Slashdot Mirror

Presto Vivace writes about a study published by the Virginia Information Technology Agency outlining just how bad the security of the AVS WINVote machine is. "Virginia election officials have decertified an electronic voting system after determining that it was possible for even unskilled people to surreptitiously hack into it and tamper with vote counts. The AVS WINVote, made by Advanced Voting Solutions, passed necessary voting systems standards and has been used in Virginia and, until recently, in Pennsylvania and Mississippi. It used the easy-to-crack passwords of 'admin,' 'abcde,' and 'shoup' to lock down its Windows administrator account, Wi-Fi network, and voting results database respectively, according to a scathing security review published Tuesday by the Virginia Information Technologies Agency. The agency conducted the audit after one Virginia precinct reported that some of the devices displayed errors that interfered with vote counting during last November's elections."

An anonymous reader writes that Doug Hughes, 61, a mailman from Ruskin, Florida was arrested for landing a gyro-copter on the West Lawn of the U.S. Capitol. "A 61-year-old Florida mailman was arrested Wednesday after he landed a gyrocopter on the U.S. Capitol west lawn. The gyrocopter was carrying the pilot and 535 stamped letters for members of Congress urging 'real reform' to campaign finance laws. Doug Hughes told the Tampa Bay Times ahead of the afternoon stunt that he notified authorities 'well over an hour in advance of getting to the no-fly zone, so they know who I am and what I'm doing.' Capitol police sent dogs and a bomb squad to the scene. Nothing hazardous was found. A city block from the Capitol had been cordoned off."

SternisheFan writes with this excerpt from Ars Technica about what may be the most movie-worthy real-life crime story of the year so far: Eddie Raymond Tipton, 51, may have inserted a thumbdrive into a highly locked-down computer that's supposed to generate the random numbers used to determine lottery winners, The Des Moines Register reported, citing court documents filed by prosecutors. At the time, Tipton was the information security director of the Multi-State Lottery Association, and he was later videotaped purchasing a Hot Lotto ticket that went on to fetch the winning $14.3 million payout.

In court documents filed last week, prosecutors said there is evidence to support the theory Tipton used his privileged position inside the lottery association to enter a locked room that housed the random number generating computers and
infect them with software that allowed him to control the winning numbers. The room was enclosed in glass, could only be entered by two people at a time, and was monitored by a video camera. To prevent outside attacks, the computers aren't connected to the Internet. Prosecutors said Tipton entered the so-called draw room on November 20, 2010, ostensibly to change the time on the computers. The cameras on that date recorded only one second per minute rather than running continuously like normal.

"Four of the five individuals who have access to control the camera's settings will testify they did not change the cameras' recording instructions," prosecutors wrote. "The fifth person is defendant. It is a reasonable deduction to infer that defendant tampered with the camera equipment to have an opportunity to insert a thumbdrive into the RNG tower without detection."

New submitter grimmjeeper writes: IDG News reports, "A group of Republican lawmakers has introduced a bill that would invalidate the U.S. Federal Communications Commission's recently passed net neutrality rules. The legislation (PDF), introduced by Representative Doug Collins, a Georgia Republican, is called a resolution of disapproval, a move that allows Congress to review new federal regulations from government agencies, using an expedited legislative process."

This move should come as little surprise to anyone. While the main battle in getting net neutrality has been won, the war is far from over. The legislation was only proposed now because the FCC's net neutrality rules were just published in the Federal Register today. In addition to the legislation, a new lawsuit was filed in the U.S. Court of Appeals for the District of Columbia Circuit by USTelecom, a trade group representing ISPs.

An anonymous reader writes The National Security Agency is embroiled in a battle with tech companies over access to encrypted data that would allow it to spy (more easily) on millions of Americans and international citizens. Last month, companies like Google, Microsoft, and Apple urged the Obama administration to put an end to the NSA's bulk collection of metadata. "National Security Agency officials are considering a range of options to ensure their surveillance efforts aren't stymied by the growing use of encryption, particularly in smartphones. Key among the solutions, according to The Washington Post, might be a requirement that technology companies create a digital key that can open any locked device to obtain text messages or other content, but divide the key into pieces so no one group could use it without the cooperation of other parties."

