I have an IMAX theater in my house.' It’s so much better that we can get away with a cumbersome setup." Now, for that single quoted reference, IMAX has sent a trademark complaint to Ars and demanded that they take the story down. "The company said our story required a retraction because it included a brief reference to IMAX—included without IMAX's permission. 'Any unauthorized use of our trademark is expressly forbidden.'"

If you look at the letter from IMAX (PDF), you'll see they think the reference to IMAX is "misleading to readers." They further request that "all future articles regarding this "room-scale" virtual reality system make no reference to our registered trademark." Apparently, IMAX has never heard of the Streisand Effect. Update: 06/19 19:26 GMT by S : IMAX has apologized.

Cutting_Crew writes: An article published last week at Ars Technica looked at the SteamVR virtual reality headset created by Valve. Contained in the article is a quote from game designer Alex Schwartz, who said in reference to the device, "The jump between a regular game and playing a room scale VR experience is X times 100. It’s like saying, 'I have an IMAX theater in my house.' It’s so much better that we can get away with a cumbersome setup." Now, for that single quoted reference, IMAX has sent a trademark complaint to Ars and demanded that they take the story down. "The company said our story required a retraction because it included a brief reference to IMAX—included without IMAX's permission. 'Any unauthorized use of our trademark is expressly forbidden.'"

If you look at the letter from IMAX (PDF), you'll see they think the reference to IMAX is "misleading to readers." They further request that "all future articles regarding this "room-scale" virtual reality system make no reference to our registered trademark." Apparently, IMAX has never heard of the Streisand Effect. Update: 06/19 19:26 GMT by S : IMAX has apologized.

Cutting_Crew writes: An article published last week at Ars Technica looked at the SteamVR virtual reality headset created by Valve. Contained in the article is a quote from game designer Alex Schwartz, who said in reference to the device, "The jump between a regular game and playing a room scale VR experience is X times 100. It’s like saying, 'I have an IMAX theater in my house.' It’s so much better that we can get away with a cumbersome setup." Now, for that single quoted reference, IMAX has sent a trademark complaint to Ars and demanded that they take the story down. "The company said our story required a retraction because it included a brief reference to IMAX—included without IMAX's permission. 'Any unauthorized use of our trademark is expressly forbidden.'"

If you look at the letter from IMAX (PDF), you'll see they think the reference to IMAX is "misleading to readers." They further request that "all future articles regarding this "room-scale" virtual reality system make no reference to our registered trademark." Apparently, IMAX has never heard of the Streisand Effect. Update: 06/19 19:26 GMT by S : IMAX has apologized.

_xeno_ writes: E3 2015 saw a lot of game companies banking on nostalgia, but much less hype for new games. While the biggest thing coming out of Microsoft's press conference was undoubtedly the Hololens, the biggest buzz from E3 was probably Sony's announcement of Square Enix's announcement of a remake of a two decade old game (Final Fantasy VII), seconded by the announcement of a sequel to a fifteen year old game (Shenmue). Nintendo announced mostly new sequels as well. Ultimately, though, it isn't surprising that the biggest buzz is around old games. Old games are a known quantity, while truly new games are — well, new. Who knows if they're going to be the next classic or not?

HughPickens.com writes: Sean Gallagher reports at Ars Technica that Dr. Andy Ozment, Assistant Secretary for Cybersecurity in the Department of Homeland Security, told members of the House Oversight and Government Reform Committee that in the case of the recent discovery of an intrusion that gave attackers access to sensitive data on millions of government employees and government contractors, encryption would "not have helped" because the attackers had gained valid user credentials to the systems that they attacked—likely through social engineering. Ozment added that because of the lack of multifactor authentication on these systems, the attackers would have been able to use those credentials at will to access systems from within and potentially even from outside the network. "If the adversary has the credentials of a user on the network, they can access data even if it's encrypted just as the users on the network have to access data," said Ozment. "That did occur in this case. Encryption in this instance would not have protected this data."

The fact that Social Security numbers of millions of current and former federal employees were not encrypted was one of few new details emerged about the data breach and House Oversight member Stephen Lynch (D-Mass.) was the one who pulled the SSN encryption answer from the teeth of the panel where others failed. "This is one of those hearings where I think that I will know less coming out of the hearing than I did when I walked in because of the obfuscation and the dancing around we are all doing here. As a matter of fact, I wish that you were as strenuous and hardworking at keeping information out of the hands of hackers as you are in keeping information out of the hands of Congress and federal employees. It's ironic. You are doing a great job stonewalling us, but hackers, not so much."

Adesso writes: A serious security problem in the default Samsung keyboard installed on many of the company's cellphones has been lurking since December 2014 (CVE-2015-2865). When the phone tries to update the keyboard, it fails to encrypt the executable file. This means attackers on the same network can replace the update file with a malicious one of their own. Affected devices include the Galaxy S6, S5, S4, and S4 mini — roughly 600 million of which are in use. There's no known fix at the moment, aside from avoiding insecure Wi-Fi networks or switching phones. The researcher who presented these findings at the Blackhat security conference says Samsung has provided a patch to carriers, but he can't find out if any of them have applied the patch. The bug is currently still active on the devices he tested.

An anonymous reader writes: Bethesda kicked off this year's E3 expo by unveiling the new Doom game they've been working on and announcing a sequel to the popular fantasy action-adventure game Dishonored. They've posted a gory trailer (YouTube) for Doom, and shared several minutes of gameplay footage as well. The game is due out in Spring 2016 for Xbox One, PS4, and PCs, and it will include an editor that will let players make new maps and gameplay modes. Dishonored 2 has a trailer as well, though fewer details have been shared about the game. Bethesda also added details to their recent announcement of Fallout 4. It's been given a release date of November 10th (2015), and they did a live demo on stage at E3 (YouTube) with a bunch of game footage.

An anonymous reader writes: Medical researchers have long known that bioelectronics could substantially improve patient diagnosis and treatment, but the difficulty in putting that circuitry into place kept more traditional options at the forefront. Now, a team of scientists has found a clever way to deliver flexible electronic meshes via syringe, which could make it easier to monitor complex brain activity without dangerous surgery. "The scientists demonstrated they could inject a 2mm wide sample of the mesh through a glass needle with an inner diameter of only 95m. During injection, the mesh structure continuously unfolds as it exits the needle. Injection of the mesh through a needle with a 600m inner diameter produced similar results." The team has already tested the technique on rodents, and found minimal response from astrocytes, cells involved in repairing damaged brain tissue. They were able to record the rodents's brain activity as well.

An anonymous reader writes: In 2008, Louisiana passed a law that was designed to let teachers introduce creationism into public classrooms alongside evolution. Zack Kopplin, a student at the time, decided to fight the law by sending Freedom Of Information Act requests to the schools, asking for anything mentioning creationism or the law itself. While most ignore him, he has received documents showing a clear anti-science stance from school officials. "In one, which appears to contain a set of PowerPoint slides, there's a page titled "Creationism (Intelligent Design)" that refers students to the Answers in Genesis website, along with two other sites that are critical of that group's position. In another, a parent's complaint about a teacher who presents evolution as a fact is met by a principal stating that 'I can assure you this will not happen again.'"

itwbennett writes: At Apple's WWDC 2015 event yesterday, Craig Federighi, Apple's senior vice president of software engineering, announced that the company planned to open source the Swift language. Reaction to this announcement so far has sounded more or less like this: Deafening applause with undertones of "we'll see." As a commenter on this Ars Technica story points out, "Their [Apple's] previous open-source efforts (Darwin, WebKit, etc) have generally tended to be far more towards the Google style of closed development followed by a public source dump." Simon Phipps, the former director of OSI, also expressed some reservations, saying, "While every additional piece of open source software extends the opportunities for software freedom, the critical question for a programming language is less whether it is itself open source and more whether it's feasible to make open source software with it. Programming languages are glue for SDKs, APIs and libraries. The real value of Swift will be whether it can realistically be used anywhere but Apple's walled garden."

An anonymous reader writes: After teasing gamers with a countdown timer yesterday, Bethesda has now announced Fallout 4 for PCs, the Xbox One, and the PS4. They've also released an official trailer (YouTube video). The game will be set in post-apocalyptic Boston, and the player character will apparently be accompanied on his adventures by a dog. The Guardian has a post cataloging the features they're hoping will be improved from previous games in the series: "The combat system in the last two Fallout games was not universally adored. It often felt you were shooting wildly and blindly, biding time before you could use the the Vault-Tec Assisted Targeting (VAT) system, which allows players to focus in on specific parts of enemies with a percentage chance of hitting them. ... Well-written, hand-crafted quests are going to be vitally important. The Radiant Quest system used in Skyrim sounds brilliant on paper: infinite quests, randomly generated and a little different each time. But the reality was a lot of fetch quests in similar looking caves. Bethesda may be tempted to bring that system across to Fallout 4, but there's an argument for abandoning dynamic quests altogether and opting for a smaller range of authored challenges."

vivaoporto writes: Gordon Lyon (better known as Fyodor, author of nmap and maintainer of the internet security resource sites insecure.org, nmap.org, seclists.org, and sectools.org) warns on the nmap development mailing list that he does not control the SourceForge nmap project.