An anonymous reader writes: Daredevil has been a staple of Marvel's superhero lineup since the 1960s. But Daredevil's most recent on-screen legacy was a terrible film in 2003 starring Ben Affleck. Since then, Marvel has gotten a lot better at adapting comics to the big and small screen. Yesterday saw the debut of a new Daredevil television series. It's a Netflix original, which means the whole first season went up at once. Early reviews of the show are quite complimentary. Slate praises the acting, and adds, "Daredevil is a bloody show that also bleeds: It has more interest in human bodies than much recent Marvel fare, and more interest in human beings as well. It's remarkably patient, resisting the urge to tell its viewers everything at once, a restraint largely enabled by the binge-y sprawl of the Netflix format." Ars Technica says the violence can be a bit over-the-top at times, but praises how the choreography and cinematography reflect the main character's blindness. The Verge simply says Daredevil raises the bar for superhero television, even though many new shows have found success recently.

Ars Technica reports some good news on the YRO front. An excerpt: A year-and-a-half after the Electronic Frontier Foundation created a crowd-funded challenge to a patent being used to threaten podcasters, the patent has been invalidated. In late 2013, after small podcasters started getting threat letters from Personal Audio LLC, the EFF filed what's called an "inter partes review," or IPR, which allows anyone to challenge a patent at the US Patent and Trademark Office. The order issued today by the USPTO lays to rest the idea that Personal Audio or its founder, Jim Logan, are owed any money by podcasters because of US Patent No. 8,112,504, which describes a "system for disseminating media content representing episodes in a serialized sequence." The article points out, though, that the EFF warns Personal Audio LLC is seeking more patents on podcasting. Mentioned within: Adam Carolla's fight against these patents and our Q&A with Jim Logan.

An anonymous reader writes Amazon has filed suit against operators of sites that offer Amazon sellers the ability to purchase fake 4 and 5 star customer reviews. The suit is the first of its kind and was filed in King County Superior Court against a California man, Jay Gentile, identified in Amazon's filings as the operator of buyazonreviews.com. The site also targets unidentified "John Does" who operate similar sites: buyreviewsnow.com, bayreviews.net, and buyamazonreviews.com. From the article: "The site buyazonreviews.com, which the suit claims is run by Gentile, didn't respond to a request for comment. But Mark Collins, the owner of buyamazonreviews.com, denied Amazon's claims. In an email interview, Collins said the site simply offers to help Amazon's third-party sellers get reviews. 'We are not selling fake reviews. however we do provide Unbiased and Honest reviews on all the products,' Collins wrote. 'And this is not illegal at all.'"

fsterman writes: Since the Snowden revelations, end-to-end web encryption has become trendy. There are browser add-ons that bolt a PGP client onto webmail and both Yahoo and Google are planning to support PGP directly. They attempt to prevent UI spoofing with icons similar to the site-authentication banks use to combat phishing.

The problem is that a decade of research shows that users habituate to these icons and come to ignore them. An attacker can pull off UI spoofing with a 90%+ success rate.

An anonymous reader writes with the latest in the ongoing legal battle over revealing details of Standing Operating Procedure 303, the government's plan to cut mobile phone service during an emergency. "A federal appeals court is asking the Obama administration to explain why the government should be allowed to keep secret its plan to shutter mobile phone service during 'critical emergencies.' The Department of Homeland Security came up with the plan—known as Standing Operating Procedure 303—after cellular phones were used to detonate explosives targeting a London public transportation system. SOP 303 is a powerful tool in the digital age, and it spells out a 'unified voluntary process for the orderly shut-down and restoration of wireless services during critical emergencies such as the threat of radio-activated improvised explosive devices.'"

Ars Technica reports that another state has buckled to the auto dealership lobby, though with an interesting twist: West Virginia became at least the fifth state to ban the direct-sales approach practiced by Tesla Motors following Friday's signature by Gov. Earl Ray Tomblin. ... The bill was championed by West Virginia's Senate president, who is an auto dealer in his home state and Kentucky. ... The legislation says a vehicle maker may not “act in the capacity of a new motor vehicle dealer” or “operate a dealership, including, but not limited to, displaying a motor vehicle intended to facilitate the sale of new motor vehicles other than through franchised dealers, unless the display is part of an automobile trade show that more than two automobile manufacturers participate in.” ... The Palo Alto, California-based electric-vehicle company operates so-called "galleries" in Texas, Arizona, and Maryland because the company's sales practices are barred there, too. Customers can see Tesla cars in these galleries, but they may not order vehicles, discuss prices or take test drives."