According to him the old Nmap project page (located at http://sourceforge.net/projects/nmap/, screenshot) was changed to a blank page and its contents were moved to a new page (http://sourceforge.net/projects/nmap.mirror/, screenshot) which is controlled by sf-editor1 and sf-editor3, in a pattern mirroring the much discussed takeover of the GIMP-Win page discussed last week on Ars Technica, IT World and eventually this week on Slashdot.

On Monday, Sourceforge promised to stop "presenting third party offers for unmaintained SourceForge projects," and to their credit Fyodor states, "So far they seem to be providing just the official Nmap files," but reiterates "that you should only download Nmap from our official SSL Nmap site: https://nmap.org/download.html." To browse the projects and mirrors currently controlled by SourceForge, you can look at these account pages: sf-editor1, sf-editor2, and sf-editor3.

schwit1 points out that the U.S. Senate has passed the USA Freedom Act by a vote of 67-32, sending it on to President Obama, who is expected to sign it into law. The bill removes mass metadata collection powers from the NSA, but also grants a new set of surveillance powers to replace them. Telecoms now hang on to that data, and the government can access it if they suspect the target is part of a terrorism investigation and one of the call's participants is overseas. "The second provision revived Tuesday concerns roving wiretaps. Spies may tap a terror suspect's communications without getting a renewed FISA Court warrant, even as a suspect jumps from one device to the next. The FISA Court need not be told who is being targeted when issuing a warrant. The third spy tool renewed is called "lone wolf" in spy jargon. It allows for roving wiretaps. However, the target of wiretaps does not have to be linked to a foreign power or terrorism."

Lirodon writes: Remember a few days ago, when Slashdot's former parent company was the subject of a $122 million takeover bid by Hot Topic? Well, another geeky retailer entered the fray in the battle for ThinkGeek, and won. GameStop will be acquiring Geeknet for $140 million. The video game retailer has promised synergies, such as in-store pickup and integration with its rewards program.

Ars Technica has a look at the experimental multi-window mode in the just-announced Android M. It's not a headlining feature yet: "buggy, busted, and buried, but intriguing nonetheless" is how Ars describes it. Android Police is similarly faint in its praise. All that might be true, but to many users even a partly working multi-window mode would be welcome, especially one blessed by Google. (Some Samsung users have had multi-window support for a while, but not built into the OS proper, and multi-window capabilities can be found via app, too.)

Billly Gates writes: Ars Technica has the scoop on a new build with less flat icons and a confirmation of a mid July release date. While Microsoft is in a hurry to fix the damage done by the Windows 8 versions of its operating system, the next question is, is ready for prime time? On Neowin there's a list of problems already mentioned by MS and its users with this latest release, including Wi-Fi and sound not working without a reboot, and users complaining about tiles and apps not working in the new start menu.

jones_supa writes: USB Type-C connection is showing up in more and more devices, and Google is rolling support for the interface in its Android M operating system. The most significant additions relate to the USB Power Delivery spec. Charging will now work in both directions. That effectively means that Type-C devices can be used as external batteries for other devices. Android M is also finally introducing a feature that musicmakers have been long asking for: MIDI support. This builds on some of the audio features Google introduced in Android 5, including reduction in latency, multichannel audio stream mixing, and support for USB microphones, amplifiers, speakers, and other accessories. As others have written, music and media creation apps are much more prevalent in iOS than they are in Android, and Google hopes turning that around.

An anonymous reader writes: The Supreme Court ruled today (PDF) that Cisco Systems can't skip out of a patent suit against them from patent troll Commil USA. The case reached the Supreme Court because Cisco argued it had a "good faith belief" that the patent they were infringing was invalid. The justices voted 6-2 that such a belief didn't matter if they were indeed infringing. The Supreme Court's opinion is that a company must know of the patent it's infringing, and that their product infringes upon the patent — which, at least, is more than what Commil was pushing.

The case isn't completely over — a $63.7 million verdict in Commil's favor was overturned by an Appeals Court, and now the Supreme Court has sent it back down for re-evaluation after it clarified the rules of infringement. The Appeals Court could still overturn the judgment for some other reason. The good news is that the Supreme Court dedicated a page in their opinion to telling lower courts how to sanction patent trolls and keep them from clogging the courts with ridiculous claims. "[I]t is still necessary and proper to stress that district courts have the authority and responsibility to ensure frivolous cases are dissuaded."

An anonymous reader writes: Security firm ESET has published a report on new malware that targets Linux-based communication devices (modems, routers, and other internet-connected systems) to create a giant proxy network for manipulating social media. It's also capable of hijacking DNS settings. The people controlling the system use it for selling "follows," "likes," and so forth on social media sites like Twitter, Instagram, Vine, Facebook, and Google+. Affected router manufacturers include: Actiontec, Hik Vision, Netgear, Synology, TP-Link, ZyXEL, and Zhone. The researchers found that even some medical devices were vulnerable to the worm, though it wasn't designed specifically to work with them.

jones_supa points out the news (also at Ars Technica, and -- paywalled -- at the Wall Street Journal) that clothing and music retailer Hot Topic has announced plans to buy Geeknet, parent company of ThinkGeek and ThinkGeek Solutions, for $117.3 million. ThinkGeek Solutions is a distributor of video-game themed merchandise through licensed web stores. Hot Topic Inc. will pay $17.50 per Geeknet share. Privately held Hot Topic, based in Los Angeles, has more than 650 stores in the U.S. and Canada. Geeknet will become a Hot Topic subsidiary. This news inspires some nostalgia here; ThinkGeek was for a long time one of Slashdot's sister sites under the umbrella of VA Linux, and I had some fun years back helping to set up the ThinkGeek booth at LinuxWorld in New York.

An anonymous reader writes: After a records request by Ars, the sheriff in San Bernardino County (SBSD) sent an example of a template for a "pen register and trap and trace order" application. The county attorneys claim what they sent was a warrant application template, even though it is not. The application cites no legal authority on which to base the request. "This is astonishing because it suggests the absence of legal authorization (because if there were clear legal authorization you can bet the government would be citing it)," Fred Cate, a law professor at Indiana University, told Ars. "Alternatively, it might suggest that the government just doesn't care about legal authorization. Either interpretation is profoundly troubling," he added. Further documents reveal that the agency has used a Stingray 303 times between January 1, 2014 and May 7, 2015.

An anonymous reader writes: Sen. Rand Paul held up a vote on the Fast Track Authority for an eleven hour dissertation on the flaws of: the Patriot Act, the replacement the USA Freedom Act, bulk data collection including credit card purchases, the DEA and IRS's use of NSA intel. for "parallel construction", warrant-less GPS bugs on vehicles, as well as the important distinction of a general warrant versus a specific one. "There is a general veil of suspicion that is placed on every American now. Every American is somehow said to be under suspicion because we are collecting the records of every American," Paul said. The questions is what did the "filibuster" really accomplish? The speeches caused a delay in Senate business but it's unclear what larger effect, if any, that will have.

An anonymous reader writes: A team of security researchers has revealed a new encryption vulnerability called 'Logjam,' which is the result of a flaw in the TLS protocol used to create encrypted connections. It affects servers supporting the Diffie-Hellman key exchange, and it's caused by export restrictions mandated by the U.S. government during the Clinton administration. "Attackers with the ability to monitor the connection between an end user and a Diffie-Hellman-enabled server that supports the export cipher can inject a special payload into the traffic that downgrades encrypted connections to use extremely weak 512-bit key material. Using precomputed data prepared ahead of time, the attackers can then deduce the encryption key negotiated between the two parties."

Internet Explorer is the only browser yet updated to block such an attack — patches for Chrome, Firefox, and Safari are expected soon. The researchers add, "Breaking the single, most common 1024-bit prime used by web servers would allow passive eavesdropping on connections to 18% of the Top 1 Million HTTPS domains. A second prime would allow passive decryption of connections to 66% of VPN servers and 26% of SSH servers. A close reading of published NSA leaks shows that the agency's attacks on VPNs are consistent with having achieved such a break." Here is their full technical report (PDF).

An anonymous reader writes: In February, when the FCC rolled out its net neutrality rules, it also voted to override state laws that let Texas and North Carolina block ISPs created by local governments and public utilities. These laws frequently leave citizens facing a monopoly or duopoly with no recourse, so the FCC abolished them. Now, North Carolina has sued the FCC to get them back. State Attorney General Roy Cooper claims, "the FCC unlawfully inserted itself between the State and the State's political subdivisions." He adds that the new rule is "arbitrary, capricious, and an abuse of discretion within the meaning of the Administrative Procedure Act; and is otherwise contrary to law."