An anonymous reader writes with news that the US Court of Appeals for the 9th Circuit has ruled that Netflix doesn't have to caption their videos. "A federal appeals court ruled (PDF) yesterday that the Americans with Disabilities Act (ADA) doesn't apply to Netflix, since the online video provider is 'not connected to any actual, physical place.' Donald Cullen sued Netflix in March 2011, attempting to kick off a class-action lawsuit on behalf of disabled people who didn't have full use of the videos because they aren't all captioned. A district court judge threw out his lawsuit in 2013, and yesterday's ruling by the US Court of Appeals for the 9th Circuit upholds that decision. The decision is 'unpublished,' meaning it isn't intended to be used as precedent in other cases. However, it certainly doesn't bode well for any plaintiff thinking about filing a similar case in the 9th Circuit, which covers most of the Western US."

eldavojohn writes A couple weeks ago, Google contacted the CNNIC (China's CA) to alert them of a problem regarding the delegated power of issuing fraudulent certificates for domains (in fact this came to light after fraudulent certificates were issued for Google's domains). Following this, Google decided to remove the CNNIC Root and EV CA as trusted CAs in its Chrome browser and all Google products. Today, the CNNIC responded to Google: "1. The decision that Google has made is unacceptable and unintelligible to CNNIC, and meanwhile CNNIC sincerely urge that Google would take users' rights and interests into full consideration. 2. For the users that CNNIC has already issued the certificates to, we guarantee that your lawful rights and interests will not be affected." Mozilla is waiting to formulate a plan.

jones_supa writes: Well, we saw this one coming. Just a couple of days after computer science student Erik Roystan Ross released a free recreation of the first level of Nintendo's 1996 Super Mario 64, Nintendo filed a Digital Millennium Copyright Act complaint. It was sent to the content distribution network CloudFlare and the complaint asked to immediately disable public access to the page hosting the remade game. CloudFlare forwarded the complaint to the person hosting Ross' game, after which the hosting provider (a friend of Ross) had to take the game down. Nintendo also sent Ross takedown notices for his downloadable desktop versions of the Bob-Omb Battlefield. Nintendo is famously protective of its copyright, taking issue even with "Let's Play" videos posted on YouTube and threatening to shut down live-streamed Super Smash Bros tournaments."

An anonymous reader writes: Today Microsoft released a new Technical Preview build for Windows 10. Its most notable addition is Microsoft's new browser: Project Spartan. In a brief post explaining the basics of the browser, the company says it includes their personal assistant software, Cortana, as well as "inking" support, which lets you write or type on the webpage you're viewing. But the biggest change, of course is the new rendering engine. The "suggestion box" page for Project Spartan is already filling up with idea from users, including one for Trident/EdgeHTML to be released as open source.

An anonymous reader writes Ars is running a story about the new all-electric racing car series and its first visit to the U.S.. "The pit lane we're standing in is unusual, and not only because it's a temporary setup placed in the shadow of American Airlines Arena (home of the NBA's Miami Heat). Garages are set up on both sides rather than being limited to one. A few things also appear to be missing. To start, a familiar smell from the usual mix of burning hydrocarbons is absent. And it's remarkably quiet. The occasional impact wrench bursts out in a mechanical staccato, generators drone here and there, but there are no V8s burbling, no V6s screaming....Welcome to Formula E, the world's first fully electric racing series. Miami is playing host to the first of two US rounds—the next being held in Long Beach, CA, on April 4—and it's the fifth race in this ePrix's inaugural season. Given we've got a bit of a thing about racing at Cars Technica, as well as an obvious interest in electric vehicles, we had to be on the ground in Miami to experience this for ourselves."

An anonymous reader writes: Modern game consoles have a "standby" mode, which you can use if you want the console to instantly turn on while not drawing full power the whole time it's idle. But manufacturers are vague about how much power it takes to keep the consoles in this standby state. After a recent press release claiming $250 million worth of electricity was used to power Xbox Ones in standby mode in the past year, Ars Technica decided to run some tests to figure out exactly how much power is being drawn. Their conclusions: the PS4 draws about 10 Watts, $10-11 in extra electricity charges annually. The Xbox One draws 12.9W, costing users $13-$14 in extra electricity charges annually. The Wii U draws 13.3W, costing users $14-$15 in extra electricity charges annually. These aren't trivial amounts, but they're a lot less than simply leaving the console running and shutting off the TV when you aren't using it: "Leaving your PS4 sitting on the menu like this all year would waste over $142 in electricity costs."

New submitter knightsirius writes: A Washington homeowner is having to sell his new house after being refused internet service from Comcast and CenturyLink despite receiving confirmation from both that the location was able to receive broadband service. The whole process took months and involved false assurances and bureaucratic convolutions. The national broadband map database frequently cited by Comcast as proof of sufficient competition lists 10 options at his location, including a gigabit municipal fiber network, but he cannot subscribe to it due to Washington state direct sale restrictions.

jfruh writes PayPal may not be a bank, but it's still legally required to follow regulations on transferring money — but the company has admitted to a number of violations, including allowing transfers to an individual specifically sanctioned by the U.S. State Department for helping proliferate nuclear weapons. From Ars: "On Wednesday afternoon, PayPal reached a settlement with the US Treasury Department, agreeing that it would pay $7.7 million for allegedly processing payments to people in countries under sanction as well as to a man the US has listed as involved in the nuclear weapons black market. The company neither confirmed nor denied the allegations, but it voluntarily handed over its transaction data to the US Department of Treasury’s Office of Foreign Assets Control (OFAC)."

schwit1 points out a report from Ars Technica on how they used a public records request to acquire an entire License Plate Reader dataset from the Oakland Police Department. The dataset includes 4.6 million total reads from 1.1 million unique plates. They built a custom visualization tool to demonstrate how this data could be abused. "For instance, during a meeting with an Oakland city council member, Ars was able to accurately guess the block where the council member lives after less than a minute of research using his license plate data. Similarly, while "working" at an Oakland bar mere blocks from Oakland police headquarters, we ran a plate from a car parked in the bar's driveway through our tool. The plate had been read 48 times over two years in two small clusters: one near the bar and a much larger cluster 24 blocks north in a residential area—likely the driver's home." Though the Oakland PD has periodically deleted data to free up space — the 4.6 million records were strewn across 18 different Excel spreadsheets with hundreds of thousands of lines each — there is no formal retention limit.

An anonymous reader writes in with this story about the latest weapon used by ISIS: doxing. "Middle East terrorist organization Islamic State (ISIS) has called on its followers take the fight to 100 members of the United States military residing in the US. A group calling itself the 'Islamic State Hacking Division' has posted names, addresses, and photographs of soldiers, sailors, and airmen online, asking its 'brothers residing in America' to murder them, according to Reuters. Although the posting purports to come from the 'Hacking Division,' US Department of Defense officials say that none of their systems appear to have been breached by the group. Instead, the personal data was almost certainly culled from publicly available sources, a DoD official told the New York Times on the condition of anonymity."

antdude writes with this excerpt from Ars Technica: Magnetic Resonance Imaging (MRIs) show our brains shutting down when we see security prompts. The MRI images show a "precipitous drop" in visual processing after even one repeated exposure to a standard security warning and a "large overall drop" after 13 of them. Previously, such warning fatigue has been observed only indirectly, such as one study finding that only 14 percent of participants recognized content changes to confirmation dialog boxes or another that recorded users clicking through one-half of all SSL warnings in less than two seconds.

According to a story at Ars Technica, Virgin empire founder Richard Branson says 'teams of people' are working on electric cars. Says the article: Virgin is working on electric cars and could one day take on Tesla, according to company founder Richard Branson. Speaking at a racing event in Miami, Branson said Virgin had "teams of people" working on electric cars but refused to be drawn on specific details. The company's Virgin Racing team already competes in the all-electric Formula E championship, a high-speed, battery-powered spinoff of Formula 1. Branson has now hinted that Virgin's involvement could lead to the company selling its own electric cars. ... Branson's business has continued to expand in recent years. As well as trains and planes, Virgin now has a fledgling space operation and is soon to launch its own cruise ships.

jones_supa writes: Hardware that sports the "Designed for Windows 8" logo requires machines to support UEFI Secure Boot. When the feature is enabled, the core software components used to boot the machine are verified for correct cryptographic signatures, or the system refuses to boot. This is a desirable security feature, because it protects from malware sneaking into the boot process. However, it has an issue for alternative operating systems, because it's likely they won't have a signature that Secure Boot will authorize. No worries, because Microsoft also mandated that every system must have a UEFI configuration setting to turn the protection off, allowing booting other operating systems. This situation may now change. At its WinHEC hardware conference in Shenzhen, China, Microsoft said the setting to allow Secure Boot to be turned off will become optional when Windows 10 arrives. Hardware can be "Designed for Windows 10," and offer no way to opt out of the Secure Boot lock down. The choice to provide the setting (or not) will be up to the original equipment manufacturer.

New submitter boll writes A bunch of Star Citizen alumns have taken it upon themselves to resurrect the hit game franchise Descent, backed by a Kickstarter campaign. If you are a semi-oldtimer on the PC gaming scene, you may fondly remember how the original Descent was among the first to provide 6 genuine degrees of freedom during intense late night LAN gaming sessions." Reader elfindreams adds: It will be released as a PC/Mac/Linux game and will include a single player campaign and multiplayer with up to 64 combatants on a map! They are working with a number of members of the current D1/D2 community to make sure the flight/gameplay feels "old school" and they are updating the technology and game to a new generation.