An anonymous reader writes: In an upcoming paper (PDF) for the Michigan Law Review, scholar Cass Sunstein draws on Star Wars to make a couple key points about how constitutional law evolves. He writes, "Human beings often see coherence and planned design when neither exists. This is so in movies, literature, history, economics, and psychoanalysis—and constitutional law. Contrary to the repeated claims of George Lucas, its principal author, the Star Wars series was hardly planned in advance; it involved a great deal of improvisation and surprise, even to Lucas himself. Serendipity and happenstance, sometimes in the forms of eruptions of new thinking, play a pervasive and overlooked role in the creative imagination, certainly in single-authored works, and even more in multi-authored ones extending over time. ... The misdescription appears to respond to a serious human need for sense-making and pattern-finding, but it is a significant obstacle to understanding and critical reflection. Whether Jedi or Sith, many authors of constitutional law are a lot like the author of Star Wars, disguising the essential nature of their own creative processes."

For quite a while, we've been following the case of Douglas Gene Williams, accused of and indicted for teaching people to pass polygraph tests that they might otherwise have been unable to, and for the claims he made in advertising this training -- and specifically for showing his techniques to some undercover Federal agents. Now, reports Ars Technica, Williams has pleaded guilty to five charges of obstruction of justice and mail fraud. From the article: Williams isn't the first person prosecuted for these type of allegations. An Indiana man was accused of offering similar services and was sentenced in 2013 to eight months in prison. The judge presiding over the case said the case blended a "gray area" of First Amendment speech and the unlawful act of instructing people to lie on polygraph tests issued by the federal government. Williams' site, Polygraph.com, is now defunct.

merbs sends an update on MakerBot, one of the most well known names in the 3D-printing industry. After its acquisition by Stratasys in 2013, defective parts plagued the company's printers in 2014. MakerBot co-founder and CEO Bre Pettis stepped down, and the company laid off 20% of its employees. The new CEO, Jonathan Jaglom, is now talking about how they're rebuilding MakerBot, and where we can expect it to go in the future. "The 39-year-old, Swiss-born Jaglom says that his priorities since taking over have been to dedicate more attention to customer support, to address the remaining fallout from the extruder problem, and to reorient the company to target its Replicators to the professional and educational markets."

Jaglom also envisions a sort of "iTunes for 3D printing," where people can easily buy designs online and print them out at home. He says, "I'll be sitting at home. Maybe something broke; maybe my glasses. Maybe I want to reprint it and I'll go to Oakley, Ray Ban, whatever, Philippe Starck in this case, download the file, pay $3.49 for it, and print it at home. And then you will have to go to your Kinko's or your Fab Labs, your local 3D printing, if you want it in metal or plastics you can't have at home."

SonicSpike writes with news of a ruling in U.S. District Court that the seizure and search of a man's laptop without a warrant while he was in an airport during an international border crossing was not justified. According to Judge Amy Jackson's ruling (PDF), the defendant was already the subject of an investigation when officials used his international flight as a pretext for rifling through his laptop. The government argued that a laptop was simply a "container," and thus subject to warrantless searches to protect the homeland. But the judge said the search "was supported by so little suspicion of ongoing or imminent criminal activity, and was so invasive of Kim's privacy and so disconnected from not only the considerations underlying the breadth of the government's authority to search at the border, but also the border itself, that it was unreasonable."

She also noted that laptop searches may require more stringent legal support, since they are capable of holding much more private information than a box or duffel bag. And while a routine search involves a quick look through a container, this search was quite different: "[T]he agents created an identical image of Kim's entire computer hard drive and gave themselves unlimited time to search the tens of thousands of documents, images, and emails it contained, using an extensive list of search terms, and with the assistance of two forensic software programs that organized, expedited, and facilitated the task."

An anonymous reader writes: Myrna Arias claims she was fired for refusing to run an app that would track her location even when she was off the clock. She is now suing Intermex Wire Transfer LLC in a Kern County Superior Court. Her claim reads in part: "After researching the app and speaking with a trainer from Xora, Plaintiff and her co-workers asked whether Intermex would be monitoring their movements while off duty. Stubits admitted that employees would be monitored while off duty and bragged that he knew how fast she was driving at specific moments ever since she installed the app on her phone. Plaintiff expressed that she had no problem with the app's GPS function during work hours, but she objected to the monitoring of her location during non-work hours and complained to Stubits that this was an invasion of her privacy. She likened the app to a prisoner's ankle bracelet and informed Stubits that his actions were illegal. Stubits replied that she should tolerate the illegal intrusion...."

An anonymous reader with the news, as reported by Ars Technica, BGR, the WSJ, and more, that Tesla, in the course of the company's most recent earnings call, has announced plans to show off its much-anticipated Model 3 in March, 2016, and somewhat more tentative plans for actual availability; "late 2017" might be optimistic, but it's a start. You can listen to the whole earnings call here. Other bits gleaned from this call include a "late summer" planned delivery for the Model X SUV, and the fact that the PowerWall household battery is sold out until the middle of next year.

An anonymous reader writes: Oculus has announced that their Rift virtual reality headset will be coming out sometime in the first quarter of 2016. They've also posted a couple images of the final consumer headset design. The device was Kickstarted in August, 2012. Consumer-level release dates have slowly slipped further and further out since then, though they've shipped two different development kits. Ars points out that a 2016 launch date will bring the Oculus Rift to market after the Valve/HTC VR headset, and possibly after Sony's Project Morpheus.

qubezz writes: Security researcher Phar (Mike Davis/IOActive) gave his 30 days of disclosure notice to Cyberlock (apparently a company that makes electronic lock cylinders) that he would release a public advisory on vulnerabilities he found with the company's security devices. On day 29, their lawyers responded with a request to refrain, feigning ignorance of the previous notice, and invoking mention of the DMCA (this is not actually a DMCA takedown notice, as the law firm is attempting to suppress initial disclosure through legal wrangling). Mike's blog states: "The previous DMCA threats are from a company called Cyberlock, I had planned to do a fun little blog post (cause i ... hate blog posts) on the fun of how I obtained one, extracted the firmware bypassing the code protection and figured out its "encryption" and did various other fun things a lock shouldn't do for what its marketed as.. But before I could write that post I needed to let them know what issues we have deemed weaknesses in their gear.. the below axe grinderery is the results. (sic)" What should researchers do when companies make baseless legal threats to maintain their security-through-obscurity? Related: Bitcoin exchange company Coinbase has been accused of spying on a dark net researcher.

Ars Technica reports that A former Goldman Sachs programmer—featured in the book Flash Boys—was convicted on Friday for stealing high-speed trading code from the bank. Sergey Aleynikov, 45, was also acquitted on one count of unlawful duplication, according to Reuters. The New York state jury could not come to a verdict on another count of unlawful use of secret scientific material. Sergey Aleynikov was also acquitted of unlawful duplication. This was the second trial for Aleynikov in five years. He could face up to four years in prison.

An anonymous reader writes with the latest update in Comcast's "if you can't beat them, join them" fiber plan. In April 2008, Comcast sued the Chattanooga Electric Power Board (EPB) to prevent it from building a fiber network to serve residents who were getting slow speeds from the incumbent cable provider. Comcast claimed that EPB illegally subsidized the buildout with ratepayer funds, but it quickly lost in court, and EPB built its fiber network and began offering Internet, TV, and phone service. After EPB launched in 2009, incumbents Comcast and AT&T finally started upgrading their services, EPB officials told Ars when we interviewed them in 2013. But not until this year has Comcast had an Internet offering that can match or beat EPB's $70 gigabit service. Comcast announced its 2Gbps fiber-to-the-home service on April 2, launching first in Atlanta, then in cities in Florida and California, and now in Chattanooga, Tennessee.

savuporo writes: Team members from John Carmack's defunct suborbital rocket company, Armadillo Aerospace, have re-launched the suborbital rocket project now as Exos Aerospace through a Kickstarter campaign. While original Armadillo efforts stopped just shy of actually getting to space, the team intends to pick up where they left off, rebuild and make it into a sustainable suborbital payload business. Carmack, while not involved, says their core is "arguably the most competent in suborbital alt-space."

There are multiple other small launcher startups springing up again across the globe — Rocket Labs recently unveiled their new engines, Firefly is making progress, and Lin Industrial also announced their rocket recently.

An anonymous reader writes: Ouya, the Android-based games console, enjoyed one of the most successful crowdfunding campaigns to date, raising $8.6 million after asking for only $960,000. But now that the console has been on the market for a while, the company is struggling. After borrowing roughly $25 million from investors to keep it going, they're now trying to restructure the debt, and reportedly seeking a buyout. "Interest in Ouya's microconsole has dropped considerably since its launch back in 2013, where it had to offer store credit to dissatisfied Kickstarter backers for failing to deliver devices on time. Following disappointing sales figures for early games, the company has tried several times to turn its fortunes around."

jones_supa writes: SOHO routers from manufacturers including at least Trendnet and D-Link allow attackers anywhere in the world to execute malicious code on the devices, according to a security advisory issued over the weekend. The remote command-injection vulnerability resides in the "miniigd SOAP service" as implemented by the RealTek SDK. Before someone asks, there is no comprehensive list of manufacturers or models that are affected. Nerds may be able to spot them by using the Metasploit framework to query their router. If the response contains "RealTek/v1.3" or similar, the device is likely vulnerable. For now, the vulnerable routers should be restricted to communicate only with trusted devices. HP's Zero Day Initiative reported the bug confidentially to RealTek in August 2013, but the issue was disclosed 20 months later as no fix has been provided.