Lucas123 (935744) writes During a discussion at a Nvidia conference, Elon Musk predicted that in the future, consumers will not be allowed to drive cars because it will be considered too dangerous. [Note: compare Lyft CEO Logan Green's opposite view] 'You can't have a person driving a two-ton death machine,' he said. Others agree. Thilo Koslowski, a vice president at Gartner, said instead of laws dictating drivers must cede control to their car's computer, we may someday someday just pass signs requiring drivers to activate auto-drive functionality for certain particularly treacherous stretches of roadway. Kowlowski said fully autonomous vehicles won't be ubiquitous for another 10 to 15 years, but the government could spur that on by offering tax incentives as it does today with all-electric vehicles and hybrids. Related news: it may not be fully autonomous driving, but Tesla S drivers are promised an upgrade a few months from now that gives a taste, with the addition of automatic steering features. And though it's perhaps anti-climactic as a solution to "ending range anxiety," Musk also announced today that Teslas will get in the next two weeks a software upgrade that will greatly upgrade the cars' routing software, integrating "near-realtime" lists of available supercharger stations, and keeping drivers apprised of whether one is within range.

Several readers sent word that Nintendo is finally bringing its games to mobile devices. It's partnering with Japanese game publisher DeNA to develop games for phones and tablets based on Nintendo's popular game IPs. (Existing games will not get mobile ports, however.) DeNA first approached Nintendo about using the company's characters in mobile games back in 2010, Iwata said, and has been passionately pursuing talks on the alliance ever since. Iwata acknowledged that the transition from the Wii and DS lines to the Wii U and 3DS lines has not gone "as smoothly as we had expected," but he maintained that industry watchers predicting the death of dedicated video game consoles are being too pessimistic. Iwata tied the move to smartphones to Nintendo's historical embrace of TV gaming after decades as a physical toy and card game company during a time when TVs didn't exist. "Now that smart devices have grown to become the window for so many people to personally connect with society, it would be a waste not to use these devices."

AmiMoJo writes: Twitter has changed its rules to state it will forbid users from posting revenge porn and non-consensual nudes on its service. In the private information section of the site's policy list, the company added that users "may not post intimate photos or videos that were taken or distributed without the subject's consent." Twitter seemed to indicate that it would use some combination of automated and manual checks to decide whether a reported post is revenge porn or not before removing the post. "We will ask a reporting user to verify that he or she is the individual in question in content alleged to be violating our policy and to confirm that the photo or video in question was posted without consent." There will be an appeal process too.

In February, reddit made a similar rules change after the site was embroiled in controversy for allowing the posting of stolen nude celebrity photos in 2014. Banning "involuntary pornography," reddit urged victims to e-mail the site with details so administrators could remove the offending posts.

An anonymous reader writes: When researchers from Kaspersky Lab presented the Equation Group espionage malware, many in the security community were convinced it was part of an NSA operation. Now, Kaspersky has released new evidence that only strengthens those suspicions. In a code sample, they found a string named BACKSNARF_AB25, which happens to be the name of a project in the NSA's Tailored Access Operations. Further, when examining the metadata on the malware files, they found the modification timestamps were almost always consistent with an 8-5 workday in the UTC-3 or UTC-4 timezones, consistent with work based in the eastern United States. The authors also tended to work Monday through Friday, and not on the weekends, suggesting a large, organized development team. "Whereas before the sprawling Equation Drug platform was known to support 35 different modules, Kaspersky has recently unearthed evidence there are 115 separate plugins. The architecture resembles a mini operating system with kernel- and user-mode components alike."

mdsolar sends word that hot dry winters may be the norm in the future for California. "Climate change is one of the most prominent public health issues currently on the CDC's radar. The organization's Climate and Health Program attempts to help state and city health departments to prepare for the health impacts of climate change, which can come in the form of things like temperature extremes, air pollution, allergens, and changes in disease patterns; they can also be felt indirectly through issues like food security. Since 2012, California has been in the midst of a record-setting drought, with extremely warm and dry conditions characterizing the last three years in that state. A new paper published in the Proceedings of the National Academy of Sciences concludes that warming caused by humans is responsible for the conditions that have led to this California drought. This study, published by scientists affiliated with the Department of Environmental Earth System Science and the Woods Institute for Environment at Stanford University, used historical statewide data for observed temperature, precipitation, and drought in California. The investigators used the Palmer Hydrological Drought Index (PHDI) and the Palmer Drought Severity Index (PDSI), collected by the National Climatic Data Center, as measures of the severity of wet/dry anomalies. They also used global climate model simulations from the Coupled Model Intercomparison Project (CMIP) to compare historical predictions for anthropogenic and non-anthropogenic historical climates."

Ars Technica reports that weeks after Lenovo said it would stop selling computers with Superfish adware installed, it's still there for many purchasers of the company's laptops. From the article: Based on the experience of Ars readers Chai Trakulthai and Laura Buddine, Lenovo overstated both assurances. The pair recently examined a $550 Lenovo G510 notebook purchased by a neighbor, and their experience wasn't consistent with two of Lenovo's talking points. First, the PC was ordered in early February more than four weeks after Lenovo said it stopped bundling Superfish, and yet when the notebook arrived in late February it came pre-installed with the adware and the secure sockets layer certificate that poses such a threat.

"Lenovo may be saying they haven't installed Superfish since December, but the problem is that they are still shipping out systems with Superfish installed," Buddine said. "The Windows build had a date of December. They apparently aren't sorry enough to re-image the computers they have in stock to remove the problem and they're still shipping new computers with Superfish installed." Supply chains are long, and hand-work is expensive, so this might not surprise anyone. Less forgivable, though is this finding, of the software provided to purge machines of the adware: "Lenovo's software didn't begin to live up to its promise of removing all Superfish-related data. Based on its own self-generated report, the tool left behind the Superfish application itself. A scan using the Malwarebytes antivirus program found the Superfish remnants VisualDiscovery.exe, SuperfishCert.dll, and a VisualDiscovery registry setting."

justthinkit writes: Vivaldi is billing itself as the power user's browser, and Ars went hands-on with it today. They say, "Vivaldi has so many great features, but it can be a little frustrating because it is still very much a technical preview. It's been largely stable during testing (most of the bugs we encountered using the first release are gone in the second), but it's still missing some key features." It appears to have the cred, with Vivaldi's CEO being Jon S. von Tetzchner, the co-founder and former CEO of Opera. Does the thinking behind Vivaldi appeal to you? Do you plan to switch when it's more feature-complete?

An anonymous reader writes: U.S. Representative Marsha Blackburn (R-TN) and 31 Republican co-sponsors have submitted the Internet Freedom Act (PDF) for consideration in the House. The bill would roll back the recent net neutrality rules made by the FCC. The bill says the rules "shall have no force or effect, and the Commission may not reissue such rule in substantially the same form, or issue a new rule that is substantially the same as such rule, unless the reissued or new rule is specifically authorized by a law enacted after the date of the enactment of this Act." Blackburn claims the FCC's rules will "stifle innovation" and "restrict freedom." The article points out that Blackburn's campaign and leadership PAC has received substantial donations. from Comcast, AT&T, and Verizon.

An anonymous reader writes: When Twitter trolls began posting obscene, sexually explicit comments about his teenage daughter, former MLB pitcher Curt Schilling responded by recording their comments and gathering personal information readily available to the public. He then doxxed two of them on his blog, resulting in one being suspended from his community college and the other being fired from his part-time job as a ticket seller for the New York Yankees. There were seven others in Curt's crosshairs, all college athletes, but although he hasn't publicly doxxed those individuals, he hints, "I found it rather funny at how quickly tone changed when I heard via email from a few athletes who'd been suspended by their coaches. Gone was the tough guy tweeter, replaced by the 'I'm so sorry' apology used by those only sorry because they got caught."

An anonymous reader writes On Monday, the U.S. Supreme Court refused to review a case involving the conviction of a man based solely on the analysis of his "inadvertently shed" DNA. The Electronic Frontier Foundation (EFF) argues that this tacit approval of the government's practice of collecting anyone's DNA anywhere without a warrant will lead to a future in which people's DNA are "entered into and checked against DNA databases and used to conduct pervasive surveillance."

An anonymous reader writes: Although Google announced in September 2014 that Android 5.0 Lollipop would require full-disk encryption by default in new cell phones, Ars Technica has found otherwise in recently-released 2nd-gen Moto E and Galaxy S6. It turns out, according to the latest version of the Android Compatibility Definition document (PDF), full-disk encryption is currently only "very strongly recommended" in anticipation of mandatory encryption requirements in the future. The moral of the story is: don't be lazy — check that your full-disk encryption is actually enabled.

retroworks writes "Washington Post reporter Caitlin Dewey leads with, "Revenge-porn impresario Craig Brittain is learning the hard way that karma is a real witch." The report states that the Federal Trade Commission has settled a complaint against Brittain, whose defunct site, "Is Anybody Down" was accused of unfair business practices. From the article: "The site paid its bills by soliciting women's nude photos on Craigslist and/or from their exes, publishing the photos without the women's permission (and often with their names and phone numbers attached), and then charging fees of $200 to $500 to take the photos down." Brittain agreed to destroy the image and never operate a revenge porn site again. However, On Feb. 9, "Brittain filed a takedown request to Google, demanding that the search engine stop linking to nearly two dozen URLs — including a number of news articles, and files on the case from the FTC — because they used photos of him and information about him without his permission." Ars Technica explains. "In this instance, fair use and general First Amendment principles are on Google's and the media's side."