An anonymous reader writes: Verizon recently told a customer that upgrading his 50Mbps service to 75Mbps would result in smoother streaming of Netflix video. Of course, that's not true — Netflix streams at a rate of about 3.5 Mbps on average for Verizon's fiber service, so there's more than enough headroom either way. But this customer was an analyst for the online video industry, so he did some testing and snapped some screenshots for evidence. He fired up 10 concurrent streams of a Game of Thrones episode and found only 29Mbps of connection being used. This guy was savvy enough to see through Verizon's BS, but I'm sure there are millions of customers who wouldn't bat an eye at the statements they were making. The analyst "believes that the sales pitch he received is not just an isolated incident, since he got the same pitch from three sales reps over the phone and one online."

An anonymous reader writes: Hot on the heels of Comcast's failed attempt to swallow up Time Warner Cable, AT&T's pursuit of satellite provider DirecTV is plowing forward. What would be the result of a wireline and cellular mega-monopoly buying one of only two subscription satellite TV providers? Has to be worse than a Comcast/TWC marriage ... at least there, the territories and services offered didn't overlap at all, but AT&T offers voice, data, and television in many markets already. Adding satellite would stifle competition for television services (and to a lesser extent, because satellite is only best suited for rural installations, data).

An anonymous reader writes: Michelle Slaughter, a Galveston County judge, says she will appeal a public admonition from state officials that criticized her Facebook posts about cases brought before her court. From the article: "The State Commission on Judicial Conduct ordered Michelle Slaughter, a Galveston County judge, to enroll in a four-hour class on the 'proper and ethical use of social media by judges.' The panel concluded that the judge's posts cast 'reasonable doubt' on her impartiality. At the beginning of a high-profile trial last year in which a father was accused of keeping his nine-year-old son in a six-foot by eight-foot wooden box, the judge instructed jurors not to discuss the case against defendant David Wieseckel with anyone. 'Again, this is by any means of communication. So no texting, e-mailing, talking person to person or on the phone or on Facebook. Any of that is absolutely forbidden,' the judge told jurors. But Slaughter didn't take her own advice, leading to her removal from the case and a mistrial. The defendant eventually was acquitted of unlawful-restraint-of-a-child charges."

An anonymous reader writes: We read about a lot of patent troll cases. Some are successful and some are not, but many such cases are decided before ever going to court. It's how the patent troll operates — they know exactly how high litigation costs are. Even without a legal leg to stand on, they can ask for settlements that make better financial sense for the target to accept, rather than dumping just as much money into attorney's fees for an uncertain outcome. Fortunately, some companies fight back. TV-maker Vizio is one of these, and they've successfully defended against 16 different patent trolls, some with multiple claims. In addition, they're going on the offensive, trying to wrest legal fees from the plaintiffs for their spurious claims. "For the first time, it stands a real chance, in a case where it spent more than $1 million to win. Two recent Supreme Court decisions make it easier for victorious defendants to collect fees in patent cases. The TV maker is up against a storied patent plaintiffs' firm, Chicago-based Niro, Haller & Niro, that has fought for Oplus tooth and nail. ... For Vizio, the company feels that it's on the verge of getting vindication for a long-standing policy of not backing down to patent trolls."

An anonymous reader writes with this news from Ars Technica: If you want access to encrypted data on a drug dealer's digital device, you might try to break the crypto—or you might just try to break the man.

According to testimony from a police corruption trial currently roiling the city of Philadelphia, officers from an undercover drug squad took the latter route back in November 2007. After arresting their suspect, Michael Cascioli, in the hallway outside his 18th floor apartment, the officers took Cascioli back inside. Although they lacked a search warrant, the cops searched Cascioli's rooms anyway. According to a federal indictment (PDF), the officers 'repeatedly assaulted and threatened [Cascioli] during the search to obtain information about the location of money, drugs, and drug suppliers.' That included, according to Cascioli, lifting him over the edge of his balcony to try to frighten out of him the password to his Palm Pilot. That sounds like a good time for a duress password.

An anonymous reader writes: The Apple Watch's release date has arrived: retailers around the world have quietly begun putting them on their shelves, and customers are beginning to receive their shipments. Reviews have been out for a while, including thoughtful ones from John Gruber and Nilay Patel. Apple has published a full user guide for the software, and iFixit has put up a full teardown to take a look at the hardware. They give it a repairability score of 5 out of 10, saying that the screen and battery are easily replaced, but not much else is. Though Apple designated the watch "water-resistant" rather than "waterproof", early tests show it's able to withstand a shower and a swim in the pool without failing. Ars has an article about the difficulty of making games for the Apple Watch, and Wired has a piece detailing its creation.