An anonymous reader writes The BlackPhone, a $600-plus encrypted Android handset designed to keep the prying eyes of criminals and the government out of mobile communications, is now fully owned by Silent Circle thanks to the company raking in investment cash. Terms of the buyout deal with Spanish smartphone maker Geeksphone, the phone's hardware manufacturer, were not disclosed. Silent Circle said Thursday that it has raised $50 million and plans on showing off an encrypted 'enterprise privacy ecosystem' at World Mobile Congress next week. A BlackPhone tablet is on the way, too.

AmiMoJo writes Twitter announced that its abuse-report system, which was recently refined to simplify and shorten the reporting process, has now expanded to allow users to report content such as self-harm incidents and "the sharing of private and confidential information" (aka doxing). The announcement, posted by Twitter Vice President of User Services Tina Bhatnagar, explained that December's report-process update was met with a "tripling" of the site's abuse support staff, which has led to a quintupling of abuse report processing. Chat logs recently revealed how Twitter is used by small groups to create vast harassment campaigns, thanks to sock puppet account and relative anonymity.

AmiMoJo writes Twitter announced that its abuse-report system, which was recently refined to simplify and shorten the reporting process, has now expanded to allow users to report content such as self-harm incidents and "the sharing of private and confidential information" (aka doxing). The announcement, posted by Twitter Vice President of User Services Tina Bhatnagar, explained that December's report-process update was met with a "tripling" of the site's abuse support staff, which has led to a quintupling of abuse report processing. Chat logs recently revealed how Twitter is used by small groups to create vast harassment campaigns, thanks to sock puppet account and relative anonymity.

An anonymous reader writes: It's been over a year since Valve announced its Linux-based SteamOS, the biggest push yet from a huge company to bring mainstream gaming to Linux. In this article, Ars Technica takes a look at how their efforts are panning out. Game developers say making Linux ports has gotten dramatically easier: "There are great games shipping for Linux from development teams with no Linux expertise. They hit the 'export to Linux' button in the Unity editor and shipped it and it worked out alright. We didn't get flying cars, but the future is turning out OK so far."

Hardware drivers are still a problem, getting in the way of potential performance gains due to Linux's overall smaller resource footprint than Windows. And while the platform is growing, it's doing so slowly. Major publishers are still hesitant to devote time to Linux, and Valve is taking their time building for it. Their Steam Machine hardware is still in development, and some of their key features are being adopted by other gaming giants, like Microsoft. Still, Valve is sticking with it, and that's huge. It gives developers faith that they can work on supporting Linux without fear that the industry will re-fragment before their game is done.

An anonymous reader writes: Intel has begun talking about its plans for future CPU architectures. The company is already working on a 10nm manufacturing process, and expects the first such chips to be ready by early 2017. Beyond that, things are getting difficult. Intel says it will need to move away from silicon when it develops a 7nm process. "The most likely replacement for silicon is a III-V semiconductor such as indium gallium arsenide (InGaAs), though Intel hasn't provided any specific details yet." Even the current 14nm chips they're making ran into unexpected difficulties. "While Intel didn't provide any specifics, we strongly suspect that we're looking at the arrival of transistors based on III-V semiconductors. III-V semiconductors have higher electron mobility than silicon, which means that they can be fashioned into smaller and faster (as in higher switching speed) transistors."

Ars Technica reports on the continuing revelations about the same junkware that Lenovo has shipped on their computers, but which is known now to be present in at least 14 pieces of software. The list of software known to use the same HTTPS-breaking technology recently found preinstalled on Lenovo laptops has risen dramatically with the discovery of at least 12 new titles, including one that's categorized as a malicious trojan by a major antivirus provider. ... What all these applications have in common is that they make people less secure through their use of an easily obtained root CA [certificate authority], they provide little information about the risks of the technology, and in some cases they are difficult to remove," Matt Richard, a threats researcher on the Facebook security team, wrote in Friday's post. "Furthermore, it is likely that these intercepting SSL proxies won't keep up with the HTTPS features in browsers (e.g., certificate pinning and forward secrecy), meaning they could potentially expose private data to network attackers. Some of these deficiencies can be detected by antivirus products as malware or adware, though from our research, detection successes are sporadic."

In an announcement yesterday reported on by Ars Technica, [Los Angeles school superintendent] Ramon C. Cortines said that the city can't afford to buy a computer for every student. The statement comes after intense controversy over a $1.3 billion initiative launched by Cortines' predecessor, former superintendent John Deasy, in which every student was supposed to be given an iPad loaded with content from educational publisher Pearson. (That controversy is worth reading about, and sparked an FBI investigation as well.)

AmiMoJo writes: Apple has just launched a MacBook Pro Repair Extension Program for Video Issues to provide out-of-warranty repairs for MacBook Pros and Retina MacBook Pros sold between February of 2011 and December of 2013. Symptoms of affected computers include "distorted or scrambled video on the computer screen," "no video on the computer screen (or external display) even though the computer is on," and unexpected restarts. Some users have been complaining about 2011 MacBook Pro GPU issues since shortly after the systems launched. Those complaints continued for well over three years—outside of the warranty window even if you bought AppleCare, at least if you bought the systems at launch—and were more recently the cause of a class-action lawsuit.

AmiMoJo writes: Apple has just launched a MacBook Pro Repair Extension Program for Video Issues to provide out-of-warranty repairs for MacBook Pros and Retina MacBook Pros sold between February of 2011 and December of 2013. Symptoms of affected computers include "distorted or scrambled video on the computer screen," "no video on the computer screen (or external display) even though the computer is on," and unexpected restarts. Some users have been complaining about 2011 MacBook Pro GPU issues since shortly after the systems launched. Those complaints continued for well over three years—outside of the warranty window even if you bought AppleCare, at least if you bought the systems at launch—and were more recently the cause of a class-action lawsuit.

An anonymous reader writes: A jury has upheld patent claims against Samsung and awarded the patent-holder $15.7 million. "The patents relate to compatibility between different types of modems, and connect to a string of applications going back to 1997. The first version of Bluetooth was invented by Swedish cell phone company Ericsson in 1994." Lawyers for the plaintiff argue that the patents cover all devices that use Bluetooth 2.0 or later, so further cases could extend far beyond Samsung. Of course, the company that won the lawsuit wasn't the one who made the invention, or the one who patented it. The company is Rembrandt IP, "one of the oldest and most successful" patent trolls.

An anonymous reader writes: When Google Fiber started bringing gigabit internet to cities around the U.S., we wondered how the incumbent ISPs would respond. Now we know: AT&T has announced they will match Google Fiber's gigabit offerings in Kansas City. Of course, there are some caveats. First, AT&T's rollout may stop as it fights the Obama administration over net neutrality. Not that it would be a nationwide rollout anyway: "AT&T does not plan to offer the ultra-fast Internet lines to every home in the market. Rather, he said the company would calculate where demand is strongest and the investment in stringing new cables promised a decent return."

There are also some interesting pricing concerns. The company plans to charge $70/month for gigabit service, but that's a subsidized price. Subsidized by what, you ask? Your privacy. AT&T says if you want to opt out of letting them track your browsing history, you'll have to pay $29 more per month. They say your information is used to serve targeted advertising, and includes any links you follow and search terms you enter.

An anonymous reader writes The tale of the late-night Wheel of Time pilot that aired in a paid infomercial slot on FXX has taken another odd turn. Producers Red Eagle Entertainment LLC and Manetheren LLC have filed a lawsuit in the United States District Court for central California against Harriet McDougal (widow of James Rigney, who wrote the Wheel of Time novels under the pen name Robert Jordan), her company, Bandersnatch Group Inc., and twenty unnamed other persons ('Does 1-20'). The suit alleges that McDougal's statements about her lack of involvement in the pilot's production constitute breach of contract, slander, and interference with contractual relations and prospective economic relations; the suit demands declaratory relief and a jury trial.

Advocatus Diaboli writes The money and time required to develop the Equation Group malware, the technological breakthroughs the operation accomplished, and the interdictions performed against targets leave little doubt that the operation was sponsored by a nation-state with nearly unlimited resources to dedicate to the project. The countries that were and weren't targeted, the ties to Stuxnet and Flame, and the Grok artifact found inside the Equation Group keylogger strongly support the theory the NSA or a related US agency is the responsible party, but so far Kaspersky has declined to name a culprit. NSA officials didn't respond to an e-mail seeking comment for this story. What is safe to say is that the unearthing of the Equation Group is a seminal finding in the fields of computer and national security, as important, or possibly more so, than the revelations about Stuxnet.