An anonymous reader writes: We've known for some time already that intelligence agencies operate beyond rules, laws, and regulations. Now, we learn that the NSA and the German intelligence service, BND, lied and withheld information about misuse from the German Chancellor's Office.

"The BND realized as early as 2008 that some of the selectors were not permitted according to its internal rules, or covered by a 2002 US-Germany anti-terrorism "Memorandum of Agreement" on intelligence cooperation. And yet it did nothing to check the NSA's requests systematically. It was only in the summer of 2013, after Edward Snowden's revelations of massive NSA and GCHQ surveillance, that the BND finally started an inquiry into all the selectors that had been processed. According to Der Spiegel, investigators found that the BND had provided information on around 2,000 selectors that were clearly against European and German interests. Not only were European businesses such as the giant aerospace and defense company EADS, best-known as the manufacturer of the Airbus planes, targeted, so were European politicians—including German ones.

However, the BND did not inform the German Chancellor's office, which only found out about the misuse of the selector request system in March 2015. Instead, the BND simply asked the NSA to make requests that were fully covered by the anti-terrorism agreement between the two countries. According to Die Zeit, this was because the BND was worried that the NSA might curtail the flow of its own intelligence data to the German secret services if the selector scheme became embroiled in controversy.

An anonymous reader writes: Bruce Upbin at Forbes reports on a new and insidious way for a malicious website to spy on a computer. Any computer running a late-model Intel microprocessor and a Web browser using HTML5 (i.e., 80% of all PCs in the world) is vulnerable to this attack. The exploit, which the researchers are calling "the spy in the sandbox," is a form of side-channel attack. Side channel attacks were previously used to break into cars, steal encryption keys and ride the subway for free, but this is the first time they're targeted at innocent web users. The attack requires little in the way of cost or time on the part of the attacker; there's nothing to install and no need to break into hardened systems. All a hacker has to do is lure a victim to an untrusted web page with content controlled by the attacker.

mrflash818 writes: A new report from analytics service SourceDNA found that roughly 1,500 iOS apps (with about 2 million total installs) contain a vulnerability that cripples HTTPS and makes man-in-the-middle attacks against those apps easy to pull off. "The weakness is the result of a bug in an older version of the AFNetworking, an open-source code library that allows developers to drop networking capabilities into their apps. Although AFNetworking maintainers fixed the flaw three weeks ago with the release of version 2.5.2, at least 1,500 iOS apps remain vulnerable because they still use version 2.5.1. That version became available in January and introduced the HTTPS-crippling flaw."

HughPickens.com writes Lee Hutchinson writes at Ars Technica that platform loyalty is a powerful thing, as two roommates in Tulsa, Oklahoma stabbed each other with broken beer bottles in a debate over the relative merits of Android versus iPhones. Tulsa police were called to Evergreen Apartments at 1 a.m after a woman found a man covered in blood, stumbling around the parking lot and found that two roommates had been drinking and arguing over their mobile phones. The two men broke beer bottles and stabbed each other with them and one of the men smashed a bottle over the back of the other man's head. "In over 35 years as a cop, this is one of the oddest reasons I've seen for assault," says Maj. Rod Hummel. According to Channel 8 News, police had no comment when asked which phone was in fact better.

Unknown Lamer writes: Microsoft and Cyanogen Inc have announced a partnership to bring Microsoft applications to Cyanogen OS. "Under the partnership, Cyanogen will integrate and distribute Microsoft's consumer apps and services across core categories, including productivity, messaging, utilities, and cloud-based services. As part of this collaboration, Microsoft will create native integrations on Cyanogen OS, enabling a powerful new class of experiences." Ars Technica comments, "If Cyanogen really wants to ship a Googleless Android, it will need to provide alternatives to Google's services, and this Microsoft deal is a small start. Microsoft can provide alternatives for Search (Bing), Google Drive (OneDrive and Office), and Gmail (Outlook). The real missing pieces are alternatives to Google Play, Google Maps, and Google Play Services."

Rather than distribute more proprietary services, how about ownCloud for Drive, K-9 Mail for Gmail, OsmAnd for Maps, and F-Droid for an app store? Mozilla and DuckDuckGo provide Free Software search providers for Android, too. With Google neglecting the Android Open Source Project and Cyanogen partnering with Microsoft, the future for Free Software Android as anything but a shell for proprietary software looks bleak.